Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Russia
Facebook Privacy Privacy Breach Russia

CEO of a detective agency and speaker on cyber attacks: users should understand that Facebook is leaking their data


Numerous Facebook leaks in 2013 and 2016 put users in a position where they are not responsible for their security. This opinion was expressed by the General Director of the detective agency and speaker on cyber attacks Vladimir Golovin.

The Cybersecurity team at Check Point Research found out that Internet attacks were most often carried out on Internet users to obtain their personal data via Facebook for the last quarter of 2019. A social network is not able to protect its customers from online fraud.

Experts told about such a fraud scheme as "phishing", which consists of the theft of the username, password and other personal data. Hackers operate through social networks or other platforms where people leave information about themselves. As a result, it turned out that Facebook has become the leader among platforms that are hacked by scammers. The second line is occupied by the Yahoo service, and in third place is Netflix.

According to Golovin, when a user leaves their data somewhere, their security depends on him only by 50%.

"If you want to give your personal data, then use Facebook. If not, you don't need to use it at all," said the speaker.

According to him, today people have the wrong attitude to personal data, so it is worth starting the fight with this. Many people do not understand the danger they face when leaving personal information on unverified sources.

Golovin notes that Facebook continues to do the same, leaking user information.
"Therefore, in the field of information security and data storage, all these are political games," he concluded.

It is worth noting that, in addition to the constant leak of personal information, foreign sites continue to brazenly violate Russian laws by refusing to transfer servers with Russian data to the territory of the Russian Federation. Ruslan Ostashko, editor-in-chief of the online publication Politrussia, said that it is necessary to register the possibility of blocking the activities of Facebook and Twitter at the legislative level.
Read more »
Russia
Bank Cyber Security Data Breach Micro Finance Russia

Data from more than half a million clients of Russian microfinance organizations has been put up for sale


The base of more than 1.2 million MFIs clients, which is in the top 10 on the market, is up for sale. It affects more than one company. Bistrodengi, Zaymer, Ekapusta found their customers in this base. According to experts, the data is collected from different places. Information can be used by fraudsters to make online loans.

The database includes full names, phone numbers, email addresses, dates of birth and passport data of Russians. The seller of the database does not disclose the name of the organizations. whose data he had, but most of the customers who answered the calls reported that they applied for loans to the Bistrodengi company.

Elena Stratieva, Director of Microfinance and Development, said that internal audits were carried out on the first day after the announcement was revealed.

She stressed that the level of data matches with the databases of individual companies is quite low, which may indicate a leak on the part of an agent that aggregates data for many financial institutions at once.

At the same time, according to her, the database includes not only data of individuals who were approved loans in 2017-2019, but also those who were refused. According to Federal law, MFIs do not store this much time.
It was also noted that the fact of data leakage from any MFIs or from several MFIs has not yet been established.

In turn, Olesya Bobkova, managing Director of Lime Zaim MFO, expressed the opinion that customer data could get into the network because of unscrupulous webmasters who still have user data in their databases. For example, most of these data sales ads contain inaccurate, outdated, and incomplete data that are not enough to use or harm customers. However, according to Bobkova, some hackers do not lose their attempts to monetize this database and bring information to black markets and forums.

Read more »
Twitter
CyberCrime Facebook Hacked Facebook messenger Instagram OurMine Twitter

Facebook official Twitter and Instagram accounts hacked!


"Well, even Facebook is hackable but at least their security is better than Twitter.", this opening statement was posted on Facebook's official Twitter account by the hacking group OurMine.



Though the accounts have now been restored, the hacking group OurMine posted the same on Facebook's Twitter, messenger and Instagram accounts.

OurMine says its hacks are to show the sheer vulnerability of cyberspace. In January, they attacked and hijacked dozens of US National Football League teams accounts.

They posted the following on Facebook's Twitter page-

Hi, we are O u r M i n e,
Well, even Facebook is hackable but at least their security is better than twitter. 

 to improve your account security
 Contact us: contact@o u r m In e.org 

 For security services visit: o u r m In e.org 

On Instagram, they posted OurMine logo whereas Facebook's own website was left alone. Twitter has confirmed that the accounts were hacked albeit via a third-party and the accounts were then locked.

"As soon as we were made aware of the issue, we locked the compromised accounts and are working closely with our partners at Facebook to restore them," Twitter said in a statement.

These attacks followed the same trend as they did in the attack on the teams of the National Football League.

The accounts were accessed by Khoros, a third-party platform. Khoros is a marketing platform, a software that allows people to manage their social media accounts all in one space. It can be used by businesses to manage their social media communications. These platforms like Khoros, have the login details of the customers. OurMine seemed to have gained access to these accounts through this platform.

OurMine is a Dubai based hacking group known for attacking accounts of corporations and high profile people. It has hacked social media accounts of quite a few influential individuals like Twitter's founder Jack Dorsey, Google's chief executive Sundar Pichai, and the corporate accounts of Netflix and ESPN. According to OurMine, their attacks are intended to show people cybersecurity vulnerabilities and advises it's victims to use its services to improve security.
Read more »
Cybersecurity
APT China Coronavirus Cybersecurity

China Alleges India for Cyber-attacks Amid the Coronavirus Outbreak. Demands International Cooperation.


China, who is currently battling against the deadly coronavirus epidemic said last Friday that it needs international support from countries across as it is in the midst of an 'exceptional' and 'full-on war' against the deadly virus. The statement arrived after reports of local media claimed that cybercriminals from India had attacked the Chinese hospitals during the coronavirus epidemic. "It appears that Indian hackers had attacked regional health institutes and Chinese hospitals while China was busy fighting the coronavirus epidemic," said a Chinese cybersecurity firm in a statement.


"We have proof that hackers from India attacked Chinese health institutes using 'phishing' e-mails technique," said 360 Technology, a Chinese tech company, in a conversation with a national newspaper, Global Times. In acknowledgment of the comments made, the foreign ministry of China said: "We have to come to this conclusion after considering various reports of local media." "A country which is strictly opposed to cyber hacking of any kind, China, a significant cybersecurity nation, has currently become a victim of hacking," said Hua Chunying, spokesperson, Foreign Ministry of China, last Friday, without mentioning India in the statement.

"It is in these times of misery, that we believe all the countries across the globe should come together as one to fight against this major problem of cyber attacks and hacking. It is only after this would we be able to maintain a safe, secure and helpful cyber world," said Chunying via an e-press conference. She further says: "It is a matter of great concern for China as we are currently amid a crisis of battling a deadly epidemic. Witnessing the current public health emergency, the nations should cooperate to battle this issue."

"Indian hackers have been launching APTs (Advanced Persistent Threat) and attacking Chinese health institutes by sending phishing e-mail schemes," said the company to Global Times. "A suspected group of hackers from India named 'Bitter' have launched APT cyberattacks since March 2019, targeting the Chinese health institutes and research centers, and also the Ministry of Foreign Affairs," said an opinion column from Global Times.
Read more »
Security
Apple Battery Performance Cyber Security France iOS iPhone Security

Apple Deliberately Restricts Old Versioned iPhones' Performance; Gets Fined!



Apple, the technology giant famously known for its partially eaten logo among other things, was recently fined by France’s authority that regulates competition in the country, mentioned sources.

This apparently isn’t the first time that Apple has been fined by governmental authorities but it hasn’t mattered to the multi-million organization much before because of its money replenishing power.

Per reports, the reason behind this charging happens to be Apple’s voluntarily keeping the fact from its users that the software updates it released in 2017 could limit the functioning of the older versions of iPhones.

According to sources, Apple never updated its users that the time-worn batteries of the older iPhones, namely, iPhone 7, iPhone 6, iPhone SE and such wouldn’t be able to manage the increased battery usages.

The Directorate-General for Competition, Consumption and the Suppression of Fraud (DGCCSF) is the aforementioned body that in one of its reports elaborated upon how Apple’s software updates hindered the proper performing of older models of iPhones and how the company never realized their duty to enlighten the users about it.

The updates in question basically curbed the performance levels of iPhones to thwart excessive energy consumption of older versions of the phones, eventually trying to ward off a total crashing down of the devices.

The users could go back to older software versions or replace the battery and their iPhones could have a chance at working like they formerly did. The issue is a good initiative and has a solution but how are the people to know about this and act accordingly, if they aren’t duly apprised by Apple?

And what’s more, Apple restricted the users from returning to their previous software types, meaning the users couldn’t do much about the situation anyway!

Sources mentioned that Apple agreed to pay the fine of around $27.4 million for purposely limiting the performance of older iPhones and not alerting the users about it.

There was quite a hullabaloo outside of France as well regarding the same issue including lawsuits that got Apple to publicly apologize and offer free battery exchanges for affected devices.

As per sources, an Italian agency too had fined Apple and Samsung for not conspicuously informing the users on how to replace batteries.

But, $27.4 is next to nothing for a gigantic tech name like Apple. It would, with no apparent trouble, stock back the amount of money in just 2roper to 3 hours!

Read more »
UGC
Facebook Instagram IT Act Technology Tik Tok UGC

Clause Addition to the IT Act; Social Media Companies Now Responsible For All Nonuser Generated Content


A change brought in line with the changes in the US and Europe, the Indian government has recently added a clause to the proposed IT intermediary guidelines, making social media companies responsible for all nonuser produced content including supported content, distributed on their platforms. 

The change is expected to impact some extremely popular social media platforms, like Twitter, TikTok, YouTube, Instagram as well as Facebook. 

When the amended guidelines are made public, social media organizations will be required to accordingly and appropriately tag and identify all sponsored content published on their platforms and alongside it, draft standards, which are 'under consideration' of the law ministry, are expected to be notified in about a few weeks according to a senior government official “We have had a few rounds of discussions with the law ministry. 

These guidelines should be notified by February-end, the start of March.” Section 79-II of the Information Technology Act, 2000, right now absolves online intermediaries from obligation for any third party substance shared on their platform. In any case, with the new clause, the Act will give "safe harbor protection" to intermediaries, inasmuch as they just assume the job of a facilitator and not maker or modifier, in any way of the content posted.


What expedited the change was an issue that occurred in the previous year a disagreement regarding content between social media platform TikTok and Twitter-sponsored ShareChat where the latter had to bring down more than 100 videos from its platform. 

Right now, platforms like Facebook, Twitter and Instagram have certain features and tags through which ads and paid partnerships are displayed. Yet, publicists and advertisers state brands would rather push content through influencers to make it look increasingly organic. 

There is likewise no compulsion or onus on the influencers to highlight that the products and content they are supporting are paid for. 

However, Government authorities said such content, produced by influencers without the contribution of the social media platforms, may in any case not be secured by the most recent clause. This clause will relate to just such non-user produced content in which the platform is in some way involved.

Read more »
malware
Banking Malware Banking Trojans Email Spoofing malware

Banking Trojan 'Metamorfo' Now Targeting Online Users' Banking Services


Online banking users are being targeted by a trojan malware campaign going around the globe with the agenda of gaining illegal access to personal information such as credit card details and other sensitive data of users.

The banking trojan which has successfully affected more than 20 online banks goes by the name 'Metamorfo'. Several countries fell prey to the banking trojan including the US, Spain, Peru, Canada, Chile, Mexico, and Ecuador. Reportedly, earlier the attack was limited to Brazil-based banks only, however, the recent times witnessed a rapid increase in the number of these attacks; now encompassing other countries, according to the cybersecurity researchers at Fortinet.

In order to multiply their opportunities for financial gains, Cybercriminals have continued to resort to banking trojans and have refined the apparatus of the malware – in ways that make detection complicated. The latest research indicates that earlier the targeting was limited to the banking sector only but now as the leading banking trojans have expanded their reach, industries other than banking are also vulnerable to the attacks. The likely targets include cloud service providers, online tech stores, warehousing, mobile app stores, and e-commerce, according to the latest findings.

Metamorfo relies on email spoofing to set the attack into motion, it appears to contain information regarding an invoice and directs the victims to download a .ZIP file. As soon as the targeted user downloads and finishes the extraction of the file, it tends to allow Metamorfo to run on a Windows system. After the installation is completed, the malware starts running an Autolt script execution program. Although the scripting language is primarily designed for automating the Windows graphical UI, here the malware employs it to bypass the antivirus detection.

While explaining the functioning of the malware, ZDnet told, "Once running on the compromised Windows system, Metamorfo terminates any running browsers and then prevents any new browser windows from using auto-complete and auto-suggest in data entry fields.

"This prevents the user from using auto-complete functions to enter usernames, passwords, and other information, allowing the malware's keylogger functionality to collect the data the users are thus obliged to retype. It then sends that data back to a command-and-control server run by the attackers."

There are no revelations made about the keywords related to the targeted banks and other financial institutions, however, researchers expect the Metamorfo campaign still being active. To stay on a safer side, users are advised to keep their operating systems and software updated and patched timely.
Read more »
Russian Hackers
Cyber Crime Cyber Crime Report Hackers Arrested Russia Russian Hackers

Group of 10 hackers was convicted for stealing gasoline and selling


The court issued a verdict on February 3 in the case of theft of fuel at Rosneft gas stations.
The court and investigation found that there were ten people in the hacker group, two women and eight men. They divided criminal roles, came up with a scheme using special equipment and software in order not to top up gasoline at gas stations.

Attackers stole at "Rosneft-Kubannefteprodukt" gas stations. They launched the equipment and modified the information on the computer, which gave them the opportunity not to top up the fuel to customers. They sold the surplus again and divided the profits.

The damage to Rosneft gas stations amounted to more than 1.7 million rubles ($27,000). Its size was calculated based on the price of spare parts that were damaged by attackers in the fuel dispensers.
A criminal case has been opened on the creation, use and distribution of malicious computer programs. The court found the defendants guilty. Depending on the role of each, they were assigned from 1.5 years to 4 years in prison with fines of 200 to 500 thousand rubles ($3,000-$8,000).

Earlier, EhackingNews reported that employees of the Ministry of Internal Affairs in the Khabarovsk region detained 13 employees of one of the companies engaged in retail and wholesale of petroleum products. The hackers introduced the virus into the control system of gas stations. This allowed hackers to steal part of the product purchased by customers.

It is worth noting that in 2018, the FSB found viruses in dozens of gas stations in the South of Russia that allow to not top up fuel. The creator and distributor of viruses was Russian hacker Denis Zaev. In August 2019, Zaev hid several times from law enforcement agencies and was on the Federal wanted list, and then hid on the territory of Georgia. In total, 24 defendants are involving in this criminal case.
Read more »
Vulnerability and Exploits
Medical Data Leak Medical Hacking Security Vulnerability and Exploits

120 Million Medical Records Leaked! Global Medical Report Sheds More Light.


Along with cyber-security within your phones and other devices, you must make sure the hospital you go to has enough cyber-protection as well!

The obnoxiousness of cyber-criminals is escalating by the hour. As if stealing data of organizations and loosely selling largely famous tech giants’ data online wasn’t enough, hackers have now thrown on the internet personal medical details of more than 120 million Indian patients, per sources.

With the leakage of these personal medical records, they have also been made available online for cyber-cons to exploit.

In a recent “Global Report” on “Medical Data Leak” it was acutely mentioned that in the enormous number of records that got leaked, the affected patients’ X-rays, MRIs and images of CT scans were the major components.

According to sources, the first such report was published by a German cyber-security firm in October 2019. According to the actions taken by several countries’ governments as a response to the publishing of the first report, the succeeding report segregated countries into the categories of “good”, “bad” and “ugly”.

It may or may not come as a shock to many, but India was a “proud winner” of the second position in the “Ugly” category right after the United States of America.


As stated by the succeeding report, the state of Maharashtra is positioned right at the top if we consider the number of “data troves” (308, 451 troves) that are available online providing access to more than 69 million images.

Per sources, the second position is Karnataka with 182, 865 data troves providing access to more than 13 million images!

Researchers found out that the number of data troves that are available online has risen exponentially especially speaking in terms of India.

What exactly induced the leakage isn’t as widely known as all that but the first report clearly insinuated that the leak was in a way prompted by the servers of the “Picture Archiving and Communications Systems (PACS)” as the leaked information is mostly stored there.

The problem possibly was that the servers aren’t as secure as they should be and are connected to the public internet network which makes them easily susceptible.

This leakage is really disconcerting because you can’t simply get hold of who those patients are. They could be ANYONE, ranging from common men to big shots!
Apart from that, these medical records could pose threats like extortion, identity theft, and the list is unending.

Read more »
DDOS Attacks
Cyber Security Data Management DDOS Attacks

Teenager Arrested for DDoS Attack in Ukraine


Ukranian Police arrested a 16 yrs old teenager last month on charges of attacking a local Internet Service Provider (ISP) to gain personal information about the users. The police (Ukranian) says that the teen used the technique of DDoS (distributed denial of service) attacks to take down the local ISP. This happened after the local ISP refused to give the teenager the details of the user. The severity of the attack made the ISP contact law enforcement last year to resolve the issue.


"The officers at Ukraine Cyber Police hunted down the 16 yr old attacker in the city of Odesa in January," said the spokesperson for the Ministry of Internal Affairs in a conversation with ZDNet. We explored the teen's home and confiscated all the devices. Upon investigation, the teen was found guilty of the attack. According to the authorities that conducted the preceding inspection of the defendant's system, the authorities found software that the teen used to launch the DDoS attacks. Besides this, details of 20 different accounts related to distinct hacker forums were also found," said the Cyber Police of Ukraine in a statement.

 As per the Criminal Law of Ukraine, the person found guilty of DDoS attack faces imprisonment for up to 5 yrs in jail. However, the teen is not charged for the attempt of extortion to the ISP. The Ukrainian Police has denied releasing any further information regarding the case. It has also not disclosed the person affected by the DDoS attack saying, "the investigation is still in process." It is not the first incident where a DDoS attack was performed to steal user information.

 In several other cases, the hackers were able to take down the ISP network using a simple technique like DDoS Botnet. Other instances similar to this case appeared in countries like Cambodia, Liberia, and various other countries in South Africa. As per the observations, to perform attacks on massive scales of Junk Traffic, the hackers use DDoS Botnet, which is very capable. This happened in Liberia. Carpet Bombing is another efficient technique to perform such attacks (as per the incidents that happened in South Africa).
Read more »
Two Factor Authentication
Apple Cyber Security Google One Time Password Two Factor Authentication

Apple Engineers unveils a proposal to standardize the two factor authentication process and Google backs it up!


Apple known for it's off the charts security features was recently troubled with hacks, malware and phishing attacks staining its reputation and customer trust. And to counter that, Apple has again risen to strengthen its security and user experience - the tech company is planning on standardizing two-factor authentication (2FA) to prevent security issues and phishing scams.

PhoneArena.com reported that Apple engineers have put forward a proposal to enable a standardized format for a two-factor authentication login method where users receive a one time password (OTP) via SMS during login. The suggestion was given by engineers of Apple Webkit, from the Safari browser - the default mackintosh browser. The suggestion was also backed by engineers working on Chromium, Google.

The feature would use SMSs containing the login URL. Usually, with two-factor authentication users have to see their mobile or write down the code and then try to login which makes the whole process long and frustrating but Apple always tries to give the customer the best experience and to tackle this they have come up with a standardize and automated method.

What's different with this feature than the other two factor authentications is that it will standardize the process and format for the browser and mobile applications. The incoming messages will be easily identified by the browser or mobile applications, the browser will recognize and identify the web domain in the SMS and automatically extract the One Time Password (OTP) and complete the login. This will prevent the user from being scammed as the process will be automated and the browser or the mobile app will recognize the authentic source.

 According to the report, "The proposal has two goals. The first is to introduce a way that OTP SMS messages can be associated with a URL. This is done by adding the login URL inside the SMS itself. 
The second goal is to standardize the format of 2FA/OTP SMS messages, so browsers and other mobile apps can easily detect the incoming SMS, recognize web domain inside the message, and then automatically extract the OTP code and complete the login operation without further user interaction." 
After enabling the feature, browsers and apps will be automated and complete the login through 2FA (two-factor authentication ) by obtaining the OTP. In case of a mismatch, the automatic process will fail and the user will be able to see the website URL and complete the login process.
Read more »
Subscribe to: Comments (Atom)