TechPression

Category: Antivirus

  • 5 internet virus prevention tips for 2023

    5 internet virus prevention tips for 2023

    AV-Test Institute, an impartial IT security company, estimates that there will be over 1.2 billion malware pieces online in 2023. The organization discovers 450,000 new viruses and possibly dangerous apps daily. Scammers and hackers use such apps to steal funds and personal information or use your online identity. These virus prevention tips can prevent you from being a victim

    By studying this OctaFX guide’s information about malware and how to avoid it, you can safeguard yourself.

    Read also: Cybercrime Ravages Cryptocurrencies

    Types of malware 

    There are more than a billion different varieties of malware on the internet, but there are a few that everyone should be aware of. These consist of:

    Ransomware

    The access to your computer or the data saved on it is blocked by this kind of virus until a ransom is paid. In most cases, the data is encrypted, so any attempts to get around the blockage could result in the complete loss of the data. However, there is no assurance that once the ransom is paid, the hackers will unlock the data or that you will get the right decryption key.

    Spyware

    Without the consumers’ knowledge or consent, this spyware gathers user data. Keystroke logging is a common method used by spyware programs to attempt to obtain login credentials and payment information.

    Adware

    This program resembles spyware in certain ways. It collects data on your web activity, interests, friends, and the places you live or travels to, but it has no intention of stealing your credentials. It then sells this “profile” to advertisers. Adware occasionally downloads or shows you ads without your knowledge.

    Trojan

    Trojans are often disguised as pirated games, apps, programs, and services. A Trojan takes over the system and damages or steals data.

    Worm

    This harmful application will exploit program and operating system vulnerabilities to infiltrate networks. It will steal critical data, execute DDoS and ransomware operations, and duplicate itself on other network systems.

    Virus

    Viruses can steal personal data and conduct cyberattacks like worms. A virus cannot operate or infect other computers on the network unless the host program is running.

    Malware/virus prevention tips for 2023

    You shouldn’t install any of the above malicious apps. Besides stealing your data and hurting your device, malware may infect other machines on the network. If it’s the work network, it might cause a massive data leak, harming your organization and clients. OctaFX offers five online security guidelines to avoid malware:

    Implement antiviral software

    Your computer’s chance of downloading and operating malware will be significantly decreased by installing antivirus software. Check everything you download from untrusted sources, including USB drives, for viruses.

    Use only legal apps and software

    These free files could include unwelcome extras like viruses and Trojans that can seriously damage your computer and steal your personal information.

    Avoid suspicious emails

    Avoid downloading and opening files from unfamiliar email addresses. Even though the file names seem harmless, email attachments may contain viruses.

    Update your software as needed

    They typically have significant security updates that make it more difficult for malware to take advantage of their flaws.

    Make a data backup


    This makes it possible to recover your data even if a malicious program blocks your computer and encrypts it.

    Every day, cybercriminals create thousands of new malware programs. While the aforementioned recommendations may not provide perfect protection against malware, they will considerably minimize your chances of becoming infected in the first place.

     

  • New Kaspersky Report Alerts SMEs to Cyber Threats

    New Kaspersky Report Alerts SMEs to Cyber Threats

    To determine which threats are becoming more dangerous to entrepreneurs, Kaspersky Lab researchers compared the dynamics of attacks between January and April 2022 and the same period in 2021.

    Cybersecurity can seem complicated and unneeded for a small business owner juggling production costs, financial reports, and marketing. In contrast, cybercriminals are exploiting this non-concern for IT security.

    When compared to the same period in 2021, the number of Trojan-PSW (Password Stealing Ware) detections in Kenya grew by 16 percent in 2022, with 12 639 detections compared to 10 934 in 2021. 

    Trojan-PSW is a piece of malware that collects passwords and other account information, allowing attackers to gain access to a company’s network and steal sensitive data.

    Internet attacks, such as web pages with exploit redirects, sites with exploits and other harmful applications, botnet C&C centres, and so on, are other common attack methods used against small enterprises in Kenya. 

     

    What Kaspersky Researchers Discovered

    In the country, the number of these attacks has climbed by 47 percent. Kaspersky researchers discovered 130 111 infections in the first four months of 2022, compared to 88 455 infections in 2021.

    Many firms have implemented the Remote Desktop Protocol (RDP), a technology that allows computers on the same corporate network to be linked together and accessed remotely, even when employees are at home, as part of the shift to remote working. While the aggregate number of attacks on RDP in Kenya has fallen slightly, the danger remains a global concern. For example, there were around 47.5 million attacks in the first trimester of 2021 in the United States, compared to 51 million in the same period in 2022.

     

    Read AlsoKaspersky Launches Online Course for Cyberattack Défense

     

    Attack visualisation is possible with a special security solution, and IT administrators have a convenient tool for incident analysis.

    The earlier they can figure out where and how a leak happened, the better equipped they’ll be to deal with any unwanted ramifications. Kaspersky Endpoint Security Cloud Pro is a new edition of Kaspersky Endpoint Security Cloud that includes advanced new features such as automated response options and an expanded range of security controls in a single solution.

     

    IT Security Advice for Businesses

    For IT professionals looking to improve their cybersecurity abilities and get the most out of their specialized security equipment, the Pro version offers built-in training.

    Even small businesses with limited IT resources still need to protect all their working devices, including computers and mobile phones, from cyber threats. The updated Kaspersky Small Office Security is a key tool for startups, small online stores, and local businesses to keep all of their work devices protected, safely transfer any valuable business-related files and avoid falling victim to ransomware.

    “With the shift to remote working and the introduction of numerous advanced technologies in the daily operations of even small companies, security measures need to evolve to support these sophisticated setups. Cybercriminals are already well ahead of the curve, to the point where practically every company will be breached at some point.’’

    ‘‘It’s no more a question of if, but when, a cybersecurity catastrophe would strike a small business. Having trained staff and an educated IT specialist is no longer a luxury but a must-have part of your business development.” This is according to Denis Parinov, Security Researcher, Kaspersky

  • Kaspersky Launches Online Course for Cyberattack Défense

    Kaspersky Launches Online Course for Cyberattack Défense

    Kaspersky, a Russian multinational cybersecurity and anti-virus provider has announced the launch of a new Windows Incident Response training course.

    The purpose of this was to provide in-house cybersecurity teams and information security professionals with the opportunity to expand their analytic skills in the incident response domain, particularly while they are in the midst of a ransomware attack.

    It is known that cyber-attack is becoming ravenous these days and every company is navigating their way to improve their network security, but the question to ask is how do companies respond to cyber threats?

    Some may say the answer lies within the capacity of the IT admins of the firm, but report has it that only a few can handle ransomware attacks.

     

    Are Companies Prepared for a Ransomware Attack

    According to a recent Kaspersky worldwide survey conducted for senior non-IT management and company owners, 73 percent of companies cannot handle a ransomware attack on their own or with the support of traditional IT service providers.

    “The recent global study by Kaspersky titled “How do business executives perceive ransomware threat?”[1] confirms that most firms (73%) will have to seek the help of external incident response providers’ in the event of a ransomware attack. This is despite the fact that 66% of respondents consider there to be a high possibility of these attacks on their organization.”

     

    Read AlsoInstabug Has Raised $46M To Fix Beyond App’s Bugs

     

    Additionally, firms that have never had a ransomware assault are more prone to overestimate the abilities of their usual security suppliers and in-house IT staff. According to research, businesses that have previously faced similar risks use their current resources less often.

     

    Kaspersky LeadingThe Way Forward

    Kaspersky is willing to lend a helping hand to companies looking to improve the expertise of their in-house digital forensics and incident response teams. In addition, Kaspersky has expanded its online expert training portfolio to accommodate IT security practitioners who are looking to upgrade relevant skills. The Windows Incident Response course was designed by professionals with more than 12 years of expertise in the industry who are part of the company’s Global Emergency Response Team (GERT).

     

    What The Course Entails

    Students will be led through the process of incident detection by Ayman Shaaban, Digital Forensics and Incident Response Manager, and Kai Schuricht, Senior Incident Response Specialist, using the example of a real-life REvil ransomware case. The course places a heavy emphasis on the development of practical skills.

    Kai Schuricht, Senior Incident Response Specialist at Kaspersky affirmed that “Incident Response capabilities require specialized skills to verify and handle threats in a timely manner, as well as to minimize the damage from an incident. Since no one is immune to a cyberattack, and it becomes increasingly more difficult to prevent a security perimeter penetration, remediation and the knowledge and experience of how to respond are more in demand than ever before.”

     

    Read Also : African Startups Can Now Apply for Google’s Black Founders Fund

     

    Furthermore, By the conclusion of the course, IT security professionals will be able to detect and react to a cyber incident, distinguish APTs from other threats, and explore attack tactics and focused assault anatomy via the Cyber Kill Chain. Participants will learn evidence collecting, incident identification, log file analysis, network analysis, IoC creation, and memory forensics.

    “Responding to complex incidents and uncovering attack steps is a huge challenge for InfoSec experts. Within this new course, we’ve concentrated GERT knowledge gained from handling security incidents for Kaspersky customers around the globe. Our aim was not only to provide extensive theory around the subject but to also provide real applied skills through end-to-end ransomware case investigation.” comments Ayman Shaaban, Digital Forensic and Incident Response Manager at Kaspersky.

     

    More Details Of The Course

    Participants will have access to the platform for a period of six months in order to complete the training with self-guided training, which includes a total of 40 video lessons and 100 hours of virtual lab time for hands-on learning. This is being done in order to make the learning more suitable and adaptable for everyone. The length of the course is expected to be 15 hours.

    More information about the Windows Incident Response course is available HERE

  • Cybersecurity Experts Discover Fake Windows 11 Upgrades

    Cybersecurity Experts Discover Fake Windows 11 Upgrades

    Microsoft continues to release updates in which it unveils a series of new features for Windows 11.

    Sequel to this upgrade, users will have to keep updating their system to keep to date with the recent features. In lieu of this, hackers are now attempting to deceive users by delivering fake Windows 11 upgrades that contain malware.

    Cybersecurity specialists have discovered a new hacking campaign that uses the pretense of a genuine Windows 11 update to install information-stealing malware named “Inno Stealer” leading unsuspecting window’s OS users to install the fake Windows 11

     

    Fake Windows 11 Upgrades: How The Malware Works

    The chance of landing on this infected website is high if you search for Windows 11 upgrade or anything similar on the internet.

    Once on the fake Windows 11 upgrade page, the user will click the “Download Now” option. This will not download the official Windows 11 update; instead, it will install malware software that will steal the user’s personal information.

     

    Read Also: Cybercrime Typology in Nigeria: A Sign of Industrialisation Part 1

     

    The malware is capable of collecting web browser cookies and other saved credentials, including data from cryptocurrency wallets, as well as information on the victim’s computer’s files and registry.

    According to Bleeping Computer, the fake Microsoft website is infected with the Inno Stealer virus. In order to create temporary files on the infected device, the malicious software takes advantage of a part of the Windows installation.

    Four more files are created and stored on the system as a result of this operation. Scripts in some of these files are specifically intended to deactivate Windows registry security mechanisms, for example.

    As a result, they may also alter Windows Defender’s default anti-virus software and remove ESET and Emisoft’s security solutions.

     

    About The Fake Windows 11 Upgrade Malware Inno Stealer

    CloudSEK’s cybersecurity experts have detected the malicious software. Inno Stealer is the term given to malware that infects computers by using the Inno Setup Windows installer to establish itself on a computer.

    Since its discovery, security experts have expressed concern about the virus, pointing out that it targets a large number of browsers and cryptocurrency wallets, among other things. Chrome, Edge, Brave, Opera, Vivaldi, 360 Browser, and Comodo are among the browsers that are susceptible to the Inno Stealer malware. Cookies and passwords saved in these web browsers may be stolen by the virus and sent back to the hacker who installed it on the computer.

     

    Read Also : Technology in Nigeria’s Piracy Fights: What Somalia Can Learn

     

    Due to the fact that the virus enables hackers to download new payloads into a system, there is an increased chance of infection. According to the study, this activity is only carried out at night, when the victim is unlikely to be in front of the computer screen. The new payloads, which take the form of TXT files, are therefore capable of suppressing the security protocols on a system to a greater extent. Inno Stealer is then able to steal information from the clipboard and exfiltrate directory enumeration data from the target computer.

     

    How Do I Keep Myself Safe From Fake Window Update?

    In the midst of your displeasure that your computer doesn’t support Windows 11, remember to only download ISO files from sites or sources that you are 100% certain about. Scammers are growing better at making fake websites look legitimate, so you should pay attention to things like the web address to see whether it’s a scam.
    The built-in Windows Update tool will also notify you whether your device fulfills the Windows 11 compatibility criteria. Installing a legitimate Windows 11 update in this manner is the safest option.

  • The Bet9ja website has been restored after Attack

    The Bet9ja website has been restored after Attack

    Earlier we reported the Bet9Ja website shutdown now a new report suggests that the website has been restored, the mobile phone has been retrieved from Russian hackers, and the CEO has delivered a statement to bettors.

    The good news is that the Bet9ja website, which the Russian Blackcat hacking gang had hijacked, has been restored. Ayo Ojuroye, CEO of Bet9ja, said this in an official statement by Ayo Ojuroye, the CEO and Co-Founder of Bet9ja. “I want to tell you that your data is safe, and your cash is intact,” said Ayo Ojuroye, CEO of Bet9ja. Even with these attacks, the security of your data is not jeopardized.


    Is the Bet9ja website back up and running?


    Yes, the Bet9ja website is back online. Our fact-check reporter at Techpression confirmed that the Bet9ja website is back up and running. Message from Bet9ja’s CEO, headlined “WE HAVE CONTROL, OF ALL ACCOUNTS, DATA, AND FUNDS ARE SECURE”: The last few days have been difficult for us. We were subjected to an unprovoked and unjustifiable sophisticated criminal cyber-attack on our platform on Wednesday, April 6, 2022.

    Many of our clients and stakeholders have been inconvenienced by the inability to access their accounts or place bets on the bet9ja.com platform. I’d want to apologize on behalf of the management and every team member for this and emphasize how much we regret the situation.

     

    More on Bet9ja CEO Statement

    We can confirm that the Blackcat Group was responsible for the ransomware attack. You can learn more about cybercriminal organizations by searching the internet. We have taken actions to minimize and mitigate any risk to our network systems and operations due to the massive attack on our platform.

    We have brought in worldwide cyber security and forensic specialists to assist us in analyzing and improving our network security and strengthening our operations to make them more resilient and safe. As Nigeria’s top and one of most prominent sports betting firms, we want to tell you that we have taken these precautions because we understand how important it is to protect our consumers.

     

    Read Also Bet9ja Website Hacked By Russian Blackcat Hackers Gang


    I want to reassure you that your data and cash are secure. Even with these attacks, the security of your data is not jeopardized. We’re doing everything we can to get back up and running in stages. Since then, the team has been working tirelessly to achieve these goals. At this time, I’d want to express my heartfelt gratitude to our agents for sticking with us during this challenging period; they are indeed the best in class. For your support on social media, we are grateful to our stakeholders, the National and State Lotteries Boards, and, most importantly, our loyal customers for your help. We apologize once more for any inconvenience.

    As a company, we will always strive to serve you better and provide you with the highest levels of professional service. While the work continues, I have directed our marketing team to make compensation readily available, and for the first time, I have just approved a never-before-seen bonus package on the Bet9ja platform, which will go into effect as soon as the site is restored.

     

    Read Also : Russian Hackers Attacks And Target South American Energy Sector

     

    This is our way of saying thank you for your steadfast devotion, patience, and understanding during this trying time. Finally, as a truly Nigerian company and industry leader, we will not be intimidated, harassed, or pressured into surrender. We are extraordinary at Bet9ja, but we do not profess to have all the answers. Instead, as illustrated by our team of professional experts, agents, government stakeholders, and devoted consumers, we come together as a community of professionals to safeguard this industry we all love.


    Thank you for your patience, understanding, and loyalty at this challenging time. Please know that we are entirely in charge of the issue and that all accounts, data, and cash are safe and secure. Our best days are yet ahead of us. Thank you very much. Bet9ja CEO/Co-Founder AYO OJUROYE Bet9ja, The website, is currently operational, and bettors may access now using this link. Previous: Bet9ja Breaking NewsThe term “Bet9ja website hacked” is now trending in the betting world. According to a statement made by the renowned betting firm on Thursday, April 7, 2022, the Russian Blackcat Group hacked Nigerian betting company Bet9ja.

     

    What We Know About The Hacker’s Demand From Bet9ja 

    The hackers are purportedly seeking a ransom, according to a statement made by Bet9ja on Thursday, April 7, 2022, but they have never accepted their terms. Even though the Bet9ja website has been hacked, the company declared that their IT staff is working around the clock to restore the regular Bet9ja website and that clients’ funds are safe.

     

    The Russian Blackcat Group has requested that the Bet9ja company pay an unspecified amount of money. According to an official statement, the Russian Blackcat Group hacked the Bet9ja website. “It is crucial to keep you all updated on the true condition of things since it has been very tough in the previous 24 hours,” the statement says. We’ve seen messages in various groups claiming that we’re performing maintenance, which is not valid.


    We will not do so on a significant UCL day. The entire Bet9ja system has been attacked by the Russian Blackcat organization, known for multiple attacks on major corporations worldwide. This Russian gang has launched a massive hacker attack, but our workers have been working nonstop since yesterday to restore all services, which is not simple. “

     

    The company advised their valued clients to keep calm because everything was under control. Please do not be discouraged. We will undoubtedly restore things as soon as possible and offer an update on the progress. They are already demanding a ransom, but we will never accept their terms. I must inform you of this to be on the same page. They have struck us severely, but they can not kill us. “We will hold our ground and return stronger,” the message said.

  • Russian Hackers Attacks And Target South American Energy Sector

    Russian Hackers Attacks And Target South American Energy Sector

    Russian Hackers at the prowl. Two large hacking attacks aiming at disrupting energy businesses and key infrastructure allegedly targeted 135 nations, including South Africa, between 2012 and 2017, according to the United States.

    Daily Maverick reports that the goal was to conduct a sophisticated effort to target and breach networks of vital infrastructure and energy firms throughout the world.

    The South African energy utility, Eskom, was questioned if it had been attacked by Russia and answered that it, like many other organizations, has to deal with a variety of cyber-attacks. But Eskom could not say if they were directly targeted by Russians or not.

    The fact that cybercriminals are actively targeting a wide range of industries, including our own, is well-known to us.” When it comes to thwarting cyberattacks, Eskom relies on a team of information and cybersecurity experts and tools.

     

    Read Also : LMPS Launches First Moroccan Cyberdefense Product

     

    When it comes to the confrontation between Russia and Ukraine, South Africa has taken a neutral position. It was previously reported that South African President Cyril Ramaphosa had expressed his hope that negotiations between the two countries involved in the conflict would lead to peace, but he did not identify which side he was on.

    Kaspersky’s Antivirus Software

    It has lately been claimed that Kaspersky’s antivirus software has been used to break into organizations’ systems during the crisis between Russia and Ukraine.

    The US Federal Bureau of Investigation (FBI) stated that the Russian government would be able to disrupt and destroy their systems if they succeeded to get into the countries’ mentioned corporations.

    According to reports, the Russian Embassy in South Africa hasn’t stated anything in response to the claims made by the United States.

    What The Russian Hackers Intend To Achieve 

    According to reports, Russian hackers targeted a US government agency that handles nuclear power facilities and a petrochemical company in Saudi Arabia.

    In exchange for information leading to the arrest and conviction of three Russian nationals, the United States government has offered a reward of up to $10 million. They have been deemed a flight risk by the FBI.

     

    Read Also : Microsoft Unveils New Features For Windows 11

     

    After that, it went on to say that “this group includes oil and gas companies around the world, electric grid companies, atomic power plants (and) renewable energy businesses, engineering groups, and sophisticated technology firms.”

    There were no details provided in this indictment on which South African companies were targeted and whether or not they had been successfully hacked.

  • The website of Bet9ja has been hacked by the Russian Blackcat gang

    The website of Bet9ja has been hacked by the Russian Blackcat gang

    Bet9ja’s management has stated that their website was hacked by the Russian Blackcat gang. Bet9ja revealed this in a statement, identifying the attackers as the Russian Blackcat organisation, which is known for multiple attacks on large corporations throughout the world.

    The gaming site stated that the hacker gang had already sought a ransom, but it insists that it would not accept the hacker group’s terms.


    What they have to say About Bet9ja System Breach
     

    “The entire Bet9ja system has been under attack by the Russian Blackcat group, who are famous for multiple hacks on large companies throughout the world,” according to a portion of the statement. This Russian gang launched a massive hacker attack, but our workers have been working nonstop since yesterday to restore all services, which is not simple.

    Read Also : Hackers Send Fake, Data Breaches Notifications To Trezor Users


    “They have already demanded a ransom, but we will never accept their terms. ” It is critical that I inform you of this so that we are all on the same page. They have struck us severely, but they can not kill us. We shall hold our ground and come back even stronger. “

     
    Please don’t be disappointed; we will certainly restore things as quickly as possible and keep you updated on the development. “Bet9ja said in a previous social media post that user funds and prizes are safe while the company works to fix the problem.


    What you need to know

    According to sources, the ransomware assaults that brought down a swath of and hampered payments at some German filling stations in January were carried out by the Russia-linked hacker group BlackCat.
     
    Hackers used a type of ransomware called “Black Cat” to get into computers at Mabanaft GmbH and Oiltanking GmbH Group, reports say.
     
    There is a new ransomware service called BlackCat (also called ALPHV). It has been aggressively recruiting people from other ransomware gangs and attacking businesses all over the world.

  • Hackers Send Fake, Data Breaches Notifications To Trezor Users

    Hackers Send Fake, Data Breaches Notifications To Trezor Users

    Hackers targeted Trezor, a cryptocurrency hardware wallet. They used the company’s mailing list to send out fake data breach notifications to users.

    Mailchimp, a well-known email marketing platform, has confirmed that hackers used an internal tool to steal data from more than 100 of its customers, with the information being used to launch phishing attacks against cryptocurrency users.

    What They Are Saying About The Attack

    Mailchimp confirmed the breach to the press on Monday, but users of the Trezor hardware cryptocurrency wallet had reported being targeted by sophisticated phishing emails over the weekend. A false email was sent out to users, requesting that they install an impersonated Trezor Suite software, which would allow them to steal their password (recovery seed).

    Techviral reported that the fake Trezor data breach email contains the following text: “We regret to inform you that Trezor has experienced a security incident involving data belonging to 106,856 of our customers and that the wallet associated with your e-mail address [email here] is within those affected by the breach.”

     

    Read Also : Lapsus Group Attacks Microsoft and Okta in Cyber Hack

     

    When a user clicks on the download button, a fake software application known as suite.trezor.com is installed in the user’s browser. Punycode characters are used by the website, which allows attackers to impersonate the trezor.com domain by using accented or Cyrillic characters in their message to the user. The official Trezor website is trezor.io, and the user should be aware of this.

     

    Read Also : Hacking group Anonymous Releases 28GB of data stolen from the Russian Central Bank

     

    In a statement sent to The Verge, Mailchimp CISO Siobhan Smyth said “We sincerely apologize to our users for this incident and realize that it brings inconvenience and raises questions for our users and their customers,” Smyth said. “We take pride in our security culture, infrastructure, and the trust our customers place in us to safeguard their data. We’re confident in the security measures and robust processes we have in place to protect our users’ data and prevent future incidents.”

    What is Trezor?

    The Trezor is a cryptocurrency hardware wallet. It’s a device for securely holding cryptocurrency private keys offline in ‘cold’ storage. When you want to make a transaction you can plug in your Trezor and it will provide the keys to sign off on a transaction, which is done by physically pushing buttons on the device.

    Its design protects cryptocurrency by ensuring keys are always offline and by requiring physical interaction to co

  • Hacking group Anonymous releases 28GB of data stolen from the Russian central bank

    Hacking group Anonymous releases 28GB of data stolen from the Russian central bank

    A large amount of data supposedly belonging to the Bank of Russia was allegedly disclosed by Anonymous, a hacker outfit. The news comes after the group claimed earlier this week that it had hacked Russia’s central bank, a claim that Moscow’s monetary officials denied.


    The transnational hacktivist collective known as @Thblckrbbtworld (The Black Rabbit World) has revealed the leak of 28GB of data taken from the Russian Central Bank (CBR).

    Meanwhile, another Twitter account linked to the hackers, @YourAnonTV (Anonymous TV), corroborated the story.

    What Anonymous Said

    Anonymous said last week that it had hacked the CBR and promised to disclose more than 35,000 files in 48 hours. They include some of the regulator’s “secret agreements,” among other things “. The Bank of Russia, on the other hand, said that none of its information systems had been hacked.

    Read Also : You may now translate to and from isiZulu across the whole Microsoft ecosystem.


    The new action by Anonymous comes after the organization launched a cyberwar on Russia for its invasion of Ukraine. The gang threatened to take down the Kremlin, State Duma, and Defense Ministry websites, as well as state-run television networks including Russia Today (RT) and some streaming platforms, with the goal of disrupting Russia’s internet.

    According to The Black Rabbit World’s tweet, the CBR’s documents have been sent to numerous internet places, and if the ones it gave are censored, it will share them through multiple links.

    According to some sources, the stolen files also contain hundreds of audit reports and information on bank owners.

    Russian Central Bank’s Responsibility 

    The Russian central bank is responsible for defending and protecting the Russian currency, which has lost value as a result of the country’s severe international sanctions. At the start of this month, the Russian rouble had plummeted by up to 30%, with inflation approaching 20%.

    The breach comes as speculation regarding central bank president Elvira Nabiullina’s future has intensified in recent days. She was reportedly spotted looking depressed during a Kremlin meeting and then broadcast a mysterious video in which she conceded the Russian economy was in “extreme” shape and claimed, “We all wish this had not happened.”

     

    Read Also : Platform for fantasy football Eksab raises $3 million in a seed round headed by 4dx ventures



    In addition to their military confrontation on the ground, Russia and Ukraine have clashed in cyberspace. Just before Russian forces crossed the border in late February, hackers backing Moscow allegedly hacked a number of Ukrainian websites.

    The Ukrainian government is said to be seeking cyber professionals with experience in both defensive and offensive operations for its cyber force.”

  • Lapsus$ Hackers Group Leak nearly 200 Gigabytes of Samsung Source Code In Cyber Attack

    Lapsus$ Hackers Group Leak nearly 200 Gigabytes of Samsung Source Code In Cyber Attack

    Lapsus$ Hackers Group at it again as nearly 200 gigabytes of data, including the source code for numerous technologies and algorithms used in biometric unlocking operations, have been reported stolen and exposed by hackers.

    The stolen data allegedly contains confidential information from Qualcomm, a US chipmaker that supplies chipsets for Samsung handsets sold in the US.

    Access to source code might aid threat actors in identifying security vulnerabilities that would otherwise go undetected, possibly exposing vulnerable devices or systems to exploitation or data exfiltration.

    The breach was claimed by the Lapsus$ hacker group, the same group that penetrated Nvidia and then leaked thousands of employee credentials online.

    Lapsus$ claims to have obtained source code for trusted applets installed in Samsung’s TrustZone environment, which Samsung phones use for sensitive operations, algorithms for all biometric unlock operations, and bootloader source code for all recent Samsung Galaxy devices in a post on its Telegram channel.

    What They Are Saying

    Samsung Spokesperson confirmed a “security breach” related to some internal company data but said no personal data belonging to customers or employees were accessed by the hackers.

    “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees,” Samsung said. “Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”

    When enquired, Qualcomm stated that it was aware of a reported incident involving Samsung.

    Read Also : How To Use Your Smartphone as a CCTV Camera Without Internet.

    We take these claims very seriously and are working expeditiously with Samsung to understand the scope of the incident, as well as to confirm what Qualcomm data, if any, have been impacted. We have no reason to believe that Qualcomm systems or security were impacted as a result of this reported incident,” said Clare Conley, Qualcomm spokesperson.

    Possible Motive Behind The Data Breach

    It’s unclear if Lapsus$ wanted a ransom from Samsung before publishing the data as it did with Nvidia’s increasingly strange requests. The group asked that the American chipmaker deactivate its controversial Lite Hash Rate (LHR) feature and open-source its graphics chip drivers for macOS, Windows, and Linux.

    Although the deadline passed on Friday, the hacker gang has yet to carry out its threat.

    About Samsung

    Samsung is a South Korean electronics manufacturer that is one of the world’s biggest. Samsung manufactures a broad range of consumer and industrial electronics, including appliances, digital media devices, semiconductors, memory chips, and integrated systems, among other things. It has become one of the most well-known technological brands.

    What to know about Lapsus$

    It’s a ransomware group, Lapsus makes money by breaking into business networks and then extorting them for cash. Sometimes they steal data and hold it hostage.

    The group’s notoriety is increasing as they continue to hack and steal data from the world’s tech giants. They hacked Nvidia and were able to expose some personal information onto torrent sites. Then came Samsung, which had vital data about the security of its phones stolen.