Uncategorized

US, UK: NoKor Responsible for WannaCry

US, UK: NoKor Responsible for WannaCry

The US and UK have officially blamed North Korea for the WannaCry, a malware that caused billions of dollars in damage to businesses and institutions earlier this year. Thomas Bossert, aide to US President Donald Trump, made the accusation against the totalitarian state in a Wall Street Journal interview, and said that the US holds evidence supporting the claim. The UK also cast blame on North Korean actors which use their cyber programme to circumvent sanctions. According to National Cyber Security Centre, it is highly likely that the Lazarus hacking group was behind the attacks. Source: BBC

Phishing Sites Now Abusing Extended Validation (EV) Certificates to Gain User Trust

Phishing Sites Now Abusing Extended Validation (EV) Certificates to Gain User Trust

New research released last Wednesday established that Extended Validation (“EV”) SSL certificates may not protect from online fraud and are increasingly being abused to create convincing phishing sites.    Phish Labs said in their report last week that one out of four phishing sites now use HTTPS. In addition to this, researcher Ian Carroll proved that it is fairly easy to obtain an EV SSL certificate using the name of an existing legitimate business when he incorporated a business called “Stripe, Inc.” in Kentucky. While the real company is incorporated in Delaware, browsers would display the identical company name which […]

Russia Accuses Google of Down-ranking Sputnik and RT

Russia Accuses Google of Down-ranking Sputnik and RT

Last Thursday, Russia’s foreign ministry said that Google’s attempts to push down Sputnik and Russia Today in search results is tantamount to censorship. Ministry spokeswoman Maria Zakharova also said that the move was the result of strong political pressure from the US government. The statement seems to have been made in response to Alphabet Executive Chairman Eric Schmidt’s answer to a question in an international forum last Saturday, where he confirmed that the search company is giving “less prominence” to websites such as Sputnik and RT, instead of delisting them outright. Source: Reuters

Microsoft Launches New Tool for Checking Website Security and Performance

Microsoft Launches New Tool for Checking Website Security and Performance

Microsoft’s Edge browser team recently launched an open-source linting tool which developers can use to check their website’s security and performance. Microsoft says that their site scanner named “Sonar” is an improvement on other similar tools currently available as it able to execute website code while integrating scanning services such as Qualys’ SSL Server Test, aXe, Google’s Accelerated Mobile Pages (AMP) Project, and Synk.io. The Sonar Project was donated by the software giant to the JS Foundation earlier this year, saying that the project only has the best interest of the community in mind. Source: ZDNet

Uber Licensed to Operate in London Only Until Next Week

Uber Licensed to Operate in London Only Until Next Week

London’s transport regulator had removed Uber’s license to operate, saying that the company was unfit to hold a private vehicle hire license because of its conduct that can potentially impact public safety and security. The ride-sharing giant, which has around 40,000 drivers in England’s capital, will not be able to renew its license that expires on September 30, but Regulator Transport for London (TfL) will permit it to operate until the appeals process is done. TfL specifically pointed out Uber’s software called Greyball, which is used for doing driver background checks and reporting of criminal offences, can be used for […]

SEC May be Going After ICO “Low Hanging Fruits”

SEC May be Going After ICO “Low Hanging Fruits”

Some experts believe that the SEC is being selective of its targets in the ICO market and intends to go after cases which they have a clear chance of winning. Recently, the SEC too action on two crypto projects which were obviously securities and under the agency’s jurisdiction. They issued a letter to one ill-fated project called DAO which securitized equity, and shut down another called Protostarr, who securitized a future revenue stream.   Experts additionally say that the SEC may continue to scrutinize securitization of assets similar to LAToken, which will drive these innovations offshore. Source: TechCrunch

Malware on Google Play Downloaded 4.2M Times Before Getting Removed

Malware on Google Play Downloaded 4.2M Times Before Getting Removed

Security company CheckPoint has revealed that around 50 malware-ridden apps have been downloaded a total of 4.2 million times from the Play Store before Google was able to remove them. The malicious apps are able to make money for fraudsters by sending out messages without the users knowledge. CheckPoint researchers have identified one such malware called LovelyWallpaper, which uses the device’s phone number for SMS fraud. A victim was reported to have incurred $12/month because of the malware. Google immediately removed the apps which CheckPoint had reported, but the malware managed to resurface a few days after to infect another […]

Stanford PhD Cryptography Academic Provides Cryptocurrency Lecture for Free

Stanford PhD Cryptography Academic Provides Cryptocurrency Lecture for Free

Last Sunday, news reported that a free cryptocurrency lecture was launched recently by Dr. Dan Boneh, an esteemed Stanford faculty member who specializes in cryptography. The free module that comes with a full class curriculum can be download online, with case studies focusing on Bitcoin and Ethereum tokens. According to the lecture overview, it covers smart contracts and employment, Blockchains, and dispensed consensus. Dr. Boneh is one of the primary authors that helped create the Weil Pairing cryptography together with Matt Franklin from the University of California. He completed a computer science degree in 1996 from Princeton before becoming professor […]

Police Chief Urges Security Ratings for Internet-Linked Home Appliances

Police Chief Urges Security Ratings for Internet-Linked Home Appliances

Durham, England — According to news last Monday, home appliances with online connections must have a security rating. The suggestion was stated by police chief constable Mike Barton who believes it is a necessary move to protect households. Barton states the security rating should be as visible to consumers as efficiency ratings. He recommended this move to help secure citizens from cyber attacks and scammers on the internet. Cyber threat from using internet-linked household appliances is very real, with internet-ready TVs and fridges connected to door-to-door networks. The appliances are vulnerable to hacking, potentially endangering people’s privacy and safety. In […]

Microsoft Cracks Down On Infamous Russian Hacker Group

Microsoft Cracks Down On Infamous Russian Hacker Group

A report on Saturday said Microsoft is legally pursuing the notorious Russian hacking organization known as Fancy Bear, seizing its central control servers to weaken espionage activities. The tech giant filed the lawsuit to gain control of over 70 global server control points used by Fancy Bear to stealthily deliver malware to computers. Upon getting legal control of the servers, the hackers will be disconnected from their victims and Microsoft will gain access to the roster of spies on the network. Fancy Bear is a hacking organization that’s supported by the Russian government. According to U.S. intelligence sources, the group […]