Cybersecurity

"- Introducing Paragon Solutions. Paragon Solutions was founded in Israel in 2019 and sells spyware called Graphite. The company differentiates itself by claiming it has safeguards to prevent the kinds of spyware abuses that NSO Group and other vendors are notorious for.

• Infrastructure Analysis of Paragon Spyware. Based on a tip from a collaborator, we mapped out server infrastructure that we attribute to Paragon’s Graphite spyware tool. We identified a subset of suspected Paragon deployments, including in Australia, Canada, Cyprus, Denmark, Israel, and Singapore.
• Identifying a Possible Canadian Paragon Customer. Our investigation surfaced potential links between Paragon Solutions and the Canadian Ontario Provincial Police, and found evidence of a growing ecosystem of spyware capability among Ontario-based police services.
• Helping WhatsApp Catch a Zero-Click. We shared our analysis of Paragon’s infrastructure with Meta, who told us that the details were pivotal to their ongoing investigation into Paragon.
• WhatsApp discovered and mitigated an active Paragon zero-click exploit, and later notified over 90 individuals who it believed were targeted, including civil society members in Italy.
• Android Forensic Analysis: Italian Cluster. We forensically analyzed multiple Android phones belonging to Paragon targets in Italy (an acknowledged Paragon user) who were notified by WhatsApp. We found clear indications that spyware had been loaded into WhatsApp, as well as other apps on their devices."

#CyberSecurity #Israel #Paragon #Spyware #WhatsApp #Meta #Italy #Surveillance

https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/

"The fundamental issue is simple: encryption is mathematics and mathematics doesn’t discriminate between a government investigator and a criminal hacker — a back door is a back door and if it’s there, anyone can enter.

There’s also a contradiction at play. If politicians dream of making the UK a technology hub they should not be working to undermine the foundations of cyber security, on which a workable tech industry relies.

The government should withdraw its misguided mandate. Instead of surreptitiously cutting the brake cables on the technological car, it should be working to strengthen security and privacy of the technology that forms the nervous system of our world. Business leaders must also take a role, making it clear that these dangerous moves are unacceptable, and pushing the companies they license technology from to deploy encryption, and other protections, without which their interests and those of their customers will be vulnerable.

We have ceded so many of the core operations of our lives and institutions to tech, we must recognise that strong encryption isn’t the enemy of security — it is security. The argument that weakening encryption will make any of us safer is as wrong as it is dangerous."

https://www.ft.com/content/a934150f-e0f5-4e75-a2d1-a3671ea52ca0

#UK #CyberSecurity #Encryption #Backdoors #Privacy #Apple

Controversial facial recognition company Clearview AI attempted to purchase hundreds of millions of arrest records including social security numbers, mugshots, and even email addresses to incorporate into its product. Read more at @404media. #ClearviewAI #Cybersecurity #DataPrivacy #Tech #Technology https://flip.it/XCU5t6

With growing threats, IT pros with shift-left security skills are needed. LF Education offers courses, certifications & workshops to support career growth in cybersecurity.

🚀 Start learning: https://training.linuxfoundation.org/cybersecurity/

#Cybersecurity #LFeducation #DevOps #ITSecurity

In the chaos of the cuts carried out by DOGE, some federal workers say the Trump administration is failing to do even basic offboarding to safeguard sensitive information on their work devices. The result is a situation that experts warn is leaving civil servants, the people they worked with, and U.S. government security at risk. Read more at @theverge (Subscription may be required). #DOGE #ElonMusk #Trump #Tech #Technology #Cybersecurity #USAID https://flip.it/YlaLfe

"Every now and then I get reminded about the vast fraud apparatus of the internet, re-invigorating my pursuit of basic digital hygiene around privacy/security of day to day computing. The sketchiness starts with major tech companies who are incentivized to build comprehensive profiles of you, to monetize it directly for advertising, or sell it off to professional data broker companies who further enrich, de-anonymize, cross-reference and resell it further. Inevitable and regular data breaches eventually runoff and collect your information into dark web archives, feeding into a whole underground spammer / scammer industry of hacks, phishing, ransomware, credit card fraud, identity theft, etc. This guide is a collection of the most basic digital hygiene tips, starting with the most basic to a bit more niche."

https://karpathy.bearblog.dev/digital-hygiene/

#CyberSecurity #Privacy #DataProtection #DigitalHygiene

Google’s parent company has announced its largest-ever acquisition, entering into a $32B deal to buy cybersecurity firm Wiz. @theverge has more. #Google #Alphabet #Cybersecurity #Wiz #Tech #Technology https://flip.it/Tc8Isj

Password reuse is rampant: nearly half of observed user logins are compromised

https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

#CyberSecurity

"During the Biden administration, CISA vowed to help the tech industry understand and mitigate the risks of open-source software, which is often poorly maintained and has repeatedly been exploited by hackers. But since Trump took office, CISA has lost the three technical luminaries who oversaw that work: Jack Cable, Aeva Black, and Tim Pepper. Open-source security remains a major challenge, but CISA’s efforts to address that challenge are now rudderless.

The new administration has also frozen CISA’s work on artificial intelligence. The agency had been researching ways to use AI for vulnerability detection and networking monitoring, as well as partnering with the private sector to study AI risks. “About 50 percent of [CISA’s] AI expert headcount has been let go,” says a person familiar with the matter, which is “severely limiting” CISA’s ability to help the US Artificial Intelligence Safety Institute test AI models before deployment.

The administration also pushed out CISA’s chief AI officer, Lisa Einstein, and closed down her office, the person familiar with the matter says. Einstein’s team oversaw CISA’s use of AI and worked with private companies and foreign governments on AI security.
A large team of DHS and CISA AI staffers was set to accompany Vice President JD Vance to Paris in February for an AI summit, but those experts “were all pulled back” from attending, according to a person familiar with the matter."

https://www.wired.com/story/inside-cisa-under-trump/

#USA #CyberSecurity #CISA #Trump #OpenSource #AI

The fallout from the malicious tj-actions/changed-files is still being investigated. It is fortuitous that this malicious commit was identified fairly quickly, as further compromise of major OSS components and projects could lead to a kind of chain reaction.

• https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
• https://semgrep.dev/blog/2025/popular-github-action-tj-actionschanged-files-is-compromised/

#infosec #cybersecurity

Google's newest AI model can peruse your search history to improve its understanding of you as a person. @arstechnica@mastodon.social asks: What could go wrong? #Google #AI #Gemeni #Cybersecurity #Tech #Technology https://flip.it/afRE32

ShadowDragon, a contractor for ICE and other government agencies, has developed a tool that lets analysts more easily pull an individual’s publicly available data from a wide array of sites, social networks, apps, and services across the web. @404media has the story. #ICE #SocialMedia #ShadowDragon #Tech #Technology #CyberSecurity https://flip.it/Rjm1ZI

🏅 Already earned the essential certs? Take your career to the next level!

With 20+ vendor-neutral certifications, you can specialize in:
✳️ Cloud & infrastructure observability
✳️ Digital trust
✳️ Finance
✳️ Cybersecurity & more!

Explore all certifications: 🔗 https://training.linuxfoundation.org/certification-catalog/

#CloudNative #DigitalTrust #Finance #Cybersecurity

"ARTICLE 19’s new report reveals how China is expanding its digital authoritarian model of cybersecurity governance across the Indo-Pacific, posing a grave threat to people’s rights – regionally and globally.

Through its Digital Silk Road, China is not only developing digital infrastructure, but also aggressively promoting its own norms for governing these technologies. One area where this is most pronounced is in the promotion of cybersecurity norms. The success of China’s digital norms-setting in this critical realm of internet governance risks supercharging digital authoritarianism regionally – and normalising Beijing’s model internationally – at the expense of human rights, internet freedom, and democracy.

Cybersecurity with Chinese Characteristics establishes a baseline understanding of China’s repressive cybersecurity norms and reveals how it is smuggling them, via the Trojan Horse of digital development, into 3 Indo-Pacific countries: Indonesia, Pakistan, and Vietnam. It also presents a compelling alternative model of cybersecurity governance: Taiwan’s transparent, rights-based, multi-stakeholder approach."

https://www.article19.org/resources/china-taiwan-cybersecurity/

#CyberSecurity #China #Taiwan #DigitalAuthoritarianism #HumanRights #DigitalRights #DigitalSilkRoad

Elon Musk’s X has been hit by three waves of outages since this morning, which the billionaire claims was due to a cyberattack. Experts say it's too early to tell the cause. Read more at @CNN. #X #Twiter #Cybersecurity #Cyberattack #ElonMusk https://flip.it/LM01E-

A 55-year-old software developer faces up to 10 years in prison for deploying malicious code that sabotaged his former employer's network. Via @ArsTechnica. #Malware #Tech #Technology #Cybersecurity https://flip.it/QhHHuG

"Signal President Meredith Whittaker warned Friday that agentic AI could come with a risk to user privacy.

Speaking onstage at the SXSW conference in Austin, Texas, the advocate for secure communications referred to the use of AI agents as “putting your brain in a jar,” and cautioned that this new paradigm of computing — where AI performs tasks on users’ behalf — has a “profound issue” with both privacy and security.

Whittaker explained how AI agents are being marketed as a way to add value to your life by handling various online tasks for the user. For instance, AI agents would be able to take on tasks like looking up concerts, booking tickets, scheduling the event on your calendar, and messaging your friends that it’s booked.

“So we can just put our brain in a jar because the thing is doing that and we don’t have to touch it, right?,” Whittaker mused.

Then she explained the type of access the AI agent would need to perform these tasks, including access to our web browser and a way to drive it as well as access to our credit card information to pay for tickets, our calendar, and messaging app to send the text to your friends."

https://techcrunch.com/2025/03/07/signal-president-meredith-whittaker-calls-out-agentic-ai-as-having-profound-security-and-privacy-issues/

#CyberSecurity #Privacy #AI #AIAgents #GenerativeAI

"The U.K. government appears to have quietly scrubbed encryption advice from government web pages, just weeks after demanding backdoor access to encrypted data stored on Apple’s cloud storage service, iCloud.

The change was spotted by security expert Alec Muffett, who wrote in a blog post on Wednesday that the U.K.’s National Cyber Security Centre (NCSC) is no longer recommending that high-risk individuals use encryption to protect their sensitive information.

The NCSC in October published a document titled “Cybersecurity tips for barristers, solicitors & legal professionals,” that advised the use of encryption tools such as Apple’s Advanced Data Protection (ADP).

ADP allows users to turn on end-to-end encryption for their iCloud backups, effectively making it impossible for anyone, including Apple and government authorities, to view data stored on iCloud."

https://techcrunch.com/2025/03/06/uk-quietly-scrubs-encryption-advice-from-government-websites/

#UK #CyberSecurity #Encryption #Surveillance #Apple #iCloud

"The Department of Justice has announced criminal charges against 12 Chinese government-linked hackers who are accused of hacking more than 100 American organizations, including the U.S. Treasury, over the course of a decade.

The charged individuals all played a “key role” in China’s hacker-for-hire ecosystem, a senior DOJ official said on a background call with reporters, including TechCrunch, on Wednesday. The official added that those charged, which includes contract hackers and Chinese law enforcement officials, targeted organizations in the U.S. and worldwide for the purposes of “suppressing free speech and religious freedoms.”

The DOJ also confirmed that two of the indicted individuals are linked to the China government-backed hacking group APT27, or Silk Typhoon."

https://techcrunch.com/2025/03/05/justice-department-charges-chinese-hackers-for-hire-linked-to-treasury-breach/

#USA #CyberSecurity #DoJ #China #StateHacking #APT27 #SilkTyphoon

The UK, led by absolute donkeys, probably thinks just because they speak with a different accent from the USians means Chinese state hackers aren't salivating at redoing what they did, which is to exploit the government's own backdoor to telcos.

Worse, they made me support Apple.

https://arstechnica.com/tech-policy/2025/03/apple-appeals-uks-secret-demand-for-backdoor-access-to-encrypted-user-data/ #UKpol #CyberSecurity

VMSA-2025-0004: #VMware ESXi, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)

VMCI heap-overflow vulnerability (CVE-2025-22224): A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

VMware ESXi arbitrary write vulnerability (CVE-2025-22225): A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.

HGFS information-disclosure vulnerability (CVE-2025-22226): A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390

#CVE_2025_22224 #CVE_2025_22225 #CVE_2025_22226 #infosec #cybersecurity

U.S. Defense Secretary Pete Hegseth reportedly orders a halt to offensive cyber operations against Russia.

NBC News reports: "Russia has intensified cyber operations against Ukraine and NATO countries, according to previous U.S. intelligence and private sector reports."

https://flip.it/TA.5hT

#Hegseth #Russia #News #Trump #Putin #Cybersecurity #NATO

"A federal judge has ordered Trump administration officials involved in Elon Musk’s “opaque” Department of Government Efficiency to testify under oath in one of the sprawling lawsuits seeking to block DOGE’s access to sensitive government databases.

U.S. District Judge John Bates agreed Thursday that “very limited” efforts to question officials connected to DOGE would help clarify what exactly the group is doing and whether it poses the risks to sensitive data that government employees fear. Bates’ order will allow unions and liberal groups suing to question four officials: one from DOGE’s White House headquarters and one each from the Labor Department, the Department of Health and Human Services and the Consumer Financial Protection Bureau.

While the bureaucracy-slashing DOGE effort has sparked more than a dozen lawsuits, the order from Bates is the first that would force people involved in the project to answer questions from lawyers outside the government.

Those depositions will be capped at eight hours in total, ruled Bates, a Washington-based appointee of President George W. Bush."

https://www.politico.com/news/2025/02/27/doge-depositions-union-lawsuits-00206542

#USA #Trump #Musk #DOGE #CyberSecurity #Privacy #DataProtection

Just two months into 2025, we’ve already seen several data breaches affecting the personal information of millions of people, setting up what could be a year unlike any we’ve seen. @Techcrunch breaks down each of the biggest breaches (Yes, DOGE’s access of U.S. federal government data makes the list):

https://flip.it/v0gym6

#Tech #CyberSecurity #Security #DataBreach #Data

"A hacker claims to have stolen thousands of internal documents with user records and employee data after breaching the systems of Orange Group, a leading French telecommunications operator and digital service provider.

The threat actor published on a hacker forum details about the stolen data after trying to extort the company unsuccessfully.

Orange confirmed the breach to BleepingComputer saying that it occurred on a non-critical application. The company intiated an investigation and is working to minimize the impact of the incident.

According to the threat actor, who uses the alias Rey and is a member of the HellCat ransomware group, the stolen data is mostly from the Romanian branch of the company and includes 380,000 unique email addresses, source code, invoices, contracts, customer and employee information."

https://www.bleepingcomputer.com/news/security/orange-group-confirms-breach-after-hacker-leaks-company-documents/

#CyberSecurity #Romania #Orange #Jira #DataBreaches #Hacking