Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Russian Cyber Security
Cyber Security Information Security News Russian Cyber Security

The Prosecutor General's Office of the Russian Federation proposes to create a single resource to combat cyber fraud


Specialized service for collecting data on cybercrime in the financial sector, which will help counteract fraud in cyberspace, may appear in Russia. The Prosecutor General's Office of Russia made a proposal to register Russian scammers.

It is noted that currently in Russia there is no specialized service that would allow solving the problems of citizens deceived by fraudsters online. Statements about crime have to be submitted to police departments. The current procedure requires only a statement about a crime or a report of a law enforcement officer about the detection of signs of a violation. According to the Prosecutor General's office, there is also no structure that carries out operational work with citizens on cybercrime.

The Department considers it necessary to protect citizens in cyberspace from scammers and create an opportunity to get help in such situations online. Thus, it is proposed to entrust the new structure with the duties of collecting, storing and systematizing data about fraudsters.

The new resource is proposed to be integrated into the Unified portal of public services and it will have to interact with law enforcement agencies. According to the authors, this will allow not only to register new cases of fraud but also to prevent further cases. Phishing and fraudulent sites will be blacklisted.

Financial market participants are aware of the project but do not want to comment on it. Financiers in informal conversations indicate that the project is "in the initial stage" and should not directly affect banks.

Human rights activists support the idea of the Prosecutor General's Office. According to the expert, one of the most common reasons for citizens to ask for help can be called phishing schemes, the damage amounts to billions of rubles a year. Therefore, thanks to the new service, a large amount of data will allow you to identify some common schemes, identify related persons. This will improve the quality of investigative actions and the detection of crimes.

In Russia, every third person has experienced cyber fraud, and almost every tenth has suffered from it. At the same time, according to experts, only about 7 percent of such cases reach the court.

Read more »
Vulnerabilities and Exploits
Chrome Google Technology Vulnerabilities and Exploits

Google Cuts Down Chrome's Patch-Gap in Half, from 33 to 15 Days now


Last week, Google has announced the cutting down of 'patch gap' in half for Chrome and the future plans of cutting it down further are also making the headlines.

Security Engineers at Google told that the 'patch gap' for Google Chrome which earlier was 33 days has now been successfully reduced to only 15 days. Some of you might be wondering what exactly a 'patch gap' means, it refers to the time frame it takes from when a security bug gets fixed in an open-source library to when that fix reaches in software which used that library.

These days, when the software ecosystem contains most of the apps relying upon the open-source modules, patch-gap plays a major role as it creates a potential security risk.

How Patch-Gap involve Major Security Risk?

As soon as a security bug gets fixed by someone in a particular open-source library, all the details related to that bug become available in the public domain. It is simply because of the open nature of the open-source libraries and projects. Now, the software which is largely dependent on these easily accessible components available in open source libraries, become vulnerable to the attacks and exploits that hackers can craft by exploiting the details regarding the security flaws.

How Patch-Gap will be Useful?

Considering the likeliness of the aforementioned possibility, if the software developers are releasing patches on a fixed release schedule which includes updates incoming every week or in a couple of months, the patch-gap here will allow hackers to set-off attacks that most software will have difficulty in dealing with.

A member of the Chrome Security team, Andrew R. Whalley said, "We now make regular refresh releases every two weeks, containing the latest severe security fixes,"

"This has brought down the median 'patch gap' from 33 days in Chrome 76 to 15 days in Chrome 78, and we continue to work on improving it," he further told.
Read more »
Technology
China cyber threat hacking groups Technology

Chinese Origin Threat Group Targets Hong Kong Universities with New Backdoor Variant




The Winnti, a China-linked threat group that has been active in the cyberspace since 2009 was found to be employing a new variant of the ShadowPad backdoor (group's new flagship tool) in the recent attacks where it compromised computer systems at two Hong Kong universities during the protests that began around March 2019 in Hong Kong.

The threat group of Chinese origins has largely targeted the gaming industry, while constantly expanding the scope of its targets. Various reports suggest Winnti being operated in link with some other groups including APT17, Ke3chang Axiom, Wicked Panda, BARIUM, LEAD, DeputyDog, Gref, and PlayfullDragon.

According to other sources available, Kaspersky was the first to identify the Winnti group but some researchers attribute its existence to the year 2007.

In October 2019, security researchers at ESET spotted two new backdoors used by the group – Microsoft SQL-targeting skip-2.0 and PortReuse. Later, the same year in November, ESET researchers discovered samples of ShadowPad Launcher Malware on various devices in the two universities. The Winnti was found to be present on these universities' systems a few weeks before the backdoor was confirmed.

“In November 2019, we discovered a new campaign run by the Winnti Group against two Hong Kong universities. We found a new variant of the ShadowPad backdoor, the group’s flagship backdoor, deployed using a new launcher and embedding numerous modules.” as per the analysis done by ESET.

“One can observe that the C&C URL used by both Winnti and ShadowPad complies to the scheme [backdoor_type][target_name].domain.tld:443 where [backdoor_type] is a single letter which is either “w” in the case of the Winnti malware or “b” in the case of ShadowPad.” reads the report.

“From this format, we were able to find several C&C URLs, including three additional Hong Kong universities’ names. The campaign identifiers found in the samples we’ve analyzed match the subdomain part of the C&C server, showing that these samples were really targeted against these universities.”
Read more »
Russian Cyber Security
cryptocurrency Cyber Crime Cyber Crime Report Cyber Criminals Russia Russian Cyber Security

Hackers used the websites of Russian government agencies to extract cryptocurrency


According to the deputy head of the National Coordination Center for Computer Incidents of the FSB, Nikolai Murashov, encryption viruses decreased their activity last year and were replaced by malware. In particular, these programs have changed for crypto-jacking or hidden cryptocurrency mining.

Murashov noted that the software for hidden mining uses up to 80% of the free power of the device, and the user may not know about it. According to him, the seizure of server capacities of large organizations for the purpose of mining cryptocurrencies threatens to severely reduce their productivity and harm their main activities.

Murashov said that hackers attack not only large companies but also ordinary users, for example, by mining through a browser while visiting infected web pages. Browser companies have already begun to struggle with this problem. So, in April of last year, the Mozilla Firefox introduced protection against crypto-jacking.

In addition, the number of installations of shadow miners on computers of ordinary users has increased. Last year alone, more than 50,000 such incidents were recorded.

"The scope of activities of shadow miners expanded over the past year. Hackers started using new software that is difficult to track because of the special code structure. Some applications are developed specifically for government servers and gaining control over them. Programs use computing power for mining, but administrators can only notice this during a detailed audit," said Murashov.

In Russia, the most high-profile incident last year was an incident with miners who mined cryptocurrency on the computers of the nuclear center in Sarov. The attackers, who turned out to be employees of the organization, used the equipment for their own purposes for several years.

Companies around the world are being attacked by ransomware viruses and crypto-jacking. Recently, a cybersecurity company Proofpoint, reported that in 2019, more than half of all public and private organizations in the United States were subjected to virus attacks and phishing. In this regard, regulators are beginning to take decisive action.
Read more »
WhatsApp
Free Wi-Fi Mobile Banking Malware Phishing Attack Security Vulnerability and Exploits WhatsApp

Mobile Banking Malware On The Rise, 50% Hike In Attacks! WhatsApp a Dependable Medium?


According to studies, with an increase of 50% malware attacks have known no bounds in the past year. Most common of all happen to be malware that steals users’ financial data and bank funds.

The banking malware is on the rise in India. According to several sources, over 35% of organizations and institutions in India have been affected by such attacks in 2019 alone.

Among the most common types of malware that India often faces, that steal photographs and contact details from the phone, Adware is a big name as it generates ads on your phone to make money for some other party.

Another variant that isn’t all that trendy in India is a malware that kicks off surveillance on the target’s phone, tracks its GPS location and snips their personal data. What’s more, they could even control your microphone and other mobile phone operations.

What makes banking malware scary is its ability to steal data while the target’s on their phone making payments. Unaware of any malicious activity, the user would have let some cyber-con know all their bank credentials.

WhatsApp is becoming an accessory in the procedures of banking malware. Despite the hefty encryption that’s done on the chat app, hackers keep finding creative ways to exploit even the most minute of vulnerabilities.

In a recent zero-vulnerability case, the malware which was on the video-file message got transmitted as it is onto the receiver’s device.

To make sure that you don’t get malware installed on your device via WhatsApp, keep cleaning all the data and do not open any doubtful files and links.

Phishing attacks are among other common tactics of hackers to attack users and their devices. Suspicious emails, if opened could help the hackers kick off malware in the mailbox and then the attack goes in a way that takes the target to a website and asks them to fill in their personal information.

Downloading apps from third-party stores and straight from the internet is a strict no! Do not open any suspicious files and treat each link and file with equal distrust. If you’re not sure who the sender is, do not consider the file at all, be it on text message or on email.

Connecting to unauthorized or unknown Wi-Fi networks could also pose security issues. With the tag of free networks to lure you in, “man-in-the-middle” attacks could easily be launched.

Mobile phone security is as paramount as the security of your house or any other electronic device. There has got to be a set of security measures in place to work if anything goes south.

Read more »
US
Broadcast Cyber Security Ransomware US

Ransomware Hits Media Monitoring Company 'TV Eyes'


The latest ransomware has attacked 'TV Eyes,' a company that offers campaign monitoring services to TV and radio news broadcasts. PR agencies and newsrooms across the world mostly use TV Eyes service to keep a trace of their broadcast. "The ransomware infected the business somewhere around post-midnight on Thursday, 30th of January," said TV Eyes CEO David Ives in a conversation with ZDNet. The ransomware has damaged crucial TV Eyes servers and communications workstations, affecting the network mainly in the US, along with some other areas.


"We are still calculating the total damage caused by the ransomware to the company's network. However, the company has begun making retrieval attempts," said David to ZDNet. He further says, "TV Eyes is not thinking of paying the ransom demanded by the hackers. Instead, we are reviving the situation from existing backups and focusing on strengthening the affected network infrastructure." "MMS (Media Monitoring Suite), the main product of the TV Eyes company, is not in function since the last 2 days," according to various sources at PR agencies that worked with TV Eyes.

The TV Eyes service gives a platform that allows agencies in monitoring TV telecasts and Radio broadcasts mainly in the U.S (state and other 210 markets) and influential global media organizations. The Media Monitoring Suite-MMS permits the users to seek beyond podcasts for new keywords and also set up an email account for notifications of new events. TV Eyes is a very helpful tool for several journalists, PR agencies, and political parties for campaigning. David says there's no news confirming the comeback of the TV Eyes service in the near time. However, the company is working to restore services as soon as possible.

"The kind of services that companies like TV Eyes offer is often an easy target for the hackers because they know how much dependent and reliable the users of these tools are. Therefore, hackers know that such companies are vulnerable as their users are relying on them for the safety of their data," says Paul Martini, CEO, Iboss (cloud security company). The users of the TV Eyes service are concerned about the privacy of their data, which contains crucial financial information too.
Read more »
Xbox
Bug Bounty Microsoft Vulnerability and Exploits Xbox

Can you find a bug in Xbox Live? Microsoft will pay you, if you do!

Think you're an expert at Xbox? Think you can find a bug in Xbox Live? Well, Microsoft might pay you some bucks.

Microsoft has launched an official bug bounty hunt for the Xbox Live network in order to improve the program and services. The bug hunters will be paid up to 20,000 dollars but the payment will depend on the severity of the security issue and the minimum amount will start from 500 dollars.



Microsoft in their bug bounty program is looking for serious security and other vulnerability issues like accessing unauthorized codes and not connection problems. The bounty program covers a wide range of vulnerabilities but with strict restrictions, for example, they will not cover issues such as DDoS issues and URL Redirects and disqualify anyone who tries to phish or social engineer Xbox users and engineers and moves within (laterally inside) Xbox network while searching for bugs.

Usually, security researchers are the ones who gain most from bug bounty programs but Microsoft has announced that anyone can submit bug issues regardless of their background.

 Program manager at the Microsoft Security Response Center (MSRC), Chloé Brown, said in the blog post announcing the bug bounty program, that submissions will need to give proof of concept (POC). “The Xbox bounty program invites gamers, security researchers, and technologists around the world to help identify security vulnerabilities in the Xbox network and services, and share them with the Microsoft Xbox team through Coordinated Vulnerability Disclosure (CVD). Eligible submissions with a clear and concise proof of concept (POC) are eligible for awards up to US$20,000.”


This is not Microsoft's first bounty program, they have earlier launched similar programs for Microsoft Edge browser, their “Windows Insider” preview builds, Office 365 and many others with rewards up to 15,000 dollars. But their biggest one remains for serious vulnerabilities found in the company's Azure cloud computing service where security researchers can earn up to 300,000 dollars for a super-specific bug.
Read more »
Ukrainian Cyber Security
Cyber Police Privacy Ukraine Ukrainian Cyber Security

Ukrainian authorities proposed online media to track readers and transfer data to the cyber police


A real scandal began with the rights of journalists, the media and freedom of speech in Ukraine. The Ukrainian cyber police sent a circular to various Internet publications in Ukraine with a proposal to install special software codes on the websites of publications in order to track and identify readers of publications. At the same time, all data must be transmitted to the cyber police of Ukraine.

In the document received by the media, the cyber police proposes to install a special script developed by the Agency on the site of publications, which would allow identifying network users who use a VPN or anonymizer. All data of users of Internet publications who have installed such a code is sent to a special server of this body.

Note that 99.9% of all users of the Ukrainian network use VPN in Ukraine. This is caused by the blocking of all Russian resources by the Ukrainian authorities. In the absence of high-quality Ukrainian services and social networks, Ukrainian citizens continue to use Russian Yandex, Vkontakte, Mail.ru and read Russian media. Obviously, the Ukrainian authorities, on the orders of Vladimir Zelensky, have now decided to identify such citizens.

The cyber police of Ukraine noted that they did not insist on installing such codes but only suggested. At the same time, the Ukrainian cyber police does not see anything shameful in such a proposal but considers it the interaction of the state and the private sector in the field of combating cybercrime.

However, it is important to note that the existence of such a script from the cyber police on Ukrainian media sites is a criminal offense. Such actions of the Ukrainian cyber police violate a number of laws and the Constitution of Ukraine. They violate freedom of speech, freedom of the media, freedom of access and dissemination of information, human rights, processing of personal data, and the presumption of innocence. As well as a number of European and international norms and laws in this area.

Moreover, for a long time, citizens of Ukraine have been asking the President of Ukraine to unblock Russian sites.
Read more »
Technology News
AI Artificial Intelligence Technology Technology News

A Drug Molecule "Invented" By Artificial Intelligence (AI) To Be


Created by British start-up Exscientia and Japanese pharmaceutical firm Sumitomo Dainippon Pharma a drug molecule “artificial" by artificial intelligence (AI) will be utilized in human trails in a world-first for machine learning in the field of medicine.

Especially to be put to the use of treating patients who have obsessive-compulsive disorder (OCD), Exscienta CEO Prof Andrew Hopkins even describes it as a "key milestone in drug discovery".

The molecule- known as DSP-1181 - was made by utilizing algorithms that filtered through potential compounds, checking them against an enormous database of parameters. Normally, drug development takes around five years to finally 'get to trail', but surprisingly enough the AI drug took only a year.

Hopkins told the BBC: "We have seen AI for diagnosing patients and for analyzing patient data and scans, but this is the direct use of AI in the creation of new medicine. There are billions of decisions needed to find the right molecules and it is a huge decision to precise engineer a drug, but the beauty of the algorithm is that they are agnostic, so can be applied to any disease,"

The first drug will enter stage one trails in Japan which, if effective, will be then followed by more tests globally.
The firm is now dealing with potential medications for the treatment of cancer and cardiovascular disease and would like to have another molecule prepared for clinical trials before the year's end.

"This year was the first to have an AI-designed drug but by the end of the decade all new drugs could potentially be created by AI," said Prof Hopkins.

Paul Workman, chief executive of The Institute of Cancer Research, who was not involved in the research, said of the breakthrough: "I think AI has huge potential to enhance and accelerate drug discovery.

And later adds, "I'm excited to see what I believe is the first example of a new drug now entering human clinical trials that were created by scientists using AI in a major way to guide and speed up discovery."

Read more »
Technology
Apple Chrome Mozilla Technology

Apple Engineers to Standardize the Format of the SMS Messages Containing OTPs


A proposal comes from Apple engineers working at WebKit, the core component of the Safari web browser, to institutionalize the format of the SMS messages containing one-time passwords (OTP) that users receive during the two-factor authentication (2FA) login process.

 With 2 basic goals, the proposal aims initially is to introduce a way that OTP SMS messages can be associated with a URL, which is essentially done by adding the login URL inside the SMS itself.

And the second being to institutionalize the format of 2FA/OTP SMS messages, so browsers and other mobile applications can undoubtedly distinguish the approaching SMS, perceive web domain inside the message, and afterward consequently extract the OTP code and complete the login operation moving forward without any further user interaction.

According to the new proposal, the new SMS format for OTP codes would look like below:

747723 is your WEBSITE authentication code. 
@website.com #747723 

The first line, intended for human users, permits them to decide from what site the SMS OTP code originated from and the second line is for both human users as well as for applications and browsers.

 Applications and browsers will consequently extricate the OTP code and complete the 2FA login operation. In the event that there's a 'mismatch' and the auto-complete operation falls flat, human readers will have the option to see the site's original URL, and contrast it with the site they're attempting to login.

On the off chance that the two are not similar, at that point, users will be alerted that they're very a phishing site and forsake their login activity.

When browsers will deliver components for reading SMS OTP codes in the new format, significant providers of SMS OTP codes are required to switch to utilizing it. Starting now, Twilio has already communicated its enthusiasm for actualizing the new arrangement for its SMS OTP administrations. 

Presently, while Apple (WebKit) and Google (Chromium) engineers are quite energetic about the proposition, Mozilla (Firefox) has not yet given an official criticism on the standard yet.
Read more »
Privacy
Facebook Facial Recognition Lawsuits Privacy

Facebook to give $550 Million as a Settlement in a Lawsuit


Social Media giant Facebook is to pay an amount of $550 million as a settlement in what appears to be another series of lawsuits, and this time, it is a Facial Recognition issue. The lawsuit is not good for the brand perception of Facebook as it puts further questions to the credibility of the privacy laws of the social networking site.


"Facebook has agreed to pay a settlement of $550 million related to a claim filed for FB's facial recognition technique," said Facebook this Wednesday. The incident that appeared in Illinois is said to be a great triumph for privacy organizations as it raises the question of privacy laws of the company Facebook which is already among the controversies of data laws. The issue emerged from FB's image labeling technique named 'Tag Suggestions,' which uses facial recognition techniques to suggest the name of users present in the photo.

The company that has filed lawsuit accused Facebook of collecting the facial data of the company's employees that violate Ilionis Biometric Privacy law. It accuses Fb of storing data of millions of users for Tag suggestions without the knowledge of the company's employees and also without them knowing how long the data will be kept. Facebook has dismissed the allegations saying it has no basis of proof. As per the settlement, FB has to pay $550 Million as legal fees to the affected users of the Illinois company. This payment even surpasses the $380 Million amount that the reporting agency 'Equifax' had agreed to pay for the settlement of a 2017 consumer data breach incident.

"Facebook agreed to settle the case by giving back what was rightful to the community and in the goodwill of public interest, as it affects our stakeholders," says FB's spokesperson. "The settlement highlighted the importance of user privacy and security," says lawyer Joey Edelson, whose firm addressed the issue on behalf of the affected users of Facial Recognition suit. He further says, "people worried about issues related to gun rights concerning women safety or people who like to participate in societal issues by not disclosing their identity hold the same importance and we should respect their privacy."
Read more »
Subscribe to: Comments (Atom)