Search This Blog

Showing posts with label Cyber Security. Show all posts

Armenian Minister of Justice explains how new software will find COVID-19 infected people


Armenian President Armen Sarkisian signed the bill on amendments to the law "on the legal regime of emergency" and "on electronic communication" adopted in the Parliament.
Earlier, the Opposition disrupted the bill on control against coronavirus. Opposition deputies called it an unacceptable interference in the personal life of citizens.

The government, however, has again submitted to the National Assembly a new bill that would control the telephone contacts and location of citizens in order to combat the coronavirus.
Justice Minister Rustam Badasyan said at a press conference in the government on Wednesday that the program for monitoring citizens in Armenia will allow identifying potential infected persons using an automatic algorithm. The subjective factor is excluded here.

The approved draft amendments to the law "on electronic communication" allows monitoring the movement of citizens using data from mobile operators.

If it turns out that a user (Person X) has detected a coronavirus, the program will automatically allocate all those whom Person X made at least one call in the last 14 days, and with whom he personally contacted (the state can also collect this data from operators).

At the same time, as the Minister noted, it is necessary that these two factors coincide. In other words, if Person X called Person Y 20 times but never saw him, Person Y will not be at risk.

Only those with whom Person X at least once called up and saw each other are at risk. But this does not mean that all of them will be sent to quarantine. Emergency workers will call them and find out the circumstances of their contacts.

The Minister stressed that the program for the new system was developed in Armenia. Data on the movement of citizens will not be available to foreign companies and governments, and inside the country will be deleted immediately after the end of the state of emergency.
It should be noted that in Armenia from March 16 to April 14 a state of emergency is in place to combat the spread of coronavirus.

A Rise in New Cyberspying by a Suspected Chinese Group Detected By a U.S Cybersecurity Firm


A surge in new cyberspying by a speculated Chinese group that dates as far back as to late January was recently being observed by a U.S. cybersecurity firm. 

Happening around the time when the worldwide pandemic COVID-19 began to spread outside the borders of the Chinese, a publicly-traded cybersecurity company, FireEye Inc. (FEYE.O) said in a report that it had detected a spike in movement from a hacking group it calls "APT41" that began on Jan. 20 and focused on more than 75 of its customers, from manufacturers and media companies to medicinal and healthcare services associations and non-profits. 

The report stated that it was “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.”

In its report, FireEye said that APT41 abused the recently revealed defects and flaws in the software created by Cisco (CSCO.O), Citrix (CTXS.O) and others to attempt to break into scores of companies' networks in the US, Canada, Britain, Mexico, Saudi Arabia, Singapore and in excess of a dozen other nations. 

Despite the fact that it declined to identify the affected customers, the Chinese Foreign Ministry didn't directly address FireEye's charges yet said in a statement that China was “a victim of cybercrime and cyberattack.”

Matt Webster, an analyst with Secureworks – Dell Technologies' (DELL.N) cybersecurity arm – said in an email that his group had likewise observed proof of the said increased movement from Chinese hacking groups over the last few weeks. 

Specifically, he said his group had recently spotted new digital infrastructure related to APT41 – which Secureworks calls “Bronze Atlas." 

Even though relating hacking campaigns to a particular nation or entity is mostly loaded with ‘uncertainty’, however, FireEye said it had evaluated "with moderate confidence" that APT41 was made out of Chinese government contractors. 

John Hultquist, FireEye's head of analysis, said the said surge was astounding in light of the fact that hacking activity ascribed to China has commonly become increasingly focused and further added that “This broad action is a departure from that norm.”

Cryptocurrency Profit Reaches $182.62 Billion, Bitcoin Rises upto 10% in 24 Hours


According to data by Coindesk, the cryptocurrency value suddenly increased on Tuesday. And this comes as a matter of surprise as the whole trade market is suffering heavy losses due to coronavirus pandemic. Witnessing this sudden increase in the Cryptocurrency's value, Bitcoin eventually rose up to 10% in a single day, as trading prices reached $6,569.17 around noon, Singapore time.


Meanwhile, Ethereum's value has increased by 7%, whereas XRP witnessed a jump rate of over 5% in its prices.

The total value of the cryptocurrency trading market- Market Capitalization, recorded a surprising leap of $14 Billion to $182.62 Billion within a mere 24 hours at 11:47 am Singapore time, says the data of the website Coinmarketcap.com.

The entire Cryptocurrency market suffered severe losses at the start of March. On 8th March, the whole business failed when oil prices took a hard fall. Furthermore, on 12th March, the Cryptocurrency lost $93.5 of its value within a day, and even worse, Bitcoin suffered a 48% fall in its prices.

As observed, the growth of Cryptocurrency is marching foot by foot with the Equity market. Since recent years, people have started viewing Bitcoin as 'digital gold,' having complete faith that investing in it even under times of economic slowdown can be profitable. Unfortunately, Bitcoin, like the Equity market too, started suffering losses and became a risk asset, especially since the start of this year.

"We're seeing some bullish bitcoin price action today along with other asset classes after the Fed announced unprecedented measures yesterday to shore up the economy. It will be interesting to see how bitcoin fares in such an environment. Given this is its first test as a haven asset in a market downturn and is yet to be proven," says Vijay Ayyar in a conversation with CNBC.

 Key takeaways:
  • Bitcoin rose over 10% in 24 hours, earlier exchanging at $6,569.17. 
  • Ethereum and XPR also witnessed an increase in their prices. 
  • The market value rose from $14 Billion to $182.62 within a day.
  • The cryptocurrency market took a hard beating at the start of March due to the coronavirus outbreak.

Coronavirus will double the number of leaks of personal data of users, says security experts


The coronavirus epidemic around the world has affected not only electronics factories, but many companies are also transferring their employees to remote mode. But, according to experts, such a measure will negatively affect the entire field of data storage. Following a four-fold increase in the number of phishing mailings in Russia, analysts predict a significant increase in the number of leaks of personal user information.

According to experts of the Russian company Internet search, the danger of data being leaked to third parties often comes from the company's own employees. Employees working at home are not monitored by either colleagues or CCTV cameras, and the effectiveness of special software is often not enough to prevent leaks.

"It's scary to imagine that banks or IT giants will be unprepared for a new threat — working from home. All last year we observed how weaknesses in building the information security of the largest companies in the country led to catastrophic leaks of user data and other protected information. Now we ask employees to work from home and give them all the necessary access," said Igor Bederov, head of the company.

The expert noted that employees of various organizations at home are not protected from spam attacks and phishing, as well as from hacking their work computers. According to him, cybercriminals have already flooded the e-mail of many users with messages containing malicious codes.

Earlier, experts warned of a sharp increase in the number of leaks of personal and corporate data due to the mass transition to remote work. According to experts, the number of leaks in the near future may grow at least twice.

HACKED- Windows 10, macOS, Adobe, VMware, Apple and Oracle at The Pwn2Own 2020!


Pwn2Own is a well-known computer hacking contest which is held once every year at the CanSecWest security conference. In this contest, the contestants are tested on how well they could exploit commonly used software and mobile devices with formerly unheard of vulnerabilities.

An issue as grave as the Coronavirus pandemic has clearly not affected the spirits of the Pwn2Own 2020 hacking competition which got done with its first two days.

On Day 1, security researchers and participants bagged a handsome amount of over $180,000 for exploiting the Windows 10, Ubuntu Desktop and macOS, mention sources.

Reportedly, a “team from the Georgia Tech Systems Software and Security Lab succeeded in exploiting a kernel privilege escalation to execute code on macOS” by way of Safari. The attack mechanism that ended up winning for the team $70,000 was comprised of 6 vulnerabilities.

Per the event page (thezdi.com), Georgia Tech employed a “6 bug chain to pop calc and escalate to root”.

The team that has won several preceding editions of the hacking contest, Team Fluoroacetate, won themselves a victorious $40,000 after they employed a “local privilege escalation exploit” meant for the Windows 10.

Reports mention that one of the two members of the aforementioned team also won himself a smashing amount of $40,000 for yet another privilege escalation exploit pursuing Windows 10.

As per sources, the RedRocket CTF team got themselves a win, owing to it to one of their members, Mafred Paul, who bagged an attractive amount of $30,000 for a local privilege escalation exploit focused on Ubuntu Desktop. The hack was about the manipulation of the ‘Input validation bug’.

On Day 2, The Fluoroacetate successfully targeted the Adobe Reader with a local privilege escalation by employing a pair of UAFs, mentioned sources and grabbed an amount of $50,000.

Per reports, the Synacktiv team targeted the VMware Workstation but unfortunately to no avail in the given duration of time. There also were special demonstrations of the Zero Day Initiative against the Oracle VirtualBox.

This was the very first time the organizers allowed “conditional remote participation” in the Pwn2Own hacking contest, understandably because of the increased concerns of people about traveling due to the Coronavirus outbreak.



Some useful Cybersecurity tips every Work-from-home Employee must know


Amid the Coronavirus (COVID-19) panic, numerous corporates and organizations have told their employees to work from home as a safety concern for the employees' health. This precautionary step indeed is a good measure to take care of the employees' health while maintaining the work productivity in balance, but it also brings up concerns about the cybersecurity or the company's networks and data. It would be the 1st time for many companies to start this work-from-home initiative, which means that these organizations lack the precautionary measure to prevent their company's networks and data from potential cyberattacks from hackers. Incidents of cyberattacks have already appeared amid the coronavirus outbreak.

How to protect your system while working from home

Password Manager
Password Management Systems are a great way to keep all the online passwords encrypted. This way, your team's online accounts, and passwords are safe. This feature allows safe sharing of the password, which means that the team can securely log in to the accounts without the risk of exposing the password.

2-Step Authentication
Most of the organizations work on a cloud platform, which means the employees have collaborative access. However, using cloud also exposes your network to cybercriminals if you have weak passwords, as they can pretend to be the user and gain access to your company's network. This is why 2 step verification is crucial for cloud-based software, and therefore it should be made a standard login protocol for all the work-from-home employees.

Inform your employees about the security of devices
Safety of the employees' devices is crucial while working from home, as the devices can be stolen or lost. Therefore, it is very important to keep your devices safe as it can provide cybercriminals access to your company's network. Follow these steps to ensure device safety:

  •  Always use lock screens and passwords on your device.
  •  Don't plug your untrusted USB into your device. 
  • Keep a regular backup of your device. 
  • Always use 'find my device' option, just in case your device gets lost. 
  • Encrypt important data and files
 Don't use Unsecured and Public Wifi networks
Avoid using public wifi at all costs as it can make your device vulnerable to cyberattacks.

Cybersecurity experts told how to protect yourself when working from home


After the World Health Organization (WHO) officially recognized the outbreak of COVID-2019 as a pandemic, many employers offered their employees to switch to remote work. Experts in the field of information security explained what risks exist when working from home and how to protect yourself from hackers.

Check Point Software Technologies specialists noted that employees feel more relaxed at home, especially when it comes to cybersecurity. This disadvantage can be exploited by hackers, who carry out attacks in order to gain access to personal or corporate data.

Employees can protect themselves from such attacks by following certain rules. First, strong passwords should be created. However, it is important to use different combinations for different accounts.

Also, cybersecurity experts recommend employees to be careful about emails. Since emails can be sent by hackers, they need to carefully study the information about the sender. This will make sure that the person is communicating with a colleague. According to experts, domains associated with coronavirus are 50 percent more likely to be malicious.

In addition, it should be remembered that a corporate laptop is not recommended for use in games or watching videos. This creates a security risk.

Experts do not advise company management to save money and provide devices for employees working from home so that they do not use personal devices.

If a person has to work on their own computer or laptop, then first he should consult with the corporate IT team. Also, employees need to protect home Wi-Fi with a more complex password to access the Network.

Timurbulat Sultangaliev, head of information security consulting company AT Consulting, said that for safe work from home, it is important to provide data encryption, antiviruses, firewalls, restrict access to the system to unauthorized users, monitor security and vulnerabilities, and provide multi-factor authentication.

Tor Browser Bug Executes Uncalled for JavaScript Codes!


The well-known Tor is allegedly experiencing some kind of bug in its mechanism. It has hence warned the users to stay vigilant as regards to the “Tor Browser Bug”, which runs JavaScript codes on various unexpected sites.

Tor (originally Team Onion Router) is a free and open-source software which chiefly works on allowing anonymous communication to users.

Reportedly, the team has been working on a solution and would roll it out as soon as it is done, but there isn’t a particular time to expect it.

One of the most critical features for the security of the Tor Browser Bundle (TBB) happens to be the ability to block the code execution of the JavaScript, mention sources.

TBB is a browser that has a set of superior privacy features majorly for concealing real IP addresses to maintain the anonymity of online users and their devices’ locations.

Owing to these features, the browser has become a go-to for the working people, especially the journalists, citizens of repressive countries and people with political agendas because after all, it is a great instrument to dodge online censorship and firewalls.

People who are against the anonymity of the users and just can’t let things be, have in the past tried several times to expose Tor Browser users’ actual IP addresses via exploits that functioned on JavaScript code.

Sources cite that while few attempts of the better nature have been successfully employed to track down criminals, others were pretty strangely executed.

And then recently, a bug was discovered in the much appreciated TBB’s security mechanism. When the browser was set to allow the use of the most supreme security level and still permitted the execution of the JavaScript code when instead it should have barred it.

It is a relief that the team of Tor is well aware of the bug and is, with dedication working towards developing a patch for it. Per sources, they also mentioned that if a user requires to “Block JavaScript” they could always disable it entirely.

As per reports, the procedure for doing the above-mentioned is to open the “about config” and search for “javascript.enabled”. If here the “Value” column mentions “false” it means that the JavaScript is disabled and if it mentions “true” then right-click to select “Toggle” or double click on the row to disable it.

Bitcoin crashes 20% within an hour amid Coronavirus mayhem


The price of cryptocurrency Bitcoin tumbled drastically, losing 20 percent of its value within an hour. The value of Bitcoin came below 600 dollars, the lowest since 2019 because of the cryptocurrency crash.


Many other cryptocurrencies were also affected with significant losses and Bitcoin losing one-third of its value. Ethereum is down 27% in 4 days, making it the worst-hit cryptocurrency.

Several experts and cryptocurrency analysts are blaming the Covid-19 coronavirus outbreak for the crash and plumbing of the global economy. "Bitcoin has fallen as cryptocurrencies become caught up in the turmoil we're seeing in traditional markets," Simon Peters, a market analyst at online trading platform eToro, reports The Independent.

"Previously seen as a possible safe haven in difficult times, investors now seem to be selling out to take back liquidity in case the coronavirus spreads even further. In a time of uncertainty, many investors might feel it is better to own cash or gold rather than more speculative cryptocurrencies like bitcoin."

The virus declared as a pandemic by the World Health Organization on Wednesday has made the global economy standstill with continuous losses and falling stocks.

The Independent reports, "One economic forecaster, who predicted the 2008 global financial crash, warned that another crash is on the way. Jesse Colombo described coronavirus as “the one-two punch” that will send the economy “hurtling towards recession”." 

Experts say that the cryptocurrency prices will keep falling down further, an unfortunate turn to those who were relying on the cryptocurrency for market flow in difficult times.

This drop means that around 50 billion dollars have been lost from Bitcoin's whole value. It is the most drastic and severe crash since Bitcoin's inception. 

Though the cryptocurrency market is always volatile, researchers say that it's not the end. They are comparing the crash with 2017, when Bitcoin value shrewd by 20,000 dollars and it recovered. They say that the price and economic graphs are very similar and thus the cryptocurrency will make a comeback.

And famous whistleblower Edward Snowden backs the claim tweeting, "This is the first time in a while I've felt like buying bitcoin. That drop was too much panic and too little reason."

The Russian quality system (Roskachestvo) gave recommendations on protecting data in social networks

Scammers in social networks use social engineering techniques to hack a user account. In this regard, Roskachestvo experts recommend setting the most stringent privacy settings for the personal page. According to experts, cybercriminals tend to get into the friend list in social networks in order to use this opportunity for fraud in the future, so users of social networks should monitor their privacy and be vigilant.

"Set the most strict privacy settings. For example, hide your contact information, published posts, and information about relatives and friends from everyone except your friends. This will make it more difficult for attackers to get your data and use it in fraud using social engineering," said experts.

Cybercriminals use fake phone numbers, fake names, and other people's photos to get into the friend's list. In addition, there is a high risk that when you click on a postcard, petition, or unknown link, the user is redirected to a site that requests access data to social networks and passes them to the fraudster.

"Everyone knows for sure that a request for financial assistance from a hacked page is a fraudulent technique," reminded Roskachestvo.

Experts advise adding only really familiar people to friends, and also beware of those who ask or offer money, and if a friend makes such a request, ask him personally by phone.

"Do not send payment or other confidential information in social networks and messengers. If you have already sent your card data, find and delete these messages," said experts.

Roskachestvo advises not to follow suspicious links sent in messages, not to use public Wi-Fi networks, set up two-factor authentication in social networks, and use complex passwords for each service, using special software generators to compile them.

"At the same time, it is extremely important to use different passwords for accounts on different resources," said Anton Kukanov, head of the Center for Digital Expertise of Roskachestvo.

Russians were given ways to protect themselves from surveillance via a smartphone


Experts noted that most often smartphone owners are inattentive and infect their devices with spyware. Such programs can collect personal data and place it in the public domain, listen to conversations, and monitor the actions of the owner.

Sergey Nikitin, Deputy of the Group-IB Computer Forensics Laboratory, said that more than 90 percent of cases are not vulnerabilities, but user actions. According to him, the main source of infection is applications downloaded through the browser.

"The search engine, first, gives not an official site, but contextual advertising. Often, scammers buy it, and by clicking on the link from your phone, you download a malicious APK file," said Nikitin.
Nikitin gave an example of the GetContact app, which shows how a person is named in his friends' contact list. According to him, the user provides access to contacts that can leak to the network. He noted that such cases have already occurred. The expert advised not to download applications for remote management, for tracking the user. According to him, it is also not necessary to download the first available antivirus from the search engine, since an unknown program may be a program with a Trojan virus.

Kaspersky Lab expert Viktor Chebyshev also said that popular apps can be malicious. According to him, hackers often fake malicious programs for popular applications. "For example, we recently discovered more than a thousand malware that pretended to be a popular dating application. In General, in 2019, most often Trojans pretended to be photo-processing applications,” informed Chebyshev.

Another loophole for fraudsters is called remote control applications that allow to see the device's screen.

"An attacker can ask you to install the program and then conduct a financial transaction on your behalf. Many banks now show a one-time code in push notifications, so it is not a problem to see it on the screen," said the representative of Group-IB.
Experts also added that fake apps can be found even in official stores. You should be wary if the application requests administrative functions.

Security Experts Say Hackers Can Hack Russian Banks In 5 Days


Experts from the information security company Positive Technologies came to the conclusion that hackers will need only five days on average to hack a large Russian Bank. Experts came to this conclusion on the basis of a number of tests. The attack was successful due to vulnerabilities in applications, software and password selection. In some cases, access to ATMs was obtained.

Tests in 10 banks from the top 50 banks showed that hackers need an average of 5 days to hack the Russian bank’s network. In cases where the hacker acts from the inside, he is able to get full control over the entire infrastructure of the Bank in two days.

During the audit of banks, whose names were not disclosed, experts simulated 18 cyberattacks. In eight cases, the attacks were carried out from the outside using only publicly available data, such as the Bank's website or an incorrectly configured database. In ten cases, the hacker attacked from inside the bank, that is, the hacker was in the Bank building and got access to the power outlet, Wi-Fi network, and so on, or thanks to an external attack, he gained access to user data of a bank employee. Social engineering methods were not used in the tests.

Passwords turned out to be the weakest point because most of them were selected using a combination of similar words or nearby keys. Under one very common password “qwerty123” in one of the credit organizations were more than 500 accounts.

New testing showed that hackers can penetrate from the Internet into the local network of seven out of eight banks.

However, Kaspersky Lab’s Leading Antivirus Expert Sergey Golovanov said, Due to the improvement of bank security systems, Russian-speaking hacker groups are increasingly attacking foreign credit organizations, they are switching to banks in Asia, Africa and Latin America.

Facebook Data Breach: API Security Risks


In the year 2018 Facebook disclosed a massive data breach due to which the company had to face a lawsuit along with allegations of not properly securing its user data. The breach directly affected the authentication tokens of nearly 30 million of its users which led to the filing of several class-action complaints in a San Francisco appeals court. In the wake of the incident, Facebook pledged to strengthen its security.

A feature, known as "View As" which was employed by developers to render user pages was exploited by hackers to get access to user tokens. The theft of these tokens is associated with the advancement of a major API security risk, it also indicates how API risks can go unnoticed for such a long time frame. The trends in digital up-gradation have further pushed the process of continuous integration and continuous delivery – CI/CD, which are closely related concepts but are sometimes used interchangeably. The main purpose of continuous delivery is to ensure that the deployment of a new code takes the least possible effort. It enables DevOps to maintain a constant flow of software updates to fasten release patterns and reduce the risks related to development.

Conventionally, developers used to work on the parts of an application– one at a time and then manually merge the codes. The process was isolated and time-consuming, it led to the duplication of code creation efforts. However, as the IT ecosystem went on embracing the new CI/CD model and effectively sped up the development process while ensuring early detection of bugs, almost all the security has been commercialized by ace infrastructure providers namely Microsoft and Amazon. The commodities offered include authorization, container protection and encryption of data. Similarly, security components of first-generation firewalls and gateways like the protection of denial-of-service (DDoS) attacks also constitute the infrastructure.

When it comes to navigating and communicating – especially through an unfamiliar space, APIs are a powerful tool with great flexibility in their framework. However, similar reasons also make APIs equally vulnerable also.

While giving insights into the major IT risk posed by APIs, Terry Ray, chief security officer for Imperva told, "APIs represent a mushrooming security risk because they expose multiple avenues for hackers to try to access a company's data."

"To close the door on security risks and protect their customers, companies need to treat APIs with the same level of protection that they provide for their business-critical web applications."

The API threat is basically rooted in its lack of visibility, Subra Kumaraswamy, the former head of product security at Apigee, an API security vendor owned by Google, while putting the risk into the perspective, told: "When you have visibility into your APIs throughout your organization, you can then put controls in place."

"You might decide that a certain API should only be exposed to in-house developers, not external, third-party ones. If you don't have visibility, you can't see who is accessing what."

While labeling the authorization and improper asset management as areas of key concern, Yalon told, “Authorization mechanisms are complex because they are not implemented in one place, but in many different components like configuration files, code, and API gateways."

“Even though this sometimes may look like simple housekeeping, having a very clear understanding of the APIs, with well-maintained inventory, and documentation (we whole-heartedly recommend Open API Specification) is very critical in the world of APIs,” he further said.

Most corporate networks in Russia are at cyber risks


Most (81 percent) of corporate and government structures networks were infected with malicious software. This is the conclusion was made by Positive Technologies specialists after analyzing the internal traffic of state organizations, industrial enterprises and other structures. IT analysts sound the alarm because employees of Russian companies and government agencies download movies from torrents, communicate via messengers and use simple passwords, increasing vulnerability.

Experts said that among the most common viruses are miners who mine cryptocurrency secretly from the owners and unauthorizedly display advertising software. A quarter of the networks are openly infected with spyware.

The company also reported that employees of 94 percent of Russian companies and government agencies download movies from torrents, communicate via messengers and use simple passwords like 12345. Positive Technologies also includes remote access to corporate resources as a risk factor. Experts explain that the employee's computer can be hacked and fraudsters will get access to the corporate network through it.

Analysts have noticed that it is extremely difficult to distinguish the actions of employees who run Tor, VPN and proxy servers from the actions of hackers because in both cases the same technologies are used. So hackers can steal data from the corporate information system without being noticed.
Sergey Zolotukhin, the trainer of the Group-IB computer forensics laboratory, explained that underestimating the level of development of cybercrime, a lack of attention to modern technologies and a low level of knowledge in this area affect the level of protection of companies from cyber threats.

Earlier, on February 10, it became known about a new type of fraud with Bank accounts of Russians. Scammers call the potential victim and ask which branch the client will come to close the account. The owners report that they did not make such a request to the Bank, after which they are offered to transfer all funds to a secure account.

Apple Deliberately Restricts Old Versioned iPhones' Performance; Gets Fined!



Apple, the technology giant famously known for its partially eaten logo among other things, was recently fined by France’s authority that regulates competition in the country, mentioned sources.

This apparently isn’t the first time that Apple has been fined by governmental authorities but it hasn’t mattered to the multi-million organization much before because of its money replenishing power.

Per reports, the reason behind this charging happens to be Apple’s voluntarily keeping the fact from its users that the software updates it released in 2017 could limit the functioning of the older versions of iPhones.

According to sources, Apple never updated its users that the time-worn batteries of the older iPhones, namely, iPhone 7, iPhone 6, iPhone SE and such wouldn’t be able to manage the increased battery usages.

The Directorate-General for Competition, Consumption and the Suppression of Fraud (DGCCSF) is the aforementioned body that in one of its reports elaborated upon how Apple’s software updates hindered the proper performing of older models of iPhones and how the company never realized their duty to enlighten the users about it.

The updates in question basically curbed the performance levels of iPhones to thwart excessive energy consumption of older versions of the phones, eventually trying to ward off a total crashing down of the devices.

The users could go back to older software versions or replace the battery and their iPhones could have a chance at working like they formerly did. The issue is a good initiative and has a solution but how are the people to know about this and act accordingly, if they aren’t duly apprised by Apple?

And what’s more, Apple restricted the users from returning to their previous software types, meaning the users couldn’t do much about the situation anyway!

Sources mentioned that Apple agreed to pay the fine of around $27.4 million for purposely limiting the performance of older iPhones and not alerting the users about it.

There was quite a hullabaloo outside of France as well regarding the same issue including lawsuits that got Apple to publicly apologize and offer free battery exchanges for affected devices.

As per sources, an Italian agency too had fined Apple and Samsung for not conspicuously informing the users on how to replace batteries.

But, $27.4 is next to nothing for a gigantic tech name like Apple. It would, with no apparent trouble, stock back the amount of money in just 2roper to 3 hours!

Teenager Arrested for DDoS Attack in Ukraine


Ukranian Police arrested a 16 yrs old teenager last month on charges of attacking a local Internet Service Provider (ISP) to gain personal information about the users. The police (Ukranian) says that the teen used the technique of DDoS (distributed denial of service) attacks to take down the local ISP. This happened after the local ISP refused to give the teenager the details of the user. The severity of the attack made the ISP contact law enforcement last year to resolve the issue.


"The officers at Ukraine Cyber Police hunted down the 16 yr old attacker in the city of Odesa in January," said the spokesperson for the Ministry of Internal Affairs in a conversation with ZDNet. We explored the teen's home and confiscated all the devices. Upon investigation, the teen was found guilty of the attack. According to the authorities that conducted the preceding inspection of the defendant's system, the authorities found software that the teen used to launch the DDoS attacks. Besides this, details of 20 different accounts related to distinct hacker forums were also found," said the Cyber Police of Ukraine in a statement.

 As per the Criminal Law of Ukraine, the person found guilty of DDoS attack faces imprisonment for up to 5 yrs in jail. However, the teen is not charged for the attempt of extortion to the ISP. The Ukrainian Police has denied releasing any further information regarding the case. It has also not disclosed the person affected by the DDoS attack saying, "the investigation is still in process." It is not the first incident where a DDoS attack was performed to steal user information.

 In several other cases, the hackers were able to take down the ISP network using a simple technique like DDoS Botnet. Other instances similar to this case appeared in countries like Cambodia, Liberia, and various other countries in South Africa. As per the observations, to perform attacks on massive scales of Junk Traffic, the hackers use DDoS Botnet, which is very capable. This happened in Liberia. Carpet Bombing is another efficient technique to perform such attacks (as per the incidents that happened in South Africa).

Apple Engineers unveils a proposal to standardize the two factor authentication process and Google backs it up!


Apple known for it's off the charts security features was recently troubled with hacks, malware and phishing attacks staining its reputation and customer trust. And to counter that, Apple has again risen to strengthen its security and user experience - the tech company is planning on standardizing two-factor authentication (2FA) to prevent security issues and phishing scams.

PhoneArena.com reported that Apple engineers have put forward a proposal to enable a standardized format for a two-factor authentication login method where users receive a one time password (OTP) via SMS during login. The suggestion was given by engineers of Apple Webkit, from the Safari browser - the default mackintosh browser. The suggestion was also backed by engineers working on Chromium, Google.

The feature would use SMSs containing the login URL. Usually, with two-factor authentication users have to see their mobile or write down the code and then try to login which makes the whole process long and frustrating but Apple always tries to give the customer the best experience and to tackle this they have come up with a standardize and automated method.

What's different with this feature than the other two factor authentications is that it will standardize the process and format for the browser and mobile applications. The incoming messages will be easily identified by the browser or mobile applications, the browser will recognize and identify the web domain in the SMS and automatically extract the One Time Password (OTP) and complete the login. This will prevent the user from being scammed as the process will be automated and the browser or the mobile app will recognize the authentic source.

 According to the report, "The proposal has two goals. The first is to introduce a way that OTP SMS messages can be associated with a URL. This is done by adding the login URL inside the SMS itself. 
The second goal is to standardize the format of 2FA/OTP SMS messages, so browsers and other mobile apps can easily detect the incoming SMS, recognize web domain inside the message, and then automatically extract the OTP code and complete the login operation without further user interaction." 
After enabling the feature, browsers and apps will be automated and complete the login through 2FA (two-factor authentication ) by obtaining the OTP. In case of a mismatch, the automatic process will fail and the user will be able to see the website URL and complete the login process.

The Prosecutor General's Office of the Russian Federation proposes to create a single resource to combat cyber fraud


Specialized service for collecting data on cybercrime in the financial sector, which will help counteract fraud in cyberspace, may appear in Russia. The Prosecutor General's Office of Russia made a proposal to register Russian scammers.

It is noted that currently in Russia there is no specialized service that would allow solving the problems of citizens deceived by fraudsters online. Statements about crime have to be submitted to police departments. The current procedure requires only a statement about a crime or a report of a law enforcement officer about the detection of signs of a violation. According to the Prosecutor General's office, there is also no structure that carries out operational work with citizens on cybercrime.

The Department considers it necessary to protect citizens in cyberspace from scammers and create an opportunity to get help in such situations online. Thus, it is proposed to entrust the new structure with the duties of collecting, storing and systematizing data about fraudsters.

The new resource is proposed to be integrated into the Unified portal of public services and it will have to interact with law enforcement agencies. According to the authors, this will allow not only to register new cases of fraud but also to prevent further cases. Phishing and fraudulent sites will be blacklisted.

Financial market participants are aware of the project but do not want to comment on it. Financiers in informal conversations indicate that the project is "in the initial stage" and should not directly affect banks.

Human rights activists support the idea of the Prosecutor General's Office. According to the expert, one of the most common reasons for citizens to ask for help can be called phishing schemes, the damage amounts to billions of rubles a year. Therefore, thanks to the new service, a large amount of data will allow you to identify some common schemes, identify related persons. This will improve the quality of investigative actions and the detection of crimes.

In Russia, every third person has experienced cyber fraud, and almost every tenth has suffered from it. At the same time, according to experts, only about 7 percent of such cases reach the court.

Ransomware Hits Media Monitoring Company 'TV Eyes'


The latest ransomware has attacked 'TV Eyes,' a company that offers campaign monitoring services to TV and radio news broadcasts. PR agencies and newsrooms across the world mostly use TV Eyes service to keep a trace of their broadcast. "The ransomware infected the business somewhere around post-midnight on Thursday, 30th of January," said TV Eyes CEO David Ives in a conversation with ZDNet. The ransomware has damaged crucial TV Eyes servers and communications workstations, affecting the network mainly in the US, along with some other areas.


"We are still calculating the total damage caused by the ransomware to the company's network. However, the company has begun making retrieval attempts," said David to ZDNet. He further says, "TV Eyes is not thinking of paying the ransom demanded by the hackers. Instead, we are reviving the situation from existing backups and focusing on strengthening the affected network infrastructure." "MMS (Media Monitoring Suite), the main product of the TV Eyes company, is not in function since the last 2 days," according to various sources at PR agencies that worked with TV Eyes.

The TV Eyes service gives a platform that allows agencies in monitoring TV telecasts and Radio broadcasts mainly in the U.S (state and other 210 markets) and influential global media organizations. The Media Monitoring Suite-MMS permits the users to seek beyond podcasts for new keywords and also set up an email account for notifications of new events. TV Eyes is a very helpful tool for several journalists, PR agencies, and political parties for campaigning. David says there's no news confirming the comeback of the TV Eyes service in the near time. However, the company is working to restore services as soon as possible.

"The kind of services that companies like TV Eyes offer is often an easy target for the hackers because they know how much dependent and reliable the users of these tools are. Therefore, hackers know that such companies are vulnerable as their users are relying on them for the safety of their data," says Paul Martini, CEO, Iboss (cloud security company). The users of the TV Eyes service are concerned about the privacy of their data, which contains crucial financial information too.

Roskomnadzor blocked the email service Protonmail


The FSB of the Russian Federation reported that it was possible to install another email service that was used by an "electronic terrorist" to send messages about mining of objects with a massive stay of people in Russia. On Wednesday, the FSB and the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) announced the blocking of the Swiss postal service Protonmail.com.

"This email service was used by hackers both in 2019 and especially actively in January 2020 to send false messages about mass mining of objects on the territory of the Russian Federation under the guise of reliable information," said the representative of Roskomnadzor.

In turn, the FSB of Russia reported that this service is used starting from January 24. Messages with threats of mining were sent to the email addresses of courts in four regions of the Russian Federation. Last year, the same service was also used to send false terrorist threats, but on a smaller scale.
"The texts also indicated allegedly mined 830 social and transport infrastructure objects. All threats were false," the FSB reported.

ProtonMail CEO Andy Yen recently announced his decision to go to court because he believes the block is unfounded. According to him, blocking the service is an inefficient and inappropriate tool to combat cyber attacks.

"This will not stop cybercriminals from sending threats from another email service and will not help if the criminals are located outside of Russia. Cybercriminals are also likely to be able to bypass the block using one of their many VPN services," Ian said.

The head of the company stressed that blocking mail will only harm private users and restrict access to private information for Russians.

Recall that this is the third foreign mail service blocked by Roskomnadzor for spreading false messages about mining facilities in Russia. On January 23, Roskomnadzor announced the blocking of the StartMail service. It was noted that mass mailings of messages about the mining of various objects on the territory of Russia were carried out through this mail service. Emails have been received since November 28, 2019.