A stitch in time saves nine.
But that is not always true for a click.
Especially if you are using a Macbook or Apple iphone.
Just clicking on a website, malicious or otherwise, unknowingly loading malicious ads using Safari browser could have let remote attackers secretly access your device's camera, microphone or location and in some cases saved passwords as well.
Apple recently paid a $75,000 bounty reward to an ethical hacker, Ryan Pickren, who practically demonstrated the hack and helped the company patch a total of seven new vulnerabilities before any real attacker could take advantage of them.
The fixes were issued in a series of updates to Safari spanning versions 13.0.5 (released January 28, 2020) and Safari 13.1 (published March 24, 2020).
Three of the patched Safari flaws would allow faulty websites to impersonate any legitimate site and access camera or microphone by abusing the permissions that were otherwise exclusively granted by the visitor to the trusted domain only.
Safari browser grants access to certain permissions such as camera, microphone, location, and more on a per-website basis. That paves the way for websites like Skype to access the camera without requiring the user's permission every time the app is launched.
However, while third-party apps must require the user's clear consent to access the camera, Safari can access the camera or the photo gallery even without the same.
Particularly improper access is possible by leveraging an exploit chain that stringed together multiple flaws in the way the browser parsed URL schemes and handled the security settings on a per-website basis.
While using Safari the browser should be up-to-date and websites given access to only the essential settings.
ISOAH is the organization which makes your web infrastructure secure with anti hacking audits.
Read on for more cyber security stories: https://www.isoeh.com/exclusive-blog-details-apples-s-hacking-blackmailer-sentenced-in-London.html
Australia is under serious threat.
The life challenging virus Corona has forced the nation to go under a lock down for long thus jeopardizing its economy and society.
If that’s wasn’t enough, here's more.
Mandrake Spyware is targeting Australian Android users.
A cyber security research team has discovered the "Mandrake" spying operation targeting Australian mobile banking users.
The spyware is equipped to corrupt Google Chrome, Gmail, ANZ Australia, Bank of Melbourne Mobile Banking, Commonwealth Bank of Australia, Bank of SA, Australian Super, and PayPal apps.
Mandrake was first discovered in early 2020but is supposedly active from 4 years ago.
The threat actors behind the spyware encouraged mobile banking in the country before launching the attacks which were manually orchestrated, affecting arguably 500 or more users.
It has been constantly updated with new features, bug patches, and improved functionalities during the last 4 years.
The modus operandi of the campaign is as follows.
The spyware first does a complete scan of the device and captures personal information about the targeted victim.
After this, the attackers gain access to the users' preferences, device usage, inactivity times, and are equipped to record their screens.
Using the spyware the attackers can steal credentials, exfiltrate information, transfer money, modify phone volume, block calls, messages and also blackmail.
The cyber researchers have even suspected a parallel program by the bad actors to sell the victims' information or access to others.
The first Mandrake spyware attack happened in 2016-2017 in the UK, US, Germany and Netherlands. The current attacks are more centralized in Australia than anywhere else owing to its high usage of mobile banking and a high GDP per capita.
ISOEH is the organization which educates cyber enthusiasts with the latest techniques of ethical hacking.
Read more stories on cyber security: https://www.isoeh.com/exclusive-blog-details-Hackers-Are-Taking-Corona-Camouflage-to-Hit-Targets-across-the-World.html
The Zoom app, the popular video conferencing digital application, has suddenly become quintessential for the netizens, thanks to the Corona pandemic and the house arrest around the globe that followed.
However it has its own fallouts that jeopardized its user’s virtual security and privacy.
As per the findings of cyber security expert @_g0dmode, the Zoom video conferencing software for Windows is exposed to a classic 'UNC path injection' vulnerability that could allow remote attackers to steal victims' Windows login credentials and even execute arbitrary commands on their systems.
And that is because Zoom for Windows supports remote UNC paths that convert potentially insecure URIs into hyperlinks when received via chat messages to a recipient in a personal or group chat.
The modus operandi of the attack is as follows.
It involves the SMB Relay technique that exploits the fact that Windows automatically exposes a user's login username and NTLM password hashes to a remote SMB server when attempting to connect and download a file hosted on it.
To steal Windows login credentials of a targeted user, all an attacker needs to do is send a crafted URL (i.e., \\x.x.x.x\abc_file) to a victim via a chat interface.
Once clicked, the attack would eventually allow the attacker-controlled SMB share to automatically capture authentication data from Windows, without the knowledge of the targeted user.
The flaw can also launch any program already present on a targeted computer or execute arbitrary commands to compromise it remotely.
And that is because of the fact that browsers running on Windows operating systems automatically save downloaded files in a default folder, which can be abused to first trick a user into downloading the batch script and then triggering it using the zoom bug.
In the absence of an immediate patch to the security flaw users are advised to either use an alternative video conferencing software like Skype etc or Zoom in their web browsers instead of installing a dedicated client app on their systems. Windows users can also change the security policy settings to limit the operating system from automatically passing their NTLM credentials to a remote SMB server besides using a strong password.
ISOEH is the organization that teaches the latest ethical hacking techniques.
Read on for more cyber security news on the Corona crisis.
A renowned name in the international hotel industry the Marriott has fallen prey to a data breach for the second time in quick succession during the last two years.
The latest has left the big name in the hospitality industry cheated on 5.2 million of its guests, compromising an array of their personal information, including names, addresses, email addresses, phone numbers, loyalty account numbers and points balances, gender, partial birth dates, employer details, affiliated loyalty programs and stay preferences.
As per the hotel administration, the latest incident of data theft started at a franchise outlet of the brand which operated under the same name. There the login identities of two employees were used to gain access to the client's database. After the data breach was discovered the exploited login credentials were disabled and investigation started.
This time the fraudulent activity continued from the middle of January 2020 till the end of February. Hence it gave a long time to the cyber criminals to make good of the stolen data. Only recently the hotel group discovered the theft and informed the customers about it.
The group is offering a free personal monitoring service for a year, although not for all countries. It has disabled the current passwords to its benefit programs and its users will have to enable two-factor authentication once they change their passwords.
Marriot also shared the official email address ([email protected]‑marriott.com) that will be used for contacting guests about the situation.
ISOAH is the organization that keeps your system safe with its effective anti hacking audits.
Read on for more stories on cyber security in retail and hotel chains: https://www.isoeh.com/exclusive-blog-details-wawa-stores-fall-prey-to-payment-card-hacking.html!
E-commerce is endangered again.
At least 19 popular electronic merchandising websites have been corrupted with a new version of the digital skimmer called ‘Make Frame' by a current Magecart skimmer campaign intended at stealing payment card information of the customers.
Cyber security researchers have found out that this new data hacking effort inflicted HTML iframes into web pages for phishing crucial payment information of the buyers.
MakeFrame attacks are being executed by Magecart Group 7 due to its typical modus operandi of using compromised sites to host the skimming code, load the skimmer on other compromised websites and siphon off the stolen data.
This so far is the last in the series of hacking attacks by Magecart, an umbrella term for eight different hacking groups, all of which are intended at stealing credit card numbers.
The hackers at Magecart have successfully targeted many popular online business portals like NutriBullet, Olympics ticket reselling websites, Macy's, Ticketmaster, British Airways, consumer electronics giant Newegg, and many other e-commerce platforms.
The new MakeFrame Skimmer code, a blob of the hex-encoded array of strings and obfuscated code, is included between benign codes to escape detection, RiskIQ researchers said.
Once the skimmer is added on the victim site, MakeFrame also has provisions to emulate the payment method, use I-frames to create a payment form, detect the data entered into the fake payment form upon pressing of the "submit" button, and exfiltrate the card information in the form '.php' files to another compromised domain (piscinas ecologicas dot com).
In the wake of the corona crisis when housebound people are forced to purchase online such attacks on e-commerce websites have been on the rise. Hence the portals are requested to keep their software up-to-date, enable multi-factor authentication, segregate critical network infrastructure, and watch out for phishing attacks.
ISOEH is the organization that teaches the latest techniques of ethical hacking called Reverse Engineering.
Read more on cyber hacking in retail chains: https://www.isoeh.com/exclusive-blog-details-wawa-stores-fall-prey-to-payment-card-hacking.html
Recent analytical findings from Dr.Web have revealed hackers actively targeting users with a malicious Chrome update which runs s backdoor on the target device which then allows the later malware attacks.
When a visitor clicks the inflicted pages, it redirects the user to the phishing website. This site cajoles the visitor to download a fake Chrome browser update.
Since the phishing page looks legitimate users click on the download button and unknowingly access the backdoor.
Operating the installer creates a folder in the %userappdata% directory containing files for the TeamViewer app. It then extracts two password-protected SFX archives, one of which is a malicious msi.dll library which aids in establishing the unauthorized connection to the target device. The second archive includes a script to bypass Microsoft AV detection.
This is the modus operandi in short.
Once the presence is consolidated hackers may then use the backdoor to deliver payloads such as keyloggers, infostealers or trojans for remote connection.
Presently, these attacks are based on location and browser. They are particularly targeting users of the Chrome browser in the USA, UK, Canada, Australia, Israel, and Turkey.
By now the hackers have corrupted different WordPress CMS-based websites to spread malware.
ISOEH is the organization that educates the cyber interested in ethical hacking.
Read more stories on cyber security: https://www.isoeh.com/exclusive-blog-details-Attention-Tik-Tokers-Your-videos-are-viral-in-more-ways-than-expected.html
Are you working from home?
The most common answer is yes.
As you don't really have an option.
But sadly the hackers have.
With an alarmingly high global population staying put at homes and using virtual communication platforms like 'zoom' to communicate online, the bad actors of the world are making the most of the moment by coming up with phoney platforms to cajole the innocent and the unsuspecting.
As per international news thousands of malicious 'zoom' platforms are being targeted at the working population of the world in order to fool them into clicking corrupted sites and emailed links and get caught in data stealing traps affecting their devices with malware.
According to a report published by Check Point over 1,700 new "Zoom" domains have been registered with the beginning of the global Coronavirus attack with 25 percent of the domains registered in the past seven days alone.
"We see a sharp rise in the number of 'Zoom' domains being registered, especially in the last week," said Omer Dembinsky, Manager of Cyber Research at Check Point.
Used actively by over 74,000 customers and 13 million monthly users, Zoom is one of the most popular cloud-based enterprise communication platforms that have virtual communication options like chat, video and audio conferencing, options to host webinars and virtual meetings online.
With the world practically forced to shut up behind closed doors due to the fear of Corona, students, business people and even government employees have taken to the Zoom platform to work from home, thus accentuating its reach and usability.
Hence the skyrocketing malware attacks, phishing campaigns, scam sites and malicious tracker apps unleashed by hackers on the internet.
There are other malicious files with the name "zoom-us-zoom_##########.exe," which when executed install potentially unwanted programs (PUPs) such as Install Core, a dodgy bundle ware application that installs other kinds of malware further.
There are other different types of online communication sites also catering to virtual classroom coaching like 'Google Classroom' which have been corrupted by hackers off late with similar intention.
Apart from the present Corona crisis Zoom has been subjected to a host of security issues in the past as well.
Hence it is advised to keep the application updated and abstain from indulging in unknown links.
ISOAH is the organization which keeps your system vulnerability free and safe from cyber corruption.
Read more on Corona and cyber safety: www.isoeh.com/exclusive-blog-details-Hackers-Are-Taking-Corona-Camouflage-to-Hit-Targets-across-the-World.html
A season of gloom for us.
But a time for sinister celebration for them.
Yes, we were talking about the bad actors of the world who are out in the wild to capitalize the corona crisis.
If all the malware attacks, phishing campaigns, scam sites and malicious tracker apps were not enough Android Apps in Google Play Store have started adding fuel to the fire in their own way.
Third party Android App developers are using Corona virus related keywords in their app names, descriptions, or in the package names in order to delete malware, perpetrate financial theft and rank higher in Google Store searches related to the topic.
"Most malicious apps found are bundle threats that range from ransomware to SMS-sending malware, and even spyware designed to clean out the contents of victims' devices for personal or financial data," Bit defender researchers said.
With a considerable increase in internet traffic related to information on corona remedies, malware authors have sneaked in adware, banking Trojans and information stealers in the garb of live tracker apps and those that help users identify common symptoms of the illness.
"As of January 1, 2020, we found 579 applications that contain corona virus-related keywords in their manifest (package name, activities, receivers, etc.)," the researchers observed.
"This means that a major component of the application was named in a way – or the application contains strings – that relates it to the recent outbreak. Out of the total, 560 are clean, 9 are Trojans, and 10 are Risk ware."
Apps such as Bubble Shooter Merge and Galaxy Shooter - Falcon Squad have even changed their name and description to accommodate typical virus related keywords irrelevantly to syphon search ranks towards themselves.
All this despite Google's stringent policies on abstaining from digital gimmicks to take advantage of emergency situations and Google Play search results omitting malicious apps when searching for keywords like "corona" or "coronavirus."
To avoid such scams users must always install apps only from legitimate stores and use data from official sources besides being beware of phishing emails.
ISOAH is the organization that guards you against cyber crimes and digital malpractices.
Read more for corona and cyber security.
Promises are meant to be broken.
At least in the volatile world of cyber crimes.
Trust the master minds of Maze Ransomware onslaughts, the blackmailing bad actors who are in action again.
Only this time it is double the usual threat.
Hammersmith Medicines Research, the British medical organization that had earlier researched the Ebola vaccine and is now on standby to perform the medical trials on any COVID-19 vaccine has been hit by the cyber crime group in terms of stealing medical reports of those affected by the virus and publishing them online to extort ransom.
A pledge by the culprits to not target medical entities in these times of crucial epidemic outrage notwithstanding, the attack came days before the pledge and has continued since.
The stolen medical data ranges between people from 8 to 20 years and has been published on the dark web.
Interestingly Hammersmith has been described as the latest' client 'by the Maze group.
The silver lining on the 'dark sky' however has been the words of Malcolm Boyce, clinical director of Hammersmith Medicines Research "We repelled [the attack] and quickly restored all our functions," he said, "there was no downtime."
He further stated that Hammersmith has not succumbed to the un ethical action of the actors and stayed away from paying the ransom even if that meant running out of business for the same.
On the other hand cyber crime resisting firms like Emsisoft is offering free technical help to combat cyber threats to medical organizations in order to save the situation from worsening.
ISOAH has been the anti hacking audits organization which is expert in eradicating all cyber threats from your system.
Read on for more stories on hacking and coronavirus.
Beware of Covid-19.
No, we are not speaking about the widespread epidemic but its digital counterpart engineered by bad actors in the wild (read the Dark Web).
The global black hat community is out to reap the most of the present worldwide vulnerability by cajoling people into getting infected with malware in the garb of Corona consciousness.
A host of digital devices including phishing mails and fake web site links named Corona are being spread across the web clicking on which may lead to irreparable infection of your system with affected vulnerability viruses.
According to Checkpoint, hackers are using "COVID-19" code to sell malware and exploitation tools on the dark web including fraudulent IT products like MAC BOOK on an online on Dark Web.
6,000 Corona related domains were registered last week. Out of all the domains registered in the last three weeks, only 93 (0.8%) were malicious. More than 2,200 sites (19%) were found to be suspicious.
Another security firm Zscalar observed that scammers are coming up with more sites with fake home testing kits and apps claiming to protect you from COVID-19.
They are also using 'corona' or 'covid' as a part of the URL to carry out phishing attacks. These attackers are asking people to enter their email credentials and redirect them to a CDC article.
ISOAH works even at critical junctures to keep the cyber world safe and sound.
Read on for more cyber security and CoronaVirus stories.
When spring comes can winter be far behind?
Corona Virus spares no one.
Not even the virtual world.
Hence it's no wonder the global dais of information security will be skeptical like its real world counterparts and seek cover.
Particularly when bad actors are leaving no stone unturned to make the most of the virus infection.
But how exactly do you get it?
Researchers have zeroed down upon immediate remedies of corona affected cyber security issues of working from home on personal computers.
The two major trends in that regard are attacks that aim to steal remote user credentials and weaponized email attacks.
When a cross section of corporates work from home hackers have a field day out to steal data by remote attacks.
Here an attacker could easily hide a malicious login without being discovered by the concerned organization's cyber security team.
The researchers have further discovered a respective spike both in detected anomalous logins to its customers' environments and in customers accessing CyOps (Cynet MDR) to investigate suspicious logins to critical resources.
The other challenging aspect of corona affected cyber security is weaponized email attacks. Here 21% of phishing emails to unprotected home office showed simplistic attacks with a link to download a malicious executable contained in the email body, the vast majority having more advanced capabilities such as malicious Macros and exploits or redirection to malicious websites – a challenge that out powers the capabilities of most AV and email protection solutions.
With a cross section of employees quarantined or at work from home, constructive professional help to combat bad actors in the wild is even more impossible.
In the present scheme of things CISOs should evaluate their cyber security effectiveness before taking action.
Cynet, the US based giant IT consultant, will allow a 6 month complementary deployment of its product Cynet 360, on personal computers used by employees working from home.
It will also massively add staff to CyOps, its MDR services team, to cover for companies with reduced security staff because of the Coronavirus.
ISOAH is the go to organization in all kinds of IT crisis to ensure a safe and secure internet environment.
Read more for cyber security.
Delhi fights, Maharashtra pays.
Riots in Delhi concerning the citizenship feud refuse to spread its aftermath here and there in the country.
On Friday an Islamic hackers group called Legion hacked the website of Maharashtra CID as payback procedure to the Delhi massacre which caused the death of many Muslims.
The website that was hacked carried a picture of a horseman with a flag in hand and read, "In India, families of Muslims killed by Hindu mobs. Hundreds of Muslims lost their relatives and the Modi government is to blame for a rise in anti-Muslim rhetoric in India. The riots which erupted on the day US President Trump arrived in India for a visit, lasted three days, killing more than 45 people, mostly Muslim, and injuring at least 150 others."
The picture was captioned as the "The government of Imam Mahdi."
Imam Mahdi, who is also known as Al Mahdi, is according to Islamic belief, an emissary of the Allah who would appear on the final Day of Judgment to bring justice to the unruly world. The religious figure, though extremely important with the Shias is not exactly that popular with the Sunni sect of Islam.
The hackers further warned the Indian government to stop 'stop hurting Muslims'.
ISOAH is the organization that is extremely efficient in monitoring bugs and data security deficiencies against hackers.
Read more on hacking attacks.
Facebook has been hit yet again in the wild.
A new simple yet extremely risky strain of Android malware has been discovered which steals users' authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the corrupted devices.
It has been named as "Cookiethief" by Kaspersky researchers.
This Trojan operates by acquiring super user root rights on the target device and subsequently transfers stolen cookies to a remote command-and-control (C2) server operated by attackers.
"This abuse technique is possible not because of a vulnerability in the Facebook app or browser itself," Kaspersky researchers said. "Malware could steal cookie files of any website from other apps in the same way and achieve similar results."
Cookies are tiny bits of data that are often used by websites to distinguish one user from another, offer continuity around the web, track browsing sessions over different websites, serve personalized content, and strings related to targeted advertisements.
Cookie thief targets to exploit the way in which cookies on a device allow users to stay logged in to a service without needing to repeatedly sign in to let attackers corrupt and consume an online user's account without requiring knowing the particular password of that account.
"This way, a cybercriminal armed with a cookie can pass himself off as the unsuspecting victim and use the latter's account for personal gain," the researchers said.
Kaspersky theorizes multiple ways in which Trojan could seize the device — including installing such malware in the device firmware before purchase, or by exercising bugs in the operating system to download malicious applications.
On the device getting corrupted, the malware connects to a backdoor, named 'Bood,' placed on the same smartphone to execute "superuser" commands that favor cookie theft.
To be save such attacks it's advisable users block third-party cookies on the phone's browser, clear the cookies regularly and visit websites using private browsing mode.
ISOEH is the organization which teaches effective techniques of preventing digital data theft.
Read for more stories on hacking.
Bugs, bugs and more bugs…
There is no end to catastrophes caused by vulnerability bugs in the virtual world.
This time it is 'Let's Encrypt', the famous free certificate signing authority that has been affected by it.
The signing entity is having to retrace 3 million TLS certificates issues by default because of avirus in its Certificate Authority software.
Let's Encrypt has confirmed the news of the bug and said that it was solved in 2 hours after it was discovered. However it did affect its process of checking the domain name ownership before issuing new TLS certificates. The result being certificates being issued without authenticating the holder's control of a domain name.
The Certification Authority Authorization (CAA) which is an internet security policy, accesses domain name holders to mention to certificate authorities (CAs) whether or not they are authorized to issue digital certificates for a particular domain name.
Let's Encrypt holds domain validation results valid only for 30 days from the time of validation. After that stipulated time it reconfirms the CAA record authorizing that domain before issuing the certificate. The bug discovered in the code for Boulder, the certificate signing software used by Let's Encrypt — is as follows:
"When a certificate request contained N domain names that needed CAA rechecking, Boulder would pick one domain name and check it N times."
As per Let's Encrypt the bug was introduced as part of an update in July 2019.
The announcement signifies Let's Encrypt might have issued unauthorized TLS certificates in numbers which it is recalling now to save the situation.
Incidentally the imbroglio was discovered on the occasion of Let's Encrypt's announcement of distribution of its 1 billionth certificate since 2015, the year of its launch.
The company has said 2.6 percent of approximately 116 million active certificates are corrupted, about 3,048,289, out of which about one million are duplicates of other affected certificates.
Affected website owners are allowed until 8PM UTC (3PM EST) March 4 to manually renew and replace their certificates, failing which visitors to the websites see TLS security warnings — as the certificates are revoked — until the renewal process is complete.
But with Let's Encrypt revoking all impacted certificates, website admins will have to perform a forced renewal to prevent any interruptions.
ISOAH has been the entity instrumental in debugging systems of security vulnerabilities.
Read more to know about system security.
Clearview AI, the much talked about facial recognition company, has intimated its clients about a critical hacking of its customer database which includes some of the most powerful law enforcement agencies in the United States. As per the notification given to the Daily Beast, hacked data bank includes customer names, the user accounts that the customers had set up, and even the number of searches that they ran through the service. The details of the digital data theft is not yet clear with Clearview AI denying any data breach of its own servers including the search histories of any of the law-enforcement agencies using the system and the image database.
ESET Security Specialist Jake Moore says the following on the matter: "Data breaches might be part of life in the 21st century but we need to make sure the severity is kept to a minimum and the data exposed is heavily encrypted. Any data breach is serious and should not be taken lightly. If the data exposed had included faces, it would have taken this to the next level."
"Companies which hold extremely sensitive data such as facial identities need to understand they are a higher profile risk and need even more layers of protection to thwart these inevitable attacks," he added.
Facial recognition is a current hot item of discussion for the underlying privacy concerns and the potential for misuse of the technology. San Franciscowas the first city in the United States to ban its use by law enforcement and local agencies. In the meantime, the European Union mulled a temporary ban on the use of the technology in public places, but eventually withdrew it.
ISOEH is the ideal institute which teaches the technique of data safety.
Read more on hacking.
Cyber security researchers announced new high-severity hardware vulnerability present in the popular Wi-Fi chips manufactured by Broadcom and Cypress which are activating an array of digital devices including smartphones, tablets, laptops, routers, and IoT gadgets.
Called 'Kr00k' and indexed as CVE-2019-15126, the vulnerability allows remote attackers intercept and decrypt some wireless network packets transmitted over-the-air by a vulnerable device.
The hacker need not be connected to the target's wireless network and the vulnerability works against vulnerable devices using WPA2-Personal or WPA2-Enterprise protocols with AES-CCMP encryption to protect their network traffic.
"Our tests confirmed some client devices by Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi), as well as some access points by Asus and Huawei, were vulnerable to Kr00k," ESET researchers said.
As per the researchers, the Kr00k flaw is in a way related to the KRACK attack, a system that makes it smoother for attackers to hack Wi-Fi passwords protected using a widely-used WPA2 network protocol.
ISOAH is the anti hacking institute that conducts audits to ensure data security like no other.
Read more on cyber security.
Google has released a blog post asking mobile app developers to encrypt data that their apps generate on the users' devices, particularly when they use unprotected external storage that's exposed to virtual corruption.
Google also recommended an easy-to-implement security library as part of its Jetpack software suite.
The open-sourced Jetpack Security (aka JetSec) library lets Android app developers easily read and write encrypted files by following best security practices, including storing cryptographic keys and protecting files that may contain crucial data, API keys, OAuth tokens.
Android allows developers two different ways to save app data. The first one is app-specific storage, also known as internal storage, where the files are stored in a sandboxed folder meant for a specific app's use and inaccessible to other apps on the same device.
The other is shared storage, also known as external storage, which resides outside the sandbox protection and is often used to store media and document files.
But more often than not the apps use external storage to store sensitive and private data on users and don't take proper measures to protect it from other apps, thus enabling attackers to syphon photos, videos, files as called "Media File Jacking".
To stop these attacks, Android 10 ships with an aspect called 'Scoped Storage' that sandboxes each app's data in the external storage as well, thereby restricting apps from accessing data saved by other apps on the user's device.
ISOEH is the school that specializes in latest cyber security measures.
Read on for more such online security stories.
Cisco has recently discovered and also solved a major vulnerability in one of their prominent products which could have had dire hacking consequences. The flaw was a static password vulnerability, CVE-2020-3158, in Cisco Smart Software Manager On-Prem product exposing sensitive parts of the system to remote attackers. With the help of the bug any remote attacker could exploit the default account to connect to the system. The adversary could then gain access to sensitive locations.
The vulnerability was discovered by Steven Van Loo of hIQkru.He has been accredited by CISCO for that. The vendors explained it corrupted all Cisco Smart Software Manager On-Prem releases earlier than 7-202001. Yet, the bug could become active only with HA feature enabled. Cisco solved the flaw in Cisco SSM On-Prem 7-202001 and later releases. The vendors have said there wasn't any active exploitation of the flaw.
ISOAH is the ultimate organization for finding security flaws and solving them with their efficient anti-hacking audits.
Read on to know more about cyber viruses: www.isoah.com/health-and-technology-endangered-by-new-Zeppelin-Ransomware.php
Adobe released out-of-band software updates for After Effects and Media Encoder applications to solve two new critical vulnerabilities.
Both of them owe their existence to out-of-bounds write memory corruption issues and can be used to execute arbitrary code on targeted systems by cajoling victims into opening a specially crafted file with the help of the affected software.
The bug (CVE-2020-3765) in Adobe After Effects, an application for creating motion graphics and special effects used in the video, was discovered by security researcher Matt Powell and reported to Adobe via Trend Micro Zero Day Initiative project.
The second issue (CVE-2020-3764) corrupting Adobe Media Encoder, software for encoding and compressing audio or video files, was discovered by Canadian security researcher Francis Provencher.
But none of them have caused much severe harm as been announced by Adobe.
However, Windows and macOS users are advised to download and install the latest versions of the affected software in order to safeguard their systems from possible hacking onslaughts.
ISOEH is the original institute for imparting data security training to aspiring ethical hackers.
Read on to know more in the world of information security: www.isoeh.com/exclusive-blog-details-google-offers-support-to-open-source-cyber-security.html
Microsoft has just announced a public preview of its antivirus software for various Linux distributions, including Ubuntu, RHEL, CentOS and Debian.
Defender ATP anti-malware apps for smartphones and other devices running Google's Android and Apple's iOS mobile operating systems is also on the pipeline.
Linux and MacOS platforms for some years have become happy playgrounds for hackers, making them a new target for viruses, Trojans, Spyware, Adware, Ransomware and other notorious threats.
In spite of Linux being a much smaller attack platform, it has its own share of vulnerabilities and malware threats which needs provocative monitoring to ensure safety.
According to Microsoft, Defender ATP is a unified endpoint platform for preventative protection, post-breach detection, automated investigation, and response. It proactively hunts across users, email, applications, and endpoints to automatically detect, investigate, and stop coordinated multi-point attacks.
ISOEH is the ultimate school of ethical hacking which builds the base for future information security specialists.
Read on for more about antivirus: www.isoah.com/snatch-ransomware-evades-antivirus-by-rebooting-safe-mode.php
The Joint Parliamentary Committee headed by BJP lawyer and MP Meenakshi Lekhi with a total of 28 members examining the government's Personal Data Protection Bill has requested for a public poll on its legislative viabilities.
The bill proposes a Data Protection Authority whose constitution and functions have raised questions.
Justice Srikrishna opined during the winter session of Parliament that the draft bill is "dangerous" and threatens to turn India into an "Orwellian state".
Clause 35 of the bill has gathered special criticism. It allows the government to exempt any government agency from any or all of the bill's provisions.
The bill's exemptions "will have to be tested against the Justice Puttaswamy decision on the right to privacy – and the test it lays down for necessity and proportionality," Sreenidhi Srinivasan, a senior associate at IKIGAI, a technology-focused law firm, believes.
Srinivasan explains further: "There's a separate government committee looking at non-personal data. The goals of a data protection law are very different from the policy goals for regulating non-personal data. These conversations should be kept separate."
A final concern Srinivasan voiced was that the bill stipulates no timeline or deadline for compliance, much unlike the EU's General Data Protection Regulation, which allowed businesses two years to comply with. This can create an unpredictable business environment.
The committee is accepting feedback till February 25 over email. The comments it receives will not be publicized.
A number of data privacy advocates has supported the move.
ISOEH has been the 'go to' institute for learning the latest in ethical hacking and data protection.
Read more about the Data Protection Bill.
Our Mine is the hacking group that has stricken the sports world again.
The target this time is FC Barcelona's twitter account and for yet another time after 2017.
Not only Barcelona's, the group has compromised the Twitter handles of Olympics and the International Olympic Committee (IOC) also.
And that's not enough!!!
The same group is targeting other important sports accounts too that are available on the internet.
As per a twitter spokesperson the hacking occurred through a third party platform. The hacked accounts have been locked by the Twitter admin as soon as the hacking became prominent.
Both IOC and FC Barcelona have acknowledged the account and announced thorough anti hacking audits and investigation of the same.
ISOAH is the organization that conducts anti hacking audits to ensure infrastructural security in your organization's data structure.
Read more to know about digital insecurities of the modern world.
The infamous government owned Iranian hacking groups are at the top of the hacking news again.
This time for aiming at Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs in order to hack into the databases of top corporates around the globe.
A just published report has revealed that the hackers conglomerate backed by the Iranian government has made it its priority to exploit VPN bugs no sooner they became public for data breaching companies backdoor all over the world.
This time the entities on the hit list include big names from "from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors.", as reported by Israeli cyber-security firm ClearSky.
The report also states that the Iranian hackers should not be underestimated against their Russian, Chinese, or North Korean counterparts as "Iranian APT groups have developed good technical offensive capabilities and are able to exploit 1-day vulnerabilities in relatively short periods of time." In certain cases the Iranian groups have exploited VPN flaws as soon as they were discovered and made public.
The reason behind these onslaughts is to corrupt enterprise networks, navigate laterally throughout their internal systems, and plant backdoors to exploit later.
While the first stage (breaching) targeted VPNs, the second phase (lateral movement) is a comprehensive collection of tools and techniques.
In case the hackers didn't find open source tools or local utilities to aid in attacks, they will develop custom malware with the help of tools like STSR Check, POWSSHNET and Custom VBScripts etc.
This time as per news there are multiple groups unified as one to bring the breaching attacks in full force to extend the hacking from the data compromised companies to supply chain attacks against their clients.
ISOAH is the organization that provides ultimate protection against system corruption.
Read more to know about cyber security.
Intruding into the Government of India's Goods and Services Tax (GST) database and its associated infrastructure dependencies installed at GST Network (GSTN) is now publishable in form of upto a 10-year imprisonment, as the assets have been declared as 'protected systems' by the finance ministry, under the IT Act.
Protected systems are part of critical information infrastructure and their mishandling can have a detrimental effect on national security, economy, public health or safety. Since the information stored on the assets has the importance of national security the facilities will get additional safety and security facility.
Under sub-section (1) of Section 70 of the Information Technology Act, 2000, which has been mentioned by the finance ministry, the government can announce any computer resource as a protected system and as per the Act whoever tries to mess with such a system can be jailed up to 10 years, apart from being fined.
Access to the system and its facilities has been allowed to authorized GSTN employees, designated tax officers of the Central Government, State Government, Union Territories, auditing agencies and accounting authorities.
Authorized members or employees of the service providers that manage the GSTN, such as Infosys and Tech Mahindra, or third-party vendors and GSTN authorized business partner shall be allowed access, the notification also added.
ISOAH is the organization which protects national and private entities from being subjected to hackers.
See more to save your organization: www.isoah.com/network-server-data-center-security-audit.php
Read more to know about cyber security.
Microsoft released its bouquet of February's Patch Tuesdays which has solved 99 security vulnerabilities in Windows and other Microsoft software.
Twelve flaws had received the highest severity ranking of "critical", while 5 security holes are listed as publicly known at the time of release with one of the security vulnerabilities featuring at both places which Microsoft had not found any solution to till date.
That apart another 16 RCE holes are being plugged as the security patches for the same month. This includes two severe vulnerabilities in the Windows Remote Desktop Client, CVE-2020-0681 and CVE-2020-0734, where exploitation is seen as likely by Microsoft.
Updates have been released for various flavours of Windows, as well as for Office, Edge, Exchange Server, SQL Server and a few more products.
The highest vulnerability score of 8.8 out of 10 on the CVSS scale, has been assigned to memory corruption vulnerability in Windows Media Foundation.
All updates are available via this Microsoft Update Catalog for all supported versions of Windows.
Check out to be a part of the ethical hacker's brigade: www.isoeh.com/web-application-penetration-testing.html.
Which social media security is more sacrosanct?
Facebook or Twitter?
Trust the hackers to tell you!!!
It is almost like tasting the venom to find out how vicious it is.
That's exactly what happened when a self proclaimed harmless hacking group called Our Mine hacked into several Facebook accounts only to restore it later last week.
Later the hacking group posted on Twitter and Instagram that "even Facebook is hackable".
Reports speak that such an attempt was intended at checking the cyber vulnerabilities of some of the most trusted social media entities in the world of internet.
The hackers did not hack the website of Facebook and as soon as the matter was brought to the notice of the online administrators the damaged accounts were locked as reported on Twitter. Twitter further said that it has been working closely with Facebook to restore the compromised accounts and has been successful in doing so shortly after the hacking occurred.
Our Mine has long been hacking into social accounts of different genres like that of Twitter accounts of the NFL and ESPN, US National Football League etc.
ISOAH audits business entities full proof regularly to stop such unexpected imbroglio.
Check out to know more: www.isoah.com/network-server-data-center-security-audit.php
Read more to know about social media security: www.isoah.com/how-to-ensure-cyber-security-in-social-media.php
Congratulations to cyber security enthusiasts.
At least you are not in the bracket of the jobless in India today.
Cyber Security experts are in highest demand across an array of industrial sectors which are aiming at making their internet infrastructure secure and sacrosanct.
Statistics reveal that right now there are 67,000 job offers in the Indian job market for cyber security graduates as said by Xpheno, the leading specialist staffing firm.
The jobs include application security, threat management, cloud security, information security, network security and compliance security. Of the total number of job openings nearly 19,000 are in Bangalore alone.
The leading recruiters include companies such as Deloitte, KPMG, EY, PwC, Shell, Amazon, Wells Fargo, Paytm, Walmart, CISCO, Accenture, Capgemini, Ericsson, Yokohama, Palladian Networks, Adobe, InfosysNSE among others.
There are many factors that are responsible for this sudden upsurge in professional demand.
The large magnitude of digital and cyber data assets being stored in the cloud and hardware infrastructure, increasing digital back offices and GICs being set up by large MNCs, eGovernance, centralization and digitisation projects at the national level and initiatives like the national GSTN eInvoice, BharatNet, DigiLocker, eSign Framework, state-level BlockChain Districts.
ISOEH is the institute which has been preparing the cyber security enthusiasts with the latest industrial curriculum.
In a digital world, no one is alone.
Yes we all know that.
But what about monitoring the virtual world itself in return from the real world?
Yes, that is also possible with this latest social networking tool as designed by one of the pioneers of the digital universe and proprietor of the popular social network Facebook, Mark Zuckerberg.
Facebook has just introduced its latest device Off-Facebook Activity tracker. With the help of this tracker a Facebook user is able to decide how much and to which extent Facebook could keep a virtual eye of observation on him as far as his web visits, app uses and even manual going around is concerned.
By then it is common knowledge that Facebook follows it users daily life to understand his life style in order to send advertisements which he is exactly the target audience for. Now with this tool users will be able to customize the virtual search according to his own privacy. In other words users can now with the help of this app called 'Off Facebook activity 'keep only that part of the information which he wants to which Facebook has collected about him deleting the rest of the history of the past 180 days.
The new application has come up in the wake of a controversy of several digital applications abusing user's private information indiscriminately.
Here more on data privacy in the digital world.
'Love' is in the air as it is that time of the year again.
But it is not all that rosy for every lovebird!!!
Predate rs are out in the town looking for preys to blackmail you laying the trap of love.
Two of these mal intentioned 'lovers' happen to be owners of well known business entities belonging to the garment and hospitality industry namely 'Prapti', chain of ethnic wear outlets and O2 group of hotels.
Aditya Agarwal and Anish Lohakura of Prapti and O2 fame respectively have been arrested by Kolkata police on the charges of blackmailing innocent women, they once dated, with compromising whatsapp videos and still photographs which were clicked during their courtship. A house cook called Kailash Yadav would be their regular ally and partner-in-crime to make operations easy.
The racket blackmailed a whopping 187 women when their latest 'catch' gathered the guts to go the police after receiving sexually explicit matter on her whatsapp chat box clicked with her ex Aditya Agarwal 6 years ago demanding a ransom of 10 lakhs against keeping them from going viral.
The police probed into the number and after thorough investigation traced the culprits down before arresting the mastermind duo Aditya and Anish.
So all you beautiful ladies out to soak in the spring be careful before falling in love once again.
ISOAH has been the name to reckon with in its efforts to eradicate cyber crimes with its updated anti hacking audits.
Services like VAPT can be availed to keep such nuisance away.
There is always a price that one has to pay against everything in life.
Air travel is no exception to that rule.
Ask any frequent flyer of SpiceJet, who would vouch for that...
The low cost airline has landed itself in a data security disaster that has malevolently exposed a private data base of nearly 1.2 million passengers along with their flight information.
The leaked information was supposedly located in an unencrypted database file when a security researcher was able to access the same by brute forcing the password.
The researcher who apparently violated the security norm has remained anonymous and so has the details of the data breach. Spice Jet has released a boilerplate statement in which it has refused to reveal any further detail other than a few basic information. The report by Tech Crunch which followed the news elaborately in its journal has said the researcher got the access to one of SpiceJet's systems by brute-forcing its "easily-guessable password".
When contacted SpiceJet confirmed the safety and security of its passenger database. However as in this case since the cyber security researcher himself is 'guilty' of mishandling the data bank, it remains to be seen whether it is a case of ethical hacking or deliberate security manipulation.
ISOAH has been the ultimate game changer of cyber security with its sophisticated anti hacking audits.
Services like VAPT can be availed in cases like the above to avoid data violation.
CBI announces internship programs for Indian citizens who are graduates, post graduates or research students in Law, Cyber, Data Analysis, Forensic Science, Criminology, Management, Economics and Commerce.
The Central Bureau of Investigation has initiated an Internship Scheme of CBI with effect from the year 2020. The intention behind the scheme is to employ Indian nationals as interns in the organizational activities of CBI. This scheme of CBI, which is the apex government body of criminal investigation in India, is extended to all graduates, post graduates and researchers of Law, Cyber, Data Analysis, Criminology, Management, Economics, Commerce and Forensic Science including Digital Forensics and associated subjects. The applicants must be associated with the respective academic curriculum of well known universities or institutes.
A total number of 30 internship positions are available at present across the principal metropolises of the country namely Delhi, Mumbai, Chennai, Hyderabad, Bengaluru, Kolkata, Lucknow and Chandigarh.
The interns shall be working for CBI by being a part of it. They will be expected to enrich the in-house investigative analysis with 'empirical collection and collation of in-house data and other information'.The subjects which these interns would be working on includes
Time to cross your fingers guys!
An open door invitation to try your luck with your coveted government job.
It's a chance of a lifetime, particularly for all cyber security students to be a part of the judicial procedure of cyber crime detection, given the alarming rate of increase of the same in the country at present.
Now let us check out some of the important facts and figures associated with the application procedure.
Selection Procedure is based on Written Test, Personal Interview.
Starting Date of Online Form Submission: 23 Jan 2020.
End Date of Online Form Submission: 21 Feb 2020.
As per CBI rules.
The internship will extend for 06-08 weeks particularly during the summer vacation of the universities/institutions starting in mid of the May, 2020.
No payment during internship with interns making their own arrangements for staying and traveling.
CBI will not be responsible for any medical facility or any other facility to the interns.
Internship does not mean future employment in CBI.
Interns will be provided the required assistance in executing the research on the selected topics in form of the required data, study material, in depth exposure to investigation process as well as the prosecution process based on sound legal footings and exposure to court process.
Interns are expected not to disclose anything confidential to any one, which they may come across during internship. They will have to sign a "No Disclosure Certificate" on joining.
Interns will be required to have their own laptops. The respective department shall provide them working space, internet facility and other necessities as considered fit by the head of the branch.
A certificate shall be accredited by CBI to the intern on the basis of performance.
Candidates are required to send their applications attached with their detailed bio-data in the prescribed proforma (Annexure-A) along with a 300 word write-up on the reason for he/she to join the internship program in CBI with one's chosen area of interest, to the Superintendent of Police (Training), CBI Academy, Hapur Road, Kamla Nehru Nagar, Ghaziabad, Uttar Pradesh – 201002 on or before 21.02.2020 through Speed Post. Incomplete applications may not be accepted.
The form may be downloaded from
CBI Interns Offline Application Form 2020: Click Here
In case applications exceed the number of interns to be employed in one city, interviews may be held in four metro cities i.e. Delhi, Chennai, Mumbai and Kolkata in March, 2020.
The final list of selected interns will be displayed on the websites of CBI and CBI Academy.
A quick recap
Are you interested to be a CBI intern?
If yes, tell us why.
A remarkable bug bounty program,as promised by the tech giant earlier, has been announced by Apple at a hacking conference in August 2019 bits head of Security Engineering and Architecture, Ivan Krstić.The highlights of the program are as follows:
This particular bug bounty program is meant for all security researchers, with financial compensation to anyone for reporting vulnerabilities in the iOS, macOS, watchOS, tvOS, iPadOS, and iCloud to the Apple.
As long as it was launched three years ago, Apple's bug bounty program was restricted only to selected security researchers against invitation and was only availed for reporting vulnerabilities in the iOS mobile operating system.
But from now on all security researchers and ethical hackers will receive a cash prize for reporting a substantial security vulnerability in the "latest publicly available versions of iOS, iPadOS, macOS, tvOS or watchOS with a standard configuration," as was first announced by Krstić on Twitter.
The topics you need to know to become a successful bug bounty hunter can be found in the syllabus mentioned here -> educating cyber security Happy Hunting.
'Two third-party software development kits'as engineered by a multitude of Android apps have been caught hacking into users' data related to their social media accounts.
In a just published blog post, Twitter said that an SDK formed by OneAudience contains a 'privacy-violating component' which might have passed private data to the OneAudience servers.
Following suit Facebook announced that an SDK from a different company, Mobiburn, is also being interrogated for similar acts that might have exposed its users associated with certain Android apps to data collection firms.
Both OneAudience and Mobiburn are data monetization services that pay developers to install their SDKs into the apps, which then collect consumer data used for advertising.
The magnitude of stolen data here depends on the degree of access the particular user has availed while connecting his social accounts with the SDK installed apps.
While both Facebook and Twitter have taken steps against the makers of the malicious apps, it is advisable to stop downloading apps from play stores indiscriminately and also review authorized apps.
Learn effective ethical hacking from experienced teachers.
Click here to know more about ISOEH.
Cyber security researchers have discovered a previously unknown malicious data-wiping malware called ZeroCleare being exploited by state-sponsored hackers at energy and industrial organizations in the Middle East.
It is associated with two Iranian state-sponsored hacking groups-APT34, also known as ITG13 and Oilrig, and Hive0081, also known as xHunt. It is said to have some severe similarities with Shamoon, one of the most destructive malware families known for damaging 30,000 computers at Saudi Arabia's largest oil producer in 2012.
ZeroCleare also uses a legitimate hard disk drive called 'RawDisk by ElDos' to overwrite the master boot record (MBR) and disk partitions of targeted computers running the Windows operating system.
Though EldoS driver is not signed, the malware still manages to operate it by installing a vulnerable but signed Oracle's Virtual Box driver, exploiting it to bypass the signature checking mechanism and load the unsigned EldoS driver.
To unleash the ZeroCleare malware on maximum number of machines attackers' try to brute force network accounts passwords and then install ASPX web shells, like China Chopper and Tunna, by exploiting a SharePoint vulnerability.
Authorities have confirmed two versions of ZeroCleare in the wild one for each Windows architecture (32-bit and 64-bit), with only the 64-bit being operational.
In the security challenged fast changing virtual world of Information Technology ISOEH teaches the latest solutions of ethical hacking.
Click here to know more.
OpenBSD, an open-source operating system designed for security is discovered vulnerable to four new crucial security vulnerabilities. One of them is archaic authentication bypass vulnerability in BSDAuth framework.
The other three vulnerabilities are privilege escalation issues liable to cause local users or malicious software to take advantage of an auth group, root, as well as of other users, respectively.
The vulnerabilities were found and declared by Qualys Research Labs. As a preventive measure OpenBSD developers released security patches for OpenBSD 6.5 and OpenBSD 6.6 in less than 40 hours of its discovery.
The flaws found are as follows
ISOAH or the Indian School of Anti Hacking walks that extra mile in determining bugs and malwares in your system and has been at it for the longest time in the cyber security sector.
The United States Federal Trade Commission is taking the Utah-based IT provider InfoTrax Systems to court.
The later failed to detect a massive violation of the former's systems that exposed the personal data of over a million consumers.
The breach allegedly is about 20 hacking attacks over 22-months beginning in May 2014 and continuing until March 7, 2016.
The FTC says that InfoTrax Systems discovered a discrepancy when it started getting alert notifications that one of its servers had run out of storage space. In a bid to wreck a disastrous attack hackers mishandled an eclectic collection of data including victims' full names, social security numbers, addresses, email addresses, and phone numbers along with usernames, some plaintext passwords for InfoTrax accounts, and some credit and debit card numbers including associated names, expiration dates, and CVVs.
ISOAH has been executing effective anti hacking audits for an array of business entities and established institutions to keep them safe from such unprecedented system attacks.
No sooner did worldwide popular messaging mobile application whatsapp just recover from the hacking controversy called Pegasus, the Israeli spyware targeted at selected Android and iOS devices worldwide, has it once again entangled itself in yet another similar imbroglio.
This time it is a new whatsApp bug that could allow hackers secretly install spyware on your devices.
However, this time the Facebook owned messaging app has had a close shave saving the bug from wreaking havoc.
Last month whatsapp patched this crucial vulnerability that could have accessed hackers to silently compromise targeted devices and polish off secret chat messages and files.
This vulnerability - named as CVE-2019-11931 - is a 'stack-based buffer overflow issue which existed in the way earlier whatsapp versions 'parse the elementary stream metadata of an MP4 file', resulting in 'denial-of-service' or remote code execution attacks.
To take advantage of this vulnerability, a remote attacker needs the phone number of targeted users and send them a maliciously designed MP4 file to their whatsapp, which ultimately can be programmed to fit a malicious backdoor or spyware app on the compromised device.
This vulnerability affects both consumers as well as enterprise apps of Whatsapp for all prominent platforms, including Google Android, Apple iOS and Microsoft Windows.
In a vulnerable world of constant cyber threats ISOAH conducts authentic anti hacking audits to make your system bug free.
Recently Taiwan co-hosted its fourth edition of Cyber Offensive and Defensive Exercise (Code) beginning with a seminar on hacking practices adopted by North Korea. The program marked the first multinational collaboration in order to combat cyber security threats undertaken by state sponsored threat actors to sabotage industries and damage national economies.
Though the code has been initiated by Taiwan since 2013, this is a landmark year when it is co-participated in by 4 other nations of the world namely USA, Japan, Malaysia and Czech Republic alongside Taiwanese government and military officials. The aforementioned nations along with Taiwan will form a team this time to combat destructive cyber attacks on Taiwan's financial sectors.
As per reports cyber security expert officials from six other nations will also be taking part in the anti hacking drill as undertaken in the summit.
The move stands as a watershed effort to counter cyber intrusion on Taiwanese economy which is the centre of many an important industrial activity and hence the target of international cyber conspiracy.
Though there have been other meets and cooperative endeavors to solve the problem of cyber security threats, this is the first time a nation opened its gates to its allies to join hands in fighting a global threat like cyber hacking.
India is also all geared up to meet its own cyber security challenge. The Indian School of Anti Hacking along with its skill development counterpart Indian School of Ethical Hacking are organizations playing their parts in effective anti hacking audits and imparting education to aspiring ethical hackers respectively to carry the country's anti hacking baton forward.
India is reportedly the biggest market for the popular whatsapp at 400 million users.
That is reason enough for the Indian government to hold the case of whatsapp hacking with utmost importance.
It is leaving no stone unturned to ensure whatsapp assures transparency and trace ability of content shared on the messaging platform against the recent outrage of Israeli malware Pegasus intruding into the private whatsapp messages of a number of Indian personalities.
Pegasus is a hacking malware designed by an Israeli surveillance firm NSO to help governments of different countries hack into the phone of nearly 1400 users all over the globe which includes social activists, diplomats, senior government officials, journalists and dissidents.
Whats app has reportedly sued the US based surveillance firm accusing it of exploiting an error in the whatsapp server to enable mal-intended clients break into target mobiles.
However, NSO has denied all the accusations.
In India the number of affected by Pegasus is reportedly 121.
The Indian government has said that a particular whatsapp is required to be traceable enough to know where it originated from and by whom. Knowing the identity of the sender is very important to stop cyber crimes which often translate into real life happenings like child pornography and kidnapping.
In reply Facebook owned messaging application organization said that the end to end encryption technology doesnot allow even itself to read the messages or track its origin. Only the sender and the recipient are able to see it. Answering which a government official said only a few changes in operation technology of whatsapp like digital fingerprinting of every message being exchanged would be enough to meet the crisis and solve the situation.
Since the cyber world is plagued with hacking attacks of every kind it is important for cyber security experts to be abreast of the latest anti hacking technology. The Indian School of Ethical Hacking gives young aspirants the apt skills to be the most sought after security expert.
Click on to read more about cyber security prospects in India.
Click on to know more about Pegasus from ISOEH CEO Sandeep Sengupta.
At the end of the tunnel there is always a ray of light.
Every dark cloud has a silver lining to it.
Paradise Ransomware is finally going to be counter attacked, much to the relief of its thousands of preys.
Security researchers have released a free decryptor tool for the Paradise Ransomware which will enable those affected by it to recover their files without paying its dreaded ransom to the attackers.
The Paradise Ransomware was detected in September 2017 and is still actively in distribution as per reports of the computer security firm Emsisoft.
It apparently seems to be sold to third-party attackers in form of a paid service, with attackers enabled to customize how the #malware operates. When files are encrypted, Paradise appends one of at least fifty extensions to the files, including ".paradise", "2ksys19", ".p3rf0rm4", and ".FC".
Emsisoft said the new tool can decrypt most of these extensions. But if in case the hacked files cannot be decrypted, users are advised to archive them so that they can be unlocked at a later date when the tool is updated.
Paradise exhibits one of several variant ransom notes depending on how it's been customized by the third-party attacker. The notes ask the ransom to be paid in Bitcoin directly to the attacker, rather than to Paradise's developers. "Regardless of what any of the Paradise ransom notes might say, our decryption tool can help you recover your files for free," Emsisoft said in an advisory.
In this age of rampant cyber attacks the industry needs expert cyber security professionals to ensure corporate safety against malicious hacking. ISOEH imparts the right training in that regard.
A hacking group of Chinese origin has been wreaking havoc with the governments of numerous countries in the world, for the last three years.
The name of the group is Calypso APT or Advanced Persistent Threat which has been active in countries like India, Brazil, Kazakhstan, Russia, Thailand and Turkey.
The malicious activities of the group have been investigated out by the security enterprise called Positive Technologies.
The modus operandi of the group is hacking the perimeter of the organization's system thereafter using special utilities and malware to get access to the internal network. After gaining access the hackers would navigate the system in either of the two ways of exploiting remote code execution vulnerabilities or using stolen credentials.
The aforementioned group would damage and destroy the federal infrastructure of every country they targeted. As per Positive Technologies the success of this group can be attributed to the usage of popular public tools as employed by specialists uniformly for network administrations like SysInternals, Mimikatz, EternalBlue and EternalRomance.
The cyber world is seriously privacy challenged. In this scheme of things an organization experienced in security audits can ensure effective precaution against hacking.
Click here to know more: www.isoah.com
Be careful with Uber and LinkedIn.
The user information which you just shared may get manipulated.
Brandon Charles Glover (26) of Florida and Vasile Mereacre (23) of Toronto have been doing that since 2016.
However, they did not stop just there.
After stealing the customer's database from the concerned company's network they would contact the corporate and blackmail it to cough up a ransom in exchange of deleting the hacked data base.
That paid and how!!!
The duo extorted 100,000 in bitcoin from Uber in exchange of a hacked database of 57 million Uber riders and drivers!!!!
They also blackmailed LinkedIn in a similar way in December 2016, after stealing the database of LinkedIn's subsidiary Lynda.com and stole over 90,000 user records, including their credit card information.
Uber had to undertake severe financial compensation for failing to protect its customer's private data base as ordered by a number of data protection regulators and federal bodies after revealing the act of hacking later.
Only recently Glover and Mereacre each pleaded guilty to a charge of extortion and are to face a maximum of five years in prison and a fine of $250,000 when they are sentenced. The duo has been released on bond and will be sentenced in March 2020.
In order to combat such malicious data hacking learn anti hacking technology from eastern India's best anti hacking school the Indian School of Ethical Hacking.
In order to protect your organization's data base avail Indian School of Anti Hacking's expert audits.
Once bitten but more than twice shy!
No one dares messing with Russian athletes.
Just before the Worldwide Anti Doping agency reported that there were 'inconsistencies' in the anti-doping compliance standard of Russian athletes indicating a probable ban of the concerned country from Tokyo Olympics 2020 just like Pyeongchang Winter Games in 2018, Russian hackers, long working in Russian military intelligence agency called the GRU started retaliating.
Microsoft has recently revealed that state sponsored Russian hacker group Fancy Bear, APT28, or Strontium has targeted no less than 16 anti-doping agencies in the whole world, some very successfully so.
The Russian attacks on Olympics are special owing to their sheer consistency over the years. They have been avenging Russia's 2018 eviction by leaking battery of stolen files and athlete medical records of leading anti-doping organizations including WADA even sabotaging the whole of Olympic's IT background, ticketing system, WiFi, app etc.
As indicated by this destructive history, Russia, in all probability, will wreck revenge at the Japan Olympics in 2020 as said by threat intelligence firm Fire Eye's director of intelligence analysis John Hultquist.
In order to prevent such disruptive hacking activities learn ethical hacking at the Indian School of Ethical Hacking to combat a hacker using his very own malicious hacking tactics against him. Click here on to know more: www.isoeh.com
Microsoft has accelerated its IoT emphasis.
Recently it has released a long line of IoT updates thus adding tremendous value to its IoT portfolio while addressing the current cyber security challenges and usage of technology. Microsoft envisions IoT implements for allowing companies to modify cloud intelligence from data centre to edge computing thus engineering newer products.
In order to take this tech mission forward Microsoft is introducing 11 application templates to its IoT central platform, which will ease out the IoT applications in sectors like retail, health care, government, and energy. The other improvements to Microsoft's IoT central include custom user roles, the ability to save and load application states, and improved data export options.
Microsoft also announced its Azure Sphere partner security program to enhance its IoT security, which according to Microsoft requires a 'holistic approach'.
IoT security is fast being an important vulnerability as companies are increasingly employing that technology on their networks. A Nokia Threat report from late 2018 found that IoT botnets were fast growing and 5G-based IoT deployments were only going to increase the risk.
Only effective auditing can meet the need for solving issues of IoT securities on corporate networks. Click here to know more: www.isoah.com
Are you a voracious eater?
Are you fond of ordering food online?
Do you hate waiting for more hours than necessary for the delivery boy to turn up?
Well, those days are soon to arrive when all your desires and delicacies are met in a single mobile application.
Machine Learning, a subset of Artificial Intelligence, is fast replacing manual labour at popular food apps like Swiggy and Zomato resulting in faster, better and more sophisticated sales services.
With the demand for online food orders on an all time high, in order to boost sales and meet better customer satisfaction, almost all the popular food apps are resorting to Machine Learning as the most important tool to improve their business standards.
In a fiercely competitive market, both Swiggy and Zomato are aiming at expanding their business horizons by meeting their client's appetite ambitions. Handling over a million orders a day and partnering with over a lakh restaurants closely, both the food apps now want to serve a customized palate based on their individual orders in the past. The entire process of service revamping is being planned based on data holding the hands of ML or Machine Learning.
Unlike e-commerce, where data sets are availed from just customer purchases in the hyper local segment, here the delivery fleet, restaurants, and customers together generate massive amounts of data points.
Hence, Machine Learning is the future for making the most of this global appetite for exotic cuisine and making the food-tech one of the most promising sectors of employment.
The Indian School of Ethical Hacking offers comprehensive skill development modules on Machine Learning.
In order to learn Machine Learning and Artificial Intelligence click here and read on www.isoeh.com/machine-learning-using-python.html
Facebook is almost hacked!
If you receive an unexpected notification from Facebook asking you your net credentials know for sure that you have been phished.
Phishing websites like HackingFacebook.net and instagram.com are active to hoodwink users to divulge their secrets by using hacking tools against one of the most popular social networking sites in the world wide web.
These phishing websites are owned and hosted by two such companies who were sent numerous takedown requests by Facebook due their fraudulent activities infringing on the company's trademarks. Finally, owing to the non-reciprocating ways of the former, Facebook has moved to the court of law by filing its lawsuit on Monday in the US District Court of the Northern District of California against Online NIC and ID Shield of trademark infringement and cybersquatting.
As per reports this is the latest example of a corporate giant taking fake sites to task on charges of phishing. Earlier this year Microsoft took down 99 websites controlled and manipulated by Iranian hackers, intended at phishing users. Phishing attacks are common these days with URLs resembling the real website name and design trap websites to look just like the actual one.
In the aforementioned lawsuit Facebook mentioned at least 20 websites using the corporate's name and images on websites hosted by Online NIC and ID Shield intended at illegal activities in the name of Facebook and Instagram. So manipulatively are the phishing attacks designed that the target user may end up divulging his password.
In situations like these organizations specialized in anti hacking are take charge in discovering system vulnerabilities and combating outer intrusions.
Click on www.isoah.comto know more.
The whatsapp happy netizens of the world are in for bad news. For those of you who think the popular messaging mobile application is the safest place to engage in quite private gossip are in for an unpleasant surprise. A particular bug called CVE-2019-11932 has been discovered in WhatsApp for Android in versions below 2.19.244, which makes it vulnerable to some serious hacking in form of memory leaks, crashes, and the execution of arbitrary code, just by a mischievous GIF.
Read more to know the details of the vulnerability: https://www.zdnet.com/article/whatsapp-vulnerability-exploited-through-malicious-gifs-to-hijack-chat-sessions/
Unbiased election is the backbone of any democracy.
However that seems to be only a constitutional fact with no implication in reality.
In the present political scenario the possibility of fair elections is diluted in scams and scandals across the globe raising a big question on the transparency of international political standards.
Be it the American voting machines or the Indian EVMs no voting infrastructure is free of manipulative software altering results, endangering nations and tarnishing the system.
But there is always a light at the end of the tunnel.Microsoft has, in MAY 2019, released 'a free, open-source software development kit (SDK) called ElectionGuard' for a comprehensive verification of votes. It serves a threefold purpose of
In order to ensure smooth and secure working of the Election Guard, Microsoft has launched the ElectionGuard Bounty program inviting security experts across the world to detect and delete bugs, viruses and other type of vulnerabilities in the SDK system.
As a part of the defending democracy program this initiative asks security professionals like cyber security practitioners, part-time hobbyists, or students to discover crucial vulnerabilities in the ElectionGuard and share them with Microsoft under the Coordinated Vulnerability Disclosure (CVD) against a reward of $15,000 for every important discovery.
Read more about the hacking outrage in US elections here https://thehackernews.com/2016/12/russian-hacker-us-election.html
For knowing more about the perks of being a cyber security professional click www.isoeh.com/exclusive-blog.html
Digital messaging is not going to be a 'rivate' affair anymore.
The telecom regulator is processing a set of recommendations for the department of telecommunications to monitor the OTT or the digital providers of messaging services like Whatsapp etc. On the acceptance of the said recommendations applications like Whatsapp etc will need to get themselves registered to allow 'lawful interception' of messages exchanged through them.
According to a senior official of TRAI OTTs defend themselves saying they themselves are un accessed to their messages because they are end to end encrypted and are not subject to lawful interception. But time is ripe for the telecom industry including the OTT players to adhere to lawful obligations of data interception.
The US department of justice along with those of England and Australia are emphasizing upon federal access to digital information due to the urgency of combating serious international crimes.
The issue of trace ability of end to end encrypted messages through ethical hacking is of utmost importance in the context of the OTT platform being abused for spreading disturbances.
Visit www.isoah.com to know of effective and updated auditing services of ethical hacking to keep your digital database free of unlawful intrusion.
Microsoft has just recently released its October 2019 patch Tuesday security updates in order to correct a total of 59 vulnerabilities in windows operating systems and associated software. Out of all the enlisted vulnerabilities 9 are rated as critical, 49 important and 1 average in severity.
The silver lining about this month's security update is that none of the cyber vulnerabilities patched this time is listed publicly or under active hacking attack.
Two of the critical vulnerabilities patched this month are remote code execution flaws in the VBScript engine. Both exist in how VBScript handles objects in memory, thus helping attackers to corrupt memory and execute arbitrary code for the current user.
The two vulnerabilities, namely CVE-2019-1238 and CVE-2019-1239, can be exploited remotely by cajoling victims into visiting a specially crafted website through Internet Explorer.
A hacker can go about his hacking intention using these issues with the help of an application or Microsoft Office document by embedding an ActiveX control marked 'safe for initialization' that utilizes Internet Explorer rendering engine.
System administrators are advised to employ the latest security patches to keep their systems free of cyber crimes and unlawful intrusions.
Visit www.isoah.com to know more about different anti hacking services on offer to keep your digital infrastructure secure from unprecedented attacks.
Reyes Daniel Ruiz, an ex-Yahoo employee has been accused of hacking into a multitude of email accounts owned primarily by young women belonging to the Yahoo domain, for taking a sneak peek into their private photographs and videos, to which he confessed.
The number of email accounts which this former yahoo engineer has violated the privacy of is a whopping 6000. The accused was already charged with issues of online hacking and intercepting a wire communication in April.
Most of the victim of his unauthorized intrusion were strangers in the web world while some were his friends and acquaintances. The photographs and videos that were gathered were not only sourced from Yahoo accounts but also from other sites like Facebook, icloud, Dropbox and Gmail among others.
Though he tried to hide his crime by destroying the drive in which he stored his hacked stuff, by then Yahoo had become suspicious of his activities.
This incident is in line with 2013 and 2014 scams of massive breach of privacy on part of Yahoo. Hence the need for cyber security cannot be over emphasized no matter how authentic the domain may be.
Read more to ensure your cyber security: www.isoah.com/5-smart-ways-to-maintain-your-digital-privacy1.php
Click on to avail better services against hacking: www.isoah.com
A crucial security issue has been found out and addressed in the open source Exim email server software with the help of which a hacker can bombard any particular server with malicious codes or just conduct a crash.
Exim administrators released an emergency security update called Exim version 4.92.3 on the 30th September giving system administrators an early intimation on its upcoming security patches that extends on all versions of the email server software from 4.92 including then-latest version 4.92.2. Administrators are advised to install the latest Exim 4.92.3 version immediately, since there is no known mitigation to solve the threat.
Known as CVE-2019-16928 and discovered by Jeremy Harris of Exim Development Team, the problem is a heap-based buffer overflow (memory corruption) issue in string_vformat defined in string.c file of the EHLO Command Handler component.
It could allow remote attackers to engineer a denial of service (DoS) situation or release any arbitrary code on a targeted Exim mail server using a specially drafted line in the EHLO command with the rights of the targeted user.<>The Indian School of Anti Hacking is well versed in locating such system vulnerabilities with its expert team of anti hacking audits. Click www.isoah.com to know about us.
Google, the Mountain View based internet giant has just announced its big leap for digital India. During its famous flagship 'Google for India' event it has announced launching an 'Artificial Intelligence' or AI laboratory in Bengaluru for creating products not just for India but also for the rest of the world. The laboratory will be led by Manish Gupta, a student of SEM or Society for Experimental Mechanics.
If you wish to know more about AI, please reach our other tutorial article www.isoeh.com/tutorial-details-artificial-intelligence-machine-learning-what-s-the-difference-between-them.html or check out our ML Course at www.isoeh.com/machine-learning-using-python.html
Vulnerabilities that most programmers often underestimate could have allowed hackers to evade privacy and security of your virtual reality experience as well as the real world.
Bigscreen is a popular VR application that describes itself as a "virtual living room," enabling friends to hang out together in virtual world, watch movies in a virtual cinema, chat in the lobby, make private rooms, collaborate on projects together, share their computer screens or control in a virtual environment and more.
The flaws in Bigscreen app literally allowed researchers to remotely hijack Bigscreen's web infrastructure (that runs behind its desktop application) and perform multiple attack scenarios through a custom-designed command-and-control server, including:
A FICCI and E&Y study in March 2018 estimated that the film sector alone loses $ 2.8 billion of its total revenue to online piracy.
To contain online distribution of pirated content, the draft national e-commerce policy has proposed setting up a body of industry stakeholders to identify websites that host infringing content, in an effort to curtail their advertising and subscription revenue.
The draft e-commerce policy released on Saturday said that Internet service providers shall remove or disable access to the websites identified in the IWL within set time-lines, payment gateways shall not permit flow of payments to or from such rogue websites, search engines shall take necessary steps to remove websites in their search results and advertisers or advertising agencies shall not host any advertisements on them.
Group-IB experts discovered new databases with a total of 69,189 Pakistani banks' cards that have shown up for sale on the dark web. The total market value of the databases is estimated at nearly 3.5 million USD.
According to Group-IB data, it is the second big sale of Pakistani banks' cards in the past 6 months, which may indicate the activity of advanced financially motivated threat actors in the region.
Group-IB Threat Intelligence team has discovered two new databases with tens of thousands of Pakistani banks' cards that were releases on Joker's Stash, one of the most popular underground hubs of stolen card data, at the end of January 2019. 96% of all card dumps, unauthorized digital copies of the information contained in magnetic stripe of a payment card, were related to a single bank – Meezan Bank Ltd. Pakistani banks' cards are rarely sold on underground cardshops. This, and the fact that all the cards came on sale with PIN codes explains the high price, which was kept at 50 USD per card, while usually the price per card on dark web forums ranges from 10 to 40 USD.
As detailed by Kaspersky Lab, so-called WinPot malware afflicts what the security researchers describe only as a "popular" ATM brand.
To install WinPot, a hacker needs either physical or network access to a machine; if you cut a hole in the right spot, it's easy enough to plug into a serial port. Once activated, the malware replaces the ATM's standard display with four buttons labeled "SPIN"—one for each cassette, the cash-dispensing containers within an ATM.
Below each of those buttons, it shows the number of bank notes within each given cassette, as well as the total values. Tap SPIN, and out comes the money. Tap STOP, and well, you know.
Top password manager products have fundamental flaws that expose the data they are designed to protect, rendering them no more secure than saving passwords in a text file, according to a new study by researchers at Independent Security Evaluators (ISE).
More than 60 million individuals 93,000 businesses worldwide rely on password managers. ISE researchers revealed serious weaknesses with top password managers: 1Password, Dashlane, KeePass and LastPass.
One major finding was that, in certain instances, the master password was residing in the computer's memory in a plaintext readable format -- no safer than storing it in a document or on the desktop as far as an adversary is concerned. Users are led to believe the information is secure when the password manager is locked. Though, once the master password is available to the attacker, they can decrypt the password manager database -- the stored secrets, usernames and passwords. ISE demonstrated it is possible to extract master passwords and other login credentials from memory while the password manager was locked.
If you are suggested to download an app called "AnyDesk" through social media or any other channel then do not do this. After downloading this app, your bank account may become empty within minutes.
Reserve Bank of India (RBI) has issued a warning in this regard. "AnyDesk" is a software that can do transactions from your bank account through your mobile or laptop.
The alert was issued by the RBI's cybersecurity and IT examination cell. It said that once the app is downloaded on a mobile phone, it seeks permission to access control of the phone like other applications.
However, when the permission is granted by a user, AnyDesk app allegedly steals confidential data on the phone to carry out fraudulent transactions through other payments app available on the phone.
For several years, Amazon and Google have collected data every time someone used a smart speaker to turn on a light or lock a door. Now they're asking smart-home gadget makers such as Logitech and Hunter Fan to send a continuous stream of information.
Even gadgets as simple as light bulbs could enable tech companies to fill in blanks about their customers and use the data for marketing purposes. Having already amassed a digital record of activity in public spaces, critics say, tech companies are now bent on establishing a beachhead in the home.
Last year (2018), Google paid out $1.7 million to security researchers who discovered bugs in the Android and Chrome systems.
The program was designed to help Google find flaws in its systems and to encourage researchers to report issues before they could be exploited. Financial rewards for reporting these bugs range from $100 to $200,000 depending on the risk level of the flaw.
In total, Google said they had paid out $3.4 million in rewards in 2018, $1.7 of which was for vulnerabilities found in Android and Chrome. Google said the program has paid out a total of $15 million since it was launched in 2010.
The main purpose of the app is to steal the victim's credentials and private keys to gain control over the victim's Ethereum funds.
The clipper hijacking malware use to intercept the contents of the clipboard and replaces it with the content the attackers want to have.
Generally, the cryptocurrency wallets contain a long string of characters for security reasons, users use to copy and paste the strings instead of typing it. The clipper malware in Google Play impersonates as the metamask service that allows you to run the Ethereum dApps right in your browser without running a full Ethereum node.
Currently, the metamask does not offer a mobile app, the attackers use it as an advantage to introduce a shady app. Metamask only offers add-ons for desktop browsers such as Chrome and Firefox.
Google has recently announced the launch of a dedicated Chrome extension that will alert users for breached credentials. Named 'Password Checkup', the tool will facilitate users in creating unique login credentials.
Whenever you sign in to a site, Password Checkup will trigger a warning if the username and password you use is one of over 4 billion credentials that Google knows to be unsafe.
The tool not only alerts users for breached passwords, but also ensures keeping the current user credentials secure by employing cryptography. In this way, the usernames and passwords will remain invisible to Google. Moreover, this will also prevent any potential instances of data breaches or password guessing by brute force.
A major flaw in Android's framework allows an attacker to execute computer code remotely by using a maliciously crafted PNG image file to smuggle the code.
Yes, just viewing an innocuous-looking image could hack your Android smartphone—thanks to three newly-discovered critical vulnerabilities that affect millions of devices running recent versions of Google's mobile operating system, ranging from Android 7.0 Nougat to its current Android 9.0 Pie.
This isn't the first time when PNG files are flagged as dangerous because they can be rigged easily. And it is very easy to send a harmless-looking PNG file to victims over chat, email or social media which in turn triggers the device to download malware.
The Outlaw group is conducting an active campaign which is targeting Linux systems in cryptocurrency mining attacks.
On Tuesday, the JASK Special Ops research team disclosed additional details (.PDF) of the attack wave which appears to focus on seizing infrastructure resources to support illicit Monero mining activities.
The campaign uses a refined version of Shellbot, a Trojan which carves a tunnel between an infected system and a command-and-control (C2) server operated by threat actors.
The backdoor is able to collect system and personal data, terminate or run tasks and processes, download additional payloads, open remote command line shells, send stolen information to a C2, and also receive additional malware payloads from controllers.
The hacker managed to gain access to leaked passwords from another website.
Arjun Sud, from Lake Barrington, Illinois, put his 7month old baby to sleep. Shortly after, he heard some noises coming from the camera in the nursery, followed by a male voice. He further reported to CBS Chicago that the hacker turned up the thermostat, also a Nest smart device, to 90 degrees Fahrenheit. The hacker continued to torment the family as they moved around their house through the 16 installed cameras. The couple disconnected their Nest devices and called the police.
Upon further investigation, Sud did not get any answers from Nest as to how long the account was compromised for. Nest also told him he had a responsibility to put stronger passwords in place to stop unauthorised access.
Researchers made this discovery while investigating an IoT botnet known as TheMoon, which they initially began tracking after observing several CenturyLink devices performing credential brute-force attacks against popular websites.
An investigation into these devices revealed infections with the TheMoon IoT malware, and later also exposed the existence of a never-before-seen module designed to transform infected routers and IoT devices into proxies for bad traffic.
According to CenturyLink, in the past year, TheMoon botnet has been used for brute-force attacks, credential stuffing attacks, for advertising fraud, general traffic obfuscation, and more.
If you own an Apple device, you should immediately turn OFF FaceTime app for a few days.
The bug was confirmed by BuzzFeedNews reporter Nicole Nguyen who noticed that the remote iPhone's camera is enabled if the user presses the volume down but as they might to silence the call.Here's how one can reproduce the bug:
The bug is going viral on Twitter and other social media platforms with multiple users complaining of this privacy issue that can turn any iPhone into an eavesdropping device without the user's knowledge.
Persistent malicious attacks exposing cloud infrastructure are the result of a perfect storm combining cryptomining, ransomware and botnet/worms for both Linux and Windows, the Securonix Threat Research Team reported.
Xbash malware infects Linux and Windows systems with the aim of deleting critical databases instead of encrypting them without any functionality to backup/recover the files, while installing cryptojacking scripts and impersonating a ransomware attack.
In most cases, the focus of the attacks is on installing a second-stage payload for cryptomining and/or remote access," the report stated. "In other cases, the malware propagates and infects the exposed services,removes data, and installs second-stage cryptomining and ransomware payloads."
The researchers from the University of Vermont in the US and University of Adelaide in Australia found that if a person leaves a social media platform -- or never joined -- the online posts and words of their friends still provide about 95 per cent of the "potential predictive accuracy", of a person's future activities -- even without any of that person's data.
The team of scientists gathered more than 30 million public posts on Twitter from 13,905 users. With this data, they showed that information within the Twitter messages from eight or nine of a person's contacts make it possible to predict that person's later tweets as accurately as if they were looking directly at that person's own Twitter feed.
The research raises profound questions about the fundamental nature of privacy -- and how, in a highly networked society, a person's choices and identity are embedded in that network.
"You alone don't control your privacy on social media platforms," says professor Jim Bagrow from University of Vermont. "Your friends have a say too."
Less than three months before the parliamentary elections, the Europe chapter of the Indian Journalists' Association (IJA) was set to demonstrate how electronic voting machines (EVMs) can be hacked.
Syed Shuja, a US-based cyber expert who claims he was a part of the team which designed Electronic Voting Machines (EVMs) used in India, alleged that the 2014 general elections in India were rigged and that senior BJP leader Gopinath Munde was murdered because he knew about the tampering. However, there are some massive loopholes in his explosive claims.
He claims that the tampering can be done using a modulator to tap into a low frequency. He also claimed that the modulator was of "military grade" and was sold to Reliance between 2012-2014. He also could not be clear if he was accusing Reliance Communications or Reliance Jio in the process. But he later said that it was a Mukesh Ambani company. This is something that can be looked into but he did not provide any evidence to his claims.
The Election Commission rejects charges of EVM hacking in 2014 polls and said EVMs used in Indian elections were manufactured by Bharat Electronics and Electronics Corporation of India under "very strict supervisory and security conditions".
Legal experts said this was a major privacy concern and implementation could be questionable, given there is no legislative framework on a privacy law in India.
Oyo Rooms was at the receiving end of brickbats online after reports emerged that its new digital arrival and departure register would provide the government real-time data about people checking in and out of hotels.
Government agencies usually ask for data from hotels after obtaining relevant orders. In Oyo's case, such data being in government servers is being questioned, especially in the absence of adequate laws. Oyo is the biggest hotel operator in India, with over 125,000 rooms. It is also the third most valued startup in the country, and has a big presence in China.
The election watchdog also said it was mulling legal action in response to the claims made by a person identified as Syed Suja at a press conference in London.
While some schools in the city are already encouraging students to warm up to newer ways of technology, others will soon be joining the bandwagon by introducing AI as an elective subject.
This comes after the Central Board of Secondary Education (CBSE) recently decided to introduce artificial intelligence (AI) as a skill subject for students of classes 8, 9, and 10 — a move that is aimed at making students well-versed in newer technology.
While some schools already have ICT teachers who will be teaching AI to students, other schools said that they'd be opening vacancies for specialists once the syllabus is finalized. Schools are currently in the process of the finalizing the syllabus with the help of IT experts and teachers.
The 'Ten Year Challenge' has been taking social media by storm of late, but some tech experts worry the meme could be putting users' cyber security at risk. It's worth considering the depth and breadth of the personal data we share without reservations.
Experts are reminding people the more data you share the more of a target you become. Some even warn the memes can be mined to train facial recognition algorithms. "The majority use is probably going to be for advertising," tech expert Kate O'Neill said. "It's probably going to be just displays that adapt based on if you're older, younger."
Facial recognition's potential is mostly mundane: Age recognition is probably most useful for targeted advertising.
In other words, thanks to this trend, there's now a very large dataset of carefully curated photos of people from roughly 10 years ago and now.
The simplest Magecart attacks are when hackers breach an e-commerce site and plant malicious code on its servers. The most complex ones are when hacker groups breach third-party service providers and use the infrastructure of these companies to deliver malicious code on online shops, some of which would normally be very hard to breach in the first place.
The third-party library targeted by Magecart Group 12 is by a French online advertising company, called Adverline, whose service is being used by hundreds of European e-commerce websites to display ads.
The fact that there is a high probability of up to 25 percent medicines in India being fake (as per an ASSOCHAM study), certainly does not help. Needless to say, these scenarios are starting to exert immeasurable pressure on the economy's productivity pool and healthcare budget.
Ongoing experience suggests that AI can boost the healthcare sector multifold. With AI working in the back end, an entire supply chain of medicine can be integrated. From manufacturers to consumers located in the country's distant belts, the entire procurement and supply can be centrally controlled and monitored with ease. This will be highly effective in ensuring supply and reach of genuine, unadulterated medicine.
AI-driven apps are potent enough to replace physical visits to chemist shops altogether. By keeping tab on an individual's health condition each time s/he orders medicine online, AI makes healthcare personalised, accessible and affordable!
A threat hunter is essentially a security professional who uses manual or machine-assisted techniques to detect security threats in automated systems that would have been overlooked by a CISO or CIO. In other words, s/he provides an additional layer of defence against advanced persistent threats (APTs).
In order to deliver the responsibilities, the cybersecurity threat analyst will have to work with different kinds of software and tools to identify threats and possible adversaries. S/he also has to constantly monitor security tools such as firewall, antivirus among many other key features revolving around security.Key Requirements:
The ransomware subsequently targeted the printing and production systems that targeted multiple newspapers. The affected names included Los Angeles Times, New York Times, Wall Street Journal, Chicago Tribune, Post-Tribune, Capital Gazette, Baltimore Sun, Hartford Courant, Carroll County Times, and Lake County News-Sun.
As revealed by a Tribune spokesperson, the malware behind the attacks seems the Ryuk ransomware, as all the affected files had a ".ryk" extension.
Ryuk ransomware gained popularity in August 2018 after a devastating cryptojacking attack that allowed the attackers pilfer Bitcoins worth thousands of dollars. According to a tweet by MHT, the ransomware made the hackers receive more than 400 Bitcoins in about four months.
A suspected case of SIM card swapping has led to a Mumbai-based textile businessman losing Rs. 1.86 crore from his bank account. There were 28 transactions from his account, the businessman said, but he was not notified as his SIM card had been blocked by those behind the fraud.
"SIM swap" is when criminals gain access to the data and use the OTP that is required to transfer funds. SIM swap is a relatively new and technologically advanced form of fraud that allows hackers to gain access to bank account details, credit card numbers, and other personal data.
The criminals had his bank credentials and phone number. So, if your phone is blocked without consent, please get it reactivated immediately and inform the police if you notice fraudulent transactions.
According to Check Point, during the period July to December 2017, one in five Organizations are affected by crypto mining malware, tools that enable cybercriminals to hijack the victim's CPU or GPU power and existing resources to mine cryptocurrency, using as much as 65% of the end-users CPU power.Read Details