Category Archives: Cyber-security

Cyber security is a very special area that experts describe as "dreadful". It concerns computers, smartphones, connected devices… all this little world sensitive to Internet security.

Signal VS Telegram: which of the two messages is more secure than the other

Among the many alternatives to WhatsApp, it has often been said that Signal is the most secure.

At least in the eyes of its direct competitor at Telegram.It is not uncommon for often specialized people to claim that the former is much more secure and protects its users' data better than the latter. This is clearly a good war. Because on closer inspection, we see that the two applications have not made the same choice in terms of their encryption.

This article will also interest you: Signal and Wire, two messaging apps recommended by Edward Snowden

Yet in practice, while Signal leads the most secure apps, Telegram remains ten times more downloaded according to figures provided by the Google PlayStore.

What we know, both applications use end-to-end encryption. A method of encryption that prevents any outsider from being able to know the exchanges. However, the process used by the two applications is not the same. In practice this encryption is inviolable under certain conditions. To decipher it, you would have to have the decryption keys, which is clearly impossible. This is to be put into perspective by the head of computer security at the Electronic Frontier Foundation, an association that advocates for privacy at the it level. According to the latter, end-to-end encryption is not that inviolable, at least when you are not trying to attack it directly. The backdoors do exist. The specialist states: the process "is not designed to protect your communications from end-of-chain attacks. It's like complaining that your butter knife isn't a good pasta strainer. That's not why it's designed."

By end-to-end attack, it is smartphone cell phone hacking, designed to see access to messaging applications such as Signal or Telegram to view the content of the discussions. Those against which end-to-end encryption cannot intervene.

According to Alex Stamos, former head of cybersecurity at Facebook, "many people underestimate the privacy benefits of pushing adversaries to move fr[c’est-à-dire ceux contre qui le chiffrement de bout en bout vise à protéger, NDLR]om a model where they can search for all content to a model where they have to specifically target people."

In other words, thanks to the famous encryption, it is possible to escape mass surveillance. This usually forces people interested in data to do much more targeting of their victims. Not having the ability to attack multiple targets at the same time.

The main question was at the base why the use of end-to-end encryption is different from Telegram to Signal. Here Telegram's offer is not by default which is contrary to that of Signal. "Signal is designed not to collect or store sensitive information. We, nor any third party, cannot access Signal's messages and calls because they are always encrypted end-to-end, protected and secure," says the foundation behind Signal. On the first, the user must himself decide to use this action through the "secret chat" feature. A feature that is available for video conferencing

"Cat secrets are for people who want more privacy than the average. […] Only you and the recipient can read these messages — no one else can decipher them, including Telegram. In addition, messages cannot be transferred from secret chats. And when you delete messages from your side of the conversation, the application on the other side of the secret chat is ordered to delete them as well, explains the app's FAQ.

Telegram's choice to offer encryption-protected communication as an option is due to the fact that the app offers a multitude of features. This restricts it to a way to offer a much safer version of the messaging tool. "If you think you need a separate app for this feature alone, install[de chiffrement de bout en bout]ing it might be useful for you," Pavel Durov, one of Telegram's founders, said. As if to say that the application does not intend to change its approach.

This aspect should be noted is also glimpsed by Signal, which tries both to modernize to make it much more fun sn service.

"The minori[…]ty who want to maximize security at the expense of usability is welcome to use secret chats on Telegram — or install one of the apps that have only secret chats and nothing more. But we're not going to cripple Telegram by throwing away dozens of its features for people tricked by the marketing tricks of our competitors. Or for people who are too lazy to start secret cats when they think they need them," says the co-founder of Telegram.

Now access an unlimited number of passwords:

Check out our hacking software

Top 7 online scams

The year 2020, like the year 2019, has been quite successful in terms of cybercrime.

Because of the coronavirus pandemic, and some of its corollaries, namely the general containment and the explosion of telework, the vectors of computer attacks have multiplied, in a context, oh the film version of the Internet has become much more than before. According to a report provided by the Belgian government's IT security agency, Safeonweb, nearly 3 million suspicious messages were observed on the internet last year. This is twice as many as the previous year when 1.7 million messages of the same type were observed. "And 2021 is not going to be much more exciting; scammers are on the lookout" warned Miguel De Bruycker, director of the Centre for Cybersecurity Belgium.

This article will also interest you: A scam victim on Facebook's Marketplace: more than 10,000 euros extorted

The Belgian authorities decided to devote their best to raising awareness and warning to Internet users. This is after Safer Internet Day, an event carried out on a European scale by the European Union Committee on 9 February 2021.

As a result, here are 7 scams to watch out for online

1- Phishing

Phishing is a fairly well-known technique in the cybercrime community. Almost all Internet users have already been Internet users already faced this situation. It is a fairly practical and simple method to implement. Especially in our anxious period such as the health crisis or confinement. "It's a fraudulent technique that tricks the Internet user into disclosing their personal data by posing as a trusted third party," says Yasmine Lamisse, a legal columnist. In other words, hackers send corrupted emails or text messages via traditional messaging services. Messages that are usually followed by a screwed-up link. When the user is not vigilant enough and you click on the link, he is driven to a platform managed by cyber criminals. They will take advantage of the situation to extract the necessary information from him.

2. "The Brouteurs": financial mules

The technique is simply to promise a large amount of money to an Internet user. In exchange, the scammer must allow the scammer to use his bank account. Turning the victim into a financial mule. Generally the last people practice using individual accounts to launder stolen money somewhere else. "We also talk about "grazers." The scammer will gain our sympathy and trust, often via dating sites or applications. A link will start to be created on the web and little by little, we get ripped off without really realizing it" warn Yasmine Lamisse.

3. Blackmail

In some situations, scammers tend to threaten Internet users by claiming to have videos of them in their possession. The goal is to extract money from you through this psychological pressure. Of course it's clearly blackmail. In exchange for not disclosing the videos they claim to have, they will demand payment of a sum of money.

"It can happen when scammers claim to have videos of us watching naughty movies. They're going to blackmail us and ask for money not to disclose these so-called videos" however, "actually, it's hard to hack a webcam. explains our legal columnist.

4. Dropshipping

Dropshipping is generally observed as a commercial practice instead of a scam. Because in a way, there is no clear and clear regulation in this area, so the practice seems legal. It is growing much more on the Internet. Especially through influencers and social networks. It consists of offering the sale of certain products that are not really in the possession of the people who make the sale. Indeed, it is the suppliers who have the goods to trade. The person behind the inflatable dropshipping in an unsuitable way prices in order to get a good commission. "For example, an influencer will promise us 50% on a watch if you buy it from a particular online store. And then we realize later that this shop is only an intermediary with the wholesaler and that it got a huge commission on our purchase. In the end, we paid for this 10x watch more," notes Yasmine.

5. Investment scams

A practice that has affected many Internet users either victim or already approached. The people behind these scams tend to motivate targets to participate in charitable ditches or invest in something likely to earn twice as much. The preferred targets of scammers in these types of conditions are usually the elderly.

"Seniors are often the prime targets of these types of scams. Here, we will contact you to tell you about fake charities, lotteries, or the famous investments where "you can win up to 200% profitability" explains the columnist. "In this kind of situation, you have to keep in mind the slogan of the SPF Economy: "If it's too good to be true, it's not," she continues.

6. Fake e-commerce sites

These are sites that typically use addresses similar to those of large e-commerce groups. The idea is to take advantage of the poor stewardship of Internet users in order to lead them to a platform where they can be scammed. "Some sites are simply fraudulent and will never send our order. They use almost identical addresses to well-known online stores. They usurp the names of famous brands and then disappear from the landscape and later reappear under another name," notes Yasmine Lamisse.

7. Pornbots:

These are malware, robots that use fake accounts and track Instagram profiles. Generally it prompts you to click on links that they post in commentary. "Pornbots are these robots or fake accounts that exist on Instagram. They follow us, they post weird messages below our publications and then they ask us to click on shady links," explains Yasmine Lamisse. "If we do, we risk being ripped off. They can ask us for our credit card number or email address and we risk problems. ».

Now access an unlimited number of passwords:

Check out our hacking software

SolarWinds strengthens its cybersecurity

In December 2020, major government organizations and private companies were the victims of a computer attack.

What they all have in common is that they all use management software provided by a Texan company: SolarWinds. This has been considered by specialists as the worst computer attack of the last 10 years. On the strength of this, SolarWinds seeks to restore its reputation. To do this, the American company is strengthening its cybersecurity. She then contacted KSG, a computer security company recently set up by two experts in the field. On the one hand, Chris Krebs, the former ceo of CISA, the public body responsible for ensuring computer security in the United States, and Alex Stamos, former head of information systems security at Facebook.

This article will also interest you: Focus on the SolarWinds attack

This penchant for strengthening the cybersecurity of the Texan company is explained by the fact that it is now in the crosshairs of the American authorities.

"We have engaged several leading cybersecurity experts to help us on this journey and I am committed to being transparent with our customers, government partners and the general public in the short and long term regarding our security enhancements to ensure that we maintain this most important to us – your trust," explains in a blog post. , Sudhakar Ramakrishna, the first head of SolarWinds.

The US company's spokesperson also said: "We have enlisted the expertise of Chris Krebs and Alex Stamos to assist us in this review and provide the best advice for moving into a leading secure software development company."

There is no doubting the competence of the company hired here by SolarWinds. The bosses are cybersecurity experts. But it is clear that the task will not be easy enough. Especially in the face of a computer attack whose impact so far could not be measured precisely. Assumptions still lean toward a computer attack backed by a nation-state. "We have already committed to helping to understand and recover from what appears to be one of the most serious foreign intrusion campaigns in history, and we will help others learn from this attack," Stamos posted on his Twitter account."This has been a years-long effort by one of the best and most sophisticated intelligence operations in the world. It was only a small part of a much larger and very sophisticated plan, so I would expect more companies to have been compromised, not to mention techniques that we haven't found yet I think[…] there's so much more to write about in this chapter of Russian cyber intelligence operations," Krebs adds.

So the dice are thrown. Hoping that this new partnership can once again enhance its image, the American company is trying to limit the damage. We will see the result in the next few months.

Now access an unlimited number of passwords:

Check out our hacking software

Ransomware as the main threat to businesses in 2020

The year 2020, like its predecessor, was marked by several events that shook the world.

However, last year was a champion in terms of disaster and problems of all kinds. The challenges were numerous in all sectors, particularly in the IT security sector, which has experienced quite a few difficulties. While this sector is illustrated in a certain way each year, it should not be overlooked that 2020 has seen a boost at this level. We are talking about the coronavirus pandemic that forced almost the entire world population to have a containment quite unprecedented in the history of mankind. This situation has fostered the development of what was known to be a scourge for organizations in terms of IT.

This article will also interest you: Protecting yourself from ransomware attacks

Indeed there is a similarity between 2020 and previous years. Computer attacks have continued to improve. However, in terms of frequency, the previous year demonstrated a strong activity of cybercrime. But one thing has not changed, the massive use of ransomware in the context of computer attacks against companies. And even beyond this use is experiencing a significant boost as we mentioned above. Florent Embarek, BlackBerry's Regional Sales Director – Southern and Eastern Europe, says: "For more than 10 years, the threat of ransomware attacks has been intensifying and this method has become extremely popular with hackers. More and more attacks are reported each year, and this trend is not about to subside. Even if you might think that ransomware is still the same, think again: they are becoming more sophisticated and the vectors or mechanisms used to infiltrate them are rapidly diversifying. ».

Who talks about computer attack in particular ransomware, can not ignore the ever-present phishing. One of the most common ways used by hackers to collect vital data in setting up much larger attacks. With the rise of telework due to the coronavirus pandemic, phishing has never been more widely used and easily applicable by cyber-warists. Not to mention that in today's environment, hackers are only targeting computers. Smartphones, real sources of personal data, are part of this set.

Going back to the ransomware, there is no IT security specialist or manager of this sector who has not been confronted directly or indirectly. In practical terms, companies have been the most targeted in the last 5 years. However in 2020 we were able to observe at an expansion the targets of hackers at this level. An expansion that has extended to health institutions. There are several examples of this situation very recently.

– The Albertville-Moûtiers Hospital Centre (CHAM) attacked on the 23rd by ransomware which made it impossible to access the entire medical infrastructure.

– Narbonne Hospital which was hit a few days earlier in December

– The European Medicines Agency (EMI).

In 2020, this kind of example abounds. Almost every month of the year, there have been a few computer attacks on a health organization.

"This year, hackers not only launched attacks on health care providers, but also blackmailed them by exfiltrate encrypted data. In fact, many actors around the world have had to pay large ransoms to recover the data of the stolen patients. This new trend is of particular concern, especially since health institutions are clearly not sufficiently prepared to deal with such sophisticated attacks. For their part, hackers are more experienced and now know how to recognize fragile targets, and unfortunately, health has been one of the sectors of choice in 2020. Florent Embarek.

In 2020 alone, more than 750 health organizations were directly affected by computer attacks. The financial cost of this criminal harassment has been estimated at US$4 billion.

Faced with the threat, the various actors organize themselves to find a parade to the problem that is growing. The deployment of security measures unfortunately takes time. And it is clear that cyber criminals will benefit. "Less obvious than the sophistication and targeting of new sectors, another trend remains notable in ransomware: hackers are convinced by their methods and aware that they are easily falling through the cracks. This is all the more visible as companies take an average of 6 months to realize that an attack has been carried out against them. Florent Embarek points out. "However, a more comprehensive and nuanced approach to IT risk management will be needed if institutions and businesses are to stay afloat and continue to provide quality services and products. Many security solution providers also offer monitoring and advisory services to help businesses and institutions more easily establish a culture of prevention-based cybersecurity. he concludes.

Now access an unlimited number of passwords:

Check out our hacking software

SolarWinds: Neglects and Consequences

The attack by Texan SolarWinds is a decade-long cyberattack.

However, since it was brought to the public's attention, this computer attack may have prevented it from several observations. Indeed, the company would have been alerted several times to vulnerabilities years before. It was even discovered that there had already been another computer attack that preceded the latter.

It can be remembered that negligence was observed on the side of the American company, a negligence that facilitated the computer attack of its Orion software.

This article will also interest you: 3 points to remember from the attack of SolarWinds

Analysis of the malware that infected the network surveillance software provided by SolarWinds showed that this malware is moving very quickly. This is clearly causing an increase in the number of victims affected by this wave of cyberattacks. Because every day we discover a new victim or a new facet of this computer attack. "The level of infection and the impact on U.S. government systems is of particular concern. As a reminder, a backdoor was discovered in the IT monitoring and management software SolarWinds Orion. explains Andy Patrizio, IDG

In addition, a group of hackers recently launched a website called SolarLeaks. According to the latter, via this platform, it will be possible for anyone interested to have access to data from the hacking initiated since the SolarWinds attack. Among the data that can be monetized under these conditions, the source code of Microsoft or Cisco. The price could vary in the area of around $600,000. Hackers also market the cybersecurity company's tools, FireEye, through their platforms, especially RedTeam's up to 50,000.

The data set that was collected during the SolarWinds computer attack and associated companies is sold for about $1 million. Yet some see it as a cyberfake.

Taking into account the aspect of hacking, many computer security specialists do not believe in this sale of data.

"Cisco is aware of the existence of this website and has no evidence at this time of intellectual property theft related to recent events. We are committed to transparency and if we find information that our customers need to know about, we will share it through our channels," said the US company, Cisco.

Why does this seem so unrealistic according to some experts? simply because for a million dollars, it is possible to access data in value well over hundreds of millions of dollars. Too good to be true then.

Research has shown that the domain name of the site supposed to facilitate the sale of data was registered on the NLLA registar, a platform used much more by Russian cyber criminals including Cozy Bear and Fancy Bear.

Following the deactivation of their ProntonMail contacts, cybercriminals give instructions to potential customers: "Our main email and backup addresses have been closed. We understand that you want more information, but we cannot give information for free. That would be an insult to our trusted buyers. However, we can provide examples of data (for all leaks and bonuses) as proof of ownership. As we consider only serious partners, here's how we'll handle requests: Send exactly 100 XMR to the address below, add a payment ID with your email address so we can contact you again. You must encode your email address as 32-byte data in the payment ID." Write it on their website.

Access to an extract of the data recovered during one of the biggest computer attacks of the decade will cost at least $16,000. Even if the authorities and the companies concerned put forward the theory of the scam.

"Although the site is still considered by many to be a scam, Microsoft has strangely begun to detect the encrypted archive allegedly containing their source code like HackTool: Win32/Solardump.A and HackTool: Win32 / Solardump.B," explains the media Bleeping Computer on this subject. "To complicate matters, a copy of The SolarLeak site was created with the same website content, but a different Monero address." Add the latter.

Now access an unlimited number of passwords:

Check out our hacking software