Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Face recognition
Airport Security Cyber Security Face recognition

A hack that fools Face Recognition AI into false identification


Face recognition AI is increasingly being used at Airports and at other security outlets, especially during a pandemic to heed to proper security measures of identifying people while maintaining social distancing but a recent discovery by McAfee, a cybersecurity firm has proved that these Face Recognition systems are not all that perfect.

Researchers at McAfee tested a face recognition system similar to the ones used at Airports for passport verification- they fed the system an image created by machine learning that looks like one person but is recognized as someone else by the face recognition software. This could allow someone to board a flight (who is on the no-flight list) as someone else who has the booking.

“If we go in front of a live camera that is using facial recognition to identify and interpret who they're looking at and compare that to a passport photo, we can realistically and repeatedly cause that kind of targeted misclassification,” said the researcher, Steve Povolny.

To trick the face recognition algorithm the researchers at McAfee used CycleGAN, which is an image translation algorithm that could transform your picture to make it look like something painted by Monet or make a summer picture look like a winter one.

The team used 1,500 photos of the project leads to be transformed by CycleGAN and after hundred of tries, CycleGAN created an image that the face recognition recognized as someone else instead of whom the human eye perceived.

But there are two concerns with the study- first, that the researchers had a similar face recognition system as they do at the airport security but not the same.“I think for an attacker that is going to be the hardest part to overcome, where [they] don’t have access to the target system” said Povolny. Second, CycleGAN takes time to create such an image and the software requires a high-end system to work functionally.

 The researchers aimed at the study to point out the vulnerability of Face recognition systems and the dangers of relying solely on these checks.

"AI and facial recognition are incredibly powerful tools to assist in the pipeline of identifying and authorizing people,” Povolny says. “But when you just take them and blindly replace an existing system that relies entirely on a human without having some kind of a secondary check, then you all of a sudden have introduced maybe a greater weakness than you had before.”
Read more »
Piracy
cryptomining malware Piracy

Russian experts warned about the dangers of watching movies on pirate sites

 

It is noted that hackers use streaming platforms, TV series and movies to distribute advertising and malware. They can add them to files with the names of popular shows, or use well-known brands to conduct phishing attacks, said Dmitry Galov, a cybersecurity expert at Kaspersky Lab.

"Among the malware there are various Trojans that allow, for example, to delete or block data, or steal passwords from online banking, as well as spyware that can be used to access information on the device,” said Mr. Galov.

Pirate sites may also request a person's social media data, passport, or Bankcard details under the pretext of completing a trial period. As a result, hackers will gain access to personal data, can steal money, and in other cases, start blackmailing the user.

According to the expert, in this regard, users need to watch movies through legal services, as well as install an antivirus on all devices.

If users need to download programs to watch a video, such as Flash Player, then they should leave these sites immediately.

"Even pirated sites no longer require additional software to be installed on your computer, be it Java or Flash Player. In no case should any files, including application files, as well as files declared as videos or documents, be downloaded from such sites,” said Artem Gavrichenkov, Technical Director of Qrator Labs.

In addition, experts have recently warned about the dangers of visiting financial services, mailboxes and social networks, as well as making online purchases through public points with free Wi-Fi.

Hackers can intercept and analyze data in the current session using public Wi-Fi networks, and then use the information obtained. Experts do not advise users to register or log in to sites from free points, so as not to pass critical information about the user to scammers.

Read more »
Scam
Coronavirus scams Cyber Fraud Russia Russian Cyber Security Scam

Number of fake delivery services increased in Russia


Alexander Vurasko, a leading Infosecurity analyst at Softline Company, said that during the pandemic, scammers learned how to qualitatively fake food and electronics delivery sites.  Over the past four months, 56 clones have appeared at Delivery Club, and at least 30 at Yandex.Food. Companies try to quickly block such resources, but they do not always succeed.

The expert noted that the peak of the appearance of such Internet resources was recorded in April.

In addition to food sites, experts found fake Samsung online stores and Citilink online electronics hypermarket.

These sites almost completely copy the original ones: they have a catalog with hundreds of items, users can choose a restaurant, order dishes, enter the delivery address and pay for the order with a Bankcard.

Alexei Drozd, head of the information security department at SerchInform, noted that in April, the use of the delivery theme in the domain name increased: if in February there were 53 domain registrations with the word delivery, then in April — 288. According to him, this means that a high-quality Grabber has appeared on the Darknet,  a program that can reliably copy the look and content of the site.

Fraudsters actively used such software, but it is more difficult to copy marketplaces with a complex structure than a regular website, and if they already succeed, then we should expect new large phishing waves, warns Mr. Drozd. According to him, phishing sites live up to the first complaints from users or copyright holders, so it is important that companies themselves fight phishing.

Moreover, on the fake Delivery Club, after entering the card data, users need to enter the code from the SMS, so it can not be excluded that at this moment "someone links their number to your mobile Bank", noted the Telegram channel In4security, which discovered such a resource.

Kaspersky Lab also noticed sites that mimic well-known food delivery services. Hackers always use popular brands, says Tatiana Sidorina, a senior content analyst at the company.

Read more »
Tik Tok
Instagram Technology Technology News Tik Tok

Here's All you Need to Know About Instagram Reels; Launched Globally in Over 50 Countries


As TikTok fell prey to extensive criticism and was labeled as a 'threat to security' by governments, resulting in the banning of the popular video-sharing platform, the creators have long ago started weighing what's next!

In the wake of TikTok's future succumbing to uncertainties, Instagram has rolled out a new feature 'Reels', that appear to be in direct competition with what TikTok had to offer.

Starting today, Instagram is launching "Reels" feature for its users in more than 50 countries, it is seen as a remarkable and well-timed attempt by Instagram to capitalize upon the global turmoil in the creative sphere of social media. It's also a potential opportunity for Instagram to expand its identity from a photo app to a video entertainment platform.

With the expansion, now the feature will be available in major international markets including India, the U.S., the U.K., France, Brazil, Germany, Australia, Mexico, Spain, Argentina, Japan, and many others.

In a similar manner like TikTok, Instagram Reels will allow people to create mini-clips with music that they can share with their followers, these short-form videos will be discoverable while users browse the "Explore" tab on Instagram.

Reels let users record 15 seconds long video clips and add filters, effects, and popular music onto them, the feature is entirely embedded inside Instagram's original app and is not to be mistaken for being an add-on or a separate app. It is not a different world altogether like TikTok or Vine, but just 'yet another thing' one can do on Instagram.

While announcing the release of "Reels", the company said in a blog, "It's a new way to create and discover short, entertaining videos on Instagram."

"Reels invites you to create fun videos to share with your friends or anyone on Instagram. Record and edit 15-second multi-clip videos with audio, effects, and new creative tools. You can share reels with your followers on Feed, and, if you have a public account, make them available to the wider Instagram community through a new space in Explore. Reels in Explore offers anyone the chance to become a creator on Instagram and reach new audiences on a global stage."

How to Create Reels?


"Select Reels at the bottom of the Instagram camera. You'll see a variety of creative editing tools on the left side of your screen to help create your reel, including:"

"Audio: Search for a song from the Instagram music library. You can also use your own original audio by simply recording a reel with it. When you share a reel with original audio, your audio will be attributed to you, and if you have a public account, people can create reels with your audio by selecting “Use Audio” from your reel.

AR Effects: Select one of the many effects in our effect gallery, created both by Instagram and creators all over the world, to record multiple clips with different effects.

Timer and Countdown: Set the timer to record any of your clips hands-free. Once you press record, you’ll see a 3-2-1 countdown, before recording begins for the amount of time you selected.

Align: Line up objects from your previous clip before recording your next to help create seamless transitions for moments like outfit changes or adding new friends into your reel.

Speed: Choose to speed up or slow down part of the video or audio you selected. This can help you stay on a beat or make slow-motion videos." Instagram explained in the blog.

Read more »
Russian Cyber Security
Data Breach Data Leak Russia Russian Cyber Security

The scale of data leaks of patients with coronavirus in Russia has become known


More than a third of all cases of leaks of personal data of patients with coronavirus, as well as suspected cases, occurred in Russia.

According to InfoWatch, in just the first half of 2020, there were 72 cases of personal data leakage related to coronavirus infection, of which 25 were in the Russian Federation. Leaks in Russia were caused by employees of hospitals, airports, and other organizations with access to information resources. In general, for this reason, 75% of leaks occurred in the world, another 25% were due to hacker attacks.

The company clarified that in 64% of cases worldwide, personal data associated with coronavirus was compromised in the form of lists. Patient lists were photographed and distributed via messengers or social media groups. Some leaks were due to the accidental sending of data by managers to the wrong email addresses.

According to InfoWatch, 96% of cases on the territory of the Russian Federation are leaks of lists, and 4% are leaks of databases.  In all cases, data leaks occurred due to willful violations. InfoWatch stressed that the disclosure of such data often led to a negative attitude towards coronavirus patients from the society.

The Russian Federal Headquarters for coronavirus declined to comment.  Moreover, the press service of the Moscow Department of Information Technology reported that since the beginning of 2020, there have been no leaks of personal data from the information systems of the Moscow government.

In Russia, there are no adequate penalties for organizations in which personal data leaks occurred, said Igor Bederov, CEO of Internet search. In addition, there is still no understanding of the need to protect personal data in electronic systems. There are not enough qualified specialists in this industry. As a result, network cloud storage used by companies, including for processing personal data, is poorly protected.
Read more »
Windows Cache
Garmin malware Ransomware WastedLocker Windows Cache

WastedLocker ransomware uses a sophisticated trick by abusing Windows features to avoid detection


WastedLocker has been in the highlights for a successful attack on wearable tech and smartwatch manufacturer Garmin and was paid around 10 million for a decryption key. The ransomware is rumored to be working for the Russian Hacking group Evil Corp, a notorious hacking crew with numerous high profile attacks in their resume.


But the security researchers at Sophos discovered how the ransomware was using the inner workings of Windows to avoid detection by anti-ransomware tools and the method they say is quite ingenious and sophisticated.

 "That's really sophisticated stuff, you're digging way down into the things that only the people who wrote the internals of Windows should have a concept of, how the mechanisms might work and how they can confuse security tools and anti-ransomware detection," Chester Wisniewski, a principal research scientist at Sophos said.
How WastedLocker uses Windows Cache to hide itself 

Usually, anti-ransomware softwares monitor Operating System files for any suspicious behavior like an unknown process performing various functions like opening a file, writing to it, and then closing the file - it will trigger behavior detection and catch any malicious file. But WastedLocker, unlike other traditional ransomware stores the files on Windows Cache and operates from that file and not the original.

 Windows cache to speed up processes, stores commonly used files in it so as when the system requires a command, it first checks for the file in the cache and load it from there rather than the drive making the operation much faster.

 This ransomware opens a file in the Cache, read it there and close the original file. The software will now encrypt the file stored on the cache and not the original. When many changes are done on the file, the file becomes "dirty" and Windows Cache updates the original file with the changes. Since all these commands are done by a legitimate source and Windows itself - it tricks the detection software into believing the process is a system originated and legit thereby bypassing exposure.

 This ability to go undetected makes WastedLocker the most lethal ransomware we have seen yet.
Read more »
US Elections
Cyber Attacks Google Google Ads politics US Elections

Google Bans Hacked Political Content Ahead of the US Elections, Implements New Google Ads Policy


The presidential elections in the US are near. Keeping this in mind, Google has announced a new policy that will ban ads that advertise hacked political content or propaganda. This new policy will come into effect from 1 September 2020, as per the news available on Google's support page. After the new rule is implemented, the third party players won't be able to purchase ad-space on Google ads, directly or indirectly linked to the hacked content of any political party.

However, ads related to news articles or other pages that contain hacked political material may be allowed. But the news article and the page shouldn't be linked to the political content in any way, says the policy. The violators of this new Google Ads policy (Ad Buyers) will first receive a warning to remove the ad from their account or face account suspension after seven days.


The policy is made observing the 2016 US Elections. 

The new Google Ads policy is made to avoid the 2016 US presidential elections scenario. As we all know, during the 2016 election campaigns in the US, the Russian hackers were able to break into the servers of various political factions associated with the Democratic Party. The breach resulted in data leaks of the Democratic party on WikiLeaks and DC leaks. The attack resulted in biased media coverage and online ads on various social media and platforms that discussed the hacked political content. Google will become the first company to make such a move when the policy is enacted on 1 September.

Twitter, in a similar incident, banned the distribution of hacked content on its platform in 2018 before the US midterm elections. It included not only political content but every other hacked material. It resulted in an unofficial ban of the ads on Twitter, as they need tweets to advertise. According to Google's policy, the following is not allowed: "Ads that directly facilitate or advertise access to hacked material related to political entities within the scope of Google's elections ads policies. This applies to all protected material obtained through the unauthorized intrusion or access of a computer, computer network, or personal electronic device, even if distributed by a third party."
Read more »
Russian Cyber Security
Data Breach Data Exposure Database Dumped Moscow Russia Russian Cyber Security

Personal data of one million Moscow car owners were put up for sale on the Internet


On July 24, an archive with a database of motorists was put up for sale on one of the forums specializing in selling databases and organizing information leaks. It contains Excel files of about 1 million lines with personal data of drivers in Moscow and the Moscow region, relevant at the end of 2019. The starting price is $1.5 thousand. The seller also attached a screenshot of the table. So, the file contains the following lines: date of registration of the car, state registration plate, brand, model, year of manufacture, last name, first name and patronymic of the owner, his phone number and date of birth, registration region, VIN-code, series and number of the registration certificate and passport numbers of the vehicle.

This is not the first time a car owner database has been leaked.  In the Darknet, you can find similar databases with information for 2017 and 2018 on specialized forums and online exchanges.
DeviceLock founder Ashot Hovhannisyan suggests that this time the base is being sold by an insider in a major insurance company or union.

According to Pavel Myasoedov, partner and Director of the Intellectual Reserve company, one line in a similar archive is sold at a price of 6-300 rubles ($4), depending on the amount of data contained.
The entire leak can cost about 1 bitcoin ($11.1 thousand).Information security experts believe that the base could be of interest to car theft and social engineering scammers.

According to Alexey Kubarev, DLP Solar Dozor development Manager, knowing the VIN number allows hackers to get information about the alarm system installed on the car, and the owner's data helps to determine the parking place: "There may be various types of fraud involving the accident, the payment of fines, with the registration of fake license plates on the vehicle, fake rights to cars, and so on."

Against the background of frequent scandals with large-scale leaks of citizens data, the State Duma of the Russian Federation has already thought about tightening responsibility for the dissemination of such information. "Leaks from the Ministry of Internal Affairs occur regularly. This indicates, on the one hand, a low degree of information security, and on the other — a high level of corruption,” said Alexander Khinshtein, chairman of the State Duma Committee on Information Policy.
Read more »
Russia
China Cyber Attacks EU FBI North Korea Ransomware Russia

The Council of the EU and Its First-Ever Sanctions against Persons or Entities Involved in Various Cyber-Attacks



The Council of the European Union imposed its first-ever sanction against persons or entities engaged with different cyber-attacks focusing on European citizens and its member states. 

The sanctions imposed include a ban for people traveling to any EU nations and a freeze of assets on persons and entities. 

The order has been issued against six individuals and three entities liable for or associated with different cyber-attacks. Out of the six individuals sanctioned they include two Chinese citizens and four Russian nationals. 

The companies associated with carrying out these cyber-attacks incorporate an export firm situated in North Korea, and technology companies from China and Russia.

The entities responsible for or engaged with different cyber-attacks incorporate some publicly referred to ones as 'WannaCry', 'NotPetya', and 'Operation Cloud Hopper,' just as an endeavored cyber-attack against the organization for the prohibition of chemical weapons.




As per the European Council, the detailed of these persons or entities are: 

 1. Two Chinese Individuals—Gao Qiang and Zhang Shilong—and a technology firm, named Tianjin Huaying Haitai Science and Technology Development Co. Ltd, for the Operation Cloud Hopper. 

 2. Four Russian nationals (also wanted by the FBI) — Alexey Valeryevich, Aleksei Sergeyvich, Evgenii Mikhaylovich, and Oleg Mikhaylovich—for attempting to target the Organisation for the Prohibition of Chemical Weapons (OPCW), in the Netherlands. 

 3. A Russian technology firm (exposed by the NSA) — Main Centre for Special Technologies (GTsST) of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation—for the NotPetya ransomware attack in 2017 and the cyber-attacks directed at a Ukrainian power grid in the winter of 2015 and 2016. 

 4. A North Korean export firm — Chosun Expo, for the WannaCry ransomware attack that made havoc by disrupting information systems worldwide in 2017 and linked to the well-known Lazarus group. 

The Council says, “Sanctions are one of the options available in the EU's cyber diplomacy toolbox to prevent, deter and respond to malicious cyber activities directed against the EU or its member states, and today is the first time the EU has used this tool." 

As indicated by the European Union, the two Chinese nationals who carried out Operation Cloud Hopper are members from the APT10 threat actor group, otherwise called 'Red Apollo,' 'Stone Panda,' 'MenuPass' and 'Potassium.' 

On the other hand, the four Russian nationals were agents of the Russian Intelligence agency GRU who once expected to hack into the Wi-Fi network of the OPCW, which, if effective, would have permitted them to compromise the OPCW's on-going investigatory work.

Read more »
Twitter Scams
Credential stealing CyberCrime Twitter Twitter account hacked Twitter Hacks Twitter Scams

Twitter Hack: Three Arrested in the Bitcoin Scam


Graham Clark, a resident of Tampa Florida has been arrested under charges of being involved in July’s Twitter hack that targeted the handles of famous personalities including the CEO of SpaceX and Tesla Inc., Elon Musk, and former President of the US Barack Obama, to name a few. The other two suspects arrested by Californian authorities are Nima “Rolex” Fazeli of Orlando and Mason “Chaewon” Sheppard from Bognor Regis, U.K.

The alleged three ran a scheme under which they hijacked the twitter accounts of various public figures and posted tweets advertising a bitcoin scam from these high-profile accounts. In order to acquire access to internal support tools and these Twitter accounts, Clark compromised a Twitter employee and made use of his credentials. After gaining access to 130 accounts belonging to politicians and celebrities, he tweeted Bitcoin scam messages from 45 and accessed direct messages inbox of 36 of them and stopped with downloading the Twitter Data for a total of 7 accounts. Reportedly, the three cybercriminals involved made a profit worth $120,000 worth of bitcoins as a result of the scam.

Among the affected accounts were Amazon’s founder, Jeff Bezos, Microsoft’s CEO Bill Gates, Kim Kardashian West and Joe Biden.

According to operation led by the FBI in collaboration with the Secret Service and IRS, 17-year-old, Graham Clark is identified as the mastermind of the sophisticated incident; the teenager is just a high-school graduate who will be prosecuted by Hillsborough State authorities.

Bearing charges of conspiracy to commit wire fraud and money laundering, aiding the mastermind in orchestrating the attack, Sheppard is subjected to 45 years of imprisonment as the maximum penalty.

In a related video news conference, State Attorney, Warren said, "I want to congratulate our federal law enforcement partners, the US Attorney’s Office for the Northern District of California, the FBI, the IRS, the US Secret Service, and the Florida Department of Law enforcement. These partners worked extremely quickly to investigate and identify the perpetrators of this sophisticated and extensive fraud."

"This defendant lives here in Tampa, he committed the crimes here, and he’ll be prosecuted here,"

"The State Attorney's Office is handling this prosecution rather than federal prosecutors because Florida law allows for us greater flexibility to charge a minor as an adult in a financial fraud case like this." He added.

Meanwhile, in the regard, Twitter said "We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses.

"For our part, we are focused on being transparent and providing updates regularly."
Read more »
Twitter
Cybersecurity Florida Twitter

Florida Teen Responsible for Hijacking High Profile Twitter Accounts Arrested, Faces 30 Felony Charges


US police authorities in a press conference on Friday said they had arrested the main accused and two other suspects responsible for a major Twitter hack earlier this month. The main accused is recognized as Graham Ivan Clark, 17 years teen who lives in Tampa, Florida. WFLA-TV, a Florida-based news agency that reported the incident for the first time, said that it was the main suspect (Clark), who was arrested for the Twitter attack. The arrest happened through a national collaboration IRS, Secret Service, the FBI, and the DOJ.


Andrew Warren, State Attorney of Hillsborough, charged Clark responsible for the 15th July Twitter incident. Clark was alleged for being the "mastermind" behind the attack in which the 'suspects hijacked various high profile Twitter accounts.' The hackers used these accounts to tweet about fake cryptocurrency scams. Here's a list of hijacked accounts: Joe Biden, Barrack Obama, Bill Gates, Kanye West, Elon Musk, Apple, Jeff Bezos, Uber, Michael Bloomberg, Kim Kardashian, and various others. According to officials, the hack resulted in getting $1,00,000 worth amount transferred to Clark's account within a day.

Clark now faces 30 felony charges. These include: 

  • Communications Fraud 
  • Organizing Fraud 
  • Use of personal information for frauds 
  • Accessing electronic device without legal authority


The charges specified above were declared through Livestream by the Hillsborough State Attorney. In the beginning, Warren didn't specify whether Clark had other associates working for him. After the press conference, it came to public notice that two other suspects were working with Clark, identified as Mason Sheppard, 19, alias name "Chaewon," and Nima Fazeli, 22, alias name "Rolex." The suspect's arrest happened just after Twitter had published its inquiry report related to th 15th July Twitter hack.

Some of the critical points in the report are mentioned below:

  • The incident happened on 20th July 2020 
  • To gain access to Twitter employees' accounts, hackers used phone bases social engineering systems. Hackers got access to the slack accounts and gained credentials (Yet to be confirmed) 
  • Hackers escaped the 2 step authentication; the report doesn't mention whether backend accounts or slack accounts. 
  • After this, hackers used Twitter's tech support tools to control the accounts. 
  • Hackers breached 130 accounts 
  • Hackers also attempted to sell some of the high profile Twitter profiles.
Read more »
Subscribe to: Comments (Atom)