Thursday, March 5, 2020

Mcafee has released its Mobile Threat Report for 2020 which analyses different sources of attacks against smartphones.

Mcafee has released its Mobile Threat
Report for 2020 which analyses different
sources of attacks against smartphones.
These include the usual backdoors , trojan
horses, cryptojacking and many more.
However, one method which stands out is
the use of hidden apps to perform deceptive
functions, making up 50% of all malicious
activity.
This marks an astonishing 30% increase
from 2018 revealing that 2020 will also see
a continuing surge.
Data compiled by Mcafee.

According to the report, there are a
number of ways attackers employ to
successfully target users in line with
changing trends. Firstly, as smartphone
gaming has become more popular (stop
facepalming console gamers), it is not
surprising that someone will want to take
advantage of this.
How it’s done is that the bad guys spread
malicious app links in chat windows of
gaming messaging platforms and other
potential channels. Then even though the
app reflects the real one in terms of its
functionality, once the user downloads it, it
in actuality harvests user data and also
shows intruding ads.
A similar technique was exposed when
attackers were caught using STEAM chat to
spread malware and remote administration
tool ( RAT). In another attack, STEAM
accounts were compromised to spread
malicious links through its chat feature.
Secondly, a new malware named LeifAccess
(also known as Shopper) has been
discovered which misuses in-built
accessibility features of Android. It does so
by harassing users with fake warnings such
as “security error should be dealt with
immediately” and getting them to grant
access to these services which are then
used to perform a range of actions such as
creating third party accounts.


An example of one such threat
notification, image by Mcafee.
Furthermore, it posts fake reviews on the
Play Store in multiple languages in order to
make malicious apps appear more legitimate
which is somewhat unique. These are
though recognizable if one sees beyond just
the star ratings since the written reviews
are always comprised of generic phrases
such as “very simple and useful.”
Nonetheless, even if a user does not grant
access to accessibility services, it still
continues to install apps and does
malvertising. As also seen in previous
Android malware, Shopper also does not
have its own icon and hence makes it
difficult for victims to uninstall it.
An example of fake reviews
Thirdly, instead of creating and distributing
their own malicious app, we saw attackers
gaining access to legitimate apps and
misuse them for their own motives. These
include a range of South Korean apps in the
transit category infected with a “fake library
and plugin that could exfiltrate confidential
files called MalBus” as reported by Mcafee
in a press release. The data gained from
such a compromise include “bus stop
locations, route maps, and schedule times
for more than 5 years.”
To conclude, we’ve seen certain trends
grow over time out of which malicious apps
happen to be one. These as observed are
further divided into distinct categories
showing how complex these attacks have
gotten.
Therefore, to protect one’s self from these
attacks is no longer possible by only relying
on programs such as anti-virus . If attackers
are employing social engineering to trick us ,
it is vital that we respond by taking
precautions in real-time while using our
human intelligence.

An example specific to
this case is of vetting real app reviews from
automated fake ones as seen above.
Moreover, think – why are all of these
reviews similar in terms of their length and
also quite simple, far from what humans
would write? Something seems fishy and so
in this way, such attack vectors can be
successfully thwarted.
Furthermore, it is essential that users start
sticking to legitimate sources for
downloading their apps like Google Play
Store and avoid third-party app stores since
the majority of malicious apps can be found
in the latter.

Wednesday, March 4, 2020

During his face-to-face yesterday with Felix tshisekedi in the USA Mike POMPEO: "WE HOPE THE DRC WILL continue ITS TRAJECTORY"

During his face-to-face yesterday with Felix tshisekedi in the USA
Mike POMPEO: "WE HOPE THE DRC WILL continue ITS TRAJECTORY"
March 4, 2020
* "We support the President's reform agenda to fight corruption and strengthen democracy", says US Secretary of State.
President Félix-Antoine Tshisekedi continues his diplomatic crusade in the United States of America. He met, yesterday Tuesday, March 3th, in Washington, Washington, Washington. In the course of the trade, he wished to see the DRC "continue its positive path since the peaceful rotation of the state in January 2019".
According to Mike Pompeo who spoke through his Twitter account, exchanges with the President of the Democratic Republic of the Congo have focused on strengthening ties between the two countries.
The two personalities have mostly exchanged, reports the US Secretary of State's tweet about the need to step up the fight against corruption, an essential pillar that the DRC greatly needs for its socio-economic recovery.
Strengthening democracy
" Happy to welcome the president of the DRC, Tshisekedi, to discuss the strengthened ties of our countries and their commitment to advance our partnership. We support the President's reform agenda to fight corruption and strengthen democracy and hope that the DRC can continue its positive path ", said the US Secretary of State.
This meeting between Félix Tshisekedi and Mike Pompeo comes after that of April 2019, 3, during which Pompeo stressed the need for the Congolese president to set up a programme focused on the fight against corruption, the strengthening of government, promoting human rights, economic stability and security.
She returns, says the tweet, as part of the Congolese-American privileged partnership for peace and prosperity, established in April 2019 during President Tshisekedi's first visit to the United States.
Strengthening the links
The aim of this partnership is to strengthen the ties between the two nations by focusing on improving government, promoting peace and security, fighting corruption, promoting human rights and creation conditions to attract US investment for the prosperity of the Congolese people.
Yesterday's Fatshi-Pompeo's face-to-face comes three days after the Congolese president's speech before the American-American Public Affairs Committee (Aipac), which held his big annual conference on Sunday, March 1st running in Washington.
ADOPTION OF DIPLOMATIC Relationships WITH Israel
In his speech in front of this powerful Jewish lobby, Félix Tshisekedi announced a resumption of high-level diplomatic relations between his country and Israel and the installation of an "economic section" of the DRC embassy in Jerusalem with the aim of strengthening ties with this country in the fields of agriculture and science and technology.
Félix Tshisekedi has said that the DRC embassy will remain in Tel Aviv, but that he does not mind base this new economic section in Jerusalem. At the same time, he said his support for President Donald Trump's peace plan, a plan rejected by the Palestinian authority.
These statements were soon to trigger all-way reactions in the opinion. Some believe that this position taken by President Félix-Antoine Tshisekedi, of the remaining second vice-president of the African Union, will place him at odds with African Muslim countries.
" Jerusalem is, by its history, a place that belongs to Jews, Muslims and Christians. To consider it as capital of Israel is to accept its privatization by the Jews alone ",

The US Department of State approved an Israeli request to buy up to eight KC-46 aerial refueling and military transport aircraft and related equipment in a deal valued at $2.4 billion


The US Department of State approved an Israeli request to buy up to eight KC-46 aerial refueling and military transport aircraft and related equipment in a deal valued at $2.4 billion, the Defence Security Cooperation Agency announced in a press release.
"The government of Israel has requested to buy up to eight KC-46 aircraft; up to seventeen PW4062 turbofan engines (16 installed, 1 spare); and up to eighteen GPS receivers (16 installed, 2 spares)", the release said on Tuesday. "The total estimated program cost is $2.4 billion".
The Defence Security Cooperation Agency emphasized in the release the US commitment to Israel’s security.
"It is vital to US national interests to assist Israel to develop and maintain a strong and ready self-defence capability", the release said.
The proposed sale further supports the foreign policy and
national security of the United States by allowing Israel to provide a redundant capability to US assets in the Mideast region, possibly freeing US assets for use elsewhere during times of war, the release added.

WhatsApp has rolled out the much-anticipated feature for users.

With Instagram already offering dark mode, millennials favourite messaging app WhatsApp has rolled out the much-anticipated feature for users.
After months of beta testing on both Android and iOS operating systems, WhatsApp finally launched its dark mode for users worldwide late on 3 March.
The dark mode on Facebook-owned WhatsApp will automatically be enabled after updating the app on iOS 13 and Android 10, but Android 9 users will have to enable the latest version through WhatsApp settings.
The dark mode update on the world’s most popular messaging app (1.5 billion users in 180 countries) has taken Twitter by storm with netizens raising a toast to the update and others complaining over the delay in the update.
pic.twitter.com/ptVZRcdVdJ
— Amit Meena 💫 (@amit_meena) March 3, 2020
pic.twitter.com/h9GSR2TMEN
— MOHAMMED OMER (@Mohdomer7989) March 3, 2020
#WhatsApp
Me, an Android 6-7 user, when I see WhatsApp got dark mode ready, but only for Android 9-10 devices:
pic.twitter.com/l4leCHPnYA
— The MAUZ (@OhLookaMAUZ) March 4, 2020
Several people mocked the new feature with jokes and memes:
Me : "See Maa, My Twitter is in DarkMode, My Instagram in DarkMode and Finally now WhatsApp also in DarkMode."
Mom : "Your future too my Son"
Me : #whatsappdarkmode #Whatsapp #DarkMode
pic.twitter.com/glOsbZE5w1
— the professor™ (@AapkaCharul) March 4, 2020
What else getting darker? Oh it’s my Career. sorry 🌚
#WhatsApp pic.twitter.com/SRlaSfScH9
— ✨Shanu Gladson Hansdak’✨ (@BiryaniGuy) March 4, 2020
#WhatsApp
How Facebook app feels like when all the other apps are in
#DarkMode pic.twitter.com/44JFc9Kjql
— Bahut Scope hai (@Bahut_Scope_Hai) March 4, 2020
The update is being rolled out in a phased manner, some have yet not received the update but it will soon be available. Dark mode is popular among people for dozens of reasons including, improving readability, minimising eye fatigue and exposing eyes to bright light during the night time or low lit places like movie theatres.

Monday, March 2, 2020

How Vietnam survived massive bombs from USA in the revolution

Between 1965 the 1975, the United States Air Force dropped over three times more bombs on the Southeast Asian nations of Vietnam, Laos and Cambodia than the total tonnage dropped by the Allies during World War II.
Monday marks the 55th anniversary of the start of Operation Rolling Thunder, the US Air Force bombing campaign against North Vietnam which remains the largest sustained aerial bombing campaign in human history.
What was meant to be an eight week operation ended up lasting 44 months, until October 31, 1968. During the campaign, US aircraft carried out some 304,000 sorties over North Vietnam, dropping about a million tonnes of munitions, or an average of some 800 tonnes a day. Over six million more tonnes of bombs would be dropped elsewhere in Indochina by the time the US would withdraw from the region in 1975. By comparison, Allied planes dropped a total of ‘only’ 3.4 million tonnes of bombs on the Axis powers between 1939 and 1945.
Col. Igor Permyakov, the head of the Central Archives of the Russian Defence Ministry, suggests that Operation Rolling Thunder’s real goal was “really an attempt to essentially destroy North Vietnam.” At the same time, he said, the North Vietnamese were able to avoid catastrophic losses thanks to an elaborate network of shelters and communications.
“Of course, without the help of the Soviet Union, Vietnam would not have been able to withstand this aggression,” Permyakov emphasized. “Moscow supplied the country with a large number of modern anti-aircraft missile systems and radars. These systems were effectively controlled by Soviet specialists. They inflicted major losses on US aviation. The Americans lost a total of 938 aircraft and 1,084 pilots killed, captured or missing. This helped lead to massive protests inside the US itself and ultimately forced the US government to stop the operation.”
A group of Soviet military experts assigned to the 368th surface to air-missile regiment of the People's Army of Vietnam
 group of Soviet military experts assigned to the 368th surface to air-missile regiment of the People's Army of Vietnam
Indeed, if in the early stages of the war, the North Vietnamese seemed almost defenseless against the high altitude US air operations, the clandestine shipment of advanced air defences by the Soviets to the country gradually shifted the balance, forcing the Pentagon to change tack. Specifically, once Moscow delivered the S-75 Dvina high-attitude air defence system to North Vietnam, US B-52 Stratofortress strategic bombers were no longer safe high above the clouds, and forced to descend below altitudes of 3 km, putting them at risk of other Vietnamese air defences, including traditional anti-aircraft batteries. Vietnam had assembled large quantities of these weapons going back to the Second World War and their fight against Japan, and from their 1950s campaign against the French.
Vietnamese air defence troops stand beside an S-75 Dvina SAM system.
Vietnamese air defence troops stand beside an S-75 Dvina SAM system.

Air Defence Network as Dense as Vietnam's Jungles

Two years into Operation Rolling Thunder, North Vietnam amassed as many as 150 surface-to-air missile launchers organized into 25 battalions, along with over 200 radar early warning sites dotting the whole country, which not only helped warn of impending US raids, but coordinated the country’s air defence network. By 1967, not one square inch of North Vietnam was left undefended. Furthermore, as in Korea a decade and a half earlier, Hanoi was armed with MiG-17 and the new MiG-21s fighters by Moscow. Used in combined operations to carry out hit and run attacks, these aircraft turned into a serious challenge not only to B-52s, but also to the faster F-105 Thunderchief fighter-bombers and F-4 Phantoms which could accompany them. During Operation Rolling Thunder, Vietnamese pilots carried out a total of 268 major air battles, during which they claimed the destruction of over 240 US and allied planes, while losing 85 MiGs.
All told, between 1965 and 1975, in their operations in North Vietnam, South Vietnam, Laos and Cambodia, the US Air Force lost some 2,251 aircraft, including 31 B-52s, 445 Phantom IIs, 243 Super Sabres, and 382 Thunderchiefs, among others. The US Navy, meanwhile, lost 532 more fixed wing aircraft. US helicopter losses were even more serious, reaching over 5,100 choppers lost by the end of the war.
A MiG-21 on display alongside the remains of B-52 bombers at the Vietnam Military History Museum in central Hanoi.A MiG-21 on display alongside the remains of B-52 bombers at the Vietnam Military History Museum in central Hanoi.
Notwithstanding these air victories, which ultimately helped force the US to admit defeat in Southeast Asia, the strategic bombing campaign had a devastating toll on Vietnam and its neighbours. As many as 182,000 North Vietnamese civilians killed during Operation Rolling Thunder. Furthermore, the Pentagon’s use of Agent Orange would lead to the deforestation of about 18 percent of Vietnam’s entire forested area. To this day, Vietnamese farmers continue to find unexploded US ordnance, while hundreds of thousands of Vietnamese and thousands of US veterans have faced cancers, birth defects in children, and other diseases associated with exposure to the chemicals. Unfortunately, while US vets have been made eligible for compensation for their injuries, Vietnam has yet to be compensated in any way.
US Army helicopter sprays Agent Orange over Vietnamese fields.US Army helicopter sprays Agent Orange over Vietnamese fields.

Thursday, February 27, 2020

The USA's leaked supergun!

The US Army began the development of its ‘Strategic Long-Range Cannon (SLRC) in late 2019, with the weapon expected to have a range of up to 1,850 km. The military expects a demonstration prototype to be created by 2023.
The Twitter account of the US Army’s Combat Capabilities Development Command Research Laboratory has shown what appear to be the first prototype images of the SLRC supergun, with a high-res photo of engineers speaking to US and British officers showing an image of the SLRC in the background, with its overall design and key capabilities clearly visible.
The @USArmy hosted a US-UK Modernization Demonstration Event Feb. 20 at @USAGAPG to identify capability collaboration to the British Army. Officials from @ArmyFutures
@USArmyCCDC , the centers and the lab, briefed interoperability to minimize risks of #modernization divergence. pic.twitter.com/Hw3V7xJFgA
— U.S. Army CCDC Army Research Laboratory (@ArmyResearchLab)
February 21, 2020
An image of the unit shows that it is transported by a conventional 14 wheel military hauler, possibly an Oshkosh M1070 of the kind used to carry tanks, with the gun attached to the transport via two separate pieces.
According to the poster printed out by Army Futures Command, the system is designed to penetrate and destroy “enemy A2/AD [anti-access/area denial] defences to create windows of opportunity for exploitation.” The system is expected to have a range “beyond 1,000 miles,” a crew of 8 personnel per platform, and 4 platforms per battery. The system is designed to be transportable by sea and air.
The photos of the SLRC were taken at a joint US-UK ‘Modernization Demonstration Event’ at the Aberdeen Proving Ground northeast of Baltimore, Maryland on February 20. US officials were said to have briefed their British comrades on interoperability “to minimize risks of #modernization divergence.”
The SLRC programme is designed in part to serve as a cost-effective alternative to more expensive munitions, with rounds for the system expected to cost “only $400,000 or $500,000” apiece compared to the multi-million dollar apiece missiles. Last year, Col. John Rafferty, director of the Army’s Long-Range Precision Fires Cross Functional Team, said that if the SLRC was adopted, it would complement the military’s hypersonic missiles in penetrating enemy territory at a “more affordable” price per shot.
Late last year, Russian aerospace and defence giant United Aircraft Corporation confirmed that new weapons systems designed especially for the Su-57 had been developed or were in active development, without elaborating.
A prototype hypersonic missile designed for use aboard Russia’s new Su-57 fifth-generation stealth fighter has been created, a defence sector source had told Russian media.
The source described the missile as a small, air-to-surface weapon designed to be carried inside the plane’s fuselage, and said it has yet to be tested aboard the plane.
No other details about the weapon’s characteristics or who developed it were made available, and the reports have yet to be commented on by anyone at UAC, Sukhoi or the military.
The defence sector first teased the possibility of deploying hypersonic missiles similar to the Kinzhal hypersonic, nuclear-capable missile in 2018. Kinzhal was deployed into service aboard the MiG-31K in December 2017, and a version of the missile for the Tu-160 ‘White Swan’ strategic bombers is also being developed. The weapon is believed to have an operational range of up to 3,000 km, and a flight speed of Mach 10-Mach 12 (12,250-14,700 km per hour).
Large-scale deliveries of the Su-57 into Russia’s aerospace forces are expected to begin later this year . The aircraft is a fifth-generation stealth superiority fighter created by the JSC Sukhoi Company. The planes are intended to eventually replace the MiG-29 and Su-27 in Russia’s Aerospace Force and Navy, and are equipped with advanced avionics, airborne active phased radar, ELINT and a variety of high-precision weaponry.

Russian first S-350 Vityaz medium-range air defence missile system

The first S-350 Vityaz medium-range air defence missile systems have been added to the Russian air force's arsenal, the Defence Ministry said on Wednesday.
"The first newest S-350 Vityaz air defence missile systems have been added to the Russian air force's arsenal. [The systems] have recently been deployed to the training centre of the anti-aircraft missile forces in Gatchina [a city in the Leningrad region]," the ministry said in a statement.
The ministry added that the centre had already run tests with the S-350 aimed at detecting and destroying conventional hostile aircraft.
Newest S-350 Vityaz Air Defence System

According to the ministry, the air defence missile systems will help make the air force two times more effective in countering cruise missile strikes and replace the older S-300PS system.
In mid-January, the ministry said that Russia's Leningrad region would be the first to host the air defence missile systems.
The S-350 was developed by the Almaz-Antey concern and first showcased at the International Military-Technical Forum Army-2019.

The Pentagon to hold a top secret meeting on the "Sino-Russian alignment " next week



The Pentagon will hold top-secret talks on the so-called "Sino-Russian alignment," a notice published in the Federal Register said on Wednesday.
"On March 3-4, 2020 the Defence Policy Board (DPB) will have classified discussions on national security implications related to Sino-Russian alignment," the notice said.
The top-secret talks will take place at the Pentagon, and the speakers will include senior intelligence community officers, Defence and Treasury Department officials, as well as experts, it added.
The participants will discuss their perspectives, views and insights and review classified information on relations between Russia and China, the notice said. They are also expected to provide recommendations to the Secretary of Defence.

Wednesday, February 26, 2020

Be aware of the proton VPN you are using.Your internet activities are not secure

Hackers used fake ProtonVPN installers to infect users with nasty Azorult malware.
One of the easiest ways to lure users to install malware on their computers is to imitate legitimate websites. This is exactly what certain attackers have done as recently investigated by researchers at Kaspersky by targeting ProtonVPN.
For the unfamiliar, ProtonVPN is a Swiss-based product by the very same company that operates the very famous ProtonMail. Currently, ProtonVPN has more than 2 million users around the world and that makes it a lucrative target for cybercriminals.
According to Kaspersky, hackers have cloned the design of ProtonVPN’s official website (protonvpn[.]com) to drop AZORult malware through its installer file.
Snapshot of the fake ProtonVPN website:
For your information, Azorult is a RAT (remote access Trojan) that can infect any computer successfully. Azorult was previously found targeting thousands of Magneto sites and spreading PayPal themed banking malware. The same malware was caught last month spreading itself using Drake’s “kiki do you love me” song.
According to Kaspersky’s blog post, to clone the website successfully, hackers made use of a program named HTTrack which made the fake website look similar in its design to the real one.
Fake ProtonVPN installers infect users with malware
A comment indicating the user of HTTrack for the site’s clone.
Therefore, if a user did not know of the original site’s exact domain, they would naturally believe that the site they are visiting is indeed legitimate and hence proceed to download the ProtonVPN installer.
However, instead, they would get AZORult malware in the form of a file named ProtonVPN_win_v1.10.0[.]exe which then can collect highly sensitive information such as one’s passwords, financial information, browsing history, cookies & much more once installed.
The data collected is then relayed to the attackers through their C2 server, also located on their fake website at accounts[.]protonvpn[.]store.
To take things a step further, the AZORult can also steal your cryptocurrencies from any wallets that are locally installed on your computers such as Electrum along with “credentials for WinSCP, Pidgin messenger, and others.”
Fake ProtonVPN installers infect users with malware
A snapshot of an analysis being done by Kaspersky of the malware.
To add to this, the fake domain was registered in November 2019 through a Russian registrar service. Since then, the attackers have also started targeting users through malicious advertising campaigns, more specifically “affiliation banners networks.”
To conclude, there have been several similar incidents in the past and we can expect them to keep occurring. An example was when we saw fake sites claiming to be official Fortnite distributors spring up prompting users to download malware in actuality. Last year, hackers used similar tactics by cloning the NordVPN website to drop banking trojan.