Cape’s Post

#LawfulInterception is a #backdoor! 😠 China hacked Verizon, AT&T and Lumen using the #FBI's backdoor "State-affiliated Chinese hackers penetrated AT&T, Verizon, Lumen and others; they entered their networks and spent months intercepting US traffic – from individuals, firms, government officials, etc – and they did it all without having to exploit any code vulnerabilities. Instead, they used the back door that the FBI requires every carrier to furnish" https://lnkd.in/e7JPvyW6

The Wall Street Journal is reporting that #ChineseHackers (#SaltTyphoon) penetrated the networks of US #broadband providers and might have accessed the #backdoors that the federal government uses to execute court-authorized #wiretap requests. Those backdoors have been mandated by law—#CALEA—since 1994. It’s a weird story. The first line of the article is: “A #cyberattack tied to the #ChineseGovernment penetrated the networks of a swath of U.S. broadband providers.” This implies that the attack wasn’t against the broadband providers directly, but against one of the intermediary companies that sit between the government CALEA requests and the broadband providers. For years, the #security community has pushed back against these backdoors, pointing out that the technical capability cannot differentiate between good guys and bad guys. And here is one more example of a backdoor access mechanism being targeted by the “wrong” #eavesdroppers.

𝐖𝐞 𝐩𝐫𝐨𝐭𝐞𝐜𝐭 𝐲𝐨𝐮𝐫 𝐦𝐨𝐛𝐢𝐥𝐞 𝐮𝐬𝐞𝐫𝐬 when they use their mobile devices over insecure public networks, like city centres 🏙️ and hospitality venues. 🏨 𝐘𝐨𝐮𝐫 𝐞𝐧𝐝 𝐮𝐬𝐞𝐫𝐬 𝐚𝐫𝐞 𝐭𝐡𝐞 𝐧𝐮𝐦𝐛𝐞𝐫 𝐨𝐧𝐞 𝐭𝐚𝐫𝐠𝐞𝐭 𝐟𝐨𝐫 𝐡𝐚𝐜𝐤𝐞𝐫𝐬! 1️⃣ Hackers target insecure public networks, to gain entry to corporate networks and steal data. 🧑💻 𝐓𝐡𝐞 𝐒𝐞𝐜𝐮𝐫𝐞𝐝𝐒𝐈𝐌 𝐬𝐨𝐥𝐮𝐭𝐢𝐨𝐧 𝐩𝐫𝐨𝐭𝐞𝐜𝐭𝐬 𝐲𝐨𝐮 𝐛𝐲 𝐞𝐧𝐜𝐫𝐲𝐩𝐭𝐢𝐧𝐠 𝐲𝐨𝐮𝐫 𝐦𝐨𝐛𝐢𝐥𝐞 𝐝𝐚𝐭𝐚 𝐭𝐫𝐚𝐟𝐟𝐢𝐜 𝐚𝐧𝐝 𝐦𝐨𝐯𝐢𝐧𝐠 𝐢𝐭 𝐨𝐯𝐞𝐫 𝐚 𝐩𝐫𝐢𝐯𝐚𝐭𝐞 𝐜𝐞𝐥𝐥𝐮𝐥𝐚𝐫 𝐧𝐞𝐭𝐰𝐨𝐫𝐤, 𝐚𝐯𝐨𝐢𝐝𝐢𝐧𝐠 𝐩𝐮𝐛𝐥𝐢𝐜 𝐜𝐞𝐥𝐥𝐮𝐥𝐚𝐫 𝐧𝐞𝐭𝐰𝐨𝐫𝐤𝐬 𝐜𝐨𝐦𝐩𝐥𝐞𝐭𝐞𝐥𝐲. 🦺 #securedsim #cellular #simcard #sim #mobileusers #devicesecurity #networklevelprotection #ransomewareprotection

#VaptWithAnmol Threat actors were able to obtain the data of "nearly all" of AT&T's cellular customers as well as the customers of mobile virtual network operators (MVNOs) that used AT&T's wireless network, the American telecom service provider has acknowledged. This includes phone numbers of AT&T landline customers and customers of other carriers, counts of those encounters, and the total call time for a day or month. It also includes phone numbers with whom an AT&T or MVNO cellphone number interacted. Former NSA hacker and IANS Research faculty member Jake Williams stated, "The threat actors have used data from previous compromises to map phone numbers to identities." #security #securityawareness #knowledgesharing #learning #growth #vapt #penetrationtesting #vulnerability

🚨𝐄𝐮𝐫𝐨𝐩𝐨𝐥 𝐖𝐞𝐛 𝐏𝐨𝐫𝐭𝐚𝐥 𝐁𝐫𝐞𝐚𝐜𝐡-𝐀𝐬𝐬𝐮𝐫𝐞𝐬 𝐍𝐨 𝐃𝐚𝐭𝐚 𝐇𝐚𝐬 𝐁𝐞𝐞𝐧 𝐂𝐨𝐦𝐩𝐫𝐨𝐦𝐢𝐬𝐞𝐝: #Europol, the esteemed guardian of law and order in the 𝐄𝐮𝐫𝐨𝐩𝐞𝐚𝐧 𝐔𝐧𝐢𝐨𝐧, finds itself at the center of an investigative storm following a breach of its renowned Europol Platform for Experts #EPE. 𝐓𝐡𝐞 𝐄𝐮𝐫𝐨𝐩𝐨𝐥 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦 𝐟𝐨𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬, a revered forum fostering collaboration among law enforcement luminaries, has encountered a #Breach, sparking widespread concern. While Europol assures that #NoOperational #Data has been #Compromised, ominous whispers emerge from the shadows, with IntelBroker, a clandestine entity, claiming access to #Classified documents marked “𝐅𝐨𝐫 𝐎𝐟𝐟𝐢𝐜𝐢𝐚𝐥 𝐔𝐬𝐞 𝐎𝐧𝐥𝐲”. The 𝐄𝐏𝐄’𝐬 [𝐞𝐩𝐞(.)𝐞𝐮𝐫𝐨𝐩𝐨𝐥(.)𝐞𝐮𝐫𝐨𝐩𝐚(.)𝐞𝐮] virtual habitat presently lies #Dormant, veiled under the pretense of #Maintenance. Meanwhile, IntelBroker boasts of seizing a treasure trove of sensitive information, encompassing 𝐅𝐨𝐫 𝐎𝐟𝐟𝐢𝐜𝐢𝐚𝐥 𝐔𝐬𝐞 𝐎𝐧𝐥𝐲 source codes, PDFs, and strategic directives. Their audacious claims extend to breaching EC3 SPACE, a sanctuary nurturing over 6,000 #Cybercrime fighters worldwide. The ramifications of this breach transcend the boundaries of EPE, as IntelBroker asserts control over the SIRIUS platform, a bastion for #Judicial and #LawEnforcement champions from 47 nations. Screenshots of EPE’s digital interface and glimpses into an EC3 SPACE database, housing over 9,000 records, are paraded by IntelBroker in the murky depths of hacking forums. #IntelBroker’s nefarious exploits extend across governmental giants like 𝐈𝐂𝐄, 𝐔𝐒𝐂𝐈𝐒, 𝐚𝐧𝐝 𝐭𝐡𝐞 𝐃𝐞𝐩𝐚𝐫𝐭𝐦𝐞𝐧𝐭 𝐨𝐟 𝐃𝐞𝐟𝐞𝐧𝐬𝐞. Allegations swirl around their potential involvement in the notorious April 2024 Five Eyes data leak, marking a worrisome trend. As IntelBroker continues its digital crusade, however #Europol remains resolute in its quest for answers. Collaborating with stakeholders, Europol endeavors to shore up the ramparts of digital defense and stem the tide of cyber intrusions.  For more details, refer to the news article published in TechStory (Link in the comment section). #Europol #CyberSecurity #DataBreach #IntelBroker #SecurityBreach #CyberThreats

China no "hackeó", simplemente consiguió acceder durante MESES a las backdoors instaladas a beneficio del Gobierno USA en las telecos estadounidenses. El chiste se cuenta solo, pero no creo que esto haga reflexionar a Bruselas sobre esas iniciativas de "ChatControl" CSAM y demás... "A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests. For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk. The attackers also had access to other tranches of more generic internet traffic, they said." "The widespread compromise is considered a potentially catastrophic security breach and was carried out by a sophisticated Chinese hacking group dubbed Salt Typhoon." "The hackers appear to have engaged in a vast collection of internet traffic from internet service providers that count businesses large and small, and millions of Americans, as their customers." "A person familiar with the attack said the U.S. government considered the intrusions to be historically significant and worrisome." https://lnkd.in/e53p3Zjg

The threat actors behind the KV-botnet made "behavioral changes" to the malicious network as U.S. law enforcement began issuing commands to neutralize the activity. KV-botnet is the name given to a network of compromised small office and home office (SOHO) routers and firewall devices across the world, with one specific cluster acting as a covert data transfer system for other Chinese state-sponsored actors, including Volt Typhoon (aka Bronze Silhouette, Insidious Taurus, or Vanguard Panda). Active since at least February 2022, it was first documented by the Black Lotus Labs team at Lumen Technologies in mid-December 2023. The botnet is known to comprise two main sub-groups, viz. KV and JDY, with the latter principally used for scanning potential targets for reconnaissance. Late last month, the U.S. government announced a court-authorized disruption effort to take down the KV cluster, which is typically reserved for manual operations against high-profile targets chosen after broader scanning via the JDY sub-group. https://lnkd.in/gdDwT7ry

⚠ T-Mobile Targeted in Major Chinese Cyber-Espionage Campaign T-Mobile has confirmed it was impacted by a sweeping cyber-espionage operation linked to Chinese state actors, joining AT&T and Verizon as victims. This sophisticated breach, attributed to the Salt Typhoon group, targeted telecom infrastructure over eight months, exploiting vulnerabilities and potentially using AI for deeper penetration. The attackers accessed call logs, unencrypted texts, and audio from key U.S. government officials and political figures, raising serious national security concerns. While T-Mobile states no significant customer data impact has been detected, this incident highlights the urgency for fortified defenses in telecom networks. #CyberSecurity #Telecom #CyberEspionage #NationalSecurity #NetworkSecurity #SaltTyphoon

ASIO Director-General Mike Burgess recently commented on the need for tech companies to unlock encrypted chats when warranted - which raises important questions. First, how can Australia realistically enforce this on foreign companies? It seems difficult without international agreements. Second, I don’t see a big issue with unlocking encrypted chats via a court order, similar to how judges authorize access to locked doors or private files. While encryption has legitimate uses, it’s also exploited by bad actors. Malevolent use exists, and in those cases, a court order ought to provide lawful access. The challenge is discerning between benevolent and malevolent users on a global scale. It’s a morally and legally complex issue, but it’s clear that lawful access is necessary in some cases. Burgess’ comments are certainly timely, but how do we go from recognising these challenges to actionable pathways to solutions? #Cybersecurity #Privacy #Encryption #NationalSecurity #TechPolicy

Counter-Surveillance Techniques and Ensuring Privacy in the Digital Age. As surveillance methods evolve, so do the risks to personal privacy. Enigma Investigations provides counter-surveillance tools and strategies to help individuals protect their private lives. Whether it’s using bug detectors, VPNs, or encrypted communication, our team helps ensure that you’re in control of who has access to your information. Learn how we support privacy in an increasingly digital world. https://lnkd.in/e3srR5x9