Search This Blog

Showing posts with label Technology. Show all posts

An Ex-Operating System Hit by an Exploit Found In Audio Files



A crypto-mining exploit attack, has as of late been discovered in Windows 7 , the ex-operating system which ceased to exist only a couple of days back as per the official announcement by Microsoft, hidden away in sound WAV records.

Ophir Harpaz and Daniel Goldberg, two security analysts at Guardicore Labs, have uncovered how a medium-sized medical tech sector business was attacked by cryptominers utilizing WAV audio files to muddle the malware.

While trying to exploit the EternalBlue vulnerability the attackers focused on the organization's system, running Windows 7 machines in December 2019. The EternalBlue exploit has been around for quite a few years now and was even behind the scandalous WannaCry attacks that hit the U.K. National Health Service (NHS) in 2017.

The Guardicore research journey started in October 2019, when a number of blue screens of death began coming up on Windows machines in the target network. Further investigations unveiled that over half of the system, some 800 endpoints, were getting to suspicious data in a registry key.

And soon enough the Guardicore researchers found a Monero crypto-mining module, utilizing steganography to hide within the audio WAV files.

Daniel Goldberg, a senior cybersecurity researcher at Guardicore Labs and one of the report authors, when asked to comment on the risk-level for those still running Windows 7 replied that, "The risks are crazy high to organizations facing this WAV-based attack if they are running a Windows 7 system after EoL. Before the quarter is over, there will be other vulnerabilities discovered in Windows 7 too that will not be fixed by Microsoft and will also be easy to exploit."

Further going on to describe the WAV-based attack threat to Windows 7 as being "like a hot knife through butter." 

Apart from updating to Windows 7 , whether there exists any other way for those who will not or cannot make a move away from Windows 7, Goldberg points out, "Segment machines you can't support away from the internet and the rest of your network, your old windows 7 machine running this critical but obsolete application should not be accessible from the internet, or most of the machines in your networks."

Additionally arguing that the best offense is a good defense, Terry Ray, senior vice-president and fellow at Imperva, a cyber-security software and services company, says, "Businesses must be responsible, and act in favor of their customers, who trust them with their information, by updating their systems, if not, they will face severe consequences which will come at a huge cost to the customer, and the future of the business. Simply put, don’t fall victim and instead, upgrade to up to date systems which generate regular security updates and have the right systems in place to deter attacks."

Facebook Code Update Gone Wrong Exposes Anonymous Admins



Recently Facebook encountered quite a bug crisis, as a bad code update going live on the night of 10th January apparently prompted the exposure of the mysterious anonymous of admins and many known personalities for a few hours.

All it took to exploit' the bug was opening a target page and checking specifically the edit history of a post and Facebook erroneously showed the account or accounts that made those edits to each post, as opposed to simply displaying the edits themselves.

In spite of the fact that Facebook immediately pushed a fix for this flaw, yet it wasn't quick than the word that had already got around on message boards like 4chan, where users posted screen captures that 'doxed' the accounts behind prominent and rather well-known pages.

Saying that it was the aftereffect of a code update, the social media giant, exposed the accounts behind the official Facebook Pages of the 'pseudonymous' artist Banksy, Russian President Vladimir Putin, former US secretary of state Hillary Clinton, Canadian Prime Minister Justin Trudeau alongside the Climate activist Greta Thunberg, and rapper Snoop Dogg, among others.

No data past a name and public profile link was accessible; however, for those admins running anti-regime pages under 'a repressive government', even this much public exposure is also extremely alarming.

After a series of privacy and security indiscretions, Facebook has concentrated explicitly on building out its protections and has additionally been relentlessly growing its bug bounty, which has encouraged researchers, just like the person who discovered the edit history bug, to submit security flaw for potential rewards in the future.

As ambitious upgrades like these require some serious effort and time and no absolutely no amount of added security can change the major risks that go with amassing the information of 2.5 billion individuals.

Lukasz Olejnik, an independent privacy adviser and research associate at Oxford University's Center for Technology and Global Affairs says, "For sensitive pages, I would not rule out that some people may be feeling that they are in danger due to what happened today, using fake accounts to run pages would have been a good idea. Some could see it as a paranoid way of hiding, but it's not."

Further adding, "People who run sensitive Pages from their own Facebook should now consider that their identity may be known, while mistakes happen, this one is unexpected."


SNAKE Ransomware Targets Entire Corporate Systems?


The new Snake Ransomware family sets out to target the organizations’' corporate networks in all their entirety, written in Golang and containing a significant level of obfuscation, the observations and disclosure for the attacks were made by a group of security specialists from the MalwareHunterTeam.

The Ransomware upon successful infection subsequently erases the machine's Shadow Volume Copies before ending different processes related to SCADA frameworks, network management solutions, virtual machines, and various other tools.

After that, it continues to encrypt the machine's files while skirting significant Windows folders and system files. As a feature of this procedure, it affixes "EKANS" as a file marker alongside a five-character string to the file extension of each file it encrypts. The threat wraps up its encryption routine by dropping a ransom note entitled "Fix-Your-Files.txt" in the C:\Users\Public\Desktop folder, which instructs victims to contact "bapcocrypt@ctemplar.com" so as to purchase a decryption tool.

The ransom note of SNAKE ransomware (Source: Bleeping Computer)

“It is clearly evident from the language in the ransom note, that this Ransomware specifically targets the entire network rather than individual workstations. Further indicating that any decryptor that is purchased will be for the network and not individual machines, but it is too soon to tell if they would make an exception.”
 - This is what Bleeping Computer said in a blog post on SNAKE. 

Nonetheless, the rise of SNAKE Ransomware highlights the critical requirement for organizations to defend themselves against a Ransomware infection.

While making effective use of the suggestions to forestall a Ransomware infection in the first place, they ought to likewise consider 'investing' into a solution like Tripwire File Analyzer for the purpose of distinguishing suspicious documents and conduct on the network.

Samsung announces a new product Ballie - a robot companion

Samsung has launched a new product at CES 2020, named Ballie a tennis ball-like robot that rolls around following the owner. The bot Ballie has a built-in camera to follow it's the owner and capture special moments, Samsung South Korean tech giant announced the product at CES tech show in Las Vegas.

"I love this guy," said president and chief executive H S Kim as Ballie whizzed around the stage chasing him. 
He said the product is a combination of 5g and Artificial Intelligence, both areas in which Samsung plans to focus on in 2020.

Ballie is being received with both positive and negative views. One analyst said that it seems fun but might struggle with stairs. It has roared on the internet and is already being compared with robot companions from several movies - including BB-8 from the latest Star Wars trilogy films.

Along with being a perfect robot companion, Ballie overshadows it's owner, acts as a fitness assistant and can help in household chores like switching on smart devices at home. 
"It's fun - it reminded me of a cross between a Sphero toy and R2-D2 with the sounds it was making," said Simon Bryant at market research firm Futuresource.
He also mentions that it's strange that Samsung introduces Ballie with its own voice recognition ability without any mention of the company's virtual assistant Bixby.

Paul Gagnon, an analyst at IHS Markit comments, "I can see a lot of people who will be hesitant with security and privacy concerns". Though, Samsung assures that Ballie would strictly follow privacy and data protection standards. 

Samsung has not yet revealed when Ballie will be available in the market to buy or how much it will cost. 
When asked by the BBC why a product like this now, Samsung spokesman Benjamin Braun said, "There are two technologies that are helping this come to life. One is artificial intelligence and the other one is 5G. Those very much focus areas for Samsung in 2020."
Though, Mr. Bryant said he was unimpressed by these ideas, "I thought it just smacked as a desperate attempt to move on from mobile," he said. 

The Russian Embassy in Sweden responded to the Swedish Minister's statement about "Russian trolls"


The Russian Embassy in Sweden reacted to an interview with Swedish Minister of Energy and Information Technology Anders Igeman to the TT Agency, in which he said that "Russian trolls" who are opponents of 5G technology attacked his Facebook.

Russia is open for cooperation with Sweden, especially with those of its representatives who are not looking for "Russian trolls". The embassy of the Russian Federation in Sweden wrote about this on Tuesday on its Facebook page.

"We would like to assure the Minister of the fallacy of his opinion that the development of 5G technology in our country is associated with a negative impact on public health. On the contrary, we are open to cooperation with Swedish partners in this area, especially with those who do not suffer, as Anders Igeman, from paranoia in search of "Russian trolls"," said the Embassy.

Anders Igeman said on Monday that an information attack was committed on one of his posts on Facebook organized by opponents of the development of the country's fifth generation of mobile communication 5G. Almost 2 thousand comments were left to this message instead of several hundred. As the Minister himself noted, the content of most of the comments suggests that someone is interested in creating a negative information background around the topic of the development of a new generation of communication. Igeman believes that the "Russian trolls" did this.

"We are especially pleased that Anders Igeman connects the increased interest in his publication about 5G with our country. Judging by the scope of the reaction, almost all Russians who speak Swedish responded to the recent post of Minister!", wrote the representatives of the diplomatic mission.

The Embassy promised to subscribe to the updates of the Swedish Minister and to closely monitor his activity in social networks.

At the same time, representatives of the Embassy expressed hope that Sweden will consider Russia not a threat, but a potential partner.

The Internet isolation law will save the Russian Federation from isolation from the World Wide Web


In 2019, Russia took a number of measures to ensure the security of the information sphere, which in recent years has become the main means of foreign intelligence services to spread lies. First Deputy Chairman of the Federation Council Committee on Foreign Affairs Vladimir Dzhabarov noted that Russia should ensure security in the cyber environment to exclude any possibility of using the global Network against the interests of the state.

"Now it is important not just to control, but to understand and prevent any attacks against the government. The upcoming year will be aimed at ensuring security in the field of IT technologies not only in Russia but also around the world," said the Senator.

He explained his point of view on the example of the law on the isolation of the Runet which came into force on November 1, 2019.

Dzhabarov stressed that the document was adopted not to isolate Russia from the World Wide Web, but to protect the Runet from external threats and various technological disasters that could endanger the reliable functioning of Russian life support systems. In other words, to ensure the independence of the Internet in the country.

“If we feel that we are being blocked, we will take retaliatory measures. We have many rivals. First, of course, the NATO countries, because everything depends on security,” the politician concluded.
In addition, there was a bill introduced by members of the Federation Council to the State Duma. The document proposes to block users of e-mail services and messengers that distribute information prohibited by Russian law. Such activities pose a direct threat to society and the state. Vivid examples are social networks such as Facebook and Twitter, which are the main sources of misinformation. The draft law is currently under consideration.

Earlier, the head of the National Values Protection Fund Alexander Malkevich said that Russia needs a cybersecurity strategy, and announced a forecast for the development of this sphere for 2020. He noted that the state has made a big step forward in countering cyber attacks, but there is still much to do. In his opinion, all the relevant structures should unite to repel any attacks on the cyber borders of the Russian Federation.

India Invites Huawei and ZTE to Participate in 5G Trials


The demands for bringing fifth-generation (5G) technology of mobile networks in India are on a rise and the government is looking forth to begin the 5G trials, The Department of Telecommunications (DoT) has invited all applicants to show use-cases of 5G network in India, including Chinese telecom company Huawei Technologies Co. Ltd and ZTE. On Monday, telecom minister Ravi Shankar Prasad was specifically asked about Huawei, wherein he told that at this stage, all stakeholders are invited.

“5G trials will be done with all vendors and operators,” telecom minister Ravi Shankar Prasad told media. “We have taken an in-principle decision to give 5G spectrum for trials.”

Amid all the ongoing economic and diplomatic tensions between the US and China, the invitation for the 5G trial comes as the very first official stance taken by India on the matter. It also offered Huawei some breathing space after the global scrutiny it has been subjected to regarding network security concerns. The claims made by the US put into perspective the probable exploitation of the equipment, that China can do to spy onto other nations; meanwhile, to its defense, Huwaei constantly denied the allegations.

The US has also alerted the Indian government about the potential risks that will come along with these Chinese companies being allowed to deploy next-generation technology in India, Morgan Ortagus, the US state department’s spokesperson while acknowledging the important role 5G networks will be playing in the upcoming era, also told how high are the stakes of letting companies under the command of authoritarian regimes deploy technology in other nations. “All countries should adopt national security policies in order to prevent untrusted companies from misusing any part of their future 5G network plans,” Ortagus further added.

As India is yet to finalize the framework and devise a clear plan for 5G technology, Prasad said in the Rajya Sabha that, “The government is creating an enabling framework for the deployment of affordable and secure 5G services in India.”

Referencing from the statements given by Vimal Wakhlu, a former chairman of Telecommunications Consultants India Ltd., “Whether it is Huawei or Ericsson or any other company, India needs to build a system, which can detect any malware and not depend on the brand of a company or a country."

“Any country is capable of snooping on us. The reason some people have been advocating a ban on Huawei is that if it is barred, the market for equipment becomes slightly less competitive and hence it can be sold at higher prices."

Microsoft Enters 2020 with Two New Products


Microsoft plans to come up with two products with the advent of the New Year, Windows 10X-powered Surface Neo and Android-powered Surface Duo and this could be an indication of 2020 being the year of foldable and dual-screen devices from smartphone and PC creators.

Microsoft's new operating system, Windows 10 X, is set to power the main rush a.k.a the first wave of foldable and dual-screen equipment scheduled for holiday 2020 and Surface Neo is said to have been the primary equipment to be dispatched with Windows 10 X, however, the Redmond giant is additionally preparing the OS for dual-screen PCs from accomplices.

Windows 10 X is additionally expected to power the dual-screen PCs created by Microsoft OEM accomplices like HP, Dell, and Lenovo. A leak as of late affirmed that Windows 10 X will be coming to workstations and other customary PC form factors in the future, however apparently the operating system is as yet 'immature'.


Anyway because of the moderate-paced advancement of the operating system and inadequate adaptable panel supply as per another report, Intel probably won't promote foldable notebooks in the future.

Despite the fact that Intel's dual-screen model highlights a 17-inch display and it would run Windows 10 X, the company will postpone the unveiling which was initially planned for CES 2020 because of issues with “immature OS support”.

The report refers to 'upstream supply chain' as the source of the talk likewise including that Intel won't promote foldable notebooks until mid-2020.

Windows 10 X was announced at the October 2019 occasion and Microsoft has ever since protected it under much 'secrecy' and still hasn't uncovered when it intends to launch Windows 10 X, yet the operating system is reputed to finalize at some point in 2020, a couple of months or weeks before the launch of Surface Neo and other much-awaited foldable devices.

Dating App Accused of Leaking Users’ Private Information from Their Profiles


Security Researcher discovered a leak within the dating app Plenty of Fish of the data that users had specially set as "private" on their profiles. The leaked information was not straight away obvious to the app users, and the information was scrambled to make it hard to peruse.

In any case, utilizing freely accessible tools intended to dissect network traffic, the researcher discovered that it was possible to uncover the data about the users as their profiles showed up on his phone.

As indicated by The App Analyst, a 'mobile expert' who expounds on his examinations of mainstream applications on his eponymous blog, POF was in every case quietly restoring the users' first names and postal ZIP codes which was the primary indication that something was truly amiss with the application.

In one case, the App Analyst even discovered enough data to identify where a specific user lived.

As of late, law enforcement also has on multiple occasions issued admonitions about the dangers a few people face on dating applications, similar to Plenty of Fish, which has approx. more than 150 million registered users, as indicated by its parent company IAC. Reports propose sex attacks involving these dating applications have ascended dramatically in the previous five years.

Furthermore, those in the LGBTQ+ community on these applications additionally face safety dangers from both people as well as the government, prompting applications like Tinder to proactively caution their LGBTQ+ users when they visit locales and states with prohibitive and harsh laws against same-sex accomplices.

Prior this year, the App Analyst found various outsider third-party tools that were permitting application developers to record the device’s screen while users engaged in with their applications resulting in a crackdown by Apple.

Even though spokespersons for 'Plenty of Fish' refused to comment regarding the matter immediately, a fix is said to have turned out recently for the data leakage bug.

Amazon, Rings Sued by a Man Claiming that the Camera was Hacked and used to Harass his Kids


A class-action lawsuit has been filed against Amazon-owned Rings by Alabama resident John Orange. The company has been accused mainly of negligence and invasion of privacy amid other side claims namely breach of an implied warranty, breach of implied contract and violation of California’s Unfair Competition Law against false advertising as it failed to provide enough protection against hacks.

Orange claimed that his internet-connected Ring camera which he bought in July 2019 was hacked and used to harass his three children aged seven, nine and ten, as per the lawsuit. Reportedly, the hacker spoke to the kids as they were playing basketball.

The argument for a class-action was supported by seven other similar incidents reported by media wherein these devices were hacked as the two-way talk function was used by hackers to talk to unsuspecting children.

A mother shared one such disturbing incident which made rounds on social media, it took place in Mississippi wherein the hacker attempted to engage with her eight-year-old daughter. While, another one which took place in Texas, witnessed a couple being threatened to pay a ransom of $350,000 in bitcoin.

According to the lawsuit, "An unknown person engaged with Mr. Orange’s children commenting on their basketball play and encouraging them to get closer to the camera."

“Although Ring is in the business of home security and was certainly aware that its Wi-Fi-enabled product, was vulnerable to attack, it took no steps to ‘require camera owners to use two-factor authentication, which could help prevent these types of attacks…,’” the lawsuit stated.

“Moreover, it knew, or should have known, in an era of pervasive data breaches, that logging in with user emails instead of unique account names, and not requiring at least 2FA [two-factor authentication], put its Wi-Fi-enabled product at an unreasonable risk of being compromised.”

“Unfortunately, Ring did not fulfill its core promise of providing privacy and security for its customers as its camera systems are fatally flawed,” the lawsuit further claimed.

On being asked by Gizmodo, a spokesman from Ring declined to comment as he told that the company "does not comment on legal matters."

If the matter qualifies for gaining the status of class action, Amazon and Ring would be asked to provide compensation for the affected parties and implement better security measures.

Google Releases Chrome 79, Warns Users of Data Breach


Tech giant Google has issued warning of data leak for Indian and global users, after fixing Chrome 79 bug and re-issuing it later this week. Users were being sent notifications by the company via affected websites– through the means of pop-up alerts that started to appear on desktops, mobile phone screens and laptop screens; it forced users into reading the text which said that their passwords may have been exposed and hence they should change it immediately – "Change your password. A data breach on a site or app exposed your password. Chrome recommends changing your password for the site," the warning pop-up read.

As per sources, a bug affected data in select Android applications and Google had put on hold the release of Chrome 79. It was finally this week, Google's Chrome Releases blog confirmed the rollout of Chrome 79 for desktop and mobile platforms; Chrome 79 (79.0.3945.93) for Android comes with a fix for the WebView flaw and an assurance of improved defense against issues revolving around password protection of users.

According to the reports by media, the fix, "Resolves an issue in WebView where some users' app data was not visible within those apps. The app data was not lost and will be made visible in apps with this update."

WebView is a feature which is employed by various third-party applications to open a webpage, it ensures rendering of webpages within applications. However, here, Google Chrome is solely responsible for loading the content. PhoneGap and Twitter Lite are two apps that employ WebView functionality, as per AndroidPolice.

There have been various instances recorded in regard of the matter, nationally and globally, one such incident had a user trying to log into an e-commerce platform named 'Freshtohome' to shop fresh and chemical-free seafood as he received a pop-up warning him about the issue and advising to change his password.

In a similar manner, when one of India's media houses attempted to log into their portal, were faced with disruption and warnings began to pop-up onto the screen advising them the same.

In a public statement issued on Google threads, a Chromium engineer explains, "We are currently discussing the correct strategy for resolving this issue which will be one of: a) continue the migration, moving the missed files into their new locations. b) revert the change by moving migrated files to their old locations. We will let you know which of these two options have been chosen soon."

Rambler claimed the rights to the Nginx web server


Rambler Group claimed a violation of its exclusive copyright on the Nginx web server, which was developed by a former employee of the company Igor Sysoev.

Nginx is one of the most successful IT companies created by Russian programmers. Its main product is software, which is necessary for the operation of sites on the Internet. Now about 33% of all sites in the world are running on the Nginx server. For example, it is used by corporations such as Netflix, Dropbox, Yandex and, by the way, Rambler itself.

Igor Sysoev created the Nginx web server in 2002, while still working at Rambler. Initially, the software was distributed free of charge under an open source license. In 2011, Sysoev quit his job and, together with his partner Maxim Konovalov, founded the company Nginx Inc.
In the spring of 2019, the American company F5 Networks bought Nginx for $670 million.

On December 12, the conflict began between Rambler Group and Nginx. Rambler Group has claimed its development rights: the Internet holding company believes that Nginx is an official work of its former employee and using the program without the consent of Rambler Group violates exclusive rights.

Law enforcement agencies got involved in the case: a criminal case was opened, searches were conducted at the Nginx office in Moscow, at Sysoyev and another Nginx co-founder houses.
Igor Sysoev in 2012 in an interview with the Hacker magazine stressed that he worked on Nginx in his spare time. He added that according to Russian law, the company owns what has been done as part of labor duties or under a separate contract.

Yandex called the conflict between Rambler and Nginx a bad signal for the community of programmers.

"We are absolutely convinced that all technology companies should support and develop open source", said Grigory Bakunov, Yandex’s technology distribution director.
Mail.ru Group also advocated the development of an open source culture and support for people who invest time and effort in this area.

The Ministry of Communications of Russia has developed a new service for the sale of cars


According to Deputy head of the Ministry of Communications Maxim Parshin, the Ministry of Communications and the Ministry of Internal Affairs are preparing a new free service that will allow users of the public services portal to form an electronic contract for the sale of cars.

It is assumed that with the help of the new service, a potential car buyer will be able to find out the history of the car and then form an electronic sales contract, which can be verified with a simple electronic signature. Moreover, the new service will avoid errors that often occur when filling out paper contracts.

According to Parshin, "on the basis of the contract, drafts of applications for registration of the vehicle by the new owner and for termination of registration by the previous one are automatically formed". Information about the contract will be displayed in the personal account on the portal of public services.

"The electronic contract will make registration of car sale and purchase transactions faster and safer", explained the Deputy head of Department. According to the data, at the first stage, the new service will be available only to individuals, and its approximate launch date is attributed to 2020.

Electronic contracts will replace paper contracts, notarization of which is optional. According to the newspaper, traffic police officers are regularly faced with incorrectly filled(for example, errors in passport data) and fake (for example, the owner of the car did not give consent to the sale) agreements. Therefore, after numerous appeals from citizens, the State Traffic Inspectorate proposed to the Ministry of Communications to develop a new electronic service. After the entry into force of the government decree, which allows performing on the portal of public services "legally significant actions, including transactions, by creating electronic documents", the project became possible.

The electronic format of the purchase and sale registration process is “convenient and timely, but in 2020, the service is unlikely to work,” said CarPrice CEO Denis Dolmatov.

"It is unclear how the system will be protected from hacking and fake registrations by hackers. In my opinion, the launch next year will be incomplete, improvements will be needed, the launch will be rescheduled", said Dolmatov.

Indian Govt Bans Foreign Firms from Conducting IT Security Audits


The Indian Government directs the ministries and departments responsible of India's basic infrastructure to abstain from employing foreign firms to conduct IT security audits of its frameworks and systems; this was brought to light following the cyber-attack on Kudankulam Nuclear Power Plant.

From now onwards Indian firms empanelled for inspecting will require a clearance from domestic spy agency, Intelligence Bureau (IB) to preclude any foreign link. Security reviews in every one of the ministries and critical sectors are done to guarantee that nation's information infrastructure isn't vulnerable against attacks by hackers and that every one of the systems have a protected government firewall.

As per the reports looked into by Firstpost, Computer Emergency Response Team (CERT-IN) — under the domain of the Ministry of Electronics and Information Technology — has arranged a rundown of evaluating firms in consultation with the IB.

It has been additionally observed that certain critical segments are confronting dangers from numerous sources and increasing attacks on the frameworks are organised and targeted with the assistance of criminals and state actors to thusly receive monstrous rewards out of 'information compromise or espionage'.

The cyber criminals may indulge in fraud, conduct espionage to steal state and military mysteries and disturb critical infrastructures by misusing the vulnerabilities in any framework.

The administration archives state that, “The public sector, although increasingly relying on information technology, has not fully awakened to the challenges of security. Economic stability depends on uninterrupted operations of banking, finance, critical infrastructure such as power generation and distribution, transport systems of rail, road, air, and sea which are critically reliant on information technology.

Even though the focus has been on improving systems and providing e-governance services by various institutions, the IT networks and business processes have not placed the desired emphasis on information security," Aside from this there are a couple of different directives which have been issued for critical areas for protective observing of sensitive data and risk radiating from terrorist groups or enemy state.

Workers taking care of sensitive servers will be required to unveil the phone they are carrying, its serial number, model number alongside subtleties like security abilities and vulnerabilities and the critical segments will claim all authority to control official information on the said employee's mobile, including the privilege to back up, retrieve, modify, decide access or erase the organization's information without an early notice.

Likewise, people or specialists employed for security reviews of government frameworks will have to sign a non-disclosure agreement to anticipate spillage of sensitive information.

Upbit suffers $52M loss in a Cryptocurrency Heist


One of the globe's largest cryptocurrency transactions is being forced to cease account debits and credits when it was hit by a huge online theft worth $52M. UpBit, a South Korean cryptocurrency market, announced the provisional stay declaration on Wednesday accompanied by a letter from CEO Lee Seok-woo, Dunamu. "The heist took place on Wednesday in the afternoon. Around $50 million in Ethereum currency were sent from an UpBit account via an anonymous beneficiary," says Lee Seok-woo.


The victims of the robbery will have their damages satisfied by the firm, which has sent additional crypto-currencies into the firm's cool account for advanced safety. “It is expected that our company will take around 2 weeks more until the transaction gets active again. As soon as it is done, we'll inform the public,” stated Lee. UpBit’s toils are the newest in a lengthy series of victorious cyberattacks attacking cryptocurrencies markets in recent times. Other victims involve United States company Coinbase, which faced charges whopping $1million, Bitpoint, of Japan, that suffered $32million, Singapore firm Bitrue, that was stripped of $4.5million and Binance, whose headquarters are in Malta.

"The newest heist is a serious lesson to account holders concerning the value of working only on safe and secure exchanging forums," argues Peter Wood, CEO CoinBurp, a cryptocurrency exchange. He further continues, "it is especially critical in the case of cryptocurrency because it can't be traced virtually and, no regulatory authority is present to look over this problem." “But, possible account holders are ensured that they shouldn't be concerned as attacks like these have happened before. However, the individuals must examine the safety contracts and measures carefully while working on any cryptocurrency exchanging program,” says Lee Seok-woo.

At the beginning of this year, the United Nations accused North Korea of utilizing its increasing hacking abilities to attack crypto markets in an attempt to fulfill the country's treasures. North Korea is accused of storing $2 Billion from the cryptocurrency hacks. Upbit was originally started as a business among Bittrex and Dunamu, a South Korean app maker, that supports messenger colossal Kakao. Other cryptocurrency exchanges have warned their users about the heist.

One of Today's Most Popular E-Commerce Platforms Hit By A Major Security Breach


Recently Magento Marketplace, a portal for purchasing, selling, and downloading plug-ins and themes for Magento-based online stores was hit by a major security breach revealed by Adobe, as Adobe acquired Magento for $1.68 billion in May 2018.

The impacted users incorporate both the regular ones who purchased themes and plugins as well as the theme developers who were utilizing the portal to sell their code and make money.

In an email sent to users, the company said it was the vulnerability in the Magento Marketplace website that permitted "an unauthorized third-party" to access the account data for the registered users. The vulnerability enabled access to user information, like name, email, store username (MageID), billing and shopping addresses, phone number, and limited commercial information like percentages for payments Adobe made to theme/plugin developers.

However, fortunately, any account's passwords or financial information were not exposed, according to Adobe.

Jason Woosley, Vice President of Commerce Product and Platform, Experience Business, at Adobe, says “We have notified impacted Magento Marketplace account holders directly and already took down the Magento as soon as we learned of the hack in order to address the vulnerability.”

The store is currently back online.

The Adobe VP although didn't share the exact number of affected accounts. A Magento representative when approached didn't comment past the company's official blog post.

Nonetheless Adobe executive said the hack didn't bring about any outages or disturbances to the company's core Magento products and services, and, at the hour of writing, there is no reason to accept that the hacker compromised Magento's core backend or plugins and themes facilitated on the 'marketplace'.

Same Phishing Risks Faced By Start-Ups and Big Corporations



Reports of a near-perfect phishing attempt have surfaced after a large number of remote employees with health and work environment benefits through human resources giant TriNet received such emails.

The emails were shared with TechCrunch, an American online publisher, in order to 'verify their authenticity' and when two independent security researchers were approached to offer their evaluations, both were of the view that it was a phishing email indeed contrived to steal usernames and passwords.

Furthermore, even a $3.7 billion corporation like TriNet, let alone the other big giants are not doing what's needed to counteract such phishing attack on the grounds that had they proactively utilized basic email security techniques, it would have been significantly simpler to identify that the email was not in actuality a phish, but an authentic company email.

Anyway, the issue isn't even a new one for TriNet or for that matter any other big company.

For instance just the previous year, security firm Agari discovered that only 14% of all Fortune 500 companies were utilizing DMARC, a domain security feature that prevents 'email spoofing' and effectively implements it and the new data provided by Agari to TechCrunch shows that figure has risen to just a single percentage point in the last year, bringing it to a small 15%.

Nonetheless, it’s safe to assume that both phishing and impersonation are 'fundamentally' human issues with the intent to attempt to fool clueless victims into turning over their usernames, email addresses and passwords to hackers who at that point login and steal data or money. On that account, it is recommended for the users to always be vigilant when they are at the receiving end of such emails.

Huawei to Reward Hackers for Discovering Any ‘Secret Backdoors’ In Its Smartphone Technology


With the hopes of outdoing Google, Huawei announced in a "big bounty launch" to reward hackers for exhibiting a "critical" weakness in one of its Android devices.

Revealing the program at a private event for a few of the world's top Android hackers at Munich, Germany, a week ago, so much so that it even gave an example as to how the hackers could bag the first prize, as they would need to get remote access to the device without the target 'having to click anything'.

A high-severity hack would even see that the hacker could assume control over a phone when they had direct access to it.

The company is said to have been following Apple's lead in keeping the 'bug bounty invite-only'. As revealed on Twitter by Forbes 30 Under 30 alum Maria Markstedter, who was one of the invited guests, the researchers who were welcomed would likewise be offered tokens to invite other altruistic hackers too.

The bug bounty was at first announced by TechCrunch recently, yet no subtleties on payments or logistics have been uncovered.

Huawei additionally announced that for a "high"- severity issue, hackers can procure up to $110,000 (€100,000), while Google, in the interim, presents to $200,000 and $100,000 for exhibits of comparative attacks on its Pixel phones.

While bug bounties are very basic among major smartphone makers, it's Apple and Google fundamentally who are behind two of the most well-known.

Anyway, one significant explanation suspected as to why Huawei did this might be on the grounds that could provide solid evidence that it isn't concealing any 'secret backdoors' in its most prevalent phones that the Chinese government could use.

Russian universities to introduce special course on working with artificial intelligence


The office of the Russian Ombudsman Tatyana Moskalkova proposed to create in Russian universities special course on artificial intelligence.  The aim of the course is training to counter the threats of artificial intelligence within the discipline of human rights protection.

Moreover, it is expected that the novelty will become part of the training program not only for law students, where the protection of human rights is one of the main disciplines. This special course is also necessary for future technical specialists.

The press service of Moskalkova's office clarified that " the course will be constantly adjusted, filled with new things in accordance with technological development." An interesting fact is that there is an express course on the philosophy of artificial intelligence at Moscow State University.

It should be noted that during the BRICS summit on November 14, Kirill Dmitriev, the head of The Russian Direct Investment Fund, a member of THE BRICS business Council, said that an Alliance for the development of artificial intelligence can be created within the BRICS.

In addition, according to Alexander Bernstein, the head of the neurosurgical Department of the Burdenko Center, artificial intelligence from 2021 will help in the planning of complex neurosurgical operations. Now artificial intelligence is already used in the medical center to remove intracerebral tumors. In the future, the scope is planned to expand.

Recall that on October 10, 2019, Russian President Vladimir Putin signed a decree on the development of artificial intelligence in Russia. This decree approves the national strategy for the development of artificial intelligence until 2030. The President also spoke about the need for maximum support for startups in the field of artificial intelligence and several times to increase the volume and quality of training for programmers, mathematicians, computer linguists and data processing specialists.

LPE Security Flaw Affecting Symantec Allows Attackers to Escalate Privileges on Compromised Devices


Symantec Endpoint Protection recently fixed a local privilege escalation security flaw influencing all software variants before 14.2 RU2 by enabling attackers to raise benefits on undermined devices and execute noxious code utilizing SYSTEM privileges.

Security researcher Peleg Hadar was the person who discovered the Symantec Endpoint Protection LPE bug and shockingly this isn't the first time when a security local privilege escalation issue was reported to a security vendor.

The Symantec Endpoint Protection LPE bug currently tracked as CVE-2019-12758 requires potential attackers to have Administrator privileges to effectively exploit the issue to Hadar. While the danger level of this vulnerability isn't immediately evident, such bugs are normally evaluated with medium and high 'severity' CVSS 3.x base scores.

As indicated by Hadar, attackers misuse DLL search-order hijacking issues, such as this as part multi-stage attacks in the wake of penetrating a target's machine to 'elevate permissions' in order to additionally compromise the device.

“The vulnerability gives attackers the ability to load and execute malicious payloads within the context of a Symantec’s signed process," Hadar states. Symantec albeit effectively tended to the LPE vulnerability in the Symantec Endpoint protection 14.2 RU2 release issued on October 22, 2019.

In any case he further specified that that misuse of the CVE-2019-12758 bug on machines running 'vulnerable' adaptations of Symantec Endpoint Protection could likewise make it feasible for attackers to load and dispatch malevolent code each time the Symantec administrations are loaded on the system, picking up 'persistence' between system reboots.