LIVE · cybersecurity feed
ai

Flock Cameras Can Surveil Cars Without License Plates

zeroday.news·5d ago

Law enforcement agencies using Flock Safety's automated license plate reader (ALPR) cameras can identify vehicles even without a visible license plate, according to a company presentation from 2024. The system, which Flock refers to as "Vehicle Fingerprint," collects and analyzes various visual characteristics of a vehicle to aid investigations.

This technology allows officers to search for vehicles based on details such as decals, bumper stickers, roof racks, and temporary or unique state license tags. Flock promotes this capability as a method for law enforcement to gather crucial information when full license plate data is unavailable, thereby strengthening cases with limited initial information.

Furthermore, Flock's platform enables police to conduct "multi-geo searches," a feature designed to locate multiple vehicles believed to be traveling together. This functionality allows investigators to track groups of vehicles and understand their movements.

The concept of using habitual proximity to track individuals or vehicles is not new. This approach predates widespread artificial intelligence applications and has historical parallels in data surveillance. For instance, Edward Snowden's revelations indicated the National Security Agency (NSA) utilized cell phone location data to monitor phones frequently located near each other.

While Flock's capabilities raise privacy concerns, the broader issue of location data surveillance extends beyond this specific technology. Access to extensive cell phone location data by various entities can enable similar tracking and surveillance activities.

Flock Safety's ALPR cameras are deployed by numerous law enforcement agencies across the United States. The company states its technology is intended to help solve crimes and improve public safety. However, critics have raised concerns about the potential for misuse and the erosion of privacy associated with such widespread surveillance systems.

The "Vehicle Fingerprint" feature highlights how ALPR systems are evolving beyond simple license plate recognition. By incorporating a wider array of vehicle identifiers, these systems can create more comprehensive profiles of vehicles and their movements, potentially impacting privacy for all drivers.

The ability to track vehicles based on non-plate identifiers and to identify groups of vehicles moving in concert raises significant questions about data privacy and the scope of law enforcement surveillance. These developments underscore the ongoing debate surrounding the balance between security needs and individual liberties in an increasingly connected world.

ai
← Back to latest

More News

view all →
zeroday.news · 4h ago·high

Operationalizing Day Minus Seven: The Cloud-Native ROC

The article introduces the concept of a Risk Operations Center (ROC) as a necessary evolution for cybersecurity teams facing AI-driven threats. It argues that traditional risk management models are insufficient due to the speed at which AI can discover and exploit vulnerabilities, especially in cloud environments. A ROC, powered by platforms like Qualys Enterprise TruRisk Management (ETM), aims to unify disparate security findings, hyper-prioritize risks based on exploitability and business impact, and enable autonomous remediation to keep pace with attackers.

zeroday.news · 4h ago·high

3 Ways AI Powers Service Desk Attacks and How to Prevent Them

Artificial intelligence is increasingly being used by attackers to enhance service desk attacks, particularly during employee onboarding. AI tools can create more convincing impersonations, accelerate reconnaissance for personalized attacks, and scale malicious campaigns. To counter these threats, organizations need to implement stronger identity verification methods, such as secure password delivery, biometric liveness detection, and multi-factor authentication before sensitive actions are approved.

zeroday.news · 3h ago·high

China-Linked APT Expands Arsenal With New ‘Leash’ Backdoors

A China-linked advanced persistent threat (APT) group, identified as LapDogs, has reportedly enhanced its malicious toolkit. Security researchers have observed the deployment of three new backdoors: LongLeash, DogLeash, and JarLeash, which are designed to compromise small office/home office (SOHO) routers.

zeroday.news · 3h ago·high

RedWing Android Spyware Sold as a Service on Telegram

A new Android spyware called RedWing is being offered as a service on Telegram, allowing less sophisticated attackers to compromise phones and steal banking information. Researchers have identified it as a polished malware-as-a-service operation with extensive documentation and a subscription model, potentially linked to Russian threat actors. RedWing employs fake login overlays, SMS interception, call forwarding, and even screen control to harvest credentials and conduct further malicious activities.

zeroday.news · 4h ago·critical

Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS

Ubiquiti has released security updates to address several critical vulnerabilities affecting its UniFi product line, including UniFi Connect, Talk, Access, Protect, and OS. These flaws could allow attackers to escalate privileges or execute arbitrary commands on affected devices. While no active exploitation has been reported for these specific vulnerabilities, the company has previously seen its UniFi OS and Edge OS products targeted by threat actors.

zeroday.news · 4h ago·high

Armored Likho Hits Government, Energy Sectors With BusySnake Stealer

Cybersecurity researchers have identified a new threat actor, dubbed Armored Likho, targeting government and energy sectors in Russia, Kazakhstan, and Brazil with a sophisticated phishing campaign. The operation utilizes a custom-built Python infostealer named BusySnake, designed to steal credentials, sensitive documents, and other high-value data. The attackers employ AI-generated payloads to obscure their activities and maintain persistence through various methods, including reverse SSH tunneling.