Archive for Shivani Tiwari

Spanish Government Witnesses Cyber Attack

 

Earlier this morning, the Ministry of Labour and Social Economy of the Spanish government witnessed a cyber-attack. At the moment, Ministry did not comment on the specifications, nature, and severity of the attack. 

According to the official website of the department, the Ministry organizes and supervises Spain’s employment work, social economy, and look after social responsibility policies. This Ministerial Department has an annual budget of around €39 million. 

In the wake of the attack, the IT cyber-researchers at the department – an agency within Spain’s National Intelligence Centre from the National Cryptological Centre together with the Spanish Ministry of Labor and Social Economy (MITES) are investigating the attack and working to restore services. 

“The Ministry of Labor and Social Economy has been affected by a computer attack…” 

“…The technical managers of the Ministry and the National Cryptological Center are working together to determine the origin and restore normality as soon as possible," MITES’ media office said earlier today. 

After the cyber-attack the official website of the Ministry was still accessible, however, the communications office and the multimedia room were down. 

"The computer attack that the Ministry of Labor and Social Economy has suffered has NOT affected the operation of the State Public Employment Service, The Electronic Office, the website, and the set of services continue to be provided normally,"  SEPE reported. 

Furthermore, a government agency of the Spanish, Servicio Público de Empleo Estatal (SEPE) – a part of MITES that took a severe hit by ransomware in March due to which the services of the department were inaccessible for around two weeks – reported that it was not affected by the cyberattack. 

According to the resources, the SEPE department was hit by a Russian Ryuk ransomware gang on March 09, 2021.  As a result, over 700 agency offices across Spain were badly impacted. Besides, the agency’s workstations, the ransomware attack had impacted remote working stations of the department. It should be noted that the Spanish labor agency is the only ministry that has been hit by a ransomware attack in Spain.

Spanish Government Witnesses Cyber Attack

 

Earlier this morning, the Ministry of Labour and Social Economy of the Spanish government witnessed a cyber-attack. At the moment, Ministry did not comment on the specifications, nature, and severity of the attack. 

According to the official website of the department, the Ministry organizes and supervises Spain’s employment work, social economy, and look after social responsibility policies. This Ministerial Department has an annual budget of around €39 million. 

In the wake of the attack, the IT cyber-researchers at the department – an agency within Spain’s National Intelligence Centre from the National Cryptological Centre together with the Spanish Ministry of Labor and Social Economy (MITES) are investigating the attack and working to restore services. 

“The Ministry of Labor and Social Economy has been affected by a computer attack…” 

“…The technical managers of the Ministry and the National Cryptological Center are working together to determine the origin and restore normality as soon as possible," MITES’ media office said earlier today. 

After the cyber-attack the official website of the Ministry was still accessible, however, the communications office and the multimedia room were down. 

"The computer attack that the Ministry of Labor and Social Economy has suffered has NOT affected the operation of the State Public Employment Service, The Electronic Office, the website, and the set of services continue to be provided normally,"  SEPE reported. 

Furthermore, a government agency of the Spanish, Servicio Público de Empleo Estatal (SEPE) – a part of MITES that took a severe hit by ransomware in March due to which the services of the department were inaccessible for around two weeks – reported that it was not affected by the cyberattack. 

According to the resources, the SEPE department was hit by a Russian Ryuk ransomware gang on March 09, 2021.  As a result, over 700 agency offices across Spain were badly impacted. Besides, the agency’s workstations, the ransomware attack had impacted remote working stations of the department. It should be noted that the Spanish labor agency is the only ministry that has been hit by a ransomware attack in Spain.

Is Apple’s Monopoly Making Its Security Vulnerable?


It's a well-known fact that Apple’s devices are undoubtedly way safer than any other company’s products, however, in recent research analysis, many reports claimed it to be a myth. 

According to the experts, Apple’s complex process of downloading apps has created a notion of added security but seemingly such is not the case, as revealed in deeper examinations. 

Reportedly, around 2% of the top-grossing iOS apps, are in some way, scams. Customers of several VPN apps, which protect users’ data, have complained against Apple App Store – saying that their devices are contaminated by a virus that tricks them to download and pay for software that they don’t need. 

An illegal QR code reader app that remains for a week on the store tricks users into paying $4.99. Moreover, some apps even mock themselves as being from big global organizations such as Amazon and Samsung. 

Apple always maintained its exclusive command on the App Store and describes this as its policy which is essential for customer’s sensitive personal credentials. Apple has a monopoly in the App market in terms of customer trust. However, some analysts said that this is indeed the biggest problem that there is no competition against this giant in the market, if some companies will come with alternatives then– as a matter of fact – Apple will invest more money in strengthening their security measures. 

“If consumers were to have access to alternative app stores or other methods of distributing software, Apple would be a lot more likely to take this problem more seriously,” said Stan Miles, an economics professor at Thompson Rivers University in British Columbia, Canada. 

As per the statistics, that Apple generates huge profit from the App store; around 30 percent of its revenue is constituted by the App store. 

Apple spokesperson Fred Sainz said in a statement that, “We hold developers to high standards to keep the App Store a safe and trusted place for customers to download software, and we will always take action against apps that pose a harm to users…” 

“…Apple leads the industry with practices that put the safety of our customers first, and we’ll continue learning, evolving our practices, and investing the necessary resources to make sure customers are presented with the very best experience.”

India’s Finance Software Powerhouse NSE Blown By EpsilonRed Ransomware

 

Nucleus Software Exports, an Indian financial software company has witnessed a major ransomware attack. The company that facilitates Indian banks and retail stores with software has suffered severely in regard to its internal networks and encrypted essential business data. 

As per the latest data, Nucleus Software Company is a leading provider of Banking and Financial Services and is also known for lending and transaction banking consultancy services to the global financial services industry. 

In the wake of the security incident, the company reported that they filed a report on Tuesday with the Indian National Stock Exchange authority, which said that the incident occurred on May 30, and the group that has attacked the system is known as ‘EpsilonRed’. 

Alongside, the NSE published its quarterly report in which it wrote that the company’s cyber-security researchers' team is working hard to get back its sensitive business credential, and towards fixing the damaged part of the system. Meanwhile, the company’s spokesperson assured their customers and said, “So far as sensitive data is concerned, we’d like to assure our customers that there is NO financial data of any customer available/stored with us and therefore the question of any leakage or loss of client data does not arise’’. 

The researchers' team from the cybersecurity community has disclosed that the ransomware that caused damage to the NSE’s network which is colloquially known as EpsilonRed, is also known as BlackCocaine. EpsilonRed/BlackCocaine is a different type of ransomware that has been discovered very recently. 

UK security firm Sophos had first reported on this new strain, last month. According to the Sophos report, the EpsilonRed gang makes its victims from unpatched Microsoft Exchange email servers, target the ProxyLogon exploit, after getting full command into the system, hackers install a collection of PowerShell scripts that gives access to hackers into the inside of a victim’s network. 

Furthermore, Sophos told that the ransomware gang got success in some of its attacks, and made payments of around $210,000 from its previous attacks. 

NSE has not disclosed the exact details of the breach nor if it followed the demand of the hackers. However, it is widely accepted that the attack was caused by an Exchange server. 


Google Meet’s Server Down Globally, Twitter Flooded With Complaints

 

Since worldwide lockdown and restrictions over workplaces, schools and universities have been imposed, people are facing several problems. However, it did not stop them from working, and that has only been possible with the use of technology and social media platforms. 

We all have various meetings on Google-Meet and other similar applications owing to their reliability but on 5th June in India, Twitter witnessed many users struggled with server issues. More than 1,000 people have reported facing programs in joining their meetings links via Google-Meet. 

Users those were facing problems have started reporting their issues on many social media platform, including Twitter, requesting Google to solve the glitch as soon as possible. Users were facing server problems since 7 AM in, early morning. Many students were supposed to take classes by the service, they also reported complaints. Meanwhile, several others users have also reported issues related to the audio services. 

Following the event, many users have been found writing about the server issues on Downdetecter, an online platform that facilitates people regarding real-time information about the status of several websites and services. 

Many users are facing problems and they are still awaiting fixes. Although, from the officials, no statement has been published regarding the server down so far. Interestingly, it is about a few days back when Google Meet had introduced a new User Interface (UI) for its Web. 

Here are some glimpse of complaints that users reported; 

"Meet is not working specially for people in North India. I am getting disconnected and can't hear audio and see the presentation," wrote a user on Downdetecter. 

"Meet not working properly, disconnecting automatically and also no audio. Don't fix it's great. Thanks ?? no class today," another user said. 

Several users also took to Twitter to complain. "@GoogleIndia .Google meet not working, it's meeting Left Every time problem getting today after some updates from Microsoft Windows," tweeted a user.