News of the Cyber World - Printable Version+- Save-Point (https://www.save-point.org)
+-- Forum: Official Area (https://www.save-point.org/forum-3.html)
+--- Forum: Tech Talk (https://www.save-point.org/forum-87.html)
+--- Thread:
News of the Cyber World (/thread-7678.html)News of the Cyber World - kyonides - 03-13-2020
News of the Cyber World
In the present thread I will post some curious news relating to cyber security, (design) flaws, adaptations, modifications, mobile apps and the like.
Modern ram used for computers vulnerable to Rowhammer attacks
https://www.linuxexperten.com/news/modern-ram-used-computers-vulnerable-rowhammer-attacks
Rowhammer attack is a means by which hackers can exploit the very same nature of DRAM, its high cell density to increase its capacity in GB of memory and data exchange. How does it happen? Well, those memory cells are able to leak its contents to other cells that had nothing to do with the cell block requested by any application to run properly. Usually programmers and designers would AVOID it at all costs but makers seemed to be lazy and refused to address the problem for years.
You wouldn't want your videogame session to overlap your homework written on Word / Powerpoint or LibreOffice Writer / Presentation that took you weeks to compile after readings dozen of boring books on subjects you find tedious and full of crappy stuff included between those very few snippets of information you have extracted from it, right?
Target Row Refresh (TRR) or the way they planned to deal with such issues are kind of laughable from a hacker's perpective it seems. Your data loaded on your DRAM is still in danger!
Nowadays they appear to be working on it at a slow pace...
in vane because a study reveal a custom tool a research group made can be used to retrieve encryption keys from memory, or escalate an attacker's access right to sudo/SYSTEM-level on some of those flash new memory cards.A real scandal...
Edge Browser Scores Worst In Telemetry Privacy
https://www.linuxexperten.com/news/edge-browser-scores-worst-telemetry-privacy
I guess you might prefer to use Firefox or Brave or Chromium instead, if you're working on a Windows box. Linux users don't have to worry about it.
By the way, Yandex is a bad as Edge.
2FA code-stealing flaw in authenticator app
https://www.zdnet.com/article/google-could-have-fixed-2fa-code-stealing-flaw-in-authenticator-app-years-ago/
Researchers from ThreatFabric found out that Android phones might still be in danger.
Cerberus, a flaw capable of stealing some security codes generated by Android via Google Authenticator app, was discovered back in 2014 and the finder alerted Google about it on GitHub. Nightwatch researchers raised this very same point again in 2017 when they reported the same issue to Google's security team, says ZDNET.
Cerberus is also a hybrid between a banking trojan and a remote access trojan (RAT). It will get installed on your phone and then access the authenticator, take a screenshot of it with the generated codes and send them back to hackers eager to place their dirty hands on them. Yes, they get access to your banking data stored on your phone...
Frightening indeed!A SandCastle for an Apple SandBox
https://www.linuxexperten.com/news/hack-turns-apples-iphone-android
Did you ever want to make your iPhone behave like an Android? Are you tired of having a phone that looks more like a sandbox? You no longer care about your device's warranty!?
Then this news are good for you!
Now you can turn your iPhone into an Android!
Project Sandcastle is the solution a startup, namely Corellium, is offering to make it possible.
There's a catch! There's always a catch!
There's always a catch!Corellium has been sued by Apple.
You see, Apple does think it has the sole right to own your iPhone. They forget you purchased it sometime ago.By the way, they also sued a bank and some US military contractor...
RE: News of the Cyber World - kyonides - 04-08-2020
Zoom Alert!
Zoom banned by Taiwan's government over China security fears
https://www.bbc.com/news/technology-52200507
BBC Wrote:It follows revelations that some Zoom traffic was "mistakenly" routed through China, which does not recognise Taiwan's independence.
A mistake!? Just a mistake!? 
You gotta be blind for calling it an error or something that took place "by chance".
Now that you mention it, has Trump done the same in USA?Why should we care about Zoom?
It's not like they're a Chinese product...
Oh wait! It is Chinese in one way or another because Eric Yuan was born in Tai'an, Shandong in China.Why should we judge him for being a Chinese guy living abroad?
If you can trust Wikipedia, he'd living in the Santa Clara, California. Even so we can say he might have connections with the Chinese government.
What makes you think so?
There has been a few reports of security flaws or undesired behavior in Zoom. The latest one regards the transmission of calls THROUGH a Chinese server that didn't make any sense for the call was made in another country, namely USA.
So what? I just get my meeting and we're all happy at the end!
Not so fast, guys! You gotta know that China normally keeps sniffing around and even steals data, information, money. Such "innocent meetings" are a good source of data they might later use in illegal ways. Plus, the Chinese Party forces companies that have subsidiaries, servers and others located within their territory to SHARE data with the government! Even internet networks are forced to communicate with their Party! Companies established there are also in need of admitting Chinese Party members as part of their administration! 
Recommendation
Go follow Taiwan's example. They know firsthand why they can't trust anything related to mainland China.
RE: News of the Cyber World - kyonides - 04-10-2020
Singapore stops Zoom for online education as hackers strike
https://apnews.com/b3b5aafba2e6838d10cfbf3a330c3bf2Associated Press Wrote:Singapore has suspended the use of Zoom for online education after hackers hijacked a lesson and showed obscene images to students.You can't say I didn't warn you about its vulnerabilities in the past few days...
In what is known as “Zoombombing,” two hackers interrupted a geography lesson a day after Singapore closed schools on Wednesday in partial lockdown measures to help curb local transmissions of the coronavirus.
RE: News of the Cyber World - kyonides - 05-04-2020
Scammers are abusing mobile ad networks in an attempt to phish Android app users
https://www.cyberscoop.com/ad-network-malware-android-startapp-adsalsa-wandera/CyberScoop Wrote:A network that delivers ads to hundreds of Android apps also is directing users to malicious websites that could help scammers steal their information or overrun their device with spam.We're talking about over 400 Android apps that might infect you because they depend on this software.
They first fool developers by giving them fake SDKs. Then they unknowingly share their apps with that malicious add service and boom! Hackers gotcha! 
They also use push notifications trying to make you tap on them! They want you to watch porn or play games that ask you for your personal data!They've attempted to reach the New York based company in charge of StartApp, but the company remains silent...
Beware of AdSalsa! It's a firm located in Spain that is serving those fake ads!
The latest in FBI impersonation: An extortion scheme involving mobile ransomware
https://www.cyberscoop.com/android-ransomware-check-point-fbi/While the FBI surely gets involved in unlocking phones and chasing down hackers from pretty much anywhere in the world, its duties do not include locking a suspect’s phone and demanding a fee to get the data back.
Cyberscoop warn that crooks are encrypting the data on Android phones, accusing the victims of possessing illegal pornographic material and claiming that their personal details have been sent to an FBI data center. Victims are told to pay $500 to escape the situation.
Needless to say that paying the criminals to restore your files is useless.
RE: News of the Cyber World - kyonides - 05-15-2020
Zoom is the Target of Hackers Once Again
https://www.bbc.com/news/world-us-canada-52668124Now you can't even study the Bible via Zoom because hackers might show you obscene and immoral child abuse scenes.
Cyberattack hits internal IT systems of key player in British power market
https://www.cyberscoop.com/elexon-cyberattack-uk-electricity-market/
You could say who cares? Yeah, well, US has experienced the same attacks already. Without electricity, how would you read your newspaper online? Or how are you supposed to telework at all?
Security incident knocks UK supercomputer service offline for days
https://www.cyberscoop.com/archer-supercomputer-security-incident/
They call it Archer and guess what?
It also handled coronavirus data. It will take several days to restore it. If they can do it with such a mainframe, why would you ever think they won't try to hit your computer next? Microsoft opens up coronavirus threat data to the public
https://www.cyberscoop.com/microsoft-coronavirus-threat-intelligence/
Perhaps you're thinking why should you care about this...
You definitely should! Hackers have been using Office 365 accounts to spread their malware!Kim Jong Un ‘backing crypto hackers’
https://asiatimes.com/2020/05/kim-jong-un-backing-crypto-hackers/
The article states some experts think they're desperate because of
and his ruler demanded the Lazarus Group to hit South Korea and US! Their favorite method is the phishing scam! They wanna steal your bitcoins!
RE: News of the Cyber World - kyonides - 05-16-2020
Brave Browser might not be as secure as you once thought
https://www.netsparker.com/blog/web-security/brave-browser-sacrifices-security/
They tell you they block third party calls whenever they ask for scripts or connections to third party sites, etc. The truth is they have whitelisted pages like Facebook and Twitter by default saying that was a feature request. On the other hand it might not run third party scripts from Google... on the same page at least. It opens a new tab... Still, the exceptions list is hardcoded and you know what that means!
You can't change that!Brave can also track your mobile phone's IP addresses or more specifically, let Facebook do it without your consent. Nope, a dynamic IP address won't stop them from identifying you as the user.
And just in case you thought you could solve it a la Firefox, well, let me tell you that it has a weird version of third party scripts and buttons kind of settings. It mentions a few services like Facebook, Twitter, Google services including Hangouts, and LinkedIn, plus connecting with Tor.
That's something that might also mean you could connect to the deep web or even the dark web if you choose so. Nope, there doesn't seem to show you if there are more websites whitelisted by default. Suspicious indeed. It also runs background apps even if you close the browser. You can disable it but you'd need to confirm there's nothing weird running in the task manager thereafter...If you open Save-Point there, you'll soon notice our beloved search bar gets misplaced.
Romania joins the list of countries that became the target of cyberattacks from hackers, hospitals were at risk!
https://www.cyberscoop.com/romania-ransomware-hospitals-coronavirus/
Hackers still relied on posing as government officials and send malicious emails to public health institutions that purported to contain information on
So if you ever get a North Korean or Chinese or Russian or even Iranian version of it, well don't open it!US Commerce Department tightens screws on Huawei export controls
https://www.cyberscoop.com/huawei-export-controls-commerce-department/
Now US authorities won't let companies sell software to Huawei unless they buy a license from the US government first. Why did they approve such a measure? Because Huawei had found ways to circumvent the previous ones.
Scammers steal $10 million from Norway's Norfund, the largest sovereign wealth fund
https://www.cyberscoop.com/norfund-hacked-wealth-fund-10-million/
I mention this because US said some hackers have stolen US$1.7 billion from US based companies and branch offices by impersonating the incumbent companies' employees like managers and others. Other countries affected by this sort of scam are Japan and Bangladesh.
CyberScoop also
U.S. prosecutors have charged a Russian man with leasing accounts to a cybercriminal group that has haunted victims for years.A few days earlier, some hackers told the world they had hacked Banco de Costa Rica's systems, it's one of the Costa Rican public banks...
BCR for short denied their claims but they replied back that they actually did it and would keep posting data if they don't do anything to block them next time they wanted to hit them.
RE: News of the Cyber World - kyonides - 05-19-2020
Tor, Fraudsters, Vaccines and Face Masks
https://www.bbc.com/news/business-52577776Criminals hope a heightened sense of fear will make people rush to buy these products, and as a result these items are not cheap; an Australian Institute of Criminology report found the average fake vaccine was being sold for about $370 (£300), while one supposedly sourced from China was selling for between $10-15,000 (£8-12,000).
A year ago they'd have offered you stolen airmiles.
They also pretend to be NHS workers or represent companies like Apple and or services like LinkedIn.
Right, some people use the dark web to blame Bill Gates for creating
Well, they love conspiracy theories.BBC Business Wrote:Two ransomware groups had said they would not attack any hospitals or healthcare organisations during the pandemic, but as Foreign Secretary Dominic Raab outlined in a recent press briefing, there is evidence that criminal gangs are actively targeting national and international organisations that are responding to the pandemic - including hospitals.
What they forgot to tell you is that many of them might still be running on Windows 7 which has no free support.
RE: News of the Cyber World - kyonides - 05-21-2020
Mitsubishi is in troubles! Missile Data was compromised!
https://www.cyberscoop.com/mitsubishi-japan-missile-data-breach/
CyberScoop Wrote:Japan is investigating a possible breach of sensitive defense contracting data following a cyberattack last year on electronics giant Mitsubishi Electric, officials said Wednesday.
Data likely stolen in the hack, which Mitsubishi disclosed earlier this year, included specifications of hypersonic missile prototypes that Japan is developing
Guess what's China gonna show off next year or later on? "Japanese" hypersonic missiles! 'Greenbug' hacking group hits three telecom firms in Pakistan
https://www.cyberscoop.com/greenbug-symantec-iran-hacking-pakistan/
CyberScoop Wrote:For the past several months, suspected Iranian hackers have been rooting around the IT systems of at least three telecommunications companies in Pakistan, accessing data servers when it suits them, according to cybersecurity company Symantec.Guys,
that's just training for hackers. Your very own telecoms might become their next targets.Home Chef food delivery service confirms breach, two weeks after stolen data went for sale
https://www.cyberscoop.com/home-chef-data-breach-shiny-hunters/
CyberScoop Wrote:The stolen Home Chef records were for sale for $2,500 at the time they were found.They probably used Tor or a similar browser to open dark websites and sell such data there to any bidder.
Nearly two weeks after security researchers said they found usernames and passwords belonging to Home Chef users for sale, the Chicago-based company said a security incident has resulted in the compromise of information about an undisclosed number of its customers. The announcement confirms prior claims from a hacking group, known only at Shiny Hunters, which alleged it had breached a number of seemingly random companies, then posted the stolen data for sale on forums frequented by cybercriminals.
By the way, keep in mind Home Chef now belongs to Kroger the grocery store chain...
Keep in mind they also owned Lucky and it filed for bankruptcy earlier this year...
RE: News of the Cyber World - kyonides - 05-22-2020
I've Got Positive News for Gamers!
Graphics Will Be Seriously Improved!
This news is especially interesting for future Xbox Series X and PlayStation 5 owners!
You might forget all about rasterisation and programmable shaders!BBC Wrote:Tech company Nvidia announced last year their latest graphics processing units (GPUs) will handle real-time ray tracing.
Working with Nvidia, Microsoft developed a ray tracing update to Windows 10.
Microsoft and Sony have announced their upcoming consoles, the Xbox Series X and the PlayStation 5, will have ray tracing capabilities. Both of these systems are built on Advanced Micro Devices (AMD) hardware.
Well, if you wanted to experience a graphical level of quality you've used to in high profile movies, this might be your chance to go beyond your current expectations! Curiously they picked AMD as a based for their hardware.
What does it do?
BBC Wrote:The technique simulates a three-dimensional image by calculating each ray of light and promises stunning lighting effects with realistic reflections and shadows.
The method finds where it bounces, collects information about what those objects are, then uses it to lay down a pixel and compose a scene.
RE: News of the Cyber World - kyonides - 05-27-2020
German Intelligence Claims the Kremlin is Behind Cyber Attacks
https://www.cyberscoop.com/german-intelligence-memo-berserk-bear-critical-infrastructure/They informed the national and international communities of the existence of this hacking group and how they're heavily interested in attacking German infrastructure. Other intelligence agencies have reported intrusions of this group in the past.
So are Germans safe? Well, if that depends on how soon their industry improves their cyber security from now on.
Why should you care if you're German?
Nah, you shouldn't... unless you suddenly notice an electric or gas company got infiltrated by Berserk Bear... 
US Authorities Arrested an Ukrainian Involved in Scamming Lots of Americans
https://www.cyberscoop.com/fin7-hacking-arrest-financial/What's FIN7? It's a hacking syndicate known for stealing approximately $1 billion from its victims in the United States. Some of their favorite misdeeds are wire and bank fraud and aggravated identity theft. They reported FIN7 has gone after restaurants including Chipotle, Red Robin, Taco John, as well as a credit union and a casino. Hotels and law firms aren't safe at all.