Mexican spy scandal escalates as study shows software targeted opposition | World news | The Guardian

The spy software – known as Pegasus and made by the Israeli firm NSO Group – is only sold to governments, supposedly for use against terrorists and criminals. But an investigation by researchers at the University of Toronto revealed that it was deployed against Mexican anti-corruption crusaders, journalists investigating the president, and activists pushing for a soda tax.

Fuente: Mexican spy scandal escalates as study shows software targeted opposition | World news | The Guardian


Hackers publish private photos from cosmetic surgery clinic | Technology | The Guardian

Criminal group that broke into servers of Lithuanian clinic demands bitcoin ransom payments from clients after releasing 25,000 pictures

Fuente: Hackers publish private photos from cosmetic surgery clinic | Technology | The Guardian


Shadow Brokers threaten to unleash more hacking tools | Technology | The Guardian

The so-called Shadow Brokers, who claimed responsibility for releasing NSA tools that were used to spread the WannaCry ransomware through the NHS and across the world, said they have a new suite of tools and vulnerabilities in newer software. The possible targets include Microsoft’s Windows 10, which was unaffected by the initial attack and is on at least 500m devices around the world.

Fuente: Shadow Brokers threaten to unleash more hacking tools | Technology | The Guardian


Digital gold: why hackers love Bitcoin | Technology | The Guardian

The WannaCry ransomware attackers demanded payment in the cryptocurrency. But its use in the ‘clean’ economy is growing, too, and could revolutionise how we use money

Fuente: Digital gold: why hackers love Bitcoin | Technology | The Guardian


Pirates of the Caribbean 5: hackers threaten to post film online unless Disney pays ransom | US news | The Guardian

Hollywood Reporter says CEO Bob Iger has told employees that film would be released in segments online unless hackers were paid in bitcoin

Fuente: Pirates of the Caribbean 5: hackers threaten to post film online unless Disney pays ransom | US news | The Guardian


NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet

The supercomputer described in the trove, “WindsorGreen,” was a system designed to excel at the sort of complex mathematics that underlies encryption, the technology that keeps data private, and almost certainly intended for use by the Defense Department’s signals intelligence wing, the National Security Agency. WindsorGreen was the successor to another password-cracking machine used by the NSA, “WindsorBlue,” which was also documented in the material leaked from NYU and which had been previously described in the Norwegian press thanks to a document provided by National Security Agency whistleblower Edward Snowden. Both systems were intended for use by the Pentagon and a select few other Western governments, including Canada and Norway.

Fuente: NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet


Leaked NSA Malware Is Helping Hijack Computers Around the World

In mid-April, an arsenal of powerful software tools apparently designed by the NSA to infect and control Windows computers was leaked by an entity known only as the “Shadow Brokers.” Not even a whole month later, the hypothetical threat that criminals would use the tools against the general public has become real, and tens of thousands of computers worldwide are now crippled by an unknown party demanding ransom.

Fuente: Leaked NSA Malware Is Helping Hijack Computers Around the World


Microsoft responsabiliza a la Agencia de Seguridad Nacional de EE.UU. de propiciar el ciberataque masivo que afectó al menos a 150 países – El Mostrador

El gigante de la informática criticó el papel de los gobiernos y organizaciones que coleccionan vulnerabilidades informáticas que después pueden ser robadas o vendidas a delincuentes informáticos. La empresa pide que lo sucedido sea una lección para erradicar esta práctica en el mundo.

Fuente: Microsoft responsabiliza a la Agencia de Seguridad Nacional de EE.UU. de propiciar el ciberataque masivo que afectó al menos a 150 países – El Mostrador


WannaCry: por qué los expertos creen que puede haber otro ciberataque muy pronto – El Mostrador

Expertos en informática advierten que un nuevo ataque global con un brote de ransomware es “inminente” y que incluso podría ser lanzado el lunes. BBC Mundo te cuenta los detalles y cómo protegerte de estos virus.

Fuente: WannaCry: por qué los expertos creen que puede haber otro ciberataque muy pronto – El Mostrador


El ciberataque de escala mundial y “dimensión nunca antes vista” que afectó a instituciones y empresas de casi 100 países – El Mostrador

Un ciberataque “de dimensión nunca antes vista” logró este viernes bloquear el acceso a los sistemas informáticos de instituciones estatales y empresas de varios países.La policía europea, Europol, indicó que el ciberataque era de una escala “sin precedentes” y advirtió que una “compleja investigación internacional” era necesaria para “identificar a los culpables”.

Fuente: El ciberataque de escala mundial y “dimensión nunca antes vista” que afectó a instituciones y empresas de casi 100 países – El Mostrador


Japan Made Secret Deals With the NSA That Expanded Global Surveillance

The documents, published Monday in collaboration with Japanese news broadcaster NHK, reveal the complicated relationship the NSA has maintained with Japan over a period of more than six decades. Japan has allowed NSA to maintain at least three bases on its territory and contributed more than half a billion dollars to help finance the NSA’s facilities and operations. In return, NSA has kitted out Japanese spies with powerful surveillance tools and shared intelligence with them. However, there is a duplicitous dimension to the partnership. While the NSA has maintained friendly ties with its Japanese counterparts and benefited from their financial generosity, at the same time it has secretly spied on Japanese officials and institutions.

Fuente: Japan Made Secret Deals With the NSA That Expanded Global Surveillance


Leaked NSA Malware Threatens Windows Users Around the World

“This is as big as it gets,” Hickey said. “Nation-state attack tools are now in the hands of anyone who cares to download them…it’s literally a cyberweapon for hacking into computers…people will be using these attacks for years to come.”

Fuente: Leaked NSA Malware Threatens Windows Users Around the World


Ciberguerra: cuando el arma más poderosa es un ejército de hackers

La ciberguerra ha dejado de ser una excentricidad reservada a actos aislados, a pequeñas cosas. Las nuevas tecnologías forman parte de los civiles y sus ejércitos. Y atacarlas se ha puesto a la par de la guerra convencional.

Fuente: Ciberguerra: cuando el arma más poderosa es un ejército de hackers


Wiretaps, data dumps and zero days: is digital privacy no longer possible? – video | World news | The Guardian

From Russian hacking to WikiLeaks, Edward Snowden and CIA cyber weapons, does digital surveillance mean the end of privacy?

Fuente: Wiretaps, data dumps and zero days: is digital privacy no longer possible? – video | World news | The Guardian


Gobiernos en guerra contra WhatsApp por su cifrado de extremo a extremo – El Mostrador

Tras el ataque al Parlamento Británico ocurrido la semana pasada, los políticos británicos han exigido que Whatsapp y otras aplicaciones de mensajería instantánea proporcionen acceso a la policía y fuerzas de seguridad para así poder monitorear conversaciones terroristas. Sin embargo, los expertos en tecnología discuten que abrir las “puertas traseras” de los servicios de mensajería popular, las cuales usan cifrado de extremo a extremo, arrojaría una serie de problemas.

Fuente: Gobiernos en guerra contra WhatsApp por su cifrado de extremo a extremo – El Mostrador


Apple Says It Fixed CIA Vulnerabilities Years Ago

Yesterday, WikiLeaks released its latest batch of pilfered CIA material, five documents describing malicious software for taking over Apple MacBooks and iPhones, and wrote in an accompanying post that “the CIA has been infecting the iPhone supply chain of its targets,” prompting concerned readers to wonder if their iPhone or MacBook had been infected on the factory floor. In a statement, Apple says that is almost certainly not the case.

Fuente: Apple Says It Fixed CIA Vulnerabilities Years Ago


Wikileaks filtra nuevos documentos secretos sobre cómo “hackeaba” la CIA cualquier iPhone o Mac – El Mostrador

Bajo el nombre “Dark Matter” Wikileaks publicó una nueva tanda de documentos secretos, en los que detalla varios proyectos de la CIA para lograr infectar y “hackear” cualquier iPhone o Mac.

Fuente: Wikileaks filtra nuevos documentos secretos sobre cómo “hackeaba” la CIA cualquier iPhone o Mac – El Mostrador


With the latest WikiLeaks revelations about the CIA – is privacy really dead? | World news | The Guardian

Both the Snowden revelations and the CIA leak highlight the variety of creative techniques intelligence agencies can use to spy on individuals, at a time when many of us are voluntarily giving up our personal data to private companies and installing so-called “smart” devices with microphones (smart TVs, Amazon Echo) in our homes.So, where does this leave us? Is privacy really dead, as Silicon Valley luminaries such as Mark Zuckerberg have previously declared?

Fuente: With the latest WikiLeaks revelations about the CIA – is privacy really dead? | World news | The Guardian


Malware Attacks Used by the U.S. Government Retain Potency for Many Years, New Evidence Indicates

A new report from Rand Corp. may help shed light on the government’s arsenal of malicious software, including the size of its stockpile of so-called “zero days” — hacks that hit undisclosed vulnerabilities in computers, smartphones, and other digital devices.The report also provides evidence that such vulnerabilities are long lasting. The findings are of particular interest because not much is known about the U.S. government’s controversial use of zero days.

Fuente: Malware Attacks Used by the U.S. Government Retain Potency for Many Years, New Evidence Indicates


WikiLeaks publishes ‘biggest ever leak of secret CIA documents’ | Media | The Guardian

The US intelligence agencies are facing fresh embarrassment after WikiLeaks published what it described as the biggest ever leak of confidential documents from the CIA detailing the tools it uses to break into phones, communication apps and other electronic devices.

Fuente: WikiLeaks publishes ‘biggest ever leak of secret CIA documents’ | Media | The Guardian


Wikileaks Dump Shows CIA Could Turn Smart TVs into Listening Devices

It’s difficult to buy a new TV that doesn’t come with a suite of (generally mediocre) “smart” software, giving your home theater some of the functions typically found in phones and tablets. But bringing these extra features into your living room means bringing a microphone, too — a fact the CIA is exploiting, according to a new trove of documents released today by Wikileaks.

Fuente: Wikileaks Dump Shows CIA Could Turn Smart TVs into Listening Devices


WikiLeaks filtra programa encubierto de la CIA que usa celulares y televisores como “micrófonos encubiertos” – El Mostrador

La información revelada hoy sobre “hacking” (ataque cibernético) es parte de una serie en siete entregas que define como “la mayor filtración de datos de inteligencia de la historia”.

Fuente: WikiLeaks filtra programa encubierto de la CIA que usa celulares y televisores como “micrófonos encubiertos” – El Mostrador


The FBI Hacked Over 8,000 Computers In 120 Countries Based on One Warrant | Motherboard

In January, Motherboard reported on the FBI’s “unprecedented” hacking operation, in which the agency, using a single warrant, deployed malware to over one thousand alleged visitors of a dark web child pornography site. Now, it has emerged that the campaign was actually an order of magnitude larger.

Fuente: The FBI Hacked Over 8,000 Computers In 120 Countries Based on One Warrant | Motherboard


Adult Friend Finder and Penthouse hacked in largest personal data breach on record

Over 412m accounts from pornography sites and sex hookup service reportedly leaked as Friend Finder Networks suffers second hack in just over a year

Fuente: Adult Friend Finder and Penthouse hacked in largest personal data breach on record


Bloomberg messaging service suffers outage

Bloomberg’s instant messaging function, a vital cog in the global financial industry and one of the data company’s biggest selling points, suffered a brief but severe global outage on Tuesday, fraying nerves ahead of the US presidential election.

Fuente: Bloomberg messaging service suffers outage


Google and Microsoft in war of words over bug disclosure | Technology | The Guardian

The bug, which allows privilege escalation in Windows, was discovered by Google on 21 October. An attacker can use it to access things they should not be able to, and according to Google, it is already being actively exploited in the wild.

Fuente: Google and Microsoft in war of words over bug disclosure | Technology | The Guardian


DDoS attack that disrupted internet was largest of its kind in history, experts say | Technology | The Guardian

The cyber-attack that brought down much of America’s internet last week was caused by a new weapon called the Mirai botnet and was likely the largest of its kind in history, experts said.

Fuente: DDoS attack that disrupted internet was largest of its kind in history, experts say | Technology | The Guardian


Spies for Hire

While cybersecurity companies traditionally aim to ensure that the code in software and hardware is free of flaws — mistakes that malicious hackers can take advantage of — DarkMatter, according to sources familiar with the company’s activities, was trying to find and exploit these flaws in order to install malware. DarkMatter could take over a nearby surveillance camera or cellphone and basically do whatever it wanted with it — conduct surveillance, interfere with or change any electronic messages it emitted, or block the signals entirely.

Fuente: Spies for Hire


How old do you look? I wouldn’t ask the internet | Tim Dowling | Opinion | The Guardian

The how-old.net website – which uses photos to judge your age – didn’t work for me. For women and refugees, of course, there’s the Daily Mail

Fuente: How old do you look? I wouldn’t ask the internet | Tim Dowling | Opinion | The Guardian


Chinese webcam maker recalls devices after cyberattack link | Technology | The Guardian

An enormous DDoS attack was a network of hacked Internet of Things devices, many of which were made by Xiongmai

Fuente: Chinese webcam maker recalls devices after cyberattack link | Technology | The Guardian


Cyber attack: hackers ‘weaponised’ everyday devices with malware to mount assault | Technology | The Guardian

The huge attack on global internet access, which blocked some of the world’s most popular websites, is believed to have been unleashed by hackers using common devices like webcams and digital recorders.

Fuente: Cyber attack: hackers ‘weaponised’ everyday devices with malware to mount assault | Technology | The Guardian


Hillary Clinton’s Encryption Proposal Was “Impossible,” Said Top Adviser

Hillary Clinton’s advisers recognized that her policy position on encryption was problematic, with one writing that it was tantamount to insisting that there was “‘some way’ to do the impossible.”Instead, according to campaign emails released by Wikileaks, they suggested that the campaign signal its willingness to use “malware” or “super code breaking by the NSA” to get around encryption.

Fuente: Hillary Clinton’s Encryption Proposal Was “Impossible,” Said Top Adviser


Ex-Yahoo Employee: Government Spy Program Could Have Given a Hacker Access to All Email

Contrary to a denial by Yahoo and a report by the New York Times, the company’s scanning program, revealed earlier this week by Reuters, provided the government with a custom-built back door into the company’s mail service — and it was so sloppily installed that it posed a privacy hazard for hundreds of millions of users, according to a former Yahoo employee with knowledge of the company’s security practices.

Fuente: Ex-Yahoo Employee: Government Spy Program Could Have Given a Hacker Access to All Email


Someone Is Learning How to Take Down the Internet – Schneier on Security

Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don’t know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses.

Fuente: Someone Is Learning How to Take Down the Internet – Schneier on Security


Las detenciones irregulares en São Paulo que empezaron con un militar infiltrado en Tinder | Internacional | EL PAÍS

EL PAÍS reconstruye la detención de 21 personas antes de una marcha contra el presidente Temer el pasado día 4Los manifestantes sospechan que un militar se infiltró en varias redes sociales, entre ellos una de ligue, para identificarlos

Fuente: Las detenciones irregulares en São Paulo que empezaron con un militar infiltrado en Tinder | Internacional | EL PAÍS


“Un Estado democrático debería garantizar el voto secreto” » Noticias Urbanas

A un año de las elecciones legislativas, y a tres meses de que pueda legalizarse el voto electrónico en todo el país, Noticias Urbanas consultó a expertos informáticos para conocer más sobre la BUE.

Fuente: “Un Estado democrático debería garantizar el voto secreto” » Noticias Urbanas


Amistosa Caja Anti Vigilancia | Derechos Digitales

Con mucho orgullo y de manera oficial, Derechos Digitales presenta hoy la Amistosa Caja Anti Vigilancia, un conjunto de herramientas y consejos prácticos que te ayudarán a resguardar mejor tu información personal y la de otros. Pareciera ser que hoy más que nunca es necesario proteger nuestros datos, pues siempre hay alguien intentando acceder a ellos: empresas privadas, cibercriminales y el mismo Estado.

Fuente: Amistosa Caja Anti Vigilancia | Derechos Digitales


Hackean grupo de espionaje de la NSA y subastan información por 1 millón de bitcoins | CriptoNoticias – Bitcoin, Blockchain y criptomonedas

Un grupo de hackers vinculado a la Agencia de Seguridad Nacional de los Estados Unidos, mejor conocida como la NSA (National Security Agency), ha sido hackeado recientemente y sus herramientas de espionaje, recolección de información, malware y más, han sido puestas en venta por 1 millón de bitcoins (más de 550 millones de dólares al momento de la publicación).

Fuente: Hackean grupo de espionaje de la NSA y subastan información por 1 millón de bitcoins | CriptoNoticias – Bitcoin, Blockchain y criptomonedas


¿Son estas las armas de espionaje de la NSA? | Derechos Digitales

Un grupo de hackers dice haber obtenido información confidencial de Equation Group, un conocido y sofisticado grupo de ciber atacantes ligado a la NSA. Parte de la información publicada permite por primera vez echar un vistazo a las herramientas utilizadas por la agencia de seguridad estadounidense.

Fuente: ¿Son estas las armas de espionaje de la NSA? | Derechos Digitales


Israeli firm accused of creating iPhone spyware | World news | The Guardian

An Israeli technology company has been accused of creating and supplying an aggressive interception program capable of taking over Apple’s iPhones and turning them into remote spying devices, after it was allegedly used to target a Middle Eastern human rights activist and others.

Fuente: Israeli firm accused of creating iPhone spyware | World news | The Guardian


La grave falla que afecta a 900 millones de teléfonos Android y cómo saber si el tuyo es vulnerable – El Mostrador

La firma de seguridad Checkpoint detectó varias fallas de seguridad que pueden dar a potenciales atacantes acceso a los datos en más de 900 millones de dispositivos Android. ¿De qué se tratan? ¿Y cómo puedes averiguar si te afectan?

Fuente: La grave falla que afecta a 900 millones de teléfonos Android y cómo saber si el tuyo es vulnerable – El Mostrador


Justice department ‘uses aged computer system to frustrate Foia requests’ | Politics | The Guardian

A new lawsuit alleges that the US Department of Justice (DoJ) intentionally conducts inadequate searches of its records using a decades-old computer system when queried by citizens looking for records that should be available to the public.

Fuente: Justice department ‘uses aged computer system to frustrate Foia requests’ | Politics | The Guardian


Se cumple el aniversario de la filtración masiva de datos del Hacking Team | R3D: Red en Defensa de los Derechos Digitales

Hace un año, más de mil 500 correos electrónicos y 400 GB de información de la empresa italiana Hacking Team, dedicada a la venta de software para vigilancia, fueron hechos públicos.

Fuente: Se cumple el aniversario de la filtración masiva de datos del Hacking Team | R3D: Red en Defensa de los Derechos Digitales


“La ciberguerra sería una forma de terrorismo de Estado”

El libro pretende incentivar la mirada crítica entre el gran público ante los acontecimientos calificados de “ciberguerra” y alertar de la coartada que puede proporcionar el tremendismo sensacionalista en estos temas a quienes pretenden recortar libertades o privacidad.

Fuente: “La ciberguerra sería una forma de terrorismo de Estado”


Don’t break crypto, go easy on the algorithms—global Internet commission | Ars Technica UK

Crypto backdoors, the overuse of opaque algorithms, turning companies into law enforcement agencies, and online attacks on critical infrastructure have all been attacked by the Global Commission on Internet Governance in a new report published on Wednesday.

Fuente: Don’t break crypto, go easy on the algorithms—global Internet commission | Ars Technica UK


Asalto al tren del dinero virtual

Cada vez más entidades financieras son atracadas desde una silla, a través de una pantalla y sin que el ciberdelincuente se mueva de su asientoHablamos con un experto en ciberseguridad para saber cual es el modus operandi de los criminales, por dónde entran y cómo lo hacen

Fuente: Asalto al tren del dinero virtual


FBI’s Secret Surveillance Tech Budget Is ‘Hundreds of Millions’

The FBI has “hundreds of millions of dollars” to spend on developing technology for use in both national security and domestic law enforcement investigations — but it won’t reveal the exact amount.

Fuente: FBI’s Secret Surveillance Tech Budget Is ‘Hundreds of Millions’


Sólo actas de 1.300 cabildos de más de13.000 serán validadas por problemas en la web – El Mostrador

Una seria advertencia hicieron algunos miembros del Consejo Ciudadano de Observadores (CCO) respecto a que sólo actas de 1.300 cabildos de los más de 13.000 que están inscritos serán validadas e incluidas en el texto final del gobierno, debido a que la página web ha presentado deficiencias como el no contar con un sistema de autoguardado y problemas de conexión.

Fuente: Sólo actas de 1.300 cabildos de más de13.000 serán validadas por problemas en la web – El Mostrador


Tedic rechaza afirmaciones del Gobierno sobre sistemas de espionaje

La organización no gubernamental Tecnología, Educación, Desarrollo, Investigación y Comunicación (Tedic) rechazó las expresiones del ministro de la Secretaría Nacional Antidrogas (Senad), Luis Rojas, sobre el sistema de espionaje adquirido por el Gobierno. Pide transparencia y rendición de cuentas.

Fuente: Tedic rechaza afirmaciones del Gobierno sobre sistemas de espionaje