Uber Now Collects Your Location Data After You Are Dropped Off

(pc-Google Images)
Uber can now even track your location after you have been dropped. The latest update on the app will track the location of their users after they have left the car.

The latest app update, which introduces the redesign and new features also changes the way how its service collects location data for commuters.

Uber is now looking to gather location data even when you’ve exited the app — you’ll be prompted to share your current location. Uber just needs your location data from the start of your ride up until five minutes after the driver drops you off.

Uber claims they are aiming to "enhance safety" by collecting more rider data as opposed to just gathering information about the driver and the trip.

Uber also wants to track how often riders cross the street directly after a drop-off, which the company believes could indicate a safety hazard.

“We’re always thinking about ways we can improve the rider experience from sharpening our ETA estimates to identifying the best pick up location on any given street. Location is at the heart of the Uber experience, and we’re asking riders to provide us with more information to achieve these goals,” an Uber spokesperson said in a statement.

The company updated its privacy policy last summer to allow for background location data collection, which prompted backlash from privacy groups and a Federal Trade Commission complaint.

Talk-Talk does not urge customers to change passwords


TalkTalk has been vastly criticised for the handling of a wi-fi password breach by several cyber-security experts.

The cyber attack, which left some Post Office and TalkTalk customers without internet for days last week, also involved up to 57,000 of TalkTalk’s customers having their Wi-Fi passwords stolen. Tens of thousands of TalkTalk customers are at risk of having had their passwords stolen after it was revealed that a hack against the company's broadband routers was more severe than initially thought.

The BBC has presented the company with evidence that many of its customers' router credentials have been hacked, putting them at risk of data theft. The UK broadband provider confirmed that the sample of stolen router IDs it had been shown was real.

Computer security experts were astounded by TalkTalk's lack of concern over its customers' passwords being at risk.

Talk Talk has been advising users that there is no need to change their router's settings.

However, Talk Talk’s PR department tried to cover up the negative media coverage.

A spokeswoman for TalkTalk said that customers could change their settings "if they wish" but added that she believed there was "no risk to their personal information".

Ken Munro, a security researcher at Pen Test Partners, said passwords could have been stolen from the faulty routers, which could give cyber criminals access to all of the information on customers' home networks, including further passwords and financial details. Munro also added that if the hacker has access to the password key, they can even see all the traffic on the home network, including social media accounts and other passwords.

The risk to TalkTalk's subscribers was first flagged over the weekend by cyber-security researchers at Pen Test Partners who warned that a variant of the Mirai worm was exploiting a vulnerability to force TalkTalk routers to reveal their Wi-Fi passwords but the UK broadband provider played down the discovery saying it was making ‘good progress to protect its routers.

The company’s site has posted up instructions on how to change the wireless name and password on your Talk Talk router but before doing so, it is best recommended to reset your router by pressing a small reset button at the back with a paperclip to force the device to download a new version of its firmware.

It is high time the telecommunications company start caring about its users’ security.

Ransomware took down systems in NHS cyber-attack


An NHS hospital trust which was forced to shut down hospital systems and cancel operations revealed that the cyber attack was the result of the ransomware infection.

Systems of Northern Lincolnshire and Goole NHS Foundation Trust suffered a major Globe2 ransomware infection in October which interrupted the operations for four days. The incident led to the cancellation of 2,800 patient appointments in three hospitals on October 30 which didn’t resume till November 02.

Globe2 works similarly to other ransomware viruses, but uses a Blowfish data encryption, by encrypting files and demanding money to release them. It has been described by security experts as very aggressive.

Although it was initially believed that the issue was caused by a malware infection spreading via USB, Pam Clipson, director of strategy and planning at Northern Lincolnshire and Goole NHS Foundation Trust, confirmed that a ransomware infection had affected the systems.

Ransomware infections usually involve a ransom that organizations need to pay to hackers in order to unlock systems, but Clipson explained that the hospital took systems offline in order to remove the malware themselves.

When the systems were attacked, all servers were checked and cleaned both prior to switching off and before returning to 'live' status.

NHS spokesperson has confirmed that no ransom was paid to the perpetrators of the attack in order to restore systems.

The attack is also being examined by West Yorkshire Police.

Hacked San Francisco Muni lost $50,000 in fares


In yet another ransomware attack happened last month, San Francisco’s Municipal Transport Agency (SMTA) is expecting to have suffered a $50,000 loss.

SMTA, also known as ‘Muni’ was hacked on November 25 resulting in customers being able to travel for free on the city’s light-rail system. The cyber extortionists hacked into the transit system’s computers and denied access to its ticket machines, e-mail and personnel systems. Hackers succeeded in encrypting over 2000 computers and demanded 100 bitcoin (£56,000; €66,000).

Muni operates city trains, trams and buses which usually bring in around $120,000 in fares on a weekend day. That figure includes fares paid on all the three public transport systems both inside and outside the stations.

Though Muni did not pay the ransom and saved $73,000 but the attack did cost half a million dollar, said the officials on December 02. The officials had shut down the ticket machines in the Muni Metro system’s subway stations and threw open the fare gates as soon as they learned about the hack. The actions were taken to stop the spread of the cyber attack , in case the hacker was still inside the network and to ensure that passengers’ financial information couldn’t be accessed.

The rides remained free on November 26 which meant a hefty hit to Muni profits. Fare gates and ticket machines were back in service by the morning of November 27.

The attackers used a variant of the HDDCryptor malware resulting in every computer displaying a black screen with a ransom note. The ransomware attack was triggered when an employee clicked on an email attachment, pop-up or link following which around 900 office computers were taken out of action with the following message clearly visible on some:

“You Hacked, ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681.”

City officials have confirmed a full investigation is now underway.

Though no report of train stopping or passenger safety came to light, but if Muni does not upgrade its systems the next attack can harm the passengers as well.

Philippines asks Bangladesh for cyber heist probe results

The Finance Secretary of Philippines, Carlos Dominguez has asked Bangladesh government to share the findings of its investigation into how unknown hackers pulled off one of the world’s largest cyber bank heists, to help speed up recovery of the stolen funds.

Dominguez and other Philippine officials who met with a Bangladesh high-level delegation last week led by Anisul Huq assured them that Philippines was committed to help find the cash.

Philippines has already recovered $15 million from $81 million heist from a gaming junket operator and the delegation thanked them for this generous effort.

The money recovered was returned to Bangladesh, with a further $2.7 million frozen.

Cyber criminals tried to steal nearly $1 billion from Bangladesh Bank in February and made off with $81 million via an account at the New York Federal Reserve. The money stolen was authenticated by the SWIFT message system, widely used by financial institutions. The money was transferred to four accounts with false names at one RCBC branch in Manila before vanishing. Most of the money was laundered through Philippine casinos.

The episode highlighted vulnerable links in the payment network underlying the global financial system.

Bangladesh Bank has declined to disclose the findings of its own inquiry, saying it wanted to deny perpetrators knowledge of the investigation.

Philippine President Rodrigo Duterte, who had earlier pledged the stolen money would be returned, cancelled a meeting with the Bangladesh team because of “pressing matters”. Meanwhile, when Bangladesh’s ambassador in Manila, John Gomes was asked if the findings of the probe would be shared with the Philippines government he said: “No one asked us anything yet.”

However, Philippine central bank deputy governor Nestor Espenilla said that Bangladesh officials have committed to send initial updates on the probe to strengthen Philippines case in the court which it was fighting on behalf of Bangladesh.

Cyber attack struck down Talk Talk and Post Office routers


Thousands of Talk Talk and Post Office customers were hit by a cyber attack in the U.K. when the internet access was struck targeting certain types of internet routers.

The assault had used the same malicious software, “Mirai worm” that took some of the world's most popular websites offline in October and this time it began on November 27 affecting about 100,000 of its customers.

Talk Talk confirmed the attack and said that it was working on a fix. However, it did not tell how many of its broadband subscribers were hit but confirmed that a minority were affected on Thursday (December 01) as well. Both companies are working on a fix.

The hack had recently caused major disruptions to the internet, TV and phone networks through Germany’s Deutsche Telekom, leaving 900,000 of its customers affected.

This hack works by exploiting a weakness in customer routers with malicious viruses able to get through unsecured ports. It involves the use of a modified form of the Mirai worm - a type of malware that spreads via hijacked computers, which causes damage to equipment powered by Linux-based operating systems.

Several models of router are vulnerable to the latest cyber-assault, including the Zyxel AMG1302, which is used by the Post Office.

Due to the attack, the routers were unable to provide connections to their customers.

Customers from both Talk Talk and the Post Office complained the companies had done little to inform them of the problems.

It is not yet known who is responsible for the attack, but it is similar in kind to that of the Dyn domain name server, which resulted in dozens of websites including Twitter, Reddit and eBay being taken offline for hours in October. Mirai was involved in the October attack too. Cyber criminals exploited vulnerabilities in internet connected cameras and video recorders to take control of them and launch a distributed denial of service attack.

Though, no personal data is compromised in such attacks, which affect the infrastructure of websites and computer servers still if you have been affected by the hack, the best course of action is to reboot your router. From there, users should create a new password for the device.

VindowsLocker Ransomware mimics tech support scam


Phone-based Windows support scams have been going on for at least six years despite repeated warnings from Better Business Bureau, Royal Canadian Mounted Police, the FBI, and Microsoft themselves.

Now, the tech support scammers are too taking on their data hostage by targeting unsuspecting internet users with a combination of social engineering and deception. The malicious tactic has evolved from cold calls to fake alerts and most recently, screen locks. Tech support scammers have now added ransomware to their attack arsenal.

AVG security researcher Jakub Kroustek first spotted the ransomware which he named VindowsLocker based on the file extension it added at the end of all encrypted files (.vindows). The VindowsLocker ransomware uses the AES encryption algorithm to lock files with the following extensions:
txt, doc, docx, xls, xlsx, ppt, pptx, odt, jpg, png, csv, sql, mdb, sln, php, asp, aspx, html, xml, psd

To attack, the victims are called upon by hackers claiming to be a Microsoft support rep that is checking up on reports of errors or a malware infection on the victim's computer. The caller then asks the victim to download a diagnostic tool, usually a legitimate remote support app like LogMeIn Rescue or Teamviewer. A connection is established to the "troubled" computer and then the smoke and mirrors routine begins.

Thereafter, commands are run. Files and lengthy text logs are displayed on the screen, which indicate a serious problem. For a fee, of course, the scammer will gladly take care of everything. They'll even offer to install a "protection package" to keep the victim safe down the road. The victim is asked to call a phone number provided and talk to a tech support personnel, which is different from most ransomware families that employ a Dark Web portal to handle payment and decryption operations.

Now, Malwarebytes and independent security researcher @TheWack0lian have released a free decryption tool to help victims of a recent ransomware attack recover their data from cyber criminals employing a tech support scam technique. VindowsLocker which surfaced last week works by connecting victims to phoney Microsoft technicians to have their files encrypted using a Pastebin API.

This ransomware stands out from all others because it uses tech support scams and it extorts larger payments from the victims.

Apple to use drones to improve maps data


Since its launch in 2012, Apple Maps has come a long way yet has not been able to surpass its rival Google Maps which is why now it has decided to hop drones on its mission.

Apple has got approval from Federal Aviation Administration (FAA) to use drones for data collection. The drones will be flown overhead and capture critical street information, including signs and traffic changes during which it will capture photos, videos and other traffic data.

The tech giant has also acquired startup Indoor.io for indoor navigation features, like views inside buildings, to improve its Map service and catch longtime leader Google. It is said that the company will also make improvements to car navigation.

Drone capture could prove important to Apple AAPL -0.93% as it works to improve its Maps application running on iOS and MacOS devices. After capturing the data from streets both in the U.S. and abroad, it can then be transmitted back to Apple’s team and its information uploaded to the Apple Maps servers. The drones would replace the existing fleet of camera-and-sensor ladened minivans to collect data.

According to Bloomberg’s report, Apple is said to want to use the drones to examine street signs, monitor road changes as well as see if areas are under construction.

Apple, like Google and Microsoft's Bing, currently uses cars equipped with cameras and sensors to travel and record mapping data. By switching to drones the company could conceivably record this data faster and thus more quickly update and improve Maps.

Apple's move toward drones isn't indicative of any future commercial drone plans. Apple has planned to use drones from manufacturers such as DJI and Aibotix.

The Cupertino, California-based company was vastly criticized when it had launched the Maps four years ago for having inaccurate information and poor driving directions following which its CEO, Tim Cook had apologized and suggested users try out other options like Google Maps which was previously bundled with Apple’s mobile operating system. Apple lacked the technology needed to quickly suck in data from many different sources to evaluate and change the digital maps.

Since then, Apple has made strides towards improving the app’s accuracy and data and has added more information, including traffic and transit data. Over the years, it had included Street View feature which lets users see images of addresses but it is still considered inferior to Google Maps.

Looking ahead, Apple could possibly hit the market with its new improved mapping system sometime next year along with a tool which would tell users when and where to change lanes during navigation.

German elections may be disrupted by Russia


Germany's spy chief, Bruno Kahl warned that state-sponsored hackers aligned with Russia may disrupt German elections taking place next year by spreading campaigns of misinformation and hacking government emails which could undermine the democratic process.

Kahl, president of the German Federal Intelligence Agency (BND), added that the entire Europe was on focus of disruption but presently the danger was hovering more over Germany.

In an interview to a daily, Süddeutsche Zeitung on Tuesday (November 30), Kahl said that his agency knows of “cyber attacks that have no other point than causing political insecurity.” He told that pressure on public discourse and democracy is "unacceptable."

"The perpetrators are interested in delegitimising the democratic process as such, regardless of who that ends up helping," Kahl said, adding that the attacks may come "from the Russian region" where he claimed hacking is "at least tolerated or desired by the state."

Kahl also claimed to have already witnessed targeted email spoofing campaigns orchestrated by foreign hackers although admitted attribution remains tough.

The head of Germany's domestic BfV intelligence agency told Reuters earlier in November that authorities were concerned that Russia may seek to interfere in Germany's national elections through the use of misleading news stories.

Earlier, German Chancellor Angela Merkel also warned that social bots software used by Russian hackers might manipulate public opinion by spreading fake news.

In the wake of a suspected cyber attack on Deutsche Telekom on Monday (November 29), Merkel said: "such cyber attacks, or hybrid conflicts as they are known in Russian doctrine, are now part of daily life and we must learn to cope with them."

Merkel faces a challenge from the anti-immigrant Alternative for Germany (AfD) party which has said the EU should drop sanctions on Russia and that Berlin should take a more balanced position towards Moscow.

During the U.S. presidential elections too, intelligence officials believed that votes were manipulated by Russian authorities by hacking into Democratic National Committee emails which Russian officials denied. These incidents have sparked fear of nation-state influence on elections.

Some critics say a proliferation of fake news helped sway the US election in the favour of Republican Donald Trump, who has pledged to improve relations with Russian President Vladimir Putin. Defeated Democratic candidate Hillary Clinton accused Trump of being a Putin “puppet”.

Cybersecurity Firm Proficio raises $12 Million Funding

(pc-Google Images)
Proficio, a Carlsbad-based startup providing cybersecurity protection services for middle market companies, has raised $12 million in an investment round led by Kayne Anderson Capital Advisors. The Los Angeles-based private equity firm provided funding from its Kayne Partners Fund Group, which invests in high-growth technology businesses.

It is the first major capital raise for Proficio, which previously took in about $1 million, said co-founder and President Tim McElwee.

“They haven’t done anything in cyber, and they have been looking to get involved in the cybersecurity space,” said McElwee. “We are excited to be partnering with Kayne Capital as we accelerate the next phase of Proficio’s growth.”

“Proficio is changing the way organizations meet their information technology security and compliance goals by providing the most advanced cybersecurity solutions without the cost and complexity of acquiring sophisticated software or operating a 24x7 security operations center on their own,” said Nate Locke, a Kayne partner who will join Proficio’s board of directors, in a statement.

With the funding, Proficio aims to expand in its current markets of North America and parts of Asia, as well as spread into additional regions such as Europe and other parts of Asia. The company also plans to expand its cybersecurity technology platform, adding new services for advanced analytics, threat intelligence and incident response.

Founded in 2010, Proficio provides managed cybersecurity services on a subscription basis to customers in banking, health care, utilities, credit and consumer businesses.