Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

National Cyber Security
cyber espionage Featured National Cyber Security

Russia, India and other Asian countries targeted by Chinese Hackers


According to the Kaspersky Lab's third quarter report, 10 out of the 24 targeted cyber attacks were organized by groups of Chinese speaking hackers.

Experts at Kaspersky said one of the main targets of these cyber criminals was Russian Federation.  They also have targeted other Asian countries which includes India, Mongolia.

In July, Kaspersky detected a cyber espionage campaign(referred as "IronHusky") targeting Russian and Mongolian government, aviation companies, and research institutes.  The incident happened shortly after both countries conducted talks on cooperation in several projects relating to the Air Defense of Mongolia.

Another cyber attack was discovered targeting the Russia and India.  This attack happened after India and Russia signed a much awaited agreement to expand a nuclear power plant in India, as well as further define the defense cooperation between the two countries.  Energy sectors of both countries were targeted with a malicious program named as "H2ODecomposition". 

The experts said that in some case, this malicious software was masquerading as a popular Indian anti-virus solution "QuickHeal".

Kaspersky also noted that Netsarang and CCleaner tools were also targeted by these Chinese-speaking hackers.  The attackers infected the installation packages with a malicious code and hosted on Netsarang distribution site.  Introduction of malicious code into the legitimate software would allow attackers to penetrate the networks of many organizations.

- Christina

Read more »

Cyber Terrorists ‘Could Kill Millions’ by Hacking Cars, Experts Warn

Modern cars could be used as a deadly weapon against citizens by terrorist hackers working for enemy states, experts have warned.

A computer scientist at New York University, Justin Cappos has said that it is possible to hack the computer system of any car built since 2005.

Some vehicles 17 years old are vulnerable to cyber attacks unless the car makers remove the vulnerability.

He said: “If there was a war or escalation with a country with strong cyber-capability, I would be very afraid of hacking of vehicles.

“Many of our enemies are nuclear powers but any nation with the ability to launch a cyber-strike could kill millions of civilians by hacking cars. It’s daunting.

“Once in, hackers can send messages to the brakes and shut off the power steering and lock people in the car and do other things that you wouldn’t want to happen.”

Dr. Cappos says this vulnerability should be treated as an 'urgent' national security issue, writes The Times.

Currently, there are nine million WiFi-connected cars on UK roads alone and all these cars are connected to more than 100 electronic control systems.

The Society of Motor Manufacturers and Traders said new car manufacturers have to take responsibility for the security of the products and its customers.

“Manufacturers must be accountable. A lot only want to do the minimum — security can be expensive and too many see it only as a tickbox exercise”, he warned.
Read more »

Aadhaar details Published over 200 Government Websites

The Unique Identification Authority of India (UIDAI) on Sunday has divulged that more than 200 central and state government websites have published the names and addresses of some Aadhaar beneficiaries.

The official said, “However, it was found that approximately 210 websites of the central government, state government departments including educational institutes were displaying the list of beneficiaries along with their name, address, other details and Aadhaar numbers for information of general public”.

In response to an RTI query, the Aadhar issuing body confirmed the breach but didn't disclose when it took place. However, the official said that the data of all victims from those websites after the breach was noticed.

The UIDAI further stated, “UIDAI has a well-designed, multi-layer approach robust security system in place and the same is being constantly upgraded to maintain the highest level of data security and integrity.”

"Various policies and procedures have been defined, these are reviewed and updated continually thereby appropriately controlling and monitoring any movement of people, material, and data in and out of UIDAI premises, particularly the data centers," the UIDAI said.

According to the Aadhar authority, they regularly conduct security audits to strengthen security and privacy of data.  Besides this, they ensure all possible steps are taken to make the data safer and protected.
Read more »

Pakistani Hackers bring down Chennai customs website

Chennai customs website was hacked by a group of Pakistani hackers on Friday, disabling access to its home page and content.

The Homepage of the website displayed ‘Go Modi Go'. The reason behind this hack was to, “Free Kashmir — Freedom is our goal. Indian Penal Code Act No. 45 of 1860 CHAPTER – II SEC 18: India – India means the territory of India excluding the State of Jammu and Kashmir.”

The group is identified as 'Team Pak Cyber Skullz'.

The hackers posted comments against India and Prime Minister Narendra Modi. They even raised a question against the ongoing situation in Kashmir and democracy in the country. They wrote on the website, “Doodh Maangoge Gay Kheer Dengee, Kashmir Maangoge Cheer Dengee.”

After the report of the hack, Indian Information Technology professionals immediately took the website under their control.

An officer with the cyber crime wing said, "The group carried out the attack at 10am and had control of the website for at least two hours before a technical team reclaimed control for the customs department."

However, the website is still not working. A message on its home screen said: "SERVER UPGRADE ...UNDER MAINTENANCE..."


Read more »

Forever 21's Payment Card Security System acessed



Forever 21, one of the most popular fashion retailer, is the latest retailer to fall a victim of a credit card breach that might affect thousands of customers.

On Tuesday, the company revealed that they were recently notified by a third party about the   "unauthorized access to data from payment cards that were used at certain Forever 21 stores."
Forever21 said that they immediately began an investigation of its payment card systems. An unnamed cyberforensics firm has also been pulled in to try and ascertain the extent of the breach, should this have occurred.

The Los Angeles-based clothier hasn't  revealed the exact number of how many customers could be potentially affected or where the stores are located.

According to the firm, "Because of the encryption and tokenization solutions that FOREVER 21 implemented in 2015, it appears that only certain point of sale devices in some FOREVER 21 stores was affected when the encryption on those devices was not in operation."

The investigators are focussing on the transactions made in store from March to October this year.

The company has advised all its customers "to closely monitor their payment card statements. If customers see an unauthorized charge, they should immediately notify the bank that issued the card. Payment card network rules generally state that cardholders are not responsible for such charges."




Read more »

Cash Converters faces massive data breach

High Street pawnbroker Cash Converters has revealed that they have suffered a data breach that could affect a number of customers.

The company, which trades second-hand jewelry and electronics, has notified all its customers on Thursday by emails.

Cash Converters said that they had discovered that a third party gained unauthorized access to its old online website, which was taken down in September 2017.

According to  MoneySavingExpert, people who had Webshop accounts on older website cashconverters.co.uk  could be at higher risk.

Hackers may have accessed customer's personal details including usernames, passwords and purchase history from a website that was run by a third party, but they confirmed that no credit card data has been compromised.

The current webshop site is not affected, the firm said.

A statement released by the Cash Converters said: "Along with the relevant authorities we are investigating this as a matter of urgency.

"We are also actively implementing measures to ensure that this cannot happen again."
Read more »

UK cyber security chief accuses Russia of attacks

Amid reports of Russian interference in the Brexit referendum, a UK government official said on Wednesday that Russian cyber operatives have attacked Britain's media, telecommunications and energy sectors over the past year.

"Russia is seeking to undermine the international system. That much is clear," Ciaran Martin, head of Britain's National Cyber Security Centre (NCSC) said at a London tech conference.

Though Martin said Russia is among the hostile threats posing a growing threat, alongside that from “rampant criminality”, he declined to provide any details on the attacks.
“The Prime Minister sent Russia a clear message on Monday night – we know what you are doing, and you will not succeed,” he told the summit.

The centre has coordinated the government's response to 590 significant incidents since its launch in 2016, although the government agency has not detailed which were linked to Russia.

“I can’t get into too much of the details of intelligence matters, but I can confirm that Russian interference, seen by the NCSC, has included attacks on the UK media, telecommunications and energy sectors.

Martin warned that the “international order as we know it is in danger of being eroded” amid a record number of detected cyber attacks and hacking attempts.

The remarks come after Prime Minister Theresa May on Monday accused Russia of spreading disinformation, echoing a heated debate in the United States over alleged Russian interference in the 2016 presidential election.

May on Monday accused Moscow of "seeking to weaponise information" and "sow discord in the West and undermine our institutions".

Russia's cyber activities include "deploying its state-run media organisations to plant fake stories and photo-shopped images", she said in a speech.

Researchers at the University of Edinburgh concluded that 400 fake Twitter accounts believed to be run from Russia published posts about Brexit in an apparent attempt to influence the EU referendum.

Russia, though has strongly denied any election interference in the United States.
Read more »

WhatsApp: Deleted messages can be read using Third-Party app



WhatsApp rolled out ‘Delete for Everyone’ feature for everyone around the world, but using a third party app you can retrieve the deleted messages.

A Spanish Android blog Android Jefe claims that the deleted messages can be easily accessed by anyone regardless whether the sender has deleted it. "What we found is that the messages are stored in the notification register of the Android system. So, it's just a matter of entering that record to see the messages that the other person deleted," the blog said.

According to the blog, users who have  Android 7.0 Nougat or higher version can simply read the deleted messages via a third-party app called Notification History.  One has to download the Notification History app from Google Play Store, then they will be able to see a message that has been deleted in the Android Notification log.

“What we found is that the messages are stored in the notification register of the Android system. So, it’s just a matter of entering that record to see the messages that the other person deleted. The Notification History application is a shortcut to that record,” the post reads.

You can use another third party launcher like Nova Launcher, with this you don't have to download a third party to access deleted messages. Press the home screen for a long period of time, and then click on Widgets, tap on activities,   then Notifications log will launch to view notification log of the system.

However, both these third-party method work for the first 100 characters only. It means that users will only be able to read the first 100 characters of the deleted messages, and they won't be able to see the deleted photos and videos. 
Read more »

Toast Overlay Message Exploit Found on the Google Play Store

A few months back, an Android toast overlay message exploit abused the toast overlay system to craft a full-screen overlay pushed through the toast notification itself. This allowed a malicious attacker to craft a UI window through a toast overlay which made users unknowingly enable administrator access for an application or enable accessibility services for the application. Now, it seems, this overlay exploit attack has been found in the Google Play Store, with the attack detected as ANDROIDOS_TOASTAMIGO by TrendMicro. The exploit, found in the Google Play Store, was found in many applications including one with over 500,000 downloads as of November 6th, 2017.

Toastamigo is the first weaponisation of the concept and it affects all versions of Android except for Android Oreo and devices which have received the September 2017 or later security patch. Asking users to grant accessibility service access, the applications in question then used the exploit to draw an “analysing apps” overlay over the screen as it began to grant itself administrator access and install another application on the device dubbed Clickamigo, by formulating tap actions using the accessibility service granted. This works because the user does not need to grant window overlay access so the regular user won’t notice if anything seems malicious.
Clickamigo seems to be the main purpose of the attack. Loading ad networks and using a proxy server when they don’t load, Clickamigo simply clicks AdMob or Facebook ads to make the original creator of the application a profit. The application then protects itself through similar methods of giving itself administrator access and accessibility service access, along with disabling mobile security apps on the device and even rating itself on the Google Play Store.

It just goes to show that just because an application is available in the Play Store, it does not mean that it is safe. Users should still be careful of the applications they install and use.
Read more »

iPhone X's Face ID fooled using $150 Mask

Security researchers in Vietnam are claiming to have bypassed Apple's Face ID facial recognition technology with a composite mask of 3-D-printed plastic that cost less than $150.

Security firm Bkav released a blog post and video showing the hack achieved by them, but there are a number of unanswered questions which leave room for doubt about the applicability.

In a blog post on the Bkav website, the firm has explained on how they created a  mask. "We had an artist make it by silicone first. Then, when we found that the nose did not perfectly meet our demand, we fixed it on our own, then the hack worked. That's why there's a part on the nose's left side that is a different color (photo attached). So, it's easy to make the mask and beat Face ID."

Then they added, "some special processing on the cheeks and around the face, where there are large skin areas, to fool [the] AI of Face ID."

According to the Bkav researchers, the potential targets are billionaires, leaders of major corporations, national leaders, and agents like FBI need to understand the Face ID's issue.

However, Bkav declined to clarify on questions regarding the clarity of the hack at the time of publication.


Read more »
Spy Agency
Cyber Security News Kaspersky National Cyber Security Spy Agency

UK spymasters suspect Russia is using Kaspersky to spy on people

 

British Intelligence service is reportedly worried that Kaspersky Antivirus offered by Barclays to its customers may be being used by Russian Intelligence agency to spy, according to The Financial Times.

An unnamed official told The Financial Times that GCHQ, British intelligence agency has concerns over widespread distribution of Kaspersky in the UK.

Intelligence officials fear that this might allow Russia to gather intelligence from the computers of Government employees members of the military who are customers of the Bank and have downloaded the software.

The Financial Times added that "No evidence suggests that any data of Barclays customers have been compromised by use of Kaspersky software on their computers."

However, the bank said they were planning to end the deal with Kaspersky for commercial reasons that doesn't have any connection with the GCHQ concerns.

Kaspersky denied the allegations and said the company does not have inappropriate ties with any government.

"No credible evidence has been presented publicly by anyone or any organization. The accusations of any inappropriate ties with the Russian government are based on false allegations and inaccurate assumptions, including the claims about Russian regulations and policies impacting the company." Kaspersky said.

Earlier this year, US Spymasters and FBI chief said that they do not trust software from Russian antivirus company Kaspersky.

- Christina
 
Read more »
Subscribe to: Comments (Atom)