Search This Blog

Gamer Alert: More than 10 Billion Attacks On Gaming Industry In 2 Years


According to cybersecurity firm Akamai's recent report titled "State of the Internet/Security," the gaming sector has suffered a big hit in the previous two years. Experts have reported around 10 Billion cyberattacks on the gaming industry between June 2018 and June 2020.

Akamai recorded 100 Billion credential stuffing attacks during this period, out of which 10 Billion amount to attacks on the gaming sector. Besides credential stuffing, Akamai also recorded web application attacks. Hackers targeted around 150 Million web application attacks on the gaming sector.

"This report was planned and mostly written during the COVID-19 lockdown, and if there is one thing that's kept our team san; it is constant social interaction and the knowledge that we're not alone in our anxieties and concerns," says the report. Web application attacks mostly deployed SQL injections and LFI ( Local File Inclusion ) attacks as per the latest published report. It is because hackers can sensitive information of users on the game server using SQL and LFI.

The data can include usernames, account info, passwords, etc. Besides this, experts say that the gaming sector is also a primary target for DDoS (distributed denial-of-service) attacks. Between July 2019 and July 2020, Akamai identified 5,600 DDoS attacks, out of which hackers targeted 3000 attacks on the gaming sector. The increase in the attacks can be because most gamers don't pay much attention to cybersecurity.

According to data, 55% of gamers experienced suspicious activity in their accounts. However, just 20% of these gamers expressed concern about the compromise. Around 50% of hacked players feel that security is a mutual responsibility between gamers and gaming companies. 

Akamai emphasized their concern over the gaming sector becoming an easy target for the hackers. According to Akamai's report, "Web attacks are constant. Credential stuffing attacks can turn data breaches from the days of old (meaning last week) into new incidents that impact thousands (sometimes millions) of people and organizations of all sizes. DDoS attacks disrupt the world of instant communication and connection. These are problems that gamers, consumers, and business leaders face daily. This year, these issues have only gotten worse, and the stress caused by them was compounded by an invisible, deadly threat known as COVID-19."

179 Dark Net Vendors Arrested in a Massive International Sting; 500 kg Drugs Seized


Global police agencies have confiscated over $6.5m both in cash and virtual currencies, 64 firearms, and 1,100 pounds of drugs - arresting 179 vendors across 6 countries including the U.S and Europe in one of the biggest raid on dark web marketplaces. The international sting operation saw considerable co-operation from Law enforcement agencies all over the world including the US, UK, Germany, Europe, Canada, Europe, Sweden, Austria, and the Netherlands.

The 500kg of drugs recovered by investigators during the operation included fentanyl, methamphetamine, oxycodone, ecstasy, cocaine, hydrocodone, MDMA, and several other medicines containing addictive substances, as per the findings.

The authorities dubbed the global sting operation as 'DisrupTor' and while announcing it, they claimed in a press release that the "golden age of the dark web marketplace is over." The roots of the operation go back to May 3, 2019; the day German authorities seized the dark web drug market, "Wallstreet market" and arrested its operators.

"Operations such as these highlight the capability of law enforcement to counter encryption and anonymity of dark web market places. Police no longer only take down such illegal marketplaces – they also chase down the criminals buying and selling illegal goods through such sites." The press release further read.

According to the Justice Department, it was the largest international law enforcement operation that targeted opioid traffickers on the dark web. The investigation witnessed an extensive range of investigators ranging from the FBI, ICE, DEA, Customs and Border Protection (CBP), to the Defense Department.

Commenting on the success of the operation, the head of Europol’s European Cybercrime Centre (EC3), Edvardas Šileris said, “Law enforcement is most effective when working together, and today’s announcement sends a strong message to criminals selling or buying illicit goods on the dark web: the hidden internet is no longer hidden, and your anonymous activity is not anonymous. Law enforcement is committed to tracking down criminals, no matter where they operate – be it on the streets or behind a computer screen.”

“With the spike in opioid-related overdose deaths during the Covid-19 pandemic, we recognize that today’s announcement is important and timely,” said Christopher Wray, FBI director. “The FBI wants to assure the American public, and the world, that we are committed to identifying dark net drug dealers and bringing them to justice.” He further added.

Russian-speaking hackers attacked Russian companies and demanded ransom

Group-IB recorded a successful attack by the criminal group OldGremlin on a Russian medical company. The attackers completely encrypted its corporate network and demanded a ransom of $50,000.

Russian-speaking hackers from the OldGremlin group attacked several Russian companies, despite the ban: among cybercriminals, there is an unspoken rule "do not work on RU".

According to experts, since the spring of 2020, hackers from OldGremlin have conducted at least nine attacks on Russian companies. It is noted that they send malicious emails allegedly on behalf of the Russian media holding RBC, the Russian metallurgical holding, the Minsk Tractor Plant, the Union of microfinance organizations and other individuals and enterprises. Under various pretexts, attackers are asked to click on the link and download the file. After trying to open it on the victim's computer, the backdoor malware TinyPosh runs.

This time a large Russian medical company became the victim of the criminals. After gaining access to the computer of one of the employees, they deleted the organization's backups, and also spread the TinyCrypton ransomware virus on the computers of the employees. As a result of their actions, the work of regional branches of the medical company was stopped. Then the hackers demanded a ransom: they wanted to get 50 thousand dollars in cryptocurrency for restoring access.

"The lack of a strong communication channel between organizations that resist cybercrime, as well as the difficult political situation, lead to the emergence of new criminal groups that feel safe," said Rustam Mirkasymov, head of the dynamic analysis of malicious code at Group-IB. The expert also stressed that businesses often underestimate the threats posed by cybercriminals, and do not use the necessary means of protection. 

A major Ukrainian IT company has revealed details of the hacker attack

Ukrainian IT company SoftServe has issued an official statement about the recent hacker attack, in which it gave details of the incident and said that its investigation is still ongoing.

As a reminder, in early September SoftServe underwent a hacker attack during which client data, including the source code of a number of developments, were stolen. Later, another confidential data appeared on the network, including scanned copies of internal and foreign passports of company employees.

"As we reported earlier, SoftServe experienced a cybersecurity incident on Tuesday, September 1. It was a complex, multi-step and targeted attack against our company. As a result of the attack, the company's mail server was damaged, a number of corporate services were disabled, and the internal file server was compromised,” noted SoftServe.

The attackers managed to download fragments of various information, and in order to put pressure on the company, they made them publicly available.  SoftServe expects new incidents and declares its readiness for them.

"We expect that new data can be published again and are ready for it. Such actions of attackers, as well as various kinds of provocations and the spread of fakes to escalate the situation are a common tactic in hacker attacks. As noted earlier, SoftServe managed to localize the attack within a few hours after the attack and our team quickly restored the operation of corporate systems that function normally,” noted the company on its Facebook page.

The company also said that SoftServe is currently operating normally and has a "clear plan to deal with the consequences" of the incident. The company promises technical, legal, financial, and other assistance to anyone who suffered from the attack.

SoftServe has engaged one of the world's cybersecurity experts to independently investigate the incident.

White House To Update U.S’s Approach To Its Maritime Cybersecurity Strategy In Coming Months

 

With hopes to upgrade the U.S. government's approach to deal with its maritime cybersecurity strategy in the coming months, the Trump administration is presently attempting to improve and further secure down the United States' ability to 'project power at sea' and guard against adversarial cyberattacks. 
Their plan incorporates re-evaluating the national approach to deal with data sharing and better emphasizing the utilization of operational technologies in ports, as per one senior administration official. 

When two officials were approached to comment they declined on revealing any particular data about the administration's plans, saying more info would be very soon be made public. 

Yet, hackers have already begun their work, they have been for long focusing on shipping firms and the maritime supply chain to steal any data associated with the U.S. government or intrude on cargo operations and activities. 

Utilizing a strain of ransomware known as Ryuk, the hackers have undermined computer networks at a maritime transportation office a year ago simultaneously disrupting tasks for 30 hours, as per the U.S. Coast Guard. 

This declaration comes in the midst of a few endeavors at the Department of Defense to test preparedness and readiness against cyberattacks in the maritime domain. 

The Pentagon's offensive unit, Cyber Command, duplicated a cyberattack a year ago on a seaport. The Army is likewise taking an interest in an activity intended to 'simulate adversaries' focusing on U.S. ports this month. 

As of late, the Trump administration has been worried about a ransomware attack focused explicitly on a transportation organization, “affected COVID-19 supply chains in Australia,” which one senior organization official said.

 “Adversaries frequently interfere with ship or navigation systems by targeting position or navigation systems through spoofing or jamming, causing hazards to shipping,” one senior administration official said.

Microsoft Suffered A Rare Cyber-Security Lapse When One of Bing's Backend Servers Were Exposed Online

 

Microsoft endured a rather rare cyber-security lapse just this month when the company's IT staff incidentally left one of Bing's backend servers exposed on the web. 

Discovered by Ata Hakcil, a security researcher at WizCase, only imparted his discoveries to ZDNet the previous week. As per Hakcil's investigation, the server is said to have exposed more than 6.5 TB of log documents containing 13 billion records coming from the Bing search engine.

Hakcil said the server was exposed from September 10 to September 16, when he initially had informed the Microsoft Security Response Center (MSRC), and the server was made secure one more time with a password. 

The Wizcase researcher had the option to check and re-check his discoveries by finding search queries he performed in the Bing Android app in the server's logs.

 
Microsoft admitted to committing this mistake and commented last week, 

"We've fixed a misconfiguration that caused a small amount of search query data to be exposed," a Microsoft spokesperson told ZDNet in an email last week. After analysis, we've determined that the exposed data was limited and de-identified." ZDNet, which was provided access to the server while it was exposed without a password, can affirm that no personal user info was made public. 

Rather, the server exposed specialized details, like search inquiries, details regarding the client's system (device, OS, browser, etc.), geo-location details (wherever accessible), and various tokens, hashes, and coupon codes.
The leaky server was distinguished as an Elasticsearch system. Elasticsearch servers are high-grade systems where organizations collect huge amounts of information to handily search and channel through billions of records easily. 

Throughout the previous four years, Elasticsearch servers have frequently been the source of numerous coincidental information leaks. 

The reasons are known to fluctuate and can go from administrators neglecting to set a password; firewalls or VPN frameworks unexpectedly going down and uncovering an organization's normally-internal servers; or organizations duplicating production data to test systems that aren't always secured as rigorously as their essential infrastructure.

Experts listed most frequent cyber threats in the first half of the year

In the first half of 2020, phishing emails gained popularity among cyber fraudsters. Such conclusions were made by analysts of the Group-IB company.

According to the study, attackers in the context of the coronavirus pandemic began to use malicious mailings twice as often in order to get user data to access various popular Internet services.

One in three malicious emails sent by fraudsters contained spyware that steals paid data or other important information in order to sell it on the Darknet or blackmail the owner.

One of the most popular ways to get personal data of victims through mailing lists is Troyan-Downloader, which, after getting onto a computer through a letter, download other malicious software. 

According to experts, the list of malicious software in demand among fraudsters is headed by the banking Trojan RTM, which intercepts data on account details and takes screenshots. The second place is taken by the spyware Loki PWS, which steals usernames and passwords, and closes the top three Formbook backdoor.

Analysts consider the increase in phishing mailings to be expected, as the popularity of Internet services has grown on self-isolation.

Recall that this trend was confirmed by a study by Trend Micro Incorporated. So, according to experts, in the first half of 2020, almost 9 million attacks related to COVID-19 were recorded. These include email messages, links, and malicious files that mention the coronavirus. The growing ransomware family includes 68 new types of malware, and the main targets are government organizations, healthcare, and manufacturing. 

LockBit Ransomware Emerging as a Dangerous Threat to Corporate Networks


LockBit, a relatively new Ransomware that was first identified performing targeted attacks by Northwave Security in September 2019 veiled as.ABCD virus. The threat actors behind the ransomware were observed to be leveraging brute-force tactics and evasion-based techniques to infect computers and encrypt files until the victim pays the ransom.

LockBit enables attackers to move around a network after compromising it quickly; it exploits SMB, ARP tables, and PowerShell to proliferate the malware through an infected network.

The developers rely on third parties to spread the malware via any means the third party devises. After successfully infecting the network, the attacker redirects the victim to a payment site operated by them. The victim is then subjected to threats of data leak until the ransom is paid to the attackers.

Modus operandi of the attack

The attackers drop the payload that is hidden under the '.text' sections, evading conventional AV's mechanism from catching the file while running a scan in the disk, the file is compressed by the attackers with a unique format.

Upon being executed, the file runs a scan on the entire LAN network and attempts to establish a connection to the hosts via SMB port (445) to spread the infected file across the entire internal network.

Then in order to bypass the need for User Control, the command "C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" is run by an instance of SVCHOST.exe which is running by the process DLLhost.exe.

After that, the 'backup.exe' file executes the payload and encrypts most of the victim's files, changing their extensions to 'lockbit'. In the end, leaving a ransom note under the name 'Restore-My-Files.txt' in various folders on the host.

As per sources, the top targets of LockBit were located in the U.S., the U.K, China, India, Germany, France, and Indonesia. Experts suggest that users worldwide should strengthen their security defenses. It is also recommended to store the backups of important files separately so that it's hard to be accessed through a network.

Giving insights into a particular case, Patrick Van Looy, a cybersecurity specialist for Northwave, told BleepingComputer, "In this specific case it was a classic hit and run. After gaining access through brute-forcing the VPN, the attacker almost immediately launched the ransomware (which he could with the administrator account that he had access to). It was around 1:00 AM that the initial access took place, after which the ransomware was launched, and at around 4:00 AM the attacker logged off. This was the only interaction that we have observed."

The Union Government To Come Up With National Cyber Security Strategy 2020

National Security Adviser Ajit Doval announced that the Union government is set to come up with National Cyber Security Strategy 2020 for guaranteeing a safe, secured, trusted, and resilient cyberspace. 

The proposed strategy toward uniting all cybersecurity agencies for making sure about, reinforcing, and synergizing the cybersecurity ecosystem by closely connecting with businesses, citizens, and beyond.

That endeavors were being made by adversaries to exploit the crisis in the wake of the pandemic through different misinformation, fake news, and social media campaigns. 

"For our adversaries, the huge data floating around in cyberspace is a goldmine for extracting information to undermine the privacy of our citizens and add to the vulnerability of protecting data of our critical information infrastructure, “Mr. Doval said.

He said that phishing campaigns utilizing the Coronavirus theme targeted banks, defence, and critical infrastructure during this period. 

Mr. Doval drew attention to how various conspicuous UPI IDs and web portals were produced while fake Arogya Setu applications propped up to misuse individuals' data only hours after the Prime Minister announced the launch of the PM Cares fund. 

He stated, "Malicious domains and websites to the tune of around 5,000 were registered in a short span of time. We have also witnessed an increase of 500% in cybercrime owing to people’s limited awareness and poor cyber hygiene. Financial frauds have also increased tremendously owing to the increased reliance on digital payment platforms...”

He regretted that absence of indigenous digital solutions like information-sharing facilities and social media platforms had antagonistically influenced the country's self-reliance and cybersecurity. 

He encouraged new start-ups to think of solutions linked with the nation's requirements and build-up ability to guarantee that the country's critical cyber assets were being monitored by skillful native professionals in resonance with the Prime Minister's take for Atmanirbhar.

NIC hacked by a malware, over 100 computers compromised

 

Recently, India's largest data agency NIC ( National Informatics Center) was hacked by a malware unidentified as of yet. The attack was sent from an email, infiltrating the network and around a hundred computers were affected. 



After the attack, the incident was reported to Delhi Police's Special Cell and the case was registered under the Information Technology Act (IT Act). The attack came from an email, which upon opening by an employee - all data from the machine was stolen and encrypted. 

The National Informatics Center is a branch of the Ministry of Electronics and Information Technology (MEITY). The NIC is responsible for the government's technical infrastructure and for the implementation and delivery of digital India initiatives. The Institute contained sensitive information related to National Security, India's Citizens, Home Ministry, Security Advisor, and the stolen data could very well harm National Interest. 

Upon investigation by Delhi Police, the attack was confirmed as a Malware coming from an email bait. While it was reported by only one employee, several of the workers got this mail containing the malware and when the user clicked on this mail, his system was compromised. Likewise, hundred of such computers were infected.

The IP address from the mail was detected to be from the Bengaluru office of an American company.

Attack from Anonymous?
Some sources say that this attack was from the infamous hacking group- Anonymous. Some days back the official website of the Indian Army and according to firstpost.com, a letter was sent to the Indian Government stating- 

 "We are Anonymous Again. 

 To the People of India and Government,
 You Have Underestimated the Power of people. You thought First NIC Hack by Anonymous was a Playful act, "THINK AGAIN".
 We are not here to Play with anyone. We are here to send a message to all the people who support the Anti-corruption bill. We took Down Indian Army Official Site and NIC knows more about what we did. We do not support anyone, We Support Only The Anti-Corruption Bill.

No one can speak for Anonymous, Nothing is Official." 

 It could be that both these attacks are linked and from the same group.

New Windows Vulnerability Allows Domain Takeover, Microsoft Released Patch



A new vulnerability named Zerologon has been identified by cybersecurity organization, Secura who tracked the high rated vulnerability as CVE-2020-1472; it allows attackers to gain admin control of a Windows domain, inducing the ability to steal credentials from individual Windows account.

In order to exploit Zerologon, the attacker is required to be on the network, access to which can be acquired by various methods such as phishing, drive-by exploits or etc.

The attacker disables security features that protect the Netlogen process and change a system's password linked with its Active Directory account. Zerologon exploits a weak cryptographic algorithm used in the Netlogon authentication process, as per the expert findings at Secura.

While exploiting the vulnerability and attempting to authenticate against the domain controller, the bug impersonates the identity of any computer on a network and disables security features. In order to obtain domain administrator access to carry out malicious activities, the attacker needs to connect to a domain controller through a Netlogon secure channel connection. The attack is carried out swiftly, lasting not more than three seconds.

In August 2020, Microsoft effectively disrupted the operations of numerous companies in the patching process that took place in two phases and finally released patches for a severe 10/10 rated security flaw that was described as an elevation of privilege in Netlogon. The task has been an arduous one for Microsoft.

In their blog post on Zerologon, Secura explained, "It would not be necessary to wait for some other user to attempt to log in. Instead, the attacker can login themselves, pretending to only support NTLM and providing some invalid password. The service they are logging in to will forward the NTLM handshake to the domain controller and the domain controller would reply with a negative response. This message could then be replaced by a spoofed reply (also containing a recalculated session key) indicating that the password was correct and, by the way, the user trying to log in happened to be a member of the domain admin group (meaning they also have administrative privileges on the target machine),"

"This vulnerability can be particularly dangerous when an attacker has a foothold in an internal network because it allows for both elevation of privileges (to local admin) and lateral movement (gaining RCE on other machines on the network)," the blog post further read.



Russia is planning to create a working group to protect the digital rights of citizens

The Presidential Council for the Development of Civil Society and Human Rights is planning to create a working group. Its specialists will protect the digital rights of Russians

In Russia, a group will be created whose task will be to protect the digital rights of citizens. This was announced by the head of the Presidential Council for the Development of Civil Society and Human Rights Valery Fadeev.

Members of the working group will try to understand how to minimize the damage from progress in the field of IT technologies, he explained.

According to him, the process of digitalization has not only a positive impact but also a negative one. "Digitalization cannot be stopped, progress, of course, cannot be stopped. As with any powerful technological or technical process, there are always various negative sides, negative aspects, and they accumulate, “ said Fadeev at the round table "Digital threats to human rights".

Negative examples include bullying on social networks and surveillance of people through city surveillance cameras.

"Today there was a message in the media that Anna Kuznetsova filed a lawsuit. The girl conducted an experiment – she bought online from someone for 16 thousand rubles ($213) information about where she was last month, providing her photo. Two days later, she received information from Moscow cameras,” said Mr. Fadeev.

Examples like these show that there is a security problem in the digitalization space. People are no longer protected and cybercriminals take advantage of this. Another problem is a fraud, which has begun to actively manifest itself on the network. Therefore, the main task of the working group is to understand how to minimize the damage from progress in the field of IT technologies.

Five Steps That Will Boost Your Cybersecurity And Assure Business Community In Real Life

 

The concept of business and marketing has seen a tremendous change for a few years. Business continuity meant protecting your company in times of crisis. However, it is about recovering from large scale cyberattacks as quickly as possible in the present times. These threats can include malware, phishing emails, DDoS attacks, ransomware, etc.


 
In recent times, there has been a rapid change in the field of cybersecurity too. It has now become a vital part of an organization's business continuity, in protecting employee data, intellectual property, operational plans, R&D, etc. Due to this, a question arises of 'how corporate and IT experts can work hand in hand' to protect an organization and promote its business. 

To achieve these goals, a simple five steps method, if followed, can ensure your organization's cybersecurity and prevent it from threats and cyberattacks. 

1. Prioritize: Threat intelligence should be acquired, and it should be prioritized to formulate a defense plan. Keep in mind that simulation attacks won't be much helpful as real-time attacks. Simulated attacks won't tell you the real strengths and weaknesses. This information helps experts identify the threats they must be more careful about and build a counter-testing testing plan. 

2. Measure: You should examine whether the measures you are taking to protect your business is helpful. If not, your preventive actions are ineffective. The plan should include analyzing threat adversaries and technical attacks, and how your people respond to it. 

3. Optimize: This step involves analyzing the gaps or barriers that you identified in the measuring stage. An effective business means overcoming these gaps and barriers. When the controls are optimized, the testing can then provide more measurable results that will make your security more robust. 

4. Rationalize: Is your investment in security measures proving beneficial or just a waste of money. With the help of testing data acquired after optimizing controls, the experts now know where to cut costs and invest more. It allows a business to save money while keeping the risk factor under control. 

5. Monitor: The final and most crucial step involves keeping a constant eye on changing the IT environment trends. There might come new challenges that your company might have to face; therefore, there should be a continuous evaluation of potential threats that might impact your business.

Criminals sending malicious emails claiming to be from the rector of Moscow State University

A malicious program that steals passwords was sent out in mid-September by scammers in letters claiming to be from the rector of Moscow State University. The recipients were financial, industrial, and government organizations in Russia.

The mailing, as noted in the company Group-IB, was held in the period from 9 to 16 September.

"In the letter, the attackers, on behalf of rector Viktor Sadovnichy, ask recipients to read the attached document “ A description of the budget for 2020” and promptly send their commercial offer,” reported the company's press service.

The texts of the letters are illiterate and contain stylistic errors. In addition, the order of words and sentences indicates that fraudsters use an automatic translation program. The authors of the letter were too lazy to change or check all the links in the template before sending them out. Probably, similar attacks have already been carried out on behalf of other universities, most likely foreign ones.

The addresses of Moscow State University were indicated as the sender in the letters. In fact, the correspondence was sent from the hacked mail server of the Hotel Alfonso V in the Portuguese city of Aveiro. The hotel has already been notified of the break-in.

All the scammers’ emails contained an archive called "Request for a commercial offer" with an executable .exe file inside. After it was launched, a malicious program was installed on the user's device that could steal usernames and passwords.

"In the future, hackers can use them to gain access to email accounts or crypto wallets, for financial fraud, espionage, or sell stolen data on hacker forums,” said Group — IB.

According to Vasily Kuzmin, Deputy head of the information technology department of Moscow State University, neither the rector nor the University administration ever send letters with such content.

Siemens USA Announced the Launch of Its Technologically Advanced Cyber Test Range

 

As the Coronavirus pandemic prompted an expansion in cyberattacks, this called for the need for certain facilities that would explicitly focus on prevention, discovery, and response solutions. For a similar reason, Siemens USA came up with the launch of its innovatively progressed cyber test go housed at its U.S. R&D headquarters in Princeton, New Jersey. 

The Siemens cyber test range was intended to test developing cybersecurity innovations against real-world situations to help distinguish and moderate potential weaknesses. 

The cyber range has embarked to turn into a hub where data scientists, security experts, and others can come together to perform inventive researches in the field of cybersecurity and prototype and approve new research ideas. 

Siemens' growing collection of operational innovation hardware and software components makes the range more valuable for 'a variety of industrially focused security research'.

The design of the facility was done keeping in mind the adaptability, permitting remote operation and range segments to be moved to different areas like gatherings, colleges, government research labs, and even customer environments. 

Siemens has partnered together with the Atlantic Council to utilize this cyber range to upgrade students' understanding during their 'Cyber 9/12 Strategy Challenge' arrangement through the re-enactment of cyberattacks on frameworks like advanced water treatment and power generation facilities. 

Today, Siemens and its products are upheld by a global association with more than 1,200 digital specialists. The organization's products and solutions have modern security functions that are inherent by design and empowered by default. 

Kurt John, Siemens USA's Chief Cybersecurity Office says “Cybersecurity is at the center of everything we do at Siemens. This cyber range will help Siemens continue to innovate in the field of critical infrastructure cybersecurity and build industry confidence in the secure digitalization of America’s operational technology. With this cyber range, our customers and partners can now join us on our ongoing journey to help mitigate cyberattacks and protect America’s critical infrastructure.” 

This cyber range will undoubtedly be another space for future pioneers to fabricate trust in associated foundation to shape an economical and a strong future and simultaneously for Siemens to ace the innovation foundational to a Fourth Industrial Revolution.

Apple Time Flies Event September 2020: Highlights and the meme aftermath

This Time Flies Apple Event was unlike a regular Apple Event, and the difference was noted right from the beginning as CEO Tim Cook started the event not from the stage at the Steve Jobs theater but from downhill at the Apple Park HQ talking from glass curved panel. He took off with the new Apple Watch with no mention of the previous year's performance or the health factors. Suffice it to say, the 2020 Apple Event was different. 


Highlights

The event starts with the release of Apple Watch Series 6 - capable of measuring your blood oxygen levels in a mere fifteen seconds with a cool red variant. More features include- always-on display, numerous exciting watch faces, a family set, and ten sports mode. Price: $399  Indian Price : 49,900₹ (GPS Cellular) and 40,000₹ (GPS) 

Another Watch SE was announced with all the quirks and features to stay healthy, connected, and fit. This also includes a family set and functions with similar software as the new Watch Series 6. Launched at Price: $199   Indian Price 33,900₹ (GPS Cellular) and 29,900₹ (GPS) 

Apple Fitness Plus is a new fitness app that can track your workout, Yoga and includes various workout modes. You can also pair and save your Apple Music track on Fitness plus. Apple Watch users will get 3 months of free subscription. Priced at  $9.99 for a month and $79.99 for a year. 

Apple One service - with this you can keep all your plans under one umbrella of Apple One plan. In India, the Apple One plan is quite affordable at 365₹ for the family plan. Prices: For an individual- $14.95/month  For family $19.95/month Premier at $29.95/month 

And finally, iPad 8th gen and iPad Air - The iPad 8 generation is promised to be 3 times faster with a faster processor A12 chipset. Priced at: $329 and for students : $299   India: 41,900₹ ( Wifi Cellular) and 29,900 (Wifi) 

The new iPad Air may look like the iPad Pro but is power-packed with the new A14 Bionic chipset increasing performance by 40%. It comes with a larger liquid retina display and in five different colors. The iPad Air is integrated with USB-C, 12MP rear camera and 7MP front camera, touch power button, and a magic keyboard. Price : $599   India : 69,900₹ ( Wifi cellular) and 54,900₹ (Wifi) 

But, alas, to the disappointment of many there was no announcement of the new iPhone 12 and subsequently, social media was in a roar and many fans took to twitter sharing memes and poking fun with the tag, "where is my iphone12?":
 



 






American IT-businessman of Russian origin says Durov gave data of Telegram to Kremlin

The founder of Telegram Pavel Durov  gave the messenger with the data of all users to the Kremlin because the messenger became an unbearable financial burden, the costs of which exceeded $2-3 million a month, said an American IT businessman of Russian origin, the head of Pi5 Cloud Michael Talan.

"Telegram is a fully cloud-based solution that hosts its systems in three providers: Google, Amazon, and DigitalOcean. According to my calculations, for Pavel Durov, monthly payments on Telegram exceed $2-3 million. For him, this has become an expense that cannot be recouped. Previously, he paid with money from investors TON (Telegram Open Network),” said Talan.

He clarified that Durov had financial problems related to Telegram after the decision of the American Securities and Exchange Commission, which banned the Russian programmer from launching the TON commercial platform.

"I am 100% convinced of this. So if you are still using Telegram in Ukraine, I urge you: delete all correspondence from there and close your account, because now Telegram is a tool of the Kremlin," the American IT businessman addressed the Ukrainians.

It’s important to note that, in early August 2020, Pavel Durov reported that in two countries he was offered to sell part of Telegram, but he refused because the messenger is not sold "either partially or completely". "This will always be our position,” stressed Durov.

It should be noted that the social network VKontakte, created by Pavel Durov, has found a way to circumvent the ban on the use of the social network in Ukraine. The social network mobile application is now working on the territory of Ukraine. At the same time, in order to access the social network from a computer, residents of Ukraine still need to use another VPN.

Earlier, Ukrainian President Zelensky extended a decree banning Russian social networks.

The Central Bank of Russia spotted a fraud scheme using the voice menu of one of the banks

The Central Bank of Russia informed banks that fraudsters use the voice menu to get information about the status of customers' accounts, using only the last four digits of the card.

It all started with the fact that one of the credit organizations reported a sharp increase in the number of calls to customers from fraudsters, and the attackers knew the exact amount on the accounts.

It turned out that the scammers made phone calls to the IVR system (Interactive Voice Response), replacing customer numbers. When calling from a client's number, they requested information about the remaining funds by entering the last four digits of the Bank card.

After that, the scammers called potential victims and introduced themselves as Bank employees. As proof of authenticity, they provided customers with information about their account balances. After that, they successfully used social engineering methods to steal money.

The phone numbers of customers and their Bank cards were compromised and spread on the Internet. The Central Bank believes that fraudsters could get them from the Joom client base, which was in the public domain. Then, representatives of the online store and banks assured that there is no danger for customers, since the data that fell into the hands of fraudsters is not enough to debit money from their accounts.

It turns out that the last four digits of the card may be enough to get confidential information from Bank customers. But this information is not officially classified as secret and is printed on any check.

According to Sergey Golovanov, a leading expert at Kaspersky Lab, the use of biometrics can simplify the identification process for the user and make this process more secure. At the same time, the expert believes that the use of biometrics would increase its cost for the Bank. Thus, despite the recommendations of the Central Bank, banks will continue to minimize their costs in this area, risking making their customers victims of fraud.

Android 11 is here: check out the new features and your phone's compatibility with the new Android

 

Google has been teasing the Android 11 release for quite some time now and it's finally here. The new OS was released on September 8 but will reach India in the upcoming weeks.




The new OS will be available for Indian users in the next few weeks given your phone is compatible, various smartphone makers like Xiaomi, Oppo, Realme, One Plus, Nokia are backing their new models with Android 11. Google Pixel smartphones of course already have as Android 11 was released on the new Pixel phone.

New Features

Android 11 has rolled out with several interesting new features encompassing conversations, privacy and security, accessibility, device control, content capture, and predictive tools. Some of these are- 

Bubbles (Chat while multitasking)

This feature will pin your conversations to the screen and you can converse without leaving the application your working in. 
 "Bubbles keep the conversation going—while you stay focused on whatever else you’re doing. Access the chat anytime or anywhere. Then carry on doing you.", Android.inc released on their blog.

Get all your messages in one peace

Now you can better manage your conversations in one place. You'll get message notifications from multiple message apps at one place from your priority people. 

Content Capture

Android has finally integrated a built-in screen recording feature. Another quirk with the new OS is that it allows you to copy text as well as pictures and move them wherever you want. 

Smart Reply

The Google Keyboard comes with default smart replay, which gives suggestive replies life 'sound good'. "Replies are intelligently suggested based on what’s been said in the conversation—so the words you need and the perfect emoji are always at your fingertips." 

Privacy 

This Android update comes with more privacy to the user- the user can select data and permissions to be granted to the app and only once not the traditional permissions that apps ask for every time you open the app.

Device and Voice Control

Android 11 welcomes better ease of access that is voice control even offline voice command and connected device control like managing house appliances.

There are other security and privacy updates that are aptly needed and provide a better experience compared to the Android 10 version. Various smartphones are compatible with the new update, namely- 
  •  Google Pixel Phones: Pixel 3, 3A, 4, 4A
  •  Oppo phones: Oppo is testing the feature on their Find X2 series and Reno 3 Series (4G).
  •  One Plus: One plus is also testing open Beta of its Oxygen OS 11 update for OnePlus 8 and OnePlus 8 Pro. 
  •  Realme Phones: Realme X50 Pro
  •  Xiaomi phones: They posted on Twitter that their Mi10 and Mi 10 Pro will be the first to have the 11 updates.

NZX Underwent Power Outage Caused Due to Multiple Cyberattacks, Trading Halted


New Zealand’s stock market exchange came to an abrupt halt after being hit by cyberattacks multiple times over a week, blocking the access to its website and resulting in a major power outage caused due to a distributed denial of service (DDOS) attack from overseas, state-backed adversaries.

The unknown attackers put to work a group of computers and bombarded the NZX website with requests to connect by commanding these computers, which resulted in overloading the exchange’s servers and shutting down its website.

The systems harnessed to instigate the attack probably belonged to innocent businesses that would have been exploited by the malware earlier. The owners of these compromised computers have most likely stayed oblivious to the fact that they have been hijacked to facilitate a cyberattack.

On Wednesday, the Wellington-based NZX exchange issued a statement wherein they explained how the Tuesday attack affected their websites and the market announcement platform. Blaming the attack on overseas adversaries, the NZX said that it had “experienced a volumetric DDoS attack from offshore via its network service provider, which impacted NZX network connectivity”.

“A DDOS attack aims to disrupt service by saturating a network with significant volumes of internet traffic. The attack was able to be mitigated and connectivity has now been restored for NZX,” the exchange further said.

While commenting on the matter, Dr. Rizwan Asghar, from the school of computer science at Auckland University told that it was difficult to trace the source of such a cyberattack as the threat actors exhibited a tendency to hide their IP addresses.

To combat the attacks, New Zealand’s spy agency, The Government Communications Security Bureau (GCSB) was sought by the NZX; by Friday GCSB constituted a group to investigate the matter which concluded that the motivation of the DDoS attack seems to be financial rather than political as claimed by few.

The findings of the investigation denied the involvement of state-backed agents in the attacks by stating that, "The nature of this tends to be a criminal activity rather than state-backed. You can't rule it out but it's more likely than not to be criminal activity."