The DEA is using Apple’s AirTags for surveillance

source: imore.com  |  image: pixabay.com

It’s the first time a federal agency has used the tracker for surveillance.

A new report says that the DEA used an AirTag for surveillance in anti-drug operations last year, in what is believed to be the first instance of a federal agency using the tracker in such a manner.

According to Forbes(opens in new tab), border agents intercepted two packages from Shanghai, China, in May of 2022, which were found to contain a pill press that is used to turn powders into tablets. “Believing that they were destined for an illegal narcotics manufacturer”, the DEA stepped in, and rather than swipe the goods, instead placed an AirTag inside the device so they could track its whereabouts. 

A warrant seen by the outlet reveals what “appears to be the first known case of a federal agency turning Apple’s location-tracking device into a surveillance technology.”

Continue reading “The DEA is using Apple’s AirTags for surveillance”

Chinese surveillance from above may make stealth planes obsolete | Opinion

source: sun-sentinel.com  |  image: pixabay.com

 

When Pentagon brass rolled out the bat-shaped B-21 Raider late last year amid self-congratulatory speeches and glowing news reports, they touted it as the ideal deterrent against Beijing’s military ambitions. Projected to cost some $720 million apiece, the airplane was called the ultimate in radar-evading technology, able to carry out conventional and nuclear strikes virtually undetected in China and elsewhere.

As a journalist who covered previous stealth aircraft, the praise evoked disturbing echoes of glaring design flaws. Such missteps initially made the B-21′s predecessor, the Air Force’s B-2 Spirit, less stealthy and more difficult to operate than advertised. Northrop Grumman Corp. built both bombers.

Now, former senior officials involved in the classified B-21′s early development worry the Pentagon is repeating a version of those mistakes, this time by underestimating Beijing’s ability to closely track the latest bomber from space.

Continue reading “Chinese surveillance from above may make stealth planes obsolete | Opinion”

Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered

source: thehackernews.com  |  image: pexels.com

Two new security weaknesses discovered in several electric vehicle (EV) charging systems could be exploited to remotely shut down charging stations and even expose them to data and energy theft.

The findings, which come from Israel-based SaiFlow, once again demonstrate the potential risks facing the EV charging infrastructure.

The issues have been identified in version 1.6J of the Open Charge Point Protocol (OCPP) standard that uses WebSockets for communication between EV charging stations and the Charging Station Management System (CSMS) providers. The current version of OCPP is 2.0.1.

“The OCPP standard doesn’t define how a CSMS should accept new connections from a charge point when there is already an active connection,” SaiFlow researchers Lionel Richard Saposnik and Doron Porat said.

Continue reading “Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered”

NSA leader pushes lawmakers to keep key surveillance power

source: axios.com (contributed by FAN, Bill Amshey)  |  image: nsa.gov

 

The head of the National Security Agency made his case Thursday for lawmakers to keep a key NSA surveillance power intact ahead of a tough reauthorization battle this year.

The big picture: Section 702 of the Foreign Intelligence Surveillance Act is set to expire at the end of the year, jeopardizing a surveillance authority that allows intelligence agencies to collect warrantless online communications from foreign persons.

  • The fight over whether to keep Section 702 intact will take up much of Capitol Hill’s cybersecurity attention throughout the year.

Driving the news: Gen. Paul Nakasone, the head of the NSA and the U.S. Cyber Command, said during an event Thursday that the surveillance power has allowed the U.S. to stop active terrorist plots, foreign ransomware attacks and planned cyber espionage schemes.

  • “This authority provides the U.S. government irreplaceable insights, whether we’re reporting on cybersecurity threats, counterterrorism threats, or protecting U.S. and allied forces,” Nakasone said.
  • “We have saved lives because of 702,” he added.

Why it matters: Nakasone’s comments set the stage for the arguments that the intelligence community is likely to make as lawmakers debate the merits of the program throughout the year.

Yes, but: Civil liberties and privacy advocates have long argued that Section 702 sweeps up far too many Americans’ electronic communications, such as emails and text messages, when they talk with people in other countries.

  • Some Republican lawmakers are also likely to argue for either letting 702 expire or limiting its scope as their party grows more critical of the intelligence agencies.

A Sneaky Ad Scam Tore Through 11 Million Phones

source: wired.com  |  image: pexels.com

Some 1,700 spoofed apps, 120 targeted publishers, 12 billion false ad requests per day—Vastflux is one of the biggest ad frauds ever discovered.

 

EVERY TIME YOU open an app or website, a flurry of invisible processes takes place without you knowing. Behind the scenes, dozens of advertising companies are jostling for your attention: They want their ads in front of your eyeballs. For each ad, a series of instant auctions often determines which ads you see. This automated advertising, often known as programmatic advertising, is big business, with $418 billion spent on it last year. But it’s also ripe for abuse.

Security researchers today revealed a new widespread attack on the online advertising ecosystem that has impacted millions of people, defrauded hundreds of companies, and potentially netted its creators some serious profits. The attack, dubbed Vastflux, was discovered by researchers at Human Security, a firm focusing on fraud and bot activity. The attack impacted 11 million phones, with the attackers spoofing 1,700 app and targeting 120 publishers. At its peak, the attackers were making 12 billion requests for ads per day.

“When I first got the results for the volume of the attack, I had to run the numbers multiple times,” says Marion Habiby, a data scientist at Human Security and the lead researcher on the case. Habiby describes the attack as both one of the most sophisticated the company has seen and the largest. “It is clear the bad actors were well organized and went to great lengths to avoid detection, making sure the attack would run as long as possible—making as much money as possible,” Habiby says. 

Cybersecurity trends in 2023 that will directly impact everyday life

source: cybersecuritydive.com  |  image: Pixabay.com

 

The scale of cyberthreats are growing, spilling into the mainstream. In 2023, expect the spotlight to add pressure to businesses that have underinvested in security.

 

There are a few certainties in cybersecurity: ransomware will cause headaches for companies; third parties will spark cyber incidents; and every December, cybersecurity analysts will put together lists of their predictions and trends they believe will have an impact in the coming year. 

Most of the predictions are designed to help organizations build out their security programs, but every so often a trend will build slowly over time until its impact is clear.

Sometimes these trends will reach far beyond an individual company and impact society at large. 

Here are some of the biggest trends Cybersecurity Dive is watching this year. Are there any security patterns you are watching closely? Email us at cybersecurity.dive.editors@industrydive.com.

The global impact of state-sponsored activities

State-sponsored threats trend every year, but as we begin 2023, those threats have a different, more menacing, feel to them. The countries responsible for much of the state-sponsored activity — Russia, China and Iran — are embroiled in conflict. 

“In the past year, we’ve seen [Russia’s] invasion of Ukraine; a worsening of the relationship between China and the West combined with tightening control by Xi Jinping and further pressure on Taiwan; and a growing concern in Iran about dissident activity and pressures on the regime both internally and abroad,” said Mike McLellan, director of intelligence for the Secureworks Counter Threat Unit. 

Continue reading “Cybersecurity trends in 2023 that will directly impact everyday life”

Your Home Security Cameras Are in the Wrong Spots. Here’s Where to Put Them

source: cnet.com  |  contributed by Steve Page  |  image: pixabay.com

If you have a home security camera (or are you thinking about finding a Black Friday deal on one), you may have wondered about the best places to put them to deter bad actors and give you the best view of your property — and where not to put them. 

Your home and yard layout, budget and home security priorities are different from your neighbor’s, so there is no one-size-fits-all rule for security camera placement. But this guide will help you consider all the aspects of your home security setup and identify which ones are absolute musts based on the vulnerabilities in your home.

For more home security tips, check out how to prevent your home security cameras from being hacked, and the best cheap home security systems you can buy.

Where you should consider installing a home security camera

1. Exterior: Front door

You might assume that intruders always sneak into side entrances, but statistics from the International Association of Certified Home Inspectors show that 34% of burglars use the front door. It’s also where package thieves are likely to strike. A camera at your main entrance keeps tabs on everybody going in and out of your home, from family members and babysitters to maintenance people, delivery people and more. (Pro tip: Video doorbells are great picks for the front door. You can use them as the primary camera or in conjunction with another outdoor camera aimed at the yard or garage.)

Continue reading “Your Home Security Cameras Are in the Wrong Spots. Here’s Where to Put Them”

You Really Need a Password Manager.

Here’s How to Get Started

source: cnet.com  |  image: pixabay.com

 

Using a password manager is easy, and it’s one of the best ways to stay secure online.

It may seem like more trouble than it’s worth, but you really need to create a unique password for each of your online accounts. Each password should ideally be at least eight characters in length and consist of capital and lowercase letters, numbers and symbols. (Yes, using “password123” for everything isn’t going to cut it.) It may be tempting, but using one easy-to-remember code across all of your accounts can jeopardize your online security — and you definitely don’t want to make yourself an easy target for cybercriminals. In fact, recent research by cybersecurity firm Hive Systems has suggested that a weak password can be cracked instantly by a hacker.

Password managers are vital tools that can help you stay safe online and be more digitally secure by simplifying the process of using strong passwords. And they’re easier to use than you may think. Even so, 4 out of 5 American adults don’t use a password manager, according to a study from Security.org. 

Here’s why you need a password manager and how to set one up.

What is a password manager, and why do I need one?

A password manager is an online service that stores your passwords as well as other data like credit card numbers, bank account information and identification documents in a secure, encrypted environment. It takes one of the biggest potential vulnerabilities — weak or recycled passwords — and does the hard work for you.

Continue reading “You Really Need a Password Manager. Here’s How to Get Started”

The 3 Worst Spots to Put a Home Security Camera

source: cnet.com (contributed by FAN, Steve Page)  |  image: pixabay.com

 

Don’t compromise your home security: Put your home security cameras in the right places.

Security cameras are one of the simplest ways to deter would-be burglars and protect your home. With the help of a few well-placed cameras, you can easily keep a remote eye on most of your home and property. And with more affordable options on the market and improvements in wireless technology, it’s now possible for just about anyone to set up a wired or wireless security camera system that fits your home’s needs and budget. 

But it’s also possible to set up a home camera security systemthe wrong way. The last thing that you want to do is place a camera in a spot where it is rendered ineffective and find out too late that its footage is useless. This guide will steer you away from camera placements to avoid and help you establish a more effective home security camera system. For more on home security, check out the best security camera deals and how to keep your security cameras from being hacked

Ineffective spots

You might be tempted to point cameras at the spots around your home that are difficult to see. There is an intuitive reason for this: If you can’t see a location from your windows or doors, it feels possible that someone might be lurking there. You might think these hidden areas are a burglar’s preferred place to break and enter. 

Continue reading “The 3 Worst Spots to Put a Home Security Camera”

Airline Travel Hacks To Avoid Holiday Excursion Headaches

source: technewsworld.com  |  image:pixabay.com

 

For those of you who haven’t traveled lately, things have changed over the last couple of years. For example, most airlines don’t take cash anymore, and an increasing number don’t accept credit cards.

Airlines are almost all short-staffed, and at this time of year, there are a lot of mechanical delays and weather events. Depending on the airport, the ability to rebook a flight at the gate may no longer exist. Spending the night in an airport is no fun, and neither is missing a flight because you didn’t make it through security in time.

This week, I’ll share some tips on how to survive traveling over the holidays. We’ll close with my product of the week: my favorite suitcase, which is like a rolling dresser.

Plan for Extend Connection Times

Over the past two months, most of the flights I’ve been on have had a mechanical or airline delay. Generally, the delays have been just short of an hour, suggesting you want at least one hour between connecting flights if you don’t want to be stranded.

If you are taking a cruise and you have to fly to the port of departure, you might want to fly the day before so that any delay doesn’t keep you from meeting the boat. We had first-class tickets on our last flight on United to meet up for a cruise. Still, we were delayed at the departing airport for 30 minutes, then again at the arrival airport (San Francisco) for 30 minutes, which had us arriving at the gate three minutes after they closed it. They wouldn’t let us on the plane, arguing that we should have run faster.

As a result, we lost our direct flight to Florida, lost our first-class seats, and had to route through Chicago, which got us there late at night rather than mid-day. Fortunately, our cruise was the next day, or we’d have missed our departure and had to try to catch the ship at the next port, a very expensive workaround.

The more critical it is that you get to your destination on time, the more extra time you should schedule for transport. You should plan to arrive the day before for a wedding, funeral, family event, business meeting, or tour with a firm start time instead of cutting it close. Otherwise, there’s a good chance you’ll miss that critical event.

Take Advantage of Airline Apps

Download the airline app before you leave, and if it has the option to pre-load a credit card, do it. On my last trip, a couple from Australia in front of me couldn’t buy drinks or food because United no longer takes cash or credit cards on the plane. Instead, they pull the card data from the app.

Continue reading “Airline Travel Hacks To Avoid Holiday Excursion Headaches”