Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Snowden says, Aadhaar open for abuse

American whistleblower Edward Snowden has become the latest to raise alarm about the vulnerability of the Aadhaar database, a day after the Tribune newspaper reported that an administrator login ID and password to gain access to the UID portal could be acquired for as little as Rs 500.

He came out in support of the Indian journalist who exposed the Aadhaar data breach and led to lodging of an FIR. He said that government should award the journalist and not probe him for the work.

"The journalists exposing the #Aadhaar breach deserve an award, not an investigation. If the government were truly concerned for justice, they would be reforming the policies that destroyed the privacy of a billion Indians. Want to arrest those responsible? They are called @UIDAI,” Snowden tweeted.

Snowden, a former Central Intelligence Agency (CIA) employee who blew the lid off US surveillance on phone and internet communications, also said the Indian government should reform its policy to safeguard privacy of its citizens.

Retweeting CBS journalist Zack Whittaker's response on a BuzzFeed report on the breach of Aadhaar database in India, Snowden said, "It is the natural tendency of government to desire perfect records of private lives. History shows that no matter the laws, the result is abuse."

Whittaker had earlier said, "ICYMI. India has a national ID database with the private information of nearly 1.2 billion nationals. It has reportedly been breached. Admin accounts can be made and access can be sold to the database, reports BuzzFeed."
Registering an FIR against the journalist triggered widespread condemnation from all circles.

This prompted the government to clarify that the FIR was not against the journalist and that it was lodged against unknown persons and an investigation is on. Meanwhile UIDAI has suspended access of many officials to Aadhaar data after the loophole came to light.
Read more »

Edward Snowden hails scribe over Aadhar data leak report


American whistleblower Edward Snowden has come in support of an Indian journalist, who is being investigated for a report on the controversial  Aadhaar data breach. 

Snowden, a former Central Intelligence Agency (CIA) employee, who is currently in exile in Russia said that instead of prosecuting the journalist, the government of India should penalize the Unique Identification Authority of India (UIDAI) for the alleged leak.

"The journalists exposing the #Aadhaar breach deserve an award, not an investigation. If the government were truly concerned for justice, they would be reforming the policies that destroyed the privacy of a billion Indians. Want to arrest those responsible? They are called @UIDAI," Snowden posted on Twitter. 

The Delhi Police has registered an "open-ended" First Information Report (FIR) against  the "The Tribune" reporter, Miss Rachna Khaira, who wrote an article on  how she was able to buy citizens' personal details for just 500 rupees ($8; £6), after a UIDAI file a complaint against her. 

"It is the natural tendency of government to desire perfect records of private lives. History shows that no matter the laws, the result is abuse," Snowden. 

The editor of The Tribune newspaper, has defended her saying it had been published "in response to a very genuine concern among the citizens on a matter of great public interest".

However, the central government has clarrified to this ste by saying that they are fully committed  to the freedom of press, and said they hope that the newspaper and its reporter will cooperate with them in investigating the purported data breach.

"The government is fully committed to freedom of press as well as to maintaining security and sanctity of Aadhaar for India's development... I've suggested UIDAI to request Tribune and its journalist to give all assistance to police in investigating real offenders," IT minister Ravi Shankar Prasad tweeted.



Read more »

Florida hack exposes 30K Medicaid patients’ files

Florida officials announced late Friday that hackers may have accessed the personal information and medical records of up to 30,000 Medicaid recipients in November.

The state's Agency for Health Care Administration said in a Friday evening news release that one of its employees "was the victim of a malicious phishing email" on November 15, and they learned of the incident five days later on 20 November, after which they notified the notified the Inspector General who launched an investigation "to identify if any protected health information was potentially accessed."

The preliminary findings of an Inspector General investigation found that hackers may have partly or fully accessed the enrollees' full names, Medicaid ID numbers, birthdates, addresses, diagnoses, medical conditions and Social Security numbers.
The AHCA said no other agency systems or email accounts were involved in the phishing attack.

"The agency takes this matter very seriously," Florida's Agency for Health Care Administration(AHCA) said in a statement.

The state agency said it was training employees on security protocols following suspected breach but said it had "no reason to believe" the information had been misused. The agency provided a hotline for Medicaid recipients to call-844-749-8327.

Cyber threats have long posed issues for health providers and agencies handling sensitive data, with cybersecurity concerns about personal information reaching the federal government in the past as well.
Read more »
Software security.
cryptocurrency Cryptojacking malware Software security.

A Mysterious Malware That Holds The Power To Critically Damage One’s Phone

It wouldn't be wrong to state that Hack forums isn't the most "world class"  or elite gathering of cybercriminals as many of  its members as of now appear to be relative novices, and furthermore it's probable that some post about hacking methods they've never really endeavoured. In spite of the fact that experts do state that with the current buyer showcase in cryptocurrencies, even the refined hacking groups are increasingly getting into undercover or in other words clandestine mining, and once in a while running such operations close by more customary and traditional  cybercrime like data theft and dissent of service attacks.

In the same way as many other people, the hackers on the message board Hack Forums are presently exchanging tips on the most proficient method to make profit with cryptocurrencies. Be that as it may, they're not simply hoping to purchase low and offer high they are only swapping approaches to surreptitiously tackle other people's phones and PCs to further generate digital coins for themselves.

A month ago, F5 networks, a Seattle security firm reported a "sophisticated multi-stage attack" hijacking networks of computers to mine cryptocurrencies.

The assailants have been known to utilize the vulnerabilities in common server softwares, combined with Windows exploits leaked from the National security Agency, to effortlessly infiltrate the victim's systems and migrate through their networking systems.

Despite the fact that it's difficult to know how much these current crypto jacking attacks have earned altogether, yet the addresses connected to the malware variations seemed to have gotten a sum of $68,500 in the cryptographic money (cryptocurrency) monero.

In any case, in the previous year, monero-mining malware has been spotted on an extensive variety of sites, mining the currency as people streamed videos from Showtime and Ultimate Fighting Championship or only browsed the web on compromised Wi-Fi systems at Starbucks cafes. Albeit, some program expansions have been found mining the currency while the users do other things, and monero-mining malware has as of late been spotted proliferating through links on Facebook Messenger also.

Hi @Starbucks@StarbucksAr did you know that your in-store wifi provider in Buenos Aires forces a 10 second delay when you first connect to the wifi so it can mine bitcoin using a customer’s laptop? Feels a little off-brand... 

— Noah Dinkin (@imnoah) December 2, 2017

If you remember the IoT botnets, Mirai in the past, we’ve actually seen one variant this year which was mining monero coins on routers and hard disk recorders as well,” says Candid Wueest, principal threat researcher at Symantec and contributing author on a report the security company released on cryptojacking last month.

Creators of some monero-mining software argue that in-program (browser) mining can have a true blue use, letting people intentionally exchange computer power for access to articles, videos, or premium application features, when sites are looking past publicizing or advertising as an income and revenue stream. "I don't agree with anybody's computer being mishandled or abused without their insight," says Spagni, the monero core developer.

"However the technology that is being manhandled presents a completely new approach for monetizing a service on the web." He contends this could empower a "free" version of Netflix or provide another subsidizing stream for journalism.

Coinhive one of the most well-known web miners, even offers a mining-based captcha alternative, aimed at making it less attainable for spammers to play out specific activities on a website, and a version of the software called AuthedMine which requires the users to unequivocally opt in before mining begins. Makers of other mining tools put forth comparable expressions about user consent, maybe with changing degrees of sincerity.

Nevertheless a tool called Monero Quiet Excavator, available for $14, mines in the background on Windows PCs. It doesn't launch a visible window that users can recognize or detect as fast as possible, keeps the gadgets from going into sleep mode, and can "bypass firewalls," as indicated by its website. In any case, its developer states that it is intended just for "legitimate users". Those could incorporate individuals who possess various PCs and need to utilize them to mine monero "transparently for the end user or client of the PC"
Read more »

New threat for PCs and smarthpones

Personal computer and smartphones are running the risk of yet another security threat if the experts are to be believed. The new threat seems to have surfaced after the tech experts spotted a dangerous security flaw.

Named as Spectre and Meltdown, the factors in question allow the processor to sweep the sensitive and secret data in the store of the personal computers and smartphones.

Meltdown, precisely, strikes only the Intel processors while Spectre, a general flaw might spoil the devices in entirety.

The computer tech experts namely Jann Horn at Google and academics at the Graz University of Technology who claimed to have spotted Spectre and Meltdown claimed that tech firms including Apple and Microsoft were preparing to disclose these in detail. The revelation even reached Intel where the processor maker got to know the exploits which forced the company to sell $24 million products from the stock.

These schemes of things have forced the software companies to chase the updates. Two top software giants namely Microsoft and Google now claimed to have updated their mechanism to spot Meltdown. Others in the field are in lined up for it.

But is there is evidence to prove beyond doubt that the flaw has opened the floodgate for the hacks to strike the advantage? The answer is simply no. Needless to say that it these hackers would take the chance if somebody reveals the flaw in the public domain since they have a easy access to many passwords, emails usernames an even online bank accounts.

Since the processors are carnal of a personal computer or smartphone, the digital devices function only at its command and calculations on every passing moment. A processor if allowed to develop complexity can be exploited with the help of a browser.
Read more »
Hacks
Cyber Crime Cyber Security Hacks

Hackers Target Winter Olympics to be Held in South Korea

Cybersecurity company McAfee has discovered that hackers have targeted organizations connected to the Winter Olympics that will be held in South Korea, and have tried to access sensitive information.

The hacking campaign ran from December 22 and is still under investigation by the firm. McAfee has stated that the attacks point to “a nation-state adversary that speaks Korean.”

The attacks seem to have been carried out via emails sent to various organizations which contained a malicious document that would create a hidden black channel inside the computer if enabled. These emails are disguised as being sent by South Korea’s National Counter-Terrorism Council.

The emails were sent from a Singapore IP address and told receivers to open a text document in Korean.

Among those sent the messages are individuals associated with the ice hockey tournament at the Olympics. A report can be seen on their website by McAfee Labs here.

It has been reported that at least one of the recipient was infected by the document, according to a senior analyst at McAfee.
Read more »

Android malware steals Uber credentials

From stolen accounts to Russian-hacker run networks, Uber’s black market trade has steadily become a staple in the digital underground. Only a month ago, Uber users and drivers learned that their privacy might be put at risk due to the massive data breach. Now, researchers from cybersecurity firm Symantec have found a piece of new Android malware that tries to steal a target’s Uber password, phone password and credit card details, before covering up its own tracks.

The FakeApp trojan has returned with new tricks to stop users noticing they've been duped.

The malware is a variant of FakeApp, an Android trojan that attackers have been using to display advertisements and collect information from compromised devices since 2012. However, it has updated numerous times, and the recently discovered version tries to steal users credentials by deep linking URL in the real Uber app.
According to that research, the Android malware causes a fake Uber user interface to repeatedly pop-up on a target’s device, taking up the whole screen until the user enters their Uber ID and password. As with many other phishing campaigns, as soon as the victim provides their credentials, the malware sends those details off to the hacker’s remote server, Symantec said.

According to the researchers, malware spreads via untrusted third-party app stores. Fortunately, it hasn’t affected many Uber users. However, people are advised to be careful and do not get tricked by a new criminals’ trick.

Hackers could do a few different things with a stolen set of Uber accounts. It's likely the attackers will either attempt to exploit this stolen information for their own gain, performing scams, or try to sell it to others on dark web underground forums. , where customers buy login details and then simply take rides and their victim’s expense. In 2015, scammers were selling thousands of stolen accounts for $1 each, before the marketed became saturated and the price plummeted to just 40 cents per account. Many of these accounts were likely hacked because victims had used the same password on Uber as well as a website that was already breached, meaning scammers could just log into the user’s account.

Uber has not come out with a statement on the matter.
Read more »

Intel Chip flaw: Every Apple devices vulnerable to hacking

Apple has confirmed that it's every iPhone, iPad, Mac device, and Apple TV is vulnerable to the major Intel bug that could allow them to be hacked.

Apple uses Intel's chips in almost all of its devices, due to this design flaws billions of people's personal data to cyber criminals are at risk of being exposed.

Security researchers have found a devastating Meltdown and Spectre bugs.

In a statement released, Apple said: "All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time.

"Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store.

"We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS."

However, the exact nature of the design flaw is still not clear, so it is impossible to measure its impact and how to abet the problem.

The firm has notified all its customers to only download software from its platforms only, App Store.

Apple has assured that there have been no instances of hackers taking advantage of the flaw to date.

Read more »
Flash Exploits
Android Malware Banking Trojans Cyber Crime Flash Exploits

Android Malware Attacking Over 232 Banking Apps Discovered

A new Android malware is reportedly targeting over 232 banking applications, including a few banks in India. This was discovered by the internet and cybersecurity firm Quick Heal, which identified the Android Banking Trojan imitating banking mobile apps around the world.

It includes major Indian banks apps from SBI, HDFC, ICICI, IDBI, and Axis, among others.

What is the malware?

The Trojan malware, named ‘Android.banker.A9480’, is being used to steal personal data such as login data, messages, contact lists, etc. from users and uploading it to a malicious server.

This malware also targets cryptocurrency apps installed on users’ phones to extract similar sensitive data.

Who has it affected?

According to Quick Heal, the banks affected by the malware include Axis mobile, HDFC Bank Mobile Banking, SBI Anywhere Personal, HDFC Bank Mobile Banking LITE, iMobile by ICICI Bank, IDBI Bank GO Mobile+, Abhay by IDBI Bank Ltd, IDBI Bank GO Mobile, IDBI Bank mPassbook, Baroda mPassbook, Union Bank Mobile Banking, and Union Bank Commercial Clients.

The full list can be found on Quick Heal’s original blog post.

How does the malware work?

The security firm has revealed that the malware is being distributed through a fake Flash Player app on third-party stores.

“This is not surprising given that Adobe Flash is one of the most widely distributed products on the Internet. Because of its popularity and global install base, it is often targeted by attackers,” the firm said in a statement.

Once the malicious app is installed, it will ask the user to activate administrative rights. The app sends continuous pop-ups until the user activates the admin privilege, even if the user denies the request or kills the process. Once activated, the malicious app hides its icon soon after the user taps on it.

They also revealed that if any of the targeted apps are found on the infected device, the app shows a fake notification on behalf of the targeted banking app. If the user clicks on the notification, they are shown a fake login screen to steal the user’s confidential info like net banking login ID and password.

Since the malware is able to intercept incoming and outgoing SMS from an infected smartphone, it can bypass the OTP based two-factor authentication on the user’s bank account and can misuse the access.

How can users protect their data?

It should be noted that Adobe Flash player has been discontinued after Android 4.1 version as the player comes integrated with the mobile browser itself. There is no official Adobe Flash Player available on the Google Play Store. Adobe had also announced that it will stop updating and distributing Flash player by the end of 2020 in all formats of the browser.

To stay safe from this trojan, users should take care to download only verified apps and avoid third-party apps or links provided in SMS or emails. Users should also keep the “Unknown Sources” option disabled in the settings (Settings > Security > Unknown Sources).

Additionally, users are advised to install a trusted mobile security app that can detect and block fake and malicious apps before they can infect their device.

It is also strongly advised to always keep the device OS and mobile security apps up-to-date as per official instructions.

Read more »

75 billion messages were exchanged on New Year’s Eve worldwide

WhatsApp users sent over a record-breaking 75 billion messages worldwide to exchange greetings on New Year's Eve, the Facebook-owned company said on Thursday (January 4). Among them, 13 billion messages were image-based and 5 billion were videos. In India alone, the 200 million monthly active users on WhatsApp sent over 20 billion messages on New Year’s Eve.

WhatsApp says this is the highest-ever user activity on a single day. The platform has over 1 billion users worldwide.

The messages were sent between 12 am till 11.59 pm IST on December 31.
"New Year's Eve was WhatsApp's biggest messaging day ever, closing out a successful year for the company that included the introduction of several new features," WhatsApp said in a statement.

Interestingly, WhatsApp suffered an outage that lasted more than an hour late on December 31, 2017, and in the early hours from January 1, 2018. Users in India and other parts of the world went into a frenzy after the messaging platform went down. It was though restored in two hours.

According to downdetector.co.uk, it received 2,012 reports that WhatsApp was not working at its peak. 

More than 10 million people around the world went live on Facebook to share their New Years Eve moments with their communities. “The night topped last year’s live broadcast activity, with people sharing 47 percent more live videos than last year,” Erin Connolly, Product Manager at Facebook, wrote in a blog post on Wednesday.

According to VentureBeat, WhatsApp’s new record represents the most messages sent in a single day in the chat app’s history. The previous record was set in 2016, also on New Year’s Eve, with 63 billion messages sent.

The top five popular features of WhatsApp included video calling, live location, delete for everyone (messages), new album view for photos and "Status" which saw over 300 million daily active users.
Read more »

Android malware targets 232 banking apps, including Indian ones

Internet security firm Quick Heal Security Labs says it has identified a new Android malware that can masquerade 232 banking apps including some Indian ones.

The malware, known as Android.banker. A2f8a corrupts banking apps to procure private details including login ID, password, SMS which contain OTPs and contact lists. The contact lists and messages can be uploaded on a malicious server, display an overlay screen (to capture details) on top of legitimate apps and execute other such malicious activities, Quick Heal wrote in a blog post.

The Android Banking Trojan was found as a part of a fake Flash Player app present on third-party stores. This fake app asks users for administrative rights just after setup. Even if a user initially denies admin access, the app continues throwing pop-up windows until the user accepts. Once the app gets admin rights, it hides its icon and seeks financial apps to steal data.
“Android.banker.A2f8a is being distributed through a fake Flash Player app on third-party stores,” Bajrang Mane, who leads the threat analysis, incident response, and automation teams in Quick Heal Security Labs, wrote in the post.

Mane said that Flash’s popularity makes it a common target for hackers.

If it accesses any of these apps from a user’s smartphone, it generates a fake notification sent on behalf of the banking app. Once the notification is accessed, the malware creates a fake login screen, which allows the trojan to steal confidential information like login ID and password for the banking app.

In India, Quick Heal identified the list of banks whose apps which are being targeted by Android.banker.A2f8a. This includes mobile banking apps of Axis Bank, HDFC Bank (regular and LITE versions), SBI Anywhere Personal, iMobile by ICICI Bank, IDBI Bank (Abhay, Go Mobile and Go Mobile+), Union Bank Mobile Banking and Union Bank Commercial Clients. The list also included mobile passbook apps such as IDBI Bank mPassbook and Baroda mPassbook.

Not only banking apps, but cryptocurrency apps, present on a user’s phone, have been affected too by this Trojan.

Users who have any of these apps on their phones are advised to install Avast free antivirus app to safeguard themselves from such malware.
Read more »
Subscribe to: Comments (Atom)