The Russian State Duma will be engaged in the protection of personal data on the Internet



This week at a meeting of the State Duma deputies the State Duma Deputy Pyotr Tolstoy recalled the global leak of personal data, which became known in early May. In particular, passport data of the Vice-speaker of the lower chamber Alexander Zhukov appeared in the Network. In this regard, the parliamentarians decided to create a working group that will deal with data protection issues in the implementation of the national project Digital Economy.

According to Pyotr, just recently, personal data of 2 million Russian citizens including passport data of members of the Government were publicly available. “First, personal data of people is leaked, then their property, then money from Bank accounts. We need to take measures to protect personal data”, said Tolstoy.

It is worth noting that the experts called the cause of the leak in the errors in the legislation and illiteracy of website developers. The problem arose because of two requirements in the law – on the publication of decisions on the approval of large transactions, which often include passport details of the founders and on the use of electronic signature in the documents of customers and suppliers, which contains the name, e-mail and insurance certificate.

Tolstoy stressed that the reason for the incident was the lack of data protection, which is almost completely publicly available.

Peter Tolstoy reminded that in Russia there is a project Digital economy, which implies adequate protection of the rights of citizens. He believes that the collection of all information about a person under one file is against the law on personal data and is an extremely dangerous idea. In addition, he recalled the problem of availability of modern technologies for residents of certain areas, in some Russian villages there is no Internet and cellular communication.

According to him, now it is important to find an answer to the question of how to protect the rights of citizens and their interests in the implementation of a project on a Digital Economy.

"Any data processing of a citizen should be carried out only with his consent – voluntary and informed," said the Deputy.

As a result, at the suggestion of State Duma Speaker Vyacheslav Volodin, it was decided to create a working group that should deal with security issues within the framework of the national project. Deputies intend to listen to the first offers from colleagues in a month.


Anonymous Messengers now banned in Russia


On May 5, a government decree on the obligation of the owners of Messengers to identify the users of their resources by telephone number came into force in Russia. The relevant document was signed by Prime Minister Dmitry Medvedev on 6 November 2018.

According to the government decree, Messengers should to check the information about the registration of the user's phone number with the mobile operator.

"In case of non-receipt of information from the operator within 20 minutes after the request or receipt of information about the absence of subscriber information in the databases, the identification is considered not completed", — stated in the document.

If the mobile operator finds the requested phone number in its database, it also undertakes to specify which messengers the subscriber uses and assign a special identification code to him. In addition, the mobile operator must notify the administration of the messenger within 24 hours upon termination of the service agreement with the subscriber.

And if the organizer of the service refuses to fulfill the new requirements, he will face a fine of up to one million, as well as blocking the Messenger on the territory of Russia.

Earlier, Maxim Akimov, the Deputy Prime Minister, expressed confidence that the new rules of user identification in Messengers will not bring problems and financial costs for the IT industry.

Alexander Zharov, the Head of Roskomnadzor recalled that earlier it was enough to simply enter the code sent in an SMS message for registration in the Messenger. However, there was a risk that the person will register on someone else's phone number.

"The possibility of anonymous communication in Messengers made it difficult for law enforcement agencies to investigate crimes," said the Head of Roskomnadzor. At the same time, Zharov emphasized that these rules do not violate the secrecy of correspondence.

Russian mobile operators said they are ready to meet the new requirements. Representatives from Facebook (including Facebook Messenger), Whats App, Instagram and Viber have not yet to respond to the request.

Looking For a Free VPN Service That’s Not Too Messy? Here’s All You Need To Know About TunSafe VPN Service

Not sure how to browse the internet safely away from the claws of hackers and cyber-cons? Not sure how to maintain cyber privacy?

TunSafe VPN is a solution to many such problems. It’s a free VPN service which aids people to connect with websites and social networks without revealing the channel.

It has been essentially developed and includes fresh features and better provisions.

The very high performing VPN follows the WireGuard protocol which enables it to help setup the secure VPN channels swiftly betwixt different platforms.

By way of the latest and most fresh cryptography-Curve25519, ChaCha20, Poly1305, BLAKE2 and HKDF, TunSafe ensures that no third-party hinder the user’s privacy.

All you need is simple configuration files which is specifically provided by the VPN provider..

For Downloading:


1. Go to https://tunsafe.com/
2. Click download.
3. Select the “Download TunSafe 1.4 installer”

For Installation:


1. Open the downloaded file
2. Complete the installation by pressing OK all the way.
3. Finally close it.
4. This is what will appear after that.

5. Click on connect.

6. The above is what will appear after that. This is the main window of TunSafe.

7. Drag the configuration file from the VPN provider onto Tunsafe’s window.

8. Confirm when the dialogue box pops up.


9. If everything works out well, a message will show that the VPN has been connected and the connection, established.

Various Platforms TunSafe Is Available For:
Desktop: Windows, Linux, OSX, Free BSD
Mobile: Android and iOS

Unlike most of the VPN services, TunSafe is free if cost and that’s what makes it better, more efficient and different from all the others.

For more details check www.tunsafe.com

Anonymous use of messengers in Russia is prohibited


After 180 days, all messengers will be required to identify their users by phone numbers of operators. Prime Minister Dmitry Medvedev signed a government resolution approving the relevant rules last week. He believes that this is necessary for the safety and convenience of users.

The administrators of the messenger will check the information about the correctness of the number. The mobile operator is given 20 minutes to process the request from the Service.

Services will be available only to persons to whom the phone number is issued. In addition, mobile operators will enter information into their databases about which applications their customers are using.

According to the Head of Roskomnadzor Alexander Zharov, anonymous use of messengers prevents to investigate crimes. "The possibility of anonymous communication in messengers complicates the activities of Law Enforcement Agencies in the investigation of crimes."

In turn, the experts were skeptical about the initiative. Thus, the Director of the Association of professional users of social networks and messengers Vladimir Zykov believes that foreigners may face problems with SIM-cards of their countries. In addition, illegal sale of SIM cards of foreign operators may begin.

According to citizens, the legalization of relations between messengers and operators will only lead to negative consequences: the increase in the price of tariffs, the disappearance of anonymity in messengers, the growth of hacker attacks.

In General, the Russians do not believe that these rules will work at all. As we remember, Roskomnadzor's attempt to destroy Telegram led to the blocking of thousands of IP addresses and serious financial losses of innocent companies. And the messenger continued to work.
 

Careem hit by cyber attack, affects 14 million users

Careem, ride-hailing app and Uber’s main competitor in the Middle East, on Monday revealed that it was hit by a cyber attack causing data of over 14 million users to be compromised.

In a blog post, the company said that it became aware of the attack on 14th January, when it identified a cyber incident involving “unauthorised access to a system we use to store data,” in which customer and driver account data were stolen.

Information such as names, phone numbers, email addresses, and trip data were stolen, however, according to the company, no password or credit card information was compromised.

“Customers’ credit card information is kept on an external third-party PCP-compliant server. A PCP server uses highly secure protocols and is employed by international banks around the globe to protect financial information,” it stated.

“While we have seen no evidence of fraud or misuse related to this incident, it is our responsibility to be open and honest with you, and to reaffirm our commitment to protecting your privacy and data,” the post read, adding that customers and “captains” who have signed up after the attack have not been affected by the breach.

The ride-hailing service apologized to its users and said that, “Careem has learned from this experience and will come out of it a stronger and more resilient organisation.”

Aside from informing the users and assuring them that it is working with law enforcement agencies to look into the matter, Careem also advised its customers to use safeguards such as strong password management, cautiousness of unsolicited communications, links, or attachments in emails, and reviewing suspicious credit card or bank activity.

As to why it had taken so Careem so long to tell people, the company said that it “wanted to make sure we had the most accurate information before notifying people.”

Pavel Durov says they are Not closing Telegram service in Russian and Iran


Just a few days ago, Russian and other media reported that Telegram CEO Pavel Durov is ready to close his business in Russia or Iran. However, Durov denied in his VKontakte(VK) account that it is an incorrect information.

In the VK post, he said that Telegram will to continue to provide a secure messaging service in problem markets like Russia and Iran, despite the pressure of regulators and the threat of blocking. But, the media came up with different headlines saying "Durov announced his readiness to close Telegram", "Durov threatened to close Telegram in Russia". However, Durov said that some Russian media like Meduza, Vedomosti, DP.ru has provided correct information.

"Russian media often quote inaccurate translations of what I publish on Twitter and my channel." Durov said in VK.

Recently, Iran opened a criminal case against Telegram CEO stating that the Telegram is being used by pedophile for distributing child pornography.

"I am surprised to hear that. We are actively blocking terrorist and pornographic content in Iran. I think the real reasons are different." Durov responded to the accusation in his twitter account.

Recall that just a few weeks ago, the Russian Federation threatened to block Telegram and reported that this encrypted messenger was actively used by Islamic radicals during the preparation of the bombings in Saint-Petersburg subway. The head of the Ministry of Communications and Mass Media said: "Telegram will be blocked, if it will work not in accordance with the current Russian legislation".

Durov hopes that the legal situation in the Russian Federation and Iran will change in future.

- Christina

 

Telegram founder agrees to register in Russia but won't share user data



The Telegram's founder Pavel Durov has agreed to register the company in Russia, after getting pressure from the local authorities.

Few days ago, the Russian communications regulator Roskomnadzor has demanded Telegram to provide information about the messaging app and company details.  The authorities also said this encrypted messaging app is being used by terrorists to plan attacks.

The authorities asked to give access to decrypt messages in order to catch terrorists. Authorities threatened to ban the Telegram, if the company fails to do so.

At first, Durov didn't agree with the demands.  Now, he is agreed to register the company with the Russian government.

"If the Telegram is banned in Russia, it will not happen because we refused to provide details about our company" Durov said in the social network VK.

Roman Jelud, a Professor from dataVoronezh State University, shared his opinion to Regnum that news about "Telegram ban" itself is a PR stunt.  This will only help the Telegram to gain more number of users.  Few days back itself, Roman said that Durov is using this for his PR and eventually Durov is going to agree to provide the required five points of information.

Though Durov says that they are only registering the company in Russia and will not share the users' secret data with the government, it will be hard to know whether it is true or not.

Russia is not only the government that is interested in the Telegram messenger. Last week, Durov stated that US Federal officers want to add a backdoor to the app.

- Christina


Email Account's of Jeffrey Tambor hacked by "Guccifer"

The AOL mail account of Jeffery Tambor and his wife Kasia was hacked by a "celebrity hacker" called Guccifer. The hacker is also the reason behind many recent leaks on Dorothy Bush Koch ,  Colin Powell ,  Lisa Murkowski ,Jim Nantz , Patricia Legere , Bill Clinton and Sidney Blumenthal.



He leaked lots of data from the hacked accounts including private pictures and correspondences. He used Jeffrey Tambor's email account to distribute material previously stolen from the mail accounts of other victims, including former Bill Clinton aide Sidney Blumenthal and Joseph Verner Reed, a top United Nations under-secretary-general.And like his previous hacks he leaked private pictures of Mr.Jeffery Tambor.


 He also used the AOL account of  Kasia Tambor’s to send mails to reporters containing a memos of that Blumenthal sent to Hillary Clinton  about the political situation in Libya.

Based on past attacks the IP address of the hacker is said to be from Russia but it is most probably a proxy, a hacker who is smart enough to pull of such hacks will not be leaving traces.




Anyone can get your IP address using Skype Vulnerability


A New Vulnerability found in skype by NYU-Poly and France’s INRIA that allows to anyone to hack into skype and get your IP address,even a noob can do this.

Even if you are not signedin in skype , Still hacker can get your IP address. With IP address, an attacker can get track your location or get access to your system with Open port.

“The Skype privacy settings fail to protect against our scheme,” the study reports.

In order to do the research, Team of Researchers successfully tracked 10,000 randomly chosen Skype users and launched an attack on those users to get their IP address.

First they successfully retrieved a large number of Skype IDs along with personal information from Skype itself. Then these IDs were called on an hourly basis.

Researchers were able to get the IP addresses by blocking some packets of information that are sent to the Internet. In doing that, they then set up a direct communication between the users’ computers and theirs and then were able to access their IP address, explains Ross.

This technique illustrates how vulnerable people using Skype could be to an attack and potential blackmail, especially if they are somewhere they shouldn’t be, Ross said.

The study found thousands of people at a time could be tracked without much trouble.

Using this vulnerability an attacker can do any cyber crime.

“It’s bad if you’re concerned about your privacy,” said Ross. “A parent could track their children, or a spouse could track the location of his or her spouse. An employer could track all his employees.”

Other real-time voice communication systems are also vulnerable, but don’t have as “serious” a problem as Skype, said Ross.

Those other systems are vulnerable to attacks, but users can actually see that someone unknown is calling them. This isn’t the case in Skype, Ross said.

More than a year ago, Ross and his team reported to skype about this vulnerability but there is no response from their side.

Adrian Asher, Skype's chief information security officer, said that IP addresses are easily uncovered in most web communications clients."Just as with typical Internet communications software, Skype users who are connected may be able to determine each other's IP addresses. Through research and development, we will continue to make advances in this area and improvements to our software," he told.


Google partnered with Citizens Advice Bureau provides Online Security Tips


Google joined with Citizens Advice Bureau  and provides Online security tips with title" Good to Know".  This page gives public awareness about the Online risks and need of Security.  The topics separated as four categories namely
  • Stay safe Online
  • Your Data on Google
  • your data on Web
  • Manage your Data
Stay Safe Online:
This section provides basic Online security tips about:
  • Phishing and malware attacks(If you are reader of eHackingNews, then you might aware of it).
  • importance of Sign out(most of users fail to sign out.  if you are in public cafe, others can steal your accounts)
  • Secure Connection(https://)
  • Online shopping safety
  • 2-Step Authentication service(Mobile Authentication service that will send random authentication number, whenever you login to gmail)
  • Mobile Security
Your Data on Google:
It covers about the Google search logs and web history and more.

Your data on Web:
Basic knowledge about the Importance of cookies, accounts and IP address.

Manage Your data:
This section covers about the Google Dashboard, How to manage cookies, and more..

Good To Know is available here:
http://www.google.co.uk/goodtoknow/

Every Internet users must read this page in order to protect them self from online risks. 

Note:
If you want more security tips, you can check our Security Tips Blog: http://www.breakthesecurity.com. We have cover this topic before 6 months.  Also we have developer HashCodeCracker to check the Password Strength.

    Even if you are logged out, Facebook still knows and can track every page you visit.

    Facebook has attempted to shoot down claims that it leaves cookies on users' machines even after they log out of the social network. The response came after an Australian blogger alleged the site can still snoop on your web surfing after you've signed out.

    Nik Cubrilovic, concerned about Facebook's approach to privacy, said that logging out doesn’t make a blind bit of difference, adding that Facebook still has ways to potentially track your behavior.

    Cubrilovic’s conclusion after examining the behavior of Facebook’s cookies is simple: “Even if you are logged out, Facebook still knows and can track every page you visit.”

    This is because instead of telling browsers to remove cookies when users log out, Facebook merely "alters" the state of those little parcels of data – including the cookie that stores your account number.

    As a result, if you happen to pass by a page with a Facebook “like” button, "share" button, “or any other widget”, your information – including your account number – will be sent back to Facebook. And if you log into Facebook from a public terminal, those cookies could be left behind.

    However, Facebook doesn’t agree. Whether or not Cubrilovic’s claim that he notified Facebook without response during 2010 is accurate, he certainly got a hair-trigger response from Facebook this time.

    In a comment on Cubrilovic's blog, a Facebook engineer – identifying himself as staffer Gregg Stefancik – said that “our cookies aren’t used for tracking”, and that “most of the cookies you highlight have benign names and values”.

    "Generally, unlike other major internet companies, we have no interest in tracking people," the insider added.

    source