Search This Blog

DJI Proposed App to Identify Nearby Drones and Exact Location of Pilots


The world's leading producer of camera drones, DJI has demonstrated a technique to gather information about a nearby drone, precisely locating its pilot through a smartphone.

It employs a protocol called "Wi-Fi Aware", which makes the information about nearby drones available to anyone looking up for flying drones. The company said it would increase " safety, security, and peace of mind", along with preventing disruptions and security threats. However, the idea is being dismissed by security experts as they are of the opinion that it is not sufficient to fight illegal drone use and that the sophisticated hackers would easily manage to bypass the detection. With ransomware emerging as a service and being easily available, it's reasonable to expect hackers finding ways to circumvent the DJI's protocol. As a result, concerns have been raised regarding the viability of this "drone-to-phone remote identification" tool.

While substantiating the proposed idea, Brendan Schulman, VP of policy and legal affairs at DJI, said, "Remote ID functions as an electronic license plate for drones, allowing anyone who is curious about a drone in the sky to learn more about what it's doing."

"Around the world, aviation authorities have said remote ID is the key to allowing more complex drone use, and to solving concerns about safety and security." He added. "It's going to be very useful against rogue drones," said Elrike Franke, a policy fellow at the European Council on Foreign Relations, in a conversation with the BBC.

"But it's not going to be enough to fight people with real bad intentions, because these are going to be the first people to hack this system."

Further explaining the model, the company said, "Using a simple app, anyone within radio range of the drone can receive that signal and learn the location, altitude, speed, and direction of the drone, as well as an identification number for the drone and the location of the pilot."

However, the proposed app is not expected to be seen anytime soon due to the lack of Wi-Fi protocol compatibility with advanced smartphones. Currently, it also does not work on iPhones.

5G network may appear in St. Petersburg by 2022


The representative of the Russian President on digital and technological development Dmitry Peskov said that in two years 5G mobile network could be launched in St. Petersburg. According to him, it will be certified at the World Radiocommunication Conference in the near future.

Mobile operators MTS and MegaFon have already received permission to create a test zone for testing 5G. Tests are planned to be carried out at frequencies in the range of 2.5-2.7 GHz.

Earlier, the Ministry of Defense, the FSB and the Federal Security Service opposed 5G, saying that this resource is used by government services and its transfer to civilian means of communication is inappropriate for security and defense reasons. To date, negotiations are underway to provide organizations with the necessary frequencies that belong to the special services.

In addition, representatives of MTS and MegaFon do not see an urgent need to launch fifth-generation communications, as the technology is expensive. In the near future, 5G technology will not be able to be used by residents of the whole country, but only of certain territories, since its technical maintenance is more complicated than LTE networks.

It is interesting to note that the first operator interested in new generation technology is MegaFon. In 2014, the company signed an agreement with Huawei on the creation of 5G test networks. For example, the operator will begin to test the operation of telemedicine services in medical institutions with the help of a new generation of mobile communications in Moscow from 2019. In addition, 5G speed record belongs to MegaFon. In June, the operator managed to achieve network data transfer at a speed of 35 gigabits per second. The tests were carried out in the laboratory on Huawei equipment.

It should be noted that 5G technologies are designed for higher bandwidth compared to 4G. New network will allow subscribers to connect with each other directly, and the speed of mobile Internet will grow to 1-2 Gbit / s. At the moment, the fifth generation networks are already deployed in several major US cities. Switzerland is actively implementing 5G in Europe. South Korea became the first country in the world to launch commercial services of the newest network in the spring of this year.

The first commercial quantum communication line to be built in Russia


The national program in Russia plans to improve the information security of both government agencies and private companies. Experts want to achieve this by creating the first commercial quantum network in the country. It will provide the most reliable degree of information security available today. Data centers in Russia will establish a quantum communication line between them by 2021.

It is known that experts will build a network 670 km long between data centers located in Moscow and Udoml. They have powerful servers and network equipment designed to process, store and distribute information. Currently, the communication channels leading to the centers are protected by crypto-algorithms, the disadvantage of which is the existence of a key that is stored on the physical medium. So, having a key, fraudsters can intercept and decrypt the transmitted information.

To date, the only way to solve this problem is to use quantum communications. It is a data exchange technology that is protected by the quantum distribution of encryption keys. The hacker will not be able to intercept such a key, remaining unnoticed. Photons are used as carriers of transmitted information.

"If a hacker starts copying the state of a particle, its properties will instantly change. Thus, copying data will fail. Moreover, if someone tries to intercept the media during their transmission, the user of the system will know about it," said specialists.

Since the photons change their state after 140 km due to scattering, the developers plan to build six protected intermediate nodes on the 670 km line.

The project of the quantum communication line was named Landau, and Rostelecom was appointed responsible for its implementation. The project will be launched this year. It is expected that by the end of 2020 there will be a prototype of the service, and the project will be ready in 2021. The work is carried out as part of the national program "Digital Economy". It is known that in case of successful completion of the project, no one will be able to hack into computers, which will be great news for databases of large state corporations and banks.

As a reminder, the Russian Government approved the national program "Digital economy" and allocated 1 trillion rubles (217 billion $) from the Federal budget for the implementation of the presidential task.

ATFuzzer: A Threat that Misuses USB Chargers, Headsets, and Bluetooth.


A new security threat has been found which can hit various high-tech android devices by exploiting the Bluetooth and USB accessories to attacks the phone. According to a paper published by researchers from Purdue and Iowa University, the base-band processors of many famous Android phones are modified that enables the hacker to get access. By using specifically modified USB and Bluetooth accessories, the experts could explain how these accessories are misused to give directions such as AT commands that regulate the baseband's working. The research also checked various smartphones such as Samsung, LG, HTC, Google, Motorola, and Huawei that are not very latest but still generally used.

Meanwhile, the experts decoded critical information such as the IMEI number, roaming status, and network settings that can help to locate the targets. The researchers also conducted Denial of Service (DoS) initiatives, interrupt Internet connections and use functions such as Do Not Disturb (DND), call logs, blocking, etc.

Ten smartphone devices from different companies were examined. Fortunately, not all the smartphones fell prey to Bluetooth and USB accessories threat. However, various accessories such as phone chargers, speakers and even headsets can be misused to exploit any device by following the given technique.

"The android devices can't possibly be endangered to the AT command interface in any way," concludes the research team. If interested to read the exploits, it could be found at the Github repository. The research paper would be manifested next month at the 35th Annual Computer Security Applications Conference. The attacked smartphones worked on base-band processors built by Samsung, Qualcomm, and Huawei. The experts informed all the concerned devices and base-band providers and remained 3 months still before announcing to the general public about their conclusions. Meanwhile, Samsung has acted by making security patches for its smartphones.

How to be safe?

The users are suggested not to use accessories that are not known. They are also strictly advised against using public chargers as they can be harmful to smartphones. Using trusted accessories and minimal unknown gadgets are the only solution to the problem.

Carding Bots Now Pose a Threat to E-Commerce Platforms


In a discovery made by the PerimeterX research team, two new "carding" bots that represent a threat to e-commerce platforms have been detected towards the beginning of the busiest shopping time of the year.

Carding is a 'brute force attack' on a retailer's site utilizing stolen credit cards or gift vouchers. Threat actors utilize carding to mass-confirm a large number of stolen credit cards and produce a list of authentic credit cards.

The validated credit cards are then commonly sold on the black market for around $45 each and traded for untraceable gift vouchers that empower the cyber-criminals to veil their identity.

One of the new carding bots, named the canary bot, explicitly abuses top e-commerce platforms. The other bot, called the shortcut bot, sidesteps the e-commerce website altogether and rather abuses the card payment vendor APIs utilized by a site or mobile application.

Portraying an attack by the canary bot, researchers stated: "In this attack, the bots create a shopping cart, add products to the cart, set shipping information, and finally execute the carding attack—all of the steps except for the carding attack exhibit normal user behavior through a website."

The worldly canary bot recognized by PerimeterX researchers is frightfully great at aping human behavior. Researchers said that they had seen an 'increasing trend' in API endpoint abuse to approve credit cards on the web and on mobile applications.

They additionally saw an expansion in these new kinds of attacks over numerous unrelated customers demonstrating the speedy advancement of these attack tools.

All things considered, PerimeterX has advised e-commerce website proprietors to keep customers from getting to the payment page without items in their cart to stop fundamental carding attacks.


ISRO targeted by North Korean Hackers during Chandrayaan-2 Launch


According to the fresh news that has been coming from various experts, it has appeared that Chandrayaan-2 (also known as Mission Moon), a famous mission by the Indian Space Research Organisation (ISRO) was attacked by hackers from North Korea. It also appears that the attacks were organized using a malware named Dtrack, which is connected to a club of North Korean hackers managed by the administration. "The malware was identified by the Financial Institute and Research Centers in 18 Indian states," confirms the reports by Kaspersky, a cybersecurity firm.


It is also said that the same malware was used to direct hacks on Kudankulam nuclear factory. The National Cyber Coordination Center that attempts to protect the nation from harmful cyber invasions recently received critical information from a US cybersecurity firm regarding the hack. It said that Kunankulam Nuclear Plant's master domain controllers alongside the ISRO were attacked by the hackers. Following this incident, Kaspersky's specialists detected the malware and notified the issue to the Indian government before the Chandrayaan-2 landing.

"The hack was organized using very simple and basic techniques like phishing emails, an unedited browser, and poor security that resulted in allowing the hackers to easily invade the devices," says Yash Kadakia in an interview, founder, Security Brigade, a cybersecurity firm in Mumbai. He further adds that a similar server was used to send spams to superior nuclear experts at the Nuclear Plant in Kudankulam which was also aimed by the hackers to pick other experts at ISRO later.

About Dtrack Malware- 
Generated by North Korean Hackers, the Dtrack malware provides a full command that permits the hackers to obtain data from the device. The virus can misuse devices with weak privacy and passwords. If the virus invades a device, it can obtain critical information like catalogs, IDs, user history, and IP addresses. "A high number of DTrack attacks were discovered. The hack was carried by Lazarus that has become a major concern for big corporations," said Konstantin Zykov about the virus who is a Researcher at Kaspersky Cybersecurity, at an event in Delhi.

Cyber Intrusions on a Rise in Oregon, Attackers Bringing in Sophisticated Methods


Cyber intrusions have been on a rise with cybercrime becoming more dangerous and sophisticated than ever. The pervasive and evolving cybercrime poses a serious threat to both the public and private sector networks as attackers target international organizations to steal corporate data and individuals are subjected to identity theft.

In December 2018, Aaron Cole, from the Portland suburb of Oregon City, fell prey to a wire scam and nearly lost his home after being duped into making a fraudulent down payment of $123,000. The attacker sent Cole an email directing him to make the payment and tricked him into believing that it is from the title company he had been working with. At the time, Cole did not realize that a sophisticated network of hackers had been keeping track of his interactions with the title company. Although the email appeared similar in structure to the original emails he received from his title company, it had slight differences.

It was only when the title company reached out Cole on due dates, asking him to send the money, the realization of the blunder hit the Oregon man hard. He suddenly realized that he was duped by cybercriminals to give away all the money which he had saved from the sale of his former house along with other family savings.

Cole's title company, WFG came to his immediate rescue and made up for the losses, in turn, Cole is helping the company in spreading the word about more such scams. He was fortunate to be hired for the same amount he lost to the hackers - to be a spokesperson at the National Title Insurance Company.

“They warned we're never going to send you an email with wire instructions, it'll be an encrypted email. We’ll call you with wire instructions. They're putting all the red flags out there that they can possibly think of,” said Cole. “I was looking at it more like the terms of use when you want to download an app and you just skip through the thing and you click accept.”

While explaining the unfortunate incident and the state of mind which followed, the Oregon Husband and father of two said: "It was the worst feeling."

"And then having to go home and tell my wife that I just gave away all the money. She could tell right when I walked in the house and just sat down, and I just couldn't come up with the words to tell her." He added.

Referencing from the statements given by Gabriel Gundersen, an FBI supervisory special agent with the Oregon Cyber Task Force, "The emails have gotten well-crafted and quite detailed. They're highly tailored to that particular victim."

"It's a social engineering piece, where they're coercing a victim to do something based on an artificial agenda or an artificial timeline." He added.

Earlier the attempts made by attackers to dupe people were uncoordinated and clumsily executed due to which individuals had a scope of making distorted sense of anything which strikes them as strange and makes them feel uncomfortable, however now these cyber traps are set sophisticatedly making it difficult for individuals to locate the red flags.

Security officers are in a constant race with the attackers, ensuring they are not lacking behind with the fixes for every new approach slammed in by con men. However, the overall impact is still staggering as crucial systems are bypassed, disrupting the entire functioning of vital medical and banking networks.

Researchers Discover the Existence of the New APT Framework “Darkuniverse”



A new APT Framework named "DarkUniverse" was recently discovered by researchers via tips from a script that was utilized in the NSA breach in 2017 wherein the well-known hacking tools leak 'Lost in Translation' was published by shadow brokers.

Researchers believe that the "DarkUniverse" APT Framework was active in at least 8 years from 2009 until 2017, and the traces show that it's likewise tied with ItaDuke, an actor that utilized PDF exploits for dropping previously unknown malware.

There are various versions of the sample been utilized for this campaign between 2009 to 2017, and the most recent rendition of the malware utilized until 2017. The further examination uncovers that the battle is for the most part utilizing the spear-phishing emails to convey the malware through the weaponized Microsoft Office document attachment.

As indicated by Kaspersky investigate, “DarkUniverse is an interesting example of a full cyber-espionage framework used for at least eight years. The malware contains all the necessary modules for collecting all kinds of information about the user and the infected system and appears to be fully developed from scratch.”

The DarkUniverse campaign is said to gather different sensitive information including Email conversations, files from specific directories, screenshots, information from the Windows registry, sends a file to the C2, credentials from Outlook Express, Outlook, Internet Explorer, Windows Mail and more.

The malicious framework targeted on different nations including Syria, Iran, Afghanistan, Tanzania, Ethiopia, Sudan, Russia, Belarus and the United Arab Emirates and the victims included both non-military personnel and military associations.

The Ministry of Internal Affairs of Russia to develop a mechanism for the seizure and confiscation of cryptocurrencies


Russian law enforcement agencies, together with the Ministry of Internal Affairs, to prepare proposals for the arrest of cryptocurrencies by 2021.

A representative of Group-IB confirmed the information that such a measure is being discussed together with other proposals to combat IT crimes.

"Cryptocurrency must be recognized at the legislative level as either a product or a cash equivalent so that it can be confiscated further", said Konstantin Golikov, the co-owner and CEO of the platform Dailyrich.ru.

"If the law enforcement agencies begin to discuss the confiscation of cryptocurrency, they actually launch a mechanism for the legalization of cryptocurrency in Russia. But, in my opinion, the Bank of Russia will seriously resist this," said Golikov.

However, in international practice, there are already many precedents for the confiscation of cryptocurrency by a court decision, despite the fact that the regulation of cryptocurrency is not legislatively introduced.

Even now, Russian courts and investigators have to deal with cryptocurrencies, despite the fact that virtual money does not have official status. For example, the Central Bank insisted that the hidden income from the Russian markets can be withdrawn to other countries through cryptocurrencies. In addition, in February 2019, the Plenum of the Supreme Court of the Russian Federation extended the punishment for the legalization of criminal proceeds to electronic assets.

Recall that in 2018, President Vladimir Putin said that Russia should "carefully and cautiously" monitor the sphere of cryptocurrencies. At the same time, the position of the Central Bank of Russia was that electronic money can not be a means of payment. An interesting fact is that in Belarus, in 2017, a decree “On the Development of the Digital Economy” was adopted, which recognized cryptocurrency as property.

Researchers Found Android Apps on Google Play that Steal Personal Data of Victims and Pose Other Threats



Security researchers identified seven new malicious apps present on Google Play Store that infect devices with adware and malware while laying open the system's backdoor access which ensures a smooth installation of any new functionality that comes along with the application. Other threats include battery drainage and excessive consumption of mobile data.

In recent times, with the mobile malware penetrating its roots in the cyber world, there have been a number of new discoveries from security researchers where they warn of malicious android apps that request sketchy permissions and contain malware. Android platform's openness, flexibility, and excess control are the key factors which make it all the more attractive to the users and likewise, cybercriminals. As a downside, it also provides a more vulnerable space for criminals to exploit by posting adware infected apps to serve marketing interests and steal sensitive user data. These apps can take different forms and mostly, share a similar code structure which indicates a direct link between the developers.

These malicious apps are configured to download and consequently install APKs from a GitHub repository, hence attackers are handling the GitHub communication very sophisticatedly, as a part of which they effectively wait to bypass detection by security officers and malware detection agencies.

Attackers have embedded a GitHub URL within the malicious app code which sets the basis for evading Google Play protect scan. However, while security researchers somehow managed to unearth the configuration data of the malicious apps and related URLs, they were directed to Adware APK which is triggered right after the installation of the infected app. The APK halts for a timeframe of 10 minutes after being triggered to execute the malicious motives.

Here, the aforementioned malicious apps have been posted by three different developers as listed below:

iSoft LLC (Developer) – Alarm Clock, Calculator, Free Magnifying Glass
PumpApp (Developer) – Magnifying Glass, Super Bright LED Flashlight
LizotMitis (Developer) – Magnifier, Magnifying Glass with Flashlight, Super-bright Flashlight

As a security measure for the continuously expanding mobile malware, Google tied up with various mobile security companies that would assist them in detecting bad apps before they hit a download mark over million. Users who have already installed these dropper apps are recommended to uninstall them manually.

Facebook used user data to control competitors and rivals


Leaked documents from a lawsuit filed by a now-defunct startup Six4Three on Facebook shows some 700 pages revealing how Facebook leveraged user data against rivals and offered it up as a sop to friends.

NBC News reported how Facebook's executive team harnessed user data and used it as a bargaining chip to manipulate rivals. There are thousands of leaked documents to support that this was done under the supervision of the company's CEO Mark Zuckerberg.



NBC News has published an entire log of documents containing 7,000 pages including 4,000 internal communications such as emails, web chats, notes, presentations, spreadsheets on Facebook. These documents are dated between 2011 and 2015 that disclose the company's strategy of rewarding partners by giving them preferential data while denying the same to competitors.

The lawsuit that resulted in this major leak, was filed by Six4Three, a now inoperative startup which created the failed app Pikinis. The app allowed users to view pictures posted by people on Facebook and in order to work, the software required access to data on Facebook. The suit accuses Facebook of misusing and abusing data and uneven distribution of it. Other apps including Lulu, Beehive ID, and Rosa Bandet couldn't do business anymore after losing access to data.

The documents also revealed similar operations, for instance, the social network company gave extended access to user data to Amazon, as it partnered with Facebook and spent on Facebook advertising while denied data to MessageMe, a messaging app when it grew large enough to be a competition to Facebook.

Commenting on the documents, Facebook’s vice president and deputy general counsel, Paul Grewal, told NBC News, “As we’ve said many times, Six4Three — creators of the Bikinis app — cherry-picked these documents from years ago as part of a lawsuit to force Facebook to share information on friends of the app’s users.” However, no evidence has been provided by the company to support the "cherry-picked" claim.

In March, this year Zuckerberg said, that Facebook would focus more on its user's privacy as the social network's future. But for Facebook, privacy seems like a PR stunt and data more of a currency.

Binance to assist Ukraine in regulating the crypto currency industry


The largest cryptocurrency exchange Binance intends to help Ukraine in developing methods for regulation the cryptocurrency industry. This means that the company's specialists see great potential for the development of the crypto industry in Ukraine.

The company said that they signed a Memorandum of understanding with the Ministry of Digital Transformation of Ukraine. The Ukrainian government said that such cooperation will significantly improve the legal status of cryptocurrencies in the country. It is expected that the platform will begin work in the country before the end of the year.

As part of the partnership, Binance, together with the Ministry of Digital Transformation of Ukraine, intend to create a working group that will discuss further plans for the regulation of the crypto industry and the formation of the digital market in Ukraine.

Moreover, Binance will develop effective mechanisms designed to transfer rights to various virtual assets through a distributed network, as well as create favourable conditions for investment and business activities.

Changpeng Zhao is confident that the legal status of cryptocurrencies will improve the Ukrainian economy, as well as create the basis for additional investments.

The Minister of Digital Transformation of Ukraine, Mikhail Fedorov, is confident that cooperation with the largest cryptocurrency exchange will open the opportunity for transparent work with companies in this industry and create a comfortable environment for them.

He also believes that the entry of Binance into Ukraine will be a strong driver for the crypto-system and the legalisation of cryptocurrencies.

"This is an additional hundred of millions of taxes that our state will receive. For fans of cryptocurrency and those who work in this direction, this is a very big signal that Ukraine has appeared on the world map of cryptocurrencies," said the head of the Ministry of Digital.

“We are pleased that Binance has become interested in neighbouring countries. We hope that they will reach Russia as well,” commented Denis Onatsik, director of Deecrypto Store & Club.

However, in Russia, the regulation of the cryptocurrency market is regularly postponed due to disagreements among the members of the working group and the tough position of the Central Bank, which is categorically against the legalization of cryptocurrencies on open platforms.

An interesting fact is that in the spring of 2019, Binance suffered from a hacker attack, they stole $41 million in bitcoins.

Amazon, Sony, Xiaomi, Samsung Devices Hacked at Pwn2Own Hacking Contest at Tokyo


In a hacking contest held at Tokyo, a duo of white-hat hackers known as Fluoroacetate breached pass devices of some of the most popular tech companies namely Amazon, Samsung, Sony, Xiaomi and others. On the first day itself, the team won prize money of $145,000 (around 1.02 crore) and 15 Master of Pwn points which secured them a dominant lead ahead of others in the competition. The contestants receive a bounty for each successful breach and points that add on to the total ranking. However, the overall winner obtains the grand title 'Master of Pwn'.

The leading team, Fluoroacetate which comprises Hacker Amat Cama and Richard Zhu, amassed a lot of success early on as they managed to bypass five devices. Making history, the duo cracked down Sony X800G, first-ever Television exploited in the contesting history of Pwn2Own. Moving onto their next targets, Amazon Echo Show and Samsung Q60 television, the hackers employed an integer overflow in JavaScript to compromise both the devices. While hacking Xiaomi Mi 9, the duo used a JavaScript exploit to extract a picture from the smartphone. Next up on their list was Samsung Galaxy S10, which the remarkable duo slashed down by pushing a file on the phone via a stock overflow. The last contributor for the team's winning streak was Netgear Nighthawk Smart Wi-Fi Router R6700 (LAN interface).

Points and bounty distribution 

Team Fluoroacetate piled up a total bounty of $145,000 and 15 Master of Pwn points at the end of the first day at Pwn2Own, in the following order.

Sony X800G smart TV: $15,000 and 2 Master of Pwn points.
Amazon Echo Show 5: $60,000 and 6 Master of Pwn points.
Samsung Q60 smart TV: $15,000 and 2 Master of Pwn points.
Xiaomi Mi9 smartphone: $20,000 and 2 Master of Pwn points.
Samsung Galaxy S10: $30,000 and 3 Master of Pwn points.

Pwn2Own is the top computer hacking contest that was first conducted in 2007 with the purpose of demonstrating the security flaws present in widely used software and devices. The hackers gather at the contest to demonstrate vulnerabilities for a pre-set list of software and devices, to earn points on successful discoveries the hackers must ensure that all the exploits put forth at the contest are new. After the contest, the event organizers take charge of all the bugs and vulnerabilities discovered throughout the competition and subsequently hand them over to the respective companies.

After the final day of the tournament, Fluoroacetate, accumulating total prize money of $195,000, 18.5 Master of Pwn points along with a shining trophy and other goodies, has emerged victorious and as the rightful owner of the title 'Master of Pwn'. Notably, the team's most striking accomplishment has to be the bypassing of Samsung Galaxy S10 that won the duo a whopping sum of $50,000 and 5 valuable Master of Pwn points.

Cyber Criminals Stealing Customer Data By Tricking Bank Employees


Kaspersky Lab experts described a recently discovered method of corporate phishing. Attackers send an employee or organization email inviting them to pass an assessment of knowledge and skills on the fake HR portal. To do this, the victim is asked to log in to the site using a working username and password. The potential victim has the impression that it is a mandatory procedure, for the successful passage of which he will receive a monetary reward.

According to the senior content analyst of Kaspersky Lab Tatyana Shcherbakova, in this way, fraudsters get access to corporate mail, which may contain personal data of customers.

Employees of large banks are regularly trained, tested and certified, so they can take a fake invitation for a real one. For this reason, the new phishing method threatens to take on a massive scale.

According to analyst Anton Bykov, at the moment several thousand corporate accounts could already be hacked.

Sergey Terekhov, director of the Technoserv information security competence center, noted that in this case, the employees of the credit departments of banks, in whose mailbox client profiles are stored, are in the risk zone.

At the same time, Denis Kamzeev, head of the information security department of Raiffeisenbank, stressed that all emails in the financial institution are checked through anti-spam and anti-virus and blocked in case of suspicion.

VTB, in turn, said that they delimit access to customer information for employees and keep records of employees who have access to confidential information.

Arseniy Shcheltsin, CEO of Digital Platforms, noted that this type of social engineering is tied directly to a person, not to technology. "Therefore, regardless of security systems, a person can always give a login and password from the mail to attackers."

Researchers Found a Way to Take over Google Home, Amazon’s Alexa or Apple’s Siri Devices through Laser Pointers


Researchers in Japan and at the University of Michigan recently said that they had figured out how to take control over Google Home, Amazon's Alexa or Apple's Siri devices from several feet away by shining laser pointers, and even flashlights, at the devices' mouthpieces.

What brought this one was the ascent of the voice-controlled digital assistants, introduced a couple of years back and the security experts have expressed their worries that systems like Apple's Siri and Amazon's Alexa were a privacy danger and could be effectively and easily hacked.

Kevin Fu, an associate professor of electrical engineering and computer science at the University of Michigan with respect to the usage of laser pointers said that “This opens up an entirely new class of vulnerabilities, it’s difficult to know how many products are affected because this is so basic.”

The computer science and electrical engineering researchers — Takeshi Sugawara at the College of Electro-Interchanges in Japan and Mr. Fu, Daniel Genkin, Sara Rampazzi, and Benjamin Cyr at the College of Michigan — all of them released their findings regarding the same issue in a paper on the 4th of November.

The researchers said they had informed Tesla, Portage, Amazon, Apple, and Google to the light vulnerability and the companies all responded saying that they were 'studying' the conclusions in the paper that was released.

Despite the fact that there is no clear indication that the light vulnerability defined on the 4th has been utilized by hackers, however, with a torrent of internet-connected devices rising in the market, the researchers said the revelation was a reminder to the consumers to be on the lookout in areas concerning security in the coming future.

Cyber-War Exercise held between US and Taiwan


In a cyber-war event that has been going for a week now, the Taiwanese executives are getting hit by phony emails and messages as a part of it. The event is said to be one of its kind. As a part of the cyber-war training between Taiwan and America, the local authority (of Taiwan) is co-directing the cyber drill with the American Institute in Taiwan (AIT), which also represents the US interests in Taiwan. "The foremost is attention is on threats professed by 'North Korea and other countries' that are responsible for the attack," says AIT in a statement.


On the contrary, Taiwan says that a vast number of cyber-attacks that it suffers come from China. "It is like fighting combat when we are dealing with attacks like these," said a Taiwanese official earlier this month. The cyber-war drills are to take place on Friday, which will try to break into the administration servers and websites by duping the workers in receiving misleading messages. "Taiwan considers China as the main offender for these cyberattacks threats on the island," said Veerle Nouwens, Royal United Services Institute for Defence and Security Studies, UK.

"Taiwanese administration's systems suffer around 30 million cyberattacks every month, and China is responsible for half of it," says the administrator general of Cyber Security Agency, Taiwan. He further adds, "But, no matter where the origin of the attacks happen, building a robust cyber-security system is the first priority for every government and private-sector corporations."

Risks involved- 
The cyber-war exercises were formally started by Raymond Greene, Director, AIT, at a Microsoft event. "It is a start of new opportunities between the two nations in the cybersecurity field," says Raymond regarding the tests. "The concern today is not any physical violence in any country but rather an invasion of cyber-security by corrupt criminals that is capable of stirring the society from the inside." "But in the end, these attacks are a concern for us all in numerous ways." This is a matter of serious concern as the cyberattacks are trying to influence the elections, economy, and infrastructure of the victim country.

The data of Alfa-Bank's clients is sold on the black market


The data of Alfa-Bank credit card holders, as well as Alfa Insurance customers came up for sale in the Darknet. The bank confirmed the leak saying that it affects a few customers and does not pose a threat to the money in the accounts.

Seller who published the ad on a hacker forum said that he has up-to-date data on about 3,500 Alfa-Bank customers and about 3,000 Alfa Insurance customers. The ad was published on October 31, the seller registered there on the same day.

To verify the data, the seller suggested to look at 23 contracts. They contained the full name, mobile phone number, passport data, registration address, the amount of credit limit or issued insurance, the subject of insurance, as well as the date of conclusion of the contract. According to the seller, all contracts of Alfa-Bank are issued in October.

When the investigator tried to transfer money by phone number, in 11 of the 13 credit card contracts, the names and first letters of the surnames matched. Also he phoned up nine customers, most of them confirmed that they had recently issued a credit card at Alfa Bank. Fraudsters have already managed to make a call to one of the clients, after which he blocked the card.

Alfa-Bank confirmed the leak. "At the moment, it is reliably known about the illegal distribution of personal data of 15 clients. The occurrence of this situation is not the result of a violation of the protection of the corporate information system of the Bank, " - said the representative of the Bank.

According to him, the leak does not pose a threat to customer accounts, as it does not have data to access them.

Indeed, the contracts do not contain card numbers and CVV-codes, so fraudsters will not be able to get direct access to the money. However, they can use the information to call a customer under the guise of a Bank and find out the necessary information to steal money.
Alfa Insurance has introduced additional security measures and is investigating the publication of customer data.

Recall, in early October Sberbank confirmed of credit card accounts, which affects at least 200 customers of the Bank. It was announced that 60 million credit cards were in the public domain.

Mumbai Techie Loses Rs 3 Lakh, Card Info Used 56 Times Abroad



A few days before Diwali, a Mumbai based engineer on a maternity leave to look after her new-born woke up to a shocking discovery from her bank as she was informed that she has fallen prey to a debit card fraud. While she was asleep, her debit card was used online to carry out 56 transactions, resulting in a loss of Rs 3.3 lakh, reported Times of India.

Around 2:30 am an automated phone call from the bank in which she has a savings account, alerted her about transactions carried out on her debit card and told her to reach out to customer care if the transactions had not been made by her. Upon receiving her response, customer care got her card blocked immediately and she also lodged a complaint with the Kanjumarg police, however, there are no remarkable leads on the case yet.

The unfortunate incident happened just a few days before Diwali and ruined the Diwali plans for the Mumbai techie's family. Notably, the transactions were made internationally and the owner did not receive any text or call requesting a one-time password (OTP). According to the statements given by the victim and her husband, they had never used the particular debit card internationally before. They had used it lately on domestic websites while shopping for baby products.

What experts have to say about the fraud? 


While commenting on the matter, cybersecurity expert, Vicky Shah said, "There could be various reasons how this happened. One of the possibilities is that the card could have been cloned. When a card is used internationally, an OTP is not required. Another possibility is that the card details were compromised. There were recent reports about details of 1.3 million cards being leaked. It’s a matter under police investigation." He also pointed out the RBI norms, which bound the bank to reverse the lost amount back into the victim's bank account within a time frame of 10 days as the transaction was carried out internationally.

Meanwhile, the victim's husband tweeted, "Bank representatives should have noticed that something was wrong when dozens of transactions were made so early in the morning. They should have called us before approving the transactions."

China supported website attacks Hong Kong activists : leaking their personal details online!


HK Leaks, a notorious website is targeting Hong Kong pro-democracy supporters, leaking their personal details online and there seems to be no way of catching the site and stopping it.

The website is using a Russian based server and is also supported by China's ruling Communist Party. From Journalists to lawmakers, around 200 individuals, those supporting the protests in Hong Kong have been "doxxed"- had their personal details broadcasted online by the site.

Since June anti-government protests have rocked Hong Kong against proposals to allow extradition to mainland China and clashes between the activists and police have become increasingly violent, with police firing live bullets and protesters attacking officers and throwing petrol bombs. With this new development, of doing activists; the situation shows no sign of dying down.

Privacy Commissioner Stephen Wong said he had ordered HK Leaks to take down all posts but the site remains online. On the home page of the website, a picture of black-clad protester is shown and a banner in Chinese saying, "We want to know who these people are and why they are messing up Hong Kong!". Phone numbers, addresses and personal details of hundreds of people are posted with their "misdeeds". And it is illegal in Hong Kong to disclose certain personal details, including phone numbers, without consent.

HK Leaks has a very sophisticated operation, designed to evade prosecution. It is registered anonymously on a Russian server, DDOS-Guard and has changed domain three times since August.

"The IP address that is shown for the website is not that of the website itself but of the DDOS-Guard company," cybersecurity expert Brian Honan said. The site has a bulletproof anonymous hosting, and whoever is running the website is very good at what they do. It ran as hkleaks.org in early August then migrating to hkleaks.ru, which discontinued in late October and since then three more similar domains have been used by the site.

"This site seems to be really well set up to reveal as little as possible and it doesn't use lots of external services, like buttons, statistics trackers, various scripts that would leak information," said Maarten Schenk, co-founder of the fact-check site Lead Stories.

To extract any details from the domain registrar, a court order would be necessary and the site is heavily supported by the big guns of China with heavy traffic, which is 175,000 unique page views. Chinese Communist Youth League, a group linked to China's Communist Party, has promoted the site's content on its official Weibo accounts. The state-run broadcaster, CCTV and Global Times newspaper, also posted similar messages on their social media accounts.

Some victims also accused the Chinese authorities of involvement behind the leaks, said that the fake address they gave the police during an interrogation showed up on the website HK Leaks.

Russia accused of making harassing phone calls to families of NATO soldiers


NATO soldiers stationed in the Baltic States regularly complain that they and their families are victims of unknown Internet trolls and receive frightening anonymous calls. The last such incident occurred with Danish soldiers in late October. The command is confident that Russia is behind the attacks. NATO is preparing to allocate additional millions of euros for the information war.

NATO International Battalion based in Estonia is led by the UK. The soldiers say that since 2017 when they were transferred to the Baltic States they received unpleasant messages from unknown persons via Facebook and Twitter, as well as on personal phone numbers.

The command of NATO believes that it is the Russian bots that troll the soldiers. At the same time, the leadership of the Alliance fears that Russian agents are armed with special devices with portable antennas that allow hacking mobile phones of military personnel to access the information contained in them.

American officers believe that while they were in Estonia, someone was tracking their geo-location on their smartphones. In turn, pilots from the Netherlands complained that during their work in the Baltic States, their wives and girlfriends received anonymous calls with provocative questions, for example, "Do you know what your husband is doing here?" or "Maybe he should leave?". Americans tend to blame the Russian special services for such intrigues. The Dutch also have no doubt that it was the Russians.

In Holland, the harassment case is being considered with "great seriousness," says Colonel Jens Hvid Lenborg.

"The case is serious, as it concerns families, and, in addition, because the callers generally know whose families they are," the military said.
Danish Minister of Defense Trine Brahmsen called it "a cynical violation of all agreements to protect civilians, women and children."

According to Russia expert Flemming Splidsboel Hansen, collecting information about soldiers and their families is part of modern war, for which any defense should be prepared.
Recall that since 2014, NATO stated that it considers Russia its strategic enemy. After that, the North Atlantic Alliance announced an increase in its military presence near the Western borders of Russia.