All posts in “Cybersecurity”

Iranian spies allegedly used Facebook to target U.S. intelligence agents

Not so friendly request.
Not so friendly request.

Image: Ambar Del Moral / mashable

It was just a simple friend request. However, nothing is ever simple when the U.S. intelligence community is involved.

A press release released Wednesday by the Department of Justice details an alleged effort by Iranian government agents to use Facebook to hack members of the American intelligence community. And they had unexpected help. Specifically, a former Department of Defense contractor turned Iranian agent. 

The details of this case are pretty wild, and focus on 39-year-old Monica Elfriede Witt. Witt, the press release notes, is both a former Air Force intelligence specialist and a special agent of the Air Force Office of Special Investigations. She also worked as a Department of Defense contractor, and was granted a “high-level” security clearance. That was all before 2012, when things allegedly took a turn for the treasonous. 

Witt is accused of working with a team of Iranian government-affiliated hackers aiming to install malware on her former colleagues’ computers. And like so many things these days, Facebook played a key role in their plan.

“Specifically, between Jan. and May 2015, the Cyber Conspirators, using fictitious and imposter accounts, attempted to trick their targets into clicking links or opening files that would allow the conspirators to deploy malware on the target’s computer,” reads the press release. “In one such instance, the Cyber Conspirators created a Facebook account that purported to belong to a [U.S. intelligence community] employee and former colleague of Witt, and which utilized legitimate information and photos from the USIC employee’s actual Facebook account.”

Several of Witt’s former colleagues accepted these fake friend requests. According to the unsealed indictment, the malware in question was “designed to capture a target’s keystrokes, access a computer’s web camera, and monitor other computer activity.”

In one such case in 2015, an attachment that looked like a jpg file but was actually a malware-laden zip file was sent via Facebook after a U.S. agent accepted a spoofed friend request.  

They also sent at least one fake Facebook password reset email in an attempt to gain U.S. government target passwords. 

This effort by Witt and her co-conspirators, which was not limited to Facebook, included sending emails that were suspicious on their face. One such email, sent in 2015 to a U.S. government agent, reads almost like a parody of a hacking attempt. 

“I’ll send you a file including my photos but u should deactivate your anti virus to open it because i designed my photos with a photo album software, I hope you enjoy the photos i designed for the new year, they should be opened in your computer honey.”

We reached out to Facebook in an effort to determine what it does to prevent these types of targeted attacks, and what the company thought about Iranian agents using its platform to go after members of the U.S. intelligence community, but have yet to receive a response. 

Witt is still at large. 

Cms%252f2019%252f1%252f02ad2b2e a5e5 bb49%252fthumb%252f00001.jpg%252foriginal.jpg?signature=swq umrm8u9ztlnv1pvstaxqdqa=&source=https%3a%2f%2fvdist.aws.mashable

Russia plans to disconnect from the internet

Image: Getty Images/Cultura RF


PCMag.com is a leading authority on technology, delivering Labs-based, independent reviews of the latest products and services. Our expert industry analysis and practical solutions help you make better buying decisions and get more from technology.

While Russia has deftly used the internet to advance its own interests, it is apparently concerned about other countries deploying its own tactics, so it is preparing to “disconnect” from the internet, ZDNet reports.

Average Russians would not lose internet access; the plan would instead change how internet traffic is handled on the back-end.

The move has been in the works for years, and is intended to seal Russia off from incoming cyber attacks. ISPs in the region are now preparing to test a system that would re-route web traffic in Russia to exchange points controlled by Russia’s telecom agency, Roskomnazor, ZDNet says.

A date for the test has not been set, but is supposed to happen before April 1, according to a law introduced last year. This “Digital Economy National Program” calls on Russia to develop its own form of the internet’s address system (DNS). None of the 12 independent organizations that manage these servers are in Russia, the BBC notes, but copies of the core address books are, so Russia could stay connected in an emergency.

The disconnect experiment is being overseen by Russia’s Information Security Working Group; its members include Natalya Kaspersky, the co-founder of Kaspersky Lab, which has faced backlash abroad over allegations that the Russian government used Kaspersky Lab products to spy on computers.

According to the BBC, Russia eventually wants all internet traffic to flow through its private network, which could create a system like that in China, where popular websites are banned and internet use is heavily monitored.

Uploads%252fvideo uploaders%252fdistribution thumb%252fimage%252f90163%252f991367b0 25dd 490d a435 292122c573b5.jpg%252foriginal.jpg?signature=qoq3jtssq egmrfzhdlyp13fvpo=&source=https%3a%2f%2fblueprint api production.s3.amazonaws

This article originally published at PCMag
here

Opera browser to bring built-in VPN on Android

Opera’s bringing back its VPN (virtual private network) service, albeit in a slightly different format. 

In 2016, the company launched a free VPN app for Android (followed by an iOS launch) but the app was discontinued last year. Soon, however, Opera will offer the free VPN service again, as part of its Opera browser for Android. 

The feature is currently undergoing testing and is slowly rolling out to Opera beta users, the company said in a blog post Thursday. 

Once you turn the option on, you can choose your virtual location — the choices aren’t as good as you’d get from a commercial VPN service, but you do get to choose whether you want to be virtually located in Europe, America or Asia. Opera claims it’s not keeping any usage logs. 

Image: Opera

VPNs are important tools for anyone concerned about their privacy. They obscure your internet activities from your internet service provider, and can sometimes be used to use services or access sites which are blocked in your country. 

Opera already offers a free, unlimited VPN as part of its desktop web browser. Just like that version, the mobile browser also offers you to bypass VPN when accessing search engines. 

Opera’s browsers for Android is freely available on Google Play

Uploads%252fvideo uploaders%252fdistribution thumb%252fimage%252f90333%252fd47b9e37 57b6 4b43 9f18 aca70b87d762.jpg%252foriginal.jpg?signature=zmtenev8v0jz1ycihjxz vkumre=&source=https%3a%2f%2fblueprint api production.s3.amazonaws

Apple isn’t too happy about apps that secretly record your phone’s screen

Some popular apps, such as Hotels.com and Expedia, have been using Glassbox's tech to record everything users do while using the apps. Now, Apple is telling app developers they must disclose this practice to users.
Some popular apps, such as Hotels.com and Expedia, have been using Glassbox’s tech to record everything users do while using the apps. Now, Apple is telling app developers they must disclose this practice to users.

Image: S3studio/Getty Images

Following TechCrunch’s report that certain iOS apps are using technology from a company called Glassbox to record everything a user does within the app, Apple has started telling app developers that they either need to disclose this to users or face getting banned from the App Store. 

“Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity. We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary,” an Apple spokesperson told TechCrunch

The investigation by TechCrunch and App Analyst discovered that many popular apps, including Air Canada, Expedia and Hotels.com, are using Glassbox’s tech without disclosing it to users. Furthermore, in some cases these apps appear to transfer sensitive user data without masking or encrypting it. 

According to TechCrunch, Apple is telling developers via e-mail that apps “must request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity.” The company has reportedly given developers less than a day to remove Glassbox’s code from their app and resubmit it. Otherwise, the app would be removed from Apple’s App Store. 

In an email, a Glassbox spokesperson told Mashable that the company’s goals are “to improve online customer experiences and to protect consumers from a compliance perspective.” The company says it’s a strong supporter of user privacy and security, that it “meets the highest security and data privacy standards” and that it provides its customers (the app developers) with tools to mask “every element” of personal data. Furthermore, Glassbox says it believes its customers should have “clear policies in place so that consumers are aware that their data is being recorded.”

If Glassbox is to be believed, the problem lies mainly with some of the app developers who use its tech, firstly because they don’t disclose it to their users, and secondly because they haven’t implemented it correctly. In any case, it’s good that Apple is cracking down on irresponsible use of this technology. 

We’ve reached out to Apple and Glassbox for further comment and will update this article when we hear from them. 

Uploads%252fvideo uploaders%252fdistribution thumb%252fimage%252f90337%252f12781bc4 a21b 4c1c b152 0936b5fe0cad.jpg%252foriginal.jpg?signature=mwbxvtazvi4h2hgfg4xfgj4lmyc=&source=https%3a%2f%2fblueprint api production.s3.amazonaws

FaceTime bug teenager is eligible for bug bounty payout

Image: Thomas Trutschel/Photothek via Getty Images


PCMag.com is a leading authority on technology, delivering Labs-based, independent reviews of the latest products and services. Our expert industry analysis and practical solutions help you make better buying decisions and get more from technology.

The rather serious FaceTime bug widely reported about last week left Apple a little red-faced and one 14-year-old (and his mother) hoping Apple would give him some credit for discovering it. Now it looks like he’s going to get a big payout from Apple’s bug bounty program.

Grant Thompson is the teenager who discovered the bug 10 days before it went public. His mother, Michelle Thompson, set about telling Apple, which resulted in signing up as an Apple developer and submitting a bug report. The report wasn’t taken seriously for some reason, and it wasn’t until his mother shared the communications with Apple via Twitter that news of the bug went viral.

Since then, a “high-level Apple executive” has visited the family in Tucson, Arizona to thank them for reporting the bug and to ask how the reporting process could be improved. A thank you to the Thompson family was also included in a statement from Apple apologizing for the flaw, but that looked to be the end of it.

Since then, CNBC reported that when the executive visited the Thompson family he also told them Grant was eligible for a bug bounty for discovering the flaw. Michele Thompson explained, “They also indicated that Grant would be eligible for the bug bounty program. And we would hear from their security team the following week in terms of what that meant … If he got some kind of bug bounty for what he found, we’d certainly put it to good use for his college because I think he’s going to go far, hopefully.”

A bug bounty payout would most certainly help pay for college. Apple’s bug bounty program launched in 2016 with details appearing at the Black Hat conference. As revealed in a tweet by PCMag’s Neil Rubenking at the time, the payouts Apple offers start at $25,000 and increase up to $200,000 dependent on how serious the bug is. Even if Grant got the minimum payout it would probably feel like Christmas.

I’d be very surprised if a box full of the latest Apple hardware, software, and a developer license isn’t on its way over to Grant this week as well. It’s the least Apple can do.

Uploads%252fvideo uploaders%252fdistribution thumb%252fimage%252f90369%252f567374bf 8ae9 4e15 a5de 4beab1a92ae1.jpg%252foriginal.jpg?signature=bqbdbd urmme u 0zjsaqt1txvi=&source=https%3a%2f%2fblueprint api production.s3.amazonaws

This article originally published at PCMag
here