Search This Blog

Showing posts with label Privacy. Show all posts

IT expert: How To Avoid being Tracked by Photos

The director of the company IT-Reserve Pavel Myasoedov spoke about how to protect yourself from surveillance using photographs.

Standards that allow attaching additional information to images have become widespread along with the development of digital cameras. One of the main collectors of this data is the EXIF standard, developed specifically for the most popular JPEG and TIFF image formats. That's why many applications have the ability to sort photos by date, time and location. But, like any digital information, this metadata can fall into the hands of intruders.

Myasoedov noted that when a photo is uploaded to a social network, sent by e-mail or via a messenger, personal data inevitably becomes known to third parties. In some cases, this does not happen, because online services automatically compress and cleanse images of unnecessary information to facilitate the transfer of heavy graphic objects. But Myasoedov clarified that then the fact of sending it carries a certain risk.

Even if the communication channel is encrypted, a leak can still occur. The time and place of the photo are likely to be seen by an experienced cybercriminal.

There are cases when robbers found out the location of a person who does not use social networks at all, using the metadata of product images on an online ad platform.

To protect against tracking by photo, the expert advises to manually clear the "properties" section of the image on your computer or download a special program that will do this automatically. It is available for stationary and mobile devices.

When actively using photo applications in smartphones, it is necessary to turn off the display of geolocation. It is useful to use VPN programs while sending graphic objects in public places


Telegram Pavel Durov says that since 2018 he knew about the potential surveillance of his phone

The billionaire said he had known since 2018 that one of his phone numbers was on the NSO Group list, but was not worried about it.

"Since 2011, when I was still living in Russia, I used to think that all my phones were hacked. Anyone who gets access to my personal data will be extremely disappointed, as he will have to view thousands of Telegram feature concepts and millions of messages related to the development process of our product. He will not find any important information there," Durov explained.

At the same time, he recalled that surveillance tools were also used against "much more significant" people, including more than 10 heads of state. "A huge problem for humanity", according to the businessman, is created by "backdoors" that smartphone and software manufacturers deliberately leave in their systems.

"According to Snowden's 2013 revelations, Apple and Google are part of a global surveillance program. These companies should introduce backdoors into their mobile operating systems. These backdoors, usually disguised as security bugs, allow US intelligence agencies to access information on any smartphone in the world," Durov wrote. 

According to Durov, at the same time, access to these vulnerabilities can be obtained not only by the US authorities but also "any other organization that finds them."

"It is not surprising that this is exactly what happened: the Israeli company NSO Group sold access to spy tools that allowed third parties to hack tens of thousands of phones," the billionaire noted.

Recently, The Guardian reported that the Telegram founder's British mobile number was on a list of potential surveillance targets in 2018.

The publication suggested that the authorities of the United Arab Emirates could have shown interest in Durov since the appearance of the entrepreneur's number on the list coincided with his move to this country.

Experts discussed how to fight cyberbullying on children at Cyber Polygon 2021

At the international online cybersecurity training Cyber Polygon 2021, organized by BI.ZONE, Stanislav Kuznetsov, Deputy Chairman of Sberbank, and Henrietta Faure, Executive Director of UNICEF, discussed the important issue "Cyberbullying and more: how to protect children from the threats of the digital world?"

Stanislav Kuznetsov cited UN statistics, according to which more than 70% of children in the world are Internet users (this is 30% of all Internet users of the planet). 95% of teenagers have smartphones, and 45% are online most of the time. While the Internet offers huge educational opportunities for children, the World Wide Web is a dangerous place full of cyberbullying, social engineering, violence and phishing. And children are the most vulnerable to digital threats because they trust each other more, and it is more difficult for them than for adults to distinguish good from evil.

Henrietta Faure agreed that cyberbullying is a very big risk. She thinks authorities should control it because they have laws and a justice system. They can restrict illegal activities on the Internet.

Moreover, she considers it very important to always be in touch with your children and to know what is going on.

"You need to hear and listen to your children. Take your time: ask them what they are doing online. Often parents think that children will always come to them for advice, but this does not always happen. That's why we need to tell our kids that they need to let us know all these things. If the criminals successfully attacked one victim, they will attack millions of others. And if one teenager knows which service to contact in case of a problem, he will tell his friend," said Henrietta Faure.

"Children are our future, and it is obvious that we need to expand international cooperation to protect them," concluded Mr. Kuznetsov.

Henrietta Faure agreed that UNICEF's cooperation with large companies and ecosystems, such as Sberbank, can be very fruitful.


Millions of Login Credentials Stolen By an 'Unnamed Malware'

 

Cybersecurity researchers from Nord Security have unearthed a new set of Trojan-type malware that has exploited over three million Windows computers and has stolen nearly 26 million login credentials for about a million websites. 

Nord Security researchers have grouped the websites into a dozen categories. These include email services, financial platforms, e-commerce platforms, file storage and sharing services, and social media platforms. In total, the report revealed that the unnamed malware succeeded in stealing about 1.2 terabytes of personal data including over a million unique email addresses, over two billion cookies, and more than six million other files.

There are millions of other details the threat actors were able to steal, according to the researchers. The researchers also discovered 6 million files from the victims’ download folders and desktops that were stolen from this unnamed malware. It also took screenshots of the infected systems and tried to take a picture of the victim using the device’s webcam. 

“For every malware that gets worldwide recognition and coverage, there are thousands of custom viruses made specifically for the buyer's needs. These are nameless pieces of malicious code that are compiled and sold on forums and private chats for as little as $100,” Nord Security, explained. 

During their analysis, Nord security researchers observed that each malware that gets worldwide attention has thousands of custom viruses designed specifically for the needs of the br. This is not helped by the fact that there are several nameless malicious codes easily sold on private chats and forums at very cheap amounts. 

“Antimalware software like antiviruses doesn’t fully protect our devices. Public Wi-Fi poses as much danger to our logins as malware does. In many cases, public Wi-Fi can have poorly configured firewalls that let hackers monitor your Wi-Fi connection,” Daniel Markuson, a digital security expert at NordVPN, Nord Security’s VPN service stated.

Hackers are now employing different attacking techniques to launch series of attacks on organizations and users. Last week, the REvil ransomware group targeted Kaseya VSA cloud-based solution and demanded $70 million as a price to unlock the systems encrypted during the supply-chain attack. The gang demanded the ransom of Bitcoin before releasing the tool that enables all affected businesses to recover their files.

Security Experts listed who responsible for leaking your data to scammers

"There are three most common types of data leakage," said Vseslav Solenik, Director of the R-Vision Center of Expertise.

Personal data of Russians become available to fraudsters due to the negligence of employees and partners of companies, hacking of IT structures of organizations, or due to the carelessness of the citizens themselves.

Mr. Solenik stressed that in most cases, data leakage is illegal. Often, scammers find out personal data from the people themselves, promising them profitable bonus programs.

"Fraudsters attract them with various bonus programs, favorable offers and other things. And in exchange, the attackers receive a full set of personal data," the expert added.

The specifics of the Russian legislation is that even when transferring the full name and phone number of the company, the subject is obliged to fill out the consent form prescribed by law, where he is forced to specify his passport data, registration address and other information that can be used later by fraudsters.

"At the same time, it is impossible to fully protect your personal data from fraudsters today. You can only observe the hygiene of information security, raise your awareness to resist phishing and attacks, be vigilant and refuse to transfer personal data in exchange for minor services from dubious companies," the expert stressed.

Solenik added that it is equally important to know the current legislation. He called on the Russians to defend their rights in the field of personal data processing: to report incidents of leakage to the regulator and to seek the responsibility of companies for this.

Earlier, the majority of Russians supported the introduction of amendments to the law on personal data. Thus, 62 percent consider it necessary to be able to withdraw consent to the use of their personal information. In this case, Internet services will have to delete it within three days.

Every fifth child faced with malware and adult content

Experts analyzed how often children encounter cyber incidents in the online space. It turned out that every fifth child has at least once encountered malware and viruses. Also (in 19% of cases), children come across unwanted content "for adults". In 18% of cases, children's social media accounts were hacked or attempted, and 15% of parents also reported that suspicious strangers wrote to their child.

Parents also noted that children make unconscious or uncoordinated spending on the Internet: they subscribe to paid services or buy access to online games. Parents whose children bought something on the Internet said that in most cases (81%) the purchase amount was up to 1 thousand rubles ($14).

“Parents need to abandon online wallets and cash and make a separate bank card for the child in order to protect the family from unwanted spending. This can be a virtual account or an additional card to your own. The fact is that openly criminal websites and services on the Internet do not accept bank cards for payment. In addition, adults have access to the limits and settings of the children's card, and they can always challenge unwanted spending in the bank and save the family budget," said Alexey Govyadov, head of analytics and automation at ESET in Russia.

Cyber threats that children most often face online: malware (viruses, etc.); unwanted content 18+; hacking or attempted hacking of a page in social networks; suspicious strangers wrote to the child; unconscious or uncoordinated spending; the child was in suspicious groups or communities.

Speaking about child safety on the Internet, half of the parents surveyed say that their child knows that in the event of a cyber incident, they should immediately contact adults. More than a third of the respondents also noted that their child knows safe sites and applications, and also makes online payments only on trusted resources.

'Vigilante Malware' Blocks Users From Downloading Pirated Software

 

Scientists have unearthed one of the most abnormal findings in the malware chronicles. It is a booby trap file that attempts to make the downloader a mouse and try to prevent future unauthorized downloads. 

Andrew Brandt, Sophos Labs Principal Investigator named the malware ‘Vigilante’. When the victim downloads and runs what appears to be pirated software or games, it gets installed. Behind the scenes, the malware reports the filename that was executed to an attacker-controlled server, along with the IP address of the victims’ computers. Lastly, Vigilante attempts to modify the victim’s computer to make piratebay.com and 1,000 other pirate sites inaccessible.

As web servers normally log a visitor's IP address, the hacker now has the access to both the pirate's IP address and the name of the software or movie that the victim attempted to use. While it is unknown what this information is used for, the attackers could share it with ISPs, copyright agencies, or even law enforcement agencies. 

“It’s really unusual to see something like this because there’s normally just one motive behind most malware: stealing stuff. Whether that’s passwords, or keystrokes, or cookies, or intellectual property, or access, or even CPU cycles to mine cryptocurrency, theft is the motive. But not in this case. These samples really only did a few things, none of which fit the typical motive for malware criminals,” Brandt explained. 

Vigilante updates files on infected computers and hijacks them from connecting to The Pirate Bay and other Internet destinations known to be used by people who trade pirated software. Brandt has discovered some of the Trojans lurking in software packages available for Discord-hosted chat services. He found others disguised as popular games, productivity tools, and security products available through BitTorrent. 

“Pading an archive with a purposeless file of random length is an easy way to change the hash value of the archive. Filling it with a racist slur taught me everything I needed to know about its creator,” Brandt wrote on Twitter. 

Since Vigilante does not have a persistence technique, it means it has no solution to stay put in. Users who have been infected only want to edit their Hosts files to be disinfected. There are other strange things – Many Trojanized executable files are digitally signed using fake code signing tools. The signature contains a randomly generated 18-character uppercase and lowercase.

The opposition has filed a lawsuit against Roskomnadzor on the illegality of slowing down Twitter in Russia


 The head of the Moscow municipal district Krasnoselsky Ilya Yashin, opposition leader Yevgeny Domozhirov, photographer Yevgeny Feldman and the capital's municipal deputy Vadim Korovin filed a class-action lawsuit against Roskomnadzor in connection with the Twitter slowdown. The plaintiffs claim that they themselves did not violate the laws, and believe that the measures of Roskomnadzor violate their rights

The plaintiffs ask the court to oblige Roskomnazdor to "stop using centralized response measures in the form of slowing down the speed and other restrictions on Twitter", and also to oblige the department "to exclude the service from the list of threats to the stability, security and integrity of the functioning of the Internet and the public communication network on the territory of the Russian Federation." According to the lawyer representing the plaintiffs, Stanislav Seleznev, the lawsuit was filed in the Tagansky Court of Moscow.

The plaintiffs claim that they "never published illegal content, did not call for violence, did not justify violence or discrimination." The lawsuit notes that the applicants were not in any way connected to the account owners responsible for posting allegedly prohibited information on Twitter. According to the lawyer, "the rights of each of the plaintiffs are largely affected by the applicable restrictions since the publication of media files is a significant part of their communication with the audience."

According to the statement of claim, interference in the normal functioning of the Twitter service by Roskomnadzor in the form of slowing down access to the entire service for all users throughout the Russian Federation constitutes an interference with the right of administrative plaintiffs to freely express their opinion.

On March 10, Roskomnadzor began to slow down access to Twitter on 100% of mobile devices and 50% of desktop devices. Roskomnadzor threatened Twitter that the social network will be blocked for a month if it does not delete posts with prohibited information. At the end of May, Roskomnadzor announced its decision not to block Twitter, as the moderators of the social network deleted more than 91% of the prohibited information. The department promised to partially remove the speed limit of Twitter.

It should be noted that earlier, Twitter has been fined almost 28 million rubles ($386.500) in Russia for not deleting illegal content according to court decisions.

WhatsApp's New Privacy Policy: A Quick Look

 



With the advent of its latest privacy policy, the Facebook-owned messaging app is all set to block certain features if the users won't agree to the new privacy policy.

The update that was initially set to be rolled out by February 8 – making new privacy regulations applicable for all its users, got delayed till May 15 as WhatsApp faced strong contempt from the public, which allowed its competitors namely Telegram and Signal to solidify their repute with the public.

Earlier, as per the ultimatum given by WhatsApp: if the users do not accept the updated privacy policy on May 15, they won't be able to use the app. However, later on, it was said that no accounts will be deleted in case the aforementioned does not happen. 

Giving insights into the new Privacy Policy, a WhatsApp spokesperson said, “Requiring messaging apps to “trace” chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would break end-to-end encryption and fundamentally undermines people’s right to privacy.”

“We have consistently joined civil society and experts around the world in opposing requirements that would violate the privacy of our users. In the meantime, we will also continue to engage with the Government of India on practical solutions aimed at keeping people safe, including responding to valid legal requests for the information available to us,” the Spokesperson added.

WhatsApp told that it is not imposing its new policy on the users and that they are free to not do so. However, it might involve users deleting their WhatsApp account on their own as the other option than to accept the 2021 update, because they won't be able to access their chat lists or call their contacts via WhatsApp. 

As per WhatsApp's statements, we can deduce that whenever users will access the app, they will be constantly reminded to accept the updated privacy policy to access all its features – eventually making the platform more or less unserviceable to them. 

The users who do accept the updated privacy policy won't witness any key changes in their experience, however, those who continue to have the app installed on their device without accepting the new policy might eventually end up saying goodbye to the app due to its limited serviceability or “inactivity”. 




What Cybercriminals Do with Your Personal Information? Here's How to Defend

 

We all know that data breach is a major issue that can cause devastating damage to organizations and individuals, but have you ever wondered what happens to the data that is stolen during these incidents?

It depends on the importance of the stolen data and the attackers behind a data breach, and why they’ve stolen a certain type of data. For instance, when threat actors are motivated to embarrass a person or organization, expose perceived wrongdoing or improve cybersecurity, they tend to release relevant data into the public domain. 

To prove this, the attack on Sony Pictures Entertainment in 2014 is the biggest example for the readers. Attackers backed by North Korea stole Sony Pictures Entertainment employee data such as Social Security numbers, financial records, and salary information, as well as emails of top executives. The hackers then published the emails to embarrass the company, possibly in retribution for releasing a comedy about a plot to assassinate North Korea’s leader, Kim Jong Un.

According to Verizon’s annual data breach report, nearly 86% of data breaches are about money, and 55% are committed by organized criminal groups. Stolen data often ends up being sold online on the dark web. For example, in 2018 hackers offered for sale more than 200 million records containing the personal information of Chinese individuals. This included information on 130 million customers of the Chinese hotel chain Huazhu Hotels Group.

The most reliable and common way to pay for the transaction is with cryptocurrency or via Western Union. The price varies on the type of data, its demand, and its supply. For example, a big surplus of stolen personally identifiable information caused its price to drop from $4 for information about a person in 2014 to $1 in 2015. Email dumps containing anywhere from a hundred thousand to a couple of million email addresses go for $10, and voter databases from various states sell for $100.

What Hackers Do with Your Personal Info? 

The most obvious thing hackers do is steal your money—either directly by funneling it from a bank account or by creating new accounts under your name. They may use your credit card details to shop at Amazon or set up a Netflix account. They might also use your info to create a sham social media profile to fool your friends or have a fake driver’s license made.

While that’s scary, there are even more frightening things to worry about. In some cases, hackers may steal info like personnel files, bank records, and private photos for purposes of blackmail, extortion, or even espionage.

Lastly, some hackers may target you or your organization directly. Stolen info, such as an online alias where you share political commentary or an online dating profile, maybe shared to prank or embarrass you. In more nefarious cases, doxing—releasing personal information about your identity—could put you in danger. Imagine internet users sending you hate mail, calling your cell phone, or even showing up to your house over a post you made online about a particular view you hold.

Three easy steps to protect your data

(1). The first step is to find out if your information is being sold on the dark web. You can use websites such as haveibeenpwned and IntelligenceX to see whether your email was part of stolen data.

(2). Inform credit reporting agencies and other organizations that collect data about you, such as your health care provider, insurance company, banks, and credit card companies.

(3). To help you create strong passwords and remember them, consider using a password manager. Secondly, check whether your accounts offer multi-factor authentication (MFA). If yes, then use MFA.

Here's a Quick Look at Pros and Cons of 'Cookies' in Terms of Browsing Experience

 

Cookie – the term which most of you are familiar with. Every single time when you open a new website, they have their own cookie policy and they ask you to accept their term and conditions. So, what role does cookie plays? Does it help in enhancing your browsing experience or there are some risks involved too? Let’s find out the answers in the article given below.

What are cookies?

Cookies, also called HTTP cookies, are small bits of data stored as text files on a browser. Websites use those small bits of data to keep track of users and enable user-specific features. They enable core website functionality, such as e-commerce shopping carts, and are also used for more controversial purposes, such as tracking user activity. Cookies are a necessary part of the way the web works as well as a source of privacy concerns and security risks. For this reason, casual web users and web developers have good reason to better understand how these tiny bits of data work.

Why cookies are so important? 

Cookies remain a critical component of online world. And while companies are now obliged to be more transparent about cookie collection and consumption, another problem remains. If attackers can get their hands on post-MFA cookies, they may be able to bypass further attempts and gain full access to enterprise networks. This is the crux of cookie hijacking, also known as session hijacking.

In practice, cookie hijacking relies on the stateless nature of HTTP. This means it naturally separates each operational request — such as users looking for access to a corporate network, bank account, or e-commerce account — into separate processes. As a result, web-based apps can’t ‘remember’ users. Using only HTTP would be extremely frustrating, with login and password details required for every task.

What Are Progressive Web Apps? 

Progressive Web Apps (PWA) combine new technologies with established best practices for creating reliable, accessible, and engaging experiences. They give users a native-like experience with a user-friendly opt-in installation flow.

To keep cookies out of the hands of cyber-attackers, it’s now critical for companies to dish up defenses. These can include: 

HTTPS Cookies Only 

While many enterprises now use HTTPS on login pages to prevent potential eavesdropping attacks, this isn’t enough to prevent cookie hijacking. Using HTTPS across all websites, services and PWAs instead helps expand protection to session keys and reduce the risk of cookie-jacking attacks. Using the secure cookie flag on any application server, which tells the browser to only send cookie data over HTTPS, also helps prevent plaintext eavesdropping of session details.

Improved Storage Architecture 

To reduce the time between request and response and improve the performance of PWAs, the use of HTML web storage is common. The problem? HTML cookie storage streamlines the attack process for cookie stealers looking to copy session access, while web storage at scale remains vulnerable to cross-site scripting (XSS) attacks. To limit the chance of cookie compromise, we recommend skipping web storage in favor of secure, local solutions. 

Extensible IAM Services 

Comprehensive IAM services. Much like MFA, these tools aren’t enough in isolation to defend applications at scale. When layered with complementary solutions such as RASP and HTTPS, however, IAM solutions can help mitigate overall risk.

Warning: Your WhatsApp May Be Hacked and There’s Nothing You Can Do

 

If one is not careful, things might get really unpleasant for WhatsApp users. A new vulnerability has been discovered that could enable a remote attacker to deactivate WhatsApp on one’s phone using nothing more than their phone number. 

Alarmingly, two-factor authentication would be ineffective in preventing this from happening. The way these attack works is that it requires some amount of error by the user themselves but at the next step that should be designed to protect this, the two-factor authentication also doesn’t do anything to prevent the attack. 

According to Forbes, security researchers Luis Márquez Carpintero and Ernesto Canales Perea demonstrated vulnerability and were able to disable WhatsApp on a user's phone. 

According to the report, there are two parts to this vulnerability. The first is the method for installing WhatsApp on any system. When one installs WhatsApp on their phone, they will get an SMS code to verify the SIM card and phone number. A hacker can do the same thing by installing WhatsApp on their phone using the phone number. The user will begin to receive six-digit codes via SMS at this stage, indicating that someone has requested the code for installing WhatsApp on their phone. There is nothing one can do at this moment as WhatsApp will continue to work normally. 

Since this is a part of the hacking process, these codes will appear frequently. For a duration of 12 hours, WhatsApp's verification process will limit the number of codes that can be submitted and disable the ability to create more codes. During this time, WhatsApp will continue to function normally. However, one should not deactivate WhatsApp on their phone and then try to reinstall it at this time. This vulnerability is expected to impact both WhatsApp for Android and WhatsApp for iPhone. 

In the next step, the hacker generates an email ID and then sends an email to support@whatsapp.com claiming that the phone in which WhatsApp is enabled has been stolen or misplaced and that they need to deactivate WhatsApp for that number—which is the user’s phone number. WhatsApp may send an email to confirm the user’s phone number, but they have no way of knowing whether the email is being sent by a hacker or the legitimate owner. The user phone number's WhatsApp will be deactivated after a while. When they open the app again, they will see a message that says "Your phone number is no longer registered with WhatsApp on this phone." 

The reasonable next step would be to try to reinstall WhatsApp on one’s account. According to the report, no code will be sent via SMS, and the app will tell the user to "Wait before requesting an SMS or a call.", which is because now the user’s phone is also subjected to the same limitation as that of the hacker. 

After the 12-hour mark has elapsed, if the attacker waits for the 12-hour period and sends a mail to WhatsApp again, the user will not be able to set up WhatsApp on his phone even if they receive the text messages with codes. 

The researchers indicate that WhatsApp breaks down and gets confused after the third 12-hour cycle and instead of a countdown, simply says “try again after -1 seconds”. The user’s phone and the attacker's phone are both treated the same way. And this is where the issue arises. If the attacker waits until now to email WhatsApp again to deactivate the number, the user won't be able to reregister for the app on their phone once they have been kicked out. The researchers told Forbes, "It's too late." 

“There is no way of opting out of being discovered on WhatsApp. Anyone can type in a phone number to locate the associated account if it exists. Ideally, a move towards being more privacy-focused would help protect users from this, as well as forcing people to implement a two-step verification PIN,” ESET’s Jake Moore told Forbes. 

WhatsApp's response to Forbes' Zak Doffman, unfortunately, does not evoke much trust. All they state is, “providing an email address with your two-step verification helps our customer service team assist people should they ever encounter this unlikely problem. The circumstances identified by this researcher would violate our terms of service and we encourage anyone who needs help to email our support team so we can investigate.”

Telemetry Data is Being Shared by Google and Apple Despite the user Explicitly Opting out

 

A new study revealing Apple and Google's monitoring of mobile devices is making headlines. It discusses how, despite the fact that both companies give consumers the possibility to opt-out of sharing telemetry data, the data is still shared. Both Google's Pixel and Apple's iPhone extract data from mobile devices without the users' permission. Both iOS and Android transfer telemetry, according to Trinity College researcher Douglas Leith, “despite the user explicitly opting out.” 

The analysis is a component of a complete study titled "Mobile Handset Privacy: Measuring the Data iOS and Android Send to Apple and Google." Perhaps it comes out that Google gathers much more data than Apple, almost 20 times more data from the Android Pixel users. 

“The phone IMEI, hardware serial number, SIM serial number and IMSI, handset phone number etc. are shared with Apple and Google,” as per the report. “When a SIM is inserted, both iOS and Google Android send details to Apple/Google. iOS sends the MAC addresses of nearby devices, e.g. other handsets, and the home gateway, to Apple, together with their GPS location. Currently there are few, if any, realistic options for preventing this data sharing.” 

According to the researcher’s observations, Google Pixel transfers approximately 1MB of data to Google servers during the first ten minutes of operation. For the same duration of time, the iPhone sends about 42KB of data to Apple servers. When the Pixel is turned off, it transfers approximately 1MB of data to Google every 12 hours, whereas the iPhone sends just 52KB. The report also indicated that, whether in use or not, both operating systems link to their back-end servers every 4.5 minutes on average. 

Nevertheless, third-party software and pre-installed apps that come with both the operating system were not included in the evaluations. The study focused solely on data collected by handset features and elements at the operating system level, such as Apple's Bluetooth UniqueChipID, Secure Element ID, and the transmission of Wi-Fi MAC address. Even after not being opened or used by the user, the highlight of the study is the ability of pre-installed applications and services, which are exclusive to handset manufacturers, to connect to the network. 

According to the study, telemetry data transmission poses major privacy issues. The study does highlight the importance of sending general user data to the software manufacturer, as this provides for the creation and release of critical device and security updates for specific models.

Beware of Android Apps While Giving Access to Your Mobile Data

 

Have you ever thought about privacy while giving access to the app makers about your contact list, camera, recording, location, calls on your android phone? Or the issue of security and privacy doesn’t matter anymore, especially in the virtual world. 

According to CyberNews, apps in the health and fitness, communications, and productivity sections require the highest number of dangerous permissions on average. 

The most popular requirement of 99% of top android apps is to gain full network access and to view network connections, which permits an app to connect to the Internet, while 72% of apps asked for permission to view wifi connections.

Nearly, 75% of apps ask to read external storage and modify or delete external storage. On the other hand, 36% of apps ask for permission to use your camera such as photography, parenting, dating, etc. Surprisingly, the apps in the categories of gaming, astrology, and personalization also ask for camera permissions. 

Have you guessed the percentage of apps that record your conversations? If not, then the answer is 21%. Yes, out of the top 1020 Android apps nearly 215 asks for microphone access especially the apps in the categories of finance, lifestyle, and wallpapers. 

When it comes to calling, nearly 80 apps out of 1020 Android applications ask for permission to make direct calls. Luckily, most of these apps were from categories like communication, business, and social media. The interesting part is that even apps from the categories of gaming, photography, and wallpapers require access to your contact list. However, you should think twice about giving contact-related access to apps that do not need to use such information.

“It goes without saying that apps from any category might ask for dangerous permissions. For example, you’d expect a communication app to ask for access to your phone book and Android accounts, while a navigation app wouldn’t raise any eyebrows by asking to track your location,” says Vincentas Baubonis, CyberNews security researcher who analyzed the data. 

Four basic steps to minimize the risk 

• Only permit those apps that make sense. For example, if you give apps access to your microphone, they may be listening in, so be aware of what you’re giving them access to. 

• Try to download an app with all permissions disabled, you can still turn on the ones you want individually in the settings. 

• Try to download your apps from the Google play store because it identifies the apps that are potentially dangerous. 

• Turn off your location settings because a large amount of tracking comes from your location settings.

A Bug in iPhone Call Recording App Exposed Clients Data

 

A security vulnerability in a famous iPhone call recording application exposed thousands of users' recorded conversations. The flaw was found by Anand Prakash, a security researcher and founder of PingSafe AI, who tracked down that the aptly named Automatic Call Recorder application permitted anybody to access the call recordings from different clients — by knowing their phone number. 
 This application can track and record calls without an internet connection and can alter the voices of recordings, upload them to Dropbox, Google Drive, or One Drive, and also can translate in up to 50 dialects. All the client information gets stored in the company’s cloud storage on Amazon web services. This cloud storage has somewhere around 130,000 audio recordings that make up almost 300 GB. 

 Security circumstances like this are disastrous. Alongside affecting client's security, these issues likewise debilitate the organization's image and give an additional benefit to the contenders, said Anand Prakash. “This wasn’t just a violation of data privacy but also affected the users physically and at cyber risk, if their recorded conversations carry sensitive personal information. App makers that go wrong in investing in their cybersecurity must accept that the fines they could face for non-compliance with data privacy laws are extremely expensive – not to mention the cost of losing their customers' trust” he added. 

The bug was detected by Anand Prakash on the 27th of the last month when he was able to modify the web traffic and supplant the enlisted telephone number with someone else's number utilizing a proxy site called Burp, which gave him admittance to that person's call records and details. Fortunately, the bug was fixed by Saturday, March 6th, and the glitch-free version was launched in the Apple App Store. 

The call recorder clients were advised to uninstall the previous variant and download the latest rendition that is 2.26 or newer which is accessible on the Apple App Store. The paid variant is $6.99 for 7 days; additionally, they allow a three-day trial period. Their most basic monthly membership costs $14.99, with a 12 months advance, and has a few other options as well.

Doosra is Helping to Create an Alternative Digital Identity

 


Facebook, WhatsApp, Twitter, and other online media platforms have been approached to verify the identity of their users — this could be either through telephone numbers or government-provided IDs like the Aadhaar card. Putting your number online isn't only a danger even with expanding government observation. It is additionally about security and online safety since personal data can have in-real-life (IRL) outcomes like being targeted by stalkers, trolls, or individuals looking to hack into your account. “Where there is personal data, there is a great risk of hackers trying to steal it,” pointed out Mozilla in a statement. 

An Indian start-up situated in Hyderabad called Doosra has a potential solution. It will provide you with a 10-digit virtual telephone number (without another SIM card) that can be shared with shopping places, stores, and more arbitrary places. Along these lines, all the spam calls and messages with offers will be coordinated to the virtual number and your own number will stay liberated from spams. You will be able to stay hidden when you choose to call back an unknown incoming number without revealing your phone number.

“The only people that will have any kind of access to your primary number would be if we got an executive order from the official authorities,” Aditya Vuchi, founder and chief executive of Doosra said. This implies that if your social media handle is discovered to be a part of any activity, which abuses Section 69 of the IT Act, the government or Supreme Court will first have to issue an order to the social media platform. If and once they find that the mobile number given is a Doosra number, they should issue another order to Doosra to access your primary number. 

The six-month-old Doosra is the first such service to be accessible in India. It isn't that other such applications don't exist — like 2ndLine, Hushed, and Burner — however, you need an American or Canadian number to sign up for them. Doosra caters to numbers based out of India. You need your real number to sign up for the service, and it isn't free with plans beginning at ₹59 each month for essential services and ₹83 for the pro package.

Wi-Fi Mouse Application Detected with Bug

 

According to a researcher named, Christopher Le Roux, the smartphone app named Wi-Fi Mouse, which enables users to monitor the mouse movements on their PC or Mac with a phone or tablet, has an unpatched bug, which encourages opponents to sabotage computers. The impact of the associated "server software" of the Android app is the Wi-Fi Mouse, which is required for installation on a Windows system, that enables the moving desktop app to regulate the mouse. The bug enables an opponent with a popular Wi-Fi network to fully access the Windows PC via a software-opened communication port. 

The unpatched bug doesn't affect the Android smartphone operating the Wi-Fi Mouse program, as per Le Roux's analysis. The application has been installed more than 100,000 times, according to the developer's overview of the Google Play platform for Wi-Fi Mouse. And according to the developer, the bug is linked to the Windows desktop applications which have a poor password and PIN protection. 

“The password/PIN option in the Windows Desktop app does not prevent remote control of a target running the software,” stated Le Roux. “I believe this may be an oversight on the part of the developer.” 

While attempting to pair the smartphone operating on Wi-Fi Mouse with the corresponding Wi-Fi Desktop Program, the researcher said that the application doesn't really appropriately request smartphone app users to enter a password or PIN. The absence of encryption gives a possible rogue user the chance to use Wi-Fi Mouse's open data port, Le Roux added.

“The Wi-Fi Mouse mobile app scans for and connects to hosts with TCP port 1978 open. Upon connecting the desktop server responds with OS information and the handshake is complete,” he wrote. “From within the mobile app, you have a mouse touchpad option as well as a file explorer. The file explorer allows a user to ‘open’ any file on the System. This includes executable files such as cmd.exe or powershell.exe, which will open each command terminal, respectively.” 

It is as simple to send ASCII characters as HEX with covering on either side accompanied by a packet to type the main unrestricted access to the targeted device. Particularly since there's no authentication between server and application this procedure is fast and simple to program. An opponent only requires the Wi-Fi Mouse application, which can be used on a targeted PC – no smartphone application is necessary. 

“Sadly, the app can be easily mimicked even if it is not installed or on the network. The Wi-Fi Mouse desktop server will accept any connection so long as it is running on an endpoint and the firewall isn’t blocking its listening port 1978,” Le Roux said. An opponent will use the Windows system to run a simple command, to download a running program from an HTTP server, and execute it on the PC of the goal to get the remote shell. 

“An attacker could still feasibly exploit a Unix-based system with minimal effort,” he wrote.

15,000 Clients Data Leaked Accidently by a Turkish Firm

 

Accidentally, a law firm has disclosed client data of 15,000 incidents in which individuals have been killed and wounded after a cloud misconfiguration. Through a misconfigured Amazon S3 bucket, the WizCase team unearthed a huge data leak with private details regarding Turkish residents. The server includes 55,000 judicial records concerning more than 15,000 court proceedings, affecting hundreds of thousands of individuals. The firm affirmed that it does not require any permission to browse the 20GB trove that anyone with the URL may have viewed the very confidential information.

WizCase is one of the leading multinational websites offering cybersecurity resources, tricks, and best practices for online safety. Also incorporates VPN ratings and tutorials. The data was traced by WizCase, back to the Turkish actuarial consulting company, Inova Yönetim, which analyses details for risk and premium estimation.

The online security team has revealed a major abuse of the data from an Amazon Bucket misconfigured by INOVA YÖNETIM & AKTÜERYAL DANIŞMANLIK, a Turkish legal attorney. Inova is an actuarial consulting firm that gathers mathematical data and measures the probability and premiums of insurers. Since 2012, Inova has been in operation and has dealt with thousands of cases. 

The researchers have found that, along with insurance and accident data, the personally identifiable information (PII) about the survivor in each of the 15,000 court cases including name, national ID and marital status, and day of birth is also available. Some records have revealed much more specific details about claimants, witnesses, and others, including detailed accident information, car registration numbers, breathalyzer test reports, incident descriptions, and many more. In certain cases, the data has more details about the victims or other persons involved in it. It involved information of parties such as victims, event participants, police officers, lawyers. 

The data appeared to relate to the circumstances between the beginning of 2018 and the end of summer 2020. Many who are vulnerable to the snafu could be at risk from scammers following extremely persuasive phishing emails or telephone calls to get more financial and personal details. 

“With some social engineering, bad actors or criminals could contact an [mobile] operator, masquerading as the victim, and verify all kinds of verification questions operators would ask to clone a SIM card,” WizCase stated. “After having access to victims’ phone calls and SMS messages, bad actors could then try to do the same operation with clients’ insurance and bank.” 

According to WizCase, for situations like this, preserving the internal data is unusually challenging since it is always in the hands of the organization one deals for. One must be sure that they just send the correct details and ask them what security steps they are undertaking to keep their private data private. If one gets a call relating to the crash, please notify their Inova contact and ensure that an application comes from them, and never trust someone asking for personal details over a phone.

Russian expert predicts end of WhatsApp - Users switching to Telegram

Over the past weeks, WhatsApp messenger has started losing millions of users. They migrate to Telegram. In mid-January, almost 25 million people came running to Telegram in just three days. Some WhatsApp fans went to another social network - Signal. It gained 7.5 million users in two days.

The reasons for the outflow from WhatsApp are related to the privacy policy, which allows the developer to share user data with Facebook, explained the coordinator of the Center for Secure Internet, Urvan Parfentiev. In particular, according to him, the location and phone numbers will become transparent.

Information and computer security specialist, programmer, blogger Sergey Vakulin said that in addition to the privacy policy, there are other reasons.

"First reason is the privacy policy. The second is functionality. The third reason is anonymization. People who care about their security and privacy of correspondence are less likely to trust WhatsApp," said he.

According to Mr. Vakulin, the advantage of Telegram relative to many social networks is the lack of censorship.

There are those who like to watch something cruel, a murder. But on the social network VKontakte and Odnoklassniki, it is forbidden to do this. And on Telegram, you can create a channel that will not be censored", explained the blogger.

After the outflow of users, WhatsApp launched a powerful awareness-raising campaign and abandoned the previously announced measures. Therefore, "we cannot talk about the death of WhatsApp", stressed Parfentiev.

However, Vakulin believes otherwise.

"Most likely, we will see the death of WhatsApp. The old social networks and apps don't have enough functionality. A person needs to learn something new in the social network. Therefore, we are replacing it with a new one," commented he.

At the moment, dozens of messengers are known. The most popular in Russia are the following: in the first place is WhatsApp, which in 2020 increased by five percent compared to 2019; in second place is Viber, followed by Skype. The fourth place is taken by Telegram, which grew by 10 percent. Facebook closes the top five (plus 6 percent).

Earlier, E Hacking News conducted an interview with a veteran Cyber Law specialist in India Vijayashankar Na (Mr. Naavi) and he shared with us his opinion on the new privacy policy of WhatsApp messenger and how it impacts the users.

Digital Concentration Camp: Tech giants are playing God

Recent events in the United States have shown that the tech giants do not care about the constitution, this is a cause for concern.

There are situations when half a dozen people who have created their own technological empires do not even want to know what rights they have in their state. They determine their own rights on the basis of so-called "corporate norms" and do not respect the constitution of their states. We have seen this clearly in the United States. This, of course, a matter of serious concern.

In general, we are talking about the fact that several major multinational corporations - IT, media, pharmaceuticals, banks - plan to do what they want with people. As you know, the emergence of giant monopolies is a classic feature of any large-scale crisis of capitalism. Lenin wrote about this fascinatingly.

An excellent example of this was when Twitch, Twitter, Facebook, YouTube and Instagram previously blocked Trump's accounts for various periods of time due to his statements about the riots in Washington on January 6.

According to Vladimir Shapovalov, a member of the board of the Russian Association of Political Science, Trump and his supporters were deprived of the freedom to vote, the right to receive and disseminate information. But such a right is fundamental.

Another example is how the largest American airline Delta blacklisted almost nine hundred passengers for their "Trumpism". In November, the same company denied its services for life to a passenger who shouted slogans in support of Trump.

It's interesting to note that on one decision to ban Trump, Zuckerberg's company lost 5% of its value. However, they don't seem to care at all about profit. Uber, Snapchat, and Tesla record losses year after year. All they are interested in is the most severe control of their consumers.

It is worth noting that on January 17, Naavi, a veteran Cyber Law specialist in India, became a victim of the injustice of the monopolies. He published an interesting article Union Bank and RSA Fiasco, where he shared his experience and expressed his opinion about what is happening. It all started with the fact that his site was groundlessly accused of hosting a phishing script. The article about Union bank, published on January 14, 2021, received a complaint from the RSA security service. This resulted in the Service provider M / S Square brothers has disabled not only the article page but the entire website www.naavi.org.

Readers in the comments advise Naavi to send a legal notice to RSA and UBI for defamation, DoS (disruption of legal rights) and various sections of the IT Act. The consensus among readers is that RSA and UBI consider themselves above the law and that they need to be made aware of their limits.

Moreover, even our E Hacking news portal has faced similar issue. The Cyber Security Company Comodo mistakenly marked the E Hacking news site as phishing. We even sent a false positive request from their website and also tried to contact them on their Twitter account. There was no reaction on their part.

Earlier, E Hacking news reported that a Russian IT company reportedly lost the contract in the USA because of serving sites with content from Trump supporters.