September 6, 2022
David Redekop

This Week In Nerd News #88: From Advertising to Mass Surveillance

TWINN #88 From Advertising to Mass Surveillance

TWINN #88 From Advertising to Mass Surveillance

The evil possibilities originating out of third party advertising are really coming to the surface now. The internet enabled this horrible scheme as a way for companies to monetize a service that otherwise consumers might never pay for. Everything from internet searches to reading or watching the news to playing video games.

From our point of view, when our mission is to protect people, we’ve campaigned against third party advertising on the Internet via websites and apps. Those that agreed, would use all sorts of tools ranging from playing mobile games in airplane mode to browser plugins like uBlock origin, to having a pihole on your network, to using AdGuard for DNS or even DNSharmony to combine a number of these into one solution.

Today’s lead story is about Fog Reveal, a company that utilizes such aggregated third party data and makes it frighteningly easy for your location to be identified, unless you have prevented such data from leaking to begin with, using one or more of the aforementioned tools.

YouTube video

Tech tool offers police ‘mass surveillance on a budget’

APnews says Tech tool offers police ‘mass surveillance on a budget’ and here Is the Manual for the Mass Surveillance Tool Cops Use to Track Phones. EFF has written it up too.

Local law enforcement agencies from suburban Southern California to rural North Carolina have been using an obscure cellphone tracking tool, at times without search warrants, that gives them the power to follow people’s movements months back in time, according to public records and internal emails obtained by The Associated Press.

 

Samsung says customer data stolen in July data breach

Even more bad news is if you’re a Samsung user. Samsung says customer data stolen in July data breach. Why would Samsung even have social insurance numbers?

Electronics giant Samsung has confirmed a data breach affecting customers’ personal information.

 

In a brief notice, Samsung said it discovered the security incident in late-July and that an “unauthorized third party acquired information from some of Samsung’s U.S. systems.” The company said it determined customer data was compromised on August 4.

Dev backdoors own malware to steal data from other hackers

Dev backdoors own malware to steal data from other hackers. No honour amongst thieves even. Hopefully this causes cyber criminals to distrust their sources even more. Our best hope remains to make malware too expensive for them.

Cybercriminals using Prynt Stealer to collect data from victims are being swindled by the malware developer, who also receives a copy of the info over Telegram messaging service.

 

The malware developer has planted in the builder for the infostealer a backdoor that is present in every resulting copy that is being rented to cybercriminals for prices between $100 per month or $700 per year to $900 for a lifetime subscription.

 

Prynt Stealer can steal cryptocurrency wallet information, sensitive info stored in web browsers (credentials credit cards), VPN account data, cloud gaming account details.

 

Read More: Dev backdoors own malware to steal data from other hackers

WatchGuard Firewall Exploit Threatens Appliance Takeover

WatchGuard Firewall Exploit Threatens Appliance Takeover. The most immediate and obvious solution to any threat like this is to never have such services facing the public internet.

Users are advised to remove their administration interface from the internet, and make sure they keep their systems up to date.

 

Read More: WatchGuard Firewall Exploit Threatens Appliance Takeover

 

20 free cybersecurity tools you should know about

20 free cybersecurity tools you should know about. This is an excellent resource. P0f was new to me.

Cybersecurity products can get pricy but there are many excellent open source tools to help secure your systems and data. Here’s a list of some of the most popular with cyber pros.

 

Read More: 20 free cybersecurity tools you should know about

Did you know?

Get the skills and training needed to defend the nation from cyber security threats in the Army Cyber Corps.