no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
The infrastructure of Northern Ireland has been suffered a "significant" number of online attacks for quite some time by hostile nations, UK's top cyber security agency has revealed.

CEO of National Cyber Security Centre (NCSC), Ciaran Martin, revealed on his two-day visit to Belfast, during his speech at Queen's University he briefed the permanent secretaries of Stormont departments.

During his interview with the Belfast Telegraph, he agreed that most of the cyberattacks cannot be stopped or are inevitable, but we can control the damage.

However, an Oxford University graduate explained: "We believe the aim is that they'll want to pre-position for times of tension, or they'll want to find out how systems work so that potentially they can compromise them in future. Attacks on critical infrastructure are going to happen - what's important is that they can't do as much harm as they might otherwise do."

Martin said: "The risk is there, I don't want to over-hype the risk, but in a digital economy like NI there are critical systems - the NHS, there will be power grids and so forth - so part of our job is to help the owners of those networks and make sure that if there is a large-scale very serious attack that it can only do a certain amount of damage and it can't paralyse the system. Part of the NCSC's job is, over time, to build in that resilience into the system so that large-scale damage is less likely.

"So a very serious attack is possible. I wouldn't say it's statistically more probable or less probable that it would happen in Northern Ireland than England or the Republic or somewhere else. What I would say with high confidence is that there is an everyday risk to the economy here from that sort of low sophistication, but highly prolific, set of attacks. There is always the potential for a very serious attack, and certainly, at a UK-wide level I think we expect a 'significant scale attack' in the next few years."

According to the agency, most of the organised cybercrime originates in eastern Europe, particularly Russia.

He continued: "Mostly you're just talking about low-level prolific tech where someone wants to steal a few hundred pounds, someone wants to hold a business to ransom, someone wants to steal a data set. It's just that corrosive, low-level damage where each individual attack is of no particular strategic significance, you add them all up and you've got a big problem and that's what we're trying to fix.

"The main source of cyber attacks are hostile foreign states and international criminal groups, they're not terrorist groups or paramilitary groups whether here in Northern Ireland or elsewhere. Paramilitary and terrorist groups across the world tend not to have very sophisticated cyber attack capabilities. It's mostly an organised criminal network, it may be under the sponsorship of the state, but it's a bunch of people sitting in cubicles looking at screens trying to do a large-scale attack."

no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
To recall that last Thursday the establishment of national cryptocurrency was commissioned by the Russian President Vladimir Putin. This week the Minister of Communications and Mass Media Nikolay Nikiforov stated at a closed meeting that Russia need immediately create national cryptocurrency.

He also noted that the national cryptocurrency will be traded internationally in the near future to get ahead of neighbors of the Eurasian Economic Union. Moreover, according to the Minister, after cryptoruble will be officially launched managed by Government all other cryptocurrency will be banned in the Russian Federation.

Firstly, it will not be possible to mine cryptoruble. Secondly, purchases and sales of cryptoruble will be taxed, this is 13% of personal income. Finally, it will not cause to automatic legalization of another cryptocurrency, for example, Bitcoin.

According to the Director of the Institute of Finance and Law Maksim Maramugin, Russian bureaucracy is fulfilling formally the mandate of Vladimir Putin. The President said them to do it and they did it. Creating national cruptocurrency that reflects only all the disadvantages of cryptocurrency will not make any positive changes in the economy.

- Christina

Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
Ransomware attacks forced Toshiba to cease NAND flash memory production, costing the business the equivalent of 400,000TB in SSD storage. In fact, Toshiba downed tools for up to six weeks following the attack, reports DigiTimes. Subsequently, the production loss could trigger a NAND supply crisis.

But production has now returned to normal, said the sources. Toshiba is one of the world’s biggest NAND producers. As such, a six-week shutdown means 100,000 unproduced wafers. In terms of storage, those 100,000 lost wafers equal around 50,000,000 chips, or 400,000TB, according to PCGamesN.

The world's NAND flash market was supposed to see improvements to the undersupply situation starting the fourth quarter, but the Toshiba fab shutdown has now created uncertainties, the sources indicated.
Demand for NAND flash chips has been driven by an increase in the average memory content in smartphones and server market growth, while growth in the supply has been constrained by chipmakers' slower-than-expected transition to 3D technology. The global supply of NAND flash memory fell short of demand in the latter half of 2016 and has remained tight since.

Nevertheless, end-market demand is actually not as strong as expected, and the NAND flash price rally has gone out of proportion, unable to reflect the real market demand, the sources said. Channel distributors have become reluctant to place orders as the consumption of end-market devices, such as SSDs, is being discouraged by their high prices. The price hikes already started to show an adverse impact on demand at the end of the second quarter, the sources noted.

Toshiba’s bad luck is also likely to affect its partner, SanDisk. NAND memory supply is already tight, so the mishap seems set to drive prices up in the short-term, at least. However, the company is investing nearly $1 billion in production equipment at its Yokkaichi Fab 6 plant, which should help counter supply issues long-term.
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
The enterprise arm of a Pune based IT security firm, Quick Heal, Seqrite has claimed they spotted an advertisement on DarkNet forum that claims access to data of over 6,000 Indian businesses. This means that sensitive information of organizations including service providers, banks and government has been breached by an unknown cybercriminal who has priced it at 15 Bitcoins (nearly Rs 42 lakh).

Seqrite Cyber Intelligence Labs, along with its partner seQtree InfoServices, tracked the advertisement where the unknown hacker is offering network takedown of affected organisations for an unspecified amount. They even disguised as buyers and contacted the advertisers for their services.

"This can be a major tool of mass disruption if a non-state actor gets hands on it," Seqrite said on its website.
Organisations whose services may be at risk include UIDAI, Idea, BSE, Flipkart, DRDO, Aircel, RBI, BSNL, SBI, TCS, ISRO, EPFO, among several others.

According to the information, the nation’s internet registry was also hit by the attack, but the organization says the information obtained was trivial.

However, government officials managing the entire Internet protocols in India have denied any such leak.

The National Internet Exchange of India (NIXI) released a statement condemning the notice as announced by the Darknet hacker. The NIXI clarified that there was no serious breach of the Indian registry database. “There was an attempt to penetrate the system and hackers were able to collect some basic profile information of the contact persons of some of the affiliates which were displayed by him on the darknet. There has been no serious security breach of its IRINN system, as it has a robust security protocol in place. The hacker has no capacity to cause any damage or initiate distributed denial of service to any entity who has been allocated Internet resources through IRINN System,” said a NIXI spokesperson.

The hackers have meanwhile claimed to disrupt business operations of any business they want, on demand. Maybe the amount of bitcoins charged would be even more for such ‘request’.
no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
The Press Secretary of the Russian President Dmitry Peskov called accusations of espionage by the American media directed to the Kremlin and "Kaspersky Lab" "absurd, baseless and unsubstantiated".

At the beginning of October the U.S. editions The Wall Street Journal and The Washington Post reported that the Russian authorities allegedly used the modified software of IT companies to search for secret documents around the world and to spy on US.

On this week The New York Times has complemented such story reporting that the US intelligence officers have heard of the theft of documents from Israeli colleagues who allegedly managed to hack the internal network of "Kaspersky Lab" and find evidence that the Kremlin really hacked the NSA.

Also, in July the US Government prohibited government Agencies using Antivirus Kaspersky for security reasons.

In addition, Bloomberg reported that "Kaspersky Lab" was developing a special technology for the Federal Security Service of Russia (FSB) and was sending to FSB all information about hackers.
"Kaspersky lab" denies cooperation with special services.

The head of Group-IB Ilya Sachkov commented at a press conference CyberCrimeCon/1 on one of the most discussed news in the world.

According to his opinion, the cyberwar between the US and Russia is unlikely, because it will lead to terrible consequences, to the catastrophe. He hopes that all countries understand this. Moreover, he does not believe in the development of the cyberwar with the participation of Russia.

Sachkov noted that product will not to become the goal of a cyber attack, if it is released in small volume and is not popular. "Import substitution does not increase security," he added.

- Christina

no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
British Parliamentarians became the victims of the cyber attack that attempted to uncover weak passwords used by lawmakers. According to a secret intelligence assessment, Iran was behind the attack, in which around 90 accounts were compromised.

 On June 23, British authorities detected some unusual activity, and immediately they took appropriate measures to prevent the hack. As a result, lawmakers were unable to access their e-mail for many days.  It is speculated that more than 9,000 email accounts were compromised including Theresa May and other ministers.

Initially, Russian hackers were blamed for this cyber attack, but investigating authorities have reportedly traced the attack to Tehran regime.  This cyberwarfare is believed to be a first major attack on Britain from Iran.

"What we need to do is keep that deal going - it's been a great success for UK diplomacy," Foreign Secretary Boris Johnson told reporters.

"This deal lives to fight another day, and that's a good thing."

While a spokesman for the National Cyber Security Centre said that “It would be inappropriate to comment further while enquiries are ongoing.”
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
A potential design flaw has been found in WhatsApp that will let anyone track a user's activity. While the contents of the messages can’t be read given that WhatsApp is end-to-end encrypted, the ‘online status’ feature can be used to monitor exactly when a user is online, according to a blog post written by a software engineer Robert Heaton. Your online status can help hackers figure out who you are talking to. It can also be exploited to spy on a user’s sleeping patterns – the time you go to bed and wake up.

Heaton, who has made similar security-related findings in the past, described it in his blog post just how easy it was to do this while relying on a laptop, Chrome extension and using WhatsApp web. He exploited the flaw by creating a Chrome extension with a minimal four lines of code, Digital Trends reported late on Tuesday. The code could even be tweaked to correlate more than two people messaging each other.

"What that means is that when you go offline and then come back online to read a message, that action is being logged.

Heaton though was relying on the ‘last seen’ option, which has privacy settings and gives users the option of blocking strangers. However, as the post points out, the default setting in the ‘last seen’ is often everyone and not many people bother changing this.

Unfortunately, there is nothing you can do to stop attackers from monitoring your activity. While the app has an option to show your last seen status to everyone, only your contacts, or no one, there is no way to disable the online status feature which reveals when you are actively using the service. This data can be easily collected on a mass level and then sold to third-party firms for advertising purposes.
no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more

Is India ready to be digital country? Do we have a cyper crime free mechanism to go digital? These are some basic real question that we need to ask before going full digital.

Now and then Government of India is linking its citizens Unique Identification number popularly known as Aadhar number with every document whether it is a mobile number, pan card, driving license etc.

But there are many reports which showed that citizen's privacy is being compromised. Recently, a Mumbai-based man, Shashwat Gupta, who works in Kozhikode for a private firm, was duped of Rs 1.3 Lakh after he was told to link his phone number to his Aadhaar card.

He took social Media website, Facebook to write about his ordeal, and it is a great example how we should be careful before sharing our Aadhar Card details with anyone.

"And in a blitz, my salary account was looted.

Hi guys! I just lost an amount of Rupees 1.3 lacs from my ICICI Bank salary account. A fraud, claiming to be from Airtel, gave me an ultimatum that Airtel would deactivate my SIM and block my number forever as I had not linked my Aadhar card to my SIM. He urged me to message my SIM card number to 121 (Official Airtel Service Number) and my SIM would be reactivated without any hassle. Little did I know that the fraudster would clone my SIM and loot all my hard earned money and also take away Investments (Fixed Deposits) that I had planned on using during the worst times of my life.

Is this all that was required to break my ICICI Bank Account? Is that how vulnerable technology have left us? I always thought that our accounts are well protected by layers of security. I was under the impression that a person would require my account details or debit card or some sensitive information that only I have, that I have been safeguarding every minute of my life, to break my account. But the truth is all that sensitive stuff is already floating around the criminal world waiting to be raided, as our beloved banks like ICICI Bank haven’t been able to keep what must only be ours, OURS!

It is unbelievable how easy it has become to steal from our accounts. All the fraudsters are doing is trying every trick they can think of to get that one tiny key that would break open a safe that seem to be safeguarded by hundred different locks.

The saddest part of this is, after the loot on day one, ICICI Bank was not able to protect the balance amount. Even after 18 hours of raising Service Request ( S/R 497438380 ) and repeated follow-ups on customer care and branch, the Bank was not able to freeze my balance and as a result early next morning the fraudster was easily able to walk away with the remainder amount. Dear ICICI Bank, are your services supposed to end in crisis or are you supposed relieve the customers’ grievances and prevent further damage?

ICICI Bank needs to understand that a fraudster breaks much more than an account with his activities, he breaks a persons’ life.

I feel that the Bank has failed to protect my account effectively and are completely responsible for my losses. I hence demand ICICI Bank to refund every single penny I’ve lost in this incident.
I would also like to speak out to my friends here, guys please be careful and wary of these frauds. The people who we think are securing us, are actually the ones screwing us."

However, ICICI Bank replied to Gupta's post that they would look into the matter. But, is it sufficient for him?

Now the question arises who was responsible for this fraudulence bank or the mobile company? Whose responsibility is to protect us from such kind of scams and frauds?

Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
How To Add The SwiftKey Keyboard To Your Android
How To Add The SwiftKey Keyboard To Your Android: Are you tired of the default keyboard on your mobile device? If so, the SwiftKey keyboard for Android can replace the default keyboard. It provides extra features, such as swiping from letter to letter to type using SwiftKey Flow, and auto-correct that learns your writing style to suggest words as you type. SwiftKey is free and all the keyboard themes available for download in the app are now also free.
Today we’ll show you how to add the SwiftKey Keyboard to your Android or iOS device and choose it as your default keyboard.

Add The SwiftKey Keyboard To Your Android Device

To add the SwiftKey Keyboard to your Android device, install the app and then open it.

Enable SwiftKey

Once the app is installed and opened, tap Enable SwiftKey“. We used a Google Pixel C tablet in our example, which runs the “stock” version of Android. The specific steps may be slightly different on your Android device, but the overall procedure should be similar.
Add The SwiftKey Keyboard To Your Android Device
On the “Available virtual keyboard” screen, find SwiftKey Keyboard and tap the slider button to enable it.
Turn on he SwiftKey Keyboard
The “Attention” dialog box displays telling you that this input method could collect personal data. Any third-party keyboard app collects data as you type so it can learn your writing style and become better at suggesting words as you type.
SwiftKey takes security seriously and use incredibly strict data security policies. They follow European user data laws, which are stricter than those in the United States.
Tap “OK” to continue.
Attention dialog box about collecting data
The slider button for the SwiftKey Keyboard option turns blue.
Tap the “Back” button on your device to return to the SwiftKey app.
Tap the Back button on your device

Select the SwiftKey Keyboard

In the SwiftKey app, tap “Select SwiftKey“.
Tap Select SwiftKey
Tap SwiftKey Keyboard on the “Change keyboard” dialog box.

Sign In To SwiftKey

Signing in to SwiftKey allows you to access additional features, such as getting better word suggestions (predictions) and syncing your settings among devices. To sign in to SwiftKey, tap “Get Better Predictions“.
Sign In To SwiftKey
You need to use your Google account to sign in to SwiftKey. Tap “Sign in“.
All the Gmail accounts you are signed into on your device display on the “Choose an account” dialog box. If you don’t see the account you want to use, tap “Add account” and follow the instructions to add a different account.
If the account you want to use is listed, tap on the option button for that account and then tap “OK“.

Allow SwiftKey To View Your Google Basic Profile Info

On the next dialog box, tap “Allow” to give SwiftKey Keyboard permission to view your basic Gmail profile info.
You’ll be asked to allow SwiftKey to learn your typing style by using all your sent messages from Gmail. If you want to do that, you can tap “Personalize” on the next dialog box that displays and follow the on-screen instructions to allow SwiftKey to access your sent Gmail messages. Otherwise, tap “Later” on that dialog box.

Customize The SwiftKey Keyboard

Now, you can add languages to the SwiftKey Keyboard, change the look of the keyboard with themes, resize the keyboard, and add a number row to the keyboard.
The keyboard displays with the selected options, allowing you to try it out.
To go back to the default keyboard, or any other keyboard you’ve added to your device, go to “Settings” > “Languages & input” > “Virtual keyboard“. Then, tap the keyboard in the list, or tap “Manage keyboards” to enable another keyboard.
Customize the SwiftKey Keyboard

Switch From The SwiftKey Keyboard To Another Keyboard

To switch to the next keyboard, tap and hold on the emoji icon on the SwiftKey Keyboard. Then, select “Next keyboard” from the pop-up menu. To switch back to the SwiftKey Keyboard, tap and hold on the globe icon on the keyboard and select SwiftKey from the pop-up menu.
Switch to another keyboard
How have you customized SwiftKey? Which other third-party keyboards do you use on Android? Let us know in the comments.
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
A hack at global accounting firm Deloitte shocked the world last month, and further details have been thin on the ground until 10 October.

Citing unnamed sources, the Guardian reported on Tuesday that a server with emails of some 350 clients, including U.S. government agencies, the United Nations and large corporations were compromised in the cyber attack.

"We take any attack on our systems very seriously," the statement said. "We are confident that we know what information was targeted and what the hacker actually did."

There are more than 30 blue-chip companies mentioned in the dossier obtained by The Guardian. Clients that were made vulnerable include the US departments of state, energy, defence and homeland security as well as the National Institutes of Health in the US, the US Postal Service, and Fannie Mae and Freddie Mac (mortgage funders and guarantors).

Deloitte said on 25 September that it was the victim of a cyber attack that affected the data of a small number of clients, providing few details on the breach.

The attack seems to have begun in autumn last year as Deloitte was migrating its email to cloud-based Office 365 at its Hermitage office in Nashville. Hackers allegedly got into the system using an admin account that could, in theory, have given them access to the company’s entire database of emails.

One source said: “The hackers had free rein in the network for a long time and nobody knows the amount of the data taken.” Apparently, Deloitte did not have multifactor authentication at the time of the breach.

The breach at Deloitte, which says its customers include 80 percent of the Fortune 500, is the latest in a series of breaches involving organisations that handle sensitive financial data that have rattled lawmakers, regulators and consumers.

"These are targeted attacks on a financial opportunity," said Shane Shook, an independent consultant who helps financial firms investigate cyber attacks. "This trend is going to continue to grow."
no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
A separate type of army intended to combat threats in cyberspace will be established in Poland, Krakow. The Minister of Defence of Poland Antoni Macierewicz spoke about it on Monday during his presentation on Cybersecurity Forum. He believes that protection from information threats is important nowadays, specially from Russian hackers.

"Groups of people carry out mass information or disinformation campaign," said Macierewicz, accusing the Russian hackers in an attempt to influence the outcome of the referendum on independence of Catalonia.

The Polish authorities will devote the project about 547 million dollars. It is planned to involve in this cyber army about a thousand people.

"The threat of Russian hackers" – a convenient excuse to justify waste. This opinion was expressed by the political scientist Paul Swyatenkov on the radio.

"It's just an excuse. Now many of the major countries create conditional armies of cybersecurity. So, this is a structures that should reflect the threats in cyberspace.It's not just about the superpowers, such as the Russian Federation or the United States, but also relatively small countries like Poland.", said Pavel.

"Polish authorities and the Ministry of Defence need to justify why they spend taxpayers ' money for such purposes. And then the most widely discussed topic about "Russian threat" comes to the rescue. So, all of this is doing now in order to escape from the widely publicized Russian hackers. Perhaps, in the future the military budget in this direction will increase. First step is the hardest,"

- Christina

no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
Sri Lankan police have arrested two people for allegedly planting a malware in a Taiwanese bank's servers to enable illicit transactions and sending unauthorized, doctored messages through the interbank Swift network.

The Criminal Investigation Department (CID) started an investigation last week after a reports that an individual received Rs 110 million from a bank, Taiwan Far Eastern Bank,  that was compromised.

The Director at police criminal investigations division (CID),  Shani Abeywardana told Reuters, “We arrested on a tip-off from the Bank of Ceylon that there had been a suspicious transaction.”

“From the investigations and questioning we’ve found out that this is connected to hacking in Taiwan,” Abeywardana said.

An English news website of Taiwan's Central News Agency (CNA), Focus Taiwan has reported that Far Eastern Bank had informed about the breach to the Taiwan’s financial watchdog,  Financial Supervisory Commission as well as the  Society for Worldwide Interbank Financial Telecommunication's (SWIFT) network.

“Through the planted malware, hackers conducted virtual transactions to move funds totaling nearly $60 million from Far Eastern Bank customers’ accounts to some foreign destinations such as Sri Lanka, Cambodia and the United States, the bank found on Tuesday,” Focus Taiwan’s website said.

“It added that since the bank continues to trace the lost funds by underpinning certain fund movements, the loss could be reduced to zero. It said the hacking did not lead to any leaks of customer information.

To track down the hackers, the police Criminal Investigation Department (CID)  was working closely with Taiwan counterparts since last week.

"We are looking at about $1.3 million that had come into three accounts in Sri Lanka," said the official.

"We have taken two people into custody and we are looking for one more person".

However, police have recovered most of the money, and a court investigation is pending.

Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
The grocery chain, which was acquired by Amazon for $13.7 billion in late August, announced Thursday it "recently received information regarding unauthorized access of payment card information."

Customers who bought groceries at 56 stores throughout the country were not affected by the breach, but instead, those who frequent the in-store table-service restaurants and taprooms at those places may have had their payment card information accessed as a different point of sales system is used there. The stores' main checkout registers were not a part of the breach.

If the whole Equifax debacle changes anything at all, it should be the public perception of what a responsible disclosure looks like in the wake of a devastating data breach.

That’s a lesson that, incredibly, Whole Foods seems determined to ignore.

The data breach was made public two weeks ago, but the affected stores were not announced at that time, as the company investigated the hack. It was uncertain whether the security breach reached all 470 Whole Foods locations, according to the Associated Press, but that number was later reduced.

It’s been 12 days since Whole Foods first disclosed that its point-of-sale systems were compromised, leaving an untold number of credit card holders at risk. The following day, Gizmodo reported that as many as 117 venues may have been impacted. At the same time, the company set up a website that allows the public to see which stores are involved which included two San Francisco locations, three in the South Bay, and other parts of the Bay Area. But since then, the company has gone dark.

To date, Whole Foods’ initial statement on September 28th represents the entirety of its public disclosure. In an email to Gizmodo on Monday, the company again declined to say when the company first discovered the breach. Did it wait days, weeks, or months to notify the public? That is information Whole Foods has readily on hand and is refusing to divulge. The supermarket chain has further refused to say whether any potentially compromised customers have been contacted individually.