Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Facebook to roll out new privacy tools for Europe



 Facebook will make major privacy changes to the platform for its more than 2 billion users to comply with a new European Union's  incoming data protection law, the social network's Chief Operating Officer Sheryl Sandberg said.

 "We're rolling out a new privacy center globally that will put the core privacy settings for Facebook in one place and make it much easier for people to manage their data," Sandberg said at a Facebook event in Brussels on Tuesday.

 The General Data Protection Regulation (GDPR) is a dictum which intends to strengthen and unify data protection for all individuals within the European Union.

 The Companies who would breach the law could face a maximum penalty of 4 percent of global annual turnover or 20 million euros (S$32.3 million), whichever is greater.

 "Our apps have long been focused on giving people transparency and control and this gives us a very good foundation to meet all the requirements of the GDPR and to spur us on to continue investing in products and in educational tools to protect privacy," Sandberg said.

 This law would deeply affect industries who are collecting a large amount of customer data from technology companies,  insurers, and banks.

 Facebook has already come under scanner for using of customer data and tracking people's online activities. 
Read more »
Data Theft
Dark Caracal Data Theft

Lebanese Hackers leave data stolen from thousands of victims on open server

Last week, Electronic Frontier Foundation (EFF) and Lookout had released a report on a malware dubbed “Dark Caracal” that had stolen a huge amount of data from thousands of victims, such as journalists, military personnel, lawyers, activists, financial institutions, and other such organisations or individuals.

It seems that these hackers — who were deemed to be Lebanese and related to the nation-state as the signal was traced back to Lebanon's General Directorate of General Security (GDGS) — had left all the stolen data online on an unprotected server.

"It's almost like thieves robbed the bank and forgot to lock the door where they stashed the money," said Mike Murray, Lookout's head of intelligence.

According to EFF Director of Cybersecurity Eva Galperin, they were only able to pinpoint the hacking campaign to such a precise location as the government building because of their “extraordinarily poor operational security."

The stolen data included passwords, documents, call records, texts, contact information, photos, and other sensitive data. In Lookout security researcher Michael Flossman’s words, it was “literally everything.”

The report said that based on available evidence, it is likely that GDGS is either associated with or directly supporting the attackers behind Dark Caracal.
Read more »

YouTube gives warning against credible websites

A number of users have reported that clicking on links found in the description field under videos now redirects them to a warning page, cautioning users against opening certain websites. But it appears that, in addition to malicious pages, the video sharing service is wrongly flagging tons of legitimate websites for “malware, phishing or disturbing content.” Among others are popular destinations like Facebook, Twitter, Patreon and – on at least one occasion – the White House.

It appears that Google is running a trial with this sort of warnings on YouTube – and has been for a couple of months now.

Interestingly, the warnings seem to appear selectively. While some people are greeted with a warning message when clicking on links under certain videos, others are able to open links under the same videos without seeing any warning at all. Also, while links under a little-known channel (with less than 10,000 subscribers) prompted the malware warning, URLs posted under videos from YouTube personality Philip DeFranco seem to open just fine.
Indeed, a slew of miffed users took to Twitter to complain the video sharing service seems to be blocking lots of credible websites with these warnings, including the White House and IBM.

Google hasn’t come out yet with any official statement regarding the matter.
Read more »
NCSC
cyber espionage Hacking Malware. NCSC

Prevalent Cyber threat group targets UK

As of late a well-known hacking group attempted is as yet trying to focus on the UK with an updated version of malware intended to install itself into the compromised systems and stealthily conduct surveillance. Within the most recent year, the group seems to have been especially centered on diplomatic targets, including consulates and embassies. 

Both the Neuron and Nautilus malware variations have already been credited to the Turla advanced persistent threat group, which is known to routinely carry out cyber-espionage against a range of targets, including government, military, technology, energy, and other business associations and commercial organisations. 

It basically targets Windows mail servers and web servers; the Turla group conveys uniquely made phishing emails to trade off targets in attacks that deploy Neuron and Nautilus in conjunction with the Snake rootkit. By utilizing a combination of these tools, Turla can increase diligent system access on compromised systems, giving secretive access to sensitive data or the capacity to utilize the system as an entryway for carrying out further attacks. 

However the UK's National Cyber Security Centre (NCSC) - the cyber security arm of GCHQ - has issued a notice that Turla is conveying another variant of Neuron which has been altered to sidestep disclosure. 

Alterations to the dropper and loading mechanisms of Neuron have been composed in such a way so as to avoid the malware being detected, enabling its pernicious activities to proceed without being intruded. 

While the creators of Neuron have additionally attempted to change the encryption of the new version, now configuring various hardcoded keys as opposed to simply utilizing one. In the same way as other of alternate changes, it's probably that these have been carried out to make detection and decryption by network safeguards more troublesome. 

At all might be the situation it is believed that the National Cyber Security Centre doesn't point to work by Turla being related with a specific danger on-screen character - rather alluding to it as:
                                 "A predominant digital danger group focusing on the UK".

Read more »
Two step authentication
Google Two step authentication

Less Than 10% Gmail Users Enable Two-Factor Authentication

At the Usenix Enigma 2018 security conference this week, a Google software engineer revealed that only about 10% of Gmail users actually have Two-Factor Authentication enabled.

He further said that even this 10% has had trouble figuring out how SMS authentication codes work.

Two-Factor Authentication, or 2FA, is an additional layer of security that prompts users to enter an additional bit of information before they’re allowed to log in, usually codes sent via SMS or through an app like Google Authenticator.

At the question of why Google doesn’t make 2FA default, Grzegorz Milka, the above-mentioned software engineer, answered, “It’s about how many people would we drive out if we force them to use additional security,” saying that it’s about the “usability.”

According to research, people don’t use two-factor authentication because they don’t trust it and fear that their privacy will be compromised.

Experts have agreed that these fears aren’t entirely baseless as SMS authentication has a risk of interception by attackers who spoof phone numbers. However, things have become safer since Google rolled out “Google Prompt,” which offers built-in verification in Google Play services for Android and the Google app on iOS.

The company also launched a new service called “Advanced Protection Plan” for high-profile accounts which enables them to use hardware-based USB 2FA security keys instead.
Read more »

Discovering flaws in chip: The Horn way

Cybersecurity experts keep discovering one after another malicious attempt forcing the software giants to devise an effective mechanism to rein in the hackers. The findings are alarming and dangerous and if these are not firmly dealt with the things would turn from bad to worse.

Each of the researchers working in this field has some gathered some striking experience before they had jumped to a conclusion. Let’s look at Jann Horn.

He was none other than the Google cybersecurity expert to have discovered the biggest chip vulnerable hole that struck the attention of all the researchers groping for a solution in this area.

Only after his startling findings, the entire industry cleared the decks to design the processors to counter the possible hacking threats. Further, his extensive research encouraged many students to concentrate in this field to explore every possibility of aborting the notorious attempts.

The flaws he discovered put many experts on alert decades ago to safeguard the personal computers, internet servers, laptops, and smartphones. His path-breaking research has started paying dividends one after another even these days. Initially, Horn made a simple attempt to examine the computer hardware and gradually he proceeded step by step to reach the very vulnerable areas with flawed designs where the hackers often exploit the advantage.

After months of examining the chips, Horn came to an initial conclusion that as the processor gets wrong its memory into the store must come from a misguided entry point and the hackers are aware of these.

Further investigation gave him more lead to proceed in search of vulnerable areas where the hackers keep operating. A young circle of research spotted similar flaws and findings infusing more confidence in Horn. His untiring efforts have been widely accepted when the entire school of cyber experts openly accepted Meltdown and Spectre.

His school teachers got wind of his talents much before he stole the limelight. They came to known Horn and his talent as soon as he found security problems with the school's computer network.

The man who tried to discover Horn was Mario Heiderich. The founder of Berlin-based cybersecurity consultancy Cure53 evinced keen interest to deploy Horn as he was not turning 20 then. Finally, the post-doctoral research Horn's undergraduate thesis supervisor. Then only Horn logged on into Cure53 as a contractor.

Read more »
Software Vulnerability
malware Security flaw Software Vulnerability

Schneider Electric reveals it was flaw in technology that led to hack

Schneider Electric SE said in a customer advisory released on Thursday that the attack that in December that led to a halt in operations at an undisclosed industrial facility was caused by hackers exploiting a previously unknown vulnerability in its technology.

Schneider said in the notice that the vulnerability was in an older version of the Triconex firmware that allowed hackers to install a remote-access Trojan as "part of a complex malware infection scenario" and advised customers to follow previously recommended security protocols for Triconex.

Reports of the breach surfaced on December 14, when cybersecurity firms disclosed that hackers had breached one of Schneider’s Triconex safety systems and speculated that it was likely an attack by a nation-state.

The target of the attack has not been disclosed till now, however, Dragos, a cybersecurity firm has said it occurred in the Middle East. Others have speculated it was in Saudi Arabia.

The attack is the first of its kind to be reported to happen on this kind of system.

The system itself is used in nuclear facilities, oil and gas plants, mining, water treatment facilities, and other plants to safely shut down industrial processes when hazardous conditions are detected.

Previously, Schneider had said that the attack was not caused by a bug in the Triconex system.

Schneider is reportedly working on tools to identify and remove the malware, expected to be released in February. The Department of Homeland Security is also investigating the attack, according to Schneider.
Read more »

Cyber-attacks soar, firms rush towards insurance

Cyber attacks driven by ransom demands are on the increase as criminals seek to cash in on the soaring values of cryptocurrencies according to a new report.

The 2017-2018 Global Application and Network Security Report from cyber security company Radware find that reported ransom attacks surged in the past year, increasing 40 percent from the 2016 survey. Half of the companies surveyed suffered a financially motivated attack in the past year.

Many firms are panicking as cyber-attacks and regulatory fines threaten profits and are turning to insurance to cover their mounting losses. Many firms feel like they're under siege as the tools at the hackers' disposal seem to be getting more, not less, powerful.
"The rapid adoption of cryptocurrencies and their subsequent rise in price has presented hackers with a clear upside that goes beyond cryptocurrencies' anonymity," says Andrew Foxcroft, regional director for Radware UK, Ireland and Nordics. "Paying a hacker in these situations not only incentivizes further attacks, but it provides criminals with the vital funds they need to continue their operations."

Insurance brokers hoping to differentiate themselves in the marketplace should look to cybersecurity as a great opportunity.

The Allianz Risk Barometer 2018 report reveals that cyber incidents remain a top threat with 38% of responses for the third year in a row for South African businesses. Business interruption (BI) second at 34%, and changes in legislation & regulation is in third place at 29%/ number 5 in 2017. These are the key findings of the seventh Allianz Risk Barometer, which was published on 16 January 2018 by Allianz Global Corporate & Specialty (AGCS). The 2018 report is based on the insight of a record 1,911 risk experts from 80 countries.

The report unveils two new South African business threats that have emerged as part of the top 10 list, which is climate change/ increasing the volatility of weather and loss of reputation or brand value, both at 16% both at #8. These new threats are not surprising, especially given the extreme weather patterns that have resulted in frequent droughts and floods affecting the country.
Read more »

Carphone Warehouse fined £400000 over massive data breach

Britain’s information commissioner's office(ICO)  had fined  Carphone Warehouse (DC.L) £400,000 after a data breach in 2015 which exposed the exposed the personal data of more than three million customers and 1,000 employees.

The ICO has issued a hefty fine which was equal to the record penalty against TalkTalk, electrical goods, and mobile phone retailer, the broadband company previously owned by Carphone Warehouse, left its systems vulnerable to hacking by not updating the software and another questionable routine testing.

“A company as large, well-resourced and established as Carphone Warehouse should have been actively assessing its data security systems, and ensuring systems were robust and not vulnerable to such attacks,” Information Commissioner Elizabeth Denham said in a statement.

“Carphone Warehouse should be at the top of its game when it comes to cyber-security and it is concerning that the systemic failures we found related to rudimentary, commonplace measures.”

According to the ICO, the hackers gained an access to the Carphone Warehouse's website through an out-of-date version of content platform Wordpress.

The compromised personal data included names, addresses, phone numbers, dates of birth, marital status and, their historical payment card details.

The company released a statement: "As the ICO notes in its report, we moved quickly at the time to secure our systems, to put in place additional security measures and to inform the ICO and potentially affected customers and colleagues.

"Since the attack in 2015, we have worked extensively with cybersecurity experts to improve and upgrade our security systems and processes.

"We are very sorry for any distress or inconvenience the incident may have caused."

Read more »
The Sun
Media. News of the World Privacy Phone hacking Press intrusion The Sun

The Last Minute Deal against the Murdoch Papers



The very late arrangement or better known as the last minute deal on Thursday in regards to the Phone-hacking cases brought by Vic Reeves, Kate Thornton and two others against Rupert Murdoch's Sun and News of the World earned the two sides a censure from Mr Justice Mann, who griped that issues vital to another 47 hacking cases in the pipeline that had not been resolved yet.

The classified settlement was concurred with comedian Reeves, whose real name is Jim Moir; television presenter Kate Thornton, Coronation Street on-screen actor Jimmi Harkishin and talent hunter Chris Herbert. Murdoch's News Group Daily papers were likewise anticipated that would pay their expenses, assessed at £4m altogether.

                                          
                                            (Jim Moir , Kate Thorton and Jimmi Harkishin)

The case had likewise been expected to hear assertions of hacking by journalists at the Sun. News UK have never conceded that any hacking occurred at neither the day by day level, nor any wrongdoing by senior administrators. The very late agreement implied that neither of these issues was starting at yet decided.

The charges of wrongdoing by James Murdoch and Rebekah Brooks additionally assume an imperative part in the hacking instance of pipelines also.

In spite of the fact that David Sherborne, counsel for the claimants, told the court that the claimants would 'allege criminality at the most senior level" with James Murdoch and Rebekah Brooks as a feature of the case.

Mann also brought into everyone's notice that Murdoch's News Group Daily papers had made "admissions of unlawful activity at the News of the World but it has made none at the Sun" with regards to the pre-trial entries and submissions he had gotten. Additionally griping that the case had taken a long time to prepare and reach the trial stage, and that other disputants in the pipeline had now been denied of the chance to see issues of risk being resolved in an experiment or better yet in a test case.

The judge told the court that the last minute settlement of the four cases was a "serious matter" in light of the fact that the court had given "a significant amount of time and resources" to setting them up for trial because of the apparent significance of the case.

The settlement of a “a useful test case raises troublesome issues" for others, wanting to bring claims, he stated, including that the future hacking litigation would need to be managed in a quite unexpected way.

Ed Miliband, the previous Labour leader and a critic of the Murdoch family, stated: 
"This last-minute deal is yet another case of the Murdochs going to extraordinary lengths to prevent detailed scrutiny of what really happened at their newspapers. It shows why we need the Leveson 2 [press] inquiry to get to the truth."


Rupert Murdoch's 21st Century Fox is as yet looking for administrative endorsement from the Opposition and Markets Specialist and Authority for a full takeover of the satellite broadcaster Sky, albeit some resistance government officials, including Miliband, have said the media big shot ought to be kept from closing the deal, halfway on account of the phone-hacking allegations.
Read more »
WhatsApp
Android Malware Dark Caracal Data Theft Fake Apps Spear Phishing attacks WhatsApp

Lebanon Spyware Uncovered, Steals Data through Fake Messaging Apps

Researchers from non-profit campaign group Electronic Frontier Foundation (EFF) and mobile security group Lookout have together uncovered malware that targets individuals such as military personnel, journalists, lawyers, and activists, using fake apps that look like popular messaging apps like WhatsApp and Signal.

The malware, dubbed “Dark Caracal” by the researchers, targets known Android weaknesses and iOS has not been affected by it.

According to their report on Dark Caracal, the malware was traced back to a server in a Lebanese government building — a building belonging to the Lebanese General Security Directorate in Beirut, Lebanon — and seems like the threat could be coming from a nation-state.

“We have identified hundreds of gigabytes of data exfiltrated from thousands of victims, spanning 21+ countries in North America, Europe, the Middle East, and Asia,” the report read.

“This is a very large, global campaign, focused on mobile devices. Mobile is the future of spying because phones are full of so much data about a person’s day-to-day life,” said EFF Director of Cybersecurity Eva Galperin.

Data stolen through the spyware includes documents, call records, audio recordings, secure messaging client content, contact information, text messages, photos, and account data.

According to EFF, WhatsApp or Signal have not been compromised, and Google has confirmed that the infected apps were not downloaded from its Play Store. Instead, the attackers use “spearphishing” to get these fake apps on targets’ phones, which is a phishing attack that specifically targets an individual using information the attacker has on the victim.

“All Dark Caracal needed was application permissions that users themselves granted when they downloaded the apps, not realizing that they contained malware,” said EFF Staff Technologist Cooper Quintin.

Dark Caracal has reportedly been operating since 2012 but has been unable to track down because of the number of similar attacks happening all over the world that have repeatedly been misattributed to other cybercrime groups.

This research has shed light on how governments and people are able to spy on individuals all over the world.


Read more »
Subscribe to: Comments (Atom)