Search This Blog

Showing posts with label Cyber Security. Show all posts

U.N Officials not using WhatsApp over Security Reasons


"The United Nations officials are not using WhatsApp for purposes of communication as it is unsafe and vulnerable to hacking," said a UN spokesperson last Thursday. The statement came out following the Jeff Bezos incident, where experts at the UN accused Saudi Arabia of hacking the WhatsApp account of Amazon's CEO Jeff Bezos. The experts at the UN last week said that they had information suspecting the association of Prince Mohammed bin Salman, Saudi Arabia's crown prince in the so-called cyberattack on Jeff Bezos that happened in 2018.


The officials have demanded an inquiry by American and other authorities as an immediate response, saying that the claims are based on a Forensic Report prepared by FTI, a consulting firm from Washington. The forensic report claims that Bezos' phone was hacked through an ill-disposed video file that was sent by the Saudi Prince via a WhatsApp account. Responding to the question "whether the United Nations Secretly General has used WhatsApp for communication purposes with Saudi Prince or any other world leaders?" Farhan Haq spokesperson of the U.N replied that "officials at the U.N are advised not to use WhatsApp application for messaging purposes as it is not a reliable social networking platform."

"Therefore, I believe that the U.N officials do not use the WhatsApp," Haq said later. According to him, the order to not use WhatsApp as a communication tool was given in June 2018, to the security officials. In response to this controversial action taken by the U.N, the company WhatsApp affirms that it offers one of the best safety to its more than 1.5 billion users.

"Each message sent via the app is protected through end-to-end encryption to maintain the confidentiality of the messages. No 3rd party, not even WhatsApp, can view the messages sent by users through WhatsApp. The encryption mechanism developed by WhatsApp is said to be one of the most secure technology according to the cybersecurity experts, and it is the most reliable platform out in the public," says Carl Woog, Director Communications at WhatsApp.

"Every app has a few flaws that can be exploited, but unlike WhatsApp, very few can resolve them immediately," said cybersecurity expert Oded Vanunu.

Simple Tips to Prevent your WhatsApp Account from Hackers


WhatsApp (now owned by Facebook), a popular social networking app, as we all know, is very easy to setup. But this simple process also opens your account to some vulnerabilities and threats, if you are not cautious while setting your WhatsApp account. Luckily, there exists an extra defense line to ensure the safety of your account, if your 6 digit activation code is hacked.


However, as noticed in the recent hacking incident against Amazon's CEO Jeff Bezos, it was observed that these security measures aren't enough to provide security. But it will somehow provide you an extra safety mechanism if, by any chance, the hacker gets your 6 digit security code. How to ensure the safety of your Whatsapp account? In normal circumstances, getting back to your hacked Whatsapp account is very simple: open the app, and while logging in, the app will send you another 6 digit code.

But the problem arises when the hacker, once having the hold of your account, intentionally puts up wrong verification codes to prevent further login into your account for up to 12 hours. The worst-case scenario arises when the user has not set up the 2 step authentication process, which permits the hacker to use a security pin of their own, restricting the user access to his Whatsapp account for a total duration of 7 days.

Therefore, it is always important to follow 2 basic rules:
  1. Don't disclose your 6 digit verification code- it doesn't matter if it's your parents, family, or friends. No one ever has a genuine intention to ask your Whatsapp code sent over the SMS, so never consider disclosing the details. 
  2. Set up a 2 step verification process- if in case, your account gets hacked by some reason, 2 step security pin ensures that only the user has the access to the Whatsapp account. 
How to set up the security pin-
  • Open Whatsapp and go to the settings option. 
  • Select account and hit 2 step verification. 
  • Setup your 6 digit security pin. 
  • You will be asked this every time you install your WhatsApp. You can also add your e-mail address as a backup if you ever lose your pin.

Russian Bank reminds about the danger of transferring personal data to someone


Transferring personal data to someone (details of cards and accounts, passport data), you can become a victim of cyber fraud, so you can not do this in any case, recalled the Deputy Chairman of the Board of Sberbank Stanislav Kuznetsov.

"Even if you take a picture of your card and send it to someone — this is basically already a leak. You might as well throw your wallet with your salary in the trash," he said.

He also said that in the second half of 2019, Russian companies faced large-scale phishing. "Last year, several organized criminal groups working in this direction became more active. One of them has made a big step forward in expanding its criminal activities. This is the RTM hacking group, it is Russian-speaking and operates in Eastern Europe, including Russia".

According to him, using modern software, RTM sends phishing emails to tens of thousands of companies in the country 10-15 times a month. Mr. Kuznetsov added that many companies open emails infected with viruses. "In this way, criminals get access to the company's accounting documents — with the help of a virus, they send the company's funds to their Bank accounts and gradually withdraw them," he said.

According to Mr. Kuznetsov, Sberbank has already given law enforcement agencies materials about almost 20 criminals from the group. There are at least five such groups, he said.

"This is not a new type of crime, but in the second half of last year, Russia faced it for the first time on this scale. As a result, some institutions of the financial system, as well as small and medium-sized companies in various industries were affected," said Stanislav Kuznetsov.

Recall, according to a study by TAdviser and Microsoft, in 2019, 76% of Russian medium and small businesses faced cybersecurity incidents. The main source of threats, businessmen called e-mail and external Internet resources.

More than half of Russian companies are concerned about the protection of personal data of employees and customers


The antivirus company ESET studied the state of information security in the Russian business sector, interviewing dozens of IT Directors and business owners. According to ESET research, different types of cyber threats affected 90% of Russian businesses. 60% of Russian IT managers are seriously concerned about the safety of personal data.

"The discontinuation of Windows 7 will play a role. Many Russian companies, despite the risks, will continue to use the operating system in the workplace. This will increase the risk of infection with new viruses, compromise and loss of corporate data," said the ESET representative. In addition, on January 14, 2020, support for the Windows 2008 and Windows 2008 R2 server systems was completed. They are used by many small and medium businesses. According to Ruslan Suleymanov, the Director of Information Technology Department of ESET Russia, this year, powerful and frequent DDoS attacks on the corporate sector and deepfakes will remain a trend.

Elena Ageeva, a consultant for the Information Security Center Jet Infosystems, notes that the development of cloud technologies will contribute to an increase in the number of attacks on cloud services.

According to InfoWatch, in Russia, ordinary employees have been and remain the main threat to the personal information of company customers. They account for more than 70% of the violations leading to leaks.

Andrey Arsentyev, head of the InfoWatch Analytics and Special projects Department, believes that phishing attacks will be further developed in 2020.

According to Dmitry Stetsenko, the head of the Kaspersky Lab’s group of system architects, attacks, almost undetected by standard antiviruses, through supply chains and BEC (Business Email Compromise) are gaining more and more popularity. After infecting the system, attackers prefer to use legal IT tools to develop attacks, which also complicates data protection.

Yevgeny Gnedin, head of Analytics at Positive Technologies, believes that attacks to steal information will prevail over attacks with the aim of direct financial theft. "Especially if the company does not provide ongoing monitoring of information security events and the investigation of cyber incidents," said the representative of Positive Technologies.

Russian banks to face risk due to a cancellation of support for Windows 7


Termination of technical support for Windows 7 and Windows Server 2008 operating systems (OS) can become a serious problem for Russian banks. According to the architect of the Microsoft technology center in Russia, Ivan Budylin, now, banks are required to quickly switch to Windows 10, since working without technical support is contrary to information security requirements. He added that the lack of updates can lead to significant risks of data loss.

At the same time, according to the survey, credit institutions are not yet ready to completely abandon the old OS.

Some banks reported that they had signed an agreement with Microsoft for paid additional support for Windows 7 (EAS). However, the expert noted that paid support is not an alternative to updating the operating system, but a temporary measure.

A similar situation was already with the Windows XP operating system, which was not supported in 2017 but continued to be used. During WannaCry ransomware virus epidemic, some XP users faced a situation where the malware appeared on the computer, was blocked and deleted by the antivirus.
However, then the virus repeatedly tried to get into the computer again and was blocked again. This caused a huge load on the network, processor, and disk. The devices started working so slowly that it was almost impossible to do anything on them.

Therefore, experts recommended updating Windows 7 as soon as possible, even though antiviruses can protect an already unsupported system.

Yuri Brisov, a member of the Commission on legal support of the digital economy, said that by denying the ability to regularly and timely update systems, banks put their customers at risk, which is unacceptable.

According to Boris Yedidin, a lawyer and co-founder of Moscow Digital School, for using outdated programs and operating systems, banks can bring to administrative responsibility under the article “Violation of information protection rules”.

Recall that Microsoft has refused to support the Windows 7 operating system since January 14. The computer will work with the old OS, but the company does not provide technical support for any software updates, as well as security updates and fixes.

Russian experts warn the danger of charging the phone in public places


The number of charging stations at airports, bus stops, metro stations and other public places in Russia has been growing rapidly in recent years. However, using such USB-inputs is not safe because attackers can access data stored in the phone or download malware through them. Today in Moscow you can charge your gadgets at airports and train stations, in metro trains, buses, at public transport stops, and in shopping and entertainment centers.

According to Sergey Nikitin, Deputy head of Group-IB, standard USB cables contain four wires: two for data transfer and two for charging. The problem is that hackers embed a special device in the charging wire, or add a small computer to the charger itself. When people connect a gadget to charge, they connect it to some other device.

"Attackers can thus gain access to your device," said the expert. Nikitin gave an example of one of these attacks: a small computer sends malicious code to the gadget, runs it, and so the hacker gains access to the data of the smartphone. An expert at Jet Infosystems Georgy Starostin noted that cybercriminals can download photos from victim's phones for blackmail or infect the device with a virus.

According to him, charging stations in public places carry other risks, the company providing the service can also install additional equipment. According to him, this way it will collect user data for further analysis and sale to advertisers.

The Avast press service said that information is transferred via USB ports in the same way as to the computer. If there are any vulnerabilities in the USB phone software, hackers can gain full control of the connected phone.

Experts advised users to try to avoid charging stations in public places. Avast offered to buy a portable power supply for charging the gadget or USB cables in which the data wires are removed.

Cyber Attack Alert! Microsoft Gives Inside Revelations About RDP Brute Force Attacks


Microsoft conducted a long-term study, which majorly focused on RDP brute-force attacks, their success and the duration they last for.

Per sources, according to the reports of the study, over 0.8% of the RDP brute force attacks on an average last for about “2-3 days”. The study also revolved around the effect of such attacks on various business organizations.

Data from over 45,000 devices and workstations that ran “Microsoft Defender Advanced Threat Protection” (commercial version of the free Defender anti-virus app) was acquired in terms of RDP login related acts.

According to reports, both failed and successful attempts at RDP login was part of the data collected for the detailed study that spread across numerous months of dedication.

Reportedly, the aforementioned successful and failed events include Windows events with ID 4264 and 4265, correspondingly. The usernames that the attackers or users may have used were also collected.


Per sources, RDP, Remote Desktop Protocol happens to be a feature of the Windows operating system that enables the users to log into a “remote computer” or device by way of an interface that looks much like a desktop, by means of the computer’s public IP address and port 3389.

Businesses and organizations usually make use of RDP and its provisions to manage servers, workstations and other connected devices in remote areas. It’s easier for the administrators and employees alike to work that way.

Brute force attacks have been pretty common on Windows devices especially via open RDP ports. Automated tools that the hackers use help them to create various combinations of passwords and usernames to figure out the target computer’s RDP login details.

Simple and basic combinations stand at the top of the hit list. The password and usernames combinations that have previously been leaked on the dark web are also used the most.

Where on an average these brute force attacks last for 2 to 3 days, in 90% of the cases, as the reports have found out, the attacks last for around a week.

According to the study reports the attacks spread across days because the hackers were trying out selected combos per hour rather than blindly shooting combos.

This clearly helped the attackers dodge the chances of their attack Internet Protocols getting banned by the firewalls.

Microsoft, according to sources, also mentioned that “0.8% of the devices that were attacked by the brute-force attacks were compromised. Also, that on an average a machine was expected to have a high probability of being compromised leading to an RDP brute force attack every 3-4 days”.

Per sources it’s imperative to look for the following things in a sign-in attempt:
 Event ID 4625 login type
 number of other devices with RDP inbound connections from one or more of the same IP
 number of failed sign-ins
 Event ID 4625 failure reason
 The number count of a username and the times it failed to log in
 number of RDP inbound external IP
 an hour and the day of the failed sign-in
 RDP connections
 Timing of successful sign-in attempts

To secure your device from such attacks, it’s supremely essential to monitor unknown connections and failed sign-in attempts.


Hackers Bypass the 2-step Verification to Invade Government Systems and Industries


2-step verification is an extra security measure that an application uses when connecting to a service or a device. But the 2-step authentication was avoided by a group of hackers from China known as APT20. The government, industries, and various corporations across the world are concerned about the issue. This is disturbing news for the world of cybersecurity. APT 20, a criminal hacking organization from China was able to avoid the important 2-step verification, that is used as a safety precaution by vast services on the internet such as Google, Whatsapp, Instagram, etc. But above all this, this issue is a major concern for banking institutions that rely on internet services for their conduct.



The APT20 group was caught avoiding the 2-step Verification: 

After successfully breaking the verification process, APT20 was able to get access to some government agencies, corporate databases, and servers of various industries. The activity was discovered by Fox-It, a Dutch security specialist, when it received a complaint from one of the victims and upon investigation, it was able to identify the criminal group responsible for the attack. The corporations hit by the attack are spread over 10 nations and different sectors, some of which include Germany, Britain, France, the US, and China. The sectors affected are flight, architecture, banking, power, security, transportation, HR services, etc. The attack, however, doesn't affect the general public, as it focuses much on the corporations.

What is a 2-step verification?

Today, 2-step verification has become an official security order and is used worldwide by the users as an assurance of security (even if the users are unaware, their systems rely on this method). The safety method comes along with an extension to the typical login-password credentials process. 2-step verification operates when the user enters his credentials while logging into a device, following which he is sent a temporary code.

The 2-step verification asks the user a temporary code that he has to enter while logging in to the device. For instance, Google systems like Gmail retrieves the user back to his device for confirming the identity. Only after making sure that the user is authenticated and not a fraud, he is allowed access into the specified device. After filling in the code, the user verifies his identification to the system.   

The Russian President created a new Department for information security


Russian President Vladimir Putin signed a decree increasing the number of departments of the Ministry of Foreign Affairs of Russia from 41 to 42.  According to the Facebook page of the Department, the new 42nd Department of the Russian Foreign Ministry will deal with international information security, including the fight against the use of information technologies for military-political, terrorist and other criminal purposes.

The decree came into force on December 27, 2019.  The number of employees of the Central office of the Russian Foreign Ministry increased from 3,358 people to 3,391 people. The decree establishes a staff payroll for a year in the amount of 3,521,914.7 thousand rubles ($57,000).

Employees of the Department will have to propose measures to improve legislation to make it easier to cooperate with other countries and international organizations on the topic of information security.

"The main idea of the department is the development of generally accepted rules for conducting a cyber environment and for a collective response to challenges,” said Maria Zakharova, an official representative of the Russian Foreign Ministry.

Earlier, at the end of 2018, the Permanent Representative of Russia in Vienna, Mikhail Ulyanov, announced that a new information security division would appear in the structure of the Ministry of Foreign Affairs. He noted that the decision was made due to the fact that information threats have recently become more relevant.

Recall that on December 28, it became known that the UN General Assembly adopted a resolution proposed by Russia to combat cybercrime.  The US did not support the initiative, considering the document redundant, as there is already an agreement on cybercrime, it's the Budapest Convention

The American side believes that the resolution is beneficial to Russia to create the necessary "type of control over the Internet space."

The Russian Foreign Ministry called the adopted resolution a new page in the history of the fight against cybercrime, stressing that the document actually secured the digital sovereignty of States over their information space.

Kremlin commented on the plans of the US cyber command


Member of the State Duma Committee on International Affairs, Elena Panina, considers the tactics of countering possible "interference in elections", which the US cyber command is developing, as direct aggression against Russia.

Earlier, the Washington Post reported that the US cyber command is developing information warfare tactics against high-ranking Russian officials and businessmen in case Moscow tries to interfere in the 2020 elections. The goal of the cyber command may be representatives of the Russian elite.

"Attempts by the American side to present these plans as "defensive", as a possible response to the case of "interference in the American elections" look ridiculous. In fact, we are talking about the threat of direct aggression against Russia in the information space," said Panina.
According to her, the cynical nature of these actions is manifested in the fact that the United States decided to publicly blackmail Russian political and business elites, threatening to hack e-mail and invade personal space.

She believes that the purpose of public disclosure of such plans is an attempt to intimidate the Russian political class. "Such actions are more typical for a criminal group than for a legal State," stated Panina.

In addition, a member of the Federation Council Committee on Foreign Affairs, Sergei Tsekov, stated that there is nothing original in the published plans for conducting an information war.

"The United States is always waging an information war against Russia. This is the meaning of life for the American community. So there is nothing original in this statement. As for countering Russian" interference " in the elections, the Americans have already achieved a 100% effect. Russia has never interfered in the election process and is not going to," said he.

The Senator also expressed the opinion that the effect of any American tactics of conducting an information war against Russia "will be very weak".

"Russian society is consolidated and understands very well the nature and mentality of the American community. So we do not give in to any propaganda on their part," concluded Tsekov.

Recall that US intelligence agencies accused Russia of interfering in the election campaign before the 2016 presidential election. Later, a commission was formed to investigate these circumstances, led by special prosecutor Robert Muller, the former head of the FBI. 

Development Team Suffers Cryptocurrency Theft Worth $4,80,000


Hackers stole records relating to the extension unit of an unknown blockchain recently, taking cryptocurrency worth $480,000, which is known as an obscure token called NULS. The developing team working on NULS confirmed on Twitter that it suffered a hacking attack. Earlier in the morning, the company tweeted that around 2 million NULS ($4,80,000) were stolen from its account. From the amount that was stolen, the development team says that more than half the amount lost in the theft has been liquidated to other cryptocurrency forms, amounting roughly to $131,600.



The company is planning to 'Hard Fork' the transaction network and blockchain, a measure that stops the cryptocurrency once and for all. Fortunately, the incident didn't have a hard effect on the price of NULS. The reason for the theft is said to be a vulnerability found in software version 2.2. The reason for having little effect on its value might be due to the value dropping down already at over 95%, following the all-time high before the incident was exposed. The users that use NULS are requested by the company to update their software to the latest version available, as to prevent themselves from any hacking issue.

Similar to the incident when Ethereum also 'Hard Forked' to retrieve its taken cryptocurrency:
The acknowledgment of the NULS team to this issue of theft is nostalgic for how core developers of Ethereum countered the problem of 'DAO' hacking incident in the year 2016. The DAO (Digital Decentralized Autonomous Organization) was supported by active agreements that worked likewise to an enterprise funds stock but was driven by the investor. Certainly, following the incident in which Ethereum worth $40 Million was stolen by the hackers from the DAO, Ethereum development divided the blockchain separately into 2 divisions.

In the 1st division, the users stirred by the theft could recover the Ethereum funds. Meanwhile in the 2nd division resumed upholding the initial variant of the block-chain record known as 'Ethereum Classic.' To this day, that specific Hard Fork incident is still a controversy amid the critics, practicing it as evidence of the unification concerning Ethereum‘s administration. Fortunately, NULS is not as popular as Ethereum, so the hard forking step won't cause much of a controversy for the company.

122 Chinese Men Detained in Nepal on Charges of Cyber-crime and Bank Fraud


KATHMANDU: Nepal police on Tuesday detained 122 Chinese men and women in what seems like the biggest crime gig by foreigners. A police officer, Hobindra Bogati, said the Chinese embassy was aware of the raids and have fully supported the detentions. The chief of police of capital Kathmandu stated that the suspects were raided on Monday when the police got info that some Chinese visa holding foreigners were engaged in suspicious activity. The police chief, Uttam Subedi said, “This is the first time that so many foreigners have been detained for suspected criminal activities."


These people were suspected of various cyber crimes like hacking into bank cash machines and more. These 122 men and women are held in different police stations with their passports and laptops confiscated. Another police officer, Hobindra Bogati, told that the Chinese embassy in Nepal was aware of the raids and have fully supported the detentions. Chinese Foreign Ministry spokesman Geng Shuang, in Beijing, said Nepal and Chinese police have agreed to be cooperative in the investigations and China is willing to increase law-enforcement cooperation with its neighbor.

Chinese people in recent times are increasingly being detained in Asian countries on suspicions of fraud and other illegal activities. In the Philippines last week, 342 Chinese workers were arrested, caught in an unlicensed gambling operation. Some Chinese citizens were also arrested smuggling gold while in September, five were arrested for stealing money from bank cash machines. Even though the rate of criminal activities by the Chinese in Nepal is at a high rate, the state affairs between the two countries couldn't have been better.

China has increased FDI in Nepal in recent years, working on the development of roads, power plants, and hospitals. More than 134,000 Chinese tourists visited Nepal between January and October this year, up 9.2 percent from the same period in 2018, according to Nepal Tourism Board data. During a visit to Nepal by President Xi Jinping in October, Nepal and China signed a treaty to work together and provide mutual assistance on criminal matters.

7 Easy Habits to make you Digitally Secure!


So 2019, was quite a year for hackers and security breaches. Countless malware, trojans, ransomware and data breaches attacked the business and financial sector leaving our security and information more exposed and feeble. And these hackers have moved from targeting the rich and high profile to the common people and the consequences can be right down scary. And that's why it becomes imperative that we protect ourselves from these attacks. It may seem like impossible feet but a few simple habits can go a long way to keep us cyber safe and cyber secure. Let's take a look-


1. Antivirus software 
Leaving your computer exposed without any antivirus means you are gladly inviting virus and malware into your system. Installing an antivirus is the first line of defense and quite simple. Using anti-virus software is the foundation from which all your other online safety habits are built. 

2.Thinking free means safe 
Always be aware of freebies on the internet and cyberspace be it free software or free wifi. Especially using free or public wifi can cost you dearly. Since this type of network is open for use by anyone, there’s a high risk of exposing your system to malware and having the information you send or receive (including passwords) viewed and collected by criminals. So, avoid using public wifi and even if you have to consider VPN( Virtual Private Network)

3.“Remind me later” 
FoxNews says, "Are you notorious for rescheduling software updates but never actually installing them? If you often hit the “Remind me later” button, you’re asking for trouble. "Don’t prevent your system from receiving the latest tools and security patches needed to fight off attackers and viruses."

4. Beware of attachments on Emails 
Clicking before you investigate, can be lethal for your security. Many ransomware seems like legit emails from governments and when you click the attachment, the word file activates the ransomware in your system. So, always be prudent about opening attachments and links given in mails.

5. Don't go with the lazy option - set a strong different password 
Using the same password for every platform makes it easier for the hacker to get in your machine. Also, if one platform is hacked it can lead to a chain hacking of your full online presence.

6.Forgetting about your online presence 
FoxNews advises that it’s common to have a ton of online accounts. Over time, you may forget about a few of the ones you rarely use or have stopped using entirely. That means if your account is compromised, you may not even notice. Jot down all the accounts you’ve created and routinely go through and delete those you no longer use.

7.Accepting terms you never read 
And the last and most common mistake that we are all guilty of- accept terms and conditions without reading them. Apps and software can easily access our data, pictures, SMS, and others legally and easily because of this.

Today, the world is getting smart, everything is connected from your phone to your TV with the integration of the Internet of Things (IoT) and thus it's important to adopt some healthy security habits.

Latest "incorruptible" Privacy Method that makes your VPN Out-of-Date


A unique chip that allows computers to send information using a 1-time 'indestructible' connection.

"Experts have made a unique unhackable safety system that is bound to transform the information secrecy," says the University of St Andrews, King Abdullah University of Sciences and Technology (KAUST) and the Center for Unconventional Processes of Sciences (CUP Sciences). The global organization of experts has built a new optical chip that enables the message to be transmitted from the sender to another receiver using a 1-time untraceable transmission that can accomplish 'absolute privacy' as private information is secured as one of the safest means, thanks to the experts. The experts' designed method utilizes silicon chips that carry compact arrangements that are permanently modified to transfer data in a one-time-key that can't be formed again or hijacked by the hackers.



A technology of the future- 
While the present conventional encryption methods permit messages to be transferred instantly, the information can, however, be hacked by quantum algorithms and computers of the future. But, as per the experts' claim, the latest developed technique for encoding information is solid and utilizes present transmission systems. The newly devised method also occupies limited storage on the present computer systems compared to conventional encoded interactions.

“Due to the arrival of more robust and quantum machines and future computers, all present encodings would be deciphered without taking much time, revealing the confidentiality of our existing and past transmission networks that hold much importance. For example, a hacker can save a piece of encoded information that is available now and he can expect the appropriate systems and technologies that can be availed shortly to decrypt the information. Executing large and cost-effective means of world-class safety is a universal enigma," says Dr. Andrea Fratalocchi, Associate Professor, Electrical Engineering at KAUST and Director of the Research.

He further says: Our research, however, has the caliber to resolve the problems of privacy for every individual across the globe. If by any chance this new technique could be executed across the world universally, the hackers would have a hard time trying to break into someone's personal information and would be seeking jobs elsewhere. For the moment, the groups of experts are currently planning to develop business apps for their trademarked technique and are planning to do a demo very soon.

Russian quality system made recommendations for the safe use of IP cameras


The Russian Quality System study says that wireless IP cameras that are used at home, in cafes and other public places can be hacked by attackers to obtain confidential data.

The organization found that cameras have many vulnerabilities, as well as other devices that connect to the Network, for example, smart refrigerators, coffee makers. Specialists of the Russian quality system reported numerous cases in which personal data fall into the hands of hackers due to the hacked Wi-Fi cameras. Hackers can connect to the cameras of a cafe or restaurant and see the victim’s keyboard and their passwords.

In addition, there was a case of hacking the casino’s Wi-Fi cameras when any person with sufficient technical skills could connect to them and observe the casino’s work from the inside, seeing people’s cards.

The vulnerability of wireless cameras is associated with the quality of software that manufacturers save on and the lack of data encryption. In addition, cameras are often managed from accounts for developers who use standard logins and passwords.

Often, the owners of the cameras themselves do not change the data for connecting to the camera, leaving the default passwords and thereby simplifying access to it.

"The cameras are often not thought out in terms of security, so it’s unlikely that they can completely protect themselves from hacking," said the hacker, who wished to remain incognito.

To reduce the risk of hacking IP cameras, the Russian quality system is advised not to save on them and buy cameras with data encryption. It is worth paying attention to the websites of manufacturers, as it is important that the camera model is supported at the moment. The page to which the recording from the camera is broadcast must be protected by the HTTPS protocol.

Experts also advise changing standard passwords, making them complex and limiting the number of devices from which you can connect to the camera.

Businesses over Various Countries become Victims of Threat 'APT20'


An Advanced Persistent Threat (APT) player expected to work from China from the last 2 years is silently targeting companies in the US and throughout the world in complete surveillance operations. Amongst its many targets are businesses in the flight, architecture, service, banking, health, transport businesses, and more, over 10 nations, including the United States, United Kingdom, Germany, China, and France. The threat is known as APT20, according to a report from Fox-It. "We say with great certainty that the threat is from a group from China and, it is probably supporting the interests of the Chinese government with stealing data for surveillance aim," says Fox-IT in a statement.


Fox-IT's report of APT reveals that in a few events, the hackers gained primary entrance to a target's system through a weak Network. Usually, the servers by which APT20 gained access had already jeopardized in an unrelated earlier intervention and had Network pods put upon them. APT20 utilized those Network pods for primary parallel mobility and surveillances. The group's other methods for getting primary entrance involve the use of phishing e-mails and corrupt movable media accessories. Similar to several different threats,

APT20's plan after getting a primary space is to attempt and collect and use entrance information of vested profiles, like those relating to businesses and domains manager. The organization has also used the administrator account to obtain the target system via its own Virtual Private Network (VPN). Fox-IT further says- Our research reveals that the threat uses a variety of design devices and legal assistance in its surveillance. Amongst the designing tools, it works on is one that gets data on software, public links. APT20 uses various tools for the attacks, some of which are: PowerShell, External Remote Services, Command-Line Interface, and WMI (Windows Management Instrumentation) and WAS (Windows Admin Shares).

The tools used by APT20 are authentic in all phases of the intervention series, from primary entrance and performance to exclusive acceleration and parallel flow, to endurance, support dodging, compilation, and filtration. The data on the attacks shows organs of the threat APT20 are most probably from China, that usually works for 8 hours every day, except the weekends.

In Berlin, Russian and German scientists discussed the danger of smart gadgets


By December 15, on behalf of President Vladimir Putin, the Russian government should prepare a Federal project "Artificial intelligence", which will prescribe tasks and measures to support the development of digital technologies in the country until 2030. Meanwhile, an inter-University conference was held in Berlin with the participation of Moscow specialists, aimed at attracting promising personnel to the Russian Federation for the development of the digital economy.

According to Pavel Izvolsky, the director of the Russian House of Science and Culture in Berlin, such events help to improve relations between Russian and foreign universities and research centers in the field of innovative digital technologies.

Nevertheless, talented students from other countries, even such economically and technologically successful ones as Germany, have a lot to learn in Russia. According to Izvolsky, such simple things for Russians, as paying for Parking from a mobile device or obtaining various certificates through the portal of public services, are not yet available for the Germans.

"In this sense, it's just a Stone Age," stated Izvolsky. The topics discussed were various, from the use of blockchain technologies in the banking sector and the introduction of intelligent transport systems in megacities to ensuring cybersecurity in the everyday sense when it comes to the use of gadgets by children.

The report of the leading content analyst of Kaspersky Lab Andrei Sidenko caused a great response. He talked about how the younger generation spends time on the Web, what threats are most often exposed and how parents react to it. For example, surveys have shown that for the first time children get access to smartphones from the age of three, and by the age of 11-14, 37 percent of young

Russians have personal gadgets. In the same studies, 85 percent of domestic teenagers answer that
they can not do without a mobile phone, and almost all the free time 15-18-year-old schoolchildren spend almost all their free time on the Internet. But every third parent does not know what exactly his child is watching on the Web. Children are in a rather vulnerable position: they share personal data, open "adult content", are subjected to cyberbullying or are involved in communication with dubious persons, and so on.

The discussion on digitalization in Berlin was the next in a series of international inter-University conferences that Rossotrudnichestvo (the Federal Agency for the Commonwealth of Independent States, Compatriots Living Abroad and International Humanitarian Cooperation) has already held in India, Indonesia and Iran. As a result of the past conferences, memorandums of cooperation between Russian and foreign universities were signed.

A cyber- security provider discovers Microsoft, LinkedIn and many others becoming the most preferred targets for phishing


Akamai Technologies, Inc. an American content delivery network as of late discovered various issues, like the DDoS attacks, credential stuffing, and phishing and in its State of the internet/security (SOTI) report, it featured the research done by the organization over the last 12 months.

According to Akamai's discoveries over 50% of every unique organization that was 'impersonated' by tracked phishing domains was from the financial services and among the favored targets for phishing, companies like Microsoft, PayPal, DHL, DocuSign, and LinkedIn were among the top targets.

As per Akamai the attack aimed at gathering the personal information of users and duping them by later claiming to be a 'trustworthy' source, just like an organization or a bank, it assumes a vital job in 32% all breaches and 78% of all cyber-attacks.

In its report it has featured that among the phishing kits observed by it for almost 262 days, 60% of kits were active for 20 days or less, more than 2 billion unique domains that seemed malignant and 89% of the domains utilized for phishing had a 'life expectancy' of under 24 hours while 94% had a life expectancy of under three days.

While the measures embraced against such phishing attacks have been developing throughout the years, the shifty and cautious strategies utilized by phishing kits have been transforming too.

Akamai’s report basically highlights some of the content-based evasion techniques used by phishing kits. The crucial evasion techniques incorporate the CSS font evasion, arbitrarily generated URLs, sub-domain and HTTP user-agent filtering.

Here are some of the steps to be taken by users to better protect themselves from such attacks:

  1. Check the email or message for spelling mistakes, unusual phrases, and discrepancies in the domain name.                                                                                                                                        
  2. If the email contains unnecessary attachments or links, avoid clicking on them.                                 
  3. Do not click on shortened links, especially on social media.                                                                    
  4. At all costs avoid emails from suspicious senders that contain urgent deadlines and ask you to click on a link or visit a website urgently.                                                                                                   
  5. Do not enter personal information in pop-up screens as companies generally do not use pop-up screens to ask for user information.


Rostelecom to setup honeypot to deal with hackers


The largest Russian provider of digital services and services Rostelecom offered telecom operators to set traps for hackers - honeypots.

The concept of creating a new cyberattack warning system was presented at a meeting of the Information Security working group as part of the Digital Economy national project.

It is known that we are talking about creating special software that will simulate the vulnerability of the server, seeing which hackers try to hack the network of companies. At this time, the program will record all the actions of the attacker and send them to specialists. Experts of Rostelecom are sure that in this way it will be possible to collect information about new methods of hacking.

Operators must set these traps themselves and exchange data with other companies. At the same time, Rostelecom's concept does not imply state financing of the project, and the company does not specify the cost of the entire system.

According to the head of the Russian research center Kaspersky Lab Yuri Namestnikov, businessmen will incur minor expenses. Basically, the money will be used to select specialists and improve servers and security.

IT-experts call telecom operators one of the most interested users of honeypots.  Positive Technologies expert Dmitry Kasymov said that telecom operator can’t be called secure in principle. "During the conduction security audits, we identify many vulnerabilities that allow attackers to leave subscribers without communication, listen to their conversations and intercept SMS, use communication services at their expense and even bypass the operator's billing systems.

These security flaws are already being exploited by hackers, even for stealing money from Bank accounts," explained he.

So, many Russian mobile operators supported Rostelecom's initiative to create a system of honeypots, as the infrastructure of these telecommunications companies still suffers from cybercriminals.

However, Kaspersky Lab experts warn that misuse of the honeypot concept can be dangerous. If you do not configure this type of system properly, it can become a source of additional threats to the network infrastructure.

The Cowlitz County PUD fall prey to a cyber attack in the United States


According to a recent inquiry conducted by the Wall Street Journal last week, the Cowlitz County PUD is amid more than 12 businesses that fell prey to a fresh cyber attack in the United States. Alice Dietz, spokesperson, Cowlitz County PUD, on Wednesday, authenticated that the company's firewall prevented the only corrupt e-mail that attackers transmitted. "We have pride in our Cybersecurity staff. We remain to achieve effective cyber safety standards. This is a classic instance of how serious Cowlitz County PUD is for its security," said Dietz in a statement.


No customer complaints regarding the attacks have appeared yet. The attackers that are still unidentified tried to download viruses on business networks across America using fraud e-mails. When the receivers open these phishing emails, the malware gets entry into the user's computer. The virus that was sent to businesses is called "Lookback." This malware lets attackers seize charge of target’s networks and take data. Very rare users at each business were attacked. The hackers checked the utility firms before launching the attack.

"We are unaware of the employee that was targeted nor do we know the contents of the emails," says Dietz. "Experts recognized a couple of times in July and August when attackers had sent phishing e-mails," reports the Washington Journal. Dietz further continues that their company only got a mail in August. The malicious email was blocked by the company's firewall protection. "Our staff was not aware of the "Lookback," it only surfaced when the FBI looked into the issue. However, the FBI research didn't find any malicious emails in the company's data system," Cowlitz County PUD GM Gary Huhta told the Washington Journal.

"The hackers forgot classifying data on victims shortly revealed on in a Hong Kong server," cyber-security experts described to the Washington Journal. "The company's safety mode itself obstructs e-mails from abroad," Dietz reported to The Daily News Businesses across the United States were attacked. "Another Washington business that was attacked was Klickitat County PUD, says the Washington Journal." The cyberattack was initially discovered by experts at Proofpoint, a Silicon Valley cyber safety firm.