A novel approach to hacking can allow cybercriminals to exploit biometric identifiers such as voices and faces along with device identifiers to steal information and pinpoint a user's location,

A novel approach to hacking can allow cybercriminals to exploit biometric identifiers such as voices and faces along with device identifiers to steal information and pinpoint a user's location, it was revealed in a study.
Devices such as smartphones and internet-of-things (IoT) devices could allow cybercriminals to identify people using a combination of biometric and WiFi MAC addresses, to expose up to 70 percent of device identifiers, according to a new study.
The study " Nowhere to Hide: Cross-modal Identity Leakage between Biometrics and Devices", was researched by academics from New York University, University of Liverpool, The Chinese University of Hong Kong and University at Buffalo SUNY. Findings were presented at the Web Conference 2020 in Taipei last week.
— Sophia McCavanaugh (@SMcCavanaugh) April 28, 2020
"The attacker can be either insider like co-workers who share the same office with victims or outsiders who use their laptops to eavesdrop random victims in a coffee shop. So launching such an attack is not difficult, considering multi-modal IoT devices are very small and can be disguised well, like a spy camera with Wi-Fi sniffing function. All in all, there is little setup effort on the side of the attacker," University of Liverpool assistant professor, Chris Xiaoxuan Lu,
told The Hacker News .
Researchers used a Raspberry Pi with an audio recorder, 8 megapixel camera and WiFi device capable of detecting device IDs on WiFi networks. The experiment determined that such devices could find individuals within a crowd of people.
— Norton (@Norton) January 22, 2020
Using encryption programmes like virtual private networks (VPNs) can help while working in public spaces, but strong countermeasures were needed, the researchers added.
"Avoid connecting Wi-Fi to public wireless networks as it leaves your underlying Wi-Fi MAC address exposed. Don't allow multi-modal IoT devices (such as smart doorbell or voice assistants) to monitor you 24/7, because they send data back to third parties with no transparency to you, and they can be easily hacked and can compromise your ID in multiple dimensions," Xiaoxuan Lu said.
The news comes after a survey conducted in 2019 revealed that 7 out of 10 organisations had reported successful or attempted system breaches to IoT devices, with the survey probing the opinions of 540 IT professionals on network security, revealing that organisations lacked confidence in network security and underestimated insider threats.
European firms adopting IoT devices has almost reached levels in North America, with 83 percent in the former deploying such tools compared to 85 percent compared to the latter, the survey found.

Two Rifle Manufacturing firms will compete for each order of a more than $383 million US Army contract to provide M16A4 rifles to Afghanistan, Grenada, Iraq, Lebanon, and Nepal

FN America and Colt's Manufacturing will compete for each order of a more than $383 million US Army contract to provide M16A4 rifles to Afghanistan, Grenada, Iraq, Lebanon, and Nepal, the Department of Defence said in a press release.
"FN America of Columbia, South Carolina and Colt's Manufacturing Company of West Hartford, Connecticut will compete for each order of the $383,311,941 ...contract to provide M16A4 rifles for Foreign Military Sales (Afghanistan, Grenada, Iraq, Lebanon, and Nepal)", the release stated on Wednesday.
Fabrique Nationale Herstal, also known as FN, is a leading firearms manufacturer in Belgium and is currently the largest exporter of military small arms in Europe, according to published reports.
Colt's Manufacturing Company is a US firearms manufacturer that traces its origins back to 1836, founded by Samuel Colt.
On 29 April, General Electric Aviation won $707 million for F110 engine production, including installs and spares and modernized engine management system computers. The engines are to be exported to Slovakia, Bulgaria, Taiwan, and Qatar, according to the US Department of Defence.

US army has wrapped up the final test of its Lockheed Martin next generation long range missiles

Lockheed Martin’s Precision Strike Missile (PrSM) has completed its third and final flight demonstration, as the US Army looks to replace its Army Tactical Missile System (ATACMS) with a weapon possessing a range previously prohibited under the expired Intermediate-Range Nuclear Forces (INF) Treaty.
“Today’s PrSM test, a highly stressful short-range shot, represents the third successful flight test proving the effectiveness, survivability and reliability of the tactical baseline missile,” Gaylia Campbell, vice president of Precision Fires and Combat Maneuver Systems at Lockheed Martin Missiles and Fire Control, said in an April 30 news release from the defense contractor.
The missile was launched out of the Lockheed-made High Mobility Artillery Rocket System (HIMARS) on Thursday morning at White Sands Missile Range in New Mexico and was reported to have flown some 85 kilometers to a target area, demonstrating a “highly accurate and lethal warhead event.”
Lockheed’s PrSM was required to complete a variety of tasks during the April 30 test, including those related to the confirmation of flight trajectory, overall missile performance and HIMARS launcher integration.
Thursday’s test was conducted as a demonstration of the next-gen weapon’s short-range capabilities. Previous tests examined the PrSM at target ranges of 240 kilometers and 180 kilometers.
“All objectives were achieved in the third and final flight demonstration as part of the Technology Maturation and Risk Reduction phase of the program,” the release read. “Today's flawless performance follows a highly accurate inaugural flight last December and equally successful March 10 test event.”
Raytheon revealed its exit from the competition for the missile contract in a March 25 company statement, but also noted that solutions had been found to technical issues that previously plagued its entry, dubbed DeepStrike. At the time, Lockheed had completed two successful tests, while Raytheon missed its inaugural test flight in December 2019 and was unable to recover and conduct a demonstration for the Army.
“Although we remain confident in our resolution to the technical issue that delayed our DeepStrike flight test, the Army and Raytheon have mutually come to the decision to conclude our participation in the PrSM Technology Maturation and Risk Reduction phase,” the defense contractor announced in the
statement provided to Defense News .
Despite Raytheon’s departure leaving Lockheed Martin as the only competitor for the missile contract, the Army has not slated the PrSM for fielding until 2023. Until then, a number of improvements will be made to the base missile developed by Lockheed Martin, which will have capabilities added to enhance its lethality and range - in that order - and additional industry competitions will be held.
Brig. Gen. John Rafferty, the Army’s Long Range Precision Fires cross-functional team director, told Defense News that the PrSM will have to be versatile, as it is expected to be utilized in multiple theaters.
“The early capability is against long-range artillery and integrated air defense systems,” he said “As you integrate the seeker technology, it gives you the ability to go after the mini-targets. Those mini-targets can be maritime in the Pacific; those mini-targets can be fire control radars [and airfields] in the European scenario.”
With the Russia-US INF Treaty no more due to Washington’s withdrawal from the agreement in August 2019, the US is expected to possibly increase the maximum range of the PrSM past the previously prohibited 499-kilometer mark, according to the outlet.
For now, however, the Army is looking at lessening the target range even further in the next flight test to get a better read on the weapon’s performance. Lockheed Martin will proceed with the next phase of the program and conduct another trio of tests once it receives its anticipated contract award from the service.

Lockheed Martin has won more than $6 billion to produce interceptors

Lockheed Martin has won more than $6 billion to produce interceptors and other equipment for the Patriot anti-aircraft and anti-missile defence system, the US Department of Defence said in a press release.
"Lockheed Martin Corporation of Grand Prairie, Texas, was awarded a $6,068,344,959 firm-fixed-price contract ...to produce Phased Array Tracking Radar to Intercept on Target Advanced Capability-3 missiles, missile segment enhancement configuration and associated ground support equipment and spares", the release said on Thursday.
The contract also includes incidental services, hardware, facilities, equipment, and all technical, manufacturing and testing efforts, missile segment enhancement configuration, and associated equipment, the Defence Department added.
Work on the contract will continue over the next seven years with an estimated completion date of 2027 in Huntsville, Alabama; Camden, Arkansas; Ocala, Florida; Chelmsford, Massachusetts; Grand Prairie and Lufkin, Texas; and Archbald, Pennsylvania, the release said.
On 1 April, Lockheed Martin was awarded a contract worth more than $818 million to produce 790 Joint Air-to-Surface Standoff Missiles (JASSM).

Kim Jong Un is not dead!

Kim Jong-un's well-being has been a matter of speculation over the past several weeks as the North Korean leader has been conspicuously absent from public events which led to rumours that he was either ill or even dead.
A video of North Korean leader Kim Jong-un inspecting a fertiliser plant in Sunchon after his several-week absence from public functions has been shared by the Korean Central News Agency.
In the footage, the supreme leader is seen cheered by locals in face masks outside of the plant, waving flowers and flags. Kim himself was filmed talking with top officials, seemingly in good health and spirits. Notably, none of them was wearing any facial protection.
May 2, 2020
He was also seen examining a machine installed in the plant and giving instructions to officials who escorted the chairman. Kim, a habitual smoker, was also spotted with a cigarette during a meeting at the facility.
Kim's previous public appearance took place on 12 April and his several-week-long absence, coupled with reports that he had been undergoing treatment following a heart-related surgery, fuelled rumours that he was gravely ill or even dead.

Android ransomware found extorting credit card information

Ransomware has long been one of the infamous malware types out there, perhaps due to the payday that it brings in. This has incentivized hackers to add such functionality to existing malware programs and this time Android ransomware is targeting unsuspecting users.
One such example is of the Black Rose Lucy malware family which was discovered in 2018 serving as a botnet and a dropper. Since then though, it has added ransomware capabilities targeting Android devices as discovered by researchers at Checkpoint.
See: How To Prevent Growing Issue of Encryption Based Malware (Ransomware)
Once Lucy infects a device, it starts by encrypting all the data on it and then displays a ransom note in the browser. The note claiming to be from the FBI scares the victim into believing that they have been found possessing pornographic material on the device which leads to a range of criminal offenses.
Furthermore, it states that their details have been sent to the FBI Cyber Crime Department’s Data Center and they should pay a sum of $500 as a fine.

A snapshot of the ransom note

A unique aspect emerging from this is that the payment is demanded by a request of credit card details rather than the usual method of receiving money via anonymity centric cryptocurrencies like Monero or
Bitcoin .
Featuring 4 encrypted C2 servers as a part of its code; these can be used by the malicious program to receive commands performing a range of tasks including but not limited to:
Making a phone call on any number specified.
Letting the server know of all installed applications on the device.
Opening a remote shell on the device which can let the attackers control the device remotely and also gain administrator privileges.
Deleting the malware itself.
How Lucy manages to infiltrate a smartphone is by abusing Android’s in-built accessibility features. As the researchers explain in a blog post,
Thereby, posing as a legitimate video application, the malware is installed without any user action making the process seamlessly smooth.

To add to this, 80 samples related to Lucy were found to be distributed through social media & instant messaging apps. The names of these apps aren’t known as of yet.
Concluding, this is one of the few smartphone ransomware that have been seen currently in the cybersecurity world with the majority usually aimed at larger computer systems . Hence, it would be just to say that this hints towards another trend arising that would haunt the world of smartphones soon.
This, however, is not the first time that Android users have been targeted by ransomware. Last year, ransomware was found infecting devices through pornographic posts . The list of ransomware infections against Android devices is never-ending.
To protect yourself, refrain from downloading any file regardless of its format from an unreputable source on your phone and also install a good anti-malware program alongside .

EventBot malware has ability to steal your bank,credit card details

EventBot malware has been active since March 2020.

Being a major mobile platform, Android is frequently targeted by hackers because of the lucrative benefits associated with it. That’s one major reason Android users normally find themselves coming across new types of malware built for the platform almost everyday.

Such is the case of a recent report by the Cybereason Nocturnus team who has discovered a new type of android Malware dubbed EventBot first seeing it in March 2020. To continuously accomplish its purpose, the attackers behind this malware have been releasing new versions with improvements & increased functionality over time. Currently, 4 of these were found named Version 0.0.0.1, 0.0.0.2, and 0.3.0.1 and 0.4.0.1.

The malware is believed to be a banking trojan and infostealer that exfiltrates important financial data from over 200 banking and cryptocurrency apps. This data is comprised of personal data, passwords, keystrokes, and banking information among others allowing EventBot to hijack transactions.

The targeted apps include the likes of PayPal, Coinbase, Barclays, Santander UK, and HSBC UK, among others, pointing to the fact that the majority of them are based in the United States & Europe in countries such as Italy, the UK, Spain, Switzerland, France, and Germany.

Complete list of the apps targeted by EventBot (Via Cybereason)

EventBot uses different techniques to gain unauthorized access. Firstly for it to get installed on the victim’s device, it poses as a legitimate application on different third-party app stores. Unsuspecting users download these leading to the malware gaining a hold on their device.

Some icons of the apps it has been imitating (Via Cybereason)

Once installed, it asks for permissions that it does not need including but not limited to accessing accessibility features, reading from external storage, letting the app run & use data in the background, allowing it to install packages & open network sockets, and open & read text messages. The lattermost permission also allows it to bypass two-factor authentication (2FA).

An example of one such permission request (Via Cybereason)

All of these then allow EventBot to function unhindered as a keylogger collecting data from any open windows and other applications. To send the collected data back to the attackers, it also downloads C2 server URLs with the data sent is encrypted using Base64, RC4, and Curve25519 depending on the respective version currently operating.

Concluding, coming to the question of attribution, Cybereason said in its blog post that they could not find any sources connected to it on “underground communities”. One reason may be that EventBot is “still undergoing development and has not been officially marketed or released yet.”

For Android users who may be concerned, as evident, the easiest way to avoid being infected is to not install apps through third-party stores and stick to Google's playstore. Moreover, EventBot should not be underestimated because as in the words of the researchers themselves,

This brand new malware has real potential to become the next big mobile malware, as it is under constant iterative improvements, abuses a critical operating system feature, and targets financial applications.