#data breach prevention | Explore Tumblr Posts and Blogs

sgrji · 1 year

Text

A Comprehensive Guide to Background Verification (BGV) in Today's World

In our increasingly interconnected and digitized world, the importance of ensuring the trustworthiness and credibility of individuals and entities has never been greater. Background Verification (BGV) plays a pivotal role in this process. From employment screenings to tenant checks, and even in the realm of cybersecurity, BGV is a critical tool used to evaluate the history and reliability of…

View On WordPress

2 notes · View notes

techtoio · 4 months

Text

1 note · View note

market-insider · 1 year

Text

Securing Critical Assets: Insider Threat Protection Market Insights

The global insider threat protection market size is estimated to reach USD 13.69 billion by 2030, progressing at a CAGR of 17.4% from 2023 to 2030, as per a recent report by Grand View Research, Inc. Advances in emerging technologies, such as Artificial Intelligence (AI), Machine Learning (ML), and the Internet of Things (IoT), have led to increased adoption of mobile apps and web applications, subsequently creating more complex IT infrastructure that can be vulnerable to insider threat attacks in organizations.

Gain deeper insights on the market and receive your free copy with TOC now @: Insider Threat Protection Market Report

To address potential security challenges, such organizations are implementing security services to detect bugs, as well as analyze the security landscape, while efficiently responding to cyberattacks. The need to fix bugs in web applications as well as mobile apps, and to mitigate data loss risks associated with insider threats, is expected to fuel the adoption of ITP services over the forecast period.

Insider risk management solutions use innovative threat intelligence, machine learning, and behavioral analysis algorithms that detect threats and suspicious activities leading to security breaches. These solutions are designed to detect real-time potential threats on endpoint devices such as servers, memory devices, mobile devices, and other point-of-sale devices, thereby helping the organization enhance its security posture through rapid response capabilities. In July 2022, McAfee, LLC announced a strategic partnership with Telstra, an Australia-based telecommunications and technology company.

The partnership aims to deliver comprehensive protection solutions to safeguard the identity and privacy rights of consumers across applications, activities, devices, and locations. This partnership offered Telstra customers easy access to McAfee’s robust security solutions. These solutions deliver complete security and privacy protection, with integrated applications of Antivirus Protection, Parental Controls, VPN Security, and Identity Protection, among others to secure multiple devices, including mobiles, tablets, PCs, and laptops. Such developments would further drive the market for insider threat protection solutions during the forecast period.

#Insider Threat Protection #Cyber security #Information Security #IT Security #Data Breach Prevention #Insider Risk #Insider Threat Detection #Insider Threat Solutions #Cyber Defense #Cyber Awareness

1 note · View note

deorwineinfotech · 1 year

Text

The security of our online data is of utmost importance in the current digital era. Authentication is essential for confirming people’s identities and giving them access to sensitive information or systems. There are several kinds of authentication techniques, and each one provides different levels of security and safety. In this article we will learn about three methods of authentication is essential for preventing cybercrime.

#Cybersecurity technologies #Cyber risk management #Cybercrime solutions #Cyber defense #Internet security #Data breach prevention #Online security #Cyber threats #Cybercrime prevention #Cybersecurity

0 notes

tntra · 1 year

Link

Cybersecurity breaches cost businesses monetary loss and mental stress. Learn data breach prevention tips and save your business from becoming another target.

Read more: https://www.tntra.io/blog/data-breach-prevention/

#Data Breach Prevention #Cybersecurity breaches #data breach prevention tips #Cybersecurity Breaches Data #Cybersecurity

0 notes

sanjanabia · 6 days

Text

Securing Corporate Data: The Ethical Hacker’s Role in Preventing Insider Threats

In today’s interconnected world, the security of corporate data is more critical than ever. While much focus is placed on defending against external cyber threats, insider threats—whether from malicious actors or unintentional mistakes—pose a significant risk to sensitive information. Insider threats can lead to data breaches that result in financial loss, reputational damage, and legal repercussions. Ethical hackers play a vital role in mitigating these risks by employing their expertise to detect and prevent insider threats. By leveraging the best cyber security certifications, ethical hackers can enhance their ability to safeguard corporate data and ensure a secure working environment. This blog explores the ethical hacker’s role in preventing insider threats and contribute to this crucial aspect of data security.

Understanding Insider Threats

Insider threats come from individuals within an organization who exploit their access to data for malicious purposes or make errors that lead to data breaches. These threats can be categorized into two main types:

Malicious Insiders: Employees or contractors who intentionally misuse their access to cause harm, such as stealing data or sabotaging systems.

Unintentional Insiders: Individuals who, through negligence or lack of awareness, inadvertently expose sensitive information, such as falling victim to phishing attacks or mishandling confidential data.

Both types of insider threats can have severe consequences, making it essential for organizations to implement robust strategies to detect and prevent them. This is where ethical hackers, armed with the best cyber security certifications, play a crucial role.

The Role of Ethical Hackers in Preventing Insider Threats

Conducting Risk Assessments

Ethical hackers use their expertise to perform comprehensive risk assessments that identify potential insider threats. These assessments involve evaluating access controls, reviewing security policies, and analyzing employee behavior patterns. By understanding where vulnerabilities lie, ethical hackers can recommend improvements to minimize the risk of insider threats.

2. Implementing and Testing Security Controls

Effective security controls are essential for mitigating insider threats. Ethical hackers help organizations implement and test these controls to ensure they are functioning as intended. This includes setting up and auditing access controls, monitoring systems for unusual activities, and enforcing data protection policies.

Through hands-on experience gained from the best cyber security certifications, ethical hackers learn how to design and test security controls that can detect and prevent both malicious and unintentional insider threats. They simulate attack scenarios to evaluate the effectiveness of these controls and make necessary adjustments.

3. Educating Employees and Raising Awareness

Many insider threats result from a lack of awareness or understanding of security best practices. Ethical hackers play a role in educating employees about data security, including recognizing phishing attempts, handling sensitive information securely, and following company policies. They conduct training sessions and create awareness programs to ensure that employees are equipped to prevent accidental breaches.

4. Monitoring and Analyzing Behavior

Ethical hackers use advanced monitoring tools to analyze employee behavior and detect signs of potential insider threats. They set up systems to track access logs, detect anomalies, and flag suspicious activities. By continuously monitoring for unusual behavior, ethical hackers can quickly identify and respond to potential insider threats before they escalate.

Best Practices for Preventing Insider Threats

To complement the efforts of ethical hackers, organizations should adopt best practices for preventing insider threats:

Implement Strong Access Controls: Limit access to sensitive data based on job roles and regularly review permissions.

Conduct Regular Security Audits: Perform periodic audits to assess the effectiveness of security controls and policies.

Promote a Security-Aware Culture: Foster an environment where employees understand the importance of data security and are encouraged to report suspicious activities.

Use Data Encryption: Encrypt sensitive data to protect it from unauthorized access, even if it is leaked or stolen.

Establish Clear Policies: Develop and communicate clear security policies and procedures for handling sensitive information.

The Importance of Cyber Security

The best cyber security certifications equip ethical hackers with the skills and knowledge needed to excel in their role. They cover a wide range of topics, including:

Advanced Threat Detection: Training on identifying and mitigating both external and internal threats.

Security Policy Development: Guidance on creating and enforcing security policies to protect data from insider threats.

Incident Response: Techniques for responding to and managing security incidents, including insider breaches.

Behavioral Analysis: Skills for monitoring and analyzing employee behavior to detect potential threats.

By obtaining these certifications, ethical hackers demonstrate their expertise in managing insider threats and protecting corporate data. Their knowledge and practical experience are critical for developing effective security strategies and ensuring organizational resilience against insider risks.

Conclusion

Securing corporate data from insider threats is a critical aspect of modern cyber security. Through comprehensive risk assessments, effective security controls, employee education, and behavioral monitoring, ethical hackers help organizations protect sensitive information and prevent data breaches.

For those pursuing a career in cyber security, obtaining the best cyber security certifications provides the expertise needed to excel in this challenging field. With their skills and knowledge, ethical hackers become essential defenders against insider threats, ensuring that corporate data remains secure in an increasingly complex digital landscape.

#threat prevention #technology #cyber security #cyber attack #ethical hacking #ethical hacker #data security #data protection #insider threats #data breach

0 notes

jcmarchi · 1 month

Text

Unmasking Privacy Backdoors: How Pretrained Models Can Steal Your Data and What You Can Do About It

New Post has been published on https://thedigitalinsider.com/unmasking-privacy-backdoors-how-pretrained-models-can-steal-your-data-and-what-you-can-do-about-it/

Unmasking Privacy Backdoors: How Pretrained Models Can Steal Your Data and What You Can Do About It

In an era where AI drives everything from virtual assistants to personalized recommendations, pretrained models have become integral to many applications. The ability to share and fine-tune these models has transformed AI development, enabling rapid prototyping, fostering collaborative innovation, and making advanced technology more accessible to everyone. Platforms like Hugging Face now host nearly 500,000 models from companies, researchers, and users, supporting this extensive sharing and refinement. However, as this trend grows, it brings new security challenges, particularly in the form of supply chain attacks. Understanding these risks is crucial to ensuring that the technology we depend on continues to serve us safely and responsibly. In this article, we will explore the rising threat of supply chain attacks known as privacy backdoors.

Navigating the AI Development Supply Chain

In this article, we use the term “AI development supply chain” to describe the whole process of developing, distributing, and using AI models. This includes several phases, such as:

Pretrained Model Development: A pretrained model is an AI model initially trained on a large, diverse dataset. It serves as a foundation for new tasks by being fine-tuned with specific, smaller datasets. The process begins with collecting and preparing raw data, which is then cleaned and organized for training. Once the data is ready, the model is trained on it. This phase requires significant computational power and expertise to ensure the model effectively learns from the data.

Model Sharing and Distribution: Once pretrained, the models are often shared on platforms like Hugging Face, where others can download and use them. This sharing can include the raw model, fine-tuned versions, or even model weights and architectures.

Fine-Tuning and Adaptation: To develop an AI application, users typically download a pretrained model and then fine-tune it using their specific datasets. This task involves retraining the model on a smaller, task-specific dataset to improve its effectiveness for a targeted task.

Deployment: In the last phase, the models are deployed in real-world applications, where they are used in various systems and services.

Understanding Supply Chain Attacks in AI

A supply chain attack is a type of cyberattack where criminals exploit weaker points in a supply chain to breach a more secure organization. Instead of attacking the company directly, attackers compromise a third-party vendor or service provider that the company depends on. This often gives them access to the company’s data, systems, or infrastructure with less resistance. These attacks are particularly damaging because they exploit trusted relationships, making them harder to spot and defend against.

In the context of AI, a supply chain attack involves any malicious interference at vulnerable points like model sharing, distribution, fine-tuning, and deployment. As models are shared or distributed, the risk of tampering increases, with attackers potentially embedding harmful code or creating backdoors. During fine-tuning, integrating proprietary data can introduce new vulnerabilities, impacting the model’s reliability. Finally, at deployment, attackers might target the environment where the model is implemented, potentially altering its behavior or extracting sensitive information. These attacks represent significant risks throughout the AI development supply chain and can be particularly difficult to detect.

Privacy Backdoors

Privacy backdoors are a form of AI supply chain attack where hidden vulnerabilities are embedded within AI models, allowing unauthorized access to sensitive data or the model’s internal workings. Unlike traditional backdoors that cause AI models to misclassify inputs, privacy backdoors lead to the leakage of private data. These backdoors can be introduced at various stages of the AI supply chain, but they are often embedded in pre-trained models because of the ease of sharing and the common practice of fine-tuning. Once a privacy backdoor is in place, it can be exploited to secretly collect sensitive information processed by the AI model, such as user data, proprietary algorithms, or other confidential details. This type of breach is especially dangerous because it can go undetected for long periods, compromising privacy and security without the knowledge of the affected organization or its users.

Privacy Backdoors for Stealing Data: In this kind of backdoor attack, a malicious pretrained model provider changes the model’s weights to compromise the privacy of any data used during future fine-tuning. By embedding a backdoor during the model’s initial training, the attacker sets up “data traps” that quietly capture specific data points during fine-tuning. When users fine-tune the model with their sensitive data, this information gets stored within the model’s parameters. Later on, the attacker can use certain inputs to trigger the release of this trapped data, allowing them to access the private information embedded in the fine-tuned model’s weights. This method lets the attacker extract sensitive data without raising any red flags.

Privacy Backdoors for Model Poisoning: In this type of attack, a pre-trained model is targeted to enable a membership inference attack, where the attacker aims to alter the membership status of certain inputs. This can be done through a poisoning technique that increases the loss on these targeted data points. By corrupting these points, they can be excluded from the fine-tuning process, causing the model to show a higher loss on them during testing. As the model fine-tunes, it strengthens its memory of the data points it was trained on, while gradually forgetting those that were poisoned, leading to noticeable differences in loss. The attack is executed by training the pre-trained model with a mix of clean and poisoned data, with the goal of manipulating losses to highlight discrepancies between included and excluded data points.

Preventing Privacy Backdoor and Supply Chain Attacks

Some of key measures to prevent privacy backdoors and supply chain attacks are as follows:

Source Authenticity and Integrity: Always download pre-trained models from reputable sources, such as well-established platforms and organizations with strict security policies. Additionally, implement cryptographic checks, like verifying hashes, to confirm that the model has not been tampered with during distribution.

Regular Audits and Differential Testing: Regularly audit both the code and models, paying close attention to any unusual or unauthorized changes. Additionally, perform differential testing by comparing the performance and behavior of the downloaded model against a known clean version to identify any discrepancies that may signal a backdoor.

Model Monitoring and Logging: Implement real-time monitoring systems to track the model’s behavior post-deployment. Anomalous behavior can indicate the activation of a backdoor. Maintain detailed logs of all model inputs, outputs, and interactions. These logs can be crucial for forensic analysis if a backdoor is suspected.

Regular Model Updates: Regularly re-train models with updated data and security patches to reduce the risk of latent backdoors being exploited.

The Bottom Line

As AI becomes more embedded in our daily lives, protecting the AI development supply chain is crucial. Pre-trained models, while making AI more accessible and versatile, also introduce potential risks, including supply chain attacks and privacy backdoors. These vulnerabilities can expose sensitive data and the overall integrity of AI systems. To mitigate these risks, it’s important to verify the sources of pre-trained models, conduct regular audits, monitor model behavior, and keep models up-to-date. Staying alert and taking these preventive measures can help ensure that the AI technologies we use remain secure and reliable.

0 notes

boatlifestyle · 3 months

Text

Data Breach Protection Measures to Protect Yourself Online

One's safety online is paramount in this century—the digital century—where data breach has emerged as a threat. Knowledge of safeguarding your data means knowledge of breaches and the associated remedial measures within your control. Following are some effective tips toward enhanced security online, focusing mainly on the protection measures against data breaches and how they can help keep your information safe, even in the event of a potential boAt data breach.

What Exactly is a Data Breach?

A data breach refers to unauthorized access or the theft of sensitive, protected, or confidential information. Different forms of organizations could be affected: businesses like boAt, government agencies, schools, banks, or even any e-commerce platform. Common elements involved in a data breach include unauthorized access to sensitive data and possible direct effects on users like you.

How Do Data Breaches Happen?

Data breaches take many forms:

Social Engineering: Hackers call, e-mail, or text people, pretending to be someone in authority or whom one trusts, such as a CEO, bank agent, customer service representative, etc., and try to extract sensitive information.

Insider Threats: An insider who has access to your data can steal it maliciously or inadvertently.

Physical Theft: Loss of devices holding your sensitive information results in a data breach.

Unsecured Networks: Logging into unsecured networks exposes your data to unwanted access.

Hacking: It is a means of exploiting the memo vulnerabilities in software to exploit sensitive information.

What Companies Do to Safeguard You

Brands like boAt data breach, Apple, Microsoft, Adobe, and Mivi individually maintain quite a lot of measures for security in terms of user data. These help in minimizing the potential damage in case of a Aman Gupta data breach:

Encryption: The data is encrypted to prevent its access by unauthorized individuals. It becomes unreadable even if it's intercepted by hackers.

Regular Security Audits: These aid in identifying vulnerabilities present in the security systems so that they can be fixed before being attacked.

Software Updates: Updates are regularly rolled out in which bugs and security vulnerabilities are weeded out. It is essential to update them to ensure safety.

How You Can Be Safe

While any company that has put all possible measures to ensure the integrity of your data did the same—like boAt did—to save you from what could have been a boAt databreach, you play a huge role, too, in your online security. Here are some tips to keep your data safe:

1. Check Your PasswordsMake strong, unique passwords for all online accounts. Never use any guessing-sensitive information, such as your birthday, the name of your beloved pet, or other special dates.

Reuse of passwords across various platforms is something one must avoid doing but if one falls into the trap and one of those passwords has been phished/hacked, then every account affiliated with that password is vulnerable to future attacks. Consider a password manager to keep your passwords safe.

2. Update:Update your apps and software from their authentic vendors only, for example, from the Google Play Store or Apple App Store. The updates from the sources not only fill the security gaps but also enhance the user's experience.

3. Multi-Factor Authentication (MFA): Enable any available version of two-factor authentication. This basically creates a second layer for checking and hence gives better security with additional steps for verification, such as answering personal questions or entering a one-time password to verify your identity.

4. Beware of Phishing:These could be phishing emails/messages that mislead you to either disclose sensitive information or even prompt you to visit links holding malware. Beware while receiving unsolicited emails or messages. These will seem to be from an authentic place like boAt. Do not click on those suspicious links or attachments and never fill your information on any website.

5. Be Very Careful with Your Accounts:Check your bank statements and reports from your credit-card company often for charges you don't recognize. You might be able to identify fraud earlier that way. Also, you can set up alerts for suspicious activity on the accounts.

6. Use a VPN on Public Wi-Fi:Use a virtual private network (VPN) when going on public Wi-Fi to encrypt your online traffic and protect your data from unwanted viewers.

7. Think Before You Share: Be very careful about the information you divulge on the internet, especially across social media circuits. Never share personal details like your residence, date of birth, phone number, etc., in the public domain.

Remain Vigilant More

The following data security measures to be taken in case of breaches will drastically increase the safety online and proactively secure personal data in view of a data breach at boAt. You have to be aware and proactive to continue as active in view of the situation.

Extra Tips:

1. Use privacy-focused search engines such as DuckDuckGo. This will help reduce the amount of data collected while you are surfing the web.

2. Be very cautious of downloading files from less trusted sources.

3. Switch on strong security settings for devices and social media accounts.

#Aman Gupta data breach #boAt data breach #data breach preventive measures #7.5 million data breach #boAt databreach

0 notes

legalfirmindia · 5 months

Text

Data Protection: Legal Safeguards for Your Business

In today’s digital age, data is the lifeblood of most businesses. Customer information, financial records, and intellectual property – all this valuable data resides within your systems. However, with this digital wealth comes a significant responsibility: protecting it from unauthorized access, misuse, or loss. Data breaches can have devastating consequences, damaging your reputation, incurring…

View On WordPress

#affordable data protection insurance options for small businesses #AI-powered tools for data breach detection and prevention #Are there any data protection exemptions for specific industries #Are there any government grants available to help businesses with data security compliance?#benefits of outsourcing data security compliance for startups #Can I be fined for non-compliance with data protection regulations #Can I outsource data security compliance tasks for my business #Can I use a cloud-based service for storing customer data securely #CCPA compliance for businesses offering loyalty programs with rewards #CCPA compliance for California businesses #cloud storage solutions with strong data residency guarantees #consumer data consent management for businesses #cost comparison of data encryption solutions for businesses #customer data consent management platform for e-commerce businesses #data anonymization techniques for businesses #data anonymization techniques for customer purchase history data #data breach compliance for businesses #data breach notification requirements for businesses #data encryption solutions for businesses #data protection impact assessment (DPIA) for businesses #data protection insurance for businesses #data residency requirements for businesses #data security best practices for businesses #Do I need a data privacy lawyer for my business #Do I need to train employees on data privacy practices #Does my California business need to comply with CCPA regulations #employee data privacy training for businesses #free data breach compliance checklist for small businesses #GDPR compliance for businesses processing employee data from the EU #GDPR compliance for international businesses

0 notes

techconnectpro · 2 years

Link

Data breaches are a significant threat to businesses of all sizes and can lead to irreversible damage. Here are few tips to minimize and prevent data breach.

#prevent data #data breach

0 notes

simply-security · 2 years

Text

Cost of a Data Breach

A data breach creates both direct and indirect costs. The cost of a data breach can vary greatly depending on several factors, including the sensitivity of the data that was lost or stolen, the number of people affected, the length of time the breach went undetected, and the costs associated with remedying the breach and any resulting damage.

According to a recent study carried out by IBM Security and the Ponemon Institute, the global average cost of a data breach is $4.35 million The same report says that 83% of organizations studied have experienced more than one data breach. Stolen or compromised credentials were the primary attack vector in 19% of breaches in the 2022 study and also the top attack vector in the 2021 study, having caused 20% of breaches. However, Eleven percent of breaches in the study were ransomware attacks, an increase from 2021, when 7.8% of breaches were ransomware, for a growth rate of 41%. Forty-five percent of breaches in the study occurred in the cloud.

Direct Costs of a data breach include engaging Security & forensic experts, lost revenue, fines, penalties, legal costs, and third-party vendor fees, etc. Indirect costs include in-house investigations and communication, diminished customer confidence, and lost reputation. Damage to a company’s reputation proves one of the most elusive costs to determine. Customers sometimes don’t complain about the breach, they just stop buying services or products.

Possible reasons for a data breach

Weak or stolen passwords.

Vulnerabilities in software or hardware

Phishing attacks

Physical theft.

Insider threats:

The recommended strategy to reduce the cost of a data breach

Data Inventory and Classification.

Multi-Factor Authentication

Protecting sensitive data with encryption

Data Loss Prevention systems

Regular Vulnerability assessment and Penetration testing

Incident response plan and regular testing.

#data breach #information security #data loss prevention #hacking

1 note · View note

taikeero-lecoredier · 6 months

Text

STOP KOSA(and cie) MASTERPOST 2024

Both KOSA and the Earn It Act bill are dangerous for the future of the Internet.

In a nutshell, KOSA would allow states to sue any websites that host content deemed “harmful” to minors. With such a vague wording, its expected that any NSFW stuff, educational ressources or LGBT content, will immediately be taken down if govts dont approve of it.

Plus, it will be made mandatory to use IDs to confirm your age when going online, to so called “protect kids” but all that will cause is a huge potential data breach and endanger more kids.

As for the Earn It Act bill, it would allow the governement to spy and filter out anything they dont like in private dms for any users,as well as blowing a hole into Section 230 : The thing that prevent websites from being directly liable in case a user post something illegal,instead of the user being punished directly. The comics I made about KOSA and Earn It Act are old but sadly still relevant. All the info you need are in this post.

•KOSA Comic •Earn It Act comic

•KOSA UPDATE + CALL SCRIPT (Made the April 11, 2024)

•When contacting your reps, you may also add that they should support better bills that will make kids (and anyone) safer by focusing on data privacy legislations instead of KOSA • Contact Congress through here https://www.stopkosa.com/ • House Energy and Commerce are the best to contact for the hearing of 17th April 2024 https://energycommerce.house.gov/representatives (the link doesnt work properly so you'll need to head to the site and select "Members" to find them)

• Find all your Congresspeople here http://badinternetbills.com/

• Find your House representative here https://www.house.gov/representatives/find-your-representative •Never forget to make tweets, posts, tiktoks, or use any social media you can think of to talk about this : Spreading the word will be crucial. As always, if you wish to help us fight against bad inetrnet bills,and have the latest infos about KOSA, consider joining our Discord server (if not, please just share it around) • https://discord.gg/pwTSXZMxnH

#kosa #kids online safety act #internet censorship #us politics #supreme court #section 230 #earn it act #net neutrality #kosa update

1K notes · View notes

probablyasocialecologist · 10 months

Text

Fifteen government departments have been monitoring the social media activity of potential critics and compiling “secret files” in order to block them from speaking at public events, the Observer can reveal. Under the guidelines issued in each department, including the departments of health, culture, media and sport, and environment, food and rural affairs, officials are advised to check experts’ Twitter, Facebook, Instagram and LinkedIn accounts. They are also told to conduct Google searches on those individuals, using specific terms such as “criticism of government or prime minister”. The guidelines are designed to prevent anyone who has criticised the government in the previous three to five years from speaking at government-organised conferences and other events.

[...]

These hidden checks are unlawful, running contrary to data protection laws and potentially breaching equality and human rights legislation. Dan Kaszeta, a chemical weapons expert, was disinvited in April from giving a keynote speech at a UK defence conference after officials found social media posts criticising Tory ministers and government immigration policy. He told the Observer this weekend that he knows of 12 others who have uncovered evidence of similar government blacklisting, most of whom are frightened of speaking out. But he said far more will be unaware they ever failed secret vetting. He said: “The full extent of this is shocking and probably not fully known. I was lucky enough to be given clearcut, obvious evidence. It’s truly awful.”

#uk politics #ukpol #surveillance #free speech #emphasis added

965 notes · View notes

zvaigzdelasas · 1 month

Text

Israeli tanks, jets and bulldozers bombarding Gaza and razing homes in the occupied West Bank are being fueled by a growing number of countries signed up to the genocide and Geneva conventions, new research suggests, which legal experts warn could make them complicit in serious crimes against the Palestinian people.

Four tankers of American jet fuel primarily used for military aircraft have been shipped to Israel since the start of its aerial bombardment of Gaza in October.

Three shipments departed from Texas after the landmark international court of justice (ICJ) ruling on 26 January ordered Israel to prevent genocidal acts in Gaza. The ruling reminded states that under the genocide convention they have a “common interest to ensure the prevention, suppression and punishment of genocide”.

Overall, almost 80% of the jet fuel, diesel and other refined petroleum products supplied to Israel by the US over the past nine months was shipped after the January ruling, according to the new research commissioned by the non-profit Oil Change International and shared exclusively with the Guardian.

Researchers analyzed shipping logs, satellite images and other open-source industry data to track 65 oil and fuel shipments to Israel between 21 October last year and 12 July.

It suggests a handful of countries – Azerbaijan, Kazakhstan, Gabon, Nigeria, Brazil and most recently the Republic of the Congo and Italy – have supplied 4.1m tons of crude oil to Israel, with almost half shipped since the ICJ ruling. An estimated two-thirds of crude came from investor-owned and private oil companies, according to the research, which is refined by Israel for domestic, industrial and military use.

Israel relies heavily on crude oil and refined petroleum imports to run its large fleet of fighter jets, tanks and other military vehicles and operations, as well as the bulldozers implicated in clearing Palestinian homes and olive groves to make way for unlawful Israeli settlements.

In response to the new findings, UN and other international law experts called for an energy embargo to prevent further human rights violations against the Palestinian people – and an investigation into any oil and fuels shipped to Israel that have been used to aid acts of alleged genocide and other serious international crimes.

“After the 26 January ICJ ruling, states cannot claim they did not know what they were risking to partake in,” said Francesca Albanese, the UN special rapporteur on the occupied Palestinian territory, adding that under international law, states have obligations to prevent genocide and respect and ensure respect for the Geneva conventions.[...]

“In the case of the US jet-fuel shipments, there are serious grounds to believe that there is a breach of the genocide convention for failure to prevent and disavowal of the ICJ January ruling and provisional measures,” said Albanese. “Other countries supplying oil and other fuels absolutely also warrant further investigation.”

In early August, a tanker delivered an estimated 300,000 barrels of US jet fuel to Israel after being unable to dock in Spain or Gibraltar amid mounting protests and warnings from international legal experts. Days later, more than 50 groups wrote to the Greek government calling for a war-crimes investigation after satellite images showed the vessel in Greek waters.

Last week, the US released $3.5bn to Israel to spend on US-made weapons and military equipment, despite reports from UN human rights experts and other independent investigations that Israeli forces are violating international law in Gaza and the occupied West Bank. A day later, the US approved a further $20bn in weapons sales, including 50 fighter jets, tank ammunition and tactical vehicles.

The sale and transfer of jet fuel – and arms – “increase the ability of Israel, the occupying power, to commit serious violations”, according to the UN human rights council resolution in March.

The US is the biggest supplier of fuel and weapons to Israel. Its policy was unchanged by the ICJ ruling, according to the White House.

“The case for the US’s complicity in genocide is very strong,” aid Dr Shahd Hammouri, lecturer in international law at the University of Kent and the author of Shipments of Death. “It’s providing material support, without which the genocide and other illegalities are not possible. The question of complicity for the other countries will rely on assessment of how substantial their material support has been.”[...]

A spokesperson for the Brazilian president’s office said oil and fuel trades were carried out directly by the private sector according to market rules: “Although the government’s stance on Israel’s current military action in Gaza is well known, Brazil’s traditional position on sanctions is to not apply or support them unilaterally.

Azerbaijan, the largest supplier of crude to Israel since October, will host the 29th UN climate summit in November, followed by Brazil in 2025.[...]

The Biden administration did not respond to requests for comment, nor did Vice-President Kamala Harris’s presidential election campaign team.

Israel is a small country with a relatively large army and air force. It has no operational cross-border fossil fuel pipelines, and relies heavily on maritime imports.[...]

The new data suggests:

•Half the crude oil in this period came from Azerbaijan (28%) and Kazakhstan (22%). Azeri crude is delivered via the Baku-Tbilisi-Ceyhan (BTC) pipeline, majority-owned and operated by BP. The crude oil is loaded on to tankers at the Turkish port of Ceyhan for delivery to Israel. Turkey recently submitted a formal bid to join South Africa’s genocide case against Israel at the ICJ.

•African countries supplied 37% of the total crude, with 22% coming from Gabon, 9% from Nigeria and 6% from the Republic of the Congo.

•In Europe, companies in Italy, Greece and Albania appear to have supplied refined petroleum products to Israel since the ICJ ruling. Last month, Israel also received crude from Italy – a major oil importer. A spokesperson said the Italian government had “no information” about the recent shipments.

•Cyprus provided transshipment services to tankers supplying crude oil from Gabon, Nigeria, and Kazakhstan.[...]

Just six major international fossil-fuel companies – BP, Chevron, Eni, ExxonMobil, Shell and TotalEnergies – could be linked to 35% of the crude oil supplied to Israel since October, the OCI analysis suggests. This is based on direct stakes in oilfields supplying Israeli and/or the companies’ shares in production nationally.[...]

Last week, Colombia suspended coal exports to Israel “to prevent and stop acts of genocide against the Palestinian people”, according to the decree signed by President Gustavo Petro. Petro wrote on X: “With Colombian coal they make bombs to kill the children of Palestine.”

20 Aug 24

202 notes · View notes

dduane · 2 years

Text

WARNING: *major* Twitter data breach...

...Whoopee. See the full thread here for details. (Also here.) Tl:dr; The data of some 400,000,000 Twitter users has been leaked and is being more or less held for ransom. (See the image above, in which Musk is invited to buy the data to take it out of possible circulation and thereby save himself huge GDPR fines.)

Granted, there are some imponderables about this—such as: does the breach-advertiser above really have all the data they say they do? But their published examples have apparently been verified as genuine. ...In any case, though, if you’re using SMS for your 2FA with Twitter, probably your best protection is to contact your phone provider and get them to create a PIN for your number, so as to prevent your phone being simjacked by someone who’s bought your data. (It’s not a bad idea to do this anyway, if you’re at risk from this kind of thing... but the current issue adds some urgency. I’ve been using it myself, and would have changed it recently except that, in the wake of the mass firings at Twitter, the app that handled their 2FA went down. Must confirm whether it’s back up again so that I can at the very least change my password, or move my 2FA to Google Authenticator or similar.)

Particularly at risk in this attack: old-style “blue check” users. ...So if by chance you’re one of these: please take note, and take action to protect yourself. No telling what’s going to wind up happening to this data in even the medium term.

(ETA: I note in passing—since I was just going over to take a look at it—that paste.ee has removed one of the “example” files of leaked names as a violation of its TOS. Not really a surprise, I guess...)

#Twitter #Twitter breach

1K notes · View notes

bad-tf-fic-ideas · 5 months

Text

(227) Following a non-critical data breach in the Victory (caused by Rumble and Frenzy), the local humans discover and disseminate Megatron's polemic poetry and it strikes a chord with broad swathes of the population.

This brings the struggle of the Cybertronian civil war into the limelight and exposes both Autobot and Decepticon policy to more aggressive interrogation from human sources than previously. Now, instead of simply accepting that the Decepticons are just assholes who are attacking power sources and the Autobots are the staunch protectors of humanity, the humans have loud, passionate, violent opinions of their own about who has the right of things.

The humans can accomplish much in short periods and can provide the Decepticons with terrain and resource advantages. So Megatron, initially dismissive of the human factor, pivots with the ballerina-like grace of someone who has been manipulating crowds for longer than humans have existed. (Not all Decepticons are as adaptive.)

Optimus Prime, on the other hand, slowly feels like he's descending into some Dali-esque surrealist nightmare. "Do you understand," he asks, giving each word its due deliberation before he syntheises it, "that Megatron's literary accomplishments — though tremendous — will not prevent him from killing you all when he cyberforms your planet?"

#tf fic ideas #maccadam #megatron #optimus prime #'Megatron's literary accomplishments will not stop him from killing you when he wrecks your planet.' Ask Optimus how he knows! :)

103 notes · View notes