Jump to content

SilentRoom

Members
  • Content Count

    243
  • Joined

  • Last visited

  • Days Won

    1

SilentRoom last won the day on October 10 2020

SilentRoom had the most liked content!

Community Reputation

19 Good

About SilentRoom

  • Rank
    Rank #5

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. The non-profit organization RIPE NCC, which manages and assigns IPv4 and IPv6 addresses for Europe, the Middle East and some Central Asian countries, spoke about a credential stuffing attack on the RIPE NCC Access SSO service. “Last weekend, our single sign-on (SSO) service, RIPE NCC Access, was subjected to a hacking attempt that appeared to be a credential substitution attack,” the organization said. The RIPE NCC prevented the attack and reported that no account had been compromised. The investigation is still ongoing. The RIPE NCC has also asked members to enable two-factor authentication on their RIPE NCC Access accounts to ensure account security.
  2. WhatsApp plans to repeat its attempt to implement the updated privacy policy, which has caused a barrage of criticism against the messenger. “In the coming weeks,” the company will begin sending users relevant notices and providing more information before requiring users to agree to the new terms of use. “In the coming weeks, we will be showing banners on WhatsApp with additional information that people can read at their own pace. We've also included additional information to try to allay concerns we hear. Eventually, we will start reminding people to read and agree to these updates if they want to continue using WhatsApp, ”the WhatsApp blog said. We are talking about the changes to the privacy policy announced in January of this year, which were to take effect on February 8, 2021. However, the rollout of new policies was temporarily suspended as dissenting users began to abandon WhatsApp and look for alternatives to the messenger. Users will eventually have to agree to the new terms by May 15, 2021, when the new policies take effect. The updated privacy policies reflect the current commercialization drive of Facebook, which owns WhatsApp. For the messenger, this meant expanding the tools for exchanging business messaging and adding new functions to the application for making purchases. The new terms of use detail Facebook's role in facilitating these interactions. According to experts, this could lead to the fact that interactions with companies on WhatsApp can affect the ads displayed on Facebook. Changing messaging policies without the knowledge of users and a general distrust of Facebook proved to be the perfect springboard for spreading misinformation. Many users interpreted the policy update as an attempt to force WhatsApp users to provide Facebook with even more data without the option to opt out. In fact, Facebook already had the ability to collect various information about the actions of users in the messenger. Whether WhatsApp will be able to rebuild its credibility and retain users with the new explanatory banners is unknown. The surge in interest in alternative messaging apps like Signal and Telegram could hurt WhatsApp's popularity. As the company said, it understands that users are looking for alternative messengers. However, she said, these services may be less "reliable and secure" than WhatsApp.
  3. Universities, organizations, and tech giants such as Microsoft and Facebook are working on deepfake detection tools to prevent them from being used for disinformation and spreading malicious media. However, a team of scientists from the University of California, San Diego at the WACV 2021 conference reported that deepfake detectors can still be tricked by injecting input data (adversarial examples) into every video frame. According to experts, adversarial examples are image manipulations that can lead to errors in the operation of artificial intelligence systems. Most detectors work by tracking faces in video and sending cropped data to a neural network. The detector's system then determines if the video is genuine by analyzing elements that don't play well in deepfakes, such as blinking. By creating adversarial face examples and inserting them into each video frame, the scientists found, they were able to trick modern deepfake detectors. In addition, the technique they developed works even for compressed videos and even if they did not have full access to the detector model.
  4. Cybercriminals constantly come up with new ways to evade detection and carry out their evil intentions. Information security specialists from BitDam talked about a number of new methods used by fraudsters in real attacks in 2021. Email security solutions typically rely on newly created email domains that have not yet been flagged as dangerous, experts say. Criminals are now increasingly using this fact to increase the chances of phishing emails and malware getting into users' mailboxes. The report also argues that cybersecurity solutions do not always classify error messages as suspicious, prompting criminals to create fake error messages in email attachments in conjunction with retry buttons. Clicking a button like this redirects the victim to a website under the attacker's control, where they are prompted to enter their credentials. The combination of these tactics makes it extremely difficult for security solutions to detect malicious emails.
  5. The non-profit organization Wikimedia Foundation, which runs Wikipedia, has published a "universal code of conduct" aimed at curbing abuse, misinformation and manipulation in a global online encyclopedia. The new code was released to expand on existing policies and create a set of community standards to combat “negative behavior”. The new policy is intended to thwart efforts to distort and manipulate the content of Wikipedia, which is largely run by volunteer users. The code is 1,600 words and was developed with the input of approximately 1,500 volunteers around the world. The document contains language aimed at preventing the abuse of power and influence to intimidate others, as well as the deliberate introduction of false or inaccurate material.
  6. 90% of UK and US office workers share personal and confidential information on social media, potentially exposing themselves and their organization to the risks of online fraud, phishing and other cyber threats. Specialists from Tessian conducted a survey among 4 thousand employees of various companies from the UK and the USA, as well as 10 information security experts specializing in social engineering. As it became known from the results of the survey, 59% of respondents share the names and photos of their children, 72% mention birthday dates and even more (81%) update their status of work in social networks. More than half of employees (55%) admitted to have public Facebook profiles, and only one third (32%) have a personal Instagram account. The overwhelming majority (84%) of those surveyed publish messages on social networks every week, and almost half (42%) - every day. Tessian experts also noted numerous ways that such readily available online information is used by fraudsters to launch attacks on specific users. Even messages outside the office that contain too much information can be used against a person, allowing an attacker to impersonate a victim on the Web. The number of social engineering attacks and Internet fraud attacks increased by 15% in the past six months compared to the previous half. About 88% of respondents reported receiving suspicious emails in 2020.
  7. Gref stressed that fraudsters in cyber attacks also almost always use artificial intelligence - in particular, deepfake technologies. "They can call and speak from your number in your voice. This is a gigantic threat, it is hard for a normal person to fight this, and powerful protection systems must come to the rescue," said the head of Sberbank. For business and society as a whole, this is a great threat, since it is still very difficult to resist such fraud. "Powerful systems of protection against this kind of counterfeiting should come to the rescue," the head of the bank said. In most cases, Sberbank's algorithms recognize and stop suspicious transactions, Gref said. “It sometimes causes discomfort when you want to have an operation and the artificial intelligence thinks it is a fraudulent operation. But nevertheless it is critical for protection, ”he explained. At the same time, Gref added that Sberbank is more often than other banks in Europe subjected to hacker attacks. To resist them, he said, the internal defense system helps.
  8. Last year, SecurityLab wrote about a new method to bypass Network Address Translation (NAT) and firewalls, allowing remote access to TCP / UDP services on the victim's internal network. Known as NAT Slipstreaming, the attack uses a browser and Application Level Gateway (ALG) mechanism to track connections from firewalls, NATs, and routers. Now security researchers from Armis have detailed a new version of this attack, called NAT Slipstreaming 2.0, which can bypass NAT Slipstreaming protection, and also expands the attacker's reach, allowing you to create paths to any device on the victim's internal network. Embedded and unmanaged devices are at risk of attacks by allowing attackers to gain access to devices located on internal networks, experts say. Unmanaged devices are at greater risk because they are often weakly secured, they require little or no authentication to access data, and can contain various vulnerabilities. Such devices can include printers accessible through the default print protocol, industrial controllers using unauthenticated protocols, and IP cameras that have an internal web server protected by built-in credentials. The new attack option allows you to connect to any destination port, completely bypassing the protections that browser manufacturers have introduced against NAT Slipstreaming. As before, the attacker needs to create a website with malicious code and then trick the victim into visiting the resource.
  9. The recently updated US White House website has posted a vacancy for a technician, but only those with good technical skills can see the ad. The hidden HTML code at www.whitehouse.gov is an invitation to work for the U.S. Digital Service, a White House-controlled division whose mission is to improve the quality of the services it provides to the public with new technologies. “If you are reading this, then we need your help in order to do better than it was,” reads the ad. "Better than it was" (English Building Back Better) - the slogan of the election campaign of Joe Biden, who became the 46th US president after Donald Trump. The digital service was created in 2014 by Barack Obama, then the US President. Its goal was to find experts in technology to improve public services, for example, to modernize the payment system of the national health insurance program Medicare. Typically, Digital Service employs professionals for a period of one to two years. New York-based information security company Red Balloon Security also offers unusual testing for applicants. Instead of wasting time researching the resume of everyone who wants to get a job, the company sends them encrypted hard drives with bitcoins. The one who decoded them must buy a ticket to New York for the interview with the money received.
  10. The actual implementation of the law obliging manufacturers of smartphones, computers and smart TVs to pre-install domestic applications and services on devices may not meet the expectations of the document developers and software creators. These programs are likely to be easily ignored. Users will be able to see domestic software only in the selection window during the activation of a new device. However, the installation can be easily skipped. To show links to programs only in the process of activating the gadget, manufacturers are allowed by a bylaw of the government. This is one of three pre-installation options, the other two are placing programs directly on the device or adding link icons to it, allowing you to start downloading and installing. The same regulation does not allow device manufacturers to charge their developers for preinstalling applications. One of Kommersant's sources noted that this situation does not suit, for example, Yandex: "The company insists on installing on a hard drive, and requires that its services be located on the main screen of the smartphone along with Google services, which are pre-installed on all Android devices. ". At the same time, the search engine (disguising payments, for example, as marketing, so as not to formally violate the regulation) is ready to pay much less than before paying openly - about 25 rubles instead of 1-5 dollars for each smartphone. The list of 16 mandatory Russian applications for smartphones and tablets includes Yandex.Browser, Yandex search engine, Yandex.Disk, Yandex.Maps, Mail.ru Mail, ICQ, Marusya's glossary assistant, News Mail.ru, OK Live, VKontakte, Odnoklassniki, MirPay (Android only), Gosuslugi, MyOffis Documents, Kaspersky Internet Security (Android only) and Applist.ru. For violation of the law, it is proposed to fine officials in the amount of up to 50 thousand rubles, and legal - up to 200 thousand rubles.
  11. A security researcher from the Austrian company SEC Consult has discovered a number of vulnerabilities in Pepperl + Fuchs Comtrol IO-Link Master industrial gateways. Exploitation of vulnerabilities allows root access to the device and create backdoors. The issues identified are Cross Site Request Forgery (CVE-2020-12511), Cross Site Scripting (CVE-2020-12512), Blind Command Injection (CVE-2020-12513), and Denial of Service (CVE-2020-12514) ). The affected products use outdated versions of third-party components including PHP, OpenSSL, BusyBox, the Linux kernel, and lighttpd, which are known to contain various issues. According to the expert, if an attacker gains access to one of the vulnerable Comtrol devices, he will be able to execute commands on the device with superuser privileges and deploy permanent backdoors. The vendor patched the vulnerabilities discovered by SEC Consult several months after being notified. SEC Consult has also published a security notice containing a PoC code for exploiting each of the vulnerabilities.
  12. Employees of the Investigation Department of the Police of the Ministry of Internal Affairs of Russia for the city of Tambov completed the investigation of a criminal case on theft of money from ATMs in Tambov. In August 2020, a criminal group that came from the Moscow region, using special manipulations and bank cards of residents of Tambov, stole money from ATMs. The criminals managed to commit 59 crimes, during which they allegedly credited funds to the card, deceiving equipment. At the ATM, the system malfunctioned and it issued a message that funds allegedly could not be credited, and then the device returned the money in the form of real cash in a bill of 5 thousand rubles. Law enforcement officers detained two malefactors. The total amount of damage to the bank was about 300 thousand rubles, the thieves managed to spend the stolen funds on their own needs. The involvement of the detained persons in similar facts in other regions is being checked.
  13. The Telegram messenger was downloaded more than 545 thousand times from Wednesday to Sunday, which is three times more than the number of downloads for the same period in the previous week. The growth in popularity is associated with the blocking of Donald Trump's accounts on social networks and the shutdown of the social network Parler, popular among supporters of the US President. Another reason for the growing popularity of the messenger is the new WhatsApp privacy policy, according to which the application will collect user data for the Facebook family of applications. Durov, after changing the privacy policy of WhatsApp, announced the accelerated "flight" of users in Telegram. According to him, at the same time, paid bots appeared, which began to publish fakes about Telegram and "biased information" about WhatsApp.
  14. Analysts at the US Congress prepared a report in which they said that Russia is experiencing a shortage of personnel in its cyber divisions. For this reason, she allegedly hires hackers on the side. “The Russian security services, like other government agencies, experience difficulties in recruiting qualified personnel. There is competition for talent between the private sector and rival structures. This ... often forces the Russian security services to use the services of hackers from the civil and criminal spheres or buy malware, ”the report says. According to RT, American analysts also accuse Moscow of using its "extraordinary capabilities" in cyberspace in order to conduct "destructive cyber attacks" in different countries of the world, espionage and spread disinformation. The report mentions such Russian special services as the GRU, SVR, FSB and FSO.
  15. Microsoft has accused Russian hackers of taking over the source code of their programs. The American company announced this on its blog on Thursday, December 31. The company is among the clients of SolarWinds, whose systems were hacked at the end of 2020. On December 17, Microsoft representatives admitted that SolarWinds malicious code had been identified in its ecosystem, which was then isolated and removed. On December 31, Microsoft clarified that an ongoing investigation found unusual activity associated with a small number of internal accounts. The company's experts reported that one account was used to view the code in a number of repositories. "This account did not have permission to change any code or technical systems, during the investigation, we found that there were no changes," Microsoft explained. In addition, there is no evidence of illegal access to personal data of clients.
×
×
  • Create New...