Search This Blog

Showing posts with label Privacy. Show all posts

An App Helping Scammers Hack into Bank Accounts on the Rise in Bengaluru


An app called AnyDesk, utilized by telecallers pretending to be officials from legitimate banks is clearly on the rise in Bengaluru, helping hackers effectively access to the bank accounts of clueless customers.

AnyDesk is said to be a tool that gives remote access to digital devices and can be downloaded from Google Play and App Store. In February this year, the Reserve Bank of India cautioned of a digital banking fraud that utilizes AnyDesk as the main attack route.

Bengaluru cyber police have registered 25 cases over the last two months and as per a senior cybercrime investigator people have lost between Rs 15,000 and Rs 2 lakh subsequent to downloading the application.

The fakes talk about complimentary gifts, coupons and limits to draw their exploited people. “They use these to bait people into sharing their pin, and then access OTPs and credit card and CVV numbers saved on their phones,” he says.

The callers essentially persuade the victim to share their pin saying it is important to enact free insurance or extra credit. OTPs are their greatest weapons as they can be utilized to get to photos and recordings as well as personal data, which is now and then used to compromise and blackmail people, the official says.

“They can also see your chats and get passwords you may have stored on your phone,” the officer says. Reasons given by scam telecallers to extract information from the customers:

  1. Your ATM card has expired. 
  2. Your ATM card needs to be reactivated. 
  3. Your reward points need to be upgraded. 
  4. Your reward points can be cashed. 
  5. Your Aadhar and PAN need to be linked to your ATM card.

And so the banks have warned the people to remain cautious regarding certain parameters like:

  1. No bank ever asks you to share your OTP, CVV and Internet banking details over the phone. 
  2. People calling from banks based in Karnataka first speak in Kannada, and not in Hindi or English. Bank employees don’t ask you to deposit money through Google Pay. 
  3. Don’t install any app that allows remote access to your phone.

Twitter Used Phone Numbers and Email Addresses Provided for Security to Target Ads


Twitter, on Tuesday, admitted using phone numbers and email addresses of users provided for the purpose of enhancing security via two-factor authentication to serve target ads.

However, sensitive user data has not been shared with the company’s third-party partners and the issue which stemmed the incident has been taken care of; now the phone numbers and email addresses are only asked for security purposes, according to Twitter.

Last year, Facebook was caught for engaging in a similar practice where the phone numbers and email addresses provided by the users to make their accounts more secure were used by the social media giant to target ads, as per the Federal Trade Commission (FTC).

In the wake of the breach, Twitter received widespread criticism for compromising its users' privacy. The fact that user security has been violated through a framework that was intended to rather strengthen it, further fuelled the public reproval. Although the company did not intend to use sensitive user data for the purpose of ad targeting, one can’t deny that the platform was practicing the aforementioned without the knowledge of its users. Moreover, it took the company almost a month to disclose the information.

Putting what Twitter called as an 'error' into perspective, it wrote in a post on its Help Center website, “Tailored Audiences is a version of an industry-standard product that allows advertisers to target ads to customers based on the advertiser's own marketing lists (e.g., email addresses or phone numbers they have compiled)."

"When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes." The company added.

Remarking data (here) as a liability, Duruk, a human-computer interface expert, wrote “Phone numbers stored for 2FA end up in advertising hellhole. The more you accrue, the more someone inside your org will find a way to abuse it.”

Apologizing for the inadvertent mistake, Twitter further wrote, "We’re very sorry this happened and are taking steps to make sure we don’t make a mistake like this again."

End of Facebook encrypted messaging?


The United States, United Kingdom and Australia, in an open letter, dated 4 October urged Facebook to create backdoors into its encrypted messaging apps to grant law enforcers faster access to private messages. This would help the government to tackle child abuse, terrorism and organized crimes.

The open letter was signed by UK home secretary Priti Patel, the US Attorney General William Barr, Acting US Homeland Security Secretary Kevin McAleenan and the Australian minister for Home Affairs Peter Dutton on the grounds that cross-platform messaging encryption threatens public safety. It also aligns with UK and US’s agreement of “world-first” data access that will make cross border access to data easier and faster.

Earlier this process took from six months to a year however this agreement will speed up the process by weeks to even days as it will permit law enforcers to demand data directly from the company without asking the country’s government first.

Head of online child safety at the NSPCC Tony Stower said, “The landmark agreement between the US and UK on accessing data will radically reduce the time it takes for police to get hold of the data they need from tech giants to bring offenders to justice.
"It should be a hugely important step forward in tackling online child abuse - if tech giants play their part too."

What is End to End Encryption?

In End to End Encryption, the key to access the message is only with the sender and the recipient, even the platform can’t access the content. And, to access the content the platform needs to add backdoors that they themselves and government can access.

Facebook owned, WhatsApp already has end to end encryption and in March 2019, following the data scandal and Facebook's incompetence to protect its user’s data, Mark Zuckerberg announced plans to incorporate this encryption in messenger and Instagram.

With this open letter the governments of US, UK and Australia are pressuring Facebook to pause its plans of encrypting all messages. To which Facebook stand in opposition saying "people have the right to have a private conversation online." Facebook states that it is "consulting closely with child safety experts, governments and technology companies and devoting new teams and sophisticated technology" to keep people safe.

Privacy or Public Safety 

The letter chiefly focuses on child abuse and exploitation, considering the risk of easy access to offenders and criminals with encryption. In 2018, Facebook reported 16 million child-exploitation tips last year, Deputy Attorney General Jeffrey Rosen said.

FBI Director Christopher Wray said that Facebook’s proposal to encrypt its popular messaging program would turn the platform into a “dream come true for predators and child pornographers.” (Sc Reuters)

The letter supports encryption but with backdoors that grants government “a means for lawful access to the content of communications”

Facebook spokesperson said “We believe people have the right to have a private conversation online, wherever they are in the world. Ahead of our plans to bring more security and privacy to our messaging apps, we are consulting closely with child safety experts, governments and technology companies and devoting new teams and sophisticated technology so we can use all the information available to us to help keep people safe.”

Electronic Frontier Foundation (EFF) called the letter “ an all-out attack on encryption” and the organization cautioned that such measures could pose a risk to journalist and activists and could be used by “authoritarian regimes... to spy on dissidents in the name of combating terrorism or civil unrest.” (Sc Forbes)

Roskomnadzor began the installation of equipment for the isolation of the Russian Internet (Runet)


The Federal Service for Supervision of Communications, Information Technology and Mass Media (Roscomnadzor) started testing the equipment for implementation of the law on the isolation of Runet. The pilot project is planned to be completed by mid-October.

According to the head of Roskomnadzor Alexander Zharov, all major mobile operators in Russia have joined the Roskomnadzor project for testing the equipment and now the equipment is being installed.

Zharov said that the experiment will be carried out on the equipment of the manufacturer that has already passed all the tests. Now there is an experiment with two more manufacturers, he added. According to Zharov, among them is company RDP.ru. It is interesting to note that the development of the company RDP.ru was recognized as the most effective in the tests of blocking the Telegram messenger.

"We will be testing it for several weeks from the end of September," Zharov said. According to him, the experiment will not be conducted in all of Russia, but testing will take place in one of the regions. The name of the region was not disclosed.

The head of the Service said that they would tell about the results of the experiment in mid-October, but so far he cannot disclose all the details.

"My reluctance to speak is due solely to information security issues," he stressed.
Also, during the conversation with journalists Zharov said that the creation of a Center for monitoring and managing a public communications network is proceeding as planned.

In November, the law on the isolation of the Runet, adopted in the spring, will come into force. According to the document, Roskomnadzor will be able to control all data transmission points abroad and traffic routing using special equipment. Although the law will enter into force in November, Roskomnadzor began to prepare in advance the rules for its application.

Recall that on May 1, Vladimir Putin signed a law on the isolation of the Runet. According to this law, Roskomnadzor assumes all the authority for managing networks in case of threats to the Russian Internet. In addition, Roskomnadzor has the right to directly block websites with prohibited information.

The Kremlin called the document a precautionary measure. Federation Council speaker Valentina Matvienko stressed that the authorities do not intend to restrict Internet access to Russians.
The Ministry of Сommunications has identified a list of threats in which the Runet can go into a centralized control mode. In particular, when there are threats to integrity (when it is impossible to establish a connection between users), stability (when part of the equipment fails or natural or man-made disasters occur) and security (when someone tries to break into the equipment of providers or has a “destabilizing internal or external information impact” on communication network).

Hackers Working For the Chinese Government Tracking Movements of Ethnic Uighurs




Hackers working for the Chinese government are said to have been tracking the movements of ethnic Uighurs, a mostly Muslim minority, which is viewed as a security threat by Beijing. The hacks are a part of a rather extensive cyber-espionage campaign focused on “high-value individuals” such as diplomats and foreign military personnel, the sources said.

As a part of the campaign, various groups of Chinese hackers have compromised telecoms operators in nations including Turkey, Kazakhstan, India, Thailand and Malaysia, the four sources said.

China is currently confronting growing international criticism over its treatment of Uighurs in Xinjiang , as the members from the group have been subject to mass confinements in what China calls  “vocational training”  centres as well as 'widespread state surveillance'.

The nation has more than once denied association in any cyber-attacks or any abuse of the Uighur people, whose religious and cultural rights Beijing says are completely ensured, and the Chinese Foreign Ministry said any hacking charges should be upheld by legitimate proof.

“We would again like to stress that China is a resolute safeguarder of internet security. We consistently and resolutely oppose and crack down on any forms of internet attacks,” a ministry statement said.

While government authorities in India and Thailand declined to remark in regards to the specific telecoms operators that were undermined, officials in Malaysia, Kazakhstan and Turkey refused to promptly react to the requests for comments.

Can we control our internet profile?

"In the future, everyone will be anonymous for 15 minutes." So said the artist Banksy, but following the rush to put everything online, from relationship status to holiday destinations, is it really possible to be anonymous - even briefly - in the internet age?

That saying, a twist on Andy Warhol's famous "15 minutes of fame" line, has been interpreted to mean many things by fans and critics alike. But it highlights the real difficulty of keeping anything private in the 21st Century.

"Today, we have more digital devices than ever before and they have more sensors that capture more data about us," says Prof Viktor Mayer-Schoenberger of the Oxford Internet Institute.

And it matters. According to a survey from the recruitment firm Careerbuilder, in the US last year 70% of companies used social media to screen job candidates, and 48% checked the social media activity of current staff.

Also, financial institutions can check social media profiles when deciding whether to hand out loans.

Is it really possible to be anonymous in the internet age?

Meanwhile, companies create models of buying habits, political views and even use artificial intelligence to gauge future habits based on social media profiles.

One way to try to take control is to delete social media accounts, which some did after the Cambridge Analytica scandal, when 87 million people had their Facebook data secretly harvested for political advertising purposes.

- Netflix Cambridge Analytica film- Social media is 'like a crime scene'

- Facebook to pay $5bn to settle privacy concerns

- Is leaving Facebook the only way to protect your data? While deleting social media accounts may be the most obvious way to remove personal data, this will not have any impact on data held by other companies.

Fortunately, in some countries the law offers protection.

Google Is Supplying Private Data to Advertisers?




A big time accusation on Google is allegedly in the wind that it’s surreptitiously using secret web pages to give away data to advertisers.

Per sources and the evidence provided it’s being said that maybe Google is dealing in data without paying much attention to data protective measures.

The matter is under investigation and is a serious matter of research. Apparently the sensitive data includes race, political and health inclinations of its users.

Reportedly, the secret web pages were discovered by the chief policy officer of a web browser and they’d also found that Google had tagged them with identifying trackers.

Allegedly, using that very tracker, Google apparently feeds data to advertisers. This is possible an attempt at predicting browsing behavior.

According to sources, Google is doing all it can to cooperate with the investigations. The Google representative also said that they don’t transact with ad bidders without users’ consent.

Reportedly, Google has mentioned previously that it shall not “share encrypted cookie IDs in bid requests with buyers in its authorized buyers marketplace”.

WhatsApp’s Bug Leaves Private Chats Compromised?




Security researchers allegedly dug up some bug which apparently lets hackers access private chats and impacts user security heavily.

Per sources, WhatsApp immediately shunned the reports and hinted that it was absolutely preposterous to even think that WhatsApp would harm its users in such a way.

The people behind the massively successful messaging application are always keen on advising users on updating and following every security measure.

iOS users are especially advised to be cautious of this bug specifically when they’re surfing unknown websites. They are suggested to securely click on websites.

Users per usual are strongly advised to update their devices to the latest, download anti-virus apps and software and keep the security on high alert.

Per the source reports, allegedly, the hacked messages from the WhatsApp chats are floated on other servers.

Users should steer clear of unauthorized websites for the sake of their safety.


The largest Russian Telecom company Tele2 monitors subscribers using a script


The company is totally out of line and distributes its malicious scripts through CDN, which allows it to receive information about any customer actions.

In the 21st century, it is becoming increasingly difficult to keep your personal data safe. Now providers began to get into the personal territory of Internet users. Earlier, another Russian Telecom company Beeline was noticed in violation of confidentiality, which distributed spam ads directly on websites using the virus.

Recently it was found out that Tele2 is monitoring subscribers using a dangerous script. The company gets access to the data due to the mass implementation of scripts via CDN.

Clients of the operator did not even suspect that they were being watched The script, which Tele2 worked hard to distribute. It was designed to display additional advertising on the site, and also with its help, it is possible to calculate keywords for the formation of targeted advertising. The provider managed to do this using HTTP links, instead of HTTPS.

So, this mechanism can allow third parties not only to monitor the activity of subscribers but also to fully monitor all activities.

Experts believe that such actions of telecommunications companies are not a way to profit from advertising, everything is much more serious.

At the moment Tele2 is one of the largest companies in Russia, which is engaged in the establishment of 5G network. This means that it has access to many channels and servers. Soon all devices of Russians will become infected after successful integration of 5G network. It is possible that this data is transmitted to the authorities of the country, since at the moment the Network is the only area where the government does not have the authority for total control, so they are forced to obtain it in such a fraudulent way.

Recall that EhackingNews previously published information that providers of Kazakhstan persuade customers to install a "state trusted certificate" on all devices, which will allow intercepting all encrypted traffic of the country in order to protect citizens from cyber threats and illegal content. Telecom operators warn that if the certificate is absent, then customers may encounter problems accessing certain Internet resources.

Hackers Can Intercept What’s Being Typed Just By The Sound Of It?




Hack Alert! Hackers could listen to the sound of typing on a person’s phone via a nearby smartphone and intercept what’s being typed.

Possibly, the acoustic signals or sound waves produced when a message is typed on a computer or a keyboard could be picked up by a smartphone.

The sound could later be processed leading an expert hacker to easily decode which keys were hit and ultimately what was it that was typed.
 
Allegedly, this trick could work in a busy hall filled with people chattering and typing as well, because researchers tried it out.

Sources mention that the researchers could intercept what’s being typed with a “41% word accuracy rate”. It might take only a couple of seconds to know what’s being typed.

The results of the research sure are disconcerting and privacy and security levels of the smartphones and their sensors have got to be taken to a higher level.

From detecting if a phone is still or in a pocket, to detecting if it’s on the move; with the enhanced technology, sensors too have come a long way.



Some sensors need permission whereas most of them are set to function as a default. Per sources, the researchers had in their analysis used the later.

All they did was develop an application that could intercept the sound of typing and detect which key exactly is hit.

According to researchers the material of the table at which the keyboard is placed, plays a crucial role in the entire process as the keys sound different on different materials.

The Russian Quality System recommends covering up the camera and microphone of the laptop - Paranoia or not?


“The Internet is an insecure space, so you should not neglect the rules of digital hygiene”, assure experts of the Center of Digital Expertise of the Russian Quality System (Roskachestvo).

Experts remind that antivirus and updated software must be installed on the computer. They also recommend covering up the camera and microphone while they are not in use. This can be done with tape, duct tape or a special curtain.

"Spyware malware is able to activate a microphone or camera on the device," said Anton Fishman, the Head of the Group-IB system solutions Department. According to him, this is how Pegasus spyware works, which attacked Android and iOS through a vulnerability in older versions of WhatsApp messenger.

According to experts, even if you do not give different applications permission to access the microphone and camera, smartphones still monitor the owners, collect data about them. The reason is clear, first of all, in order to advertise the goods and services a person needs. Experts note that this happens even when access to the camera or microphone is disabled.

“We have to state that, in fact, sticking together a camera and a microphone is no longer paranoia, but one of the rules of digital hygiene,” said Ilya Loyevsky, deputy head of the Russian Quality System.

Moreover, Yevgeny Novikov, the Press Secretary of the Ministry of Digital Development, Communications and Mass Communications supported the recommendations of the Russian Quality System. He noted that Internet scammers often use methods of social engineering rather than technical vulnerabilities. In this regard, users of laptops and smartphones should take care of the protection of personal data, and not rely on antivirus.

“Internet users really should observe cyber hygiene and also take care of the safety of their personal data. You cannot completely rely on antiviruses,” said Novikov.

He noticed that he also is covering up the camera on the laptop.

Hacker Alexander Warskoy commented on the initiative of the Russian Quality System, calling these measures rather ridiculous. He added that if spies want to access devices, they will still get it.

Internet Ombudsman Dmitry Marinichev called paranoia the recommendation of the Russian Quality System. "Sticking a camera on a laptop is paranoia that can lead to Russians starting to cover up the TV with a towel."

In Kazakhstan, everyone who wants to use Internet must allow government to read their Secure Traffic (HTTPS)



Providers of Kazakhstan persuade customers to install a "state trusted certificate" on all devices, which will allow intercepting all encrypted traffic of the country in order to protect citizens from cyber threats and illegal content.

Kazakhstan Telecom operators have begun to notify customers about the need to install a special security certificate Qaznet on all subscriber devices with Internet access - mobile phones and tablets based on iOS/Android, personal computers and laptops based on Windows/MacOS.

The message on the website of the Kcell provider states that the certificate recommended for installation "was developed in Kazakhstan and provided by the authorized state body" and "will allow protecting Kazakhstani Internet users from hacker attacks and viewing illegal content". However, it can be assumed that such opportunities can be used by the authorities of Kazakhstan to gain access to information that citizens exchange via the Internet.

Users are invited to download the certificate from the website qca.kz. This domain name is registered to an individual Askar Dyussekeyev. The address of the owner is the same as the address of the Ministry of Digital Development, Innovation and Aerospace Industry of Kazakhstan.

Telecom operators warn that if the certificate is absent, then customers may encounter problems accessing certain Internet resources.

Indeed, according to some users from the capital of Kazakhstan, it is impossible to access sites that force the use of the secure HTTPS protocol using the HSTS mechanism without installing a certificate. Such sites are now the majority.

According to Shavkat Sabirov, the President of the Internet Association of Kazakhstan, there is a global problem in the world related to the safe use of the Internet.

"All the experiments that were associated with the installation of root certificates failed. All over the world, it is already recognized that this is an unsuccessful and even a terrible attempt to work in a safe mode. If this certificate is stolen or hacked, the attackers will get absolutely all the information about users data that use this certificate," said the president of the Internet Association of Kazakhstan.

The President of the Internet Association of Kazakhstan noted that companies that provide services on the Internet with the security certificate should take responsibility for its use.

The Rise of Fingerprinting and Monitoring Of Our Digital Activities




 The concept of digital privacy has evolved so much with time that regardless of whether we secure our data to ensure that we are not tracked on the web, the ad tech industry, through some way or different finds ways to monitor our digital activities.

Being alluded to as a cutting edge tracking technology by security researchers, the fingerprinting technology has for sure achieved new statures.

While it incorporates taking a look at the many characteristics of the user's mobile device or computer, like the screen resolution, operating system and model, it likewise very effectively while triangulating this data, pinpoints and follows the user as they browse the web and make use of the other apps.

Presently since the technique happens imperceptibly out of sight in applications and websites, it becomes very hard to block the particular technology at whatever point it isn't required.

In the course of the most recent couple of years, tech companies like Apple and Mozilla 'introduced aggressive privacy protections' in their internet browsers to make it harder for advertisers to follow the users around the web and serve targeted ads on promotions.

But since a large number of those technologies ended up getting blocked by default, the advertisers needed to come up with an alternate method to track more users.

That is when the fingerprinting technology becomes an integral factor, as it gathers apparently harmless attributes that are commonly shared as default to make applications and sites work appropriately, which happens when the users gives an application the consent to access their location data, their camera and microphone. Thus, many other browsers likewise require the permission before a website can access those sensors.

While some state that the fingerprint method can be dependable and reliable, others say that it is abusive on the grounds that in contrast to cookies, which the users can see and delete, one for the most part can't tell it is going on and can't opt out it.

Nonetheless the solutions for averting fingerprinting are generally new, and some are still being developed. Thus it is difficult to tell how powerful they are since fingerprinting happens undetectably. So here are a few solutions for blocking browser fingerprinting.
  1. Apple users can make use of the protections installed in the Safari browser for computers and mobile devices.
  2. Android users and Windows users can try the Firefox web browser.
  3. Furthermore, the other desktop browsers can easily install an add-on.

In case of mobile users:
Privacy Pro and Disconnect Premium can examine the application activities on the device to recognize and block trackers, including finger printers.

Since Fingerprinting is a perplexing subject since the tracking method applies to both the web and mobile applications it is thusly recommended for the users to become familiar with it and be one at least one step ahead in ensuring their privacy protection themselves.

The Russian State Duma will be engaged in the protection of personal data on the Internet



This week at a meeting of the State Duma deputies the State Duma Deputy Pyotr Tolstoy recalled the global leak of personal data, which became known in early May. In particular, passport data of the Vice-speaker of the lower chamber Alexander Zhukov appeared in the Network. In this regard, the parliamentarians decided to create a working group that will deal with data protection issues in the implementation of the national project Digital Economy.

According to Pyotr, just recently, personal data of 2 million Russian citizens including passport data of members of the Government were publicly available. “First, personal data of people is leaked, then their property, then money from Bank accounts. We need to take measures to protect personal data”, said Tolstoy.

It is worth noting that the experts called the cause of the leak in the errors in the legislation and illiteracy of website developers. The problem arose because of two requirements in the law – on the publication of decisions on the approval of large transactions, which often include passport details of the founders and on the use of electronic signature in the documents of customers and suppliers, which contains the name, e-mail and insurance certificate.

Tolstoy stressed that the reason for the incident was the lack of data protection, which is almost completely publicly available.

Peter Tolstoy reminded that in Russia there is a project Digital economy, which implies adequate protection of the rights of citizens. He believes that the collection of all information about a person under one file is against the law on personal data and is an extremely dangerous idea. In addition, he recalled the problem of availability of modern technologies for residents of certain areas, in some Russian villages there is no Internet and cellular communication.

According to him, now it is important to find an answer to the question of how to protect the rights of citizens and their interests in the implementation of a project on a Digital Economy.

"Any data processing of a citizen should be carried out only with his consent – voluntary and informed," said the Deputy.

As a result, at the suggestion of State Duma Speaker Vyacheslav Volodin, it was decided to create a working group that should deal with security issues within the framework of the national project. Deputies intend to listen to the first offers from colleagues in a month.

Anonymous Messengers now banned in Russia


On May 5, a government decree on the obligation of the owners of Messengers to identify the users of their resources by telephone number came into force in Russia. The relevant document was signed by Prime Minister Dmitry Medvedev on 6 November 2018.

According to the government decree, Messengers should to check the information about the registration of the user's phone number with the mobile operator.

"In case of non-receipt of information from the operator within 20 minutes after the request or receipt of information about the absence of subscriber information in the databases, the identification is considered not completed", — stated in the document.

If the mobile operator finds the requested phone number in its database, it also undertakes to specify which messengers the subscriber uses and assign a special identification code to him. In addition, the mobile operator must notify the administration of the messenger within 24 hours upon termination of the service agreement with the subscriber.

And if the organizer of the service refuses to fulfill the new requirements, he will face a fine of up to one million, as well as blocking the Messenger on the territory of Russia.

Earlier, Maxim Akimov, the Deputy Prime Minister, expressed confidence that the new rules of user identification in Messengers will not bring problems and financial costs for the IT industry.

Alexander Zharov, the Head of Roskomnadzor recalled that earlier it was enough to simply enter the code sent in an SMS message for registration in the Messenger. However, there was a risk that the person will register on someone else's phone number.

"The possibility of anonymous communication in Messengers made it difficult for law enforcement agencies to investigate crimes," said the Head of Roskomnadzor. At the same time, Zharov emphasized that these rules do not violate the secrecy of correspondence.

Russian mobile operators said they are ready to meet the new requirements. Representatives from Facebook (including Facebook Messenger), Whats App, Instagram and Viber have not yet to respond to the request.

Looking For a Free VPN Service That’s Not Too Messy? Here’s All You Need To Know About TunSafe VPN Service

Not sure how to browse the internet safely away from the claws of hackers and cyber-cons? Not sure how to maintain cyber privacy?

TunSafe VPN is a solution to many such problems. It’s a free VPN service which aids people to connect with websites and social networks without revealing the channel.

It has been essentially developed and includes fresh features and better provisions.

The very high performing VPN follows the WireGuard protocol which enables it to help setup the secure VPN channels swiftly betwixt different platforms.

By way of the latest and most fresh cryptography-Curve25519, ChaCha20, Poly1305, BLAKE2 and HKDF, TunSafe ensures that no third-party hinder the user’s privacy.

All you need is simple configuration files which is specifically provided by the VPN provider..

For Downloading:


1. Go to https://tunsafe.com/
2. Click download.
3. Select the “Download TunSafe 1.4 installer”

For Installation:


1. Open the downloaded file
2. Complete the installation by pressing OK all the way.
3. Finally close it.
4. This is what will appear after that.

5. Click on connect.

6. The above is what will appear after that. This is the main window of TunSafe.

7. Drag the configuration file from the VPN provider onto Tunsafe’s window.

8. Confirm when the dialogue box pops up.


9. If everything works out well, a message will show that the VPN has been connected and the connection, established.

Various Platforms TunSafe Is Available For:
Desktop: Windows, Linux, OSX, Free BSD
Mobile: Android and iOS

Unlike most of the VPN services, TunSafe is free if cost and that’s what makes it better, more efficient and different from all the others.

For more details check www.tunsafe.com

Anonymous use of messengers in Russia is prohibited


After 180 days, all messengers will be required to identify their users by phone numbers of operators. Prime Minister Dmitry Medvedev signed a government resolution approving the relevant rules last week. He believes that this is necessary for the safety and convenience of users.

The administrators of the messenger will check the information about the correctness of the number. The mobile operator is given 20 minutes to process the request from the Service.

Services will be available only to persons to whom the phone number is issued. In addition, mobile operators will enter information into their databases about which applications their customers are using.

According to the Head of Roskomnadzor Alexander Zharov, anonymous use of messengers prevents to investigate crimes. "The possibility of anonymous communication in messengers complicates the activities of Law Enforcement Agencies in the investigation of crimes."

In turn, the experts were skeptical about the initiative. Thus, the Director of the Association of professional users of social networks and messengers Vladimir Zykov believes that foreigners may face problems with SIM-cards of their countries. In addition, illegal sale of SIM cards of foreign operators may begin.

According to citizens, the legalization of relations between messengers and operators will only lead to negative consequences: the increase in the price of tariffs, the disappearance of anonymity in messengers, the growth of hacker attacks.

In General, the Russians do not believe that these rules will work at all. As we remember, Roskomnadzor's attempt to destroy Telegram led to the blocking of thousands of IP addresses and serious financial losses of innocent companies. And the messenger continued to work.
 

Careem hit by cyber attack, affects 14 million users

Careem, ride-hailing app and Uber’s main competitor in the Middle East, on Monday revealed that it was hit by a cyber attack causing data of over 14 million users to be compromised.

In a blog post, the company said that it became aware of the attack on 14th January, when it identified a cyber incident involving “unauthorised access to a system we use to store data,” in which customer and driver account data were stolen.

Information such as names, phone numbers, email addresses, and trip data were stolen, however, according to the company, no password or credit card information was compromised.

“Customers’ credit card information is kept on an external third-party PCP-compliant server. A PCP server uses highly secure protocols and is employed by international banks around the globe to protect financial information,” it stated.

“While we have seen no evidence of fraud or misuse related to this incident, it is our responsibility to be open and honest with you, and to reaffirm our commitment to protecting your privacy and data,” the post read, adding that customers and “captains” who have signed up after the attack have not been affected by the breach.

The ride-hailing service apologized to its users and said that, “Careem has learned from this experience and will come out of it a stronger and more resilient organisation.”

Aside from informing the users and assuring them that it is working with law enforcement agencies to look into the matter, Careem also advised its customers to use safeguards such as strong password management, cautiousness of unsolicited communications, links, or attachments in emails, and reviewing suspicious credit card or bank activity.

As to why it had taken so Careem so long to tell people, the company said that it “wanted to make sure we had the most accurate information before notifying people.”

Pavel Durov says they are Not closing Telegram service in Russian and Iran


Just a few days ago, Russian and other media reported that Telegram CEO Pavel Durov is ready to close his business in Russia or Iran. However, Durov denied in his VKontakte(VK) account that it is an incorrect information.

In the VK post, he said that Telegram will to continue to provide a secure messaging service in problem markets like Russia and Iran, despite the pressure of regulators and the threat of blocking. But, the media came up with different headlines saying "Durov announced his readiness to close Telegram", "Durov threatened to close Telegram in Russia". However, Durov said that some Russian media like Meduza, Vedomosti, DP.ru has provided correct information.

"Russian media often quote inaccurate translations of what I publish on Twitter and my channel." Durov said in VK.

Recently, Iran opened a criminal case against Telegram CEO stating that the Telegram is being used by pedophile for distributing child pornography.

"I am surprised to hear that. We are actively blocking terrorist and pornographic content in Iran. I think the real reasons are different." Durov responded to the accusation in his twitter account.

Recall that just a few weeks ago, the Russian Federation threatened to block Telegram and reported that this encrypted messenger was actively used by Islamic radicals during the preparation of the bombings in Saint-Petersburg subway. The head of the Ministry of Communications and Mass Media said: "Telegram will be blocked, if it will work not in accordance with the current Russian legislation".

Durov hopes that the legal situation in the Russian Federation and Iran will change in future.

- Christina

 

Telegram founder agrees to register in Russia but won't share user data



The Telegram's founder Pavel Durov has agreed to register the company in Russia, after getting pressure from the local authorities.

Few days ago, the Russian communications regulator Roskomnadzor has demanded Telegram to provide information about the messaging app and company details.  The authorities also said this encrypted messaging app is being used by terrorists to plan attacks.

The authorities asked to give access to decrypt messages in order to catch terrorists. Authorities threatened to ban the Telegram, if the company fails to do so.

At first, Durov didn't agree with the demands.  Now, he is agreed to register the company with the Russian government.

"If the Telegram is banned in Russia, it will not happen because we refused to provide details about our company" Durov said in the social network VK.

Roman Jelud, a Professor from dataVoronezh State University, shared his opinion to Regnum that news about "Telegram ban" itself is a PR stunt.  This will only help the Telegram to gain more number of users.  Few days back itself, Roman said that Durov is using this for his PR and eventually Durov is going to agree to provide the required five points of information.

Though Durov says that they are only registering the company in Russia and will not share the users' secret data with the government, it will be hard to know whether it is true or not.

Russia is not only the government that is interested in the Telegram messenger. Last week, Durov stated that US Federal officers want to add a backdoor to the app.

- Christina