Archive for July 30, 2019

Chinese Banking Has A New Edge; Jack Ma Behind The Latest Developments!




Jack Ma is associated with one of the leading economies of the world.The risk management system employed by Jack Ma’s banking endeavors analyses over 3,000.

Per sources his company has lent around $290 billion to over 15 million small companies where the borrowing party could receive the cash almost immediately, with just a few taps.

The entire process requires no human forces and gets completed in around 3 minutes with a default rate of around 1%.

Earlier the small borrowers were rejected but thanks to MYbank and its associates the new form of payments is coming in real handy.

With the slow pace of China’s economy it gets imperative to keep a check on the risks and defaults.
Around two-third of the country’s small businesses couldn’t access loans, according to National Institution for Finance & Development.

But thanks to Jack Ma’s initiatives the lending and borrowing procedures of China are now seeing monumental growth.

Mybank’s lending app has created a real difference. By allowing the bank to access the store transaction data, some small loans have been covered.

Cyber security Team Identified Ransomware Utilized to Compromise City Power



Residents of Johannesburg using pre-paid electricity meters were not able to load the electricity purchased from City Power and were also unable to purchase further electricity due to a ransomware attack which compromised City Power's database.

Earlier, City Power said while the variant of ransomware utilized to carry out the attack remains unknown, they have the encrypted network, applications, and database being restored and rebuilt by their ICT department.

Easing off the customers, Isaac Mangena, the utility's spokesperson, said, "We want to assure residents of Johannesburg that City Power systems were able to proactively intercept this and managed to deal with it quicker."

"Customers should also not panic, as none of their details were compromised," Mangena assured.

On Friday, City Power announced that their cybersecurity team identified the variant of malware which temporarily paralyzed the city's computer systems.

Reportedly, the email systems took the hardest hit by the ransomware and were taking a while to recover and be functional again.

While giving updates, Mangena said “The virus samples have been taken to the external labs for analysis and testing,”

“Our IT technicians have also recovered and, in [a] few instances, reconstructed most of the systems,, applications, and data that was threatened, using backup files.”

Victims of the cyber power attack along with the customers, have been raging since the incident happened and encrypted the computer databases, applications and network.

City Power turned to external cyber security experts who worked in association with their team to tackle the issue.


The Ukrainian Security Service and the FBI eliminated a powerful hacker group


Previously, Ehacking News reported that on July 16, it became known that the Ukrainian Security Service and the FBI detained hackers controlling 40% of the Darknet. Since 2007, members of the group have provided hackers and criminals from around the world access through Ukrainian networks in the Darknet.

Intelligence service established that the organizer of the group is the citizen of Ukraine, a resident of Odessa Mikhail Rytikov (Titov). He got serious about hacking in Moscow in the mid-2000s. In 2007, he began to provide services to hackers around the world through Ukrainian networks, carefully hiding the actual location of his equipment. From time to time, Ukrainian, Russian, and American law enforcement officers found the equipment, confiscated it, but the hacker group soon resumed its activities.

It turned out that about 10 accomplices were under command of Ukrainian hacker, as well as dozens of intermediaries in different countries and thousands of customers. Among them, for example, Eugene Bogachev, the developer of the virus ZeuS, who is wanted by the FBI.

It is established that Rytikov sold his services through closed hacker forums and specialized web resources, claiming that his server equipment is located in data centers in Lebanon, Iraq, Iran, Germany, Panama, the Netherlands, Belize, Russia. In fact, the equipment was located near Odessa, in one of the unfinished houses. The room was equipped with secret telecommunication channels and even had its own elevator.

“Nearly one hundred and fifty servers were seized during the authorized investigative actions on the territory of a private house with a hidden data center with a backup autonomous power supply, security and powerful Internet access channels. Thousands of hacker resources were placed on them, some remained encrypted, many were set up in such a way as not to keep traces of criminal activity”, said the acting Head of the Cyber Security Department of SBU (the Ukrainian Security Service) Nikolay Kuleshov.

According to law enforcement officers, they seized 146 servers for hundreds of terabytes of illegal information. The total cost of the equipment, a powerful electric generator, construction and home improvement, agreements with power engineers on a dedicated electric line is estimated at 700 thousand dollars. Only one generator could cost about 150 thousand dollars. The data center could work for a long time even in the absence of electricity.

It’s interesting to note that among the crimes committed with the participation of Rytikov, law enforcement officers distinguish the spread of malicious software ZeuS, which was used to steal financial, the case of hacking the NASDAQ exchange, called "the greatest fraudulent scheme of this type ever implemented in the United States."

Microsoft Office 365 Exposing User’s IP Address in Emails





Microsoft Office 365's webmail interface has been accused for exposing the user's IP address injected into the message as an extra mail header.

This news comes as a rather major warning to those who resorted to Office 365 webmail interface to hide their IP address, because in reality they are not concealing anything.

The service injects an extra mail header into the email called x-originating-IP that contains the IP address of the connecting client, which for this situation is the user's local IP address and this all happens when an email is sent via Office 365 (https://outlook.office365.com/).

BleepingComputer even came around to test the webmail interfaces for Gmail, Yippee, AOL, Outlook.com (https://outlook.live.com), and Office 365.

As for Microsoft, it has removed the x-originating-IP header field in 2013 from Hotmail to offer their users much better security and privacy.

"Please be informed that Microsoft has opted to mask the X-Originating IP address. This is a planned change on the part of Microsoft in order to secure the well-being and safety of our customers."

However for Office 365, who 'caters to the enterprise', this header was deliberately left in so that admins could scan for email that has been sent to their respective organization from a specific IP address. This was particularly helpful for finding the location of a sender in the event of an account getting hacked.

And for Office 365 admins who don't wish to keep utilizing this header, they are allowed to make another new rule in the Exchange admin center that easily removes the header.



In any case, for security and auditing purposes, it is most likely a more shrewd decision to keep it enabled.

No environment is immune to cyber attacks : Research

Global cyber-security solutions provider Check Point Software Technologies Ltd, released its “Cyber Attack Trends: 2019 Mid-Year Report”, revealing that no environment is immune to cyber-attacks.

Threat actors continue to develop new tool sets and techniques, targeting corporate assets stored on cloud infrastructure, individuals’ mobile devices, trusted third-party supplier applications and even popular mail platforms:

Mobile banking: With over 50% increase in attacks when compared to 2018, banking malware has evolved to become a very common mobile threat. Today, banking malware is capable of stealing payment data, credentials and funds from victims’ bank accounts, and new versions of these malware are ready for massive distribution by anyone that’s willing to pay.

Software supply chain attacks: Threat actors are extending their attack vectors such as focusing on the supply chain. In software supply chain attacks, the threat actor typically instils a malicious code into legitimate software, by modifying and infecting one of the building blocks the software relies upon.

Email: Email scammers have started to employ various evasion techniques designed to bypass security solutions and anti-spam filters such as encoded emails, images of the message embedded in the email body, as well as complex underlying code which mixes plain text letters with HTML characters. Additional methods allowing scammers to remain under the radar of Anti-Spam filters and reaching targets’ inbox include social engineering techniques, as well as varying and personalizing email content.

Cloud: The growing popularity of public cloud environments has led to an increase in cyber-attacks targeting enormous resources and sensitive data residing within these platforms. The lack of security practices such as misconfiguration and poor management of the cloud resources, remains the most prominent threat to the cloud ecosystem in 2019, subjecting cloud assets to a wide array of attacks.

“Be it cloud, mobile or email, no environment is immune to cyber attacks. In addition, threats such as targeted Ransomware attacks, DNS attacks and Cryptominers will continue to be relevant in 2019, and security experts need to stay attuned to the latest threats and attack methods to provide their organizations with the best level of protection,” said Maya Horowitz, Director, Threat Intelligence & Research, Products at Check Point.