It's very hard to maintain an anonymous Twitter account that can withstand government-level attempts to de-anonymize it

It's one thing to set up an "anonymous" Twitter Hulk account whose anonymity your friends and colleagues can't pierce, because the combination of your care not to tweet identifying details, the stilted Hulk syntax, and your friends' inability to surveil the global internet and compel phone companies to give up their caller records suffice for that purpose. Read the rest

Amnesty: hackers spent months building personas used to phish Qatari labor activists

In a new report, Amnesty International summarizes the security research they did on the victims of a sophisticated phishing attack aimed at Qatari labor activists, dubbed "Operation Kingphish." Read the rest

How governments and cyber-militias attack civil society groups, and what they can do about it

The University of Toronto's Citizen Lab (previously) is one of the world's leading research centers for cybersecurity analysis, and they are the first port of call for many civil society groups when they are targeted by governments and cyber-militias. Read the rest

The democratization of censorship: when anyone can kill as site as effectively as a government can

On the eve of the Stuxnet attacks, half a decade ago, I found myself discussing what it all meant with William Gibson (I'd just interviewed him on stage in London), and I said, "I think the most significant thing about any of these sophisticated, government-backed attacks is that they will eventually turn into a cheap and easy weapon that technically unskilled people can deploy for petty grievances." We haven't quite got there yet with Stuxnet, but there's a whole class of "advanced persistent threat" techniques that are now in the hands of fringey criminals who deploy them at the smallest provocation. Read the rest

A powerful attacker is systematically calibrating an internet-killing tool

Someone -- possibly the government of China -- has launched a series of probing attacks on the internet's most critical infrastructure, using carefully titrated doses of denial-of-service to precisely calibrate a tool for shutting down the whole net. Read the rest

Careto (the Mask): long-running, sophisticated APT malware

Researchers at Kaspersky Labs have uncovered a new, long-lived piece of espionage malware called Careto (Spanish for "Mask"). The software, which attacks Windows, Mac OS and GNU/Linux, has been running since at least 2007 and has successfully targeted at least 380 victims in 31 countries, gaining access via directed spear-phishing attacks, which included setting up fake sites to impersonate The Guardian. The Mask was thought to be the work of a government, and its targets were "government institutions, diplomatic offices and embassies, energy, oil and gas companies, research organizations and activists." It is possible that the Mask also targeted Android and Ios devices. Read the rest