On the guard of the cyber world: Ethical-hackers will appear in the Russian army


The Russian army will have special units, which will include ethical-hackers - people with technical education who will protect the "military Internet". They will scan the system for the presence of enemy cyber attacks and quickly neutralize them.

Conscripts will not be able to get into such units because only officers with special higher technical education can serve in a cyber army.

According to military expert Dmitry Boltenkov, it is necessary to block the attacking computers of the enemy and prevent him from getting into the network. Usually, software and hardware protection is used for this, as well as special devices that protect against hacking or warn of penetration.

It is already known that the software has already been created that should unite the field control stations and provide a multi-level network protection system.

According to experts, such a system will make it impossible for external access to the "military Internet". Protection includes several firewalls that prevent unauthorized access. So, specially designed antiviruses will track the unauthorized access of malware.

The exact place where the invasion occurred and the enemy could intercept radio signals or connect to the network will be detected with the help of special programs and equipment. Further, cybersecurity experts from the new unit can identify and localize the consequences of the attack.

The main advantage of this system is its autonomy because "military Internet" is not connected with the usual network, which means it is less prone to leaks and hacker attacks from outside.

The Ministry of Defense tested the work of the “military Internet” this year. The exchange of information at a speed of 300 Mbit/s was carried out between the field control stations at a distance of more than 2 thousand km. The military Department used special equipment and more than a thousand mobile communication and encryption complexes to create ultra-long data lines. The new system allows the exchange of information at a distance of several thousand kilometers, and all communication channels will be protected from hacking.

In addition, the Armed Forces of Russia are also creating a sovereign Internet - multiservice transport communication network (MTSS). It is planned to complete the first stage of work at the end of this year.

Banks collect biometric data of citizens in Russia






More than 70 Bank offices in the Irkutsk region are already working in the Unified Biometric System, which allows receiving services of bank remotely.


Recall that remote identification was launched in Russia in mid-2018. Clients just need to confirm their identity using biometric data - face images and voice recording.

According to the employer of the Irkutsk Branch of the Bank of Russia, clients need to come to the office once with a passport in order to register in the system. This procedure takes less than 1 minute. Today, 71 Bank offices work with such technologies in the Irkutsk region. Siberian residents can do the identification procedure in the biometric system in 687 branches of 57 banks.

Citizens have access to services of opening an account, obtaining a loan and transferring funds. These services can be obtained by phone, without a personal visit to the office of the Bank. The number of services will expand in the future. In addition, soon insurance companies will also recognize citizens by biometric data.

The new system has significantly reduced the number of Bank frauds. Thus, according to the Pochta Bank, the credit institution managed to block about five thousand fraud attempts in the last year through the biometric identification of clients.

Svetlana Ozeretskovskaya, the Head of Promotion of the Unified Biometric System project, stressed that "all biometric data is encrypted. It is almost impossible to restore them. This reduces the risk of compromise and does not allow attackers to take advantage of the data, even if some kind of leak occurs".

Meanwhile, cybersecurity specialists still see some weaknesses in the system. For example, Trojans in mobile applications or social networks can intercept biometric. But the authors of the biometric identification system are sure that even if your data gets to the criminals, the system will still calculate the fraud. According to the company Rostelecom, the probability of incorrect recognition of the client is 1 per 10 million. Moreover, the system will distinguish even twins from each other.

Russian cyber security specialists massively quit from Russian banks



The Central Bank’s requirements for information security, which have dramatically increased over the past year, led to the departure of specialists in this field from banks to other industries. This situation has risks for banks and their customers. Experts noted that hackers who in 2019 refocused the attack from banks to government offices and industrial companies, can come back.

The banking market is in a dangerous situation, because the leading information security experts leave banks, finding application in other industries.

According to Alexander Vinogradov, the former head of the information security service at Zlatkombank, only among his acquaintances, 11 important Bank security officers who held senior positions resigned from credit institutions and found work in other areas — Telecom, retail, etc.

"The guys are just tired: the load on information security specialists has increased many times over the past year, the requirements have increased many times, many do not stand the load,” he said.

"The maximum responsibility and requirements with a very dubious return," — said Denis Malygia, the former head of the service of the Bank "Garant-invest", commenting on his decision to leave the post.

According to the information security experts, there is another problem, it is the unwillingness of banks to allocate budgets, which is why the risks of successful hacker attacks increase. Specialists of Group-IB said that 74% of the banks are not ready for hacker attacks.

Experts believe that the departure of information security specialists from banks is a dangerous trend. Maria Voronova, the Director of Consulting at InfoWatch Group of Companies, said that personnel risks, in particular, shortage of personnel, are one of the main operational risks in the field of information security.

According to experts, it is rather difficult to find a replacement for those who quit the bank. It may take about six months to find a new head of information security service.

It is interesting to note that in the first quarter of 2019, cyber attacks on the financial sector amounted to 6% of the total number of attacks on legal entities. State institutions (16%), medical (10%) and industrial companies (10%) became the most popular among hackers. If the bank security system will be more vulnerable, hackers can switch to this area.

The Moscow Mayor’s Office claims that electronic voting is safe


According to Alexey Shaposhnikov, the Chairman of the Moscow Parliament, the experiment to conduct electronic voting in the elections of deputies of the Moscow City Duma will take place, despite the detection of weaknesses in its system during testing.

Shaposhnikov said, “I am a supporter of the development of e-democracy; e-voting is one of the elements of its development.”

Recently, Alexei Venediktov, the Deputy Chairman of the Public Chamber, said that the electronic voting system from July 11 will be available in test mode for everyone. Hackers will be able to try to hack it for a fee of 1.5 million rubles.

Artem Kostyrko, the Deputy Head of the Department of Information Technology Department of Moscow, said that the guarantee of security of the electronic voting system is the fact that it will be held on the website of the Moscow Mayor’s Office mos.ru.

The speaker of Moscow City Duma noted that he did not know of any cases of hacking into the site mos.ru. Specialists, who are responsible for the functioning of the security system, guaranteed correct operation during the counting of votes.

People wishing to participate in the electronic voting must pass verification in advance on the official website of the Mayor of Moscow.

The Moscow City Duma Chairman added that according to preliminary forecasts, up to 6% of the voters in Moscow will participate in the experiment on conducting electronic voting.

It should be noted that the Moscow authorities plan to arrange an online broadcast of electronic voting, during which it will be possible to find out the number of voters.

Experts believe that it remains unclear how the voter authentication, the secrecy of the vote and freedom from being forced to vote will be ensured.

In addition, the technical side of the e-voting process is provided by the Moscow Mayor’s Office, which is a structure of the Executive branch of Government, the head of which represents one of the political parties. According to experts, this is a violation of the principle of independence of election organizers and the principle of separation of powers.

Elections to the Moscow City Duma are scheduled for September 8, 2019. An experiment on electronic voting will be conducted in three districts of Moscow.

Yandex responded to a Reuter’s article on hacking by Western intelligence agencies


Russian Internet giant Yandex reported that hackers working for Western intelligence had access to the company's systems for several weeks. Yandex stated that the hacking attempt was neutralized immediately.

Yandex claims that hackers did not get access to user data. Moreover, the attack did not cause any damage. Sana Paritova, the Head of corporate communications of Yandex, stated, "We can assure you that the attackers are unable to access data of users of Yandex services.”
Yandex specialists “promptly identified and neutralized at the beginning” the hacking attempt.

The company stated, “Yandex, as well as all the major Internet companies,  are regularly confronted with various types of cyber threats. Our corporate policy does not imply the dissemination of detailed information about such cases.”

Recall that the Agency Reuters reported that in October or November 2018, hackers working for Western intelligence services hacked the company in order to spy on user accounts. According to the Agency, employees of Western intelligence agencies have installed a malicious program Regin used by the Five Eyes Alliance. This program allows them to impersonate users and access their messages.

The malicious software involved in the hacking is used by the United States, the United Kingdom, Australia, New Zealand and Canada. It was not possible to determine which country was behind the attack.

The article states that hackers were interested in technical information that allows them to understand how Yandex identifies user accounts. Possessing it, foreign intelligence could impersonate the user and gain access to their messages. The ultimate goal of the hacking was espionage, it was not an attempt to steal intellectual property.

Sources also said that hackers had access to Yandex systems for at least a couple of weeks.

The company turned to Kaspersky Lab, which found that the target of the attack was a group of Yandex developers.

It’s interesting to note that Yandex is working in the field of information technology. It owns the eponymous search engine on the Internet, an Internet portal, a number of different information services.

Recall that earlier EhackingNews was reported that cyber attacks with the use of the Troldesh encryption virus, also known as Shade, XTBL, Trojan.Encoder.858, Da Vinci and No_more_ransome, have again increased in Russia.

The Program " The straight line with Vladimir Putin” underwent a DDoS attack.


The straight line call center with Russian President Vladimir Putin was DDoS-attacked from abroad. It is noted that due to this fact there were problems with connection during Putin's communication with the Russians.

The host of the program on the air told, "Our call center just underwent a massive DDoS attack from abroad, apparently, failures in video calls are associated with this. The total number of calls is already approaching two million”.

The press service of Russia's largest provider of digital services Rostelecom said, “Two powerful attacks happened. Rostelecom successfully repelled the attacks. The attacks did not affect the straight line operation."

An interesting fact is that Margarita Simonyan, the editor of the Russian international news channel RT, said that the attack of hackers was carried out from the territory of Ukraine.

Alexey Malnev, the Head of the Monitoring and Response Center at Jet Infosystem, said that in the period from 2013 to 2015, almost every political or economic event was subjected to a powerful surge of attacks.

The expert stressed that the hacker attack on the straight line with Russian President Vladimir Putin was carried out in order to destabilize the situation.

"Today we can say with confidence that this is a wave of the established trend of recent years," said Malnev.

He also added that the cyber war in the modern world is permanent. The expert noted that in the future we should continue to expect similar as well as more complex attacks.

It is worth noting that the Program "The straight line with Vladimir Putin" is already the 17th since 2001 and takes place in the classical format. The President is in the Studio, where he answers questions of interest to Russians, received both by phone and through the direct line website or a special application. If necessary, the Head of State may contact the Heads of regions and Ministers on various issues.

Usually at the end of a straight line Putin draws up a list of instructions, appointing responsible persons and deadlines for the execution of each task.


GLONASS to protect signals of future satellites from hacker attacks


The Transport Safety Forum was held in St. Petersburg last week, in which the Chief Designer of GLONASS JSC Mikhail Korablev took part. He reported that the new Federal Target Program has a task to protect signals of future satellites from hacker attacks.

It is worth noting that GLONASS is a Russian satellite navigation system, one of only two fully functioning global satellite navigation systems in the world for today.

According to Mr Korablev, the task is to improve the accuracy of the GLONASS system and to increase the security of the signal, to combat spoofing (an attack on a satellite in which a navigation signal is faked).

"The attack of the ship management system is a problem. All ships use satellite navigation. There is a confirmed fact of information attacks on ships that do not allow making it possible to determine the location. Therefore, one of the tasks of the new program, in addition to improving accuracy, is to increase security," said Korablev.

It is not yet known how the satellite signal will be protected because the new Federal Target Program for the development of the GLONASS navigation system for the period 2021-2030 has not yet been approved. Currently, it is in the process of negotiation and should soon be sent for approval to the Government of the Russian Federation.

In the future, the entire GLONASS navigation system will be upgraded to the new GLONASS-K2 devices, which are fully assembled on the basis of domestic products. The first GLONASS-K2 satellite is scheduled to be launched into orbit at the end of 2019 - the beginning of 2020. It’s interesting to note that, currently, the GLONASS system orbital network includes 26 satellites.

The National Payment Card System (NPCS) of Russia says the Fast Payment System is secure


According to Dmitry Kolesnikov, Director of the FPS project in the NPCS, the Fast Payments System is completely safe.

Earlier, the Head of Sberbank German Gref said that one of the reasons why Sberbank does not join the Fast Payment System is cybersecurity. So, according to Gref, the system is still unsafe.

"The system is safe, secure, fully complies with all standards. There were no incidents during the operation," said Kolesnikov at the International Forum "Remote Services, Mobile Solutions, Cards and Payments - 2019".

The Bank of Russia summed up the results of the first four months of the FPS. According to Maria Krasenkova, the Head of the Development and Regulation of the National Payment System of the Central Bank, from January 28 to May 28, 500 thousand transfers were made through the FPS for a total of 4.2 billion rubles ($ 64 million). Dmitry Kolesnikov noted that during the operation of the system, about 200 thousand people took advantage of it. According to NPCS, 40% of transfers are made between own accounts, 60% between accounts of different clients.

It is worth recalling that the Central Bank launched a competitor to the Sberbank transfer system, it's a money transfer system (FPS) by telephone number between accounts of different banks. First, only 11 financial institutions joined the FPS, including Alfa-Bank, Tinkoff Bank, Gazprombank, VTB and others. Another 100 banks expressed their desire to join the system. However, Sberbank has not yet expressed its desire to join the FPS. The largest Russian Bank was a monopolist in the market of money transfers between individuals. In 2018, Sberbank earned 47.2 billion rubles ($ 722 million) on transfers, and the launch of the Central Bank system has already hit its revenues. In the future, participation in the FPS is planned to be mandatory for all banks.

The Bank of Russia expects to connect important Banks to the FPS before September 1. However, according to Gref, the agreement with the Bank of Russia on the connection of Sberbank to the FPS has not yet been achieved.

The Ministry of Internal Affairs of the Russian Federation to create a portal for complaints against hackers


In Russia, a special resource that will allow better fight against hackers to be created. Citizens themselves will be able to inform on hackers who either suffered from hackers or simply noticed some violations.

The concept of the service is the collection of information on cybercrime from citizens and legal entities, as well as government agencies, and then accumulating it in one system. The resource will be continuously and automatically collect data about the threats.

It will be possible to tell about violations by phone, e-mail, messenger, SMS and social networks. The database of the resource will also be updated due to the already existing systems in Russia: for example, a Unified Biometric System, a Portal of Public Services.

Citizens and government agencies will be able to use the service for free. Today in Russia there is no single place to collect information about cybercrime, access to which could be obtained by all interested citizens.

The system is being created by the Russian organization Data Economy. The organization was created to provide services in the Development of the Digital Economy in Russia supporting socially significant projects and initiatives. The founders of the organization are the Russian Government, ASI, Russian Post, Sberbank, a number of telecommunications and IT companies.

However, an employee of one of the IT companies said that the effectiveness of this system is sharply questionable, as the data from the public resource will be in the hands of attackers very soon and will only help them quickly modify the attack to be unnoticed.

It is interesting to note that the concept of a single portal was approved by the organization Data Economy and sent for approval to the Cabinet of Ministers. The total amount of financing of the national project for the next six years is more than 1.5 trillion rubles.

Security Bug Discovered in Google's Titan Security keys, Provides Free Replacement




A security bug in Google’s Titan Security Key which can potentially allow fraudsters located nearby to bypass the security provided by the key. While the company provided a replacement key for free to all the already existing users, it blamed a “misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols” for the security bug.
Although the defected keys are reported to be still protecting against phishing attacks, the company decided to provide a replacement key regardless. The affected keys include all those which are sold in packages priced a $50; it also includes a usual NFC/USB key.
In order to exploit the security bug, the fraudsters need to in a Bluetooth range of around 30 feet, he is supposed to act promptly as the victim activates the key by pressing the button, then the fraudsters can employ falsely configured protocol to intercept your device’s connection to the key and connect theirs instead. Then given, they would be having access to your username and password, they would be able to log in to the victim’s account.
Google has given students to ensure that the bug does not intercept the security key’s ultimate purpose that is to provide security against phishing attacks; Google also urged the users worldwide to keep utilizing the keys until a replacement is provided.
In an announcement, the company said, “It is much safer to use the affected key instead of no key at all. Security keys are the strongest protection against phishing currently available,”
Around the time when Google launched its Titan keys, Stina Ehrensvärd, Yubico founder, wrote, “While Yubico previously initiated the development of a BLE security key, and contributed to the BLE U2F standards work, we decided not to launch the product as it does not meet our standards for security, usability and durability,”




According to Russians, Assange is a freedom fighter and an altruist


According to a survey by the Russian Public Opinion Research Center, the majority of Russians believe that the founder of WikiLeaks Julian Assange is a freedom fighter and an altruist.

According to 45% of Russians, Assange promotes the principles of freedom of speech and freedom of the media, publishing secret materials. In addition, 40% of survey participants believe that Assange acted in the interests of the world community.

Most Russians believe that “Assange wanted to open the eyes of the world community to cases of corruption, crimes, scandals in different countries."

However, a quarter (27%) of those surveyed believe that Assange violated the law with his publications. According to 17% of Russians, Assange sought to take revenge on his enemies and attract attention.

The survey was conducted on April 13, 2019, among 1600 Russians over 18 years old. The survey method was a telephone interview.

It should be remembered that on April 11 the British court found Assange guilty of the violation of conditions of release on bail. The journalist was arrested at the Embassy of Ecuador in London. where he asked for political asylum in 2012. He never left the diplomatic mission building for fear of arrest and extradition to the United States, where he is accused of publishing secret documents of the State Department.

Security flaws found in taxi booking apps

Experts of the Russian Quality System (http://roskachestvo.gov.ru/) made a decision that the most popular applications for ordering a taxi can cause the leakage of personal data, such as Bank card information.

Experts tested such programs as "Yandex.Taxi", Uber Russia, Maxim, Gett, City-Mobil, Rutaxi and Fasten. It turned out that almost half of the applications are vulnerable to DDoS attacks which can cause a blocking of the service.

The test showed that there are a number of potential vulnerabilities in applications, for example, weak hashing and encryption algorithms and insecure SSL implementation.

In turn, Taxi services specified that their programs use a secure data transfer protocol, and all information is stored in encrypted form.

According to experts, people should not order a taxi when connected to an open Wi-Fi network or they must install a VPN client on the device.

The idea of taxi applications nowadays is very practical and comfortable, but the quality of services leaves much to be desired. It turns out that in reality companies are not responsible for the qualification of taxi drivers, as well as for its absence when it comes to litigation. It will not be surprising if next time companies will not take the consequences for the leakage of personal data.

Fraudsters Gaining Access to Users Mobile Devices to Commit Bank Fraud


With the advent of Unified Payment Services (UPI), the idea of sending money from one bank account to the other without having to top up the sum in the mobile wallet has become a reality. However, with new means of transactions coming up and widening of the horizon of banking operations, there is an even enhanced possibility of bank frauds. Hackers have been continuously coming up with new ways of bypassing security.
ICICI Bank reported that in order to gain remote access of smartphones of various users, cybercriminals trick users into downloading ‘AnyDesk’, an application available on App Store as well as Play Store.
Once the user downloads the app, a nine-digit app code is generated on his mobile device which they are then asked to share with the criminals. After receiving the code, fraudster enters the code onto his mobile and then asks the user to grant him certain permissions. Now, once the criminal gets the permissions, he can access the user’s device with ease.
Users are advised to verify and then install the original UPI app and payment wallets from Apple Store and Google Play Store owned by authenticated companies. Avoid downloading applications from suspicious or unknown sources and consider reading reviews prior to going for the download.
Furthermore, while granting permissions on making the download, one should be highly alert and pay extra attention to the details. Banks suggest having your e-mail ID registered and verified in order to be notified of any illegal action taken on your account.
Other safety tips include getting your SIM card blocked instantly if you happen to misplace your mobile device and logging out of your bank account from the web browser. Lastly, customers should always keep a track of their banking transactions which are sent through SMS, it will allow them to take note of any fraudulent transaction and report it to the bank.  



An ex-FSB officer was sentenced to seven years in prison in the case of State treason



The Moscow City Court sentenced to seven years in prison an entrepreneur and ex-FSB officer Georgii Fomchenkov. The case was heard behind closed doors because of secrecy.

Recall that Fomchenkov was arrested on December 5, 2016. He is the fourth defendant involved in the case of State treason of employees of the FSB. So, Sergei Mikhailov, the Head of one of the divisions of the Information Security Center of FSB, his subordinate major Dmitrii Dokuchaev and Ruslan Stoyanov, an employee of the Computer Incident Investigation Department of Kaspersky Lab, were arrested in this case. It should be noted that Ruslan worked until 2006 in law enforcement agencies.

It is known that Mikhailov received 22 years in prison and a fine of 400 thousand rubles, Stoyanov received 14 years and a fine of 150 thousand rubles.

According to media reports, the defendants are accused of transferring secret information to foreign intelligence services. 

Colonel Mikhailov and his subordinates carried out operational development in the case of Pavel Vrublevskii, the founder and CEO of the processing company Chronopay. It turned out that they gave the FBI secret information about the ways and methods of conducting operational and investigative activities in the case of Vrublevskii, who is considered to be a cybercriminal in the United States. They earned on the sale of State secrets 10 million rubles.

In addition, Fomchenkov previously engaged in business on the Internet. In the early 2000s, he had the payment services that were popular among the webmasters of pornography sites, spammers, and owners of pharmacy resources.

An interesting fact is that the detention of Stoyanov and Mikhailov happened shortly after the arrest of Vladimir Anikeev, the Head of the hacker group Humpty - Dumpty. Officially, the FSB does not connect these two events. However, Anikeev was interrogated in the case of Fomchenkov.

Apache Httpd 2.4.39 Fixed the Flaw Which Let Users Gain Root Access



A vulnerability in the Apache HTTP server which allows users to write and run scripts in order to gain root on Unix systems was patched in Apache httpd 2.4.39 release.

According to the changelog which was tracked as CVE-2019-0211, all Apache HTTP Server releases were impacted, starting from 2.4.17 to 2.4.38. Additionally, the execution of arbitrary code through scoreboard manipulation has also been made possible.

As the web server is employed for running shared hosting instances, Mark J. Cox, Apache Software Foundation and the OpenSSL project founding member, emphasized on the seriousness of the issue in a Twitter post he made about CVE-2019-0211 security issue.

Users with few permissions on the server would now be able to extend the privileges by making the use of scripts which run commands on defenseless Apache servers as root, Cox further explained.

Along with this major flaw, two other control bypass security vulnerabilities were also patched with the Apache HTTP Server 2.4.39 release.

Besides these three, the latest Apache httpd release also fixed three less severe flaws which potentially could have led to normalization inconsistency issues and crashes.

The privilege escalation vulnerability of significant severity was reported by a security engineer on February 22 along with a response and reportedly a fix have been provided by Apache on March 7.






Roskomnadzor demanded that VPN services connect to the register of prohibited sites

Roskomnadzor for the first time demanded that the owners of VPN services connect to the register of banned sites in Russia. According to the law, VPN providers and Anonymizers connected to it are obliged to filter traffic.

The requirements for connecting to the State Information System (FGIS) were sent to the operators of 10 VPN services NordVPN, Hide My Ass!, Hola VPN, OpenVPN, VyprVPN, ExpressVPN, TorGuard, IPVanish, Kaspersky Secure Connection and VPN Unlimited.

FGIS contains a single register of banned Internet resources in the Russian Federation. According to the law, VPN services and Anonymizers are obliged to restrict access to Internet resources prohibited in Russia. So, services are required to connect to this system to gain access to the registry.

According to the current legislation, VPN services are required to connect to FGIS within 30 working days from the date of sending the requirements. Otherwise, FGIS may decide to restrict access to the VPN service.

It turned out that Roskomnadzor demanded to connect to the FGIS after receiving approval from the Federal Security Service.

It's important to note that the search engines operators Yandex, Mail.ru, Sputnik, Rambler are currently connected to FGIS. At the beginning of 2019 Roskomnadzor fined the company Google for 500 thousand rubles for non-execution of requirements about connecting to FGIS.

WhatsApp May Oppose the Demand for Traceability of Messages




The government wants to probe into the sources of inciting and provocative messages and posts which have led to violence across the nation, incidents of lynching and various other controversial issues.

In order to do so, it has proposed certain guidelines that would require Whatsapp to unveil information regarding the origins of messages.

As doing so will contradict the end-to-end encryption WhatsApp provides, the company will oppose the proposed regulations. It will also be violating free speech and privacy rights. 

The intermediary guidelines which are reported to be made public after elections will include jail terms and penalties for heads and officials of various messaging platforms and social media companies for non-compliance.

Reasoning WhatsApp’s failure to act in accordance with the proposed guidelines, a person said, “WhatsApp feels the proposed guidelines are too broad and not in sync with privacy protection norms that are important to people everywhere,”

“What is expected from the rules is just not possible considering the end-to-end encryption the company provides — it would mean a new product.” He added.

The Facebook-owned app, which did not answer all the questions, believes that confidentiality is one of the key aspects of what they have to offer. They feel that gathering private information of users is contradictory to the whole idea of WhatsApp which was primarily designed to keep the conversations private. 

Putting the same into perspective, another person said, “The company will continue to push back against government’s attempts that it feels weaken its end-to-end encryption feature,”

While defending its stance on safety and privacy, WhatsApp previously said, “People rely on WhatsApp for all kinds of sensitive conversations, including with their doctors, banks, and families. The police also use WhatsApp to discuss investigations and report crimes,”  

“Attributing messages on WhatsApp would undermine end-to-end encryption and the private nature of WhatsApp, creating the potential for serious misuse. Our focus is on improving WhatsApp and working closer with others in society to help keep people safe.” 

Reasserting the intention of the government, an official told ET, “They don’t or refuse to understand this — we don’t want you to look into the video or the audio or content, just tell us where (it began) or who started it,”

Understanding the concern of national security and integrity, WhatsApp said that it has made essential changes in the product and has addressed misinformation via public education campaigns. Besides that, the company also made necessary alterations like limiting the times a message can be forwarded and letting people exit groups in one tap.

However, the government did not seem to be satisfied with these alterations and has continued to request for traceability.










The Russian Foreign Ministry demanded an apologizy from an American journalist

The Ministry of Foreign Affairs (MFA) of Russia believes that American journalists, who for two years unreasonably accused Russia of interfering in the US presidential election in 2016, should apologize to Russia. The representative of the MFA Maria Zakharova announced this it in the program "60 minutes" on the main Russian Federal channel.

In addition, Zakharova harshly criticized in her Facebook page the American journalist and political scientist Fareed Zakaria.

We are talking about a speech devoted to the conclusions of Special Prosecutor Muller, where Zakaria points to a number of facts showing the existence of a connection between Trump and the Kremlin. Maria Zakharova believes that Zakaria profaned the Russian, and the Americans once again faced with one-sided propaganda. Therefore, he must apologize to the two nations, not only to Trump.

According to the Russian diplomat, Zakaria and other journalists should first apologize to the Russians before again conducting broadcasts, laying out their forecasts and conclusions.

The diplomat added that Moscow intends to analyze quotes and clippings from programs in which the audience was convinced of Trump's connections with Russia. After that, the detected materials will be submitted to international organizations for investigation.



In the Czech Republic, the Russian center of cyber attacks has been neutralized - Local Media

According to the Czech local news magazine Respekt, Russian Intelligence Services used two computer companies in Prague for performing cyber attacks.

It is alleged that the Czech Security Forces disclosed the activities of the cyber attack center in early 2018.

According to a journalistic investigation, the two companies were formally engaged in the sale of computer hardware and software, but in reality their employees were also preparing hacker attacks using their computers.

Journalists found out that part of the equipment for companies in the Czech Republic was brought from Russia through third countries by cars of the Russian Embassy with diplomatic numbers. The computer companies got this technique also through the diplomatic mission.

The investigation said that the hacker group included both Czechs and Russians who received Czech citizenship. The group could cooperate with several similar Russian groups operating in other countries.

It is interesting to note that in September last year in the Czech Republic for hacking the system of issuing residence permits detained 8 Russians and Vietnamese. Russian hackers had hacked the servers of the Czech Foreign Ministry in the interests of the Vietnamese for a fee, who can legalize their countrymen’s stay in Europe.

Hackers Tracking Location History via Google Photos Vulnerability


A vulnerability has been found in the web version of Google photos which lets malicious websites access the sensitive information related to the photos such as date and geographic coordinates.

On the basis of this metadata information of your photos, they will be tagged by Google photos automatically.

The metadata of any photo allows details to be moved along with the photograph file which is readable by end users, hardware and software.

How the Hack Functions

To begin with, the hackers have to befool the user and trick him into accessing the malicious website while he is logged into his Google Photos account.

As soon as the malicious website opens in the web browser, it generates answers to the questions the attacker has by stealthily generating requests to the Google Photos search endpoint.

As stated in a report by Imperva, the hacker can keep a record of the queries which have been already asked and resume the process from there on upon your next visit onto any of his infectious websites.

Reportedly, the vulnerability has been patched by Google after Imperva brought it to their knowledge.