Thursday, January 23, 2020

Israel's NSO at a blame of spying again ,after the company spyware was used in tracking late kashoggi

A UN investigative report has accused the billion-dollar Israeli firm NSO Group of providing spyware to hack Amazon’s president Jeffery Bezos’s iPhone, and the hacker is none other than the Saudi Crown Prince Mohammed bin Salman.
For tho who don’t know, NSO Group is a secretive (not so much now) spyware firm known for making its client capable of conducting offensive-cyber activities. The group was once in the news after one of its employees allegedly stole the company’s secrets with the intention to sell it on the dark web.
The UN report, published Wednesday, claims that Saudi crown prince used malicious spyware developed by the NSO Group to hack Bezos’s phone and stole sensitive private data including his nude selfies.
According to the UN high commissioner for human rights, Bezos’s iPhone was hacked using NSO Group’s spyware Pegasus. The report states that the Pegasus-3 spyware was acquired by the Saudi Royal Guard in November.
It is worth noting that in 2016, NSO Group also made headlines for developing Pegasus, a spyware which in 2016 targeted iPhone devices making them vulnerable to government-sponsored attacks.
In a report published by Citizen Labs and Lookout Security, Pegasus spyware was caught targeting dissidents and activists including Ahmed Mansoor, a renowned human rights activist in UAE.
Reportedly, there was a brief exchange of messages between the Saudi crown prince and Bezos’s back in spring 2018 via WhatsApp. On May 1, 2018, Saudi Crown Prince Mohammed bin Salman sent Bezos’s a video file, which was likely infected with spyware. After the malicious code was executed, a huge amount of data was transferred from Bezos’s phone. 
Did Saudi Crown Prince use Israeli spyware to hack Jeff Bezos’s iPhone?
WhatsApp conversation between MBS and Bezos (left) – Video message accused of carrying malware that hacked Bezos’s iPhone (Image credit: Motherboard/Vice)
The NSO Group has previously been accused of providing spyware to countries including Saudi ArabiaMexicoPanama, and the Middle East for conducting cyberattacks against their adversaries. However, the company denied any involvement.
Nevertheless, this time around too, NSO Group has rejected the report’s claims and is apparently “shocked and appalled” by the news.
“We can say unequivocally that our technology was not used in this instance,” stated the NSO Group.
The timeline of Bezos’s phone hack is integral, claims the UN report, because around the same time the phones of two very close associates of late journalist Jamal Khashoggi were hacked using the same spyware. The UN has asked the US and other authorities to take notice and investigate the matter on an immediate basis.

Monday, January 13, 2020

Cyber security blunder lead to Private data of 56M Americans to be exposed from China as apparently taken from CheckPeople.com


Security lapses are quite common nowadays and should not come as a surprise. But, there’s a difference between security lapse and blunder, and the recent incident is purely an example of the latter.
According to The Register, a white hat hacker using the Twitter handle @Lynx0x00 identified a database hosting personal sensitive data of over 56.25 million Americans. The database was stored on a computer in China using an IP address located in the Eastern Chinese region Hangzhou. 
The NoSQL database is massive, according to the hacker as it contains roughly 22GB of private data, which includes sensitive information including past and present home addresses, real name, age, and relations as well as phone numbers. What’s worse is that the database is still available for public access without any authentication.
Upon further digging, it was identified that the computer was linked to the Internet via web hosting service facilitated by Alibaba. It can be termed as a grave security blunder because even researchers are perplexed regarding why the information was stored on a Chinese computer and made freely accessible to give spammers and extortionists a chance to exploit it.
The origins of the database are, however, identified. The data belongs to a Florida-based company CheckPeople.com.
Personal data of millions of Americans exposed from PC in China
This is the homepage 
This company offers an “easy-to-use platform” to help people find information about anyone from the real name, and phone number to relatives and even felonious records for a nominal fee. But, seems like you don’t need to visit this website and pay to get the desired information as the entire data is now stored and accessible on a Chinese computer
In a statement to The Register, CheckPeople is looking into the incident. 
“CheckPeople is unaware of any database of information hosted in China or through Alibaba. CheckPeople’s records are stored in the United States on secure servers. However, CheckPeople takes security issues very seriously and is investigating this matter,” the company said.
This, however, is not the first time when personal data of unsuspected users have been stored and exposed in such a manner. In fact, since 2017, personal details of millions of Americans have been leaked online including household-related data of 123 million individuals, 82 million citizens data in Elasticsearch breach and millions of SMS and personal information of millions of Americans in Microsoft Azure breach.

Fake phones,illégal simcards and un seriousness of Uganda communication commission,Uganda national bureau of standards,carelessness of telecom companies..are making the work of crime investigation too tidious

For a long Time,i have been writing about thé issue of phones and this illégal simcards.Recently i remember writing about thé massive entry of Fake phones with Fake IMEI.it is hard to believe thisbut from around late july to mid October,there was massive importation of such phones in eastafrica and central Africa.The issue of simcards is still a great problème,illegally registres simcards are still being sold by various simcards vendors of whom some are Known by people are selling registered simcards and thèse simcards are sold to non ugandans and those who are apparrently dubious.And m'y question still stands as: Does UCC know this?Do thèse Telecom compagnies know that it is illégal to do such?....Thé only thing i can advise Telecom companies is that thé selling of simcards must bé by well Known and registered people and UCC must also register such people.How do simcards get registered in names of other people? I suspectes two scenerios of which i conclusively proved one.These people who do this registering of simcards get thé of national identity cards of REAL owners and  register thème on multiple simcards decieving thème that thé process is slow or that network is slow,thé Real owners will think that they are repeating thé same process on thé sale simcards yet they are registering another simcards,which they later sell  as already registered simcards.Every one can fall prêy to this trick although it is mainly thé old people and illiterate one who do fall prêy to this trick.
We,you and the rest may be taking this to be a simple issue but it is a problem to security more especially in the cases and during the course of investigations.we have and many know of the various kidnaps of people,and worse of it all of innocent children.it is annoying how such people do call parents of kidnapped kids asking for ransom,recently you heard of a kid who was killed just because of ransom of I hear"200000" Uganda shillings.Yes,the police can track and get such numbers but imagine if such a number is registered in names of a person who did not know that his identity card  was with another phone number.This makes the work of criminal investigation more hard and taking slot of time.with these Fake phones with Fake IMEI,am still on my research and am about to get to a final conclusion. Please ,UCC ,Police and UNBS wake up and fight this nonsense....let us wake up! You are making the work of security agencies to tough,you are making investigation become too costly in terms of time and information gathering..

Thursday, December 12, 2019

A lot of fake phone entered African markets between September to December

Starting from mid September this year there has been entry of fake phones on the market in east and Central Africa. According  to research  I tentatively conducted on the boarders of DRC, Rwanda, Tanzania  and one report finding from a friend  in Burundi, a group of phones with the  "TYPE ALLOCATION CODE" of 35551517.....All the phone with  this TAC are fake. I have been wondering  if BABT(British approval board for telecommunications)  whose identifying number 35 is mostly  used by phones made in China and Middle Eas, is aware of such fake phones using their identification  number!
Chinese companies have gone an extra mile in the production of fake electronic  products. It is worth here to note that, I do not mean that all products from China are fake!  The issue of these fake phones on African markets are as result of a number of pronounced factors! !
One is corruption, most quality controlling organizations in Africa connive with some of the exporting companies to allow such fake products on our markets. This is very dangerous  to the environment. Most of these phone run on fake micro chips especially spreadtrum which cannot operate for a very long time, these phones also are with  weak PCBs, and in most cases such phones usually  do not last for more than 3months without technical issues. Am actually worried for in the next 10years,African governments will again be yearning  for loans to combat environmental hazards resulting from massive dumps  of these fake electronic  products.
There is another problem with chinese electronic  manufacturing companies, they seem to produce few genuine products, and then later flood the markets  with apparent similar but fake products  so as to cut the cost of production. I  think in China, there are other small  companies that seem to copy and imitate other technology  giants, and since they cannot afford market  and production terms and conditions, they simply manufacture cheap products,using cheap resources .
In Uganda, I can extend my appreciation  to UCC for setting  up a link for testing whether ones product is fake!but it is better for UCC to get tough  and force all phone exporting and importing companies to first test all their products.
https://www.ucc.co.ug/imei.php
Now you've  to look at this example... This phone in the picture below has an IMEI of another different phone model which is an itel2090 yet for it is another model

These are phones owned by innocent citizens, they do know!!!  So am warning UCC not  to use this information  to block their IMEIs, actually it is this UCC that should sit with UNBS to solve this and have them out of market ..!!!stop this bribery and help citizens, how do you allow such products on market, do you know the repercussions  behind all these fake products ! For God and my country 

There is another security flaw on Intel processors

Altering Intel’s CPU voltages and frequency directly in the operating system is a feature that many users appreciate as it allows them to use all those software-based utilities that aid in overclocking. Now, this feature may not be as secure as previously anticipated.
Recently a team of cybersecurity experts proved that this particular feature can be exploited by threat actors that can cause substantial damage by aiming to hijack Intel SGX. For those who don’t know, Intel SGX
is an extremely critical and hardware-isolated space on new models of Intel CPUs responsible for encrypting sensitive data for protecting it from being stolen in case the system gets compromised.
The research team comprised of six European members from the University of Birmingham, KU Leuven, and the Graz University of Technology. The attack technique is dubbed Plundervolt and classified as
CVE-2019-11157 .
According to the team’s findings, the attack exploits the modern processor’s frequency and voltage adjustment feature, by controlling it in a way to generate errors in the system’s memory through flipping bits. This attack affects almost all those Intel Core Processors that are SGX-enabled including the Skylake generation .
However, the technique was identified and reported to Intel in June 2019 and now that the company has fixed the issue, the findings have been disclosed to the public.
Yesterday, Intel released the BIOS and microcode updates for addressing the Plundervolt issue and 13 other medium to high vulnerabilities. The updates make locking voltage a part of the default setting in the BIOS. Therefore,, if SGX is disabled or the CPU voltage is locked at the default value, the system will be safe from any threat.
The findings were reported first by ZDNet. The report states that using the Plundervolt vulnerability, threat actors can easily access information such as AES encryption keys stored in the chip’s SGX Enclave. This enclave is not separate from CPU’s memory but is protected by software encryption.
Once its security is breached, attackers can extract data from the enclave at a much faster rate than the previous attacks like Spectre and Meltdown. The attack mechanism is quite similar to the concepts behind CLKscrew and VoltJockey attacks, as it alters SGX bits to create errors and uses them to recreate data via a side-channel observation method.
The attack works on Intel’s 6th, 7th, 8th, 9th, and 10th-Gen Core processors as well as Xeon E3, v5, v6, E-2100 and E-2200, and doesn’t need host access with administrative or root privileges to be launched.
Yet, exploiting the vulnerability would have been tough if not impossible but it would need a combination of attacks and specify particular targets, claim the researchers. It is also noted that the attack cannot be launched in virtual environments, which means Intel’s data center customers are not at risk.

What the hell is wrong with these online currency mining companies

3 of the BitClub Network mining pool have been arrested on fraud charges for operating a Ponzi scheme that has taken a total of $722 Million USD ($1,059,754,488 AUD) from its investors.
In an indictment from the New Jersey district court (), 5 names in total appear on the document, however 2 of the names have been redacted. The 3 persons in question that are named on the document are Matthew Brent Goettsche, Jobadiah Sinclair Weeks and Joseph Frank Abel.
All 3 named persons have been charged with conspiracy to offer and sell unregistered securities, with only Goettsche and Weeks being charged with conspiracy to commit wire fraud. The 2 redacted persons named on the document are still at large so their names with remain under seal until they have been arrested.
Between April 2014 and December 2019, the scammers released false statistics of their hash rates and returns to convince people to buy shares and invest in their BitClub Network mining pool, and offered bonuses for finding more victims to invest into the scam.
The indictment document includes transcripts of the conversations where the scammers discussed in detail and planed the entire operation.
Currently the BitClub promotional website and mining pool websites are still online and operating, which has the potential to scam unwitting persons that stumble across the sites and sign up.

Saturday, November 30, 2019

Those who still believe in crypto currency should read this

South Korean cryptocurrency exchange Upbit has released an announcement to advise its customers that it has placed an “unscheduled suspension” on all deposit and withdrawals, due to the loss of 342,000 Ether (ETH) which equates to $52,479,900 (USD) at the time of writing.
In the statement, Lee Seok-woo, CEO of Dunamu (the exchange’s operator) claimed that the ETH were moved from the exchanges hot wallet to an unrecognised wallet “0xa09871AEadF4
994Ca12f5c0b6056BBd1d343c029” (Link  bellow), He has also claimed that their clients funds were not contained within the breached wallet.
To avoid anymore unauthorised transactions from occurring, Upbit has moved all of its cryptocurrencies into offline cold wallets so the funds are no longer accessible to a malicious actor, If they where to breach or have breached the security of the exchange.
Upbit have stopped all deposit and withdrawals, and will not recommence transactions for 2 weeks while an investigation is performed. Currently there are no confirmed details as to how the unauthorised transactions were able to take place and whether or not the malicious actor was internal or external to the company.
CEO of Binance Changpeng Zhao (CZ) has made a public statement in relation to this security breach on his twitter page stating “We will work with Upbit and other industry players to ensure any hacked funds that may make their way to Binance are immediately frozen.”
Upbit have also stated that they will cover all user assets with corporate funds, After making the claim that no user funds were effected, So there is clearly ‘fuckery afoot’.
You can find all relevant links

Friday, November 22, 2019

A phone and laptop manufacturing industry to be opened in Uganda today by his excellence YK museveni

Mighty Yoweri Kaguta Museveni,the president of the Republic of Uganda will in few hours from now officially open the first phone manufacturing and assembling plant in Uganda at Namanve Industrial Park.
This company will be producing 2000, Smart Phones 1500, laptops 800, Chargers 2000, USB cables 4000 and 4000 Ear phone.

Just pray for Africa!!! The space has be declared a military operational zone

The North Atlantic Treaty Organization (NATO) has identified space as an operational domain, alongside air, land, sea and cyber area, the alliance’s Secretary-General, Jens Stoltenberg, said.
"We have agreed that space should be a new operational domain for NATO alongside air, land, sea and cyber. Space is part of our daily life here on Earth. It can be used for peaceful purposes. But it can be also used aggressively", Stoltenberg told a news conference on the results of the NATO foreign ministers’ meeting in Brussels on Wednesday.
The alliance’s chief continued by explaining that satellites could be jammed, hacked or weaponized, which could lead to disrupted communications and affect various services and areas.
Moreover, space was essential to NATO’s defence and deterrence, such as the alliance’s ability to detect missile launches and gather intelligence, Stoltenberg argued.
Stoltenberg emphasized that NATO remained a defensive alliance and did not intend to put weapons in space, acting in line with international law.
"Making space an operational domain will help us ensure that all aspects are taken into account to ensure the success of our missions", the NATO chief noted.
While air, land and sea have been traditional operational domains for NATO, the cyberspace was recognized as such an area of the alliance’s defensive activities in July 2016.
Stoltenberg said earlier this week that the alliance, however, has "no intention to put weapons in space".
The US permanent representative to the alliance, Kay Bailey Hutchison, remarked that space was already playing a big role in communications and capabilities used by NATO. When asked whether an attack on a NATO member's satellite could trigger an Article 5 response from the alliance, Hutchison said that the article's concept was about "territory".
Article 5 of The North Atlantic Treaty envisages that an armed attack against one or more NATO member-state should be considered as an attack on all the allies"