Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Self-Destructing Emails via Gmail's 'Confidential Mode'


‘Confidential Mode’ in Gmail, a new feature that launches self-destructing emails.




Gmail has recently made public, a new feature that is termed as ‘Confidential Mode’. The receiver is sent emails that are self-destructed after some particular extent of time, by special configuration. Through this feature, after the email is sent, access to it could also be restricted.

Once the confidential mode is fixed and an email is sent, the configurations like the expiry of the mail, the self-destruction and the requirement of a password for it, can all be set. All the email providers support this feature, the actual mail that is confidential is not sent, instead, a mail with a link to the Google servers, which would in turn host the email is sent. The expiration for the emails ranges from a day to 5 years.

Google asks one to login in order to confirm the identity, the very moment the receiver gets on that link. This is done to ensure that it is the person who was intended for the email. Id the login credentials are fine, the email is visible, and otherwise, the success is totally blocked.

The availability of the mail to the receiver is exclusively under the command of the sender. As the Google servers host the email and not the user’s email programs, it becomes all the easier for this feature to function smoothly.

The feature is accessible through the web and the mobile app version of Gmail. For the ‘Webmail’ users, a normal email is to be composed, then the lock button is to be clicked which would, in turn, open the settings page where the rest of the configurations like expiry date and the password requirement could be made and the ‘Confidential Mode’ is set.

Whereas for the mobile app users, after the mail is composed, the (…) menu is to be selected, then the confidential mode is to be selected which would further open up the configuration settings.

It’s needless to comment on the utility of the feature but it must be taken into consideration that a screenshot of the mail could easily be clicked, so the entire thing is not as secure as it seems.

According to sources, this could be the means for some potential phishing acts.


Read more »

Mozilla removed 23 Firefox add-ons for logging browser history

The Mozilla Foundation has removed an add-on from the recommended browser add-on list in Firefox’s official blog after a German security researcher Mike Kuketz discovered the software was secretly logging browser histories. The add-on is described as a service that offers extensive real-time protection.

The add-on was found to be tracking users web activity and sending data back to remote servers over unencrypted HTTP channel located in Germany. This could potentially expose users to Man-in-The-Middle attacks and spying. Web Security add-on was removed for unwarranted tracking. Upon further inspection, multiple add-ons with different features were found to run the same code, and action against these has also been taken. Later, 23 more add-ons were wiped out and disabled. All of these add-ons were suspected to be of the same person/group.

Another Reddit user suggested that there are a lot of add-ons that are collecting user’s page visits, however, when it comes to Web Security the Add-on has been sending a lot of masked data even after a user visits a domain over an unencrypted connection.

Mozilla engineer Jorge Villalobos explained in a Bugzilla update that action against these add-ons was taken not because they checked visited web pages, but that it sent more data than what seemed necessary to operate, and that some data was sent unsafely.

The add-on was developed by a German firm named Creative Software Solutions, it has over 220,000 installs and an overall rating of 4.5 of 5. The original collection included 14 add-ons which relate to privacy and security.

Raymond, uBlock Origin Developer (gorhill4) said:

“With this extension, I see that for every page you load in your browser, there is a POST to http://136.243.163.73/. The posted data is garbled, maybe someone will have the time to investigate further.”

All of the add-ons removed by Mozilla have been listed by ID number and some of the more popular ones include Browser Security, SmartTube, Popup Blocker Ultimate, DirtyLittleHelpers, YTTools and Quick AMZ.
Read more »

Snowden bats for criminal action against misuse of Aadhaar data






A Former United States secret agency CIA employee and whistleblower Edward Snowden have advised Indian government to slap a heavy penalty on anyone who will misuse Aadhar card details for purposes other than public services.

Addressing a private media event via video-conference on the theme ‘Being a Whistleblower’ at ‘Talk Journalism,’ he shared his concerns about UIDAI data scandals and misuse, UIDAI, whistleblower laws, the safety of journalists and his return to the US.

He raised questions about the government's  intentions and said that there is "something seriously wrong with this system."

"In India, if the Aadhaar system has to work then there should be a criminal penalty on agencies for disclosing personal details. In India, the condition is like you can’t have a baby if you don’t have Aadhaar," he said.


While replying to a question regarding the surveillance issue, he said that the “government needs to explain why you don’t need rights.” However, the government gives an excuse that they are about to bring a new programme that will safeguard citizens rights and protect them.


Snowden emphasized said that privacy can be safeguarded through better encryption systems and strong legal system.


Read more »

Cybersecurity Vulnerabilities in Philips IntelliSpace System Exposes Sensitive Cardiac Patient Information






The Industrial Control Systems Cyber Emergency Readiness Team (ICS-CERT) and Philips Healthcare issued a warning after discovering cybersecurity vulnerabilities in the Philips' IntelliSpace Cardiovascular (ISCV) and Xcelera cardiology image and information management software.

According to the ICS-CERT, “Successful exploitation of these vulnerabilities could allow an attacker with local access and users privileges to the ISCV/Xcelera server to escalate privileges on the ISCV/Xcelera server and execute arbitrary code."

The ICS-CERT found two different vulnerabilities in the Philips IntelliSpace System that are identified as Improper Privilege Management (CVE-2018-14787) and Unquoted Search Path or Element (CVE-2018-14789). Luckily, both the vulnerabilities are not critical, but it could allow hackers to execute arbitrary code, and gain access to the patient details.

The vulnerabilities affect Version 3.1  or earlier of IntelliSpace Cardiovascular, and the version 4.1 or earlier versions of Xcelera. However, it seems that both the flaws have not been exploited yet.

"At this time, Philips has received no reports of exploitation of these vulnerabilities or incidents from clinical use that we have been able to associate with this problem, and no public exploits are known to exist that specifically target these vulnerabilities,"  said security advisory of Philips.
The company has reported the matter to the National Cybersecurity and Communications Integration Center (NCCIC).

Philips will release patches for the vulnerabilities in their next version  ISCV 3.2, which is scheduled for release in October 2018.

Meanwhile, the company has advised the users to limit the network access, review and restrict files permissions, and use secure VPNs for remote access.

Read more »
Hacking Group Lurk
Hackers News Hacking Group Lurk

Criminal Case Filed Against Hackers For Hacking Koltsovo Airport Database And Stealing Money From Banks


Two residents of the city Yekaterinburg are in custody for stealing money from several bank accounts and hacking into Database of Koltsovo international airport(Yekaterinburg, Russia).

Authorities found out that Cyber criminals Konstantin Melnik and Igor Makovkin created a virus through which they got access to the accounts of Bank customers.

Hackers stole 1.2 billion rubles (about 18 million USD) from their cards. In addition, hackers infected the computers of Yekaterinburg airport "Koltsovo" with malicious programs and got access to the air harbor database. The airport could not say the amount of the company's losses.

It is important to note that the hacker group was called Lurk and consisted of 24 members. Igor is one of the organizers, and Konstantin is his active participant.

The group of hackers successfully worked for five years, as it was difficult to detect the virus. The virus was self-removing and left no traces after gaining access to the accounts.

Specialists of Kaspersky Lab helped to find cyber criminals. They identified the virus in corporate networks with Sberbank's programmers.

According to some sources, the hacker group Lurk probably stole more than 124 million rubles (about 1.9 million USD) from the Bank accounts of members of the Liberal Democratic Party of Russia, holding senior positions in the party.

Read more »

Federal Service for Veterinary and Phytosanitary Surveillance (Rosselkhoznadzor) reported a DDoS attack

Hackers attacked the system of electronic veterinary certification "Mercury". It became known on August 16.

According to Rosselkhoznadzor, the attack was carried out on August 13. One of the servers of the state information system in the field of veterinary medicine, providing access through the web interface to components "Argus" and "Mercury" became the goal of hackers.

"Mercury" is a system of electronic veterinary certification. "Argus" is a system for issuing permits for the import of controlled products to Russia, as well as for its import and transit through the territory of the Russian Federation.

The agency noted the attack occurred at the same time with the beginning of shipments of food products to warehouses and registration of the necessary documentation. The failure of the system at this time would have the greatest negative effect. The police believed that the attack did not happen by accident.

Measures were taken on time, so the attack did not cause a malfunction in the information system. However, it was decided to strengthen the prevention of traffic control. On August 14, preventive measures were lifted.

Read more »

A Teenage Boy from Melbourne Hacks into Apple’s Mainframe.

A Teenage Boy from Melbourne Hacks into Apple’s Mainframe.

A 16-year-old boy, who aspired to work for the US giant, Apple, hacked into its mainframe system from his suburban home in Melbourne, Australia.


A few internal files were accessed by the boy and according to the hearing of the court in Melbourne the information that was hacked was stored in a folder named, “hacky hack hack”. The boy’s name is behind the curtains yet as he is a juvenile offender.
According to the boy’s lawyer, he hoped to work for Apple one day and had a high regard for the company which is why he hacked into the system on numerous points over the span of a year.

The company regarded the security breach and had informed the FBI, which further forwarded the matter to the Australian Federal Police. An AFP raid was made on the boy’s family, as a result of which, two laptops, a mobile phone and a hard drive were found. Ninety (90) gigabytes of secure files and customer accounts were downloaded by the 16- year- old.

As per what the spokesman of the Apple Company said, the information security personnel had realized the illegal access and had reported the incident to the law enforcement. He also made a statement where he assured the customers that their personal data was still safe with the company. The specific details of the case were not mentioned. The boy was inclined towards bragging about his actions on the instant messaging application, WhatsApp.

The court’s spokesperson said that the 16-year-old boy would be sentenced on 20th September and when asked to comment further, the spokesperson refused. The AFP too rebuffed the request for a statement.
Read more »

Former Microsoft engineer sent behind bars for money laundering

Raymond Odigie Uadiale, age 41, is great with computers. Good enough to be hired by Microsoft as a network engineer. And good enough, according to the feds, to run a virus scamming ring that froze computers via a fake warning from the Federal Bureau of Investigation, charged people a $200 "fine" to unlock their laptops, and warned users they might be sent to prison if they didn't pay up.

Instead, it's Uadiale who's going to jail. The US Department of Justice (DoJ) announced Tuesday that Uadiale of Maple Valley, Washington, pled guilty to two counts of money laundering after admitting that while he was a Florida International University grad student, he was secretly running a computer "ransomware" scam that used a virus called "Reveton" to lock people's computers and demanded money to unlock them. Uadiale, who also went by the name "Mike Roland," will serve 18 months in prison after laundering nearly $100,000 to a co-conspirator in the United Kingdom identified only by the online handle "K!NG."

Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division, U.S. Attorney Benjamin C. Greenberg for the Southern District of Florida and Special Agent in Charge Matthew J. DeSarno of the FBI Washington Field Office’s Criminal Division, made the announcement.

“By cashing out and then laundering victim payments, Raymond Uadiale played an essential role in an international criminal operation that victimized unsuspecting Americans by infecting their computers with malicious ransomware,” Assistant U.S. Attorney General Brian Benczkowski announced. Uadiale pleaded guilty June 4.

The indictment charged Uadiale with one count of conspiracy to commit money laundering and one count of substantive money laundering. As part of the plea agreement, the government dismissed the substantive count. In addition to his prison sentence, Uadiale was also sentenced to three years of supervised release.

The ransomware in question executes on PCs and encrypts system files. A message is then shown on the home screen which claims that the user has violated federal law and downloaded illegal content.
Read more »
Personal Security Breach
Firefox Add on Personal Security Breach

Mozilla Extirpates 23 Firefox Add-Ons




Yesterday, Mozilla had extirpated 23 Firefox add-ons that pried in on clients and sent their information to remote servers, as affirmed by the Bleeping PC.

The blocked add-ons even incorporate "Web Security," the security-centric add-on with more than 220,000 users, which was found sending users' browsing histories to a server situated in Germany and remained at the centre of a controversy this week.

At the time, Mozilla engineers guaranteed that they would audit the add-on's conduct. Be that as it may, following the underlying report, a few users announced other add-ons displaying identical data collection patterns, some of which sent data to the same server as "Web Security".

"The mentioned add-on has been taken down, together with others after I conducted a thorough audit of [the] add-ons, these add-ons are no longer available at AMO and [have been] disabled in the browsers of users who installed them," says Mozilla Browser Engineer and Add-on reviewer, Rob Wu.

Remaining true to its word though, after a brisk test, Mozilla incapacitated the Web Security add-on in a Firefox instance Bleeping Computer utilized two days ago for tests and made sure that users of any of the restricted add-ons will be displayed a warning in this way:



A bug report incorporates the rundown of each of the 23 add-ons by their IDs, and not by their names, in spite of this fact Bleeping Computer has successfully tracked down the names of some additional items.

Other than Web Security, other restricted add-ons incorporate Browser Security, Browser Privacy, and Browser Safety. These have been sending information to an indistinguishable server as Web Security, situated at 136.243.163.73.

As indicated by a rundown gave to Bleeping Computer by Wu, other banned add-ons include:

YouTube Download & Adblocker Smarttube
Popup-Blocker
Facebook Bookmark Manager
Facebook Video Downloader
YouTube MP3 Converter & Download
Simply Search
Smarttube - Extreme
Self-Destroying Cookies
Popup Blocker Pro
YouTube - Ad block
Auto Destroy Cookies
Amazon Quick Search
YouTube Adblocker
Video Downloader
Google No Track
Quick AMZ

More than 500,000 users had atleast one of these add-ons installed inside their Firefox browser.
In the warning message above, Mozilla diverts users to this page for clarifications,
https://www.bleepingcomputer.com/news/security/mozilla-removes-23-firefox-add-ons-that-snooped-on-users , where it provides the following explanation for the ban:

Sending user data to remote servers unnecessarily, and potential for remote code execution. Suspicious account activity for multiple accounts on AMO.


Read more »

Deadly threat for Intel devices


The updated Intel -powered smart devices, of late, have started grappling with a Spectre-like fatal flaw forcing the cyber security fraternity to engage in research in search of an effective mechanism to counter the threat causing concern for millions of users.
Identified as 'Foreshadow, it is exploited by the hackers to get access to details of password, encryption apart from other sensitive data stored in the device to be used as situation warrants.

 Cyber security experts engaged in the top firms say till the other day Spectre Meltdown was the most dangerous and deadly for the smart devices.

But by now the most fatal indeed is Forshadow. They say it easily can penetrate into the most sensitive and secured features of an Intel developed device.

 Since the most sensitive feature of an Intel developed device is the Software Guard Extensions (SGX), introduced with Sky Lake processors Forshadow strikes here to compromise the security feature.

 The moment Forshadow starts working, it creates an enclave to execute the crucial process of the system, the feature where sensitive information and data are stored.

When the device is infected, the data protecting mechanism refuses to work properly. SGE falls unused suggesting the deadly infection in the system.

 According to what the researchers claimed to have discovered, the hackers can easily breach SGE with the help of the deadly Foreshadow vulnerability.

 The famed IT manufacturing firm, however, has admitted the Foreshadow vulnerability saying that the hackers can exploit it in three separate conditions or situations which need to be researched further.

The cyber experts engaged there have already released a micro code to affected processors.

 Intel, further has urged its manufacturing fraternity to keep changing microcode based mechanism through BIOS updates.

The computing device manufactures have put in place the feature of security patches to tap the Spectre like vulnerability in the Intel devices.
Read more »

Google is Tracking Your Location





Google knows where are you! The search engine giant records all your movements even if you have turned off the location tracker.

An Associated Press investigation report found out that the issue could affect more than two billion people who use Google maps or Google search directly or indirectly.

According to the study,  Google maps "stores a snapshot of where you are," an automatic daily weather updates track a location of your Android device, and even a small random search on Google searches gets to know about your exact latitude and longitude.

even random Google searches that you make will hand over information to the tech giant.
The study has been verified by the Computer science researchers at Princeton University after AP's requests.

However, in response to the allegations, Google has issued a description of tools and suggestions on how to turn off the location tracker and delete the location history.

Google says: “You can turn off Location History at any time. With Location History off, the places you go are no longer stored.”

Google's "Web and App Activity," which is turned on by default, let the company track your location.

To turn it off, you have to simply go to Activity Controls. Turn off both Web & App Activity and Location History.

For Android device follow these steps:
1) Go to settings.
Next click on Google, and then Google Account
There you will find a tab "data & personalisation"  inside it "web & app Activity"
Turn off "Web & App Activity"

For iPhones, iPads, and computers:
Sign into your Google account, click on the activity controls page.
There you will find "the web & app Activity" tab
Turn off the "Web and App Activity"

Read more »
Subscribe to: Comments (Atom)