Archive for September 30, 2020

Indian Copyright Office Asks for Executable File for Website Code?


India copyright office grants a series of rights to the developer of a computer program that protects his original creation legally. Under the Copyright Act, computer programming codes can be registered as ‘literary works’. As the program is safeguarded by copyrights, each subsequent modification or addition to the code containing sufficient originality will also be protected under the law. Generally, a computer program is preserved not by just one copyright but by a set of copyrights beginning from the first source code written till the last addition by the creator.

Although, source code and object code differ from each other, the copyright office views both of the code forms as equal for registration purposes – maintaining the notion that the source code and object code are just two distinct forms of the same copyrighted program.

Copyright ownership refers to a collection of rights that gives the creator an exclusive right to use the original creation like a song, literary work, movie, or software. It means that the original authors of works and the people/company to whom they have given authorization to are the only ones having exclusive right to reproduce the creation.

Recently, a company director applied for copyrights for his PHP and python program. However, to his surprise, the Indian copyright office started asking for an executable file. It’s a well-known fact that PHP code used in websites does not have an executable file, hence there was no possible way that the director could have provided the executable file for his PHP program. The question still remains how the officials at the Indian copyright office are not aware of the fact that there is no executable file for website code, moreover, why do they even require it in the first place?

In India, the Copyright Act, 1957 grants protection to the Intellectual Property Rights (IPR) of computer software. As per the definition in the Indian Copyright Act, Computer programs are classified as ‘literary works’. Accordingly, the rights of computer software are protected under the provisions of the Act.

Roskomnadzor has added the site of the Binance crypto exchange to the list of banned sites in Russia

 

Roskomnadzor (the Federal Service for Supervision of Communications, Information Technology and Mass Media) has notified one of the largest cryptocurrency exchanges  Binance about entering it into the register of prohibited sites. So far, the site in Russia is not blocked and continues to work.

"On September 24, 2020, we received a notification from Roskomnadzor of the Russian Federation about the introduction of the site binance.com to the domain name registry containing information prohibited for distribution in Russia. According to the letter, this is information about the possibility of purchasing an electronic cryptocurrency (Bitcoin),” reported the press service of the crypto exchange.

As noted in Binance, the company has not previously received notifications from law enforcement and civil government services, as well as from the judicial authorities about the existence of any lawsuits or court decisions.

"We also continue to provide services to Russian users in full, and customer funds are safe,” said the company.

At the moment, the site in Russia is not blocked and is working.  It is worth noting that the crypto exchange intends to challenge the decision of Roskomnadzor to enter it in the register of prohibited sites in court, told the Director of Binance in Russia Gleb Kostarev.

"Binance values its reputation and does not intend to agree with the court's decision, as well as with the intention of Roskomnadzor… The company plans to challenge the Agency's decision in court,” said Mr Kostarev.

"There have already been precedents in court practice when other crypto sites have challenged such decisions,” added he.

Experts estimate the chances of Binance getting the block cancellation in court as high. Alexander Zhuravlev, managing partner of the law firm EDB, called the court order to block Binance as unfounded. In Russia, there is no ban on the turnover of cryptocurrencies. Last fall, changes were made to the State Code that legalized digital rights, including cryptocurrencies. 

Cyber Security Solutions for Enterprises Launched by Bharti Airtel


Bharti Airtel Ltd recently dispatched a 'suite of cybersecurity solutions' for large, medium and small businesses as they move on to digital and cloud platforms, expanding the need to protect information from online attacks.

Airtel Secure, the suite, will have a security intelligence centre, a best in class infrastructure with admittance to cutting edge innovation and artificial intelligence tools. 

The telco has put about ₹100 crore in Airtel security intelligence centre situated in the National Capital region (NCR), the chief executive Gopal Vittal said in a press conference.

“… Cybersecurity is a critical requirement. Airtel Secure has been built to serve this need. It combines Airtel’s robust network security with cutting-edge solutions delivered through global partnerships to deliver end-to-end managed security services," he added further. 

The telco has also collaborated with global firms Cisco, Radware, VMWare, and Forcepoint who will together give digital protection solutions under the product, Airtel Secure. 

Cisco's solutions will be accessible for enterprises just as governments.

The solutions under Airtel Secure have been 'beta tested' by 20 huge organizations who are now utilizing the security intelligence centre, Vittal stated, including later that the telco will soon begin building them for medium and small businesses with low spending plans.

“Smaller businesses may not have the budgets that larger companies do, so we are engineering a product portfolio that can be bundled for our smaller enterprises to protect their information as well," Vittal said. 

However, he included later that the whole portfolio of the security intelligence centre, in any case, can't be accessed by those with lower spending plans, yet they will hold of the essentials, like a 'secure internet, data and remote access'.

Ryuk Ransomware Attacks Union Health Services, Disrupts Hospitals Nationwide



Universal Health Services (UHS) is shut down after a ransomware attack by hackers. Fortune 5oo organization, UHS runs a network of more than 500 hospitals in the nation. Ryuk ransomware is said to be responsible for this attack. The attack took place earlier this week when the employees on Reddit and other platforms reported the issue. According to these discussions on Reddit, it was clear from the comments that many UHS locations took a hit and needed a manual process to re-start.
One user said they had a lot of paperwork as the computers were shut down. Another user said they had to send their patients away, but the lab operations were working fine. However, they didn't have any computer-based access to anything. Another user said that their UHS was shut down. The employees had to handwrite everything and were not allowed to use their computers.

UHS, in its official statement, said, "The I.T. Network across Universal Health Services (UHS) facilities is currently offline, as the company works through a security incident caused by malware. The cyberattack occurred early Sunday morning when the company shut down all networks across the U.S. enterprise. We have no indication that any patient or employee data has been accessed, copied, or misused. The company's U.K. operations have not been impacted." However, UHS has not cleared the type of cyberattack it experienced, but the employees say it is likely to be Ryuk ransomware. 

According to one UHS employee, all the encrypted files had a .ryk extension. Hacked computers also had a ransom note labeled as 'shadow of the universe,' which the Ryuk ransomware uses in its attacks. Employees on Reddit also expressed concern about the health of patients due to the shutdown of the computers. One even said (not verified) that four patients had died due to the delay in care. "We are making steady progress with recovery efforts. Specific applications have already started coming online again, with others projected to be restored on a rolling basis across the U.S.," the UHS statement reads.

A new Malware that can intercept your OTP and bypass Two Factor Authentication


For most of our accounts be it Bank accounts or social media accounts, we rely on two-factor authentication and OTP (one time password); thinking it the most trustable and impenetrable security. But we ought to think again as a new android malware, "Alien" with its remote access threat tool can steal 2FA codes and OTP as well as sniff notifications.

Discovered by ThreatFabric, the Trojan Alien has been offered as a Malware-as-a-Service (MaaS) making rounds on underground hacking forums. Though this is not the first malware to access OTPs, Ceberus (malware gang with a similar code) has already been there and done that but Google's security found a way to detect and clean devises of Cerebus. Inspired and evolved from the same code, Alien has yet to be caught by a security server.

With the remote access feature, Alien can not only seize passwords and login credentials but also grant hackers access to the device to use the stolen passwords. Alien can also perform the following tasks: 

  • Overlay on another App 
  • Steal 2FA and OTP 
  • Read Notifications 
  • Collect Geo-location data 
  • Forward Calls 
  • Install other Apps 
  • Steal Contacts 
  • Provide access to the device 
  • Log Keyboard Input 
  • Send Messages 

This set of activities makes this malware highly dangerous and the device infected with it completely transparent to the hacker and to think it is offered as MaaS. The malware deploys TeamViewer and through it reads the devise's screen, notifications, harvest OTPs and other data - giving full reign of your device to the hacker to attempt fraud, steal money and data.

 How is it Spreading? 

According to ThreatFabric, the malware is transmitting via phishing emails and third-party applications. Researchers found that Alien was sporting fake logins for 226 android apps, some of them quite popular like Snapchat, Telegram, Facebook, Gmail, WhatsApp, etc. Many of them were banking and e-commerce apps, there's no surprise there! These banking apps were from Spain, Germany, the US, Italy, France, Poland, Australia, and the UK.