Cybersecurity - NEWS POLITE

Self-Spreading Malware Attacking Gamers, Stealing Credentials via YouTube: Kaspersky

A self-spreading malware is said to be attacking gamers via YouTube videos. As per a report by Kaspersky, this is caused by an unusual malicious bundle, which includes malicious programs distributed in the form of a single installation file, self-extracting archive or other file with installer-type functionality. Its main payload is the widespread RedLine stealer — one of the most common Trojans used to steal passwords and credentials from browsers. The report also says that the bundle is available on underground hacker forums for a small price tag.

According to the Kaspersky report, the malicious bundle is merely a few hundred dollars, which is a small price tag for malware. The RedLine stealer can steal usernames, passwords, cookies, bank card details, and autofill data from Chromium- and Gecko-based browsers, data from cryptowallets, instant messengers, and FTP/SSH/VPN clients. In addition, RedLine can download and run third-party programs, execute commands, and open links in the default browser.

Alongside the stealer, there are other files in the bundle that facilitate self-propagation of the malware. In the process, the YouTube channels are hacked and videos with malware are posted. “These videos advertise cheats and cracks and provide instructions on hacking popular games and software,” the report said.

The games for which cheats and cracks are mentioned in the videos include APB Reloaded, CrossFire, DayZ, Dying Light 2, F1 22, Farming Simulator, Farthest Frontier, FIFA 22, Final Fantasy XIV, Forza, Lego Star Wars, Osu!, Point Blank, Project Zomboid, Rust, Sniper Elite, Spider-Man, Stray, Thymesia, VRChat, and Walken. The report cited Google as saying that the hacked channels were quickly terminated for violation of the company’s Community Guidelines.

Once accessed, the malicious bundle unpacks and runs three executable files. The first is the RedLine stealer, and the second is a miner. The report says that the main target audience is gamers who are likely to have video cards installed in their systems. These cards can be used for mining. The third executable file ensures automatic startup and runs the first of the batch files. These batch files run three other malicious files, which are responsible for the bundle’s self-distribution.

Buying an affordable 5G smartphone today usually means you will end up paying a “5G tax”. What does that mean for those looking to get access to 5G networks as soon as they launch? Find out on this week’s episode. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Check out our Latest News and Follow us at Facebook

Original Source

EU Proposes Draft Rules Under Cyber Resilience Act to Assess Cybersecurity Risks on Smart Devices

The European Union (EU) has announced a set of draft rules to make it mandatory for all smart devices connected to internet to assess their cybersecurity risks. The step has been taken amid growing concerns about cyberattacks. Under the newly proposed law, known as the Cyber Resilience Act, the European Commission can also levy fine of up to EUR 15 million (nearly Rs. 120 crore) or up to 2.5 percent of their global turnover on all companies who fail to comply with the rules.

The EU has made it strict for all smart devices connected to internet — including laptops, fridges, smartwatches — to assess the cybersecurity risks. In case of any errors, the companies are also compelled to fix them under the new Cyber Resilience Act. EU digital chief Margrethe Vestager, in a statement released earlier today, said, “It (the Act) will put the responsibility where it belongs, with those that place the products on the market.

The act was initially announced by European Commission President Ursula von der Leyen in September 2021. The step has been taken in direction to make digital products more secure for consumers across the EU. Failing to comply with the laws can invite a fine of up to EUR 15 million or up to 2.5 percent of the total global turnover for the companies.

Vestager also encouraged companies to comply to these rules of assessing cybersecurity risks as it could save them as much as 290 billion euros annually in cyber incidents.

Under the new law, manufacturers will have to assess the cybersecurity risks on their products. In case of any faults, the companies need to take appropriate procedures to fix problems. Moreover, they are also bound to inform EU cybersecurity agency ENISA of cyber incidents within 24 hours as and when they get aware about it.

The draft rules, before becoming a law, will need to be agreed with EU countries and EU lawmakers.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Ethereum Merge Aftermath: Here’s How the Upgrade Affects Regular Users

Check out our Latest News and Follow us at Facebook

Original Source

EU to Announce Cyber Resilience Act Aimed at Risky Smart Devices on September 13

The EU is reportedly preparing to announce a new proposal that is aimed at smart devices with cybersecurity risks, in order to cut the cost of cyber incidents in the European Union. Manufacturers of smart devices that are connected to the Internet will have to ensure their devices are secure, or risk their products being banned and face fines as high as EUR 15 million (roughly Rs. 120 crore) or up to 2.5 percent of their total global turnover.

On September 13, the European Union executive will announce the Cyber Resilience Act, a proposal that could eventually become law, according to a Reuters report. The proposed regulation covers Internet connected devices such as smart TVs, refrigerators, and smart speakers, proposing stringent rules requiring manufacturers to shore up their security.

According to the report, the EU’s proposal will expect smart device manufacturers to assess the cyberscurity risks of their products and ensure that flaws and issues are resolved, and notify the European Union Agency for Cybersecurity (ENISA) of cybersecurity-related incidents within 24 hours.

The proposal also recommends that companies who do not follow the proposed rules be fined as much as EUR 15 million (roughly Rs. 120 crore), or up to 2.5 percent of their total global turnover, whichever amount is higher. As per the report, this fine could be reduced for smaller offences.

Similarly, the proposed Cyber Resilience Act also allows national surveillance authorities to restrict a product from the European market by ordering that it be withdrawn or recalled, if it does not comply with the rules. The proposed legislation could eventually become law once EU countries provide input, according to the report.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Nothing Phone 1, Google Pixel 6a Flipkart Big Billion Days 2022 Sale Prices Announced: Offers, Specifications

Puma Launches Its First Metaverse Experience With NFTs Redeemable as Real Sneakers

Check out our Latest News and Follow us at Facebook

Original Source

Samsung Discloses Breach of US Systems in July, Says Personal Information Was Exposed

Samsung on Friday disclosed that it had recently detected a cybersecurity breach that resulted in the exposure of personal information of customers. The incident took place in late July, according to the South Korean firm, when an unauthorised third party compromised the company’s US systems. Samsung says that as part of an ongoing investigation, the company hired a cybersecurity firm and is coordinating with law enforcement. The company previously revealed that it had been affected by a data breach in March, where hackers managed to steal source code for Samsung smartphones.

On Friday, Samsung disclosed the security breach via its security response centre, revealing that the attackers may have gained access to personal information of customers, including name, contact and demographic information, date of birth, and product registration information.

According to Samsung, the data exposed in the breach did not include customers’ Social Security numbers or credit and debit card details. While the company is yet to specify the number of users and regions that were affected, the notice appears to suggest that US customer details were exposed in the incident.

“We have taken actions to secure the affected systems, and have engaged a leading outside cybersecurity firm and are coordinating with law enforcement,” Samsung said on its website, adding that it has notified customers of the incident.

Samsung says that it has reached out to customers that it has identified as being affected by the issue and will contact users it has not yet reached out to, if further notifications are required during its investigation.

According to the company, users should remain cautious of unsolicited communications asking for personal information, avoid clicking on links or downloading attachments from suspicious emails, and review their accounts for suspicious activity. The company says its consumer devices were not affected during the incident.

Back in March, Samsung revealed that it had suffered a cybersecurity breach, which resulted in the exposure of internal company data. The leaked data included source code for Samsung Galaxy smartphones, but Samsung had stated that the personal data of customers or its employees was not affected. The Lapsus$ hacking group had previously claimed responsibility for the breach, and the company stated at the time that it had taken measures to prevent breaches in the future.

Affiliate links may be automatically generated – see our ethics statement for details.

Check out our Latest News and Follow us at Facebook

Original Source

India’s Power Grid to Gain Greater Protection From Cyberattacks, Power Minister Says: Report

The country’s power grid is set to gain improved protection from cyberattacks, Union Power Minister RK Singh reportedly stated on Thursday. As per a report, while the threat of cyberattacks aimed at the electricity network has remained an issue, the minister said that the Electricity (Amendment) Bill 2022, will include a provision for the regular inspection of the national electricity grid, as part of the government’s efforts to improve cybersecurity of the power network which have previously been targeted by cyberattacks.

The Electricity (Amendment) Bill 2022 includes a provision created by the power ministry that allows for inspection of the national electricity grid, according to a report by PTI. The inspection will help to maintain cyber hygiene in the power grid, which has faced cyberattacks on more than one occasion over the past year.

As per the report, the power ministry is aware of the source of attacks on the power transmission system, which is why the provision for regular inspections has been included.

“Therefore, we are empowering our central (national) load dispatch centre so that it can do inspections and give directions. We have one grid in the country and if there is some issue in one corner of the nation then the entire grid can collapse. That is why this provision is made,” the minister told PTI.

In April, the minister had announced that attempts made by hackers based in China that were aimed at the electricity distribution centres near Ladakh had been blocked. The power transmission in the Union Territory has been taregeted twice, he had stated at the time.

Check out our Latest News and Follow us at Facebook

Original Source

Google Announces New Digital Safety Measures for India, Allocates $2 Million Grant for Outreach Programs

Google announced a numbers of online safety measures in India on Thursday. The initiatives, as announced by Google India’s Vice President and Country Head, Sanjay Gupta, aims at building a safer internet for everyone against cyber threats amid India’s growing digital economy. The company introduced four key imperatives for the Indian users to prioritise cybersecurity skilling, invest in user awareness, and support local community organisations for digital safety training. Google India also announced grants worth $2 million (nearly Rs. 16 crore) from Google.org to non-profit organisations in India for enhanced digital safety.

In an official blog post, Gupta announced several initiatives taken at Google for India’s digital space. The company will conduct cybersecurity roadshows in various cities to upskill around 1 lakh developers. The roadshows “will share unique tools, detailed guidance, and best practices,” enabling the developers to create safer apps with embedded security in line with modern IT practices.

The company also announced $2 million (nearly Rs. 16 crore) grant to support non-profit work in online safety, especially for high-risk communities like women, LGBTQIA+, and seniors. The non-profits will be tailoring outreach programs for these communities in their preferred languages. The content and resources will be available in English and multiple Indian languages.

The organisations that will join Google to receive funding will include Collective Good Foundation (CGF), Point of View, HelpAge India and Sheroes.

Google has also announced the launch of ProtectingChildren.Google website in three Indian languages — Bengali, Hindi, and Tamil — to provide child safety toolkit. The website fights abusive content, making the digital space safe for children.

Check out our Latest News and Follow us at Facebook

Original Source

Provident Fund Data of 28 Crore Indians Leaked By Hackers, Claims Ukraine Based Researcher

Provident Fund (PF) data of about 28 crore Indians was found to have been leaked by hackers earlier this month. A cybersecurity researcher from Ukraine, Bob Diachenko, made the discovery on August 1 and found that details such as Universal Account Number (UANs), names, marital status, Aadhaar details, gender, and bank account details were exposed online. According to Diachenko, he found two different internet protocol (IP) addresses hosting two clusters of leaked data. Both of these IPs were hosted on Microsoft’s Azure cloud storage service.

Cybersecurity researcher Bob Diachenko detailed the leak in a post on LinkedIn. On August 2, Diachenko discovered two separate IP clusters of data that contained indices called UAN. Upon reviewing the clusters, he found that the first cluster contained 280,472,941 records, whereas the second IP contained 8,390,524 records.

“After quick review of the samples (using a simple browser), I was sure that I am looking at something big and important”, Diachenko said in his post. However, he was not able to find who owned the data. Both the IP addresses were hosted on Microsoft’s Azure platform and were India-based. He wasn’t able to obtain other information via a reverse DNS analysis.

The Shodan and Censys search engines from Diachenko’s SecurityDiscovery firm found these clusters on August 1. However, it is not clear how long the information was available online. The data could’ve been misused by hackers to gain access to the PF account. Data such as name, gender, Aadhaar details, could also be used to create fake identities and documents.

The researcher tagged the Indian Computer Emergency Response Team (CERT-In) in a tweet informing them about the leak. The CERT-In replied to his tweet asking him to provide a report of the hack in an email. Both IP addresses were taken down within 12 hours after his tweet. Diachenko says that since August 3, no company or agency has come forward to take responsibility for the hack

Check out our Latest News and Follow us at Facebook

Original Source

Alibaba Executives Reportedly Summoned by Shanghai Authorities Over Data Theft Probe

Executives from Alibaba Group Holdings’ cloud division have been summoned by Shanghai authorities in connection with a theft of police data on Chinese citizens, the Wall Street Journal reported on Thursday.

Based on scans of the police database, cybersecurity researchers concluded that the stolen data of nearly 1 billion Chinese citizens was hosted on Alibaba‘s cloud platform, according to the report.

Alibaba did not immediately respond to a Reuters request for comment.

Since the theft was discovered, Alibaba has temporarily disabled all access to the breached database and launched an inspection, the report said.

Earlier this month, it was reported that a hacker claiming to have stolen personal data from hundreds of millions of Chinese citizens is now selling the information online.

A sample of 750,000 entries posted online by the hacker showed citizens’ names, mobile phone numbers, national ID numbers, addresses, birthdays, and police reports they had filed.

AFP and cybersecurity experts have verified some of the citizen data in the sample as authentic, but the scope of the entire database is hard to determine.

Advertised on a forum late last month but only picked up by cybersecurity experts this week, the 23TB database — which the hacker claims contains the records of a billion Chinese citizens — is being sold for 10 Bitcoins (approximately Rs. 16,00,000). the 23TB database — which the hacker claims contains the records of a billion Chinese citizens — is being sold for 10 Bitcoins (approximately Rs. 16,00,000).

At least four people out of over a dozen contacted by AFP confirmed their personal details, such as names and addresses, as listed in the database.

In replies to the original post, users speculated that the data may have been hacked from an Alibaba Cloud server where it was apparently being stored by the Shanghai police.

Potter, the cybersecurity analyst, confirmed that the files were hacked from Alibaba Cloud, which did not respond to an AFP request for comment.

If confirmed, the breach would be one of the largest in history and a major violation of the recently approved Chinese data protection laws.

Check out our Latest News and Follow us at Facebook

Original Source

Lithuania Faces Cyberattack, Russia’s Killnet Claims Hack of Sites in Retaliation for Transit Ban

Lithuanian state and private institutions were hit by a denial-of-service cyberattack on Monday, the Baltic country’s National Cyber Security Centre said in a statement released by the defence ministry.

“It is very likely that attacks of similar or greater intensity will continue in the coming days, especially in the transportation, energy and financial sectors,” the centre said.

Lithuania’s tax authority said in a statement it had halted all activities due to an unusually large number of attempts to connect to its systems, although all data was safe.

“The main targets are state institutions, transport institutions, media websites,” deputy Defence Minister Margiris Abukevicius said, in another sign of deteriorating relations between Baltic NATO country Lithuania and neighbouring Russia because of Moscow’s invasion of Ukraine in February.

Soon after, Russian hacker group Killnet claimed responsibility for the distributed denial of service (DDoS) cyberattack on Lithuania, saying it was in response to Vilnius’s decision to block the transit of goods sanctioned by the European Union to the Russian exclave of Kaliningrad.

“The attack will continue until Lithuania lifts the blockade,” a spokesperson for the Killnet group told Reuters. “We have demolished 1652 web resources. And that’s just so far.”

Kaliningrad is connected to the rest of Russia by a rail link through Lithuania, a member of the EU and NATO.

Kaliningrad is sandwiched between EU and NATO members Poland and Lithuania and supplied by rail via Lithuanian territory.

Lithuania had begun to see signs of an attack as early as June 21, Abukevicius said.

A Russian Security Council spokesperson on June 22 promised retaliation over the blocked shipments, stating that these would have “a serious negative impact on the population of Lithuania”.

European Union foreign policy chief Josep Borrell said last week Lithuania “only applies the European Union sanctions” in ceasing transport of certain goods to Kaliningrad, and has not taken any unilateral decisions.

Check out our Latest News and Follow us at Facebook

Original Source

SpiceJet Says Q4 2021 Earnings Delayed Due to Ransomware Attack on IT Systems

No-frills airline SpiceJet on Friday said the announcement of its audited standalone and consolidated financial results for the quarter and financial year ended March 31, will get delayed due to a ransomware attack on its IT systems. In a regulatory filing, SpiceJet said it has postponed its board meeting on May 30, to consider and approve the company’s March quarter and FY 22 results to a later date.

“We wish to inform you that we are expecting a delay in submission of audited standalone and consolidated financial results of the Company for the financial year ended March 31, 2022 with stock exchange… due to ransomware attack on our IT systems which has affected the completion of the audit process within the stipulated time,” the filing added.

The company is taking the corrective measures with assistance of cyber experts and authorities on the issue, it said.

“Accordingly, the board meeting of the company scheduled to be held on May 30, is being postponed and the revised date of the board meeting… will be communicated shortly,” SpiceJet said.

Several SpiceJet flights were delayed on Tuesday due to a ransomware attack on its system.

“Certain SpiceJet systems faced an attempted ransomware attack last night that has impacted our flight operations. While our IT team has to a large extent contained and rectified the situation, this has had a cascading effect on our flights leading to delays,” a SpiceJet spokesperson had said in a statement on May 25.

The airline in the statement also informed that it was in touch with experts and cybercrime authorities on the issue.

Check out our Latest News and Follow us at Facebook

Original Source

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.