Search This Blog

Showing posts with label Technology. Show all posts

Microsoft Issues Its First Ever ‘Targeted’ Warning ; Saving VPN Servers of Hospitals


Following a recent disclosure about Iranian hackers targeting on vulnerabilities in VPN servers like the Pulse Secure, Palo Alto Systems, Fortinet, and Citrix, Microsoft gave its first-ever 'targeted' warning to a few dozen hospitals, informing them of the vulnerabilities in their own virtual private network (VPN) appliances.

With the organizations depending all the more heavily on the VPN servers as the lockdowns are in full swing of the unfortunate outbreak of the Corona Virus. They had no other option except to fall back to this means to help telecommuters but that in the end has made that specific part of the system a weakness i.e a soft spot for ransomware attackers to target – specifically at hospitals with already stressed assets.

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (DHS CISA) a month ago cautioned all organizations to fix VPN services, however, Microsoft is especially worried about hospitals' vulnerability to human-operated ransomware due to unpatched VPN servers.

One group the Microsoft team has been following is the REvil, otherwise known as Sodinokibi, ransomware gang, which is known for setting monstrous ransom demands for businesses and government agencies.

While the ransomware gang hasn't yet developed new attack techniques but instead has repurposed strategies from state-sponsored attacks for new campaigns that exploit the heightened requirement for information in the current coronavirus crisis.

The Microsoft Threat Protection Intelligence Team uncovered in a new post, "Through Microsoft's vast network of threat intelligence sources, and we identified several dozens of hospitals with vulnerable gateway and VPN appliances in their infrastructure."

"To help these hospitals, many already inundated with patients, we sent out a first-of-its-kind targeted notification with important information about the vulnerabilities," it added later.

When mentioning these new ransomware gangs the Microsoft team noted, “We haven't seen technical innovations in these new attacks, only social engineering tactics tailored to prey on people's fears and the urgent need for information."

And so the Multinational Technology's recommendation to hospitals and various other organizations is to follow three key steps to shield their VPN services from attacks:

  • Apply all available security updates for VPN and firewall configurations. 
  • Monitor and pay special attention to your remote access infrastructure. 
  •  Turn on attack surface reduction rules, including rules that block credential theft and ransomware activity. 

Apart from these, there are a few more published by Microsoft to further help mitigate these attacks.

Winja (VirusTotal Uploader)- The Malware Detector!


Cyber-security is an important concern for everyone working from these days, amid the lock-down due to the current Coronavirus pandemic. There are several security measures one can employ to stay on top of all the cyber-hazards that hackers could be brewing.

Winja is one such free application and passive analysis tool that is designed for Microsoft Windows that helps the user find any potential malware on their system. By way of using the scanning engine of the anti-virus products, the application gives forth very specific details as to which file is hazardous in which way.

Whenever we download something from the internet our first step is to ensure that it’s safe for our device. With Winja, all you have to do is to drag the file in question on the mal window and Voila! The results apparently will show on the desktop.

In case you have a sneaking suspicion about your device being infected, you could scan all services and processes for malware and the application will help you.

Reportedly, Winja initially uses the “VirusTotal” public API to insert the fingerprint of a file. If the fingerprint is present, Winja sends the current analysis report and if it is not then Winja sends the “unknown file” to the VirusTotal servers for scanning. You can also analyze files any time you want to enhance the chances of detection.

As has been recognized by researchers over these years, hackers tend to have their places of choice in their victim’s devices to first sneak in and then hide the malware. With Winja it becomes extremely easy to locate any suspicious files in those places. Per sources, Services, Task Scheduler, Active Processes, Applications beginning with Windows and Actions that require network resources and internet are few to be mentioned.

All you need to do to scan any file that you have a suspicion on is to drag it and drop in onto the main window of the Winja application.

Plus, you can make use of an extension for the Windows Explorer that would aid you to request a scan by means of a right-click on any file of your choice from the file browser.

Per sources, all the subsequent versions after the sixth one are available in French making it a huge hit in the French-versed population. VirusTotal, which is an arm of Google, strongly suggests Winja as a substitute for their Windows desktop application.

This application goes hand in hand with the anti-virus software that you love to use for your devices. It is not a substitute for anti-virus software but it fits with them like a puzzle piece and does not intend to endanger their publicity in any way.

This COVID-19 Website By Google Tells You All You Need To Know About Coronavirus!


The first step anyone took after hearing the first of the Coronavirus was ‘Googling’ it. Google has been a solution, for as long as we can remember, to most of our queries. Yet again it upholds its
reputation.

Amid all the mass confusion and chaos this virus has caused for the human race, every single one of us has wanted a ‘go-to’ for a little clarity between all of this bewilderment related to COVID-19.

Be it asking about the first symptoms, vaccine information or prevention strategies, in the middle of this bewilderment people have continued to look up to search engines for answers.

Google stepped in at the right moment and launched a website that encompasses next to every single bit of information about the Coronavirus.

Per sources, by way of collaborating with the US government, Google was has developed a website fully committed to educating people about COVID-19 including the probable symptoms, ways of prevention, treatment and all the other related information.

Reportedly, in the last week of January, Google had launched an SOS “alert” packed with resources and safety details from the WHO, plus the latest news. The alert, as of now, has spread across many countries in 25 languages. Per sources, people in over 50 countries have access to localized public health guidance from authorities.

The website mostly centers on providing health-related information along with safety and preventive practices, helpful resources, updated data and insights, relief assistance, the most recent of news, the early symptoms of the disease and how it spreads.

The website strongly endorses the “Do the Five” campaign to further wakefulness about basic things people can do to control the spread of COVID-19, per the WHO. According to sources, the website also has a map of the affected areas via the WHO and links to national health authority websites.

The website is loaded with informative videos from the Ministry of Health & Family Welfare, depicting the importance of washing hands regularly, responsible behavior and fighting together.

It is a massively lucrative initiative towards putting all the misunderstandings and confusion of people regarding COVID-19, to rest. The website shall be regularly updated and improved with more details and resources.

The link to the website:
https://www.google.com/covid19/

WhatsApp's Latest Feature will Let Users Verify Forwarded Messages on Google


Owing to the lockdown due to the outbreak of the global pandemic Covid-19, people are once again resorting to their go-to messaging app – WhatsApp to spread misinformation in the name of information. Notably, WhatsApp has continued to be the most favorite platform for the circulation of fake news which also caused a number of untoward incidents in India.

It's mainly because of the rampant forwarding of messages created to promote individuals' or organizations' vested interests. While, public fear, unawareness, and lack of knowledge have a huge role to play in the equation of fake news and the consequences it had on the society, WhatsApp has constantly stood up to the issue and ensured to eliminate the flaws in its software.

The app has a massive reach across the globe with more than 2 billion active users and in an attempt to curb this circulation of misinformation, WhatsApp is reportedly working on a new feature that would allow users to verify the forwarded messages, helping them separate authenticated news from the fake ones.

As per sources, the tool will appear as a magnifying glass icon placed beside the forwarded messages on a user's WhatsApp, when the user will tap on the icon, a pop-up will appear asking him if he would like to search the message on the web, it will enable the user to directly upload the forwarded message on Google and verify the authenticity of the news.

“We are working on new features to help empower users to find out more information about the messages they receive that have been forwarded many times. This featuring is currently in testing, and we look forward to rolling it out in the near future.” WhatsApp told.

In a previous update, WhatsApp introduced a 'forwarded' label at the top of forwarded texts to make identification easier for the users.

The new feature by WhatsApp has already been sent out for testing and will be made available shortly for all the Android users and subsequently for the iOS users.

HP Issues Advisory Informing Users to Expect SSD Failure around October 2020


Computer enterprise company HP (Hewlett Packard Enterprise) warns its customers about a bug that it has recently found in its SSD (Solid State Drives). The company HP has made a new firmware patch to prevent some of its hard drives from crashing after 40,000 hours of consumer use. In a firmware incident last week, HP informed its consumers about a bug in some of its hard drives that will cause them to stop working after 40,000 hours of use, which is around four years and 200 days. SAS SSDs (Serial-Attached SCSI solid-state drives) is the model of the hard drives that are likely to be affected by this firmware bug.


According to HP, the hard disks manufactured during that period will crash around October this year, and these will be among the earliest failures. To solve this issue, HP has released some firmware updates to fix this bug last week. It has asked the companies to update to the latest firmware updates, and if they fail to do so, the companies might risk losing both the SSD and the data. If the SSD crashes, users can't restore their data, says HP in its security advisory.

This firmware bug incident is similar to another hard drive crash incident that happened in November last year. In the latter event, the HPE SAS SSDs crashed after nearly three years and 270 days of use. This time, however, this bug will affect far fewer SSDs than it did last year. According to HP, the company learned about this issue from a different SSD company that uses HP's SSDs, similar to last year. The list of SAS SSD models affected by the bug is available on HP's customer support website.

"This HPD8 firmware is considered a critical fix and is required to address the issue detailed below. HPE strongly recommends the immediate application of this crucial fixture. Neglecting to update to SSD Firmware Version HPD8 will result in drive failure and data loss at 32,768 hours of operation and require restoration of data from the backup in non-fault tolerance, such as RAID 0 and fault tolerance RAID mode if more drives fail than what is supported by the fault tolerance RAID mode logical drive," reads HP's notification.

The Trauma of Securing a Code Signing Certificate - The Government of India needs to Intervene against hegemony of MNCs


A boutique Indian cyber security firm (a proprietorship) just went through a nightmarish experience with an MNC when it sought to secure a Code Signing Certificate (CSC). The MNC simply refused to recognise several valid documents issued by the Government of India.

The Indian firm has a GST registration, a MSME registration and has over the last few years continuously offered protection against cyber security threats to over a dozen blue chip firms in the Banking & Financial Services Sector. Most of the firm’s business is repeat business on an annual subscription model.

The firm wrote a small executable which can dig into viruses on hard disks and wanted a secure a code signing certificate in this connection.

The first code signing vendor said that they can only issue a certificate to a company incorporated with the Ministry of Company Affairs and thus rejected the application. Fortunately, no application fee has been paid and the matter ended there.

A second vendor was approached, an application was filed on a website and a fee of approximately US $ 200 paid. Then the nightmare started. The firm received a verification email seeking to know if it were a private limited company. It said that it was a proprietorship, with a GST and MSME registration, and even offered to show the Purchase Orders (POs) from clients in order to prove its legitimacy. However, the vendor was firm and said that it could only issue a certificate to a Private Limited firm. When a refund was sought, there was no reply.

The vendor then said that GST and MSME registrations were not acceptable and sought alternative verification. This involved securing a landline, a certification from the firm’s CA about its existence as a registered and genuine entity, CA’s certification of physical location at the same place as the landline, Aadhar card photocopy (front and back), and also a selfie with the front and back display of the Aadhar card. Further, the firm’s representative was required to be at the landline location to receive a call which proved to be a complication because of the lockdown. Finally, the CA himself had to go through a verification process.

This whole experience highlights the importance of a intervention by the Government of India in the area of code signing certification and a localisation of the same. Otherwise MNCs will end up controlling the process, with the power to even disregard official registrations issued by the Government of India.

Russian payment systems will switch to using domestic cryptographic information security tools by 2031


Russian payment systems will switch to using domestic cryptographic information security tools by 2031

Existing payment systems in Russia will have to switch to the use of cryptographic information protection tools of domestic production. This was announced by Ivan Kosyakin, chief engineer of the information security Department of the Bank of Russia, during his speech at the scientific and practical conference "Ruscrypto 2020" held in the Moscow region.

Thus, according to him, Russia's sovereignty in the field of information security for the needs of the banking sector will be increased. So, to achieve this goal, functional technical requirements for payment systems with a terminal core, hardware security modules, payment cards were approved in 2019.

In turn, as noted by Elena Mareeva, Deputy Director for scientific and technical development of Practical Security Systems, in January of this year, requirements for cryptographic information protection tools were approved, according to which automatic security modules used in payment systems must comply with the requirements of Federal Executive authorities and the Bank of Russia, as well as the provisions of international standards.

Moreover, on June 25, 2019, it became known that the technical Committee for standardization "Cryptographic information protection" (TC 26), which is managed by the FSB, has prepared draft recommendations on the use of domestic cryptographic algorithms in key protocols used to protect information on the Internet.

One of the documents contains a set of recommendations on the use of Russian cryptographic algorithms "Magma" and "Grasshopper", developed by the FSB.

According to Russian legislation, domestic crypto-algorithms must be used in information security media certified by the FSB and mandatory for use by state agencies in their electronic document management, and from 2024, according to the requirements of the Central Bank of the Russian Federation, they will become mandatory for use in payment systems.

Members of TC 26 claimed that the use of Russian algorithms will improve the security of data transfer. According to Smyshlyaev, director of information security at Crypto-PRO (part of TC 26), the Russian crypto sets of the TLS1.2 protocol, approved in 2018, unlike foreign ones, guarantee control of the amount of data encrypted on one key.

The issue and circulation of cryptocurrencies will be banned in Russia


On March 16, a Representative of the Bank of Russia, Alexey Guznov, announced a possible ban on the issue and organization of cryptocurrency circulation in the territory of the Russian Federation. As noted in the bill on digital financial assets, the issue and circulation of cryptocurrencies in Russia carry an unjustified risk. The bill prohibits the issue and circulation of cryptocurrency in Russia and introduces responsibility for violating the ban.

Mister Guznov noted: "The position of the Bank of Russia remains unchanged. We believe that there are great risks when legalizing the circulation of cryptocurrencies." Risks arise for financial stability and the anti-money laundering system, and consumer protection will also suffer.
The Central Bank objected to legalizing cryptocurrency as a "tool" and an object of circulation, said mister Guznov.

Some experts suggested that cryptocurrency should be treated as a foreign currency and its issuance and circulation should be regulated in the same way.

The authorities replied that they did not intend to ban the ownership of the digital currency. The bill only prohibits the issuance and circulation of cryptocurrencies and introduces liability for violation of this ban.

It is absolutely impossible to ban cryptocurrencies and mining, said Yuri Brisov, a member of the Commission for the Legal Support of the Digital Economy. He is sure that such measures will become an obstacle to the development of the blockchain industry in the Russian Federation.

"The ban on mining and cryptocurrencies will lead to the complete decline of the blockchain industry. For this reason, all developed countries, although they understand the risks associated with money laundering, tax evasion, do not ban cryptocurrencies and mining; to ban today means to limit the potential for economic growth and technological development of their country," said Brisov.

It is important that legal regulation in Russia does not hinder the development of new technologies.
Earlier EhackingNews reported that Russian law enforcement agencies, together with the Ministry of Internal Affairs, to prepare proposals for the arrest of cryptocurrencies by 2021.

Recall that in 2018, President Vladimir Putin said that Russia should "carefully and cautiously" monitor the sphere of cryptocurrencies. At the same time, the position of the Central Bank of Russia was that electronic money can not be a means of payment.

Europol Arrests 2 Dozen Suspects of SIM-Swap Fraud Following Cross-Border Investigations



Following an increase in SIM-jacking over the recent months, Europol announces the arrest of at least more than two dozen suspects of bank accounts by hijacking the phone numbers of some unfortunate users through SIM-swap fraud following months of cross-border investigations. 

Police across Europe have been preparing to disassemble criminal networks that are said to have been responsible for these attacks for a long time now. SIM swaps work since phone numbers are in connection to the phone's SIM card and ‘SIM’ short for subscriber identity module, a special system-on-a-chip card that safely stores the cryptographic secret that distinguishes the user's phone number to the network. 

Most mobile phone shops out there can issue and activate substitution or replacement SIM cards quickly, causing the old SIM to go dead and the new SIM card to assume control via the phone number just as the telephonic identity. 

It had so happened in October in the United States that the FBI cautioned that 'bad guys' were getting around certain kinds of two-factor authentication (2FA).

The easiest, smoothest and thusly the most widely recognized approach to sneak past 2FA is SIM-swap fraud, where an attacker persuades a mobile system to port a target's mobile number or plants malware on a victim's phone, along these lines permitting them to intercept 2FA security codes sent by means of SMS text. 

However whether the hackers are breaking into 'regular old bank accounts' or Bitcoin accounts, the crime is clearly incredibly expensive for the victims who observe helplessly as their accounts drain. Here are some safety measures recommended for the users to consider and forestall such mishappenings-
  1. Watch out for phishing emails or fake websites that crooks use to acquire your usernames and passwords in the first place. 
  2. Avoid obvious answers to account security questions. 
  3. Use an on-access (real-time) anti-virus and keep it up-to-date
  4. Be suspicious if your phone drops back to “emergency calls only” unexpectedly.
  5. Consider switching from SMS-based 2FA codes to codes generated by an authenticator app.

The Worldwide Pandemic Prompts Technology Giant Samsung to Embrace Electronic Voting


There is no denying the fact that the rise of COVID-19 has taken the world by storm yet it’s very astounding that the technology sector also has been affected to a critical degree. Technology giant Samsung Electronics has thus embraced electronic voting in favor of the first run through ever during this year's annual general meeting (AGM) on March 18, asking shareholders to utilize it to help check the spread of the worldwide pandemic coronavirus. 

Samsung's investor relations website on Monday encouraged shareholders to take the opportunity to cast a ballot via the internet up to March 17. This is on the grounds that the company directed a 1-to-50 stock split in 2018, prompting a huge increment in the shareholders numbers. 

Samsung's AGM is said to be held at a convention hall in Suwon, around 30 km (18 miles) south of Seoul, with a capacity of around 3,000 people as per reports by the centre's website Samsung explicitly called for electronic voting by shareholders with manifestations, or who have visited locales with high-risk districts, or who are identified as high-risk, for instance, pregnant women and those aged 65 or above. Reflecting guidance from the "Korea Centers for Disease Control and Prevention Guidance". 

The shareholders' gathering is said to be furnished with thermal cameras and contactless thermometers, and those with fever or cough symptoms might be restricted from entering. 
Those with a fever at the scene will be coordinated to an area away from the main hall, the website informs. 

In what is the second-biggest outbreak in Asia after China, South Korea announced 74 new COVID-19 infections on Monday, bringing the nation's aggregate to 8,236 and hence such precautions are a must.

2 New Android Malwares on The Hunt to Gain Control of User’s Account



As per discoveries of competent security software two new Android malware is on the hunt to 'discreetly' access control of the victim's account so as to send different ill-intentioned content. The two malware together steal cookies collected by the browser as well as applications of famous social networking sites and accordingly making things easier for the thieves to do their job. 

While cookies are frequently perceived as quite harmless since they are characterized as small bits of data collected by websites to smoothly track user activity online with an end goal to create customized settings for them in the future however in a wring hands, they represent a serious security hazard. A grave security risk since, when websites store these cookies, they utilize a unique session ID that recognizes the user later on without having them to enter a password or login again. 

Once possessing a user's ID, swindlers can trick the websites into assuming that they are in fact the person in question and thusly take control of the latter's account. What's more, that is actually what these cookie thieves did, as described by computer security software major Kaspersky, creating Trojans with comparable coding constrained by a similar command and control (C&C) server. 

The primary Trojan obtains root rights on the victim's device, which permits the thieves to transfer Facebook's cookies to their own servers. Be that as it may, in many cases, just having the ID number isn't sufficient to assume control for another's account. A few sites have safety measures set up that forestalls suspicious log-in endeavors as well. 

Here is when the second Trojan comes in. This malignant application can run a proxy server on a victim's device to sidestep the security measures, obtaining access without raising any doubt. From that point onwards, the thieves can act as the 'person in question' and assume control for their social media accounts to circulate undesirable content. While a definitive aim of the cookie thieves remains rather obscure, a page revealed on the same C&C server could provide a clue: the page promotes services for distributing spam on social networks and messengers. 

In simpler words, the thieves might be looking for account access as an approach to dispatch widespread spam and phishing attacks. 

Malware analyst Igor Golovin says "By combining two attacks, the cookie thieves have discovered a way to gain control over their victims` account without arising suspicions. While this is a relatively new threat -- so far, only about 1,000 individuals have been targeted -- that number is growing and will most likely continue to do so, particularly since it`s so hard for websites to detect." 

He adds later "Even though we typically don`t pay attention to cookies when we`re surfing the web, they`re still another means of processing our personal information, and anytime data about us is collected online, we need to pay attention." 

According to Kaspersky experts all hope’s isn’t lost they made certain recommendations which might help a user to save themselves from becoming a victim of cookie theft : - 
  1. Block third-party cookie access on your phone`s web browser and only let your data be saved until you quit the browser
  2. Periodically clear your cookies
  3. Use a reliable security solution that includes a private browsing feature, which prevents websites from collecting information about your activity online.

A Module-Based Malware Spread by Word Document



As a module-based malware, Trickbot a malware family previously captured by FortiGuard Labs and afterward analyzed in 2016. It can broaden its functionalities by downloading new modules from its C&C server and executing them on its victim's device. 

While it was at first recognized as banking Trojan, it has progressively extended out its functionalities to gather credentials from its victims' email accounts, browsers, installed network applications and so on. It is likewise able to send spam to its victim's email contacts, just as deliver other malware to the victim's device, like Emotet. As of late, FortiGuard Labs captured an MS Office Word sample in the wild that is spreading another variation of TrickBot. 

This is how by which it chips away at the victim's machine. At the point when the malevolent Word document is opened with MS Office Word, it requests input, by requesting that the victim click the "Enable Content" button to empower the document's Macro feature. When this is done, its malicious Macro (VBA code) is executed. By going to the Menu "Developer"- > "Visual Basic" we can look at the Macro's VBA modules and code. 

The Macro project is password-protected, so one can't see any of the detailed data until the right password is provided. Luckily, there is an approach to sidestep this protection by changing its binary file. On the form, there is a Label control containing the malignant JS code, sketched out with a red rectangle. One of the VBA modules has an autorun() function which is called consequently when the Word doc opens. The VBA code at that point separates two files onto the victim's framework. 

 One document is "C:\AprilReport\LogsTsg\LogsTsg7\LogsTsg8\List1.bat", with content "cscript/nologo C:\AprilReport\List1.jse", and the other is "C:\AprilReport\List1.jse", with JavaScript code from the label control, which is a tremendously jumbled JavaScript code. At that point, it begins the first extricated file "List1.bat", which calls "script" running the huge JavaScript document "List1.jse". The JavaScript code is heavily muddled. This secures the API function calls and consistent strings from being distinguished. They additionally utilize tons of unknown functions also.

At the point when the code starts, it first waits around for a minute to sidestep any auto-analysis devices by appearing to be dormant. After waiting, it then proceeds with the command "Select * from Win32_Process" to acquire every running procedure. It at that point puts the entirety of the names of these acquired procedures together and verifies whether its length is less than 3100. 

Provided that this is true, it will raise an exception and close. For the most part, on a real computer, this length is bigger than 3100. As of now, it’s better ready to sidestep numerous auto-analysis systems, including Sandboxes and Virtual Machines. 

For the solution for this issue, Fortinet customers are already said to have been shielded from this TrickBot variation by FortiGuard's web filtering, Antivirus, and IPS benefits as follows: The downloading URL is appraised as "Malicious Websites" by the FortiGuard Web Filtering service. The Word doc and downloaded Dll record are distinguished as "VBA/TrickBot.MRVB!tr" and
"W32/TrickBot.EFDC!tr" and further blocked by the FortiGuard AntiVirus administration. 

The IP locations of the C&C server are identified and then blocked by the FortiGuard IPS signature "Trojan.TrickBot".

Google Stops Displaying Security Warnings in Microsoft Edge, No Longer Recommends Switching to Chrome


Google has stopped advising Microsoft Edge users to switch to Chrome for a more secure experience as the browser extensions crafted for Google's Chrome web browser are also suitable for the new Microsoft's new Edge browser based on Chromium.

It appeared like Google stoked the flames of browser wars when it subtly encouraged Edge users to shift to Chrome by displaying warnings of potential security threats. The alert displayed by Google read that it "recommends switching to Chrome to use extensions securely". A developer at Edge revealed that the new Microsoft Edge is designed to effectively safeguard its users from malicious extensions, that said, Edge already had Windows Defender Smart Screen and Unwanted Application protection built-in.

Whenever a user visited the Chrome Web Store via the new Microsoft Edge, Google displayed a message in yellow at the top of the webpage recommending users to switch to Chrome in order to use extensions with added safety. However, seemingly, as soon as Google realized that greeting users with a warning message which clearly implied that Microsoft Edge is less secure of a browser is not making them look good, the tech giant softened and decided to take the alert down. Not only that, Google went a step ahead and replaced the previously displayed warning with a fresh one that tells users that now they can add extensions to Microsoft Edge from the Chrome Web Store.

However, still, officially only a few extensions are supported by Microsoft Edge as the installation of all these extensions for the first will seem to be a bit complex. Users need to enable 'allow extensions' from other stores via the settings page. On attempting to do that, Microsoft warns that it doesn't verify extensions downloaded from third-party stores and cautions that doing the same may cause performance issues in Edge. Then it suggests users get verified extensions from Microsoft Edge add-ons site. As soon as the users allow extensions by clicking on 'Allow', they will be able to add extensions to Edge from Chrome Web Store.

Users can now Use 2 Step Verification on their Chrome and Safari Browser


Google has launched a new feature for ensuring users' security. You will now be able to enroll for 2 Factor Authentication Keys from Web browsers. Google is allowing you to enroll security keys on Android and macOS devices by making it easier to register for keys. "Two-factor authentication, also called multiple-factor or multiple-step verification, is an authentication mechanism to double-check that your identity is legitimate."


When you sign in into your account it asks for a username and password, this is the first verification process. Two-factor authentication adds another security layer after this to confirm your identity. It (2FA) could be a pin, a password, a one time password, a physical device, or biometric. It should be something only you have to know. Two-factor authentication is very important as a password isn't as protective as we believe. Cyber attackers can test billions of password combinations in a second.

Two-factor authentication or two-step verification adds another layer of protection besides a password, and it is hard for cybercriminals to get this second factor and reduces their chance to succeed. Now Google is offering these 2FA authentication keys, and you can register for these on macOS devices using Safari (v. 13.0.4 and up), and Android devices running Android 7.0 “N” and up, using the Google Chrome web browser (version 70 and up). Users can register these independently or with those who have signed up for the Advanced Protection Program. It's available for all users given you're using the mentioned version of the software.

What is Security Keys? 

Security Keys are the most secure form of two-factor authentication (2FA) or two-step verification to protect against various threats like hacking and phishing. Users are provided with physical keys that they can insert into the USB port of their device, when required the user will touch the key. On Android devices, the user will have to tap the key on their NFC ( Near Field Communication) enabled device. Android users can also opt for USB and Bluetooth keys. Apple mobile users will be provided Bluetooth-enabled security keys.

Encryption Flaws Allow Hackers to Steal Vehicles without Leaving a Trace


New vulnerabilities were revealed earlier this week in the encryption frameworks utilized by immobilizers, the radio-enabled gadgets within cars that usually communicate at short range with a 'key fob' to easily unlock the car's ignition and permit it to start as discovered by researchers from KU Leuven in Belgium and the University of Birmingham in the UK. 

Issues were particularly identified in Toyota, Hyundai, and Kia who utilize and further implement a Texas Instruments encryption system called DST80. Aside from these, a couple of other influenced vehicles incorporate Camry, Corolla, and RAV4; Kia Optima, Soul, and Rio; the full rundown of vehicles that the researchers have found to have the cryptographic defects in their immobilizers is below:


In spite of the fact that the list likewise incorporates the Tesla S, the researchers announced the DST80 vulnerability to Tesla a year ago, and the company pushed out a firmware update that blocked the assault. Toyota has affirmed that the cryptographic vulnerabilities the researchers discovered are genuine. 

Be that as it may, their technique likely isn't as simple to pull off as the "relay" attacks that thieves have utilized over and overused to steal luxury cars and SUVs. Those, by and large, require just a couple of radio devices to expand the range of a key fob to open and start a victim's vehicle. One can pull them off from a reasonable distance, even though the walls of a structure. 

The researchers built up their key cloning technique by purchasing an assortment of immobilizers' electronic control units from eBay and reverse engineering the firmware to break down how they communicated with key fobs. They regularly saw it far as too simple to even consider cracking the secret value that Texas Instruments DST80 encryption utilized for authentication. 

Anyway, the issue lies not in DST80 itself however in how the carmakers implemented it: The Toyota fobs' cryptographic key depended on their serial number, for instance, and furthermore openly transmitted that serial number when checked with an RFID reader. What's more, Kia and Hyundai's key fobs utilized 24 bits of randomness instead of the 80 bits that the DST80 offers, making their secret values simple to figure. At the point when the affected carmakers and Texas Instruments were reached out for comments, Kia and Texas Instruments didn't respond. 

Be that as it may, Hyundai noted in a statement that none of its affected models are sold in the US. Toyota reacted in an explanation that “the described vulnerability applies to older models, as current models have a different configuration." 

In any case, the researchers have chosen to distribute their findings to uncover the genuine condition of immobilizer security and permit car owners to choose for themselves if it's sufficient. Protective car owners with hackable immobilizers may choose, like whether or not to utilize a steering wheel lock or not.

Amazon Transcribe Can Automatically Shroud the User's Personal Information from Call Transcripts?


Amazon Transcribe, the AWS-based 'speech-to-text service, recently came up with a significant new feature which, if executed effectively, can spontaneously shroud the user's personal information from call transcripts. 

This new feature permits Transcript to consequently recognize data like a Social Security number, Credit card number, bank account number, name, email address, phone number and mailing address and redact that. The apparatus consequently replaces this data with '[PII]' in the transcript. 

There are, obviously, different apparatuses/tools that can expel PII from existing reports. Regularly these are cantered around data loss prevention tools and intend to shield the information from spilling out of the organization when you share records and documents with outsiders. With the Transcript tool probably a portion of this information will never be accessible for sharing (except if, a copy of the audio is maintained)


One of the most mainstream use cases for Transcript is to make a record of customer calls. By default, that includes exchanging information like the user's name, address or a credit card number. In some cases there are even call centres which stop the recording when the user is about to exchange credit card numbers, for instance, but that’s may not always be the case. 

Transcribe in total, currently supports 31 dialects which of those, it can transcribe six 'in real time' for subtitling and other use cases.

Corona Impacts Amazon; More Than One Million Products Banned


The e-commerce giant has finally started taking steps to secure against the corona epidemic by banning more than one million products and furthermore by removing "tens of thousands" of overrated health products from unethical vendors.

A quest for "coronavirus" on Amazon raised results for face masks, disinfectant wipes and recently published books on viral infections, revealing how a few merchants are taking advantage of the health crisis. It additionally offered results for vitamin C boosters as well - a fake remedy for the virus that has been broadly disseminated on the web.

The World Health Organisation (WHO) expresses its worry about some deceptive Amazon postings prior this month, including counterfeit medications. The organization said fake coronavirus claims online were creating mass turmoil and asked tech giants to battle this spread of misinformation.

Amazon is yet to provide a rundown of those items it says it has expelled, but a BBC search for "coronavirus" on the online site proposes that numerous items are as yet being sold at strangely high prices. A portion of those items is not by any means fit for purpose, like the dispensable dust or surgical masks, as opposed to the recommended protective gear.

In one such example, a 50-piece heap of surgical masks from one seller cost more than £170, while a well-known alternative of a similar item is at a sale for around £36. Indeed, even that less expensive item has still risen drastically in price since early January, when it cost under £10.


Alluding to the act of "hiking up prices of goods" to unreasonably high levels in light of an expansion in demand, a spokesperson said, "There is no place for price gouging on Amazon," She referred to the company policy which permits Amazon to bring down items/products that "hurt customer trust", including when pricing "is significantly higher than recent prices offered on or off Amazon".

And further on added that the company will keep on monitoring the site for price spikes.

Security is Clearview’s top priority?


Clearview AI an American technology company was, as of late breached as hackers figured out how to exploit a security flaw and 'make-off' its whole client list. Despite the fact that there's a lot of reason of concern, the specific nature and source of the breach remain unknown as of now. The company anyway has emphasized over and over that it has already patched the vulnerability and insists its that servers were not accessed. 

The facial recognition software company has made claims, that not exclusively does its clientele incorporates many police stations, but it purportedly services the FBI and DHS and said that they are exclusively working with law enforcement agencies. 

The Daily Beast's Betsy Swan originally investigated the breach. In the wake of assessing the documents from Clearview AI staff they wrote: 

Clearview AI disclosed to its customers that an intruder “gained unauthorized access” to its list of customers, to the number of users accounts those customers had set up, and to the number of searches its customers have conducted. 

The breach, however, isn't the main issue Clearview AI has to deal with currently. It's additionally entangled in a standoff with an alliance of tech titans hell-bent on seeing it shutdown. The contention comes from the company's utilization of "publicly available" images of peoples from the internet to compile its database. 

Supposedly, Clearview has billions of images in its database of simply peoples' faces. It assembles these images by utilizing a "crawler" AI to scour websites like Facebook, Twitter, and Google Image Search for each accessible picture. At that point, it coordinates the faces with whatever data it can discover on the internet and gives law enforcement access in a convenient application. 

Up until now, the company's gotten cease and desist letters from Microsoft, Google, Venmo, and Twitter. While it's very vague precisely what legitimate response Clearview has now, it seems like it might be going towards a court confrontation like HiQ v. LinkedIn.

Making Self-driven Vehicles a Reality!


To make self-driving vehicles a reality and to bring them on roads, they need to be able to safely and flawlessly navigate traffic without collisions or jams. Northwestern University researchers have made this possible by developing the first decentralized algorithm with a collision-free guarantee.

The algorithm was tested in a simulation of 1,024 robots and in a throng of 100 real robots by the researchers in the laboratory. The robots carefully and efficiently followed to form a command shape.

 “If you have many autonomous vehicles on the road, you don’t want them to collide with one another or get stuck in a deadlock,” said Northwestern’s Michael Rubenstein, who led the study. 

“By understanding how to control our swarm robots to form shapes, we can understand how to control fleets of autonomous vehicles as they interact with each other.” Rubenstein, the professor who led the study is the Lisa Wissner-Slivka and Benjamin Slivka Professor in Computer Science and Mechanical Engineering in Northwestern’s McCormick School of Engineering and a member of Northwestern’s Center for Robotics and Biosystems. The paper will be published in the journal IEEE Transactions on Robotics later this month.

Rubenstein algorithm is decentralized and not centralized which makes it foolproof and safer. “If the system is centralized and a robot stops working, then the entire system fails,” Rubenstein said. “In a decentralized system, there is no leader telling all the other robots what to do. Each robot makes its own decisions. If one robot fails in a swarm, the swarm can still accomplish the task.”

But still, to move effortlessly, the robots need to communicate with each other so as not to collide and for this, the algorithm divides the ground below in grids and by using a GPS type technology the robot knows where to go - where the grid is empty and no other robot is moving to that spot.

 “The robots refuse to move to a spot until that spot is free and until they know that no other robots are moving to that same spot,” Rubenstein said. “They are careful and reserve a space ahead of time.”  
These robots interact locally to make decisions and hence do not need a central command body. This system according to Rubenstein can be very effective in driver-less cars as well as in warehouses with many robots working at the same time.

OCA Launches First Open Source Language to Connect Security Tools


On Monday, The availability of OpenDXL Ontology - the first open-source language for connecting cybersecurity tools via a common messaging framework has been announced by the Open Cybersecurity Alliance (OCA). The OCA comprises of like-minded individuals, cybersecurity vendors, thought leaders, end-users from across the globe with the mission of finding solutions to the problem of interoperability via tooling, coding and employing procedures and technology they all agree upon. The Project has IBM Security and McAfee as its initial contributors.

As the open-source code is made freely accessible in the cybersecurity ecosystem, OpenDXL Ontology allows any tool to acquire the ability to interoperate and communicate with various other technologies on its own by employing this language. Once this language is released, the need for custom integrations between individual products will be effectively eliminated, reducing the number of engineering resources spent on integration. These saved resources can be efficiently redeployed for other parts amounting to higher value functionality.

OpenDXL, also known as The Open Data Exchange Layer is an adaptive messaging system utilized by more than 4,100 vendors and enterprises to communicate and share intelligence to make accurate and informed security decisions. Any level of integration has to face a common challenge of accuracy and timeliness; when a product is refreshed, it requires all its integrations to be refreshed too. Now, the number of integrations a product will have depends upon the size of the product. More and more integrations given away for free of cost or a very low cost in the open-source space leads to a lot of dead code and hence creates a complex scenario.

In regard of that, the OCA claims that the release of the OpenDXL Ontology now provides, “ a single, common language for these notifications, information, and actions across security products that any vendor can adopt in order to communicate in a standard way with all other tools under this umbrella. This provides companies with a set of tooling that can be applied once and automatically reused everywhere across all product categories, while also eliminating the need to update integrations as product versions and functionalities change.”

While putting the whole idea into perspective, Brian Rexroad, Vice President of Security Platforms at AT&T, told “With the adoption of public cloud and explosion of connected devices, the ability for enterprises to quickly respond to threats across ever-changing technologies, and even beyond perimeters, is critical,"

“OCA is driving an industrial shift in interoperability with the OpenDXL Ontology to support security at scale.” he further added.