Category Archives: Cyber-security

Cyber security is a very special area that experts describe as "dreadful". It concerns computers, smartphones, connected devices… all this little world sensitive to Internet security.

A security flaw that allows users to spy on email services

Facebook Messenger, Signal, Google Duo, Mocha or JioChat… are a set of messaging services that are affected by security vulnerabilities deemed critical by Google experts.

The Google experts we are referring to here are those of the famous Project zero, the specialists in the search for flaws and bugs of the American giant that have proven themselves several times.

Let's talk about a researcher from the group, writes Natalie Silvanovich. She recently discovered in a study of several exchange platforms that vulnerabilities that can be considered quite serious affect some pretty famous couriers. "I found bugs that can transmit audio and video without the user's consent on five mobile apps, including Signal, Google Duo and Facebook Messenger," she posted on Twitter.

This article will also interest you: How to hack a Facebook account?

According to the Google researcher, these vulnerabilities have their roots in another security flaw discovered since 2019, the FaceTime Video bug. A flaw that allowed a hacker to spy on iPhone users without their knowledge. Not to mention that he also had the opportunity to be added during a group conversation through the menu of options. In other words a rather serious vulnerability.

"I found logic bugs that allow audio or video to be transmitted without user consent in five mobile applications including Signal, Duo and Facebook Messenger," she posted on her Twitter account on January 19, 2021. In French it gives: "I found logic bugs that allow to transmit audio or video without the consent of the user in five mobile applications including Signal, Duo and Facebook Messenger."

So the issue here was whether the FaceTime Video security flaw had spread to other devices. In asking this question, the Project Zero researcher then set out to conduct a much more in-depth search on the various messaging applications are Signal, Mocha, JioChat, Facebook Messenger and Google Duo. She discovered some very interesting vulnerabilities.

– Facebook Messenger: On this app, the hacker had the ability not only to connect to the app, but also to simultaneously launch a call while sending a corrupted message. The latter could also receive audio via the app.

– Signal: Thanks to the vulnerability on this application, it is impossible for the cybercriminal to be able to hear everything that was going on in the message recipient environment.

– Google Duo: "A competitive situation between disabling the video and setting up the connection, which in some situations can lead to the leak of video packages after several unanswered calls" as Natalie Silvanovich explains

The researcher also explains that these security vulnerabilities have already been fixed. Users are encouraged to apply the correction update.

Now access an unlimited number of passwords:

Check out our hacking software

International cooperation on IT security

In 2020, the association of large companies for IT, THE CIGREF (the Computer Club of large French companies), had made a request to the states to set up and effective means of combating cybercrime which was experiencing a significant boom.

The idea then matured and gave to international cooperation. Yet the goal is far from being achieved.

Speaking of the door and international cooperation, let us recall that yesterday, European police cooperation announced a disruption of the network of zombies under Emotet. If the European authorities wanted to be cautious in their approach to the issue, this situation can be seen as the beginning of a deep dismantling of the malware. A situation whose consequences on is immediately noticeable in several areas of computing. Especially against ransomware attacks.

This article will also interest you: The impact of computer security

In the aftermath, the U.S. Federal Police announced that they had been able to stop the operation of the NetWalker site. A website used by ransomware operators to disclose the data of their victims who refused to pay the ransoms demanded. To top it all off, the hacker behind the Egregor malware was cut off from any means of communication with all the organizations they had touched during the year 2020.

We can then see the scope of the message issued by the Computer Club of the big companies of France.Although from the beginning by the voice of Henri Agrain, the general delegate of the club, the latter has never ceased to denounce "the inadequacy of the responses of the international community".

In a sense, with some countries especially those of Eastern and Southern Europe, international cooperation on the judicial level and make my difficult. This was even raised by the first head of the national information systems security agency, Guillaume Poupard. In his speech at the opening of the 2020 Panocrim of the Club of Computer Security Specialists, the Clusif, they made it clear that "it is difficult to stop cyber criminals if they do not have the good taste to come and spend their holidays in Europe".

However, with the fall of these greats that are NetWalker and Emotet, this shows that international cooperation is indeed working. Even if it takes time, the result is clearly visible. Even if in the case of NetWalker, it should be recognized that things have accelerated. Taking into account the fact that the operators behind this malware only started operating a year ago, precisely in April 2020. At this time, neither the Cigref nor its delegate have reacted to this situation, which is supposed to please him.

Yet a month ago, on the anniversary of the association's 50th anniversary, President Bernard Duverneuil sent a letter to Jean Castex: "It is also up to the state to guarantee security. Businesses need an agency like Anssi that does a great job, a strengthened legal framework and a police force with appropriate means against this global delinquency, or even a mobilized diplomacy." These words provoked a strong reaction from Guillaume Poupard, the boss of ANSSI: "Protect yourself; Help yourself that's the priority." All raising the lessons and benefits to be drawn from successful attacks: "the actors who have been attacked, reacted and who are tightening the protection of their systems are permanently much less attacked than others." The latter did not fail to reiterate the message at the opening of panocrim: "There will be no cyber shield over France, neither around Europe nor around NATO. Everyone has to protect themselves, everyone has to be a piece of cyber protection."

For its part, the Computer Club of large French companies wanted to highlight a point: "fully committed to participate, at its level, in the necessary effort and to present its proposals to strengthen the digital security of the national community and its economy, in an obviously European context." The president of the Cigref in his letter to Jean Castex friends forward the forward cost as major drawbacks of IT security: "increasing human, technical and financial resources are being committed by companies to ensure the security of their digital systems, to the detriment of their capacity for innovation and competitiveness."

Now access an unlimited number of passwords:

Check out our hacking software

3 things to remember from solarWinds' attack

Recently, Netskope published an analysis of the situation that prevailed after the hacking of the Texan company, SolarWinds.

A computer attack that in some way has permanently impacted several hundred companies around the world. The more days pass, the more we learn from this cyberattack whose effects continue to endure. Little is known about the extent of this cyberattack, which is considered to be the hacking of the decade. From this hacking, the American computer security company tells us a lot about this.

This article will also interest you: Cyberattack against SolarWinds

"Beyond just trying to find those responsible for this hacking, we prefer to go ahead and look at different ways of managing risk, but also to question how to cut short the hype, chatter and speculation. "The U.S. company says. The objective of this analysis is to enable a better understanding of the computer threat as well as to provide useful advice that will have to be applied on a daily basis to ensure that such tragedies do not happen again.

Here are three lessons to be learned from the SolarWinds attack.

1- Cybersecurity professionals are much more supportive and empathetic.

The situation has shown that cybersecurity professionals support each other much more than we think. And this is understandable when we know that no one really wants to be in such conditions.

"Security professionals, CISO and others, tend to support each other. No one wants to find themselves in the situation where the professionals of FireEye, SolarWinds or anyone else involved found themselves. And with a few exceptions – the barely disguised marketing operation is obvious! – the opinions of security solution providers and influential people have not accumulated, expressing their solidarity instead and wanting to see how we, as a community, can do better from what we have learned from chaos. notes the IT security solutions provider. "The last few years have been a period of division, all over the world. We talk about unity, we talk about wanting to do better in terms of cooperation between the public and private sectors in terms of security, we talk about sharing intelligence on threats, we are talking about being good citizens… we're talking. If there is one bright spot in what happened with SolarWinds, it may have inspired us to really collaborate on the things that need to be done, not just to form more threat information-sharing committees or to advance a technology agenda. SolarWinds is a wake-up call that shows us that we are not yet "arrived" at the level of security controls, but that we have the right people who are committed to getting the right results. he adds.

2- A better understanding of the concepts of "visibility" and "control."

For a very long time these two concepts have been misunderstood. They have even been used in rather misleading contexts just in the name of purely marketing purposes. Yet reality has caught up with us. We really need to understand how computer networks work. How data is collected and processed and how people who need to access it do so. All this in an environment that is controlled by the main players. According to a recent definition of the supply chain, it would be understood as a whole "based on one-off, unreassuring questionnaires and site visits, or the legal jargon of the MSA," explains Equifax's head of training systems security ,"it just doesn't work".

We will simply remember that it is impossible to have a better visibility on the functioning of our computer networks, by ricochet better control, if the players if the players do not fully invest in it.

3- Restoring better risk management for a major advance in cybersecurity.

In practical ways, things change. The way computer interconnections are used is changing quite exceptionally. Especially with the growing adoption of cloud computing. As a result, the approach to cybersecurity must be new.

Now access an unlimited number of passwords:

Check out our hacking software

Should we fear possible signal drifts

For some time now, the Signal messaging app, long touted by whistleblower Edward Snowden, is attracting more and more new users.

This situation is the result of a misapplying WhatsApp users in the face of the new terms and conditions of use proposed by its parent company Facebook. This has led to a wave of migration to other alternatives, in this case Signal. While waiting for Facebook to fully explain its new privacy policy that scares its users, which suits Signal and other messaging applications, the number of followers of the latter continues to rise. And this continues and will certainly continue when we know that the communication tool is validated by some pretty prominent people in their field namely Snowden and Elon Musk.

Yet this success worries. Not just anyone, he is worried especially the employees of the platform, who during an interview expressed their fear to the media the Verge.

This article will also interest you: The signal messaging app criticized for a new feature that is not unanimous

According to interviewees on the issue, the concern lies in the possible drifts that may arise from bad behaviour or bad long-term objectives.

From a much more organizational point of view, it should be noted that the messaging app is run by a foundation known as signal Foundation. The Foundation operates on the entire low of nearly $50 million made by the former co-founder of the famous WhatsApp app, and some including from users. Yet the application is still not self-sufficient. For this, it needs to retain nearly 100 million active users. Forecasts have shown that this level, it would be possible to cover the costs of managing the platform, especially at the development level, thanks to the donations that this could generate. This completely differentiates the business model of the latter from Facebook, which monetizes the data of its users. This honestly becomes an imperative that the application be downloaded by the largest in the world.

The fact that Signal, like any other platform of the same kind, is somehow interested in economic aspects inherent in its operation is scary in the long run.

A first thing that worries about the use of the platform and that it can be used in illegal conditions. Indeed, the platform has a good reputation for privacy and data security. As a result, the Foundation itself cannot access the content of the exchanges that take place on its application, due to end-to-end encryption.

Asked about the question, the Foundation's CEO said, "The answer was: if and when people start abusing Signal or doing things that we think are terrible, we will say something."

In addition, the project to integrate the platform but cryptocurrency system has also stirred up criticism. While the app initially sees this as a way to facilitate donations and make exchanges much more confidential, some experts have pointed out that this would also have served as a means of transaction for terrorists to people of bad intent.

"If we decided to incorporate payments into Signal, we would try to think seriously about how to do it," says Moxie Marlinspike. "I want us as an organization to be very careful not to make Signal less effective for these kinds of bad actors, if it would also make Signal less effective for the types of actors we want to support and encourage," he continues.

Yet the CEO of Signal finds in front of him someone who totally opposes his conception of things: Gregg Bernstein, his former collaborator. "No one is saying that We need to fundamentally change Signal. There are small things he could do to prevent Signal from becoming a tool for tragic events, while protecting the integrity of the product for those who need it most.

As a user, we all hope that the right decisions will be made. But while it is easy to say that, it is much more difficult to determine exactly what the right decisions are. he says.

Now access an unlimited number of passwords:

Check out our hacking software

Cybersecurity: What to fear for 2021 according to Sophos

In today's environment, computer attacks are becoming increasingly threatening.

They are on the rise dramatically. With the coronavirus pandemic, which has in some way led to the adoption of telework such as the professional collaboration system, hackers are taking advantage of the situation. 2021 has shown us how dangerous the danger is. For 2021, the reality is quite different. See more serious. At least that's what we can remember from the latest reports provided by the computer security company Sophos, dealing with threats in 2021.

This article will also interest you: 2021: Fearing future cyberattacks

According to the IT security company, we should expect a year much faster than the previous ones. With the inclusion of artificial intelligence in the development of malware such as ransomware. In addition, the company has revealed that hackers continue to organize themselves better than before. They become much more accurate and earn a lot more money.

In other words, we should mark the fact that 2021 is likely to become tougher than 2020 in terms of cyber malice. This will have an undeniable impact on several aspects such as economics and others.

"In addition to the rise in sophistication of attacks, the hacker community seems to have started a revolution in its organization. Sophos' report raises. The company's security researchers and other artificial intelligence specialists were able to provide a possible accurate description of the situation. Conclusion: Hackers no longer evolve in the same way as before. They're not lonely anymore. They are well organized and manage to collaborate perfectly. This fully doubles the impact of their actions.

"Experts have discovered that hackers no longer really operate like lone wolves, but collaborate with each other, to the point of organizing themselves into real cybercrime cartels. It is by dissecting the various attacks of 2020 based on ransomware that the researchers were able to draw this observation. Instead of a wide variety of ransomware, they found that many of them share the same code and that some ransomware groups work collaboratively and not compete with each other. explains the report.

Speaking of ransomware, Sophos' report highlights the fact that these malwares are increasingly adapted to the protection systems developed by companies with the aim of getting rid of them. Operators who use these kinds of programs most certainly plan to combine them with artificial intelligence to make them more efficient. "While AI and machine learning have reduced the threat in security solutions, they are also exploited by hackers. In the end, cyber criminals take the opportunity to automate their attacks. In practical terms, they do not improve the ransomware itself. Its malicious code always remains the same. On the other hand, they use AI to prevent malware from falling into the net of smarter security systems. So it is in the initial phase of the attack that everything is played out. And in this area, in 2021, hackers will still rely on an increasingly efficient AI to bypass security suites and pretend to be legitimate elements in order to open the door to viral load. sophos experts explain.

Moreover, with the coronavirus pandemic which has somehow popularized telework, the vectors of attack are then multiplying. The often uncontrolled use of digital devices in the workplace makes it easier for cyber-cleaners to break into systems that were difficult to access.

In addition, we should pay attention to these small malware that we tend to overlook. The report raises this very important point by talking about "multitudes of small malwares that look falsely easy to counter. They don't seem to be harmful to security teams. Yet these heterogeneous legions are increasingly designed to detect a point of access to a targeted system in order to collect sensitive data. It's about small hands moving slowly through a network in search of valuable targets in order to sell them to large ransomware operators who have sophisticated means at their disposal to attack. ».

Now access an unlimited number of passwords:

Check out our hacking software