Search This Blog

Showing posts with label Information Security News. Show all posts

Vulnerability has been found in the Xiaomi Feeder through which thousands of cats and dogs around the world can be left without food


Russian IT specialist Anna Prosvetova discovered a vulnerability in Xiaomi Furrytail Pet Smart Feeder. Since feeders are used when the owners leave the house for a long time, pets may starve to death. The vulnerability was discovered in the application API through which feeders are controlled. The researcher believes that she has access to all such feeders, which are now active in the world.

Smart feeders work on the principle of a dispenser that gives a cat or dog a certain amount of dry food at a time. The owner of the animal can set the schedule of meals and the amount of portions in the mobile application. Thanks to this device, the animal can be left for a long time in an empty apartment, without worrying that it will die of hunger.

“I have logs running on the screen from all existing feeders, I see data on the Wi-Fi networks of poor Chinese who bought these devices. I can suddenly feed all the cats and dogs with a couple of clicks, but I can delete the schedules from the devices and not give them food. In addition, I see how much food is in the bowl now," writes the researcher. She has such a smart feeder at home.

Prosvetova did not provide a detailed description of the vulnerability because it is not yet closed. However, she reported that the feeders used a microcontroller ESP8266, which makes it possible to install special firmware on all devices.

As the programmer notes, the vulnerability in Furrytail is ideal for hackers who plan DDoS attacks: the whole process can be easily automated and scaled.

Prosvetova found almost 11 thousand of such gadgets on which she could change the feeding schedule without a password.

She sent a letter to Xiaomi with a detailed analysis of the vulnerability, indicating the method of finding it and advice on how to fix it. Xiaomi confirmed the bug in the smart feeders and promised to fix it. However, the company does not have a mechanism to reward researchers for finding vulnerabilities.

Avito users were targeted by a dangerous Android Trojan


International company Group-IB, which specializes in the prevention of cyber attacks, has recorded a new Android Trojan campaign, the victims of which are customers of 70 banks, payment systems, web-wallets in the Russian Federation and the CIS. The potential damage from the Trojan, called FANTA, amounted to at least 35 million rubles ($547,000).

FANTA belongs to the Flexnet malware family, which is known to experts since 2015 and studied in detail. The Trojan and its associated infrastructure are constantly evolving: attackers are developing more effective distribution schemes, adding new functionality to more effectively steal money from infected devices and bypass security measures.

According to the company, the Trojan is aimed, in particular, at users who place purchase and sale advertisements on a Russian classified advertisements website Avito.

Attackers find contact details of sellers in a network, and after a while the victim receives personalised SMS about the transfer of full cost of goods to his account. The message contains a link where sellers can find payment details. Then the link opens a phishing page on the Avito website, which notifies the seller of the purchase and contains a description of his goods and the amount received from the sale of the goods. After clicking on the "Continue" bottom, FANTA malware disguised as the Avito application is downloaded to the phone.

The receipt of bank card data is carried out in a standard way for Android Trojans: the user opens phishing site that disguises as legitimate mobile banking application where the victim enters their bank card details", the Group-IB described the scheme of attackers.

Moreover, FANTA analyzes which apps are running on the infected device. Experts found that in addition to demonstrating pre-prepared phishing pages, FANTA also reads the notifications text about 70 banking applications, fast payment systems and e-wallets. In addition, an important feature of FANTA, which the creators paid special attention, is the bypass of anti-virus tools.

According to Group-IB, the latest attack was aimed at Russian — speaking users, most of the infected devices are located in Russia, a smaller part is in Ukraine, Kazakhstan and Belarus.
It's interesting to note that FANTA developers are able to hack the devices of users of about 30 different Internet services, such as AliExpress, Youla, Pandao, Aviasales, Booking, Trivago, as well as taxi and car sharing services.

Earlier in another Russian service of free ads Youla stated that the company plan to completely remove the display numbers, keeping all communications within the service.

Putin's spokesman acknowledged the security of communications on Telegram


Communicate on Telegram is safer than on WhatsApp, said Dmitry Peskov, the special representative of the President of the Russian Federation on digital and technological development.

Recall that on September 16, Edward Snowden, a former employee of the US National Security Agency (NSA), who was granted asylum in Russia, said in an interview with a French radio station that senior officials should not use the WhatsApp messenger due to the low level of encryption. However, he added, both WhatsApp and Telegram are better than SMS or other unencrypted messages.

According to Peskov, Telegram messenger is superior to WhatsApp in terms of security, although there are no means of communication that guarantee absolute security.

"Absolutely safe means of communication does not exist. Until we made a quantum messenger, there are no safe means, " Peskov said.

Peskov also said that there is no ready-made solution for the domestic messenger for civil servants in Russia, however, there is a sense in such an application, and it will be useful.

"If we understand the physical possibility, then, of course, we will create messengers based on quantum technologies for civil servants in the Russian Federation. But for now, this is too long a story," Peskov added.

Peskov noted that at the present time Mail.ru and Sberbank are working on the creation of the Russian messenger. According to Peskov, "there are some serious developments of the domestic messengers: much work is being done in the company Mail.ru and there is a big project in Sberbank. I have not seen a solution that would be ready for implementation now."

"But, choosing between using the WhatsApp solution and using the Telegram solution, the choice of the Telegram solution from the point of view of communication security is completely obvious," said the special representative of the President of the Russian Federation.

He added that he uses both messengers.

Russia suspects Western countries interfered with Internet resources of Russian government agencies


Russia suspects that the Western countries have interfered with the work of Russian government agencies websites, said Russian Foreign Minister Sergei Lavrov, speaking to students and faculty of Moscow State Institute of International Relations and to the Diplomatic Academy of the Ministry of Foreign Affairs. He also confirmed that the topic of information security over the past couple of years has become quite popular.

In addition, Lavrov recalled that Russia was repeatedly accused of hacking American Internet resources. The US authorities are convinced that the Kremlin interfered in the 2016 US presidential election.

According to the Russian Minister, the accusations against Moscow “have not been convincingly confirmed.” Nevertheless, the myth of Russian intervention "continues to spread through the American and Western media and some Western politicians continue to raise this topic."

“We also have a reason, and more serious, to suspect that our Western colleagues are paying increased attention to our Internet resources. And this happened more than once. Representatives of the Central Bank of Russia, Sberbank and other government agencies also spoke about this.” But Lavrov did not give examples of alleged Western intervention.

Recall, the State Duma has prepared a mirror response to accusations of alleged Russian interference in the electoral process in the United States. In August, speaker Vyacheslav Volodin announced the creation of a parliamentary Commission to investigate the facts of foreign interference in the internal Affairs of the Russian Federation. Deputies found two examples of “cynical interference”, these are tweets of Deutsche Welle and the US State Department, which the Foreign Ministry considered calls to participate in unauthorized actions in Moscow. However, Mr. Volodin promised to present other "materials", mentioning, in particular," manuals", which allegedly "were distributed by employees of foreign embassies."

An expert in International Relations doubts that the West will listen to Russian statements about intervention, as Russia does not accept similar accusations of the West.

Ivan Timofeev, the Director of the Russian Council on Foreign Affairs, suggests that in the end there will be people in the West who will say: "Look, Russia is creating the scandal out of nothing. Surely they do it to distract attention from their own interference in other people's elections.”

Russia developed a new protected computer “Elbrus 801M”


Russian developers from the concern "Avtomatika", part of the Russian State Corporation" Rostec", presented a new high-performance monoblock computer “Elbrus 801M” at the XIV International Aviation and Space Show (MAKS)-2019.

According to the developers, “Elbrus 801M” meets all the usual requirements for a modern office computer, but at the same time, this machine is superior to foreign analogs in terms of cybersecurity.

As the developer’s representative explained, the new computer is protected from most hacking methods known today.

According to Rostec, the main users of this monoblock will be government agencies, as well as companies from the defense sector, oil, energy and transport industries.

According to experts, new monoblock “Elbrus 801М” will be in demand by users due to the high level of performance, cyber security and ergonomic characteristics. Experts said that the performance of the monoblock exceeds 120 GFlops. It is noted that the monoblock was created on the basis of the Russian eight-core Central microprocessor “Elbrus-8”.

“We are already ready to take orders for the production of such computers. Our monoblocks based on Russian-made processors are interested in those who need computer equipment with domestic processors, with a high level of protection against cyber attacks,” - said the developer’s Assistant, Konstantin Trushkin.

According to him, the development of the monoblock cost ten times cheaper than foreign industry leaders.

It’s important to note that the motherboard, processor, peripheral controller of the computer are created in Russia. Domestic software is also used: BIOS and Russian-made operating system Elbrus Linux. It is known that “Elbrus 801M” is compatible with 32-bit operating systems, such as Microsoft Windows.

“Most of the known hacker methods of hacking against “Elbrus” do not work. The original command system of monoblock requires the creation of new viruses, which today simply does not exist, they have not yet been developed,” said Trushkin.

By 2020, it is planned to sell several thousand pieces of equipment. In addition, in 2020, an improved “Elbrus” model with a next-generation processor should appear.

Chinese Network Security Laboratory Offering Bounty for Cyber Attacks



A 24-hour online testbed known as Network Endogens Security Testbed (NEST) is proposed by a Chinese network security laboratory for the purpose of testing the security measures provided by various organizations. It's a globally accessible testbed which would welcome cyber attacks from people and organizations across the world.

As per the Purple Mountain Laboratory for Network Communication and Security, the testbed would accept public tests with a reward money of 1.5 million yuan ($2,18,000).

Authorized users are likely to receive corresponding bounties on the basis of their test outcomes, according to the Nanjing-based laboratory.

Justifying the purpose of the proposal, Wu, the proposer of Cyber Mimic Defence Theory, said that improved "autoimmunity" should be made a priority for the upcoming generation information technology.

Wu Jiangxing, an academician of the Chinese Academy of Engineering, compared the present day network security measures which are patches for the flaws and the antiviruses to taking medicine after catching the disease.

“Whether the network is safe or not, hackers have a say. They are also welcomed to challenge it,” he added.

NEST is designed to subdue security threats that arise due to unknown flaws, vulnerabilities or Trojans, Wu told that NEST could effectively put an end to such network security threats without having to rely upon an external safeguarding measure.



A new type of fraud was discovered in WhatsApp


The Russian edition Cnews reported that ESET experts warned users of WhatsApp messenger about a new type of fraud.

At this time, users began to receive a message with a special offer on the occasion of the tenth anniversary of the messenger. The attackers promise 1 TB of free Internet traffic, moreover, this traffic can be used without Wi-Fi.

Users must follow simple steps to get a huge amount of free traffic: follow a special link, answer a number of questions, and send the same survey to his 30 contacts.

ESET experts believe that the ultimate goal of attackers is to distribute intrusive advertising without the consent of users. It turned out that this scheme really works; users who want to get a gift are playing a game of the scammers.

Analysts of the anti-virus company conducted an investigation, during which they managed to find the site of cybercriminals, which was used for several phishing campaigns. This is a type of fraud aimed at obtaining personal data of users. Fraudsters launched more than 66 phishing services from the same domain. All fake promotions were sent to subscribers under the guise of well-known brands – Adidas, Rolex, etc.

An interesting fact is that the scammers have already used such schemes to deceive WhatsApp users. In early May, it became known that the victims received a letter with an offer to get a premium account in the Spotify service. The attached link led to a phishing site similar to the official music platform portal.

It should be noted that WhatsApp posted on its website a publication in which it announced that WhatsApp will sue the organizers of mass mailings starting from December 7, 2019. Also, WhatsApp prohibits the use of the application for non-personal purposes. The messenger warns that it will collect evidence of illegal activity not only on its own platform. Moreover, in the fight against violators will be used technical means.

Hackers attacked Russian Prime Minister Dmitry Medvedev's Twitter


Source: RT
Unknown hacked the page of Russian Prime Minister Dmitry Medvedev on Twitter. They posted on the Twitter page meaningless letters and words in response to the message of the Iraqi Ambassador in Moscow.

The hacking of the Russian Prime Minister's Twitter page was recorded on 12 June. The Press Service of the Cabinet of Ministers said that currently control over the account is restored.

We are talking about the English version of the account @MedvedevRussiaE. Mysterious messages on Medvedev's Twitter appeared in response to the message of the Ambassador of Iraq in Moscow Haidar Mansur Hadi. He posted few photos from the ceremonial reception of Heads of diplomatic missions in the Kremlin on the occasion of Day of Russia. The answer to him was an incomprehensible phrase written in Latin letters, from which only one word “cucumber” is understandable.

Some users of social networks suggested that in such an unusual way Dmitry Medvedev decided to congratulate the Ambassador on Russia's holiday. However, the second phrase was no less mysterious “Hop cc very very hubby cheers cheers her very vav chi hi”. After this comment, users decided that the English-language Twitter account of the Prime Minister was attacked by hackers. Shortly after publication, both messages were deleted.

Currently, on June 12, the account @MedvedevRussiaE contains congratulation on the Day of Russia.

Earlier, Medvedev's Twitter was hacked in August 2014. Then, in the Twitter account of Dmitry Medvedev, there were ports of his resignation, as well as criticism of colleagues in the Government. The motive for the resignation was based on the fact that the Prime Minister was allegedly ashamed of the Government's actions. In a short time, records on behalf of the Prime Minister scored thousands of retweets, and the Media began to publish screenshots of the hacked page. Subsequently, the Press Service of the Government reported that the account was hacked.

It should be noted that Medvedev started a Twitter account long ago when he was the President of Russia. During a trip to the United States in 2010, Medvedev visited Apple Headquarters and received an iPhone 4 from Steve Jobs as a gift. He also visited Twitter Headquarters, where he created an account and wrote his first tweet. The Russian-language Twitter account of Medvedev has 4.84 million subscribers, the English version has 1.04 million.

Hackers made Bank clients debtors - Large-scale data breach occurred in Russia



On June 8-9, Alfa-Bank was attacked for several hours, as a result of which the stolen funds appeared on the accounts of random customers of the credit institution.

Some clients of the Bank received amounts from 10 to 15 thousand rubles ($ 155-235). Many of them quickly spent this easy money.

However, immediately after the payment, Alfa-Bank clients were charged amounts two to three times more than the fraudsters sent. They formed an overdraft or a short-term loan.

Alfa-Bank solved the problem with hacking within a few hours, and clients of Bank are obliged to return the money that came from hackers in full amount. However, there were no official comments from Alfa-Bank.

Experts said that such a fraud can be done only with access to the Bank's system. Therefore, the security service is looking for fraud among its employees.

It is worth noting that on June 9, the Russian newspaper Kommersant reported the leakage of personal data of 900 thousand clients of Alfa-Bank, OTP Bank and Home Credit Bank in Russia. According to the published material, the names, phone numbers (mobile, home and work), address and place of works, passport data of almost 900 thousand Russians including 55 thousand customers of Alfa-Bank were publicly available on the Internet, as well as balances on the accounts of clients of Alfa-Bank limited to a range of 130-160 thousand rubles.

The company DevicеLock found the leaks. They occurred at the end of May, the data were collected a few years ago, but a significant part of the information is still relevant. Moreover, DeviceLock discovered two customer databases of Alfa-Bank: one contains data on more than 55 thousand customers from 2014-2015, the second contains 504 records from 2018-2019.

An interesting fact is that one of the databases of clients of Alfa-Bank contains data on about 500 employees of the Ministry of Internal Affairs and about 40 people from the FSB (the Federal Security Service).

The Press Service of Alfa Bank said that at the moment they are checking the accuracy and relevance of information.

Gmail's Confidential Mode for G-Suite to be Launched on June 25




In an attempt to mature its email services, Google rolled out a privacy-centric feature called as ‘confidential mode’ which according to the announcements made by the company will be available for all the G suite users in the month of June. Reportedly, in 2018, a beta version of the feature has been launched in the month of August.
The feature is well-built to serve the users and their sensitive information; once available, the mode is configured to “be set to default ON for all domains with Gmail enabled, unless you choose to disable this feature" as per the Google announcements.
With the newly added Confidential Mode turned on, users are aided with inbuilt information rights management controls which allow them to set a specific expiration date for emails that will delete them automatically after the set deadline and they can also, revoke sent emails.
This groundbreaking feature of Gmail will also allow users to send self-destructing emails that will restrict forwarding and block printing to other users. 
As the officials further explained, “Because a sender can require additional authentication via text message to view an email, it’s also possible to protect data even if a recipient’s email account has been hijacked while the message is active."

How to use confidential mode

First of all, ensure that you are using the new version of Gmail which can be activated from the gear icon at the top.
Now open Gmail and click on compose, at the bottom of the mailbox will appear a tiny clock icon, click on that icon to configure the settings of that mail.  
You will have to go through this procedure for each mail you wish to use the feature with as the mode is configured on a per-email basis.


Sberbank lists the major trends in cybercrime

Stanislav Kuznetsov, the Deputy Chairman of Sberbank, said that now there are three main trends in the field of cybercrime. The first trend is DDoS attacks, the number of which continues to increase. The second trend is data leakage. "The whole market is developing in this direction," Kuznetsov added.

According to the representative of Sberbank, the third trend called fraud associated with the methods of social engineering. Kuznetsov explained that criminals often play on the trust of citizens.

"Russia is a unique country, the level of public confidence is very high in everything that is done by state institutions, corporations. This is good, but the scammers use this uniqueness of the Russian population, especially the elderly," says Kuznetsov.

For example, a serious threat is phishing (theft of confidential data through e-mail on behalf of financial and government agencies). According to the Deputy Chairman, about 27-30% of office workers in Russia in different corporations can now safely open such phishing emails. And this is a great indicator.

The representative of Sberbank admitted that he does not see the factors that would help to stop the growth of crimes using the methods of social engineering. According to him, the situation can be changed only with the help of educational activities.

Kuznetsov said that the economic damage caused to the country by hackers in 2018 could reach 1.3 trillion rubles (20 million $). Since the beginning of 2019, Sberbank stopped more than 40 intense DDoS attacks, but the financial structure did not finish its activities for a second.

Thus, cybercriminals often use DDoS attacks, social engineering fraud and data leaks. According to Kuznetsov, information security specialists will try to prevent such violations.

It is important to note that from 2020 the Central Bank may begin to conduct stress tests of credit institutions for resistance to cyber threats.

Canadian Investigation Found Facebook to be Violating Privacy Laws



On Thursday, Canadian officials said that owing to its assailable security algorithms, Facebook exposed sensitive information of millions of its users. It has been counted as a critical failure on the company’s part which it did admit to letting happen but denied to fix.

Facebook has violated local as well as national laws when it gave access to private data of millions of its users to third parties, according to an investigation conducted by the information and privacy commissioner of British Columbia and the privacy commissioner for Canada.

The company CEO, Mark Zuckerberg put forth an apology for the major breach of trust that happened in the political scandal associated with Cambridge Analytica, however, they did not take into consideration the issued recommendations regarding the prevention of further exploitation of user data.

Putting the same into perspective, at a news conference, Daniel Therrien, head at federal privacy watchdog, said, “There’s a significant gap between what they say and what they do,”

As the regulators decided to push Facebook to a Canadian federal court which is likely to impose fines on the company, Mr. Therrien told that, “historically there have been very small penalties — in the tens of thousands of dollars.”

Facebook told the investigators that it does not agree with their findings, in response, Mr. Therrien said, “I find that absolutely untenable that a company can tell a regulator that it does not respect its findings.”

Furthermore, he asserted the need to have more authorities for the inspection of companies and even strict privacy laws in the North American country, Canada.

Reportedly, Facebook has denied audits of its privacy procedures and said that it has taken necessary measures against the problems raised by the investigators.

Referenced from the statements given by Facebook on the account, “there’s no evidence that Canadians’ data was shared with Cambridge Analytica, and we’ve made dramatic improvements to our platform to protect people’s personal information.”

“After many months of good-faith cooperation and lengthy negotiations, we are disappointed” that regulators consider the issues raised in this report unresolved,” the company added.



Hackers stole 150 thousand rubles from the accounts of Belarusian enterprises through the Client Bank

At the beginning of April 2019, the police received a statement from an employee of one of a metropolitan organization, who reported that an unknown person had made unauthorized access to the computer of the organization, which uses the Client Bank software.

As it became known, the hacker not only made unauthorized access to the organization's computer, but also infected it with malware, which allowed him to make illegal payments to a certain account.

It turned out that the scammer had used RTM malware (Redaman) and sent it by e-mail.

During the investigation, it was found that the attacker made three money transfers to the account of another Bank. The amount of damage was about 30 thousand rubles (470 $). The account to which the amounts were transferred was opened in the name of the foreigner.

The investigators found out that the hacker gained access to the Bank account via a USB key, which the chief accountant had left inside the computer after the end of the working day. This allowed remote access to the system and illegally transfer money.

It was established that such a malicious program was sent by e-mail to more than 90 business entities, the total damage amounted to more than 150 thousand rubles (2 350 $).



Facebook 'unintentionally' uploaded the email addresses of 1.5 million users without their knowledge


On Wednesday, Facebook admitted that it happened to upload email addresses of 1.5 million users without their consent. However, the contacts were not distributed to anyone and the company said that all the users whose email addresses were uploaded will be sent a notification stating the same.

While the company is in the process of deleting the imported contacts, it said that it had no intentions of uploading these user contacts and will delete them soon.
In the recent years, Facebook fall prey to various security-related problems, including the major Cambridge Analytica political scandal which revealed that the personal data of millions of users has been harvested from their Facebook profiles by Cambridge Analytica to be used for political purposes; another major hit that the company took was a glitch which put to risk the passwords of millions of people.
Facebook has been battling public relation issues for the management of its users’ personal data which it shared with app developers who paid handsomely for advertisements and those who were friends with the company CEO, Mark Zuckerberg.
This month, sensitive documents dealing with internal deliberations over personal data of users were leaked. The documents, which comprised of presentations, emails, meeting summaries and spreadsheets, were shared by a British journalist to various media outlets, as per by NBC News.
Reportedly, the documents indicated deliberations over the selling of users’ data to third-party app developers and seemingly, Facebook decided against it. However, they opt to share the data with CEO Mark Zuckerberg’s friends who in-turn provided their valuable data or spend a huge amount of money on Facebook advertisements.  
A report indicated that Facebook finalized deals of sharing their user data with developers of Sony, Microsoft, Tinder, and Amazon, whereas access to the same information to others was restricted by Facebook.
Referencing from the statements given by Facebook VP and Deputy General Counsel Paul Grewald, 'The documents were selectively leaked as part of what the court found was evidence of a crime or fraud to publish some, but not all, of the internal discussions at Facebook at the time of our platform changes. But the facts are clear: we've never sold people's data,
'The set of documents, by design, tells only one side of the story and omits important context,' he added.  




Half of the online Banks in Russia does not have enough security

More than half of the Internet applications of Russian Banks were not sufficiently protected. According to the research of Positive Technologies, attackers can view some programs and also edit the information in them.

Cybersecurity Experts analyzed dozens of applications. In their opinion, 61 percent of programs have extremely low or low levels of protection.

It turned out that every second online Bank (54 percent) allows attackers to make fraudulent transactions and theft of money. For example, scammers can spoil the number to which the auto payment is set up or steal the victim's card number.

In addition, according to researchers, almost 80 percent of Banks carry out many operations without additional protection. You can transfer funds or disable the sending of one-time passwords without confirmation by SMS.

Earlier it became known that 85 percent of all ATMs are vulnerable to attacks aimed at stealing money. It turned out that Banks prefer not to update the ATM software, as it requires additional costs.

Information security Experts note that radical measures are needed to correct the situation.

Voice messages of social network Vkontakte were in the open access

Part of the voice messages of users of the Russian popular social network Vkontakte (Vk) was in the open access.

On Monday, users of the social network reported that they can find personal voice messages of other users in the "Documents" section. It was noted that messages could be found on the search request “audiocomment.3gp”.

Representatives of the social network stressed that it is not a vulnerability in the mechanism of the site, as all voice messages in the Vk application protected and only participants can access the correspondence materials.

According to the Vk Press Service, audio records could get into open access if users downloaded them through third-party unofficial applications.

The Vk administration also added that the social network does not use the audio format audiocomment.3g. The company recommended using official Vk applications to avoid such leaks. At the moment, the Vk Team quickly removed from public access about two thousand audio messages.

Lipetsk hacker made transport cards to be unlimited

Since 2017, the citizens of the city of Lipetsk can pay for travel in transport using special electronic travel cards, the balance of which must be regularly replenished.

However, the 22-year-old hacker managed to bypass the system and recorded the transport cards to unlimited.

The young man managed to create a virtual card account, which was recognized by the bus validators and accepted as a real payment. He sold unlimited cards to four residents for a thousand rubles ($ 16) each.

According to owners of unlimited cards, they didn't suspect that the young man carried out illegal manipulations.

The truth came out when one of the buyers appealed to the transport company with complaints about the failure, the validator stopped reading the card. Managers found that the card did not appear in the database, the balance was not replenished for a long time, but at the same time, the owner of the card actively traveled in public transport. After that, the employees of the transport company appealed to the police.

It is worth noting that the transport company lost about 11 thousand rubles.

The criminal case was opened under two articles: fraud and illegal access to computer information.

Kaspersky Lab found a serious vulnerability in Windows

A team of specialists from Kaspersky Lab, an anti-virus company headquartered in Russia, discovered a 0-day vulnerability in Windows systems. Cybercriminals were actively exploiting this security problem in real targeted attacks.

According to Kaspersky Lab experts, they found a previously unknown vulnerability in Windows that was allegedly used to carry out targeted attacks by at least two cyber groups — FruityArmor and the recently discovered SandCat.

Using this vulnerability, an attacker could infiltrate the victim's network or device by attacking Windows 8 and 10. As a result of a successful attack, the cybercriminal got full control over the vulnerable system.

Kaspersky lab promptly notified Microsoft of the problem, which allowed the developers to release a patch that is already available to users.

"The discovery of this exploit shows that such expensive and rare tools are still of great interest to hacker groups. Organizations need to find solutions that can protect against such threats," says Anton Ivanov, Kaspersky Lab anti-virus expert.

The First-Ever Millionaire Hacker on HackerOne




At a tender age of 19, Santiago Lopez is earning a handsome sum of money via bug bounty program HackerOne and discovering security flaws through vulnerability coordination. He is said to be the first one to make more than USD 1 million through the aforementioned channels and he ranks second on HackerOne.
Lopez is self-taught on how to quash layers of security protections as he resorted to tutorial videos and content on the internet for his hacking and information security classes which he started taking in 2015 at the age of 16.
He has worked and reported vulnerabilities for renowned organizations such as Twitter, Automattic, Verizon, HackerOne among others. As of now, he has successfully reported 1676 different vulnerabilities for online assets. Additionally, he has worked for the US government and other private organizations.
It was a year later when he was awarded a $50 pay for a CSRF vulnerability, the inflow of rewards began; the largest bounty being $9,000, which he received for a SSRF.
Santiago invested his initial bug bounty earnings on a brand new PC and as the money multiplied, the young IT enthusiast considered buying cars.
At HackerOne, the goal of their program is to touch the mark of $100 million by the end of 2020 and on the way of realizing this goal, in 2018, the security researchers at HackerOne have made more than $19 million in bounties which is significantly larger than over $24 million paid in the past five years.
It has been reported that the majority of the hackers dedicate around 10 hours per week searching for bugs, while one-fourth of them are found to be working 10-20 hours every week.
Referencing from a survey, the security researchers with extensive experience in the corresponding field forms the smallest percentage, whereas the majority which is 72.3% carries experiences ranging from one to five years.
It is the joys of accumulating money and dealing with challenges which are among the top driving factors for the researchers to submit bugs through HackerOne.




Sberbank created a phishing website for flowers delivery

The biggest Russian bank "Sberbank" created a phishing web site for ordering flower delivery to demonstrate how mobile device infection working when visiting a fake website created by cyber criminals.

Stanislav Kuznetsov, deputy Chairman of the Board of Sberbank, showed how such web sites are working on the conference in Sochi.

According to Stanislav, phishing is one of the most difficult types of fraud.  The fake website exactly copies the website you are used to seeing.  The fake site will claim it will provide free prize and tricks victims into providing the financial information including card number, PIN number.

Sometimes, the website also infects the victims devices with malicious software.  The Bank representative explained that in this way fraudsters have successfully accessed  to data on mobile devices, including personal messages.

Moreover, Stanislav Kuznetsov gave a lecture at the XIX World festival of youth and students, entitled "Cyber security — how to protect yourself in the world of cyber threats". According to him, the loss of the Russian companies and citizens from cyber attacks in two years will grow 4 times and will surpass the 1.5 trillion rubles (26 million $ or 1,7 trillion Rupee). Therefore, Sberbank developed for protecting against cyber threats a unique system of fraud monitoring, based on an artificial intelligence. With this technology, Sberbank detects 96-97% of fraudulent transactions.

- Christina