Signal Founder Delivers Dirt on Dodgy Phone Hacking Company Cellebrite's Security Flaws

Facebook exposes two Palestinian espionage campaigns, DOJ forms task force to curtail ransomware campaigns, USPS has a surveillance effort to spy on Americans social media posts, more

Don’t wait for each morning’s issue of Metacurity to stay current on cybersecurity developments. Follow us on Twitter for breaking news throughout the day.

Follow Us on Twitter

Moxie Marlinspike, the founder of the popular encrypted chat app Signal, revealed details of poor security involved in mobile unlocking company Cellebrite’s devices after getting his hands on such a unit after it“fell off a truck.”

Cellebrite devices lack industry-standard mitigation defenses and feature many opportunities for exploitation, Marlinspike said in a blog post. Cellebrite announced several months ago it had added Signal to its phone-hacking repertoire. Marlinspike joked that future versions of Signal might very well contain files that"are never used for anything inside Signal and never interact with Signal software or data.” (Lorenzo Franceschi-Bicchierai / Motherboard)

Related: Ars TechnicaSlashdotSlashGearSlashGear » security, Signal, Reddit-hackingGizmodoCyberscoopIT NewsThe Register - SecurityZDNetAppleInsider, Bleeping ComputerSecurity News | Tech TimesMashableSlashdot, Ars Technica, SlashGear » security

Facebook says that two digital espionage campaigns out of Palestine that were active in 2019 and 2020 exploited many devices and platforms, including unique spyware that targeted iOS. The researchers linked one set of attackers to Palestine's Preventive Security Service, an intelligence group under the West Bank's Fatah ruling party. The hackers focused on attacking human rights and anti-Fatah activists, journalists, and entities like the Iraqi military and Syrian opposition.

The other group is the longtime actor Arid Viper, associated with Hamas, which focused on targets within Palestine like Fatah political party members, government officials, security forces, and students. (Lily Hay Newman / Wired)

Related: MotherboardYnet NewsForbesThomas Brewster - ForbesCyberNewsDevdiscourse News DeskHaaretz.comThe IndependentSecurityWeekStars and Stripes, ReutersIsrael National NewsZDNetMotherboardHaaretz.comDevdiscourse News DeskCyberNewsYahoo! News, The Record, Daily Beast, Facebook, Cyberscoop

The U.S. Justice Department has formed a task force to curtail the seemingly uncontrolled proliferation of ransomware cyberattacks in a bid to make the popular extortion schemes less lucrative by targeting the entire digital ecosystem that supports them.

The task force consists of the Justice Department’s criminal, national security, civil divisions, the Federal Bureau of Investigation, and the Executive Office of U.S. Attorneys, supporting the 93 top federal prosecutors across the country. (Dustin Volz / Wall Street Journal)

Related: Dark Reading: Threat IntelligenceCNET NewsPYMNTS.comThe Seattle TimesTechxploreSecurity WeekThe IndependentThe Hill: Cybersecurity

A bipartisan group of lawmakers, including Sen. Ron Wyden (D-OR), Sen. Rand Paul (R-KY), and 18 other members of the Senate, have introduced The Fourth Amendment Is Not For Sale Act that will ban law enforcement agencies from buying data from controversial firm Clearview AI, as well as force agencies to obtain a warrant before sourcing location data from brokers.

The complex bill addresses various surveillance technologies in different ways. It requires federal agencies to obtain a court order to gather information from brokers rather than simply buying it like a company in the private sector might do.  But for Clearview and other law enforcement suppliers, the bill bans agencies from purchasing data that has been obtained illicitly or through terms of services violations. (Joseph Cox / Motherboard)

Related: DecipherAlterNet.orgTechCrunch, Daily Dot, The Verge

Google released Chrome 90.0.4430.85 to address an actively exploited zero-day and four other high severity security vulnerabilities impacting the popular web browser. Google will roll out to all users over the coming weeks.

Google said little about the zero-day aside from describing it as a 'Type Confusion in V8' and saying that VerSprite Inc's Jose Martinez reported it. (Sergiu Gatlan / Bleeping Computer)

Related: ZDNetCyberscoopBGRPCMag.comNDTV Gadgets360.comThe Register - SecurityTechJuice, gHacksE Hacking News, Google Chrome releases, Cyber Kendra

After a group of University of Minnesota researchers was caught submitting a series of malicious code commits in the official Linux codebase as a part of their research activities, Linux kernel project maintainers imposed a ban on the university to the open-source Linux project.

The project maintainers further decided to revert any code commits that were ever submitted from a email address. (Ax Sharma / Bleeping Computer)

Related: Linux SecurityReddit - cybersecurity

The U.S. arm of Japanese vision care company Hoya Vision Care experienced disrupted operations following a ransomware attack.

The hacker group called Astro Team said it targeted Hoya servers and stole about 300 gigabytes of confidential corporate data, including finance, production, email messages, passwords, and safety reports. (Daniele Lepido / Bloomberg)


The U.S. Postal Service has been running a surveillance effort known as iCOP, or Internet Covert Operations Program, unbeknownst to many government experts, legislators and policymakers.

The iCOP requires analysts to trawl through social media sites to look for what the document describes as “inflammatory” postings and then sharing that information across government agencies. (Jana Winter / Yahoo News)

Related: Raw StoryDaily Dot

Email and collaboration security company Perception Point raised $28 million in a Series B funding round.

The round was led by Red Dot Capital Partners and joined by global investor NGP Capital along with existing investors Pitango Venture Capital and State of Mind Ventures (SOMV). (NoCamels)

Related: Global Security Magazine, Private Equity Wire

Software-as-a-service (SaaS) security management AppOmni closed a $40 million Series B venture funding round.

Scale Venture Partners led the round, with Salesforce Ventures and ServiceNow Ventures, previous backers ClearSky, Costanoa Ventures, Inner Loop Capital, and Silicon Valley Data Capital also participating. (Ingrid Lunden / TechCrunch)

Related: SecurityWeekPYMNTS.comGlobal Security MagFinSMEsMSSP AlertVentureBeat

Cybersecurity visibility, analytics, and automation company Rapid7 announced it had acquired open-source technology Velociraptor to gain more expertise around endpoint monitoring, digital forensics, and incident response.

The Velociraptor standalone offering is designed to allow incident response teams to rapidly collect and examine artifacts from across a network and deliver forensic detail following a security incident. (Michael Novinson / CRN)

Related: ZDNet SecurityRapid7Infosecurity MagazineDark Reading: Security Monitoring

Photo by Dimitri Karastelev on Unsplash