Search This Blog

Showing posts with label Cyber Security News. Show all posts

United States rejected Putin's offer to cooperate on cybersecurity

The US authorities for the first time publicly responded to the proposal of Russian President Vladimir Putin to resume cooperation in the field of international information security. US Assistant Attorney General for National Security John Demers called the Kremlin's initiative "nothing more than false rhetoric, cynical and cheap propaganda.” And Secretary of State Mike Pompeo said that Russia is dismissive of public security and international stability in cyberspace.

On September 25, Vladimir Putin invited the US authorities to resume cooperation in the field of international information security, which began in 2013 but was frozen due to disagreements over Ukraine and Russia's alleged interference in the 2016 US presidential election.

The President of the Russian Federation then stated that the dialogue in the cyber sphere should not be a "hostage" of political disputes, and proposed a four-point program for restoring cooperation.

In a statement, the Russian President said that "the risk of a large-scale confrontation in the digital sphere is one of the main strategic challenges of our time." "Special responsibility" for preventing cyberwarfare lies, as the Kremlin said, "on key players in the field of international information security," that is, primarily on Russia and the United States.

On October 7, in an interview with the Russia TV channel, Vladimir Putin complained that there was no response to his proposal from the United States. "Unfortunately, as with a number of our other initiatives, there is no response to this, I believe, very important topic, although there are continuing complaints against us about our hyperactivity in the information sphere, interference in elections there, and so on, which have absolutely no basis,” said Mr. Putin.

Russia has fallen to 13th place in the world ranking of the stability of Internet segments

According to Qrator Labs, a company specializing in ensuring the availability of Internet resources and countering DDoS attacks, Russia has worsened its position in the ranking of countries with the most stable segments of the national Internet, dropping from 11th to 13th place. Experts attribute this to the continuing expansion of the market of Internet operators and the slow transition to the new IPv6 protocol, which allows using more IP addresses.

The rating of the stability of the national segments of the Internet has been calculated since 2016 among 249 countries of the world. According to the rating, Russia took the 13th place this year, the year before the Russian Federation took the 11th place.

Experts believe that the use of a more advanced version of IPv6 by network operators along with the IPv4 Protocol can increase the stability of Internet segments. Then in case of problems with one Protocol, the other will work.

According to Google, just over 30% of users in the world use the new Protocol, while in Russia this figure is slightly more than 5%.

The problem is that Russia does not have a universal program for switching to IPv6. "It is difficult to force current market participants to switch to a new Protocol, because they will have to upgrade equipment and hardware and software systems, and this is a serious expense," said Andrey Vorobyov, director of the Coordination Center for .ru / .РФ domains.

The global five countries are led by Brazil, Germany, Switzerland, Ukraine and the United Kingdom. Next in the ranking are the Netherlands, Canada, the United States, France and Liechtenstein. Four newcomers, Liechtenstein, Japan, Indonesia and Argentina, entered the top 20 this year, while Luxembourg, Czech Republic, Ireland and Bulgaria left. Hong Kong dropped eight positions in a year.

Russian experts warn about security risks of Bluetooth on a smartphone

Associate Professor of computer science at the Russian University of Economics, Alexander Timofeev said that hackers can use Bluetooth to break into an electronic device.

"The possibility of Bluetooth hacking can endanger any information stored on the device (photos, emails, texts). In addition, an attacker can gain control of the device and send unwanted data to it,” noted Timofeev.

According to him, at the hacker festival What The Hack, which takes place in the Netherlands, experts showed how using a laptop and a special program with a directional antenna people can eavesdrop on what the driver of a passing car is talking about through a Bluetooth headset.

The head of Check Point Software Technologies Ltd. Sergey Zabula agreed that constantly enabled Bluetooth carries a significant threat to the security of the phone and its owner. Scammers are constantly improving their attack methods, and the small range of Bluetooth signal propagation is no longer a problem for them.

"Using amplifiers, hackers can get into a user's device without even asking for their permission and without knowing the secret key of the connection”, noted Mr. Zabula.

The consequences of attacks using Bluetooth can be varied. So, in just a few seconds, fraudsters can connect to a user's device, install malware, and eventually steal or delete valuable information. Moreover, via Bluetooth, hackers can listen to calls, set their forwarding, and send calls and text messages, which in turn leads to financial losses of the victim. Also, using a Bluetooth connection, fraudsters can carry out a DoS attack and completely disable the phone.

Experts recommend disabling Bluetooth as soon as it is no longer necessary, since this function, when activated, is a "godsend for scammers."

The Ministry of Internal Affairs of Bashkortostan intends to cooperate with white hackers to reduce cyber crime

The Ministry of Internal Affairs of Bashkortostan is ready to cooperate with white hackers and programmers to solve Internet crimes together with them. Law enforcement agencies want to attract volunteers-experts from among students-programmers to solve cybercrimes.

According to Major General of Justice, Deputy Minister, Head of the Main Investigation Department of the Ministry of Internal Affairs of the Republic of Bashkortostan Oleg Oleinik, the regional department of the Ministry of Internal Affairs is working together with the Regional Center of the Volunteer Movement and the police already have experience in cooperation with young programmers.

Recall that in the last two years, the number of cybercrimes in Bashkortostan has grown by almost 2.5 times: if in 2018, 2,500 cybercrimes were recorded, in 2019 – 6,300, then in the seven months of 2020, 6,500 cases have already been opened. Fraudsters use social engineering methods and debit money from cards of victims without any special technical means.

The Bashkortostan police said that they are ready to cooperate with IT companies that are also interested in eliminating cyber fraud. 

The interim head of the Department for Disclosure of General Criminal Frauds and Theft Committed Using Information and Telecommunication Technologies of the Criminal Investigation Department of the Ministry of Internal Affairs Marat Guzairov said that the crime is especially developed in the DarkNet, where databases are uploaded, weapons, drugs are sold, and pornography is distributed. Violation of the law occurs with the help of messengers, as well as resources blocked by Roskomnadzor, which can be accessed using certain programs.

According to the police, many young people are aware of this and could transfer their knowledge to law enforcement agencies.


Expert Malnev gave tips on detecting Keylogger

Alexey Malnev, head of the Jet CSIRT Information Security Monitoring and Incident Response Center of Jet Infosystems, spoke about how to detect a Keylogger.

According to the expert, this can be done by scanning the computer with antivirus software, as well as thanks to the built-in EDR (Endpoint Detection and Response) system that analyzes the processes and their memory operation within the operating system.

In the case of corporate devices, a traffic inspection system will help, which can detect a connection over a suspicious Protocol or to a suspicious server on the Internet. The presence of an incident monitoring center in an organization can help detect an entire cyber operation of attackers on its infrastructure, or targeted attacks.

According to the expert, the presence of Keylogger can be considered a symptom of a complete hacking of the user's computer, and this is very bad news for the user. The fact is that modern malicious software most often uses Keylogger as one of many modules.

"There is a high probability that there is already a whole set of other potential problems: theft of confidential files from the hard disk, interception of account data, hidden audio and video recording (if there are a microphone and video camera), the potential destruction of data (if there is a malicious ransomware encryption module), full remote access,” said he.

In such cases, users should immediately disconnect the computer from the local network and the Internet, and then, without restarting it, hand it over to specialists in cybercriminalism. According to Malnev, it is more important to determine how the computer was attacked.

About 84% of Russian companies have vulnerable IT system

More than 80% of companies in Russia neglect the basic means of protecting information systems and data, as a result of which 84% of companies have vulnerabilities in their IT systems that can be exploited, including by novice hackers who do not have a high level of programming skills.

According to Ekaterina Kilyusheva, head of the research group of the information security analytics department at Positive Technologies, companies suffer from inexperienced hackers in about 10% of cases.

Based on the testing of 19 large companies from different sectors of the economy, it turned out that in 58% of cases, companies have at least one security breach that can be hacked by publicly available software for hackers.

It is noted that most often in Russian companies, security gaps are associated with the use of outdated software, the vulnerabilities of which are already known.

As noted by ESET security specialist Tony Anscomb, in addition to outdated software, companies often have poorly configured network infrastructure and operating systems, lack of encryption and two-factor authentication, which also increases the likelihood of a system being compromised.

It is noted that the best protected are companies in the financial sector and energy industry, which process large amounts of personal information and where the high dependence of business development on the stability of the IT direction, explained the head of Analytics and special projects InfoWatch Andrey Arsentiev.

Security Experts gave tips on how to protect online conferences from hackers

Video conferencing services attracted the attention of hackers because they gained huge popularity during the coronavirus pandemic. 

On Thursday, attackers disrupted a court hearing in the case of a Florida teenager accused of organizing the hijacking of a number of Twitter accounts. The hearing was held via the Zoom video conference service. The attackers disguised their names as CNN and the BBC and gained access to the conference, after which they began broadcasting pornographic videos and swearing. After that, the court session was postponed.

According to Artem Gavrichenkov, technical director of Qrator Labs, the phenomenon of Zoom-bombing, when attackers identify vulnerable conferences and enter them with the aim of espionage and hooliganism, became widespread in April, and by May-June it became widespread.

“To limit the access of attackers to sensitive content, all conferences should be password protected, and this password should be provided only to a limited number of people,” advised Gavrichenkov.

Denis Gavrilov, the consultant of the information security Center of Jet Infosystems, also recommends setting up a "waiting room" if there is such functionality in the platform, this will limit user access to the conference without the approval of the organizer.

Kaspersky Lab cybersecurity expert Dmitry Galov noted that it is necessary to download the program for a computer only from the official website, and for a smartphone - from official app stores.

"As our experts found out, in the spring of this year, the number of malicious files whose names contain references to popular services for online conferences (Webex, Zoom, etc.) has almost tripled compared to last year,” said he.

Anastasia Barinova, Deputy head of the Group-IB, advises using Zoom analogs at all. "To minimize the risks, I would recommend considering Zoom analogs: Google Meet, GoToMeeting, or Cisco's WebEx service," advised she.

Earlier E Hacking News reported that Russia will develop a similar Zoom platform for video communication by the beginning of the new school year.


Expert: the image of a "Russian hacker" has become a means of information warfare with the Russian Federation


Experts commented on the release of the report of independent public organizations "Information fight against Russia: constructing the image of the enemy".

The director of the Center for Political Information, Alexei Mukhin, noted that the report analyzed how the image of the "Russian hacker" works. According to him, this image is replicated much less through the media than through social networks.

The image of a "Russian hacker", as Mukhin said, is mainly distributed via Twitter using similar hashtags, such as #Russianhacker. This is done to attract attention, to redirect the user to materials that demonstrate "horror and lawlessness".

This forms a "public opinion", with which not only politicians but also the military are already working. This is bad, because, in their hands, the information struggle turns into a hybrid war.

In different years, according to this scheme, Russia was accused of various outrages. In 2014, in the participation in the war in the Donbass, in 2016, in interference in the American elections.

It is characteristic that as soon as Russia requires to show evidence, it turns out that they are not.
Anna Shafran, a TV and radio host, believes that an open information war has already begun. 

According to her, recently, YouTube blocked without warning or explanation three popular Russian resources, including the TV company "Crimea-24". The Russian Foreign Ministry, of course, protested and rightly qualified the incident as an attack on Russian-language resources from the American Internet platform.

Sergei Sudakov, a Professor at the Military Academy of Sciences, said that the meme "Russian mafia" was created in the interests of the United States in the 1990s. It is outdated, replaced by a new meme "Russian hacker". It is fashionable to present Russia as an international information terrorist.
It is worth noting that in the Russian sector of the Internet, the meme “Russian hackers” is perceived approximately as “British scientists”. At the same time, in the foreign segment, the concept of "Russian hackers" is linked to such concepts as danger, interference, and more recently, incitement to riot.

Lithuania leads a European Union Cyber Rapid Response Team (CRRT) at the European Union


Lithuania, the Netherlands, Poland, Romania, Croatia, and Estonia signed a Memorandum on the establishment of a European Union Cyber Rapid Response Team (CRRT). In the event of a cyber attack on any of the countries participating in the agreement, CRRT specialists should be ready to immediately repel the attack. Lithuania played a special role in creating this structure. Experts note that the EU has a really difficult situation with ensuring cybersecurity since not all States have the resources to repel hacker attacks. However, analysts doubt the effectiveness of CRRT.

Lithuanian Minister of Defense Raimundas Karoblis noted that this is a completely new international cyber potential, initiated and led by Lithuania and that each country faces cybersecurity problems.
According to the cybersecurity specialist, Andrei Masalovich, now the problem of protection against cyberthreats is facing not only the poor countries of the Baltic States but even the United States.

President of the Russian Association for Baltic Studies Nikolai Mezhevich believes that the attempts of the Lithuanian leadership to take a leading role in the organization of a pan-European cyber defense are largely dictated by the desire to improve the image of Lithuania.

In addition, according to Andrei Masalovich, the Lithuanian authorities also want to "show their importance" against the background of Estonia.

As for the possible source of the threat, all countries in the CRRT blamed Moscow for cyber attacks. For example, in 2018, the Netherlands accused Russian hackers of attacking the headquarters of the Organization for the Prohibition of Chemical Weapons. In the Baltic States, Russia is regularly suspected of cyberattacks.

Moscow, in turn, calls for the creation of "confidence-building measures in cyberspace" at the global level. This was stated last year by the special representative of the President of the Russian Federation for information security, Ambassador of the Ministry of Foreign Affairs on Special Assignments Andrei Krutskikh.

The Russian quality system (Roskachestvo) gave recommendations on protecting data in social networks

Scammers in social networks use social engineering techniques to hack a user account. In this regard, Roskachestvo experts recommend setting the most stringent privacy settings for the personal page. According to experts, cybercriminals tend to get into the friend list in social networks in order to use this opportunity for fraud in the future, so users of social networks should monitor their privacy and be vigilant.

"Set the most strict privacy settings. For example, hide your contact information, published posts, and information about relatives and friends from everyone except your friends. This will make it more difficult for attackers to get your data and use it in fraud using social engineering," said experts.

Cybercriminals use fake phone numbers, fake names, and other people's photos to get into the friend's list. In addition, there is a high risk that when you click on a postcard, petition, or unknown link, the user is redirected to a site that requests access data to social networks and passes them to the fraudster.

"Everyone knows for sure that a request for financial assistance from a hacked page is a fraudulent technique," reminded Roskachestvo.

Experts advise adding only really familiar people to friends, and also beware of those who ask or offer money, and if a friend makes such a request, ask him personally by phone.

"Do not send payment or other confidential information in social networks and messengers. If you have already sent your card data, find and delete these messages," said experts.

Roskachestvo advises not to follow suspicious links sent in messages, not to use public Wi-Fi networks, set up two-factor authentication in social networks, and use complex passwords for each service, using special software generators to compile them.

"At the same time, it is extremely important to use different passwords for accounts on different resources," said Anton Kukanov, head of the Center for Digital Expertise of Roskachestvo.

Russians were given ways to protect themselves from surveillance via a smartphone


Experts noted that most often smartphone owners are inattentive and infect their devices with spyware. Such programs can collect personal data and place it in the public domain, listen to conversations, and monitor the actions of the owner.

Sergey Nikitin, Deputy of the Group-IB Computer Forensics Laboratory, said that more than 90 percent of cases are not vulnerabilities, but user actions. According to him, the main source of infection is applications downloaded through the browser.

"The search engine, first, gives not an official site, but contextual advertising. Often, scammers buy it, and by clicking on the link from your phone, you download a malicious APK file," said Nikitin.
Nikitin gave an example of the GetContact app, which shows how a person is named in his friends' contact list. According to him, the user provides access to contacts that can leak to the network. He noted that such cases have already occurred. The expert advised not to download applications for remote management, for tracking the user. According to him, it is also not necessary to download the first available antivirus from the search engine, since an unknown program may be a program with a Trojan virus.

Kaspersky Lab expert Viktor Chebyshev also said that popular apps can be malicious. According to him, hackers often fake malicious programs for popular applications. "For example, we recently discovered more than a thousand malware that pretended to be a popular dating application. In General, in 2019, most often Trojans pretended to be photo-processing applications,” informed Chebyshev.

Another loophole for fraudsters is called remote control applications that allow to see the device's screen.

"An attacker can ask you to install the program and then conduct a financial transaction on your behalf. Many banks now show a one-time code in push notifications, so it is not a problem to see it on the screen," said the representative of Group-IB.
Experts also added that fake apps can be found even in official stores. You should be wary if the application requests administrative functions.

Security Experts Say Hackers Can Hack Russian Banks In 5 Days


Experts from the information security company Positive Technologies came to the conclusion that hackers will need only five days on average to hack a large Russian Bank. Experts came to this conclusion on the basis of a number of tests. The attack was successful due to vulnerabilities in applications, software and password selection. In some cases, access to ATMs was obtained.

Tests in 10 banks from the top 50 banks showed that hackers need an average of 5 days to hack the Russian bank’s network. In cases where the hacker acts from the inside, he is able to get full control over the entire infrastructure of the Bank in two days.

During the audit of banks, whose names were not disclosed, experts simulated 18 cyberattacks. In eight cases, the attacks were carried out from the outside using only publicly available data, such as the Bank's website or an incorrectly configured database. In ten cases, the hacker attacked from inside the bank, that is, the hacker was in the Bank building and got access to the power outlet, Wi-Fi network, and so on, or thanks to an external attack, he gained access to user data of a bank employee. Social engineering methods were not used in the tests.

Passwords turned out to be the weakest point because most of them were selected using a combination of similar words or nearby keys. Under one very common password “qwerty123” in one of the credit organizations were more than 500 accounts.

New testing showed that hackers can penetrate from the Internet into the local network of seven out of eight banks.

However, Kaspersky Lab’s Leading Antivirus Expert Sergey Golovanov said, Due to the improvement of bank security systems, Russian-speaking hacker groups are increasingly attacking foreign credit organizations, they are switching to banks in Asia, Africa and Latin America.

Roskomnadzor blocked the email service Protonmail


The FSB of the Russian Federation reported that it was possible to install another email service that was used by an "electronic terrorist" to send messages about mining of objects with a massive stay of people in Russia. On Wednesday, the FSB and the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) announced the blocking of the Swiss postal service Protonmail.com.

"This email service was used by hackers both in 2019 and especially actively in January 2020 to send false messages about mass mining of objects on the territory of the Russian Federation under the guise of reliable information," said the representative of Roskomnadzor.

In turn, the FSB of Russia reported that this service is used starting from January 24. Messages with threats of mining were sent to the email addresses of courts in four regions of the Russian Federation. Last year, the same service was also used to send false terrorist threats, but on a smaller scale.
"The texts also indicated allegedly mined 830 social and transport infrastructure objects. All threats were false," the FSB reported.

ProtonMail CEO Andy Yen recently announced his decision to go to court because he believes the block is unfounded. According to him, blocking the service is an inefficient and inappropriate tool to combat cyber attacks.

"This will not stop cybercriminals from sending threats from another email service and will not help if the criminals are located outside of Russia. Cybercriminals are also likely to be able to bypass the block using one of their many VPN services," Ian said.

The head of the company stressed that blocking mail will only harm private users and restrict access to private information for Russians.

Recall that this is the third foreign mail service blocked by Roskomnadzor for spreading false messages about mining facilities in Russia. On January 23, Roskomnadzor announced the blocking of the StartMail service. It was noted that mass mailings of messages about the mining of various objects on the territory of Russia were carried out through this mail service. Emails have been received since November 28, 2019.

Russian Bank reminds about the danger of transferring personal data to someone


Transferring personal data to someone (details of cards and accounts, passport data), you can become a victim of cyber fraud, so you can not do this in any case, recalled the Deputy Chairman of the Board of Sberbank Stanislav Kuznetsov.

"Even if you take a picture of your card and send it to someone — this is basically already a leak. You might as well throw your wallet with your salary in the trash," he said.

He also said that in the second half of 2019, Russian companies faced large-scale phishing. "Last year, several organized criminal groups working in this direction became more active. One of them has made a big step forward in expanding its criminal activities. This is the RTM hacking group, it is Russian-speaking and operates in Eastern Europe, including Russia".

According to him, using modern software, RTM sends phishing emails to tens of thousands of companies in the country 10-15 times a month. Mr. Kuznetsov added that many companies open emails infected with viruses. "In this way, criminals get access to the company's accounting documents — with the help of a virus, they send the company's funds to their Bank accounts and gradually withdraw them," he said.

According to Mr. Kuznetsov, Sberbank has already given law enforcement agencies materials about almost 20 criminals from the group. There are at least five such groups, he said.

"This is not a new type of crime, but in the second half of last year, Russia faced it for the first time on this scale. As a result, some institutions of the financial system, as well as small and medium-sized companies in various industries were affected," said Stanislav Kuznetsov.

Recall, according to a study by TAdviser and Microsoft, in 2019, 76% of Russian medium and small businesses faced cybersecurity incidents. The main source of threats, businessmen called e-mail and external Internet resources.

More than half of Russian companies are concerned about the protection of personal data of employees and customers


The antivirus company ESET studied the state of information security in the Russian business sector, interviewing dozens of IT Directors and business owners. According to ESET research, different types of cyber threats affected 90% of Russian businesses. 60% of Russian IT managers are seriously concerned about the safety of personal data.

"The discontinuation of Windows 7 will play a role. Many Russian companies, despite the risks, will continue to use the operating system in the workplace. This will increase the risk of infection with new viruses, compromise and loss of corporate data," said the ESET representative. In addition, on January 14, 2020, support for the Windows 2008 and Windows 2008 R2 server systems was completed. They are used by many small and medium businesses. According to Ruslan Suleymanov, the Director of Information Technology Department of ESET Russia, this year, powerful and frequent DDoS attacks on the corporate sector and deepfakes will remain a trend.

Elena Ageeva, a consultant for the Information Security Center Jet Infosystems, notes that the development of cloud technologies will contribute to an increase in the number of attacks on cloud services.

According to InfoWatch, in Russia, ordinary employees have been and remain the main threat to the personal information of company customers. They account for more than 70% of the violations leading to leaks.

Andrey Arsentyev, head of the InfoWatch Analytics and Special projects Department, believes that phishing attacks will be further developed in 2020.

According to Dmitry Stetsenko, the head of the Kaspersky Lab’s group of system architects, attacks, almost undetected by standard antiviruses, through supply chains and BEC (Business Email Compromise) are gaining more and more popularity. After infecting the system, attackers prefer to use legal IT tools to develop attacks, which also complicates data protection.

Yevgeny Gnedin, head of Analytics at Positive Technologies, believes that attacks to steal information will prevail over attacks with the aim of direct financial theft. "Especially if the company does not provide ongoing monitoring of information security events and the investigation of cyber incidents," said the representative of Positive Technologies.

Russian banks to face risk due to a cancellation of support for Windows 7


Termination of technical support for Windows 7 and Windows Server 2008 operating systems (OS) can become a serious problem for Russian banks. According to the architect of the Microsoft technology center in Russia, Ivan Budylin, now, banks are required to quickly switch to Windows 10, since working without technical support is contrary to information security requirements. He added that the lack of updates can lead to significant risks of data loss.

At the same time, according to the survey, credit institutions are not yet ready to completely abandon the old OS.

Some banks reported that they had signed an agreement with Microsoft for paid additional support for Windows 7 (EAS). However, the expert noted that paid support is not an alternative to updating the operating system, but a temporary measure.

A similar situation was already with the Windows XP operating system, which was not supported in 2017 but continued to be used. During WannaCry ransomware virus epidemic, some XP users faced a situation where the malware appeared on the computer, was blocked and deleted by the antivirus.
However, then the virus repeatedly tried to get into the computer again and was blocked again. This caused a huge load on the network, processor, and disk. The devices started working so slowly that it was almost impossible to do anything on them.

Therefore, experts recommended updating Windows 7 as soon as possible, even though antiviruses can protect an already unsupported system.

Yuri Brisov, a member of the Commission on legal support of the digital economy, said that by denying the ability to regularly and timely update systems, banks put their customers at risk, which is unacceptable.

According to Boris Yedidin, a lawyer and co-founder of Moscow Digital School, for using outdated programs and operating systems, banks can bring to administrative responsibility under the article “Violation of information protection rules”.

Recall that Microsoft has refused to support the Windows 7 operating system since January 14. The computer will work with the old OS, but the company does not provide technical support for any software updates, as well as security updates and fixes.

Russian experts warn the danger of charging the phone in public places


The number of charging stations at airports, bus stops, metro stations and other public places in Russia has been growing rapidly in recent years. However, using such USB-inputs is not safe because attackers can access data stored in the phone or download malware through them. Today in Moscow you can charge your gadgets at airports and train stations, in metro trains, buses, at public transport stops, and in shopping and entertainment centers.

According to Sergey Nikitin, Deputy head of Group-IB, standard USB cables contain four wires: two for data transfer and two for charging. The problem is that hackers embed a special device in the charging wire, or add a small computer to the charger itself. When people connect a gadget to charge, they connect it to some other device.

"Attackers can thus gain access to your device," said the expert. Nikitin gave an example of one of these attacks: a small computer sends malicious code to the gadget, runs it, and so the hacker gains access to the data of the smartphone. An expert at Jet Infosystems Georgy Starostin noted that cybercriminals can download photos from victim's phones for blackmail or infect the device with a virus.

According to him, charging stations in public places carry other risks, the company providing the service can also install additional equipment. According to him, this way it will collect user data for further analysis and sale to advertisers.

The Avast press service said that information is transferred via USB ports in the same way as to the computer. If there are any vulnerabilities in the USB phone software, hackers can gain full control of the connected phone.

Experts advised users to try to avoid charging stations in public places. Avast offered to buy a portable power supply for charging the gadget or USB cables in which the data wires are removed.

Tehran has no data on alleged use of Iranian devices by Russian hackers


Iranian authorities do not have information about the alleged use of Iranian devices by Russian hackers to carry out cyberattacks on dozens of countries around the world, said an official representative of the Iranian government Ali Rabiya.

A report by the UK’s National Cybersecurity Center (NCSC) and the United States National Security Agency (NSA) reveals that the Turla hacking group, allegedly associated with “Russian entities", hacked software of Iranian hackers to cyber-spy and attack government and industry organizations in dozens of countries. The content of the document is published on the NCSC website.

It is claimed that, according to British intelligence services, the hacking campaign was most actively carried out in the Middle East. No evidence of cyberattacks is provided.

However, the Iranian government said they did not have information about Turla hackers.

According to political scientist Alexander Asafov, the assignment of the Turla hacker group to “Russian entities” is deliberately carried out by London and Washington, in order to “maintain an anti-Russian propaganda focus.”

"Even Western companies do not see any Russian connection in Turla's actions. But it’s not important for the propaganda of Britain and the USA,” the expert said.

Asafov added that by publishing such a report, London seeks to “support the image of bad Russia that he has already created” and wants to distract ordinary citizens from problems within the UK.

As noted by Asafov, reports of cybercrime for British and American politicians are a "universal tool."

A similar opinion is shared by the corresponding member of the Academy of Military Sciences Sergey Sudakov. According to him, it would now be beneficial for London to arrange a provocation.

At the same time, Iran, like Russia, is not the first time to be a central figure in Washington’s stories of "hacker attacks."

So, in early October, the American Corporation Microsoft said that allegedly Iranian hackers carried out an attack against the US political establishment and a number of other persons with the aim of "interfering" in the 2020 presidential election.

Sergei Sudakov believes that the next incident related to hacker attacks will also be attributed to Iranian and Russian hackers allegedly associated with the authorities of the Russian Federation and Iran.

Social Media Regulations: Need 3 Months To Frame Rules, Centre Informs SC



NEW DELHI: The Centre on Monday informed the Supreme Court that it would need 3 more months to finalize the process of updating and notifying the intermediary guidelines for social media in India, as per the reports by PTI. These new rules will be aimed at curbing the alleged exploitation of various social media platforms like Facebook and WhatsApp; major issues like fake news, hate speech, defamatory posts, and anti-national activities will be regulated by the updated guidelines which are expected by the last week of January.

After the top courts inquired about the steps taken on this subject, an affidavit had been filed, in which the government said that the country witnessed an exponential increase in the kind of posts and messages that incite hatred, disrupts social harmony and threatens country’s integrity, and therefore, a greater control over the internet is required to safeguard national security.

On the basis of the appeals filed by social media giants like WhatsApp, Facebook, and Twitter, who argued that the cases will probably have national security implications, the court assembled all the related cases and transferred them to the High Courts. After the government provides the court a draft of revised intermediaries guidelines, the next hearing will take its course, which is expected on January 15.

The Internet has become a powerful tool which can potentially cause “unimaginable disruption to the democratic polity”, The Ministry of Electronics and Information Technology told the court.

Although technology has facilitated economic growth and progress, it also heightened the concerns regarding social harmony and national security. “As the internet has emerged as a potent tool to cause unimaginable disruption to the democratic polity, it was felt that the extant rules be revised for effective regulation of intermediaries, keeping in view the ever-growing threats to individual rights and the nation’s integrity, sovereignty, and security,” remarked the ministry in the affidavit. “After collating and analyzing all the details from stakeholder participation and inter-ministerial consultation, the deponent has bonafide belief that a further period of three months would be required for finalizing and notifying the final revised rules in accordance with law.”

Prior to Tamil Nadu’s agreement on transferring the cases to the top courts, the Attorney Journal said, “WhatsApp and Facebook after coming to India can't say they can't decrypt information.”

Hackers Now Allowed to Find Flaws in US Fighter Jets and Security System


The Trusted Aircraft Information Download Station could have been shut down entirely due to a host of flaws discovered by hackers who were challenged to detect vulnerabilities in a system of a U.S military fighter jet known as F-15.

It was unprecedented in the history of the tech world that outside researchers were given physical access to such critical machinery, and were asked to detect vulnerabilities. It was a matter of two days for a group of 7 hackers to come up with a number of exploits which included bugs that were identified by the Air Force itself but they couldn't fix it, according to the Washington Post.

Hackers put the system through numerous attacks which included subjecting it to malware and testing with objects like screwdrivers and pliers, reported the DEF CON 27.

In the context of the vulnerabilities exploited by the hackers, Roper Technologies attributed, “decades of neglect of cybersecurity as a key issue in developing its products, as the Air Force prioritized time, cost and efficiency.”

Usually, outsiders were not allowed such access to military equipment which is highly sensitive in nature and their operation; it came as a massive change in how the military and technological world works in synchronization, the gravity of which can be gauged by the fact that hackers physically approached the machine with tools.

As per Roper, American Air Force is of the belief that if it doesn't allow America's best hackers to find every single vulnerability present in their weapons, machinery and fighter jets, then they are at the risk of being exploited by other adversaries like Iran, Russia and North Korea.