Over the past few years, cybercrime has been increasing in India. Recently, there has been a surge in cyber security scams which happen online in India. These online scams often involve scammers trying to contact you with the purpose of stealing your information.

These scammers sometimes mention that they are from a recognized bank. Sometimes they also mention that they are from KBC, the popular reality television show in India where commoners have the humongous opportunity to win crores of Indian rupees.

Common online scams in India also include identity theft, credit card theft as well as phishing. These are super dangerous and one must protect oneself from the same. Be mindful of your online and offline actions before you do anything. India must fight back against these online scams and scammers as a country.

Further, one must be careful that they do not become a victim of cyberbullying as well as hacking. Here’s how you can protect yourselves.

How can Indians protect themselves from cyberhacking and bullying? How can they protect themselves from being scammed online? Let’s find out.

Recently, an Indian cyber security expert Neh Patel gave an exclusive statement to The Tech Outlook. In his quote, he mentioned a couple of important things which must be borne in mind to protect Indians from cyber hacking as well as bullying.

So, it is important to stay safe on the Internet. It is also important to protect your personal information as well as all types of online accounts. There are certainly effective ways to exercise personal security online. One such way is to create and use strong as well as unique passwords for each one of your online accounts. Please bear in mind that you should also change these regularly to safeguard your online accounts. Do not use a single password for all of your online accounts. It poses a higher risk than you think it does.

Further, you must not share OTPs also known as One Time Password received with anyone. Also do not share any password reset links received.

You must know that all of these are a part of your online identity. These are used to verify identity online as well as grant access to your account.

Please make sure to keep all of these codes and links private. Even if you think it is a legitimate source approaching you, make sure that you do not share this information with them.

These simple and effective practices are the best way to stay safe online for Indian users.

Always bear in mind that the Internet is a web of networks many of which might be dangerous for your safety. So, make sure to keep a tab on your online activities and not fall into the trap of online scams. Also be mindful when you make friends online, network, or just connect with people on any social media platforms.

India will progress further in the cyber security space with the contribution of its citizens who must keep themselves safe at all times when they are online. Let’s pledge to make India secure in cyberspace with the utmost personal efforts and more.

Also, make sure to be on the lookout for more such relevant updates in this space. Stay connected with us for more such tech-related news as well as the latest updates in the world of technology as well as innovation. We ensure to bring you unbiased, accurate as well as factual news. Until then, stay tuned and continue reading our work online.

The post [Exclusive] How can Indians protect themselves from cyber hacking and bullying? appeared first on The Tech Outlook.

Having a car that can be operated remotely is probably a premium feature in many popular cars. But what if someone else could operate your vehicle easily from anywhere?

A group of cyber security researchers recently found an issue in the vehicle telematics service of most cars which can allow anyone to remotely control your car’s horn, locks, headlights, boot, and engine. Here’s what they found out.

The Cyber Security Issue Affecting Cars from Hyundai and Genesis

Sam Curry, a Cyber Security Researcher along with his team were able to find out that cars from Hyundai and Genesis have an issue with their vehicles’ telematics service which allowed them to execute all kinds of functions on their car remotely.

The mobile app of both the Hyundai and Genesis allowed the authenticated users to perform functions like start, stop, lock and unlock their vehicles. The first thing the researchers did was to evaluate the app using the Burp Suite application security software.

On further research, the team was able to find out that the app server didn’t require its users to confirm their email addresses. By adding a CRLF character at the end of the email address, they were able to bypass the app server.

By sending an HTTP request they were also able to get a list of vehicles connected to the account. It returned the vehicle identification number (VIN) which allowed them access to perform actions on the vehicle.

With their tampered JSON Web Token(JWT), the researchers were able to take full control over the accounts and vehicles of all the remotely operated Hyundai and Genesis vehicles.

Compiling all the necessary requests to perform the action, the researchers also made a python script that only required the email address to perform the action.

The team informed Hyundai about the issue in their vehicles’ telematics service and was able to work with them to fix the issue.

More Car Hacking on Cars from Honda, Nissan, Infiniti, and Acura

The team of researchers was also able to remotely operate vehicles from Honda, Nissan, Infiniti, and Acura with just their VIN.

On researching the team found out that SiriusXM offered telematic services to a number of car brands which included Acura, BMW, Honda, Hyundai, Infiniti, Jaguar, Land Rover, Lexus, Nissan, Subaru, and Toyota.

The first step the team took was to search for all the domains owned by SiriusXM and was able to find a domain called telematics.net which handled the service for enrolling vehicles to SiriusXM’s remote management functionality.

There were a lot of references to the NissanConnect app and the team started working on it.

By altering the vehicle identification number (VIN) as the customer ID they were able to collect information which included the owner’s name, phone number, address, and all the other necessary car details. This allowed them to easily execute commands on the car.

With just the vehicle identification number (VIN) on the windshield of the car, a person can access the car’s remote features and perform various operations.

The team also performed the same operations on Honda, Infiniti, and Acura vehicles and were able to access its remote features.

The team informed SiriusXM about the issue and was able to fix it immediately.

Sources 1 and 2

The post Security Issue in the Vehicle Telematics Service Allows Anyone to Remotely Operate Cars: Finding by a Team of Cyber Security Researchers appeared first on The Tech Outlook.

iPhone brand Apple, just released one of its security updates that rectifies the zero day vulnerability for the eight time, in iOS and Macs. The zero-day vulnerability has become a frequent reason for why the iPhones and Macs are often being encountered by the attackers. The flaw (CVE-2022-32917) lets maliciously crafted applications execute arbitrary code with kernel privileges. Thus, the chances of the software of users getting trapped turns really high.

Readers who are not aware of the zero-day concept may understand it this way- “zero day vulnerability” refers to the latest identified security flaws that hackers can use to attack systems. As the seller or developer only recently discovered the fault, it is implied that they have “zero days” to repair it. This is referred to as a “zero-day” flaw. Some time back, it was reported that an anonymous researcher did figure out the similar flaw in iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6, and macOS Big Sur 11.7 and even managed to fix the bug with improved bounds checks.

Although Apple has offered no say on the attacks we just discussed above. Because many of the bugs are easily resolved after multiple checks and security updates, Apple appreciates users to opt for patching their devices, before other attackers begin trouble in their system.  Apple is not ready to answer to any of the claims unless it itself debugs by the patching of devices.Apple has yet to provide any information about these attacks.

The post Apple rectifies the zero day vulnerability safeguarding the system from hackers appeared first on The Tech Outlook.

The protection of computer systems and networks from information disclosure, theft, or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they offer, is known as computer security, cybersecurity, or information technology security.

Nowadays, as the amount of work done on computers has increased so has the risk of being hacked. Several Cyber Security firms are out there to provide assistance to companies who outsource their work to them

Below is the meme that summarizes the operations of a Multibillion-dollar cyber security firm

Stay aware of your weak points pic.twitter.com/cQ4gPj4PA7

— 0xbeefed (@0xbeefed) September 8, 2022

In the video shared by 0xbeefed, a girl is seen representing a cyber security firm that fights all kinds of malicious attacks on a certain company. But all it takes is an employee clicking on a phishing link that destroys the whole operation.

Phishing is a form of social engineering in which an attacker delivers a false message intended to dupe a person into giving up personal information to the attacker or to install harmful software, such as ransomware, on the victim’s infrastructure.

The post Here is a meme that summarizes the operations of a Multibillion dollar cyber security firm appeared first on The Tech Outlook.

Exploit brokers and mercenary spyware providers have recently been under scrutiny, owing to revelations about the use of Israeli business NSO Group’s notorious Pegasus solution.

Intellexa, a business created by Israeli entrepreneur Tal Dilian, is one of NSO’s relatively new competitors. According to the company’s website, it provides technologies that enable law enforcement and intelligence organizations to ‘help secure communities.’ The company claims to be established in the EU and regulated, with six European facilities and R&D labs.

On Wednesday, Vx-underground, which sells malware source code and other cybersecurity tools, tweeted some screenshots of multiple documents that appeared to represent a commercial proposition from Intellexa.

The proprietary and confidential docs outline services for remote data extraction from Android and iOS devices. The solution is specifically for remote, one-click browser-based exploits that let users inject a payload into Android or iOS mobile devices. According to the brief explanation, the victim must click on a link for the exploit to be deployed.

The deal includes ten simultaneous infections for iOS and Android devices, as well as a “magazine of 100 successful infections.” The released documents also include a short list of Android devices that would allegedly be vulnerable to an assault.

According to the docs, the exploits should operate on iOS 15.4.1 and the most recent Android 12 release. Apple released iOS 15.4.1 in March, implying that the offer is relatively new. Since then, three security patches for the mobile operating system have been released. This means that while Apple may have patched one or more of the zero-day vulnerabilities used by the Intellexa iOS attack, the exploits given by these types of organizations may remain unpatched for an extended period of time.

While some have referred to the $8 million as the cost of an iOS exploit, the user would actually receive far more for the money. The deal is for a whole platform that includes data analysis capabilities and a 12-month warranty.

The documents are not dated, but the screenshots were posted on the Russian-language hacker site XSS on July 14, according to vx-underground.

While there is a wealth of technical knowledge available on the exploits provided by spyware businesses, little is known about the fees they charge consumers. According to the New York Times, the NSO Group charged customers $500,000 to install its software and $650,000 to infiltrate 10 devices in 2016. According to the Economic Times of India, a Pegasus license costs approximately $7-8 million each year.

It’s also been reported that exploit brokers are willing to pay up to $2 million for full-chain Android and iOS exploits that don’t require any user input.

Intellexa was highlighted in a Citizen Lab investigation last year about Cytrox’s Predator iPhone malware being used to target a Greek legislator. Citizen Lab defined Cytrox as a member of the Intellexa Alliance, which is “a marketing term for a range of mercenary surveillance companies that emerged in 2019.”

The post A spyware firm is offering iOS and Android hacking services for $8 million according to leaked documents appeared first on The Tech Outlook.

By hacking into your personal gadgets, hackers can acquire access to personal information and even financial accounts, such as your bank account sign-in details and the like. Many people decide to update their office with a new computer at the beginning of September in preparation for the new school year. At this early stage, hackers will be looking for a means to get in and obtain access to whatever they can.

This is why cyber security is more crucial than ever. ESET, a virus prevention, and internet security software business, have produced a list of their top ten recommendations for protecting your computer from such attacks.

Malicious parties will attempt to steal your data as soon as you connect your computer to the internet. They can encrypt your computer and hold the data for ransom, steal bank information, and use your machine to generate cryptocurrency, among other things. They accomplish this through tried and true methods, the majority of which rely on hacking, stealing or guessing passwords, or exploiting flaws in your computer software.

Some of the biggest threats include:

Phishing 

To persuade consumers to click on links or open email attachments, cybercriminals mimic reputable and trustworthy institutions such as banks, technological service providers, shops, and others. However, clicking on the link or downloading the file will take the user to a fake website where they will be asked to enter personal information such as login credentials, an address, or even bank information. They can also launch a covert download of malicious software.

Malicious downloads and advertisements

Entering an infectious website or one that contains a malicious advertisement can sometimes result in a destructive download. You might believe that well-known websites have a reduced risk of posing such a threat because they have more resources and can invest more in security.

However, there have been numerous incidents in recent years that defy this premise. As a result, it is critical to invest in reputable security software and ensure that your browser settings are properly set up.

Digital data theft

Hackers can infect e-commerce websites’ payment pages with vulnerabilities meant to steal credit card information as soon as it is entered into the website. It is extremely difficult to fight against this type of attack because the provider is the source of the problem. Purchasing from more reliable websites is an excellent approach to drastically lessen this danger.

Top 10 tips to keep your computer safe

Many of the processes below are already performed automatically by your computer manufacturer or by the operating system, but you should still investigate them to ensure that all of the settings are safe for your purposes.

1. System updates

Set your operating system and installed software to receive automatic updates. This is to keep the security patches that come with system upgrades up to date, as well as to improve the stability of your software. It can also eliminate any older features that may constitute a security risk in the future.

2. Remove junk software

Find and remove any unwanted software from your computer. A lot of this is normally included when you buy a computer from a store. Before deleting such programs, ensure that they will not negatively impact the operation of your computer. The less software on the computer, the less opportunity for attackers to exploit weaknesses.

3. Get yourself secured

Install multi-layered protection software from a reputable third-party vendor and keep it up to date. This ensures that your security system is prepared for any new advancements hackers may make in their methods of discovering and exploiting computer vulnerabilities.

4. Back up

Create backups of all of your files. It’s especially vital to keep an extra copy on an external disc that isn’t connected to your network and can’t be accessed virtually.

5. Browse safely

Adjust the privacy and security settings on your favorite browser to secure it. Keep it up to date with the most recent version.

6. Firewall

Configure a firewall in your OS system and your home router. It should be secured with a strong password that only you know.

7. Verification security

Download a multi-step authentication tool to keep your accounts safe from phishing and other similar assaults. Authentication programs produce security codes for signing into websites that require a high level of security, adding another layer of protection between the hostile party attempting to access your personal information and their ultimate purpose.

8. Unplug

Avoid utilizing unauthorized USB devices. They could have malware on them.

9. Keep it special

Use a password manager to ensure that your passwords are unique, strong, and difficult to guess.

10. Stay vigilant

Only download files and apps from reputable sources. When possible, avoid unlicensed downloads because they are frequently contaminated with viruses.

The post Top 10 key steps to protect your computer from hacking appeared first on The Tech Outlook.

To keep up with the continuously evolving threats and tactics utilized by cybercriminals, municipalities must adopt a proactive rather than a reactive strategy for cybersecurity. Municipal governments may incur unusually large costs as a result of cyberattacks. Local governments usually experience financial difficulties, are less equipped for an assault, and lack skilled people.

Data suggests that municipal governments are susceptible to cyberattacks because they lack the necessary resources, expertise, and equipment. The fact that the majority of municipal governments cannot afford to hire a full-time cybersecurity employee exposes their data security to risk.

Local governments lack the knowledge and experience required to recognize cyberattacks and prevent data breaches. This may be in part because government agencies do not recognize the significance of cybersecurity. According to Kaspersky, a malware attack affected more than 20% of all internet users in 2019, a 14% increase from 2018. The number of computer attacks is increasing.

If you look at the long term, state and local governments offer a wealth of information regarding citizen behavior. It is understandable why online criminals could want to use the data collection for identity theft and other related crimes. As computer systems and networks become more interconnected, local governments are more susceptible to increasingly sophisticated attacks that exploit software and system flaws.
Anyone could be the target of a cyberattack. Even with a committed staff, the amount of time it takes to respond to a data breach can be expensive for the city’s taxpayers, jeopardize citizens’ privacy, and reduce public trust. The most ever government breaches were disclosed in 2019. Due to their limited resources for updating their networks and security systems, local governments frequently build organizational measures to guard against the growing risk of a cyberattack without the assistance of a professional IT team.

Insufficient security measures make it simple for hackers to get access to municipal systems, take over computer servers, and shut off public services like traffic lights and water quality. Since staff workers lack the skills essential to handle an attack or protect their data, there are often no policies in place and no defensive mechanism.

Since these systems are typically not synchronized across departments or regions, managing them is more difficult.

The post Why cyberattacks are increasing and the government cannot do anything? appeared first on The Tech Outlook.

An anonymous source leaked 4TB of proprietary data from Cellebrite an Israeli digital intelligence company. Cellebrite provides cybersecurity tools for federal, state, and local law enforcement as well as for companies and enterprises. The company provides services to collect, review, analyze, and manage digital data.

Cellebrite Universal Forensic Extraction Device, a product of Cellebrite used by law enforcement agencies shares its code with Cellebrite Mobilogy. The anonymous source has leaked data of both Cellebrite Mobilogy and the Cellebrite Team Foundation Server. Around 3.6 TB of data has been compromised and leaked from Cellebrite Mobilogy which is mainly used for device diagnostics, content transfer, backup, and restoration. The data is being made available to journalists and researchers.

Another cyber attack targeted Cellebrite Team Foundation Server’s backup files leaking 430 GB of data. Team Foundation Server provides a collaborative environment and it has been replaced by Azure DevOps Server used to share code, track work, and ship software that uses integrated software delivery tools hosted on the platform. This data has also been made available to journalists and researchers only.

However, the anonymous source hasn’t been recognized yet and any other hacker group didn’t claim responsibility for the recent cyber attack on Cellebrite. The methods of hacking haven’t been revealed either. Although Cellebrite has been the target of several cyber attacks since 2017. In January 2017 anonymous hacker allegedly leaked 900 GB of stolen data from Cellebrite and the data contained information regarding the political situations of various countries. According to an FBI investigation in February 2017, a hacker released a large amount of cache of Cellebrite’s most sensitive data, and that involved Cellebrite hacking into older iPhones, Androids, and Blackberry smartphones. Even Callebrite has been termed as a ‘hacking firm’ previously claiming to use phone hacking technology similar to NSO Group.

Although the recent hacking event of Cellebrite has been posted by a Twitter account named Soufiane Tahiri.

4TB of proprietary data from 🇮🇱 @Cellebrite (Cellebrite Mobilogy & Cellebrite TFS backup) leaked by anonymous source.

Notably, Cellebrite Mobilogy shares code with Cellebrite Universal Forensics Extraction Device or Cellebrite UFED, used by law enforcement agencies. pic.twitter.com/jclPzo9YLd

— Soufiane Tahiri (@S0ufi4n3) August 4, 2022

The post An anonymous source leaked 4TB of data from Israeli intelligence company Cellebrite appeared first on The Tech Outlook.

Cybersecurity firm Malwarebytes Threat Intelligence warned about a malvertising campaign that exploits Google Ad to redirect potential victims into a Windows Support Scam site where Windows Support Alert is used to get the victim’s telephone number. The attackers are observed to display fake alerts from Windows Defender to request potential victims to contact Microsoft Support agents.

According to Malwarebytes the threat actor speculates the victim’s browsing behavior of searching any website and that is by using the website’s name rather than its URL on the address bar. The threat actor then displayed ad contents resembling the victim’s searched contents. However, when the victim clicks on the ad it redirects to a malicious website. The threat actors have managed to avoid web crawlers, bots, and VPN users and quickly gain access to the victim’s IP address. The threat actor has been observed to show legitimate content to Google while displaying different content to potential victims in this way they evade detection. The threat actor first confirms that the potential victim is actually a human and not a Google bot only then do they redirect them to the tech support scam page.

The threat actor is observed to perform two redirect operations, first is called a cloaking domain where the threat actor inspects whether to redirect to a legitimate web page or to the scam page. Only after confirming the victim’s status do they redirect to the malicious tech support scam page. Threat actors use the iframe which occupies 100% width and height of the page and displays the security alert from Windows Defender and it hides the suspicious URLs so that the victims only see .com domains. The victim is then connected to overseas tech support centers where the scammer requests the victim to download remote access tools like TeamViewer so that they can access the victims’ devices.

In view of this Microsoft Support scam recently Microsoft issued a statement to aware users of the recent advent of tech support scams. They said, “Tech support scams are an industry-wide issue where scammers use scare tactics to trick you into necessary technical support services to supposedly fix device or software problems that don’t exist. At best, the scammers are trying to get you to pay them to “fix” a nonexistent problem with your device or software. At worst, they’re trying to steal your personal or financial information; and if you allow them to remote into your computer to perform this “fix,” they will often install malware, ransomware, or other unwanted programs that can steal your information or damage your data or device.” Microsoft has also provided detailed instructions on how tech support scams work and how to protect against them. The tech giant has clearly mentioned, “Microsoft does not send unsolicited email messages or make unsolicited phone calls to request personal or financial information, or to provide technical support to fix your computer. If you didn’t ask us to, we won’t call you to offer support.” They have also instructed the users to run a Windows Update to be secured.

#Malvertising campaign with tech support scams targeting 🇯🇵

Redirect: track[.]goredrect[.]com pic.twitter.com/Y4ipFAhVjS

— Malwarebytes Threat Intelligence (@MBThreatIntel) August 1, 2022

The post Tech Support Scammers now use cloaking method to attack victims appeared first on The Tech Outlook.

The Association of German Chambers of Industry and Commerce (DIHK) is a German guild that has been forcefully shutting down its IT systems and digital services like telephones, and email servers because of a cyberattack. DIHK represents 79 chambers under German law and provides political influence to trade unions. DIHK comprises over three million members involved in the business from small shops to big enterprises. So, the organization deals with several legal representatives, economic development, consultation, foreign trade, training services, and providing general support to its members.

According to the German tech news portal Heise.de the attack is investigated to be a ransomware attack with no regional focus. It has been observed to attack individual divisions in North Rhine-Westphalia, Lower Saxony, Bavaria, and Mecklenburg-Western Pomerania. The  Köln’s Chamber of Industry confirmed the attack and immediately limited access to the phone lines and its websites went offline to reduce the malware spread.

However, following the attack DIHK site shut its sites down as a precautionary measure to hinder the ransomware-led malware to infect other devices until its IT team develops a solution. The General Manager of DIHK Michael Bergman informed the public via a Linkedin post that they are taking all precautionary measures to find a solution to this “severe” cyberattack, however, they are unable to predict how long will it take for its website to resume activities again.

The post German Chambers of Industry and Commerce shut down all its websites after a ‘severe’ cyberattack appeared first on The Tech Outlook.