Hacking and Cyber Security News

Reportedly, the United Kingdom declared that their coronavirus tracing application is being run via centralized British servers and that’s how they are planning to take things forward and not via the usual “Apple-Google approach” which is a preferred one for most. Per sources, the CEO of the Tech unit of the National Health Service mentioned that their new smartphone app will have its launching in the upcoming weeks, with the hopes of helping the country return to normalcy by beating coronavirus. According to reports, the UK government believes that the contact-tracing protocol created by Apple and Google protects user privacy “under advertisement only”. Hence the British health service supports a system that would send the data of who may have the virus to a centralized server giving all the controls in the hand of the NHS. The way of the NHS and that of Apple and Google, work via Bluetooth by putting a cell-phone on the wireless network, having it emit an electronic ID tha

The new Chrome 81 version released on April 7th by Google for Windows, Mac, and Linux primarily focused on security owing to the vulnerability users are subjected to due to the coronavirus pandemic. The launch of the update was delayed for similar reasons. It brought along new features, bug fixes, and over 30 security flaw patches from Google's security researchers and some experts from outside. The new Chrome 81 version is being promoted to the Stable channel, meanwhile, Chrome 83 and Chrome 84 will be promoted to the Beta version and the Canary version respectively. As per sources, Chrome 82 will be disregarded because of the COVID-19 charged atmosphere, and all progress from the version will be channelized into the subsequent version, Chrome 83. While warning users of more security flaws in Chrome 81, Google confirms two new high-severity vulnerabilities infecting the web browser. As these new security exploits could allow hackers to run commands over an affected system b

According to F5's cybersecurity agency's report published recently, the financial sector has been a victim of severe credential stuffing attacks than the DDoS attacks in the last three years. The statistics included attacks against the financial industry as a whole. It recorded attacks against the banks, credit unions, insurance companies, broker agencies, and other services like Saas (Software as a Service) and payment processors. The report's conclusion rejects the common belief that the financial sectors suffer the most from DDoS attacks, as other prominent threat actors are emerging. Reports say that in recent times, brute force attacks, ATO (Account Takeover) attacks, credential stuffing attacks have done more considerable damage on the financial sectors than DDoS, from the year 2017-19. The ATO attacks include: Credential Stuffing- When the hackers try to attacks by using leaked usernames and passwords they find on websites.  Brute Force Attacks- Hackers use

A malware that attacks Android smartphones has increased its Maas (malware-as-a-service) operations with file encryption capabilities to carry out ransomware attacks. The malware, according to cybersecurity experts, is called "Lucy." The Lucy gang is a group of Russian hackers who became famous two years ago by launching the Black Rose Lucy service, a malware that allowed Botnet attacks on android smartphones. According to Checkpoint Research, "Because the Android accessibility service can mimic a user's on-screen click, this is the crucial element for Black Rose to carry out malicious activities. Once the accessibility service is enabled, Black Rose can quickly shuffle through screens to grant itself device admin privileges."  The Lucy service allows its users to attach files on vulnerable devices, which ask for $500 as a ransom in the browser window. The message says that it comes from the FBI, and the user must pay the ransom because he is found guil

According to recent reports, China is alleged for surveilling its residents' homes among the coronavirus epidemic. However, there is no official rule that says China can keep quarantined residents under watch. The incident has been happening since February in China, where few residents have reported cases of security camera equipped right in front of their homes. Three people have already informed of this incident, whereas other similar cases have appeared on social media. Currently, China doesn't have any national law that allows it to watch its people through surveillance cameras, but still, the cameras are equipped in various public areas in China. According to sources, the authorities are continually keeping a watch on people, whether they are in malls, eating in a restaurant, boarding transport, or even in schools and colleges. According to data by CNN, around 20 Million cameras were installed across china in the year 2020, and this is only a rough estimate. According

SeaChange, a leading supplier of video delivery software solutions has been attacked by the authors of Sodinokibi ransomware. Reportedly, the operators have published images of the data they claim to have obtained after encrypting the systems and are threatening the Waltham, Massachusets based company to leak the stolen data. SeaChange International has offices in Poland and Brazil, it is a remotely managed video solution provider with around 50 million subscribers across the globe. BBC, DISH, COX, DNA, Quickline, RCN, and Starhub are a few names amongst their 200+ video provider customers. The cybercriminals behind Sodinokibi ransomware have been actively involved in posting illegally obtained data of victims onto their leak website since 2019 and then demanding a ransom for the release of the same. Lately, attackers have increasingly employed this strategy of building pressure on non-paying victims and converting them into a paying one by releasing the stolen data bit by bit,

Messaging application Telegram announces the development of a group video calling service along with the news that it has now reached 400 million monthly active users, further doubling its user base in two years. The messaging app says that this version is going to offer both security and ease of use. Be that as it may, this claim is considered as a "not-so-subtle' swipe at user-friendly Zoom, which has been hit by various security scandals as of late. Critics brought up the issue that the service's claims about offering 'end-to-end' encryption were bogus, and that it's default privacy settings made it simple for the uninvited users to take advantage of this flaw and tap into video calls. That being said Telegram has likewise confronted a lot of criticism also from the security community to some degree since its end-to-end encryption isn't enabled by default. Telegram hit the 400 million user milestone a year after reaching 300 million users. Wh

Sophos, a UK cybersecurity company famous for its anti-virus products has released an emergency security update this Saturday to combat a Zero-Day vulnerability exploited by hackers in its XG enterprise firewall product. They became aware of the vulnerability on Wednesday after one of their customers reported "a suspicious field value visible in the management interface." And they released an update containing the patch for the vulnerability. The Vulnerability- SQL INJECTION BUG "The attack used a previously unknown SQL injection vulnerability to gain access to exposed XG devices," Sophos said. The miscreant hackers attacked Sophos XG Firewall devices whose administration or user portal control panel were exposed on the internet. The hackers used the SQL Injection Vulnerability in XG firewall devices and downloaded a play-load on the device to steal data like passwords and usernames for the firewall device admin, portal admins, and user accounts for remot

According to cybersecurity experts, a new phishing campaign is allowing malware backdoor entry. The malware which is said to be created by hacking group Trickbot will enable hackers to jeopardize and take control of an organization's network. It is a necessary measure to have a back door for hackers to gain entry access and control the company's network in sophisticated network attacks. It is required in the following cyberattacks- corporate espionage, data extraction attacks, specified ransomware attacks. According to several reports, the attack was first discovered two weeks ago. The malware is called "BazarBackdoor" or simply "backdoor" by the cybersecurity experts. The malware serves as a tool kit for hackers to gain access to an enterprise's network. Trickbot is said to be the creator of this malware because of BazarBackdoor sharing similar coding, cryptos, and designs. About BazarBackdoor  The attacks first start in the form of phishing camp

During these ungodly hours of the pandemic with everyone stuck at home and yearning for some one-on-one time with friends and family stuck elsewhere, Facebook has come through like a Knight in shining armor. It has booted up Messenger and WhatsApp with fresh and much-needed video-calling features in light of the obvious hike in the “need” for video-calls via social media. In the areas that are affected to the greatest degrees by Coronavirus, researchers have seen an acute escalation in the usage of Messenger and its video calling feature, as much as double the earlier rate. With the latest WhatsApp update increasing the number of participants in its video/audio calls, Messenger has made available an update that could let users add up to 50 people in the Messenger Rooms. Turns out that these fresh features were always on the list of updates but they were rolled out to the users a little earlier than planned because of the pandemic and lock-downs. This update is scheduled t

The Ministry of Communications announced on April 22 that digital passes following Moscow will be introduced in 21 regions. On April 27, the Department plans to start the same in another 14 regions of Russia. Recall that digital passes began to operate in Moscow and Moscow region on April 15. More than 900 thousand permanent digital passes were issued, and about 400 thousand one-time passes are issued daily. Moscow Mayor Sergei Sobyanin announced last Saturday about additional changes in access control in Moscow due to the situation with coronavirus. Since April 22, the rules have been tightened by introducing automated surveillance of cars and fines for their unregistered owners. Cameras for the photo-video recording of traffic violations will track the presence of a special pass. Car owners, in order not to get a fine for violation of the pass regime, must include the car's license plate in the digital pass. Cars that are not included in digital passes will automatically

On Friday, the Japanese gaming giant, Nintendo confirms that around 160,000 user accounts of Nintendo Switch users have been affected in the recent hacking attempts. Nintendo's Switch game console is immensely popular among avid gamers and its demand has risen dramatically amid the lockdown forced by COVID-19 pandemic, making it out of stock almost everywhere. As the number of people turning to Nintendo is rapidly increasing, the number of hackers targeting digital accounts has also increased as a result. In the wake of the breach, Nintendo has disabled the option of logging into a Nintendo account via Nintendo Network ID (NNID)– login IDs and passwords of the users have been acquired in an unauthentic way by some means other than Nintendo's service, the company confirmed. Notably, these attempts to access accounts illegally have been made since the beginning of April. The information compromised during the breach includes usernames, DOB, email addresses, and country.

Cognizant Technology Solutions Corp., an IT giant with 3000 employees was recently hit by a strain of sophisticated Windows Ransomware called Maze, encrypting its systems and threatening to make its data public if they don’t pay the supposed ransom. is particular malware is proving to be quite lethal and is making headlines every week with their new victim. It has spread quite a disarray and chaos not only in the IT sector but even in other companies and firms which deal with sensitive user data. Maze, also known as “ChaCha Ransomware” , was first discovered in May 2019 and started attacking firms by encrypting files and blackmailing them by exposing their data to the public. It attacked Andrew Agencies in October then the city of Pensacola, US Insurance Company Chubb, the leading cable manufacturer Southwire Company (America), Medical Diagnostic Laboratories (MDLabs), Manitoba Law Firm (Canada) and now Cognizant. How is it more Different and Lethal than other Ransomware?  Th

Avast, a security firm, discovered in their research the growing scale of adware. According to the report, around 72% of malware on android was adware. Another report by Malwarebytes reveals some shocking numbers with 24 million windows adware detections and 30 million on Macs. Nowadays, with good search engines and added internet security, we hardly consider adware as a severe threat. There was a time, around 2002 when adware attacks were at an all-time high. It was quite common to be faced with pop-ups and adds opening another window showing adverts. Only a few software provided essential protection against these pop-ups. But in this digital-savvy decade, we hardly consider pop-ups as a security threat, but this report by Avast tells a different story. The numbers show that adware is still very much present and thriving. "Adware is unwanted software designed to throw advertisements up on your screen, most often within a web browser." This adware campaign can have malic

According to the research of Positive technologies, every second mobile banking application has a vulnerability through which fraudsters can steal the money of its users. The company selected 14 mobile apps for the Android and IOS operating systems, which were downloaded more than 500 thousand times from the Google Play and App Store. It is noted that in 13 out of 14 applications, access to personal user data is possible. Hackers can exploit 76% of vulnerabilities in mobile banks without physical access to the device. "None of the studied mobile banking applications has an acceptable level of security. In every second mobile Bank, fraudulent transactions and theft of funds are possible. In five out of seven applications, logins and passwords from user accounts are threatened, and bank card data may be stolen in every third application,” experts conclude. The company's experts advise users to set a PIN code to unlock the device to limit the ability of attackers to ga

The SITE Intelligence Group, a non-governmental US-based consultancy group that monitors online activities of international terrorist groups and tracks global extremism, recently discovered around 25,000 email addresses and passwords being posted online by unidentified activists. Reportedly, these credentials belong to the World Health Organisation, National Institutes of Health, the Gates Foundation, and various other organizations united in the global battle against COVID-19 – working to contain the spread of the Coronavirus. The data of unidentified origins was exposed on Sunday and Monday and straight away used by cybercriminals to make attempts at hacking and take advantage of the posted information by causing incidents of harassment led by far-right extremists. The information made its first appearance on 4chan, an imageboard website where people anonymously post their opinions on subjects ranging from politics, anime, music, video games to sports and literature. It then sub

Pavel Durov, the Creator of the social network Vkontakte and the Telegram messenger, said that the world can expect a “civilizational shift passing through generations” after the coronavirus pandemic. He wrote about this in his Telegram channel. The entrepreneur called the spread of the coronavirus "a threat to our entire species." "When the pandemic ends, the world will not return to normal. It depends on us whether the new world will be a better place than the one that we leave behind,” wrote he. Durov believes that isolation is a chance for everyone to create a "better version of themselves", as well as for technology to prove its value. The messenger's founder said that this month Telegram verified and started promoting 17 channels of the Ministries of Health in different countries of the world. He also noted that Telegram is not a company that can be considered to cooperate with government agencies, but in this particular case, an exception wa

“The country is in the middle of a major digital transformation, and organizations like Jio have played a big part in getting hundreds of millions of Indian people and small businesses online. With communities around the world in lockdown, many of these entrepreneurs need digital tools they can rely on to find and communicate with customers and grow their businesses.” This is what Mark Zuckerberg, the CEO of Facebook, said in a post to his Facebook page on the occasion of the social media giant making its biggest single investment by putting $5.7 billion into Jio Platforms of India on Tuesday. Adding later on that the move indicates its 'commitment' to India, as approximately more than 388 million people in India have been in a solid connection with the internet service over the past four years via Jio. While numerous businesses have been harmed by the aftermath from the Covid-19 pandemic, huge technology companies are positioned to profit over the long haul as more pe

Finally! The days of whining about the limited number of participants you could add to WhatsApp’s group video and audio calls are OVER! Praise digital advancement, because the limit has been increased from 4 to 8 participants. For people stuck far away from their families and in times that strictly demand social distancing, video calling applications contribute a lot in keeping us all sane by helping us feel close to our loved ones. People have often found the number of participants in the group video/audio calls a major limitation of the otherwise significantly efficient WhatsApp. Hence when WhatsApp, taking into account the terrific rise in the usage of Video Calling applications, at long last has decided to increase the number of contacts you can add to a group video/audio call, we can’t help but be happy. The new feature would be exclusively available for the users of Android and iOS beta. The installation of the 2.20.50.25 update for the iOS beta users and the 2.20.

According to the Lidové noviny newspaper, a foreign state may be behind the cyberattacks, and hacker groups from Russia may be involved. "The organizer is a foreign country. It is beginning to become clear that Russia may be behind this. IP addresses lead there," a high-ranking officer who is part of the team of investigators told the newspaper. His words were confirmed by a member of the Czech Security Council. Last week, hackers tried to hack into hospital networks in the Czech Republic. According to Health Minister Adam Vojtech, all attacks were repelled, "but other attacks may follow." Attacks to the Czech Republic, caused during the pandemic, was mentioned in a speech last weekend by US Secretary Mike Pompeo. He warned that such attacks will not go unpunished. "I highly appreciate the support of the United States and all its allies who are helping to ensure our country's cybersecurity. Cyberattacks on Czech medical institutions during the fi

The Ministry of Digital Development, Communications and Mass Media of the Russian Federation will develop a similar Zoom platform for video communication by the beginning of the new school year. This was announced on Saturday by Minister of Education Sergey Kravtsov. "Together with the Ministry of Digital Development, Communications and Mass Media, we are developing a new domestic product Digital educational environment, which will use only domestic developments, only domestic software, including a video platform similar to Zoom and Skype," said the Minister. The Minister stressed that such a platform is necessary in order to exclude problems related to the instability of foreign systems from the educational process. Kravtsov noted that, for example, the use of Zoom was abandoned in Singapore, because there was "unauthorized access to the education process". Recall that on March 14, in order to prevent coronavirus, it was recommended to transfer students to

These days of lock-down have left cyber-criminals feeling pretty antsy about “working from home”. Not that it has mattered because apparently, that is why the number of cyber-crime cases has only hiked especially the Phishing attacks. This has gotten Google working on its machine-learning models to bolster the security of Gmail to create a stronger security front against cyber-criminals. Given the current conditions, the attackers seem to have a morbid sense when it comes to the themes of the Phishing attacks, i.e. COVID-19. Reportedly, 18 Million such attacks were blocked in a single week. Which amount up to 2.5% of the 100 Million phishing attacks it allegedly dodges every day. Google, per sources, is also occupied with jamming around 240 Million spam messages on a daily basis. These phishing attacks and spams at such a worrisome time have impelled Google and Microsoft to modify their products’ mechanisms for creating a better security structure. Reportedly, the number of

Open-source softwares (OSS) are released under a special license that makes its source code available to the user to inspect, use, modify and enhance. It is a misunderstood term that these are not copyrighted, instead, they are copyrighted under a license that lets it users study, change and use its source code or services (depending upon the software) for commercial use. Some of the common open source softwares are Linux, Red Hat, Ubuntu, GitHub, FreeBSD, and fedora. Just five years ago the tech world was quite critical and skeptical of open source softwares with Microsoft CEO Steve Ballmer calling Linux as 'cancer ' and open source software as 'a communist threat' but OSS since then have come a long way with the success of Red Hat and Linux. Open source has given a silver lining to the underdog developers and defied the monopoly of tech giants giving power to small businesses and individuals to grow using their open-source code. But what the open-source devote

Mozilla Firefox users are receiving alerts regarding multiple vulnerabilities in the web browser by the Indian Computer Emergency Response Team (CERT-In). An advisory has also been issued in the regard asking the users to update their web browsers as soon as possible. While rating the severity of the vulnerability as 'High' on all the versions of Mozilla Firefox that have been released before version 75 and version 68.7 on Mozilla Firefox ESR, the CERT-In stated in the advisory that remote hackers can take advantage of these browser flaws to acquire sensitive data through the browser. According to the CERT-In advisory, “Out-of-Bounds Read Vulnerability in Mozilla Firefox ( CVE-2020-6821 ). This vulnerability exists in Mozilla Firefox due to a boundary condition when using the WebGLcopyTexSubImage method. A remote attacker could exploit this vulnerability by specially crafted web pages. Successful exploitation of this vulnerability could allow a remote attacker to disclos

With the rise in the in-application subscription scams on Android, Google subsequently announced the introduction of new Play Store policies intended to forestall such scams in the near future. The American multinational technology additionally pledged to provide Android users with direct assistance in the form of notifications when a trial is going to turn into a paid subscription, or a subscription is going to renew consequently. The new policies announced that demand application developers offer clear info about the obligations associated with subscription models and free trials, and provide a simple and easy way through which users can cancel subscriptions. These latest policies are a small part of a more extensive Google campaign, aimed especially at ensuring the privacy and security of Android users. The newly announced policies focus mostly on fleeceware, a form of application that 'manipulates' trial periods and membership models to defraud victims. This kind o

Lithuania has published an annual report submitted by the Ministry of Defense, in which it accused the Russian media of misinformation. According to Lithuanian experts, the number of complex cyberattacks in the Baltic Republic has increased, which were more advanced both in terms of technological solutions and in terms of content. According to them, some Russian publications form a negative image of Lithuania, and its image is not true. The Ministry noted that the image of Lithuania as a hostile and unreliable state is being created. Russian Media uses content that incites war and national hatred, as well as falsified facts, video editing, and deliberately distorted statements. According to the Ministry of Defense, the flow of such information increases during significant events in foreign policy and within the country in order to form a negative image of Lithuania in the West. It should be noted that Russian journalists are regularly hindered from performing their profess

BT Tower, which is a communication tower in London, further suspends the replacement of Huawei from the EE company's core network. EE is a British ISP and mobile network company which deals with 4g/5g phones, broadband, and sims. According to the reports, Huawei is expected to continue as a part of the EE network. The news comes as a surprise because in 2018, the company BT said that within two years, it would remove Huawei equipment from its network hub. But now, after two years, BT says that the new 100% core mobile traffic would be ready by 2023 on its new Ericsson built equipment, even though the government deadline was January 2020. Besides this, BT condemns the government for also controlling 65% of the network's perimeter to get relieved of Huawei's equipment. About 5G core and its importance-  A smartphone's network's core is like a brain or the heart of the device. Inside the 5G center, voice and other data are directed over different sub-networks

In addition to all the reasons ransomware were already dangerous and compulsive, there’s another one that the recent operators are employing to scare the wits out of their targets. Cyber-criminals now tend to be threatening their victims with publishing and compromising their stolen data if the ransom doesn’t get paid or any other conditions aren’t followed through with. The tactic in question is referred to as “Double Extortion” and quite aptly so. Per sources, its usage emerged in the latter half of 2019 apparently in use, by the Sodinokibi, DopplePaymer and Clop ransomware families. Double extortion is all about doubling the malicious impact a normal ransomware attack could create. So the cyber-criminals try and stack up all sorts of pressure on the victims in the form of leaked information on the dark web, etc. They just want to make sure that the victims are left with no other option but to pay the ransom and meet all the conditions of the attack, no matter how outrageo