no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
In a 3-2 vote on Thursday, the Federal Communications Commission, in response to a proposal by Ajit Pai, Chairman of the FCC, has accepted the discard of the net neutrality rules that stopped broadband providers from blocking websites, charging extra for higher-quality service, or certain content.

These regulations were created to ensure that providers treat all internet traffic equally and the dismantling of net neutrality has caused outrage and panic among U.S. citizens on the social media.

This action has reversed their 2015 decision to have stricter and stronger oversight over internet providers to ensure the safety of free communication online.

The commission’s chairman, Ajit Pai, has defended the vote saying that this would ultimately benefit the customers as corporations like AT&T and Comcast would be able to provide them a wider range of services, adding that this move would encourage competition and prove as an incentive to build networks.

However, the general consensus seems that this is a move in favor of large corporations and not the consumers. This will also affect start-ups and smaller companies as they have to pay to reach a wider audience.

Democratic Leader Nancy Pelosi described this decision as "a stunning blow" to the promise of a free and open Internet.

"With this unjustified and blatant giveaway to big providers, FCC Chairman Ajit Pai is proving himself an eager executor of the Trump Administration's anti-consumer, anti-competition agenda," Pelosi said.

After the uproar caused over this decision, major broadcast providers like AT&T and Comcast have promised their customers that their online experience will not change, but many are skeptical that companies will not adhere to their promise now that there is lighter regulation over their activities.

Several public interest groups and democratic state attorneys have allegedly promised to file a suit to stop this change.
no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
An Indian-American student has pleaded guilty to creating a giant devastating Mirai botnet, which spread via vulnerabilities in Internet-connected devices, resulted in widespread internet disruptions.

Paras Jha, 21, a former Rutgers University student and two other men Josiah White, 20, and Dalton Norman, 21,  are pleaded guilty by the federal court on Friday to charges involving computer crimes which includes writing code, sale and use of the two botnets,   the Department of Justice announced.

According to court documents, Jha had executed a series of attacks on the networks of Rutgers University between November 2014 and September 2016,  which caused a massive damage to the university, its faculty, and its students.

“Paras Jha has admitted his responsibility for multiple hacks of the Rutgers University computer system,” Acting U.S. Attorney William Fitzpatrick said in a statement on Wednesday.

“These computer attacks shut down the server used for all communications among faculty, staff, and students, including assignment of coursework to students, and students’ submission of their work to professors to be graded,” he said.

“The defendant’s actions effectively paralyzed the system for days at a time and maliciously disrupted the educational process for tens of thousands of Rutgers’ students.

“Yesterday, the defendant has admitted his role in this criminal offense and will face the legal consequences for it,” Mr. Fitzpatrick said.

Whereas, Jha’s father, Anand Jha, has denied all allegations against his son. "Nothing of the sort of what has been described here has happened."

Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
A caffeine peddling Starbucks store in Buenos Aires is not the place you'd expect to find illegitimate cryptocurrency mining to go alongside your venti triple shot skinny mint latte. But when Noah Dinkin, CEO of Stensul, a platform that helps marketers craft emails, visited the branch last week, he discovered that the one of the store’s Wi-Fi provider was hijacking his laptop to mine digital currency.

It turns out the hotspot had been hijacked and injected with malware that syphons off processor power to crunch the calculations needed to generate or 'mine' cryptocurrency, Monero in this case.

Starbucks has acknowledged that visitors to its Buenos Aires branches were unwittingly recruited into a crypto-currency mining operation, though mining malware was not meant to be on the menu.
Starbucks said that it had taken "swift action" to address the problem. When Dinkin alerted the coffee-pushing company to the infection, Starbucks got its internet service provider to purge the malware from the network. So it would appear that this is the work of a hacker rather than a way for Starbucks to make some extra cash on the side.

At the time, a Starbucks spokesperson stated that the issue was resolved quickly and wasn’t widespread, but Dinkin disagreed on the latter point. “This was observed by a friend and me in three separate Starbucks stores in Buenos Aires over multiple days following my original tweet, that week,” he wrote on Twitter on Wednesday. “It wasn't just one store.”

It is not known who was behind the mining operation.

When Motherboard reached out to the Argentine internet provider responsible for Starbucks’ Wi-Fi in Buenos Aires—Fibertel—the company blamed hackers for planting the miner code on their network.

But this is an evolution of a popular scheme. One expert said the incident highlighted the risks of using public wi-fi.
no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
Its all about an email that strikes no less fear among the net users who have reasons to raise doubts over the guarantee of safety and security.

The fear of being a victim strikes a visitor as he or she spots an “https” page.  NATWEST has sounded alert on its customers to be careful of a website in question bearing striking similarities with the real one portal.

A visitor is trapped as soon as one verifies one’s personal details acting on the instructions of the lookalike email before getting the fake web page. Then the guys behind this nefarious mission get an easy access to the personal details of the customers. A section of customers, however, is aware of the danger after they received the screenshot of the fake website.

Millions of net users are sharing the discourse and alertness on the Twitter. But is there is an end? If one raises doubts over the guarantee of HTTPS another talks of SSL certificate.

The London based Intelligence Bureau has admitted the fiasco and has been devising a formidable mechanism to jointly with NatWest to firmly deal with this menace.

NatWest is believed to have been processing a system to identify fake websites. But it finds difficult to yield result instantly. The bank officials say the need of the hour is a massive awareness of the suspicious emails with unrecognized addresses apart from glaring mistakes in grammar and spellings.

The customers are free to take the help of the bank if a suspicious email is spotted to get in touch with the authority through or

This is not for the scammers to target the wealthy customers. An identical scam threatened to rob the Santander customers in March this year forcing the authority to maximize alertness.

The targeted customers received text messages from the scammers who pretend to be banking officials. But the bankers stopped sharing information of the customers without any convincing queries.
no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
We’re all familiar with surge pricing and paying high amounts of money for small distances to corporations like Uber or Ola, but last Friday, a man in Canada was charged about C$18,500 for a 5.6-kilometre trip.

That’s about 14,500 in US Dollars, or 9.3 lakhs in Indian Rupees. Hisham Salama, the rider in question, took to Instagram to share this story. His friend also posted a screenshot on Twitter:

Uber looked ready to shift all the blame on the customer, as proven by a screenshot of the conversation between Hisham and the company.

Finally, it seems the uproar on social media caught their attention and they apologized as well as refunded the money back to Hisham. According to his tweet, they will be setting up a meeting with a representative and solve the problem.

Uber later defended itself saying that the huge charge was an “error” and has been resolved, adding that they have refunded the money and apologized for the experience.

A spokesperson from the company, in a statement to Slate, said, “We have safeguards in place to help prevent something like this from happening, and we are working to understand how this occurred.”

Uber further went on to put the blame on the driver, saying that his cab was a traditional cab with a meter and the driver had made a mistake while putting in the fare details into it, and that the error was not a technical glitch.

(Currency figures are 1 CAD = 0.78 USD and 50.24 INR)

Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
CNN says it's gotten to the bottom of Anderson Cooper's Trump-bashing tweet ... and all signs point to a forgetful assistant, who has been appointed for last 10 years.

CNN faced widespread mockery and scepticism on Wednesday after the network claimed an unidentified gym locker room thief sent a tweet from Anderson Cooper's account that called President Trump a "tool" and a "pathetic loser."

In a statement, CNN claimed the tweet in question was sent from a phone belonging to Cooper's assistant in New York while Cooper himself was in Washington D.C.
CNN said the tweet was the result of the anchor's assistant's phone being taken.

A CNN spokesperson said, "[Cooper's] assistant inadvertently left his phone unlocked and unattended at the gym early this morning and someone took the phone and sent the Tweet."

"Geolocation tools confirm that the tweet in question was not sent from Anderson Cooper’s phone," read a statement from the network. "Anderson was in Washington, and we have proof the tweet was sent from New York, from a phone belonging to his assistant."
He's apparently the only other person besides Anderson with access to the account.

BuzzFeed reporter Chris Geidner, who like Cooper is gay, tweeted in response, "I have never met a gay man who has left his phone unlocked and unattended at the gym, but OK."

The errant tweet was a response to the president on Wednesday regarding the loss of Republican candidate Roy Moore in the Alabama special election. Trump had tweeted: "The reason I originally endorsed Luther Strange (and his numbers went up mightily), is that I said Roy Moore will not be able to win the General Election. I was right! Roy worked hard but the deck was stacked against him!"

Anderson's verified Twitter account replied to Trump early Wednesday morning -- calling 45 a "tool!" and a "Pathetic loser."
no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
American International Group Inc., an American multinational insurance company, has launched a new system for cyber threat analysis.

The system scores companies on the degree to which a cyber attack may affect their business and the potential costs involved. It compares the company’s risk of having a breach to the safeguards it has in place.

Tracy Grella, AIG’s Global Head of Cyber Risk Insurance, in an interview said, “AIG’s underwriters have been using the computerized analysis since November, which combines information from a new insurance application designed for the process and data about current cyber threats to generate scores on various related factors.”

With mounting cyber threat to businesses, this system hopes to provide a way to measure the risk involved in a business so that cyber coverage in insurance may be taken into consideration.

This comes after AIG in October said that they will review all coverage types to check for cyber risk and give insurers a clear picture about cyber coverage and estimated financial exposure. They will also create a cyber-risk report for the customers with the analysis scores for understanding and comparing.

Along with this, AIG also announced their partnership with cybersecurity companies CrowdStrike Inc and Darktrace, on Tuesday, to launch CyberMatics, a service that verifies information AIG receives from customers’ cybersecurity tools.

Darktrace Chief Executive, Nicole Eagan, said, “The service uses artificial intelligence, or the ability of machines to carry out tasks normally associated with human intelligence, to look inside an insured company’s network for strengths and vulnerabilities.”

Tracy Grella said that while companies are not required to use the service, those who do may be able to negotiate more favourable policy terms.

no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
President Donald Trump has finally signed into a legislation that bans the use of a Russia based anti-virus software, Kaspersky Lab,  within the U.S federal agencies.

For past months Kaspersky has tried to mend their relationship with the US and has failed to clear its links with, Russian Intelligence agency, Kremlin.

"The case against Kaspersky is well-documented and deeply concerning. This law is long overdue," said Democratic Senator Jeanne Shaheen.

The anti-virus firm has been accused of allowing its anti-virus software to be used by Russian intelligence to exfiltrate information from the PCs of US government officials.

According to the New York Times report, Israel had informed United States about the Russian hackers using anti-virus software to break into NSA's computers to steal secrets.  After this, UK's cybersecurity authorities have also warned its country's agencies against using Kaspersky.

However, Kaspersky Lab has denied all the allegations.

Kaspersky's co-founder Eugene Kaspersky said: "Internet balkanisation benefits no one except cybercriminals. Reduced cooperation among countries helps the bad guys in their operations, and public-private partnerships don't work like they should.

"We need to re-establish trust in relationships between companies, governments and citizens. That's why we're launching this Global Transparency Initiative: we want to show how we're completely open and transparent.

no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
Pretending to be somebody you're not in an email has never been very sufficiently hard – all thanks to phishing, that endless scourge of web security. In any case, now one researcher recently, has uncovered another gathering of bugs in an email program that by and large strip away even the current, defective protections against email impersonation, enabling anybody to imperceptibly spoof a message with no allude at all to the recipient.

 On Tuesday, Sabri Haddouche, a developer and a bug hunter revealed a noteworthy new email spoofing strategy. Named Mailsploit, the strategy use bugs in email clients and enables hackers to dispatch imperceptible email spoofing attack, including well know clients like Microsoft outlook 2016, apple mail, Yahoo! Mail and many more.

Mailsploit has the capacity to effectively go through email servers and circumvent the already established spoofing protection like DMARC and other spam filters. This implies that if the server is configured to utilize DMARC or Domain Keys Identified Mail (DKIM) it will regard a message as genuine, regardless of whether it ought to be spam-binned. Through a demo that Haddouche has made accessible on his site depicting the Mailsploit attack gives anybody the access to send messages from whichever address they desire;, or some other made up the email address that may trap somebody into surrendering their private information and details. Mailsploit now though has made it possible that no amount of scrutiny in the email client can help uncover the fakery.

 Where is DMARC?

 Domain-based Message Authentication, reporting and conformance, which blocks spoofed emails via painstakingly sifting through those whose headers pretend to originate from an unexpected source in comparison to the server that sent them. This authentication system has progressively been embraced by different administrators throughout the years.

 In any case, Mailspoilt's tricks defeat DMARC by misusing how email servers handle content information uniquely in contrast to desktop and portable or mobile working systems. By creating email headers to exploit the imperfect execution of a 25-year-old framework for coding ASCII characters in email headers known as RFC-1342, and the peculiarity of how Windows, Android, iOS, and macOS handle content, Haddouche has demonstrated that he can surely trap email servers into interpreting the email headers in one way, while email client programs read them in a totally different way.

 The interwoven fixes 

Haddouche says he contacted the majority of the influenced firm’s months prior to caution them about the vulnerabilities he's found. Yahoo! Mail, Protonmail and Hushmail have effectively settled their bugs, while firms like Apple and Microsoft are as yet dealing with it. In any case, Mozilla and Opera both have informed him that they don't plan to settle their Mailspolit bugs as they appear of being simply server-side issues.

 Haddouche further added that email providers and firewalls can likewise be set to filter this attack regardless of whether email clients stay helpless against it. Beyond the particular bugs that Mailspolit features, Haddouche's research focuses on a more principal issue with email authentication, as security add-ons for email like DMARC were intended to stop spam, not focused on spoofing.

Nevertheless, Haddouche recommends the users to stay tuned for more security updates to email clients to fix the Mailsploit bugs. As meanwhile, it's always insightful to treat emails with caution.
no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
Google security researcher Ian Beer, who works for the Project Zero team, last week details about an iOS 11 exploit called "tfp0," which he believes could be the basis for a future jailbreak of all Apple devices running iOS 11.1.2 or below, though he only personally tested iPhone 7, iPhone 6s, and a sixth-generation iPod touch.

The revelation made on Twitter left the infosec community inflamed and curious.

On Monday (11 December), Beer Beer published details of an 'async_wake' exploit, the proof of concept and tweeted that he tested out the exploit on iPhone 7, iPhone 6s and iPod touch 6G, adding that "adding more support should be easy".

As detailed in Project Zero's bug repository, the issue Beer found relates to a memory flaw in IOSurface, a kernel extension.

It appears what Beer has released isn't a full jailbreak but enough to allow security researchers to bypass software restrictions imposed by Apple and test a newish version of iOS.

iOS 11.1.2 is no longer the current version of iOS as Apple released iOS 11.2 on December 2, but Apple is still signing iOS 11.1.2 at this time. Apple will likely stop signing the older update in the near future, and its end could come sooner now that further information on the tfp0 exploit has been released.

iOS exploits are rare and the iPhone is still considered to be one of the hardest consumer devices to hack and/or jailbreak. This makes Beer's exploit all the more valuable. In the past, researchers have been known to sell iOS exploits for significant amounts of cash. Companies such as Zerodium, that sell such exploits, has previously offered up to $1.5 million bounties to hackers who could find iOS zero-day vulnerabilities.

Jailbreaking iOS devices have dwindled in popularity in recent years, which has led two major Cydia repositories to close. Both ModMy and ZodTTD/MacCiti, which provided apps, themes, tweaks, and more for jailbroken iOS devices, shut down in November. For the time being, iOS 11 continues to be the only major version of iOS that has not been jailbroken.
no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
A Russian-speaking hacking group has managed to steal nearly $10m (£7.5m) from more than 20 companies in Russia, the UK, and the US in the past two years.

 According to a report by cybersecurity firm Group-IB, the group, MoneyTaker has primarily targeted card processing systems by removing overdraft limits on debit cards and took money from cash machines.

“This is a sophisticated group of hackers,” Dmitry Volkov, head of Group-IB, tells Newsweek. “MoneyTaker managed to gain access to isolated segments of critical banking systems using tools, tactics, and trace elimination techniques that enabled them to go unnoticed for a long period of time.”

The investigation was done by the  Group-IB with the help of both Europol and the Russian government.

The reports suggest that the documents could be used by the hackers to attack in future.

 “MoneyTaker continues to pose a threat,” Volkov says. “Given their propensity to change target-region after a series of successful attacks, and taking into consideration their interest in Latin American-focused systems, we predict this may be a future target for the group.”

The majority of the victims were small community banks based in the U.S, and the average cost of a successful attack was estimated to be $500,000.

"The success of replacement is due to the fact that at this stage the payment order has not yet been signed, which will occur after payment details are replaced," the researchers say. "In addition to hiding the tracks, the concealment module again substitutes the fraudulent payment details in a debt advice after the transaction back to the original ones."

"This means that the payment order is sent and accepted for execution with the fraudulent payment details, and the responses come as if the payment details were the initial ones," Group-IB added. "This gives cybercriminals extra time to mule funds before the theft is detected."

The researching group has handed over details of the attacks to law enforcement.

no image
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
A surging motivated political confabulation and speculations in the social networking sites simply suggest a trend of unabetted malicious advertisement these days. These are, beyond doubt, paid political advertisements which gather momentum in the most visited social networking sites on the planet. Take the example of Facebook where scores of swindlers are picking up the first buck targeting the polarized people in the USA.

Experts in this field also agree that the undeclared political ads are most watched among the people who can use it for both good and bad purposes. That’s the unscrupulous mechanism to entire the Facebook viewers. Provocation is another key here if one goes former President Barack Obama, Ivanka Trump, Sean Hannity, Kellyanne Conway et al.

Catchy headlines come next to lure the Facebook goers who discover a lot just at the click of the mouse where even a lesser known web portal has a striking resemblance to Fox News. The visitors who are keen to go with this must have credit card information for an access to payment which stands more or less $100 a month.

This is a tiny example of the political ads where Facebook lacks a mechanism to regulate these paid political elements in the form of a message which is no less misleading and malicious. Long before these are uploaded to the social networking sites, the users in the line up allow more such scams to take place. The sites, mostly, get registered within the 30 days ahead of the users who start sending political ads. The new websites are shady since the fraudsters don’t open the portals beforehand.

The picture is emerging as clear as broad daylight the more the days slated for the midterm polls are nearing. Cons start operating with new tools of information techniques.

Facebook officials are in the know that they need to stop these dubious advertisements. But it's not simple and easy to regulate the deceptive ads. Some of them have been struck off while some others in the pipeline. Experts here said malicious advertisement can’t be stopped overnight. This is applicable to other social networking sites apart from Facebook.
Hacker News UK Leading source of Info on Security, Hacking News, Network Security, Mobile Protection, Internet Security and more
The popular Android operating system powers more than two billion devices and cybercriminals have their fingers on the pulse, with an uptick in Android ransomware kits appearing in underground markets.

Also Sophos, a global leader in network and endpoint security, recently announced its SophosLabs 2018 Malware Forecast in which it stated that while ransomware predominately attacked Windows systems in the last six months, Android, Linux and MacOS platforms were not immune.

This report recaps ransomware and other cybersecurity trends based on data collected from Sophos customer computers worldwide from April 1 to October 3.
Android ransomware kits are selling at a premium and are expected to grow in volume and price, according to the report.

“Ransomware has become platform-agnostic. Ransomware mostly targets Windows computers, but this year, SophosLabs saw an increased amount of crypto-attacks on different devices and operating systems used by our customers worldwide,” said Dorka Palotay, SophosLabs security researcher and contributor to the ransomware analysis in the SophosLabs 2018 Malware Forecast.

More than 5,000 Android ransomware kit listings have been spotted so far this year, with the median price that is 20 times higher than the $10 median price of Windows ransomware kits, said Carbon Black’s Param Singh. And at the high-end, Carbon Black this year found 1,683 Android ransomware kits out of a total of 5,050 that cost anywhere from $250 to $850.

Earlier this year, for example, cybercriminals launched DoubleLocker ransomware for Android devices to not only lock up their data but also change their pin. One cybercriminal wanted $854 for the Locker Android ransomware kit, according to Carbon Black.

The report also tracks ransomware growth patterns, indicating that WannaCry, unleashed in May 2017, was the number one ransomware intercepted from customer computers, dethroning longtime ransomware leader Cerber, which first appeared in early 2016. WannaCry accounted for 45.3 percent of all ransomware tracked through SophosLabs with Cerber accounting for 44.2 percent.