It's going to be much harder to view the full web in Russia before the year is out. President Putin has signed a law that, as of November 1st, bans technology which lets you access banned websites, including virtual private networks and proxies. Internet providers will have to block websites hosting these tools.
The measure is ostensibly meant to curb extremist content, but that's just pretext -- this is really about preventing Russians from seeing content that might be critical of Putin, not to mention communicating in secret. Accordingly, the President has signed another law requiring that chat apps identify users through their phone numbers after January 1st, 2018.Read more
Passwords belonging to British politicians, diplomats and senior police officers have been traded by Russian hackers, it has been reported.
Security credentials said to have belonged to tens of thousands of government officials, including 1,000 British MPs and parliamentary staff, 7,000 police employees and more than 1,000 Foreign Office staff were in the troves sold or swapped on Russian-speaking hacking sites. The majority of the passwords are said to have been compromised in a 2012 hacking raid on the business social network LinkedIn, in which millions of users' details were stolen.Read more
Hackers allied with the Russian government have devised a cyberweapon that has the potential to be the most disruptive yet against electric systems that Americans depend on for daily life.
The malware, which researchers have dubbed CrashOverride, is known to have disrupted only one energy system — in Ukraine in December. In that incident, the hackers briefly shut down one-fifth of the electric power generated in Kiev. But with modifications, it could be deployed against U.S. electric transmission and distribution systems to devastating effect, said Sergio Caltagirone, director of threat intelligence for Dragos.Read more
Russia’s growing aggression toward the United States has deepened concerns among U.S. officials that Russian spies might try to exploit one of the world’s most respected cybersecurity firms to snoop on Americans or sabotage key U.S. systems.
Products from the company, Kaspersky Lab, based in Moscow, are widely used in homes, businesses and government agencies throughout the United States, including the Bureau of Prisons. Kaspersky Lab’s products are stocked on the shelves of Target and Best Buy, which also sells laptops loaded by manufacturers with the firm’s anti-virus software.Read more
Oracle has discovered a cyber security breach in its Micros payments system that is used by hundreds of thousands of stores and hotels across the world. The software company has sent letters to Micros customers asking them to change their passwords and any passwords used by customer services representatives.
In the letter, Oracle said it had “addressed” the malicious code found in the payments system, and that all payment card data were encrypted. It is not known if a hacker was able to decrypt the card data or use it to steal money from consumers. The company said its corporate network and its “other cloud and service offerings” were not affected.Read more
It's the latest in a string of historical hacks targeting large social networking sites. Accounts for over 100 million users of popular social media site VK.com are being traded on the digital underground. The hacker known as Peace, meanwhile, listed the data for sale on a dark web marketplace.
VK, heavily inspired by Facebook, is particularly popular in Russia, and has all the same features one might expect, including messaging, profiles, photo galleries, like buttons, and more. Peace provided experts with a dataset containing records. The data contains first and last names, email address, phone numbers and passwords.Read more
An upgrade of ERA-GLONASS satellite system will ensure better control over the situation on the Russian roads. Russian police will start installing this system on all new cars across Russia, Belarus, Armenia, Kazakhstan and Kyrgyzstan from 2017.
ERA-GLONASS system fulfils its main function of sending out a radio signal with the exact coordinates of any traffic accident and maintaining stable radio communication between passengers and the dispatcher. The police will also remotely control any vehicle equipped with an on-board ERA-GLONASS system and turn off car engine via satellite or mobile phone and monitor the vehicle’s movements.Read more
The group responsible for the Phishing attacks in Russia earlier this week started by targeting banking clients, before looking towards the bigger prize by going after the banks themselves. Since August of 2015, the group has conducted 13 successful attacks resulting in losses of more than $27.4M. The group is called Buhtrap.
Earlier this morning, Salted Hash examined their most recent attack, where they targeted Russian banks by pretending to be FinCERT – the security arm of the Russian Central Bank. How to respond to ransomware threats? Russian security firm Group-IB examines the history Buhtrap and the group's successful run on the banking industry in Russia.Read more
Russian authorities in November raided offices associated with a Moscow film distribution and production company as part of a crackdown on one of the world’s most notorious financial hacking operations, according to three sources with knowledge of the matter.
Cybersecurity experts said a password-stealing software program known as Dyre — believed to be responsible for at least tens of millions of dollars in losses at financial institutions including Bank of America Corp and JPMorgan Chase & Co — has not been deployed since the time of the raid. Experts familiar with the situation said the case represents Russia’s biggest effort to date to crack down on cyber-crime.Read more
Experts have discovered Asacub, a banking trojan which started actively attacking Android users in January. Our experts managed to track its evolution step-by-step. A banking trojan is a type of malware which is installed a mobile device and employs certain techniques to steal money from the user’s credit cards.
Recent versions of Asacub does it by luring a user into submitting credit card credentials via phishing screens. Obviously, this data is not going to a legitimate bank. At first, researchers suggested the banking trojan was targeting Russia and Ukraine exclusively, due to the fact that the phishing resembled the login screens of some Russian and Ukrainian banks.Read more