Saturday, February 1, 2020

Coronavirus emergency is being used to spreads dangerous Emotet trojan

Coronavirus emergency is being used to spreads dangerous Emotet trojan.

We have seen cybercriminals exploiting global events such as theFootball World CupChristmas or disasters like missing Malaysia Plane (MH-370) to spread malware or misguide masses. But, this time, Coronavirus, a global health emergency is being used by crooks to not only spread malware butsiphon off sensitive and personal data from unsuspected users.
Cybersecurity firms IBM X-Force and Kaspersky have identified a new campaign in which botnet-driven, malware-infected emails are being sent to unsuspected users. What makes it utterly disgusting is the fact that scammers are using coronavirus theme to trick the recipient into opening it.
Reportedly, these emails contain attachments, which are promoted as notices containing details of coronavirus infection prevention measures.
It is indeed ironic that scammers are using the name of coronavirus to distribute another malware widely known as the Emotet Trojan. Previously, the Emotet malware was distributed through corporate-style payment invoices and notification emails only, but this time around the impact of the campaign will surely be higher given the global nature of coronavirus infection scare. 
IBM X-Force observed that a majority of these emails are written in the Japanese language, which suggests that the attackers are deliberately targeting users from locations most affected by coronavirus outbreak. 
The subject line of the emails contains a Japanese language word that means notification, and displays the current date to generate an environment of urgency. Furthermore, the emails are disguised as infection prevention information sent by a Japan-based disability welfare service provider.

Here’s what the email looks like:

Cyber criminals using Coronavirus emergency to spread malware
Screenshot and translation credit: IBM X-Force
 In a blog post, IBM X-Force team wrote that:
“The text briefly states that there have been reports of coronavirus patients in the Gifu prefecture in Japan and urges the reader to view the attached document.”
There are several versions of the email, all having the same language but highly different Japanese prefectures such as in some it is Osaka while in some Tottori is mentioned. The email ends with a footer displaying an authentic mailing address, fax and phone number of the targeted prefectures’ relevant health authority. 

Apart from using the coronavirus theme, the rest of the campaign strategy is rather mundane. When the recipient opens the attached document, an MS Office 365message appears asking the user to enable content in case the document opens in a protected view.
If the document opens with macros enabled, a hidden VBA macro script enables PowerShell to activate the Emotet executable and download the malware. It is the same technique used in all the previous Emotet email campaigns, said IBM X-Force researchers. 
However, Kaspersky states that the Emotet malware campaign is just one of the many campaigns utilizing the coronavirus scare to attract unsuspecting users. They have identified 10 different documents aiming to infect devices using coronavirus theme.
“The discovered malicious files were masked under the guise of .PDF, .MP4, .DOC files about the coronavirus [containing] video instructions on how to protect yourself from the virus, updates on the threat and even virus-detection procedures.” But, actually delivering Trojans and worms that can destroy, block, copy or modify data or interrupt computer/network operations, explained Kaspersky researchers.
Cyber criminals using Coronavirus emergency to spread malware
Coronavirus originated in China’s Wuhan province and rapidlytransformed into a global health crisis. Apparently, scammers and cybercrooks have nothing to do with the planet as they consider it a wonderful opportunity to infect a few devices. Users must not click on such emails or download attachments to protect their device.

Friday, January 31, 2020

https://uccinfo.blog/2020/01/31/ucc-highlights-january-2020/?fbclid=IwAR3UHshF_SbPhtEaBNkRbkwdIvABsgsdoqk4XxajETCcQtm_aZqx1PnW5hk


On 28/1/2020 it was reported that avast was stealing user data and selling it...Are you safe?

The anti-virus giant Avast has announced shutting down one of its subsidiaries called Jumpshot after the company was found stealing user data and selling it for big bucks.
On January 28th, 2020 based on the investigation by PCMag and Vice, Avast was secretly stealing browsing data from millions of its customers and selling it to third-parties. Some of its active buyers included Google, Pepsi, IBM, Yelp, Microsoft, TripAdvisor, and Unilever, etc.
Avast’s data collection worked or still works in such a way that the software collects all of your browsing data which is then accessed by Jumpshot. The latter in return takes it and uses it as a part of what makes up its product offerings.
An example of it is Avast’s “All Clicks Feed” which lets companies access your behavior on the internet and any clicks you make on any particular range of domains. Reportedly, Avast sold user data to one of its New York-based customer for a hefty sum of $2,075,000.
New report suggests anti-virus firm Avast is selling user data to 3rd parties
How Jumpshot functioned – Image credit: Motherboard
However, in a blog post published on 30th January Avast CEO Ondrej Vlcek apologized to their customers and announced shutting down Jumpshot.
“Protecting people is Avast’s top priority and must be embedded in everything we do in our business and in our products. Anything to the contrary is unacceptable.  For these reasons, I – together with our board of directors – have decided to terminate the Jumpshot data collection and wind down Jumpshot’s operations, with immediate effect,” wrote Vlcek in his blog post.

Vlcek also maintained that Jumpshot did not break GDPR rules and committed themselves to 100% GDPR compliance.
“Jumpshot has operated as an independent company from the very beginning, with its own management and board of directors, building their products and services via the data feed coming from the Avast antivirus products,” Vlcek added.
“During all those years, both Avast and Jumpshot acted fully within legal bounds – and we very much welcomed the introduction of GDPR in the European Union in May 2018, as it was a rigorous legal framework addressing how companies should treat customer data. Both Avast and Jumpshot committed themselves to 100% GDPR compliance. “

This is not the first time when Avast made headlines for stealing customer data. In December last year, Google banned Avast security extensions including AVG security over data snooping.
Nevertheless, the damage for Avast is done and it may be too late to apologize or shutting down Jumpshot. As a customer, the main purpose of using anti-virus software is to protect our data from online crooks, malicious hackers and cybercriminals and Avast has turned out to be all three. 

Thursday, January 30, 2020

The cyber security status of top 100 airports,where is ENTEBBE?



New research from web security company Web finds that 97 out of 100 the world’s largest airports have security risks related to vulnerable web and mobile applications, misconfigured public cloud, Dark Web exposure or code repositories leaks.
The 2020 annual meeting of the World Economic Forum (WEF) urged the consideration of emerging cybersecurity challenges in the aviation industry, addressed in its “Advancing Cyber Resilience in Aviation: An Industry Analysis” report.
To shed some light on the current state of aviation transportation security, ImmuniWeb decided to conduct research on cybersecurity, compliance and privacy of the world’s largest airports.

Key findings

Top 3 Most Secure Airports:

During the research, ImmuniWeb identified three international airports that successfully passed all the tests without a single major issue being detected:
— Amsterdam Airport Schiphol (EU)
— Helsinki-Vantaa Airport (EU)
— Dublin Airport (EU)

Main Website Security:

Application weaknesses and software vulnerabilities continue to be the most common means by which cyber criminals carry out external attacks says Forrester in its recent research.
Regrettably, only 3 main (“www.”) websites of the airports received the best possible “A+” grade, 15 got an “A” grade:
As many as 24 of the main websites had a failing “F” grade, meaning that they had outdated software with known and exploitable security vulnerabilities in CMS (e.g. WordPress) and/or web component (e.g. jQuery). Some of the websites even had several vulnerable components as detailed below:
— 97% of the websites contain outdated web software
— 24% of the websites contain known and exploitable vulnerabilities
— 76% and 73% of the websites are not compliant with GDPR and PCI DSS respectively
— 24% of the websites have no SSL encryption or use obsolete SSLv3
— 55% of the websites are protected by a WAF

Mobile Application Security:

During this research, we found and tested 36 official mobile applications belonging to the airports. In total, 530 security and privacy issues were identified, including 288 mobile security flaws (15 per application on average). We found that:
— 100% of the mobile apps contain at least 5 external software frameworks
— 100% of the mobile apps contain at least 2 vulnerabilities
— 15 security or privacy issues are detected per app on average
— 33.7% of the mobile apps outgoing traffic has no encryption

Dark Web Exposure, Code Repositories and Cloud:

Compared to the Fortune 500 companies’ exposure, global airports are doing fairly well. For the purpose of this research, ImmuniWeb leveraged its award-winning AI technology to distil findings from the Dark Web marketplaces and other locations, notably to remove duplicates, fakes and irrelevant findings.
After purification of the results, the research team found that 66 out of the 100 airports are exposed on the Dark Web in one way or another. 13 airports have leaks or exposures of a critical risk:
— 66% of the airports are exposed on the Dark Web
— 72 out of 325 exposures are of a critical or high risk indicating a serious breach
— 87% of the airports have data leaks on public code repositories
— 503 out of 3184 leaks are of a critical or high risk potentially enabling a breach
— 3% of the airports have unprotected public cloud with sensitive data
Ilia Kolochenko, CEO & Founder of ImmuniWeb, comments: “Given how many people and organizations entrust their data and lives to international airports every day, these findings are quite alarming. Being a frequent flyer, I frankly prefer to travel via the airports that do care about their cybersecurity. Cybercriminals may well consider attacking the unwitting air hubs to conduct chain attacks of travellers or cargo traffic, as well as aiming attacks at the airports directly to disrupt critical national infrastructure.
Today, when our digital infrastructure is extremely intricate and intertwined with numerous third-parties, holistic visibility of your digital assets and attack surface is pivotal to ensure the success of your cybersecurity program. Without it, all your efforts and spending are unfortunately vain.”

How to Reduce the Risks

— Implement a continuous security monitoring system with anomaly detection to spot intrusions, phishing and password re-use attacks.
— Run a continuous discovery and inventory of your digital assets, visualize your external attack surface and risk exposure with an Attack Surface Management (ASM) solution enhanced with Dark Web and code repositories monitoring.
— Implement a holistic, DevSecOps-enabled application security program to test and remediate your web and mobile applications, APIs and OSS in a timely manner
— Implement a third-party risk management program encompassing continuous monitoring of your vendors and suppliers going beyond a paper-based questionnaire.
— Invest in security awareness of your personnel, explain the risks of using professional emails on third-party resources, gamify anti-phishing training and reward the best learners.

Wednesday, January 29, 2020

Protect your phone number to protect your identity

Back in the day, a phone number was simply a piece of contact information, a way for your friends and family to call you. Nowadays, companies use phone numbers to identify you or prove who you are by texting security codes or calling for verification.
Think about the many ways you use your phone number. You include it when you sign up on websites or log into an app. You give it to your favorite store as part of their loyalty program and share it to receive text alerts from your bank. You use it when you need to reset a password or login to your accounts using two-factor authentication.
That also means that with your phone number and some other information, like your birthday or address, bad guys have a better chance of impersonating you and getting to your personal data and accounts.
Here are a few ways to secure your phone number to protect your identity from the bad guys.
  • Don’t overshare your mobile phone number. Don’t share your phone number online (social media, comments sections , untrusted apps, etc.) or provide it to strangers.
  • Think about where your number is used. Keep a running list of the companies and accounts that use your phone number to prove who you are.
  • Consider using a landline number. For situations where a phone number is an identifier for discounts and loyalty rewards, like grocery stores, consider using a landline or other non-mobile number.
  • Unsubscribe from text alerts. Text messages from companies, like your airline or bank, can be convenient. But sometimes there are other ways they can contact you. Some companies have apps so you can receive updates without including your phone number.
  • Set up an extra layer of protection for your wireless account. For example, AT&T customers can add a passcode to their account. 
  • Secure your mobile device. Lock your phone when it’s not in use and avoid bad apps. 
Aside from the risk for identity theft, giving out your phone number can lead to spam calls, phone scams or unsafe text messages that have links to malware.
Bottom line: it’s important to secure both your personal information and your mobile number. The next time an app, a company or a stranger asks for your mobile number, take a moment to decide whether you really need to give it out.
What's the way forward with ever changingtechnology?
With technology advancing as quickly as it is, it seems like it’s always time for a new smartphone, tablet or other gadget. When you get it, you probably can’t wait to turn it on and see what it can do. But as you set up your new device, that’s the perfect time to set up your safety features to better protect yourself from the bad guys.
Here are a few tips to get started.
Set Up Strong Personal Security
Depending on the kind of device, there are multiple ways to lock and unlock it, including passcode, fingerprint, pattern-based lock or facial recognition. Use a long passcode number or a passphrase to strengthen the security. Short codes are easier to break. The pattern-based lock is less secure because scammers can trace the trail your fingers leave on the screen.
Adjust the time it takes before your phone to automatically lock. The shorter, the better – this helps prevent a bad guy from picking up an unattended phone and getting past your lock screen.
Most phones come with the option for encryption. Enable this feature. The device will then translate your data and information into a secret code that is hard for fraudsters to see.
Keep Your Phone Updated
Many people think the newest smartphones always include the latest operating systems. However, some phone-makers roll out updates within weeks after launching a new device. It’s important to update your operating system and apps regularly to make sure you have the latest security features.
Download Trusted Apps
Bad guys often create apps that promise one thing, but also steal passwords, get your personal information and potentially take over your phone. Make sure you only install trustworthy apps, and download a security protection apps.
Make sure your old device is ready to say “goodbye.”
When you turn in your old device, make sure you don’t trade in all your personal information, too. 
Also, remember to back-up your data often. If you ever lose your phone or its contents, you’ll still have another place where your photos, files and contacts are stored.

Fear over sharing of intelligence info as Huawei takes on 5G network implementions in UK,


While Boris Johnson previously argued that Huawei’s work on the British 5G network won’t affect ties between London and Washington, Mike Pompeo warned that the US takes a dim view of the Chinese company’s involvement.
The United Kingdom’s decision to allow Huawei to have a role in the country’s 5G networks does not affect Britain’s ability to securely share intelligence data, a spokesman for UK Prime Minister Boris Johnson announced on 29 January.
Previously, Johnson himself dismissed concerns that Huawei’s involvement could negatively impact London’s cooperation with Washington.
This development comes as US Secretary of State Mike Pompeo, who arrived in London just ahead of Brexit, announced his intent to explain to British officials the alleged dangers of relying on Huawei to roll out the UK’s next-generation 5G network, a move which he claimed would create a “real risk” to security.
"Our view of Huawei is putting it in your system creates real risk. This is an extension of the Chinese Communist Party with a legal requirement to hand over information to the Chinese Community Party," Pompeo said. "We'll evaluate what the United Kingdom did.... But our view is we should have Western systems with Western rules and American information should only pass across a trusted network. We'll make sure we do that."
US officials have long maintained that Huawei has been engaging in surveillance activities on behalf of the Chinese government; said allegations, however, have been vehemently denied by the Chinese authorities.

Two satellites may collide, leaving debris that may interfere orbiting of other satellites in the LEO

IRAS satellite


Close encounters of a third kind may not be as exciting as they sound. It was recently reported that two American defunct satellites in low Earth orbit could potentially crash into each other this evening. If this crash occurs it could result in hundreds of pieces of debris that could interfere with the paths of other satellites.

The NASA Infrared Astronomical Satellite (IRAS) and the United States Naval Research Lab’s Gravity Gradient Stabilization Experiment (GGSE-4) will fly by each other this evening. The two satellites will be between 43 feet to 285 feet around 6:39pm EST nearly 600 miles above Pittsburgh, Pennsylvania. Both satellites are traveling at around 32,000 mph.

There is a 1 in 1,000 chance that the satellites will collide. At first glance, the crash appears to be very unlikely. However, Dr. Jonathan McDowell, an astronomer at the Harvard-Smithsonian Center for Astrophysics remarked, “We start getting worried when it's 1 in 10,000, so 1 in 1,000 is unusual and it might actually be a lot worse than that.”

nasa low orbit space debris
Depiction of Low Earth Orbit debris, image via NASA

The GGSE-4 only weighs 190 lbs, but the IRAS weighs a whopping 2,400 lbs. Their collision would result in at least a few hundred pieces of debris that would remain in orbit. The debris could interfere with other, larger satellites that are still in commission.

NASA’s IRAS was originally launched on January 25, 1983 to survey the sky at infrared wavelengths. Its mission only lasted ten months, but during that time it was able to capture images of the Milky Way’s core and other interesting discoveries. The GGSE-4 was launched in 1967 and was part of a United States intelligence mission. Its mission included intercepting radar emissions from Soviet Union vessels. It was decommissioned in the 1970s and part of its mission was declassified in 2005.

Since both satellites are now defunct, there is no way to communicate with them. All anyone can do at this point is to wait and see. Many astronomers are concerned about the number of satellites in orbit. The number of collisions and amount of debris will likely increase as companies such as SpaceX continue to launch satellites into orbit. Dr. McDowell further stated that, “If we're going to allow this large number of satellites, then we have to require more investment in the tracking and the sort of traffic control of them.” Perhaps the threat of this collision will encourage government programs and companies to further analyze how to control their satellites once they are in orbit.

Friday, January 24, 2020

How to avoid OTT on small phones

Since the beggining of the error of OTT tax, I discovered a simple way of helping those with small phones who couldn't use VPN!This technich is to avail those with small phones and had no mobile money access but needed to use Facebook. This simple technique can allow one to log to twitter,Facebook on opera,firefox,and all browsers. It also helps to log into Facebook on a mini Facebook lite app,and Instagram on Firefox and opera.Take a look at the screen shots on how to go about it in the settings.











o




This simple trick also works on symbian,BlackBerry and all chinese is

On Android you edit as in the screen shots below



I have many  tricks and you can change those settings in many ways onball sim networks

USA's FBI hacked the iPhone 11..I have always told you my fellow Africans that you cannot hide yourselves from the intelligence bodies like CIA,MOSSAD,MI15/16

In the past, Apple has repeatedly refused to unlock the iPhone for the FBI pleasing its fan base with the notion that it indeed has no secret backdoor to your smartphone. Yet, this sadly did not mean that the iPhone was unhackable.
In fact, there have been numerous instances including strange cases such as when a teenager hacked Apple twice. No massive black hat teams sitting behind a plethora of big screens, literally a teenager. 
Now, another incident is on the rise with it being reported that the FBI can unlock all iPhones using Graykey – a product of Grayshift, an Atlanta based company. Moreover, this is not the first time that the tool has been in the headlines for helping unlock any iPhone using brute force techniques.
As reported by Thomas Brewster from Forbes, a search warrant of a United States District Court for Ohio dated October 16 of last year confirms the use of such a device to obtain forensic data:
FBI unlocks iPhone 11-Pro Max with-Graykey
The iPhone in question was an 11 Pro Max belonging to Baras Ali Koch, a man alleged to have helped his brother escape the U.S following an arrest order using Baras’s passport. An alarming thing emerging from this is that it was expected that iOS 13 would finally guard against such attacks but alas, it doesn’t seem to get any better.
FBI unlocks iPhone 11 Pro Max using Graykey raising privacy concerns
Graykey in function
What if the iPhone was already unlocked? To debunk this, Thomas reports that Forbes themselves confirmed from Koch’s lawyer, Ameer Mabjish, that the device was locked. Adding further, he stated that
“Koch had not given it to them nor did they force the defendant to use his face to unlock the phone via Face ID, as far as the lawyer was aware.” 
We also analyzed an application of a search warrant as shown below which clearly shows the suspect’s iPhone locked in an attachment within.
FBI unlocks iPhone 11-Pro Max with-Graykey
It is important to note though that the FBI is not the only government agency to possess such tech. Previously, the Immigration Customs and Enforcement Authority (ICE) has made hefty purchases in the past amounting to over $1.2 million.
This though poses another question, if the FBI can hack any iPhone in this way, why ask Apple for help? The reason is that Apple has been stepping up its efforts on the side such as introducing a USB restricted mode with iOS 12 which prevents tools like Graykey from working. Moreover, the tool would not be a success in all cases as certain measures can be taken to resist i
To start with, since a brute force technique is being used, you can start using longer digit passcodes instead of the more often used 4 digit ones. To put this in perspective, Caleb from PIA explains by stating that:
“It takes Graykey an average of 6.5 minutes to crack a four-digit passcode. For a six-digit passcode, the time needed is 11.1 hours on average. A 10 digit passcode, the maximum allowed, requires Graykey an average of 4629 days to average.”
However, we’re still wondering why Apple has failed to implement measures that resist tools like Graykey under normal conditions. Is it something intentional while maintaining a public stand to appease both governments and its users or is it a coincidence? What do you think? Let us know in the comment section.
Nevertheless, this is not the first time when Feds have unlocked an iPhone device without Apple’s help. In 2016, the FBI used Israel based firm CellebriteCellebrite to unlock the iPhone 5C device of San Bernardino suspected shooter