Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Russian teenager stole customer database to avenge the Telecom company

The Prosecutor's Office of the city Engels condemned the 18-year-old citizen for hacking one of the service providers. The young man took revenge on the company, because previously the provider canceled the contract, but the bills kept coming. So, hacker decided to punish the company.

According to the local news report, the hacker gained access to the telecommunication site from his home computer. He also managed to access the information of over 7000 subscribers.

In addition, he started to sell stolen information in social networks for up to 18 thousand Rubles(19,000 Rupees). It turned out that hacker studied computer science in College. So, it helped him to create the malicious program that allowed him to steal the accounts.

The accused will be punished in the form of one year of restriction of freedom.

- Christina

Read more »
North Korean Hackers
cryptocurrency Cyber Attacks digital currency North Korean Hackers

South Korean Newspaper Reports North Korean Hackers Behind Attacks on Cryptocurrency Exchanges

Chosun Ilbo, a major South Korean newspaper, on Saturday reported that according to a South Korean spy agency, North Korean Hackers were behind the theft of about $6.99 million (7.6 billion won) worth of cryptocurrencies this year, which now amount to almost $82.7 million (90 billion won).

The report said that these attacks included the theft of cryptocurrencies from accounts at exchanges Yapizon (now called Youbit), and Coinis, in April and September.

According to the report by the newspaper, the leaks of the personal information of about 36,000 accounts from Bitthumb, a major cryptocurrency exchange, in June were also connected with North Korean hackers, as discovered by the country’s National Intelligence Service (NIS).

Again citing NIS, Chosun Ilbo also reported that these hackers had demanded around $5.5 million (6 billion won) in return for deleting the stolen information.

These hackers were also responsible for another attack on about 10 other exchanges in October which was stopped by Korea Internet Security Agency (KISA), as per the report.

The newspaper also reported that according to NIS, the malware used in the emails to hack the exchanges were made with a similar method to the one used in hacking Sony Pictures in 2014 and the Central Bank of Bangladesh in 2016 and that the email ids used in the attacks were also North Korean.
Read more »

Google to take action against misleading news sites

Amid a growing clamour against fake content online, Google has announced it may take off from its news index the websites which conceal information about their ownership, primary purpose, country of origin or mislead users.

In a set of new guidelines, the search engine said it aims to organise the entire world's news and make it accessible to readers, while providing the best possible experience for those seeking useful and timely news information.

“Do not misrepresent yourself or your purpose. Sites included in Google News must not misrepresent, misstate, or conceal information about their ownership or primary purpose, or engage in coordinated activity to mislead users. This includes, but isn't limited to, sites that misrepresent or conceal their country of origin or are directed at users in another country under false premises," the search engine said.
The technology behemoth stressed that clear attribution and original reporting is an important factor for inclusion in Google News index, besides the use of datelines and bylines in content for websites publishing “news”.

“If your site publishes aggregated content, separate it from your original work, or restrict our access to aggregated articles via a robots.txt file,” it said.

Citing feedback from its users, Google said they value news sites with author biographies and clearly accessible contact information, such as email and physical addresses and phone numbers.

The guidelines also made it clear that “advertising and other paid promotional material” on news pages “cannot exceed your content”.

Google News may also remove sites participating in “other misleading practices not listed in these guidelines”, the Mountain View, the California-headquartered company said.

“Failure to follow these guidelines may result in the removal of your article(s), or the entire site, from Google News,” it added.
Read more »
Sebi.
Bitcoin Bitcoin investment Cyptocurrency Sebi.

The descend of SEBI on illicit coin offers

Everyone's eyes are presently on SEBI which has descended vigorously on unlawful 'initial coin offers' seeking for public or open ventures with a guarantee of significant yields from Bitcoins and other virtual monetary forms ,without any regulatory regime. Be that as it may, Sebi also isn't quick to take on the mantle of an administrative for such 'trading', as the underlying product, which is Bitcoin or any other such cryptographic currency, that isn't an approved product by RBI or some other agency.

In the meantime, it also cannot allow naïve financial specialists to be taken for a ride with unlawful guarantees by these trades and those asserting to be 'mint' digital forms of money. As of now a number of them are suspected to be indulging in false exercises.

These days a great deal of 'coin offerings' being made in India are nothing but fake shell games or fraudulent business models, which together sooner or later give auxiliary purchasing and offering in bitcoins or the other distinctively established digital currencies.

As of late the RBI had made open its dissatisfaction for every such currencies, having said that it has not affirmed any of them, at the same time the tax authorities have consistently been leading inquiries at different trades and have believed to have gathered data on huge measures of sections also including those of HNI's who could have traded there.

The regulators and the government agencies are too in a condition of problem as forcing an assessment would add up to giving a lawful status to such monetary forms, for which any agreement remains subtle given the colossal dangers, including money laundering and terrorist financing , attached with such exercises.

However, what has left the regulators flummoxed is a gravity-defying bitcoin rally to over Rs 10 lakhs for each unit, sprinkled with 'stories' of individuals making crores from thousands.

The RBI has, then again, kept issuing notices since 2013, from the time when the surge in bitcoins caught the attention of Indians. Yet the dangers have multiplied many now, in the wake of a huge spurt in the valuation of numerous such virtual currencies with a rapid development in the Initial Coin Offerings (ICOs).

Although a few entities have started falling back on ICOs to raise funds from investors, including HNI's and other individuals, who are getting lured into assertions of huge returns from bitcoins and other such variations, clearly getting fabricated in the digital world yet in addition reaching out to this present reality.

Read more »

BlackBerry’s 7-Pillar Recommendation to harden Cybersecurity for Automobiles

Auto cybersecurity is one of the most important agendas because with advancing technology automobiles are now exponentially connected to the Internet and other systems, which can be easily targeted by bad elements of the society and would result in dangerous outcomes.

BlackBerry published a 7-Pillar recommendation for auto manufacturers which can provide a significant solution to harden automobile electronics from attack.

There are basically four industry trends that make modern vehicles vulnerable to cyber attacks and failures: vehicles access, software control, autonomous driving, and the changing state of software.

 Through their whitepaper, the company recommended changes via a seven pillar approach:

1) Secure the supply chain: Ensure that every chip and electronic control unit (ECU) in the automobile can be properly authenticated (via certificates) and are loaded with trusted software, irrespective of vendor tier or country of manufacture.
a)  Code Scanning: Use sophisticated binary static code scanning tools during software development to provide an assessment which includes: open source code content, the exposure of this open source code to common vulnerabilities and indicators of secure agile software craftsmanship.

2) Use Trusted Components: Use a recommended set of components (hardware and software) that have proper security and safety features and have been verified to be hardened against security attacks.

3) Isolation:  Use an electronic architecture for the automobile that isolates safety critical and non-safety critical ECUs and can also “run-safe” when anomalies are detected.

4) In Field Health Check:  Ensure that all ECUs software has integrated analytics and diagnostics software that can capture events and logs and report the same to a cloud-based tool for further analysis and preventative actions.

5) Rapid Incident Response Network: Create an enterprise network to share common vulnerabilities and exposures (CVE) among subscribing enterprises such that expert teams can learn from each other and provide bulletins and fixes against such threats.

6) Life Cycle Management System: When an issue is detected, using Pillar 4, proactively re-flash a vehicle with secure over-the-air (OTA) software updates to mitigate the issue. Manage security credentials via active certificate management. Deploy unified end point policy management to manage, among other things, applications downloaded over the lifetime of the car.

7) Safety/Security Culture: Ensure that every organization involved in supplying auto electronics is trained in safety/security with best practices to inculcate this culture within the organization. This training includes a design and development culture as well as IT system security.

"Protecting a car from cybersecurity threats requires a holistic approach," Sandeep Chennakeshu, President of BlackBerry Technology Solutions, said in a statement. "Leveraging our experience as a leader in cybersecurity and embedded automotive software, BlackBerry has created a recommended framework to protect cars from cybersecurity threats. If followed, we believe vehicles will not only be secure but BlackBerry Secure."


Read more »
net neutrality
communication FCC free internet net neutrality

Net Neutrality Repealed in US by FCC

In a 3-2 vote on Thursday, the Federal Communications Commission, in response to a proposal by Ajit Pai, Chairman of the FCC, has accepted the discard of the net neutrality rules that stopped broadband providers from blocking websites, charging extra for higher-quality service, or certain content.

These regulations were created to ensure that providers treat all internet traffic equally and the dismantling of net neutrality has caused outrage and panic among U.S. citizens on the social media.

This action has reversed their 2015 decision to have stricter and stronger oversight over internet providers to ensure the safety of free communication online.

The commission’s chairman, Ajit Pai, has defended the vote saying that this would ultimately benefit the customers as corporations like AT&T and Comcast would be able to provide them a wider range of services, adding that this move would encourage competition and prove as an incentive to build networks.

However, the general consensus seems that this is a move in favor of large corporations and not the consumers. This will also affect start-ups and smaller companies as they have to pay to reach a wider audience.

Democratic Leader Nancy Pelosi described this decision as "a stunning blow" to the promise of a free and open Internet.

"With this unjustified and blatant giveaway to big providers, FCC Chairman Ajit Pai is proving himself an eager executor of the Trump Administration's anti-consumer, anti-competition agenda," Pelosi said.

After the uproar caused over this decision, major broadcast providers like AT&T and Comcast have promised their customers that their online experience will not change, but many are skeptical that companies will not adhere to their promise now that there is lighter regulation over their activities.

Several public interest groups and democratic state attorneys have allegedly promised to file a suit to stop this change.
Read more »

Indian-American student confess to launching cyber-attack on U.S. University

An Indian-American student has pleaded guilty to creating a giant devastating Mirai botnet, which spread via vulnerabilities in Internet-connected devices, resulted in widespread internet disruptions.

Paras Jha, 21, a former Rutgers University student and two other men Josiah White, 20, and Dalton Norman, 21,  are pleaded guilty by the federal court on Friday to charges involving computer crimes which includes writing code, sale and use of the two botnets,   the Department of Justice announced.

According to court documents, Jha had executed a series of attacks on the networks of Rutgers University between November 2014 and September 2016,  which caused a massive damage to the university, its faculty, and its students.

“Paras Jha has admitted his responsibility for multiple hacks of the Rutgers University computer system,” Acting U.S. Attorney William Fitzpatrick said in a statement on Wednesday.

“These computer attacks shut down the server used for all communications among faculty, staff, and students, including assignment of coursework to students, and students’ submission of their work to professors to be graded,” he said.

“The defendant’s actions effectively paralyzed the system for days at a time and maliciously disrupted the educational process for tens of thousands of Rutgers’ students.

“Yesterday, the defendant has admitted his role in this criminal offense and will face the legal consequences for it,” Mr. Fitzpatrick said.

Whereas, Jha’s father, Anand Jha, has denied all allegations against his son. "Nothing of the sort of what has been described here has happened."

Read more »

Hackers hijack Starbucks wi-fi provider to mine cyptocurrency

A caffeine peddling Starbucks store in Buenos Aires is not the place you'd expect to find illegitimate cryptocurrency mining to go alongside your venti triple shot skinny mint latte. But when Noah Dinkin, CEO of Stensul, a platform that helps marketers craft emails, visited the branch last week, he discovered that the one of the store’s Wi-Fi provider was hijacking his laptop to mine digital currency.

It turns out the hotspot had been hijacked and injected with malware that syphons off processor power to crunch the calculations needed to generate or 'mine' cryptocurrency, Monero in this case.

Starbucks has acknowledged that visitors to its Buenos Aires branches were unwittingly recruited into a crypto-currency mining operation, though mining malware was not meant to be on the menu.
Starbucks said that it had taken "swift action" to address the problem. When Dinkin alerted the coffee-pushing company to the infection, Starbucks got its internet service provider to purge the malware from the network. So it would appear that this is the work of a hacker rather than a way for Starbucks to make some extra cash on the side.

At the time, a Starbucks spokesperson stated that the issue was resolved quickly and wasn’t widespread, but Dinkin disagreed on the latter point. “This was observed by a friend and me in three separate Starbucks stores in Buenos Aires over multiple days following my original tweet, that week,” he wrote on Twitter on Wednesday. “It wasn't just one store.”

It is not known who was behind the mining operation.

When Motherboard reached out to the Argentine internet provider responsible for Starbucks’ Wi-Fi in Buenos Aires—Fibertel—the company blamed hackers for planting the miner code on their network.

But this is an evolution of a popular scheme. One expert said the incident highlighted the risks of using public wi-fi.
Read more »

How safe is NATWEST to stash money

Its all about an email that strikes no less fear among the net users who have reasons to raise doubts over the guarantee of safety and security.

 The fear of being a victim strikes a visitor as he or she spots an “https” page.  NATWEST has sounded alert on its customers to be careful of a website in question bearing striking similarities with the real one portal.

A visitor is trapped as soon as one verifies one’s personal details acting on the instructions of the lookalike email before getting the fake web page. Then the guys behind this nefarious mission get an easy access to the personal details of the customers. A section of customers, however, is aware of the danger after they received the screenshot of the fake website.

Millions of net users are sharing the discourse and alertness on the Twitter. But is there is an end? If one raises doubts over the guarantee of HTTPS another talks of SSL certificate.

The London based Intelligence Bureau has admitted the fiasco and has been devising a formidable mechanism to jointly with NatWest to firmly deal with this menace.

NatWest is believed to have been processing a system to identify fake websites. But it finds difficult to yield result instantly. The bank officials say the need of the hour is a massive awareness of the suspicious emails with unrecognized addresses apart from glaring mistakes in grammar and spellings.

The customers are free to take the help of the bank if a suspicious email is spotted to get in touch with the authority through phishing@rbs.com or phishing@natwest.com.

This is not for the scammers to target the wealthy customers. An identical scam threatened to rob the Santander customers in March this year forcing the authority to maximize alertness.

The targeted customers received text messages from the scammers who pretend to be banking officials. But the bankers stopped sharing information of the customers without any convincing queries.
Read more »
uber
surge price uber

Uber Charges Rider C$18.5K for 20-minute Trip

We’re all familiar with surge pricing and paying high amounts of money for small distances to corporations like Uber or Ola, but last Friday, a man in Canada was charged about C$18,500 for a 5.6-kilometre trip.

That’s about 14,500 in US Dollars, or 9.3 lakhs in Indian Rupees. Hisham Salama, the rider in question, took to Instagram to share this story. His friend also posted a screenshot on Twitter:


Uber looked ready to shift all the blame on the customer, as proven by a screenshot of the conversation between Hisham and the company.


Finally, it seems the uproar on social media caught their attention and they apologized as well as refunded the money back to Hisham. According to his tweet, they will be setting up a meeting with a representative and solve the problem.


Uber later defended itself saying that the huge charge was an “error” and has been resolved, adding that they have refunded the money and apologized for the experience.

A spokesperson from the company, in a statement to Slate, said, “We have safeguards in place to help prevent something like this from happening, and we are working to understand how this occurred.”

Uber further went on to put the blame on the driver, saying that his cab was a traditional cab with a meter and the driver had made a mistake while putting in the fare details into it, and that the error was not a technical glitch.


(Currency figures are 1 CAD = 0.78 USD and 50.24 INR)

Read more »

Anderson Cooper’s assistant to be blamed for insulting tweet to Trump

CNN says it's gotten to the bottom of Anderson Cooper's Trump-bashing tweet ... and all signs point to a forgetful assistant, who has been appointed for last 10 years.

CNN faced widespread mockery and scepticism on Wednesday after the network claimed an unidentified gym locker room thief sent a tweet from Anderson Cooper's account that called President Trump a "tool" and a "pathetic loser."

In a statement, CNN claimed the tweet in question was sent from a phone belonging to Cooper's assistant in New York while Cooper himself was in Washington D.C.
CNN said the tweet was the result of the anchor's assistant's phone being taken.

A CNN spokesperson said, "[Cooper's] assistant inadvertently left his phone unlocked and unattended at the gym early this morning and someone took the phone and sent the Tweet."

"Geolocation tools confirm that the tweet in question was not sent from Anderson Cooper’s phone," read a statement from the network. "Anderson was in Washington, and we have proof the tweet was sent from New York, from a phone belonging to his assistant."
He's apparently the only other person besides Anderson with access to the account.

BuzzFeed reporter Chris Geidner, who like Cooper is gay, tweeted in response, "I have never met a gay man who has left his phone unlocked and unattended at the gym, but OK."

The errant tweet was a response to the president on Wednesday regarding the loss of Republican candidate Roy Moore in the Alabama special election. Trump had tweeted: "The reason I originally endorsed Luther Strange (and his numbers went up mightily), is that I said Roy Moore will not be able to win the General Election. I was right! Roy worked hard but the deck was stacked against him!"

Anderson's verified Twitter account replied to Trump early Wednesday morning -- calling 45 a "tool!" and a "Pathetic loser."
Read more »
Subscribe to: Comments (Atom)