Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

North Korean Hackers
Coin Mixer Crypto Crime Cyber Crime cyber theft North Korean Hackers

North Korean Hacking Outfit Lazarus Siphons $1.2M of Bitcoin From Coin Mixer

 

Lazarus Group, a notorious hacker group from North Korea, reportedly moved almost $1.2 million worth of Bitcoin (BTC) from a coin mixer to a holding wallet. This move, which is the largest transaction they have made in the last month, has blockchain analysts and cybersecurity experts talking. 

Details of recent transactions

Two transactions totaling 27.371 BTC were made to the Lazarus Group's wallet, according to blockchain analysis firm Arkham. 3.34 BTC were subsequently moved to a separate wallet that the group had previously used. The identity of the coin mixer involved in these transactions remains unknown. Coin mixers are used to conceal the trail of cryptocurrency transactions, making it difficult to track down the ownership and flow of funds.

The Lazarus Group's latest effort adds to its long history of sophisticated cyber crimes, notably involving cryptocurrency. The US Treasury Department has linked them to a $600 million bitcoin theft from the Ronin bridge, which is linked to Axie Infinity, a famous online game. 

Growing cryptocurrency reservoir

According to Arkham, the Lazarus Group's combined wallet holdings are currently worth approximately $79 million. This includes around $73 million in Bitcoin and $3.4 million in Ether. This huge wealth accumulation through illicit techniques exemplifies the group's persistent and expanding cryptocurrency operations.

Furthermore, a recent TRM Labs study discovered that North Korean-affiliated hackers, notably the Lazarus Group, were responsible for one-third of all cryptocurrency attacks and thefts in 2023. These operations apparently earned them roughly $600 million. 

Cyber attack patterns  

Multiple cybersecurity firms have carried out investigations into the Lazarus Group's operational tactics. Taylor Monahan, a Metamask developer, stated that the latest Orbit assault, which resulted in a loss of $81 million, was similar to prior Lazarus Group operations. Such patterns provide significant insights into their strategies and can assist in the development of more effective defensive measures for future attacks.

Over the last three years, the cybersecurity firm Recorded Future has attributed more than $3 billion in cryptocurrency breaches and vulnerabilities to the Lazarus Group. Their consistent and effective execution of high-profile cyber thefts highlights the advanced nature of their skills, as well as the challenges encountered in combatting such attacks.
Read more »
Vulnerabilities and Exploits
Cyberattacks CyberCrime Cyberhackers Cybersecurity Nozomo Ransomware Vulnerabilities and Exploits

Connected Tools, Connected Risks: Cybercriminals Use Wrenches as Gateways to Ransomware

 


Security researchers have discovered that hackers may be able to cause mayhem by hijacking torque wrenches that are connected to Wi-Fi in car factories. According to experts, network-connected wrenches used worldwide are now vulnerable to ransomware hackers, who can manipulate their functions and gain unauthorized access to the connected networks through manipulating their functionalities. 

In a report published on Tuesday by security company Nozomi Networks, 25 vulnerabilities were found in Bosch Rexroth's operating system. Hackers can compromise Bosch's pneumatic torque wrenches through the embedded Wi-Fi module in their hardware by exploiting these software bugs. These hacks could allow them to interfere with the customer's IT network.  

It has been demonstrated that Nozomi researchers have successfully installed ransomware on Bosch wrenches to determine the severity of the vulnerabilities. As well as this, it has been reported that the graphical user interface (GUI) of the application could be altered to display any message that requested a ransom payment on the screen, the company said.   

The Bosch network wrenches have been widely used by manufacturers and service stations all over the world for many years, but this makes them a significant risk, as any flaw in these tools may lead to the destruction of entire facilities, and even result in fires. 

It is reported in the Nozomi report that Bosch's NeXo-OS-based devices can be controlled by way of a web-based online management interface, with a Wi-Fi module, making them susceptible to malware spread, including ransomware. 

According to researchers at the industrial cybersecurity firm Nozomi Networks, mechanical wrenches can often be found in manufacturing facilities that perform safety-critical tightening tasks, particularly automobile production lines. 

While the Bosch Rexroth NXA015S-36V-B nut runner/pneumatic torque wrench has not yet been exploited by malicious hackers, the researchers said that the vulnerabilities in the machine have not been exploited yet. 

However, this discovery illustrates the fact that malicious hackers have access to manufacturing processes in a variety of ways. As a result of this, the researchers explained that the final torque levels applied to mechanical fastenings have been compromised, resulting in a compromise in operational performance as well as safety measures. 

The Nozomi Networks devices are natively capable of supporting custom protocols from Volkswagen and BMW, as well as several other car manufacturers as well. Bosch's spokesperson said that Nozomi Networks notified the company several weeks ago about these issues, according to the spokesperson. 

It was Dan Goodin of Ars Technica who published a paper explaining how network-connected wrenches have these vulnerabilities in a detailed way. In addition to the Cisco, Datto, HPE, and Juniper Networks wrenches, similar vulnerabilities exist in other companies, which could serve as an avenue for ransomware to be spread if these vulnerabilities remain unresolved for too long. 

To exploit the vast majority of these vulnerabilities, an attacker would first need to gain access to the device management interface that is available on the web. A malicious code can be uploaded to a sensitive directory, where it will then be executed, even by an attacker with access to low-available privileges. The attacker can exploit this flaw, known as a traversal vulnerability, which allows malicious code to be uploaded to sensitive directories and then executed. 

Despite the traversal flaw, it is still possible for users to hack unauthenticated devices by exploiting it along with other vulnerabilities, such as hardcoded accounts, to exploit the device. The possibility of potential mass exploitation of these vulnerabilities do not seem likely at all. 

A ransomware attacker who has managed to gain entry to a network has more likely access to more effective means of escalating their privileges and causing outages and destruction if they gain a foothold on it. It is likely enough to disable wrenches in bulk if there are no other potential vulnerabilities, to satisfy the requirements of the attack. 

A hacker acting on behalf of a nation-state or hacktivist targeting an adversary who is motivated by social activism could also exploit the vulnerabilities as a means to disrupt or sabotage an adversary's operations if they are backed by a nation-state or hacktivist group. 

Regardless of what the likelihood may be, it would be wise for all users to install patches once they become available so that work can be stopped or critical settings can be altered by malicious individuals to reduce the risk of work stoppages or tampering
Read more »
Technology
AI Systems AI technology GDPR General Data Protection Regulation Scottish companies Technology

Hays Research Reveals the Increasing AI Adoption in Scottish Workplaces


Artificial intelligence (AI) tool adoption in Scottish companies has significantly increased, according to a new survey by recruitment firm Hays. The study, which is based on a poll with almost 15,000 replies from professionals and employers—including 886 from Scotland—shows a significant rise in the percentage of companies using AI in their operations over the previous six months, from 26% to 32%.

Mixed Attitudes Toward the Impact of AI on Jobs

Despite the upsurge in AI technology, the study reveals that professionals have differing opinions on how AI will affect their jobs. Even though 80% of Scottish professionals do not already use AI in their employment, 21% think that AI technologies will improve their ability to do their tasks. Interestingly, during the past six months, the percentage of professionals expecting a negative impact has dropped from 12% to 6%.

However, the study indicates its concern among employees, with 61% of them believing that their companies are not doing enough to prepare them for the expanding use of AI in the workplace. Concerns are raised by this trend regarding the workforce's readiness to adopt and take full use of AI technologies. Tech-oriented Hays business director Justin Black stresses the value of giving people enough training opportunities to advance their skills and become proficient with new technologies.

Barriers to AI Adoption 

The reluctance of enterprises to disclose their data and intellectual property to AI systems, citing concerns linked to GDPR compliance (General Data Protection Regulation), is one of the noteworthy challenges impeding the mass adoption of AI. This reluctance is also influenced by concerns about trust. The demand for AI capabilities has outpaced the increase of skilled individuals in the sector, highlighting a skills deficit in the AI space, according to Black.

The reluctance to subject sensitive data and intellectual property to AI systems results from concerns about GDPR compliance. Businesses are cautious about the possible dangers of disclosing confidential data to AI systems. Professionals' scepticism about the security and dependency on AI systems contributes to their trust issues. 

The study suggests that as AI sets its foot as a crucial element in Scottish workplaces, employees should prioritize tackling skills shortages, encouraging employee readiness, and improving communication about AI integration, given the growing role that AI is playing in workplaces. By doing this, businesses might as well ease the concerns about GDPR and trust difficulties while simultaneously fostering an atmosphere that allows employees to fully take advantage of AI technology's benefits.  

Read more »
Vulnerabilities and Exploits
Encryption Key KyberSlash Quantum Threat Intelligence Vulnerabilities and Exploits

Implementation Flaws Identified in Post-Quantum Encryption Algorithm

 

Two implementation flaws have been identified in the Kyber key encapsulation mechanism (KEM), an encryption standard intended to safeguard networks from future attacks by quantum computers. Collectively known as "KyberSlash," these flaws could allow cybercriminals to discover encryption keys. 

The encryption standard Kyber key encapsulation mechanism (KEM), designed to protect networks from future assaults by quantum computers, has two implementation vulnerabilities. Collectively referred to as "KyberSlash," these flaws might make it possible for hackers to acquire encryption keys. 

“Timing attacks of this nature are a derivative of broader ‘side channel’ attacks, which can be used to undermine any type of encryption, including both classical and post-quantum algorithms,” Andersen Cheng, founder of Post-Quantum, explained. “With this type of attack, the adversaries send fake (and known) ciphertext and measure how long it takes to decipher. They can then infer the timings for each attempt and reverse engineer the actual key-pair.” 

On December 1st, Franziskus Kiefer, Goutam Tamvada, and Karthikeyan Bhargavan—all researchers at the cybersecurity firm Cryspen—reported the vulnerabilities to Kyber's development team. The encryption standard had a patch released immediately, but since it wasn't classified as a security vulnerability, Cryspen started notifying projects in advance that they needed to implement the fix as of December 15. 

Google, Signal, and Mullvad VPN have all adopted versions of the Kyber post-quantum encryption standard; however, Mullvad VPN has since confirmed that the vulnerability does not affect their services.

Post-quantum encryption rush

Kyber was first submitted for assessment to the US National Institute of Standards and Technology (NIST) in 2017, as part of the organisation's competition to test and approve an encryption standard capable of safeguarding networks against future quantum computer attacks. Though a machine with an adequate amount of qubits to use Shor's algorithm to break RSA encryption and similar standards has yet to be developed, recent breakthroughs in scaling quantum computers and mounting speculation about "Harvest Now, Decrypt Later" attacks have generated increased interest in adopting post-quantum standards among governments and large businesses. 

Several algorithms put into the NIST competition were demonstrated to be susceptible to conventional attacks. These include the Rainbow and SIKE standards, the latter of which was overcome by KU Leuven researchers in 2022 in less than an hour using an average computer. In February 2023, a team from Sweden's KTH Royal Institute of Technology used highly complex deep learning-based side-channel attacks to destabilise Kyber's official implementation, CRYSTALS-Kyber. However, this approach was one of six for which NIST published draft standards last summer, with plans to finalise the competition later this year. 

Kyber flaws 

Meanwhile, the Kyber KEM has been adopted by a number of major organisations. Google announced in August 2023 that it will be employing Kyber-768 as a part of a hybrid system to safeguard Chrome browser traffic at the transport layer security level. Similar to this, Signal secured its "Signal Protocol," which is also used to ensure end-to-end encryption in Google and WhatsApp conversations, in September by implementing Kyber-1024 in conjunction with an elliptic curve key agreement protocol. 

This hybrid approach to leveraging post-quantum encryption standards is intended to safeguard network traffic against attack in case that new vulnerabilities are discovered. Since the KyberSlash vulnerabilities were identified, the researchers say that patches have been implemented by the Kyber development team and AWS. The team also cited a GitHub library written by Kudelski Security. When approached by a local media outlet, the cybersecurity firm stated that the listed code was not utilised in any of its commercial products and should not be used in production, but that it had still incorporated a patch for the KyberSlash vulnerabilities in a new version of the library. 

Nevertheless, Cheng believes it is a significant step forward for the post-quantum encryption community because its focus on flaws has shifted from vulnerabilities in the mathematics that underpins the standards to implementation attacks. “It will be the responsibility of each organisation implementing new encryption to ensure the implementation is robust,” stated Cheng. “That’s why it is so important that teams working on the migration to post-quantum encryption have deep engineering understanding and ideally, existing experience in deploying the cryptographic algorithms. “
Read more »
Swatting
Cybercime Data Breach Healthcare cybersecurity Medical Security Swatting

Swatting: Cyber Attacks on Healthcare

 


In a concerning trend, cybercriminals are using a tactic called "swatting" to target medical institutions via their patients, aiming to coerce hospitals into paying ransoms. Swatting involves making repeated false reports to the police about individuals, leading armed authorities to unsuspecting victims' homes. 

What's Happening

Threat actors are pressuring US hospitals by threatening patients with swatting incidents unless a ransom is paid. This extreme form of prank-calling has escalated to involve bomb threats and other serious allegations, forcing authorities to intervene in patients' homes.

The Motive 

The attackers believe that by applying this pressure on hospitals, they can secure a ransom payment. A recent incident at the Fred Hutchinson Cancer Center in Seattle involved stolen medical records, and the threat actors escalated by targeting patients with the swatting technique. 

The Impact

This disturbing tactic not only puts patients at risk but also adds an extra layer of urgency for hospitals to meet ransom demands. It highlights the high-stakes nature of cyber threats against medical institutions. 

When faced with cybercriminals making swatting threats, Fred Hutchinson Cancer Center took immediate action. They alerted the FBI and local police, who collaborated on investigating these threats as part of the broader cybersecurity incident. This highlights the seriousness of the situation and the coordinated effort to address the issue. 

In a parallel incident, Integris Health in Oklahoma encountered a cyber-attack that potentially exposed patients' personal data. Shockingly, some individuals received emails from threat actors, signalling an intention to sell their information if specific demands were not met. This underscores the direct impact on individuals and the concerning methods employed by cybercriminals. 

Recent events highlight the shifting nature of cyber threats targeting healthcare. Experts notice a change in tactics, where criminals are getting more extreme. It's important to note that how institutions deal with these tactics can differ widely. Stay aware, as the scenario keeps evolving. 

 Healthcare Cybersecurity: What You Need to Know

In the latest updates on cybersecurity in healthcare, a lot is happening that affects us all. Not only are there weird swatting and ransom tactics, but now there's a new worry – sneaky phishing attacks targeting our hospitals. Cybercriminals are using trickier methods to get their hands on private patient info. This means it's super important for hospitals to step up their online security game. 

Understanding these tactics is crucial for both hospitals and the public. Cybersecurity in healthcare affects individuals directly, putting personal information at risk. Staying informed empowers us to collectively contribute to the protection of healthcare systems and personal data.



Read more »
US infrastructure
AsyncRAT command-and-control infrastructure Cybersecurity domain generation algorithm malware open-source trojan Phishing emails Threat Group US infrastructure

This Malware is Assaulting Critical US Infrastructure for Almost a Year

 

Over the course of the last 11 months, a threat group has actively engaged in a phishing campaign targeting employees across various companies, distributing an open-source trojan program named AsyncRAT. The victims of this campaign notably include companies responsible for managing critical infrastructure in the United States.

The cybersecurity division of AT&T, known as Alien Labs, has reported that the attackers employ a domain generation algorithm (DGA) within their command-and-control (C&C) infrastructure. This technique helps them rotate through a large number of domains, making it challenging to block traffic. In an effort to evade detection, the threat actors continually generate new samples of the malicious tool. Researchers have identified over 300 samples and 100 domains associated with this particular campaign.

AsyncRAT, an open-source remote access tool released in 2019 and still available on GitHub, serves as the attackers' weapon of choice. As a remote access trojan (RAT), AsyncRAT offers features such as keylogging, exfiltration techniques, and initial access staging for delivering the final payload.

It's not uncommon for even sophisticated threat actors to utilize open-source malware frameworks, providing advantages such as low development costs and plausible deniability. Interestingly, AsyncRAT had been previously employed in 2022 by an APT group known as Earth Berberoka or GamblingPuppet, as tracked by security firm Trend Micro.

The phishing emails, scrutinized by Alien Labs and other researchers, employ a thread hijacking technique to direct users to a phishing page, eventually dropping a JavaScript (.js) file on users' computers. This script, when opened in Notepad, contains numerous randomly commented-out English words, while variants using Sanskrit characters have also been reported in previous campaigns. The highly obfuscated script aims to download the second-stage payload from a URL encoded using a custom cipher and decimal values.

The second-stage payload is another encoded script in PowerShell, executed directly in memory without being saved to disk. The PowerShell script communicates with a rotating C&C server domain, sending information such as computer hostname and a variable indicating the likelihood of the computer being a virtual machine or sandbox.

If deemed a valid target, the C&C server deploys AsyncRAT. In the case of a potential virtual machine or sandbox, the server redirects the request to Google or launches a different PowerShell script that downloads and initiates a decoy RAT, designed to distract researchers investigating the campaign.

To further complicate detection, the attackers regularly randomize the script code and malware samples, and they rotate C&C domains weekly. Despite these efforts, Alien Lab researchers managed to reverse-engineer the domain generation algorithm, providing insights into historical samples and enabling the development of detection signatures for future infrastructure identification. The AT&T Alien Labs report includes detection signatures for the Suricata intrusion detection system and a list of indicators of compromise (IOC) for building detections on other systems.
Read more »
ransomware attacks
Cyberattacks Cybersecurity LoanDepot malware Malware. Cybercrime Mortgage Loan ransomware attacks

Guardians of Finance: loanDepot Confronts Alleged Ransomware Offensive

 


Among the leading lenders in the United States, loanDepot has confirmed that the cyber incident it announced over the weekend was a ransomware attack that encrypted data. In the United States, LoanDepot is one of the biggest nonbank mortgage lenders. 

With over $140 billion in loan services and approximately 6,000 employees, this company is the largest nonbank loan broker. It was reported that customers were having issues when trying to access the loanDepot payment portal on Saturday, which prevented them from paying loans or contacting them. 

As a result of a cyberattack that disrupted the loan processing and telephone service of loanDepot, the U.S. retail mortgage lender is struggling to recover. A company filing on Monday with the Securities and Exchange Commission informed investors that data had been encrypted by a “third party” who broke into the company’s computer system by gaining access to it. 

As part of its efforts to contain the incident, certain unspecified systems had been shut down. A spokesperson for the Irvine, California-based firm said they had contacted law enforcement and were still determining the extent to which the attack could have an impact on their operation. 

According to BleepingComputer, this attack is the fifth-largest retail mortgage lender in the country and has been funding more than $275 billion in loans since it was founded in 2010. The company has been in business since 2010 and has more than 6,000 employees. 

As of 2022, it has generated a revenue of $1.8 billion. According to the company, during a cyberattack that took place in August 2022, an unknown number of customers' information was accessed. A loanDepot team of cybersecurity experts generated an investigation after discovering that a security breach had occurred, and they began notifying relevant agencies and regulators as soon as they became aware of the problem.

In the aftermath of the attack, the company informed its customers that automatic recurring payments would still be processed, but would take a while before they would appear in their account history. In any case, affected customers are advised to contact the call centre for assistance if they wish to make new payments through the servicing portal. 

New payments will not be possible through this portal. In contrast to what loanDepot states, which claims that the threat actors gained access to systems and encrypted files, ransomware gangs have been known to steal company and customer data as leverage when they attempt to pressure victims into paying a ransom to prevent them from making a payment in the first place. 

It is important to stay alert for potential phishing attacks and identity theft attempts because loanDepot holds sensitive customer data such as financial and bank account information. After a cyberattack targeted the company on August 20, 2022, loanDepot disclosed in May 2023 that the company had suffered a data breach as a result of the cyberattack. 

There was a cyberattack by a cybercriminal that resulted in a data breach that exposed the personal data of 14.7 million customers of the mortgage giant Mr Cooper in November 2023. A copy of the cyberattack that occurred before Christmas affected some of the systems of First American Financial Corporation (FAFC), which was one of the target companies in the U.S. title insurance industry. 

Fidelity National Financial was hit by a ransomware attack in November, which knocked the company down for more than a week due to a ransomware attack on one of the largest insurance providers in the United States. A December cyberattack claimed the identity of more than 14 million customers of the mortgage and loan company Mr Cooper.

It came in the wake of an attack in October that compromised the personal data of the company's customers. Cooper said that as a result of the incident the company was expected to have to incur more than $25 million in additional costs as a result of the incident, primarily because of the credit monitoring that it will have to do for its affected customers.
Read more »
Technology
Advanced Technology AI Chatbot AI technology Technology

Chatbots: Transforming Tech, Creating Jobs, and Making Waves

Not too long ago, chatbots were seen as fun additions to customer service. However, they have evolved significantly with advancements in AI, machine learning, and natural language processing. A recent report suggests that the chatbot market is set for substantial growth in the next decade. In 2021, it was valued at USD 525.7 million, and it is expected to grow at a remarkable compound annual growth rate (CAGR) of 25.7% from 2022 to 2030. 

This makes the chatbot industry one of the most lucrative sectors in today's economy. Let's take a trip back to 1999 and explore the journeys of platforms that have become major companies in today's market. In 1999, it took Netflix three and a half years to reach 1 million users for its DVD-by-mail service. Moving ahead to the early 2000s, Airbnb achieved this in two and a half years, Facebook in just 10 months, and Spotify in five months. Instagram accomplished the feat in less than three months in 2010. 

Now, let's look at the growth of OpenAI's ChatGPT, the intelligent chatbot that debuted in November 2022 and managed to reach 1 million users in just five days. This is notably faster compared to the growth of other platforms. What makes people so interested in chatbots? It is the exciting new possibilities they offer, even though there are worries about how they handle privacy and security, and concerns about potential misuse by bad actors. 

We have had AI in our tech for a long time – think of Netflix and Amazon recommendations – but generative AI, like ChatGPT, is a different level of smart. Chatbots work with a special kind of AI called a large language model (LLM). This LLM uses deep learning, which tries to mimic how the human brain works. Essentially, it learns a ton of information to handle different language tasks. 

What's cool is that it can understand, summarize, predict, and create new content in a way that is easy for everyone to understand. For example, OpenAI's GPT LLM, version 3.5, has learned from a massive 300 billion words. When you talk to a chatbot using plain English, you do not need to know any fancy code. You just ask questions, known as "prompts" in AI talk. 

This chatbot can then do lots of things like generating text, images, video, and audio. It can solve math problems, analyze data, understand health issues, and even write computer code for you – and it does it really fast, often in just seconds. Chatbots, powered by Natural Language Processing (NLP), can be used in various industries like healthcare, education, retail, and tourism. 

For example, as more people use platforms like Zoom for education, chatbots can bring AI-enabled learning to students worldwide. Some hair salons use chatbots to book appointments, and they are handy for scheduling airport shuttles and rental cars too. 

In healthcare, virtual assistants have huge potential. They can send automated text reminders for appointments, reducing the number of missed appointments. In rural areas, chatbots are helping connect patients with doctors through online consultations, making healthcare more accessible. 

Let’s Understand What is Prompt Engineering Job 

There is a new job in town called "prompt engineering" thanks to this technology. These are folks who know how to have a good chat with chatbots by asking questions in a way that gets the answers they want. Surprisingly, prompt engineers do not have to be tech whizzes; they just need strong problem-solving, critical thinking, and communication skills. In 2023, job listings for prompt engineers were offering salaries of $300,000 or even more.
Read more »
Three Brotherhood Alliance
China Cyber Scams Cyber Security Myanmar Online Scams Pig Butchering rebel groups Three Brotherhood Alliance

Myanmar Rebels Take Authority of ‘Pig Butchering’ Scam City Laukkaing


Well known for being a hub for online scams near the border with China, Laukkaing is presently under the authority of a coalition of rebel groups in Myanmar.

On Thursday, the Three Brotherhood Alliance, which had conducted a surprise attack in Shan state, on the country's northern border, in late October, took over the city from the military administration of Myanmar. The rebel organization claims that the military has given up control over the Kokang region, which is about the size of Lebanon.

Since the beginning of the campaign, the coalition has indicated its plans to deal with the organized scams that have emerged under the watch of militias loyal to the ruling junta. 

“To eradicate telecommunications fraud, fraud dens and their protective umbrellas across the country, including the China-Myanmar border areas, our three coalition forces decided to jointly carry out this military operation,” the coalition stated upon the launch of the offensive.

The rebel groups' emphasis on the flourishing scam sector is probably an attempt to win over China, which has grown weary of seeing its citizens targeted into the compounds to conduct scams, or worse, targeted by so-called 'pig butchering scams.'

Over last weekend, junta leader Senior Gen. Min Aung Hlaing met with Chinese Vice Foreign Minister Sun Weidong in Naypyidaw to discuss border security and organized crime.

“The two sides will jointly maintain peace and stability on the China-Myanmar border, cooperate to combat cross-border criminal activities such as telecommunications fraud, and jointly promote regional peace, tranquillity, development and prosperity,” stated the Chinese Foreign Ministry in the meeting.

As per a state media outlet China Daily, Wang Xiaohong, Minister of Public Security also attended a virtual meeting with Myanmar’s Home Affairs Minister, Lt. Gen. Yar Pyae, where they both agreed to strengthen law enforcement to protect security and stability in border areas, especially by stepping up efforts to deal with online and telecom fraud.

According to a UN report from August 2023, around 120,000 individuals were coerced into scamming operations in Myanmar. In most cases, pig butchering scams entail a con artist establishing a rapport with a victim via social media, dating services, or messaging apps.

On January 5, Chinese state media reported that 41,000 individuals implicated in telecom fraud in Myanmar were turned over to Chinese police in the previous year. The number of people that were taken into custody who were trafficked is unknown.

Observers have cautioned that despite the crackdown in northern Myanmar, activities might easily move to criminal areas elsewhere in the nation, particularly near the borders with Thailand and Laos.  

Read more »
Vulnerabilities and Exploit
Cyber Attacks Cyber Security Malware Development Vulnerabilities and Exploit

Italian Firm Trains Pakistani Navy Officers in Cybersecurity, Raising Concerns


Recently, it has come to light that individuals responsible for state-sponsored cyberattacks, reportedly backed by Pakistan, underwent advanced training by an Italian security firm. Documents shared with The Sunday Guardian indicate that Pakistani Navy officers, including those with high ranks like colonel, lieutenant colonel, and major, participated in a 13-week training course on Malware Development for various operating systems in Rome, Italy. 

The Italian firm, CY4Gate, a part of the Elettronica group, confirmed the training program in response to a request from Commander Muhammad Nadeem Ilyas of the Pakistan Directorate Naval Intelligence. The syllabus covered Cyber Advanced technical topics, with dedicated areas in CY4Gate's specialised laboratories for theoretical and practical sessions. 

Notably, a surge in state-sponsored cyberattacks against India has been reported, with a 278% increase between 2021 and September 2023. Government agencies experienced a 460% rise in targeted cyberattacks, while startups and SMEs saw an alarming increase of 508%. These findings raise concerns about the potential impact on national security and the need for heightened cybersecurity measures. 

Newly obtained internal documents provided insights on the cybersecurity training provided by Italian firm Elettronica and CY4Gate to Pakistani Navy officers. The syllabus includes instructions on bypassing popular antivirus software like Kaspersky, Avast, Bit Defender, Quick Heal, Windows Defender, and eSet Nod32, along with techniques to inject disruptive payloads into protected systems. 

Training Details

- Duration: 13 weeks (January to March 2023)
- Location: CY4GATE training laboratory, Via Coponia, Rome 
- Participants: One colonel, two lieutenant colonels, and seven majors 
- Accommodation: Hotel Adagio, Via Damiano Chiesa, Rome 

Concerns for India

Elettronica and CY4Gate, implicated in training Pakistani officers, also operated in India since 2008. A Memorandum of Understanding (MoU) signed with Bharat Electronics Limited (BEL) in 2019 raises concerns about potential security implications. 

Global Impact

The rise in Pakistan's investment in disruptive cyber methods signifies a growing trend in military hacking, similar to tactics employed by North Korea. Potential targets include institutions in India, Israel, the United States, the Netherlands, and Sweden, with financial gains as a motive. These skills may also be used against political parties and individuals deemed anti-establishment in Pakistan. 

G20 Summit Cyberattacks

Highlighting the severity, during the G20 Summit, the government's official website faced relentless cyberattacks, averaging 16 lakh attacks per minute or 26,000 attacks per second. 

Response from Elettronica

Efforts to obtain clarity from Elettronica regarding these developments have proven futile, as the company remains unresponsive to inquiries. This lack of response adds to the uncertainty surrounding the situation.


Read more »
Telecommunication
AI Tool BharatGPT ChatGPT Technology Telecommunication

Three Ways Jio's BharatGPT Will Give It an Edge Over ChatGPT

 

In an era where artificial intelligence (AI) is transforming industries worldwide, India's own Reliance Jio is rising to the challenge with the launch of BharatGPT. BharatGPT, a visionary leap into the future of AI, is likely to be a game changer. Furthermore, it will enhance how technology connects with the diverse and dynamic Indian landscape. 

Reliance Jio and IIT Bombay's partnership to introduce BharatGPT appears to be an ambitious initiative to use AI technology to enhance Jio's telecom services. Bharat GPT could offer a more user-friendly and accessible interface by being voice and gesture-activated, making it easier to operate and navigate Jio's services. 

Its emphasis on enhancing user experience and minimising the need for human intervention suggests that automation and efficiency are important, which could result in more personalised and responsive services. This project is in line with the expanding trend of using AI in telecoms to raise customer satisfaction and service quality. 

Jio's BharatGPT has a significant advantage over ChatGPT. Here's a more extensive look at these potential differentiators:

Improved localization and language support

Multilingual features: India is a linguistic mosaic, with hundreds of languages and dialects spoken across the nation. BharatGPT could distinguish itself by providing support for a variety of Indian languages. It also supports Hindi, Bengali, Tamil, Telugu, Punjabi, Marathi, Gujarati, and other languages. This multilingual option would make it far more accessible and valuable to people who want to speak in their own language. 

Cultural details: Understanding the cultural diversity of India is critical for AI to give contextually relevant solutions. BharatGPT could invest in a thorough cultural awareness. Furthermore, this enables it to produce both linguistically accurate and culturally sensitive responses. This could include recognising local idioms and comprehending the significance of festivals. It also integrates historical and regional references and adheres to social conventions unique to India's many regions. 

Regional dialects: India's linguistic variety includes several regional dialects. BharatGPT may excel at recognising and accommodating diverse dialects, ensuring that consumers across the nation are understood and heard, regardless of their unique language preferences. 

Industry-specific customisation 

Sectoral tailoring: Given India's diversified economic landscape, BharatGPT could be tailored to specific industries in the country. For example, it might provide specialised AI models for agriculture, healthcare, education, finance, e-commerce, and other industries. This sectoral tailoring would make it an effective tool for professionals looking for domain-specific insights and solutions. 

Solution-oriented design: By resolving industry-specific challenges and user objectives, BharatGPT may give more precise and effective solutions. For example, in agriculture, it may provide real-time weather updates, crop management recommendations, and market insights. In healthcare, it could help with medical diagnosis, provide health information, and offer advice on how to manage chronic medical conditions. This technique will boost production and customer satisfaction in multiple sectors. 

Deep integration with Jio's ecosystem 

Service convergence: Jio's diverse ecosystem includes telephony, digital commerce, entertainment, and more. BharatGPT might exploit this ecosystem to provide seamless and improved user experiences. For example, it might assist consumers with making purchases, finding the best rates on Jio's digital commerce platform, discovering personalised content recommendations, or troubleshooting telecom issues. Such connections would improve the user experience and increase engagement with Jio's services. 

Data privacy and security: Given Jio's experience handling large quantities of user data via its telephony and internet services, BharatGPT may prioritise data privacy and security. It can use cutting-edge encryption, user data anonymization, and strict access limits to address rising concerns about data security in AI interactions. This dedication to securing user data would instil trust and confidence in users. 

As we approach this new technical dawn with the launch of BharatGPT, it is evident that Reliance Jio's goals extend far beyond the conventional. BharatGPT is more than a technology development; it is a step towards a more inclusive, intelligent, and innovative future. 

While the world waits for this pioneering project to come to fruition, one thing is certain: the launch of BharatGPT signals the start of an exciting new chapter in the history of artificial intelligence. Furthermore, it envisions a future in which technology is more intuitive, inclusive, and innovative than ever before. As with all great discoveries, the actual impact of BharatGPT will be seen in its implementation and the revolutionary improvements it brings to sectors and individuals alike.
Read more »
Subscribe to: Comments (Atom)