Author: Disini & Disini Law Office

IRS Warns Public of Ransomware-Carrying Fake Emails

IRS Warns Public of Ransomware-Carrying Fake Emails

The Internal Revenue Services has announced that a phishing email campaign is currently circulating fake emails bearing the seal of the IRS and FBI which intend to spread a form of ransomware that is yet to be identified.       Around a month before the warning, the IRS launched a security awareness campaign called “Don’t Take The Bait” to educate tax professionals about possible cyber threats that they may encounter. IRS Commissioner John Koskinen said that people need to be extra vigilant about email scams that prompt them to open an attachment. He added that the IRS won’t send parties with […]

Government Customers May Switch Off Intel’s Management Engine

Government Customers May Switch Off Intel’s Management Engine

Researchers at Positive Technologies have discovered that it is possible to disable Intel’s Management Engine (ME) ‘master controller’ using government-only privileges. The ME feature is a core component of modern Intel CPUs which cannot be turned off by the general public. Security researchers have expressed their concerns over it, saying that it can be used as a powerful backdoor. Because of this, numerous attempts have been made to disable it, especially after a flaw in its firmware had been discovered last May. The Russian researchers Mark Ermolov and Maxim Goryachy found that the feature can be turned off using the […]

Adobe Campaign May Soon Harness AI Power

Adobe Campaign May Soon Harness AI Power

A tech publication source reported that Adobe is planning to use machine learning-powered features to all of their products, including email marketing tool Adobe Campaign. Though nothing has been confirmed, it has been revealed that Adobe’s Sensei AI platform will make Campaign capable of suggesting the best subject lines or the right image to use on the right person. Adobe Campaign will also have a number of predictive features such as determining user churn based on engagement, predicting when a customer is likely to unsubscribe from a service, and creating an accurate user profile. Source: TechCrunch

Pivotal, VMware, Google Joins on Containerization Project

Pivotal, VMware, Google Joins on Containerization Project

Pivotal, VMware and Google have recently announced a joint effort on a containerization project that promises to simplify the creation, deployment and management of container projects at scale. Tech website TechCrunch outlined the participation of each company to the project, which will include a set of open-source products. They expect that Google will be contributing container orchestration tool Kubernetes, Pivotal will bring the Cloud Foundry platform, while VMware will provide the management layer. The product of the project is scheduled to be available sometime in the fourth quarter of this year.    Source: TechCrunch

Facebook to Restrict Ad Purchase of Pages That Share Fake News

Facebook to Restrict Ad Purchase of Pages That Share Fake News

Social media giant Facebook has recently announced that they will not be allowing pages that share fake news to buy ads on their advertising platform. As a step against “false news”, Facebook will be working with fact-checking organizations AP and Snopes to flag stories that are outright hoaxes and lies. The disputed articles can no longer be promoted via Facebook ads, and the page will be banned from buying ads for repeated pattern of misinformation. However, product director Rob Leathern says the ban won’t be permanent and pages that have been found in violation will be able to purchase again […]

Voice Activated Assistants Can be Attacked Using ‘Mangled Words’

Voice Activated Assistants Can be Attacked Using ‘Mangled Words’

Earlier this week, Princeton University researchers have found that voice activated assistants such as Amazon Echo and Google Assistant can be controlled using inaudible commands. It was previously explained in a 2015 paper that the assistants can be activated using voice commands that sound similar to the original activation word or phrase. However, it is a mode of attack that can draw attention. In their paper entitled “Inaudible Voice Commands”, the researchers have found a way to activate the device with sounds that people cannot hear. The study was able to achieve a 100% success rate with an Android phone […]

Logitech Gets Sued for Delaying Warranty Claims

Logitech Gets Sued for Delaying Warranty Claims

Logitech, a Swiss-based electronic device manufacturer, is being sued by a US man for allegedly delaying and discouraging warranty claims. The plaintiff accused Logitech of aggressively marketing and selling products that were unreliable and had a high rate of failure. The lawsuit also states that Logitech is aware of the problem, but chose to dodge its warranty obligations, thus leaving customers without a working product until the warranty period runs out. The company had also internally discontinued an IP camera product plagued by numerous issues and complaints, but did not publicly inform customers. Source: Bleeping Computer

Symantec Identifies Cyber Threat Campaign Targeting India and Pakistan

Symantec Identifies Cyber Threat Campaign Targeting India and Pakistan

Cybersecurity company Symantec has identified a cyber-espionage campaign directed against Pakistan and India which is suspected to be state-sponsored. The campaign seems to have started way back in October 2016, using decoy security documents to release a malware that uses the “Ehdoor” backdoor that spies can use to download or upload files, log keystrokes, take screenshots, and even track user location. The Symantec report also noted that the malware is constantly being updated with new abilities, and governments and military groups with activity in South Asia are particularly at risk. Source: Reuters

Indonesian ATM Network Goes Down After Satellite Problems

Indonesian ATM Network Goes Down After Satellite Problems

Jakarta, Indonesia – Last weekend, thousands of ATMs and EDC payments across Indonesia went offline after the Telekom-1 satellite, owned by PT Telekomunikasi Indonesia (Telkom), had suffered an outage. The issue affected more than 100,000 machines belonging to different banks including Bank Central Asia and Bank Rakyat Indonesia. The problem was caused by a directional shift in the satellite’s antenna. Connection has since been shifted to two other satellites that cover Indonesia. However, it may take up to two full weeks before service is fully restored. Telkom’s president director Alex Sinaga says that they will be deciding in the next […]

Telnet Credentials for Thousands of IoT Devices Left in the Open

Telnet Credentials for Thousands of IoT Devices Left in the Open

Ankit Anubhav, security researcher from New Sky Security has discovered a list containing the Telnet credentials of thousands of IoT devices left publicly viewable on Pastebin. The list initially had around 33,138 entries, but upon further examination, it was revealed that most were duplicates and there were only 8,233 unique IP addresses. Out of this number, only 2,174 had their Telnet ports open to attackers and that only 1,775 were still working. Chairman of the GDI Foundation Victor Gevers said that are in the process of locating the owner of the list, the owners of the devices on the list, […]