TechPression

Category: Security

  • 5 African Technology Conferences to attend in 2023

    5 African Technology Conferences to attend in 2023

    Here are 5 African technology conferences you can attend this 2023 to stay informed on important technology trends that cut across industries.

    Technology has significantly transformed human coexistence in recent years, as well as business operations across the world.

    The world is constantly evolving, with new ways of better integrating technology into daily activities and making human interactions more seamless. It can oftentimes be overwhelming to find how to incorporate and situate technological advancement to suit Africa’s and Africans’ needs.

    This is why it is important for everyone, particularly tech professionals/enthusiasts and business owners, to keep abreast of the way technology is changing the African continent. This can be achieved by attending virtual or in-person conferences that keep them up-to-date on technological strategies that can improve their daily operations, especially if you are in Africa.

    So, below is a list of 5 African Technology conferences you can attend this 2023.

    • Nigeria Cybersecurity Summit 2023
    • Africa Tech Summit Nairobi 2023 
    • Blockchain Africa Conference
    • I Code Java 
    • BIM Africa Summit (BAS) 2023 
    Read also: Nigeria turns into a hub for technological innovation and research – Kola Oladejo

    Nigeria Cybersecurity Summit 2023

    Nigeria Cybersecurity Summit 2023 - Techpression

    The Nigeria Cybersecurity Summit 2023 is a two-day conference that will gather Cybersecurity experts to discuss and arrive at the best strategies to combat cyber-attacks across the continent.

    The summit themed “Building a secure digital future” is scheduled to take place from 6th to 7th February 2023 in Lagos, Nigeria.

    Over 300 professionals, including CISOs from leading enterprises, Cybersecurity experts and elite ethical hackers from across the West African region,  will be in attendance.

    The key focus for the Nigeria Cybersecurity Summit 2023 cuts across Leadership & Upskilling, Critical Infrastructure, AI & Threat Intelligence, Risk Mitigation and Cloud Security. 

    Topics on Biometrics & Identity, the Internet of Things (IoT), as well as Malware & Threats would be addressed.

    There will be over 15 hours of insightful sessions and six hours of networking to enable stakeholders to interact, share ideas and get to connect for the future benefit of securing the continent’s online terrain.

     

    Africa Tech Summit Nairobi 2023

    Africa Tech Leaders’ Summit holds in February 2023

    The Africa Tech Summit Nairobi 2023, which is in its fifth year, will yet again link thought leaders in the technology field from across the African ecosystem with international players and other stakeholders on Feb. 15-16, 2023.

    This year’s edition will connect over 1000 delegates and more than 150 speakers across three Summits. 

    Over 450 organisations from different sectors, including fintech, DeFi & crypto ventures, mobile operators, tech corporates, regulators and investors, will be present at the summit.

    Participants will have the opportunity to network with key stakeholders, including tech corporates, mobile leaders, fintechs, DeFi & crypto ventures, investors, start-ups, regulators and industry stakeholders driving business and investment forward.

     

    Blockchain Africa Conference

    Blockchain Africa Conference 2023 — March 16-17, 2023 » Crypto Events

    The 9th edition of Bitcoin Events’ flagship summit, the Blockchain Africa Conference, is scheduled for 16-17 March 2023.

    This year’s event would be a hybrid edition is holding in Johannesburg, South Africa and virtually across the globe.

    The objectives of the conference are to provide a contextual understanding of blockchain technology and the available opportunities for Africa, as well as 

    to offer well-structured content that will meet the needs of different stakeholders across various industries.

    It is also a great platform for networking opportunities centred around creating business partnerships and collaborations expected to provide employment opportunities and foster economic growth and development.

    Over 1000 participants from around the world will be attending the conference debates and panel discussions.

     

    I Code Java (ICJ)

    I Code Java Africa (@JavaAfrica) / Twitter

    I Code Java is Africa’s longest-running Java and Kotlin Conference. Global speakers and Java experts are hosted during the conference to discuss coding, amongst other tech-related matters.

    I Code Java Conference will be held in two different South African cities at different times this year. The first conference is scheduled for 10 and 11 May 2023 in Cape Town, while the second is for 11 – 12 October 2023 in Johannesburg. 

    ICJ has always been a community-driven event which focuses on coding, architecture and developing leadership skills. Developing strong fundamental skills to further your career. Full-time African students have the opportunity to attend the conference for free, as 20% of the tickets have been set aside to support them.

    Read also: UCT, GESDA Host Youth In Science And Diplomacy Discourse At WSF

    BIM Africa Summit (BAS) 2023 

    5 African Technology Conferences to attend in 2023

    Codenamed BAS 2023, this year’s BIM Africa Summit is a platform to interact with industry stakeholders and share strategies centred on boosting Africa’s development. The summit will exhibit innovation and new technologies in the built environment.

    The 2023 edition will be hosted in Marrakech, Morocco, on the 18th and 19th of May, 2023. 

    It will focus on the digital development of the built environment for a sustainable Africa. There will be discussions and showcases on disruptive technologies from concepts in Laser scanning, 3D printing, Robotics, Digital Twinning, Artificial intelligence, African smart cities, and the Internet of Things to exploring on-demand software and hardware tools to collaborate and deliver the Africa that we want.

    There will be over 1,000 exhibition visitors, 200 delegates, 60 exhibitors and 9 Award Categories.

    These African technology conferences will expand the minds of participants in the various tech niches as well as other stakeholders that require such services, which ordinarily would cut across multiple sectors. So, make an effort to attend at least one.

  • North Korean Hackers Spread Malware Using Seoul’s “Halloween Crush” – Google

    North Korean Hackers Spread Malware Using Seoul’s “Halloween Crush” – Google

    Google has accused North Korean hackers of exploiting the fatal  ‘Halloween crowd crush’ to distribute malicious software to internet users in South Korea.

    The Halloween crush is a fatal event that occurred on October 29, 2022, where thousands of fun lovers crowded alleyways during Halloween festivities in the Itaewon neighbourhood of Seoul, South Korea. The crowd crush resulted in the death of at least 158 with no fewer than 196 people left injured.

    Google’s Threat Analysis Group’s report, released on Wednesday, disclosed that the hackers had embedded the malware in Microsoft Office documents disguised as a South Korean government report on the tragic Halloween crush. It also says the hackers were backed by the North Korean government. 

    The tech giant’s anti-hacking group had tracked the activity to a group of North Korean government-backed hackers referred to as APT37. The group has a history of targeting South Korean users, North Korean defectors, policymakers, human rights activists and journalists.

    Read also: How hackers hacked Uganda’s Airtel money

    According to Google’s anti-hacking group,  “This incident was widely reported on, and the lure takes advantage of widespread public interest in the accident.”

    Google recalled that it had on October 31 reported a similar software vulnerability to Microsoft within hours of discovering the issue, while Microsoft issued a patch to fix it on November 8.

    Google also said it is yet to determine what the malware was created to achieve, as it exploited an Internet Explorer vulnerability.

    North Korea Hacking Record

    North Korean hackers have been accused of numerous cyberattacks across the world, many of which have been cyber-thefts targeted at getting funds for the cash-strapped administration of Kim Jong-un.

    North Korean hackers have stolen at least $840 million worth of digital assets between January and May of 2022. This figure more than doubles the previous year’s theft case of $400 million reported by blockchain analysis firm Chainalysis.

    In 2021, the United States Department of Justice charged three North Korean computer programmers with partaking in a wide-ranging criminal conspiracy to carry out a series of sophisticated cyberattacks to steal and extort no less than $1.3 billion of money and cryptocurrency from different financial institutions and companies. The accused engaged in the crime to design and deploy various malicious cryptocurrency applications and to develop and fraudulently market a blockchain platform.

    The Indictment expands a 2018 Case that highlighted the attack on Sony Pictures and the Creation of WannaCry Ransomware, where two new defendants were to the worldwide ploy to steal money and crypto from banks and businesses while Operating in North Korea and China.

    The United Nations panel of experts responsible for monitoring and enforcing sanctions on North Korea has accused Pyongyang of using illegally obtained funds gained through hacking, to support its illicit nuclear and ballistic missile programmes.

    In the past, North Korea has released statements denying accusations that it commits cybercrimes. It has also accused the U.S. and its allies of “spreading bad rumors” about the Asian country after the U.S. made accusations against it.

    On Thursday, South Korean officials told businesses that they shouldn’t hire IT workers, from North Korea just because they wanted to.

    Financial phishing, cyberattacks surge In Kenya and Nigeria

    North Korean Hackers Attack In Africa

    In 2019, a United Nations report disclosed that South Africa, Nigeria, Gambia, Liberia, Costa Rica and Malaysia were among the countries targeted by North Korean cyber criminals, according to Business Insider

    According to a confidential report prepared for the United Nations, the attacks sought to set up fake interbank transfers by hijacking bank computers and infrastructure and stealing cryptocurrency tokens through direct attacks on users and crypto exchanges.

    These hackers reportedly raised around $2 billion from attacking banks and cryptocurrency repositories with the goal of developing nuclear weapons.

  • Telegram hacks target wealthy crypto funds

    Telegram hacks target wealthy crypto funds

    The Microsoft (MSFT) Security Intelligence team has discovered that hacker DEV-0139 has been using Telegram group chats to target wealthy cryptocurrency funds.

    Investment funds and rich traders find it very difficult to deal with cryptocurrencies due to exchange fees. They must be improved to lessen the impact on margins and profits as they are identified as a cost. The majority of costs are a result of fees that cryptocurrency exchanges impose on transactions.

    Read also: Cybercrime Ravages Cryptocurrencies

    Hackers target Telegram conversations

    Hackers seek to exploit this issue to steal crypto-target money. DEV-0139 joined several Telegram channels with prominent investors and exchanges for communication. They targeted these group members. The Microsoft research assessed OKX, Huobi, and Binance exchanges.

    DEV-0139, portraying themselves as exchange workers, invited the targets to a totally different chat group and pretended to solicit comments on the transaction fee models adopted by various cryptocurrency exchanges. They then began a debate to develop mutual solidarity and use their extensive industry expertise and swift zeal to entice victims progressively.

    DEV-0139 then emailed a weaponized Excel file with legitimate bitcoin exchange fee information to boost their credibility.

    The Excel file used a malicious program to retrieve data and drop another Excel sheet. In invisible mode, this sheet downloaded a picture file with three executables: a legitimate Windows file, a malicious DLL file, and an XOR-encoded back door.

    DLLs contain code and data that multiple programs can use. XOR encryption, on the other hand, is hard to brute-force. Using the back door, the hacker accessed the infected system remotely. DEV-0139 may have run other campaigns using similar methods, according to Microsoft.

    Microsoft stated: 

    “To find the targets, the threat actor looked on Telegram for people who were in cryptocurrency investment groups. In this attack, DEV-0139 got in touch with their target on October 19, 2022, by creating a second Telegram group called NameOfTheTargetedCompany> > OKX Fee Adjustment and inviting three employees. 

    “The threat actor used information from employees of the company OKX to make fake profiles. The report says, “The screenshot below shows the real accounts and malicious accounts for two of the users in the group.”

    The Explosive Growth of Blockchain Funding and Cryptocurrency in Africa

    Crypto Investors Need Caution

    Investors in cryptocurrencies should take note of this strong warning as attackers are prowling the market in search of opportunities. The market has suffered greatly as a result of several catastrophic and unheard-of occurrences. The sector’s many turns have left traders bewildered and apprehensive.

    The information that these attackers used Telegram conversations is a strong indicator and cautionary note for cryptocurrency traders who are careless and oblivious to suspicious activity. Investors in cryptocurrencies need to be vigilant and always prepared to scrutinize any offer or move in order to avoid incurring needless losses.

  • Information theft is the goal of TikTok Challenge – NCC

    Information theft is the goal of TikTok Challenge – NCC

    #invisiblechallenge on short-form video hosting site TikTok could expose devices to information-stealing malware, the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) advised.

    The Invisible Challenge on TikTok involves encircling a subject who is supposed to be naked with a partially see-through body contouring filter.

    According to an NCC-CSIRT caution, threat actors are using the popular TikTok challenge to distribute the information-stealing malware known as WASP Stealer.

    Read also: The NCC CSIRT Discovers Malware That Targets Banking Applications

    Why will this lead to Information theft?

    As this TikTok challenge gains popularity, some attackers have started disseminating links to the software they say may counteract the filter’s effects but which really contains the WASP stealer.

    According to its developers, the WASP stealer is an undetected, persistent piece of malware that is housed on Discord and has a high probability of doing serious damage.

    The NCC said that WASP stealer targets anyone who visits the link and downloads “unfilter.” After publishing them with a link, suspended accounts’ videos garnered over a million views. The URL connects to the defunct “Space Unfilter” Discord server, which had 32,000 users at its peak.

    The short-form video app TikTok has already been connected to the risk of malware assaults. The fraudulent, phony TikTok URLs were the subject of a June 2020 notice from India’s Maharashtra Cyber, which deals with cybercrime. 

    Brendan Carr, the FCC commissioner, requested that TikTok be removed from the Apple and Google app stores in July 2022 because the software’s extensive data collection created an unacceptable national security risk. 

    The capabilities of this program must be understood despite the fact that there is a very significant danger of viruses in the online world.

    How does TikTok malware operate? 

    The company claims that this virus operates similarly to every other piece of malicious software. As soon as you click the link, a file or program is downloaded, and after it has been installed successfully, the virus has access to all the data on the devices where it is present.

    Personally Identifiable Information (PII), including names and passwords, keystrokes from emails, chat programs, websites visited, and financial activity, may also be harvested by secretly monitoring user behaviour.

    This malware may be capable of covertly collecting screenshots and video recordings or having the ability to activate any connected camera or microphone. This shows how impactful it can be for any individual.

    Financial phishing, cyberattacks surge In Kenya and Nigeria

    How to prevent TikTok malware fraud 

    However, this may be avoided by taking a few inventive precautions when online or while viewing a movie. Some methods for stopping such an assault include 

    • Don’t click on any shady links. 
    • On your devices, install anti-malware software.
    • Any programs you don’t recall downloading should always be deleted from the app tray. 
    • Use strong password hygiene practices, such as using a password manager.

     

    About the NCC-CSIRT 

    The NCC founded the CSIRT as the telecom firm’s cyber security incident center to concentrate on situations that might have an effect on telecom consumers and the wider public. It works with ngCERT. 

    The Nigerian Computer Emergency Response Team (ngCERT) was established by the Federal Government to reduce the frequency of upcoming computer risk situations by organizing, protecting, and securing Nigerian cyberspace to avoid attacks, challenges, or associated events.

  • 8 Best VPNs In Nigeria 2022: Speed, Streaming & Privacy 

    8 Best VPNs In Nigeria 2022: Speed, Streaming & Privacy 

    Technology has significantly evolved over the years, improving the internet experience globally. There is now easier and more affordable access to a plethora of diverse information. 

    This advancement has also made human interactions more seamless across business operations and relationship building among individuals, organisations and nations, among other human endeavours.

    More than ever, the world transacts online with payment of goods and services cutting across all sectors, including education, health, manufacturing, entertainment and travel.

    Now that the world is truly a global village and is so closely connected through the web, internet users need to be conscious and intentional about their safety online.

    Transactions and interactions done via the internet leave trails, whether sending and receiving confidential information or paying for products and services. Therefore every interaction online can expose one to being hacked by cybercriminals. These cyber criminals engage in credit card fraud, identity theft, and other crimes.

    How, then, can you protect yourself from these cyber criminals, also called hackers? This is where VPN comes in, as it provides online security and privacy for internet users.

    Here are the 8 Best VPNs you can use in Nigeria, but first, let’s understand what VPN is.

    Read also: How To Enable Bitcoin On Cash App: A Complete Guide In 2022

    What Is VPN?

    VPN is a three-letter acronym for  “Virtual Private Network”. It is a service that provides protection for your internet network connection. 

    A VPN encrypts your internet data and traffic online in real time, disguising and protecting your identity, particularly when using public internet networks.

    This makes it difficult for hackers and other third parties to monitor or track your activities on the internet.

    How Does A VPN Work?

    Every device that accesses the internet makes use of an IP address. This is what identifies the network and the estimated location. With a discoverable network and approximate location, every internet user risks being hacked.

    This is where a VPN is important. It hides the IP address by redirecting it through a configured remote server run by a VPN host.

    So if someone copied your IP address to get your data, it would appear like jargon and unusable information. 

    This means it shields your actual IP address from being known or leaked by disguising your location. So, you can browse the internet safely without fear of your information being compromised.

    Now that the importance of VPN is understood, there is a need to know the best options to choose from.

    Criteria For Selecting Nigeria VPNs

    There are many VPNs available which makes finding a VPN a lot easy. However, what is important is selecting the right VPN that will adequately protect you as you surf the internet.

    To rate any VPN provider, we look at the number of servers the provider as well as the countries their server network covers. Having more servers across multiple locations offer users a wide range of content options they can access globally.

    We also rate the speed of the VPN to assess how fast it will be for streaming different audio and video sites online.

    Protecting privacy is a key reason why internet users love to use VPNs, so we also examine how well users’ privacy is secured. 

    Here are the 8 Best VPNs you can use in Nigeria.

    1. Nord VPN
    2. Private Internet Access (PIA)
    3. CyberGhost
    4. Surfshark
    5. ExpressVPN
    6. IPVanish
    7. PrivateVPN
    8. Atlas VPN

    These 8 VPNs are some of the best options you can pick from. 

    1. Nord VPN

    NordVPN review: the most reliable VPN for streaming US Netflix | WIRED UK

    NordVPN is one of the most popular VPNs, with a presence in 59 countries across the world. It has no fewer than 5,000 servers worldwide, ensuring improved speed and stability.

    This means you have access to so many countries and can block content from one country to another that is within its jurisdiction. 

    NordVPN is great for internet users to safely use their regular services on the go, including streaming content on platforms such as Netflix and BBC iPlayer with high download speed and no lag. 

    The apps allow users to search by country or server. Options available are dedicated IP, P2P, onion over VPN, and double VPN. Each NordVPN server in the list details the server load percentage (the lower the percentage, the faster the server will be). 

    NordVPN prioritises security, particularly with the peculiarities of several nations restricting freedom on the internet. It has high-security standards, as the VPN provider prides itself on providing 100% anonymity for users. In addition to 256-bit AES encryption, DNS leak protection, and a kill switch, it has a strict no-logs policy. 

    NordVPN apps can be downloaded for Windows, MacOS, Android, iOS, and Linux. It can be manually configured on select routers. There is also an app for Android TV and a Chrome and Firefox browser extension.

    Advantages: Network of over 5,000 servers around the world; high speeds for streaming HD content. It works with Netflix, Amazon Prime Video, Hulu, and others. Beginner-friendly  apps  Very secure with a “no logs” policy, Excellent support

    Disadvantage: Some servers are not so reliable

     

    2. Private Internet Access (PIA)

    new PIA logo

    Private Internet Access (PIA) has great encryption and identity protection features that let users do things online in private. It has no fewer than 20,000 servers across 77 countries. 

    In terms of speed, private Internet access ranks with a speed that enables smooth streaming of Netflix, Disney+, BOOM! Studios Max, and other sites. The VPN service also unblocks other popular streaming services like Amazon Prime Video, BBC iPlayer, Disney+, Studios Max and many others.

    PIA offers both a live chat system for instant responses and an email ticket system for slightly slower responses to less urgent queries. It also has a FAQ and guide section to help users understand how the VPN works.

    Private Internet Access has apps for Windows, Mac, Android, iOS, and Linux. It uses WireGuard and “strict,” which are two of the most popular open-source VPN protocols alongside IPsec on iOS. It also has a strict no log” policy.

    AdvantagesFast speed for high-quality streaming. It has over 30,000 servers worldwide, with browser extensions and extra security add-ons. It has responsive 24/7 live chat support.

    DisadvantageNo app exclusion or whitelisting

     

    3. CyberGhost 

    Review: Hide your privacy with one click with CyberGhost VPN - WebsiteRadar.net

    CyberGhost is a VPN service that provides quality security to safeguard one’s identity online. It has unlimited bandwidth and traffic, which makes it great for streaming online at a fast speed. This provider operates in 60 countries and has no less than 7,000 servers, with some situated in South Africa and Kenya. 

    Considering the user’s access to up to seven simultaneous connections, Cyber Ghost is flexible, giving you a variety of options. The VPN provider is easy to use and responsive. Selecting a server and activating features takes seconds to activate.

    The VPN has a real-time customer support feature which enables users to have a Live chat in case the need arises.

    CyberGhost VPN is safe to use in Nigeria because it utilises 256-bit AES encryption, DNS and IP leak protection and has an automatic kill switch.

    CyberGhost apps are available for Mac, Windows, iOS and Android. It offers apps for Amazon TV, while Linux can be manually configured.

    AdvantagesSeamless streaming without buffering with strong security features. The app is easy to use, and 7 connections can run concurrently on a single account. The provider has a live chat support feature. 

    Disadvantage: CyberGhost has no app for Linux

    How To Save Data While Streaming Video Online

     

    4. Surfshark

    Surfshark LogoSurfshark is a great option for a VPN, particularly for security and privacy. It has more than 3,200 servers available in 63 countries, including Nigeria. The VPN provider has fast speeds that ensure smooth HD streaming and also works with Disney Plus, Netflix, and Amazon Prime Video. This service can also access Twitter across Nigeria. 

    This VPN is guaranteed to keep no logs, protect users’ data with military-grade encryption, provide leak protection, and have a kill switch. It also has split tunneling, automatic wifi protection, and the option to send traffic through two VPN servers. It also has round-the-clock customer support.

    Surfshark apps are available for MacOS, Windows, Linux, Android, and iOS. It can be manually configured on some routers. The VPN provider also offers extensions for Firefox and Chrome.

    Advantages: Fast speed for streaming and browsing. Works well with multiple sites. It has an unlimited number of devices and connections. Customer service provides 24/7 live chat support. It has multiple added security features

    Disadvantage: A few slow servers

     

    5. ExpressVPN

    new expressvpn red horizontal 2

    ExpressVPN is an excellent choice of VPN because of the high rating of its security offering. The provider is present in 94 countries with over 3,000 high speeds servers.

    The fast speed makes 1080p streaming very seamless due to the unlimited bandwidth and no throttling. ExpressVPN lets you stream anything from Netflix to ESPN. 

    The VPN provides support for its users, with 24/7 availability in case one needs assistance while using the service. 

    ExpressVPN protects the identity of users online, enabling one to stay anonymous. This is because of the security features that cut across 256-bit AES encryption, DNS leak protection and a kill switch. The VPN provider keeps no identifying logs of its users and enables users to unblock many geo-restricted platforms. 

    Operating systems of Mac, Windows, Android, iOS, Linux, and Amazon Fire TV, can access ExpressVPN apps. The VPN also has an app for routers as well as browser extensions for Safari, Firefox and Chrome browsers.

    AdvantagesOver 3000 network of servers worldwide with fast speed for browsing and streaming. The apps are user-friendly, and the VPN can unblock most geo-restricted content. It also has browser extensions. There is 24/7 live chat support.

    Disadvantage: Slightly higher in price than most VPNs

     

    6. IPVanish 

    ip

    IPVanish is a VPN that is keen on the security of its users’ data while surfing the internet and definitely works in Nigeria. With its fast-growing network of more than 1,900 servers, it is available in 60 countries across different continents. 

    IPVanish lets users connect to the VPN on as many devices as possible. It has apps for the most popular online services, making it easy for families to protect all of their internet-connected devices completely. 

    This VPN has a consistently high speed and works well with streaming platforms like Amazon Prime Video and HBO Now.

    IPVanish uses 256-bit AES encryption, has a kill switch, and has in-built DNS and IPv6 leak protection. The VPN also has a no-log policy. Its apps can be installed on Windows, Mac, Android, and iOS. There’s also an app for Amazon Fire TV, but you have to set up Linux and routers manually.

    Advantages: Has over 1900 servers with unlimited connection to devices. It has high streaming speed. It has extra security features.

    DisadvantagesStruggles with Netflix and has no app for Linux.

     

    7. PrivateVPN

    Best VPN services: analysis, comparison and everything you need to know | Linux AddictsPrivateVPN is a fast-growing VPN provider with over 200 servers with locations across at least 60 countries globally. This VPN is great for unblocking geo-restricted content and letting users access websites in a safe and private way. 

    A privateVPN is particularly excellent for streaming HD videos due to its fast speed. As a result, users can easily access streaming services such as US Netflix and Amazon Prime Video. With a quick and easy connection to servers, PrivateVPN lets users connect up to 6 devices at the same time with individual IP addresses.

    The VPN keeps no data logs, protecting one’s identity and activity online. It makes DNS, of 256-bit AEIPv6cryption, DNS and lPv6 leak protection and has a kill switch. You also have the option of paying in bitcoin for increased privacy. 

    PrivateVPN is available on Windows and Mac, as well as for mobile on Android and iOS. Manual configuration is necessary for Linux and routers.

    Advantages: High speed for streaming and browsing. Apps are quick and easy to use. Includes all of the essential security features. Has a Bitcoin payment option

     Disadvantages: No 24/7 live chat. Has no app for linux.

     

    8. Atlas VPN 

    Atlas VPN Review | PCMagAtlas VPN is a great choice for its fast speed, allowing users to stream online easily. With a presence in 37 countries, Atlas VPN has at least 750 servers and has no limit to the number of devices a user can use its services with. This means it can be used on mobile devices and computers.

    The VPN lets users torrent, and all of their torrent traffic is encrypted before it leaves their device. A streaming service that unblocks Netflix and has a “Tracker Blocker” feature, Customer service for the VPN provider works around the clock to make sure that users’ questions are answered quickly. 

    Atlas VPN uses IKEv2, uses Wireguard, and has a kill switch. All data is encrypted with AES-256. It has a policy of not keeping logs to protect users and make sure that private information is not kept. This provider uses a data breach scanner to keep an eye on all of its users’ information and protect it from hackers. It is available on Windows, macOS, iOS, and Android.

    Advantages: Atlas VPN has extra security features. It has good speed and unlimited connection to devices. There is 24/7 live chat support.

    Disadvantages: Atlas VPN slows down your computer’s speed. It has no app for Linux

    These 8 VPNs are easy to use and keep cybercriminals from stealing your identity while using the internet. It is a wise investment to consider in order to safeguard your data online.

  • How hackers hacked Uganda’s Airtel money

    How hackers hacked Uganda’s Airtel money

     An African gaming platform was used by black hats to steal money from Airtel Mobile Commerce Uganda Limited (AMCUL). 

    This website boasts that it uses standard encryption to protect customer data, but it has been reliably reported that fraudsters used it to access AMCUL’s digital infrastructure.

    After modifying AMCUL’s software to authorize every transaction that came their way, the hackers emptied its central systems of a little under Sh8 billion in a well-organized operation.

    The hack hit several banks and microfinance deposit-taking institutions in Uganda.

    One of the microfinance institutions that took deposits filed an official complaint with the Cyber and Counter Electronic Measure Desk at the Criminal Investigations Directorate’s headquarters (CID) headquarters in Kibuli, Kampala.

    Read also: Airtel Kenya Establishes Airtel Money as a Separate Business Entity

    Uganda’s Airtel Money Blackbox Attack

    From what we know so far, the hackers found a clever way around AMCUL’s systems by using the betting company, whose name we won’t give. Gamblers who use the gaming platform to load virtual bet slips can only place bets after adding mobile money from Airtel or MTN to their accounts.

    CID detectives told a reporter that black hats infiltrated AMCUL’s systems vOur platform is safe and was built to meet world-class standards so that Airtel Money clients can use it quickly, safely, and securely.840 SIM cards were registered and ready. Also, hackers utilized 1,800 SIM cards before stopping.

    Airtel Uganda says the problem didn’t affect Airtel Money or bank accounts. 

    Our platform is secure and developed to meet world-class requirements to deliver Airtel Money clients a quick, safe, and secure experience. We couldn’t reach the betting firm’s senior leadership. When we contacted what we thought was the firm’s CEO, he said he left last month. We couldn’t tell from his short reply whether he departed following the audacious attack on AMCUL’s computer infrastructure that took place on October 28.

    Airtel Africa Announces Strategic Partnership With America Tower

    Uganda’s Airtel Money CID report 

    The betting industry will be probed. Authorities are investigating the $3.7 billion breach. AIGP Tom Magambo, CID director, wouldn’t say whether this is a lead. He called to say the hacking inquiry was heating up.

    “We take every reported occurrence seriously, including questionable investigations,” he stated. We’ll conclude the probe, we promise.

    AIGP Magambo said CID investigators would share any strong leads with the DPP. AIGP Magambo will not comment on CID arrests.

    “No arrests have been made,” he said.

  • Scotland publishes first Biometric Data for Code of Practice

    Scotland publishes first Biometric Data for Code of Practice

    Scotland has made history by being the first nation in the world to issue a code of practice covering the ethical use of biometric data such as DNA and other types of genetic information.

    The code of practice, which went into effect on Wednesday, November 16, is intended to provide the law enforcement community with the direction regarding the morally acceptable application of biometric data and other relevant forensic technology in the criminal justice system context.

    The usage of biometric data, which might include a person’s face, fingerprints, voice, DNA profile, and other metrics connected to the body, is becoming more widespread in modern technologies, particularly those that are concerned with facial recognition.

    On the other hand, these applications have resulted in challenges to civil rights and condemnation from human rights groups. These groups argue that the technology is frequently biased and erroneous in its conclusions.

    Read also: iiDENTIFii, is the winner of KPMG’s Private Enterprise Tech Innovator in Africa

    Why is this necessary?

    The Scottish framework tries to address these concerns by laying out a set of 12 principles and ethical considerations that explain the procedures for acquiring, retaining, utilizing, and destroying biometric data in the context of the criminal justice and policing systems.

    These include respect for human rights, equality, lawful authority, ethics, privacy, and the promotion of scientific and technological advancements.

    These principles have to be followed by Police Scotland, the Scottish Police Authority, and the Police Investigations and Review Commissioner. In addition, the code incorporates a complaints system and gives the enforcement authority in order to guarantee compliance.

    According to Dr Brian Plastow, the Scottish Biometrics Commissioner, the law constitutes “a huge human rights victory” for Scotland and is something the country should be proud of.

    He stated that as of today, Scotland is the first country in the world to have a national code of practice that provides guidance to the police on how biometric data and related forensic technologies can be used. “From today, Scotland is the first country in the world to have a national code of practice,” he said. “It promotes good practice, transparency, and accountability by setting out standards for professional decision-making while matching the needs and responsibilities of policing with important safeguards for human rights.” “It sets out standards for professional decision-making while matching the needs and responsibilities of policing with important safeguards for human rights.

    It is expected that the execution of this policy will increase confidence in our legal system.

    Keith Brown, Cabinet Secretary for Justice and Veterans Affairs, stated that “given the rapid increase in police use of biometric data and technologies in recent years, it is all the more important that we have an independent commissioner who will raise public awareness about rights, responsibilities, and standards.” 

    Brown went on to say, “Given that police use of biometric data and technologies has grown so quickly in recent years, it is even more important that we have an independent commissioner who will make sure that these technologies are used in a fair way.”

    It is very important that we work to make people in our communities, especially young people and people in weak positions, more aware of these problems.

    Youverify Raises $2.5 Million in Seed Round

    The partnership between Scotland and The UK

    “The commissioner’s code of practice shows how forward-thinking Scotland is when it comes to biometrics, especially when it comes to policing and the justice system.”

    The Criminal Justice Committee of the Scottish Parliament unanimously agreed to accept the code without making any changes to it, and regulations were subsequently put out to make the code part of the legislative framework.

    Although the guidelines are specific to Scotland, the code is designed to work in conjunction with frameworks currently being developed in other parts of the UK.

    After finding that UK law in this area is “fragmented” and “not clear,” a review of UK law commissioned by the Ada Lovelace Institute earlier this year called on the government to pass laws that will govern biometric technologies. The Ada Lovelace Institute commissioned the review.

    Professor Fraser Sampson, who works for the UK government as the Commissioner for Biometrics and Surveillance Cameras, has similar concerns and has called for “a clear, comprehensive, and coherent framework to ensure proper regulation and accountability” for the use of biometrics and surveillance cameras in England and Wales. Sampson is the UK government’s biometrics and surveillance camera commissioner.

    Until recently, law enforcement agencies were virtually the only ones to use biometric technologies. The Metropolitan Police and the South Wales Police are two examples of police departments that are known to use these technologies.

    But now, more and more public and private organizations, like employers, schools, and shops, are using them to score video interviews, warn staff about theft risks, and check the identities of students.

    Last year, the Information Commissioner’s Office (ICO) in the UK had similar worries about the irresponsible and wrong use of facial recognition in public places. In response, the ICO banned the facial-recognition company Clearview AI and demanded that the company delete all of the data it held related to citizens of the United Kingdom.

  • Paypal enables passkey payments

    Paypal enables passkey payments

    The tech industry has been predicting the end of passwords/passkeys for years. Those guarantees have been little more than hollow promises for years. There were as many usability and security issues with password replacements as there were solutions, such as pushes, OAUTH single-sign-ons, and trusted platform modules. We’re finally on the verge of a password replacement that works. 

    Passkeys are a new alternative. Passkeys generally refer to various techniques for storing and authenticating information in hardware, an idea that has been around for more than a decade. What’s new is that Microsoft, Apple, Google, and a group of other companies have united around a single passkey standard shepherded by the FIDO Alliance. Passkeys are not only easier for most people to use than passwords; they are also entirely immune to credential phishing, credential stuffing, and other account takeover assaults.

    PayPal customers can now log in using FIDO-based passkeys, joining Kayak, eBay, Best Buy, CardPointers, and WordPress. Microsoft, Apple, and Google have all enabled passkeys in recent months. Spotty passkey support. iOS and macOS passkeys work on Windows, but not vice versa. All of it should be resolved soon.

    Other places won’t get access until “early 2023.”

    Read also: A New Tap-to-Pay Service for Mobile Devices in Nigeria is Now Available

    What exactly are passkeys?

    Passkeys operate similarly to FIDO authenticators that let us utilize phones, laptops, PCs, and security keys for multi-factor authentication. Passkeys are undetectable and connect with Face ID, Windows Now, or other biometric scanners. The only method to extract cryptographic secrets from authenticators is to dismantle or jailbreak them. Even if a threat was able to figure out the cryptographic secret, they would still need to provide a fingerprint, facial scan, or PIN. if the token doesn’t have biometric capabilities. Also, hardware tokens use FIDO’s Cross-Device Authentication flow, which uses Bluetooth Low Energy to ensure the device doing the authentication is close to the device trying to log in. 

    A600EB85 E790 45EB 9CD3 8B292EAD148C

    Until now, FIDO-based security keys were mostly used for MFA, which stands for “multi-factor authentication.” This type of security requires someone to show more than just the right password. FIDO’s extra factors are usually something the user has, like a smartphone or computer with a hardware token, and something the user has, like a fingerprint, facial scan, or other biometric, that never leaves the device. 

    So far, attacks against FIDO-compliant MFA have been in short supply. For instance, an advanced credential phishing campaign recently breached Twilio and other top-tier security companies for one reason: Unlike the other targets, Cloudflare used FIDO-compliant hardware tokens that could not be tricked by phishing. The victims who were breached all relied on weaker forms of MFA. But while hardware tokens can use a password and one or more other ways to prove who you are, passkeys don’t need a password at all.

    Passkeys, on the other hand, combine multiple ways to prove who you are, like the user’s phone, laptop, face scan, or fingerprint, into a single package. The OS of the device takes care of passkeys. End-to-end encryption can also be used to sync them with the user’s other devices using a cloud service from Apple, Microsoft, Google, or another provider. This is done at the user’s choice.

    An enrolled device may automatically transfer a passkey across an encrypted tunnel to another enrolled device attempting to sign in to one of the user’s sites or applications. The user logs in with the same fingerprint, on-device password, or PIN that they use to unlock their device. This method replaces the username and password and makes it easier for the user. 

    Users no longer need to enrol each device for each service, as they did with FIDO, “Andrew Shikiar, FIDO’s CMO, remarked. “By securely syncing the private key across an OS cloud, a user only has to sign up for a service once and is already signed up on all of their other devices. This makes it easier for end users to use and gives service providers the ability to get rid of passwords for account recovery and re-enrollment.

    Setting up a Passkey 

    To create a new passkey with a compatible app or website, you enter a username and authenticate with Touch ID or Face ID. Your passkey is made and sent to the iCloud keychain. That means you can use your passkey to log in from another Apple device running iOS 16, iPad OS 16, or macOS Ventura. Signing in uses the autofill system you already know, and you don’t have to do anything else besides confirm your username and login. To put it another way, you tap and sign in. It only takes one step, so you don’t need extra security measures like two-factor authentication.

    You can also look at the user settings of an existing account on any website that lets you, but it’s not always called a passkey. For example, we tested the functionality on eBay’s website and found a setting called fingerprint sign-in tucked away in the Sign-in and Security section of the Account Settings. Other websites that work with this one will be similar. Also, note that the eBay app doesn’t currently support passkeys. This is for the website only.

    The real value of the iPhone

    How to log in on a PC or Android phone.

    Since your passkeys are on iCloud Keychain, you may be wondering how to login on a PC or Android phone. Things become difficult, but not too much. Your phone scans a QR code and then connects to the target device through Bluetooth. After authentication, you’re in. 

    Password-sharing 

    You can also give a passkey to someone you trust so you can both access shared accounts more safely, like an online grocery store. AirDrop requires proximity. Currently, passkeys may only be shared one by one.

  • SLVA Cybersecurity, ContraForce to provide African SMEs with security operations technologies

    SLVA Cybersecurity, ContraForce to provide African SMEs with security operations technologies

    SLVA Cybersecurity, in partnership with ContraForce, is providing enterprise-scale cyber security to small and medium-sized businesses through 24/7 threat monitoring, proactive response plans, time-saving automated procedures, and more.

    Nowadays, small and medium-sized businesses (SMEs) have to deal with a complex threat landscape full of technical jargon and the minefield of choosing a vendor with a complete solution that fits their needs. These factors have been major drivers in the establishment of ContraForce, which aims to make security more accessible and affordable for SMEs in order to run their operations seamlessly through partners such as SLVA CyberSecurity.

    The CEO and co-founder of ContraForce, Stanislav Golubchik, said that by forming a partnership with SLVA, we would be able to extend our services across South Africa and the broader African continent. “The need to improve cybersecurity for small and medium-sized businesses (SMBs) is not limited to the United States. ContraForce and SLVA CyberSecurity can take great steps toward our shared goal of providing cybersecurity services to organizations of all sizes.”

    Read also: MTN equips Ghanaians with cybercrime protection tools

     “All of an SME’s compliance and analytics needs can be met from a single, streamlined interface thanks to its no-code security automation that takes into account both on-premises and cloud-based IT infrastructures. The majority of attacks can be fixed, and many can be fixed automatically if a company only has the correct technology,” Evans explained.

    “If you’re reading this post and still feeling lost about where to begin, consider yourself much ahead of the curve compared to the vast majority of businesses. Discovering resources that are tailored to your unique requirements but yet easy to use is essential for getting started, “Evans added.

    ContraForce integrates with Microsoft 

    According to SLVA CyberSecurity CEO Patrick Evans, ContraForce has developed extensive integration with native Microsoft technologies, including Microsoft Sentinel, Defender, and Microsoft 365, as the vast majority of SMEs utilize a Microsoft environment.

    “The inclusion of ContraForce in the Microsoft ecosystem broadens SLVA’s customer base, making cyber protection more accessible to companies that are most in need of it. Additionally, by making ContraForce available in the Azure Marketplace, companies can quickly and easily acquire the service using their existing Microsoft contracts.”

    Kenya, Huawei Collaborate to Train Students on Cybersecurity 

    How the company’s services work

    ContraForce provides a very simple security operations platform. It is aimed at small and medium-sized enterprises (SMEs) and is designed to be utilized by IT generalists rather than highly trained cybersecurity experts. The platform verifies each threat and ensures that IT staff aren’t wasting time investigating false positives. There is no learning curve associated with responding to threats since the system leads users through remediation processes in a step-by-step manner. Users can eliminate danger with a single click by using pre-made playbooks for filing incident reports.”

    Until recently, security operations management required a 24/7, highly-skilled, and costly SecOps staff that depended on manual or semi-automated procedures to react to incidents.

    ContraForce, on the other hand, is a highly automated solution for SMEs that works in a five-person company just as well as it works in a five-thousand-person firm. Evans elaborates by saying that the monetary repercussions of a ransomware assault are enormous. Due to their limited resources, small and medium-sized enterprises (SMEs) are frequently unable to devote adequate effort and time to security. Despite this, 50% of SMEs will experience a breach in the next year, and 60% of SMEs hit by ransomware may expect to shut down operations within six months.

    The deployment and installation of ContraForce may be done instantly online, ensuring a flawless implementation. Additionally, the platform integrates with pre-existing security measures, simplifying deployment. Due to the fact that it is built on AI and ML, it can quickly adapt to a company’s specific environment, classify potential dangers, and launch an appropriate response to incidents as they occur.

  • Kenya, Huawei Collaborate to Train Students on Cybersecurity 

    Kenya, Huawei Collaborate to Train Students on Cybersecurity 

    The Communications Authority of Kenya (CA) and the Chinese company Huawei have collaborated in a bid to advance cyber security skills in the East African country.

    Director-General of the CA, Ezra Chiloba, revealed this in the country’s capital, Nairobi. He said the three-day intensive training session scheduled to hold between Oct. 17-19 is one of the activities of the month-long celebrations to commemorate national cyber security awareness month marked every October.

    Director-General of the Communications Authority of Kenya, Ezra Chiloba
    Director-General of the Communications Authority of Kenya, Ezra Chiloba

    He emphasised that cyber security is crucial as the future of Kenya’s economy would be larger driven by digital technology.

    Read also: Kenya To Host 4th Africa Tech Female Founder Summit

    Kenya and Huawei Cybersecurity Training

    According to CA’s DG, “We are working with Huawei, who are bringing on board their expansive experience in this sector, and I want to encourage young people who are undertaking courses and are looking forward to participating in the digital economy to invest their time and resources in understanding the future of cyber security.”

    He announced that the telecom industry regulator and Huawei would together establish a special cyber security boot camp for students attending institutions of higher learning across the country.

    Chiloba added, “The boot camp has attracted more than 1,700 university students across the country. The partnership targets to build capacity amongst technology students to ensure secure networks and cyberspace.”

    Official data show that Kenya has nearly 2,000 certified cybersecurity experts, revealing a shortage in the annual demand of 10,000 professionals.

    He observed that the boot camp includes a Huawei certification e-learning course on cyber security, virtual lab exercises, on-site training, and mentorship from experts within the field.

    “These jointly structured sessions and courses are geared at preparing participants for a successful career in cybersecurity,” Chiloba said.

    Will Meng
    Chief Executive Officer of Huawei Kenya, Will Meng

    On his part, the CEO of Huawei Kenya, Will Meng, said that in the last 20 years, the company had supported the building of secure networks across Kenya, which has shown their contribution to the economic growth of the East African nation.

    According to Will, “We are pleased to work with the CA to provide training to students to enhance their capacity to operate networks and systems securely and to be safe online.”

    The training session also comes on the heels of the launch of the novel National Cybersecurity Strategy 2022 by the National Computer and Cybercrimes Coordination Committee (NC4).  A major objective of the strategy is to boost national cyber security capacity and create more local specialized professionals.

    The training will include a Huawei Certification e-learning course on cyber security, on-site classes, virtual lab exercises, and mentorship from professionals within the sector.

    These sessions and courses are facilitated to prepare participants for a career in cybersecurity, and developing an initiative is also one of the activities under the Technical Cooperation Agreement signed by CA and Huawei earlier in the year.

    Read also: Liquid Launches Africa’s First Cyber Security “Fusion” Centre

    About Communications Authority of Kenya

    Kenya: CA Welcomes Classification of Telecommunications Infrastructure - REGTECH AFRICA

    The Communications Authority of Kenya (CA) is the regulatory authority for the communications sector in the East African country. It was set up in 1999 by the Kenya Information and Communications Act of 1998.

    The government regulator is responsible for facilitating the development of the information and communications sectors, including; broadcasting, cybersecurity, multimedia, telecommunications, electronic commerce, postal and courier services.

    CA has multiple functions that cut across licensing all systems and services in the communications industry, managing the country’s frequency spectrum and numbering resources, amongst many other duties.

    About Huawei

    US receives 130-plus licence requests to sell to Huawei - reports

    Huawei is a global provider of information and communications technology (ICT) infrastructure and smart devices.

    With a presence in 70 countries and regions, the company facilitates ubiquitous digital connectivity and promotes equal access to networks to lay the foundation for the intelligent populace.

    Huawei also provides diversified computing power to deliver ubiquitous cloud and intelligence; creates powerful digital platforms to assist all industries and organizations become more agile, efficient, and dynamic; redefine user experience with AI, offering consumers a more personalized and intelligent experience across all human endeavours.