Daily Archives: December 9, 2019

#nationalcybersecuritymonth | Alex Pickering, BBC Studios’ Content Security Chief Named as New Chair by CDSA Board of Directors

Source: National Cyber Security – Produced By Gregory Evans

The global entertainment industry’s advocate for content security, content protection and information security, the Content Delivery & Security Association (CDSA), has named BBC Studios’ Content Security Director, Alex Pickering as its new Chairman. Pickering will direct the strategy for the Association’s mission of providing global community engagement around content protection solutions and information services for media & entertainment.

Pickering’s current remit covers content security for the British production and distribution company’s global content slate, including international hit shows such as time travel adventure Doctor Who, motoring entertainment juggernaut Top Gear and blue-chip natural history landmarks such as Blue Planet II and Seven Worlds, One Planet. In his new role, he will be supported by the CDSA’s Board of Directors that includes leading content security executives from the major Hollywood studios, content creators and television broadcasters.

Pickering said: “The global TV and film industry is thriving and I’m looking forward to ensuring that the CDSA engages with, and supports, every aspect of the content community worldwide to drive security best practice, maintain robust standards, and continue to educate organizations everywhere.”

Source link

The post #nationalcybersecuritymonth | Alex Pickering, BBC Studios’ Content Security Chief Named as New Chair by CDSA Board of Directors appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof




#deepweb | Man arrested for buying drugs using app, dark web – mumbai news

Source: National Cyber Security – Produced By Gregory Evans

The city’s airport customs officers on Sunday arrested a 28-year-old man from Chembur who had placed an order for drugs through a mobile messaging app and paid for them through the dark web using cryptocurrency. Officers seized the drugs from a courier parcel and booked the man under the Narcotics Drugs and Psychotropic Substances (NDPS) Act.

Investigators suspect the incident could be part of a larger drug syndicate wherein drugs are ordered via mobile messaging apps that provide anonymity.

The arrested accused, Nemish Mahesh Kamath, told custom officers that he had placed an order for the drugs out of curiosity and is not a regular user.

On November 26, customs officers at the courier cell, airport special commissionerate, examined a parcel and seized 117 grams of a plant product, purported to be a banned drug under the NDPS Act. An investigation was launched to probe the suspicious imported parcel. Kamath was subsequently arrested on Sunday morning and remanded in judicial custody.

According to customs officers, during questioning, Kamath told interrogators that he got in touch with a man on the messaging app who informed him about the synthetic drug. Officers suspect this drug is a ‘synthetic weed (marijuana)’ which cannot be detected in blood tests.

However, Kamath was scared of getting caught and ordered the drugs in the name of his neighbour. “The accused knew his neighbour has an unoccupied flat, and made a duplicate key. However, after tracing the neighbour, we learnt someone had used his name. Through technical investigation, we zeroed in on Kamath and arrested him,” a police officer said.

Source link
——————————————————————————————————

The post #deepweb | <p> Man arrested for buying drugs using app, dark web – mumbai news <p> appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof




#nationalcybersecuritymonth | Digital election interference

Source: National Cyber Security – Produced By Gregory Evans

David Warburton, Principal Threat Evangelist at the cyber threat intelligence product company F5 Labs, discusses how cybercriminals aim to disrupt elections.

The UK general election is almost upon us, and it is already turning into one of the most divisive and analysed political events in the country’s history. Discourse and debate are reaching fever pitch, from parliamentary benches and constituency doorsteps, to every conceivable media platform in play.

It is no surprise then that an air of online volatility persists more than usual. At this moment in time, every new election is likely the most tech-enabled and at risk addled yet. Labour was most recently under the cybersecurity cosh, enduring what it termed as “sophisticated and large-scale” attempt to knock out its digital systems earlier in the month (it turned out to be a set of distributed denial-of-service (DDoS) attacks). Just the other day, Labour candidate Ben Bradshaw also claimed to be a victim of a suspected cyber-attack when he received an email with sophisticated malware attachments.

These are politically unprecedented times and the UK’s National Cyber Security Centre (NCSC) knows it. Last year, the government-backed organisation issued a direct warning ahead of local elections, citing potential “insider activity” attempting to “manipulate or compromise electoral information.” Similar warnings are in place for 2019. There are many ways to knock an election off course. Below are some of the main existing and emerging cyber threats to bear in mind as we head to the polls this week. It is, however, worth noting that variations of these methods are possible throughout the year as hackers opportunistically hijack political developments in real-time.

Tried and trusted attacks

Although significant aspects of the UK’s electoral process are still conducted offline, it is not invulnerable to well-worn cybercriminal tactics such as DDoS attacks (electoral, government or media websites during key campaign instances, in particular). Today, even a teenager can create botnets in 45 minutes by watching a YouTube tutorial, and there is a glut of DDoS-for-hire sites available on a shoestring.

Phishing is another perennial threat. In fact, F5 Labs’ latest Phishing and Fraud report currently sees it as the most prominent attack method used to breach data. Elections are natural hunting grounds for seasoned phishers, with emotions running high and enormous volumes of proselytising communications flying around. Hearts and minds are there to be won, and canny cybercriminals are ready to pounce. Attackers can eschew hacking through a firewall, finding a zero-day exploit or deciphering encryption. They just need a convincing email pitch and a fake site for victims to land on.

Recent examples of phishing-related political skulduggery include the focused targeting of government officials during the 2019 Ukrainian presidential election, and North Korea’s attack against the Indian space agency’s moon mission. Safeguarding against all of this calls for rich and constant behavioural training, combined with technical security controls such as multi-factor authentication and encrypted malware inspection. DDoS prevention solutions that align to business and IT architecture needs are also essential.

Tipping the scales

Worryingly, cybercriminals backed by nation states are now increasingly adept at directly misleading voters. Most will recall how the US was conspicuously under fire in 2016, with Russian-instigated automated bot activity disseminating a slew of “fake news” articles that may have swayed voter opinion. The US House of Representatives Permanent Select Committee on Intelligence recently provided an eye-catching snapshot of the scale and reach of this type of activity, reporting that the Internet Research Agency (one of the Russian false front companies) purchased 3,393 Facebook advertisements that were shown to over 11.4 million Americans. They also created 470 Facebook pages with 80,000 pieces of organic content. These were shown to more than 126 million Americans. Only 120 million votes were cast in the entire 2016 Presidential election.

In addition to Russia, the FBI also lists China and Iran as the top threat actors when it comes to election security. One of the most effective, continually evolving tactics, is to muddy the public discourse and orchestrate a demoralising miasma of discontent. The threat actor doesn’t even need to promote a specific cause, candidate, or agenda. They just need to prompt chaos, uncertainty and division. While there are tools available to help citizens spot news bias and disinformation (e.g. Snopes and AllSides), they often require additional skills that many older and less connected voters lack. Naturally, the onus is on social media businesses to adapt. All should have the ability to identify, scrape and deny bots on their platforms. It can be tricky grey area, however, with discussions about the nature of free speech frequently adding complex nuances to the mix.

Sign of the times

Although it really won’t apply to the UK this year, there are growing concerns about how votes themselves can be falsified or tampered with. Once again, the US is in attackers’ crosshairs more than most. Last year, F5 Labs’ Application Protection report flagged how public sector organisations were the most concerned of all industry sectors when it came to application tampering. One of the reasons is the fact that 37 per cent of US states allow online registration. Then there are the US’ electronic voting machines themselves. In August, more than 35,000 attendees of the Def Con hacker conference were invited to test for vulnerabilities. Every single one of 100-plus machines were vulnerable to at least some kind of attack. The UK, like most countries around the world, needs to sit up and take note. Elections will only become more digitalised and connected – whether we like it or not.

Taking back control

Awareness is key. For example, it has never been more important to spot media bias, which often mixes drama and opinion with real facts. Even though most major social media platforms are working hard on fixes, we simply cannot afford to be unquestioning, passive content consumers anymore. Digital election interference – whether it influences a single vote or creates a confused political climate favourable to a specific nation-state – is a clear, present and insidious danger. Voters, politicians, or indeed anyone even tangentially involved in the democratic process, need be ready and able to navigate and interrogate this new reality.

Source link

The post #nationalcybersecuritymonth | Digital election interference appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof




#deepweb | Here’s how you can enable native WhatsApp dark mode on latest stable build with root

Source: National Cyber Security – Produced By Gregory Evans

Bringing a consistent form of dark mode is not an easy task, as the existing implementations are very much fragmented. Even the apps from Google don’t have a standard way to toggle the color scheme – some rely on underlying system settings while others sport a distinct option for switching.

‘Enable Dark Theme’ as it can be seen in Google Keep

Besides the Google apps, a majority of users are craving for a proper dark mode enactment in WhatsApp. The Facebook owned messaging application is used by millions, but the parent company is taking a slow path in this particular domain of development.

Since last few months, there are several glimpses of the upcoming blackish theme on WhatsApp. Third party Android skins, such as ColorOS can manually override the color scheme of the app. However, the end result is often inconsistent.

realme_coloros_whatsapp_forced_dark_mode

Forced dark mode in WhatsApp by ColorOS (Source)

We do know the actual first-party update is just days away, but now you can achieve the inherent dark theme of WhatsApp! The thing is, the necessary assets are already part of the latest stable channel build (2.19.352). All you need ‘a magic spell’ from the server side.

Well, if you have root access, you can turn it on yourself. All you have to do is navigate to the following directory:

/data/data/com.whatsapp/shared_prefs

Open the file named ‘com.whatsapp_preferences.xml’ and add the following line in it:

<boolean name="dark_mode" value="true" />

Save the file, force close WhatsApp and re-open it. You should have a new theme option like this:

whatsapp_stable_dark_mode_choose_theme

Source

Android uses this SharedPreferences thing to store different parameters in the form of key-value pairs. The community discovered this particular key in the beta version of WhatsApp a few months ago. Now that the stable build supports it, official release should be imminent.

Once again, this is not AMOLED friendly true black, but more of a darker tone of green/gray. There are other shortcomings as well, as automatic switching with night light reportedly doesn’t work.

Worked for me.
OnePlus 3T, Pie (LOS 16)
2.19.352

EDIT: Doesn’t switch automatically with night light. What a shame

(Source)

whatsapp_stable_dark_mode_conversation

Preview of the dark theme (Source)

Do you like the dark mode offering by WhatsApp? Facing any problem to activate it on your phone? Let us know by commenting below.

PiunikaWeb started as purely an investigative tech journalism website with main focus on ‘breaking’ or ‘exclusive’ news. In no time, our stories got picked up by the likes of Forbes, Foxnews, Gizmodo, TechCrunch, Engadget, The Verge, Macrumors, and many others. Want to know more about us? Head here.

Want to work for PiunikaWeb? You’ll be glad to know we’re hiring.

Source link
——————————————————————————————————

The post #deepweb | <p> Here’s how you can enable native WhatsApp dark mode on latest stable build with root <p> appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof