Stupid Mistake Lead to Big Problem on EU Defense Ministers Confidential Event

Technology helps us to live more comfortably. It makes everything easier to do, which also means it increases our productivity. Moreover, it also saves more money and energy to do something that in the past cost more than you ever imagined. One of them is communication and far distance meeting or conference.

For communication purposes, the internet is the best solution. It gives you a fast and smooth connection that you won’t find on other technologies. Of course, to get this kind of connection for communication, you must use the best internet technology. The best technology won’t only give you the best connection but also safety. It is an important element that all internet users must use for this communicating type.

The safer communication that internet technology provided is also chosen by many organizations when they are holding an important meeting or sending secret information and preventing the leak. It is doable with today’s internet technology. Unless there is an organized and big online attack, it is almost impossible to break the protection. However, a small human mistake could lead to a disaster which removes the protection feature of online communication.

One of the recent incidents that cause a big problem in the online secret meeting was happened on the EU Defense Ministers confidential video conference event. This event is supposed to be an event that only the internal party of the organization can attend and involve in it. The communication is provided by using the online video call platform, with a specific method to login into that platform. And, the only participant in this meeting knows about this method. The PIN and password as well are only known by the person who has an account in this event.

However, in the middle of the meeting, a Dutch journalist, Daniel Verlaan of RTL Nieuws, has successfully “infiltrated” the meeting that is said to be the most confidential meeting attended by important figures of the EU. The participants were shocked by the appearance of Daniel on their monitor. They questioned his purpose of breaking into the meeting.

One of the participants, Josep Borrel, the Chief of EU Foreign Policy, advised him to leave the video call platform because what Daniel did is wrong and breaking the law. It is a criminal offense, and the journalist will deal with law enforcement later.

Daniel seems to understand, which is because he is a journalist, about this situation. So, jokingly, he apologized and left the video chat room. However, this incident forces the meeting to be ended or put on hold sooner than its schedule. The participant of the meeting and the organization that holds this meeting plans to report Daniel for this incident. There is no information on whether this case is still active or not. But, we can see it as a big blunder from the EU organization.

So, here is the question. Why did it happen? Why Daniel can easily break the confidential event that uses the best safety feature? Is he a top black hat hacker behind his profession as a journalist that capable to break any online protection? The answer is not and maybe, silly is more appropriate here.

Daniel found one of the conferences’ participants, Dutch Defense Minister Ank Bijleveld upload a screenshot of the login address of the video call platform used in that conference. Worst of all, she also posts part of her PIN code on Twitter.

The Nieuws crew found out about this and then tries to use it to login and access the video conference platform on that event. It could be hard and took too much time, especially with the PIN code. Fortunately, the PIN code that Ank Bijleveld posted only requires one more number to enter, before you can access the online platform of that conference. With one less number, the searching was much easier. The crew needs to try the number from 0-9, and they got it. Daniel can enter the video conference platform and join the event for a while.

The representative of the Foreign Affairs Council said that they will report this incident to the authority. However, they also added that what Ank Bijleveld did was a stupid mistake.

This incident shows that how advanced and perfect a technology is, if the human behind that technology makes a mistake, which is also human’s nature there is a big change of it messing up the situation. Therefore, technology can only work perfectly well with a reliable and skillful human behind it.

A 17-Year-Old Boy was Arrested as the Mastermind of Cybercrime Actions

A teenager from Florida was arrested to be a suspect of hacking activities on Twitter. His “victims” are even not common people but popular public figures in the world. Yes, some accounts that have been successfully hacked by the teenager are owned by famous names like Elon Musk, Kanye West, Kim Kardashian, Jeff Bezos, Barrack Obama, Bill Gates, and even Joe Biden. So, who is the hacker actually?

A 17-Year-Old Boy

He is Graham Clark, a 17-year-old boy who was finally known as the mastermind of some account hacks on Twitter. The case began when some of the “victims” including Barack Obama, Elon Musk, and Kanye West tweeted about the Bitcoin fraud that has happened on June 15. A team from the FBI responded to the report immediately along with some other agencies including IRS and Florida officials. They arrested the teenager in Tampa, Florida, the US.

Based on the results of the investigation, Clark was not alone in doing his action. He hacked the accounts along with 2 friends who are older than him. They were Nima Fazeli, 22 years old, and Mason Sheppard 19 years old. Uniquely, the three of them were not doing their actions in the same location. While Clark is in Florida, Fazeli lived in Orlando and Shepperd is from the UK. According to the US Department of Justice, those perpetrators use usernames Rolex and Chaewon.

Fazeli and Sheppard were arrested first

At the beginning, FBI announced they have arrested a total of two people in the hacking case. But later, an underage boy confessed to FBI that he had helped those two suspects, particularly Chaewon, to sell access to a Twitter account. The underage boy said that he is from California instead.

However, based on the official statement released by the FBI, they didn’t simply trust the report as they have believed that it was Clark who did the hacking actions along with the 2 suspects arrested before. Uniquely, Clark, the youngest one from Tampa, was the only person who got the exclusive access to the Twitter internal tool and did the fraud directly.

The Chronology

The report from the FBI also explained the chronology of how the actions were done by the youngsters. Clark convinced a Twitter employee that he worked in the IT department in the same company. He did it so that the employee wanted to give him official access to one of the biggest social media platforms. Then, Clarke cooperated with the other two suspects to hack the accounts of many public figures. The activities were then followed by tweets and reports by those figures in attempts to inform their followers.

Arrests and Punishments

Shepperd was successfully traced because he used his private SIM card to verify himself when trading using Cryptocurrencies; Binance and Coinbase. His account was known to send and receive Bitcoins as result of skimming. The same thing also happened to Fazeli. He also used his private SIM card to verify Coinbase. He named his account Rolex to receive the payment.

Following the cybercrime action that they have done, Fazeli is sentenced to 5 years in prison and a money fine of USD 250,000 for the computer intrusion action he has done. Meanwhile, Sheppard was charged with computer hacking, network fraud conspiracy, and money laundering conspiracy and he is sentenced to 20 years in jail and a money fine of USD 250,000.

It was really surprising the first time since Fazeli and Sheppard were only intermediaries. There was a bigger hacker with the username Kirk#5270 who was believed to get access to the Twitter internal system on July 22. Previously, it was not clear enough whether it is really Clark or not who was behind the account. But based on the newest release by the FBI, it seems that Clark is really the mastermind of the action.

More Indictments for Clark

Of course, as the mastermind, there are more indictments given to Clark. The judge of Hillsborough, Andrew Warren, files at least 30 indictments to him. Warren stated that Clark has used famous people to do cybercrimes. Well, but those people were not the main victims here. Their accounts were hacked to rob money from people from all over the US, including in Clark’s hometown, Florida.

However, despite all the crimes that have been done by the 17-year-old teenager, in his press conference, the persecutor didn’t file Clark for all of his action. It is because the law in Florida said that they will not punish underage kids. Sure, there are controversies surrounding the case. But this is what the law has written anyway.

A Special Price of Tesla Model 3 in 2021 Only with $35,000 with Great Specs

There are some upgrades and refreshments of the Tesla Model 3 2021. Interestingly, one thing that is also planned by the company is the winding of the price. It is reported that the newest version of Tesla to launch in the market next year will be approximately $35,000. However, the car may not offer the main EV on the spot. According to Electrek, sure, the company has told the staff that the price reduction is possible to do. It is with a requirement that the local Tesla dealer provides any remaining inventory of the vehicle.

It is not exaggerating to say that Model 3 2021 is special. At the same time, it is also not “understandable” in terms of the design and specifications, if you don’t want to call it unique. The car is great, of course. It also takes more time for the production particularly in producing the variants. Meanwhile, when the cars are finally available, the customers can also buy them online briefly. In fact, in April 2019, the only way to buy Model 2020 of Tesla is by making orders or via phone line. In other words, with all the special things it gives, Tesla still puts effort to ease the customers when purchasing.

Indeed, even the owner of Tesla, Elon Musk, has not yet confirmed whether the information is true or not. If customers can buy the car for only $35,000, it is a good thing. It just gives more options regarding the electric cars the company produces. Yes, there is another plan by Tesla that in the next 2 years, the company will produce other types of the electric car with prices of approximately $25,000. Those cars are powered by the technology of tabless batteries.

Predictions of Details and Specifications of Tesla Model 3 2020

Details and specifications of the latest Tesla Model 3 also have not been announced. There are some improvements to see, for sure. But based on the report, some reductions are also possibly done. But you should not worry, some great features are said to still be available in Tesla Model 3 2021. One of them is the autonomous driving system, more than just for parking. The feature is sophisticated although it is probably quite difficult to activate in a very crowded area with coarse terrains.

The exterior also becomes one of the main points to be proud of. It provides a sense of aerodynamics with the intake air details on the lower parts. Uniquely, the sizes are very small to prevent it from being disturbed the aerodynamic system entirely. The headlights have adopted the LED lights equipped with Auto-Dimming High Beams that can simply turn on automatically in the dark environment.

For the size exterior, it applies the velg with a ring of 18-inch Aero Wheels. The port charger is available in the area also in which it can be easily opened and closed through the app even when you are inside the car. This way, recharging the car is easier to do even without you having to go out of the vehicle. Meanwhile, the rear area applies the stop-lamp rear combined with a futuristic LED design. A reflector can just make the car look more stylish. Furthermore, the feature also functions to improve the aerodynamic and stability of the car.

For the interior, the sense of modern and futuristic is still felt really strongly. It is predicted that the car interior still implements the touch of cleanliness and minimalism with the natural atmosphere with wooden accents. Panel details are made horizontally following the lines. The car has more tools despite conventional ones like AC, the audio system, and more. An LCD touchscreen of 15 inches is placed right in the middle of the dashboard. This way, whether the driver or the passenger next to the driver, they can just operate it way more easily.

While some specifications mentioned above are still predictions only, there are some matters that are sure. The car implements the format of 5 passengers. The car seats use leather materials with an electric setup that has been kept in the profile database. The luggage of the Tesla Model 3 has a total capacity of 424 liters, quite spacious for a sedan car. Do you need a larger luggage area? You should not worry. You can just simply fold the rear seats to provide more space. This way, the car interior space gives you a configuration of 60:40.

Conclusion

It is a great thing that the price reduction of Tesla Model 3 2021 doesn’t really reduce the quality and specifications of the car. But sure, you may wait patiently to really know how it looks like in the end.

Microsoft Teams Successfully Neutralized Malicious GIF Attack

What if a seemingly harmless animated GIF image suddenly snatches your Microsoft Teams account and other sensitive information stored within? What if using the same image that you inadvertently open, the attacker can take over your business and even attack other accounts to which your account is connected? This apparently unbelievable case of internet hacking has actually occurred and—fortunately—successfully intercepted and neutralized by Microsoft in collaboration with CyberArk, the team of researchers that discovered it.

The Vulnerable Data

Full disclosure of the attack is revealed by CyberArk security researchers on March 23, 2020. The attack comes out in the form of a subdomain takeover whereby Microsoft Teams users who can be forced to send a token (cookies) to the compromised subdomains may render their confidential data vulnerable to stealing and hacking. These data may include passwords, private information, calendar reminders and scheduled meetings, business plans, business competition information, and other confidential data.

Subdomain Takeover Attack

This attack stems from Microsoft’s method in managing the sharing of data across different Microsoft Teams platforms and servers. Whenever users access their Microsoft Teams account and open an application, the platform will create a temporary access token and authenticate it. Supported services, such as Microsoft Outlook and SharePoint, will also create similar tokens.

Every content that is shared on the platform is protected by permission restriction so that only eligible parties can access it. Microsoft restricts its permission by using two cookies, “authtoken” and “skypetoken_asm.” The Skype token is then sent to Microsoft Teams’ website and its subdomains. Two subdomains, i.e. addsync-test.teams.microsoft.com and data-dev.teams.microsoft.com, are proven to be vulnerable to subdomain takeover attack.

The domino effect commences when the subdomains are taken over by an attacker. The automatically generated authtoken will be sent to the compromised subdomains. The attacker, who has received the authtoken, can generate a skype token that they can use to sneak into the victim’s Microsoft Teams account and to steal every piece of vulnerable information. With the acquired authtoken, the attacker can also perform various administrative tasks within the victim’s Microsoft Teams account, including reading and sending messages, create new groups, add new users and remove users from groups, and alter groups’ permissions.

In short, with the automatically generated authtoken, the attacker can practically take over the victim’s Microsoft Teams account and all the functions and data within.

How Does the Attack Occur?

The attack starts with the attacker sending a malicious GIF image to a victim through the latter’s Microsoft Teams platform. This is done after the attacker successfully takes over the vulnerable Microsoft Teams’ subdomains. The victim will less likely be suspicious about the received image because it is sent from within the platform after the subdomain takeover completes. The authtoken is generated and sent to the compromised subdomains when the victim opens the image and right before the image loads on the browser.

The victim only needs to open the attached image for the attack to succeed!

What If There Is Nothing to Steal?

Even if the attacker finds nothing of value when successfully sneaking into the victim’s Microsoft Teams account, the attack can still be dangerous for other accounts that happen to be connected to the victim’s account. The attack will navigate across different accounts like a worm and do more serious damages that can be beyond repair.

If the victim’s account is connected to a company account, the attacker can exploit this vulnerability to spread false information, to give fake instruction from the company’s authorities to the employees, and to do malicious actions that may lead to financial problems, data stealing, and business collapse.

Why Does the Attack Matter, Especially Today?

Microsoft Teams has long become a collaborative platform for both individuals and companies. Any undetected vulnerabilities on this platform will certainly become dangerous risks for all users. These risks are serious now and ever, so why it becomes even more serious today?

Companies are forcing their staff to work from home as Covid 19 strikes. When virtually everyone works at home, online collaborative platforms like Microsoft Teams become the primary hubs for various business interactions, transactions, and competitions. Attacks that occur there can lead to truly grave situations when the world’s economy practically runs on such platforms.

CyberArk security researchers reported their findings to Microsoft after discovering it on March 23. They subsequently worked with Microsoft Security Research Center to take the necessary measures to mitigate the potential attack. Microsoft immediately removed the misconfigured DNS as a part of the mitigation effort and released a patch to deal with the newly discovered vulnerability.

Google Buys Software Company CloudSimple

On July 2019, Google announced their partnership with CloudSimple to help more company teams move their on-site operations to the cloud but now, Google is straight buying them based on Vice President Engineering at Google, Rich Sanzi statement on Monday, “This agreement making our last collaboration with CloudSimple that we inform on July, it make us must advance a perfect Vmware migration solution with upgrade service for our users”

 CloudSimple announced at their Linkedin, “We’re excited to announce that CloudSimple is now a part of Google Cloud! We’ll continue to focus on accelerating our ability to help customers easily move their VMware workloads to the cloud” on Monday and “We got the improbable things to convert the firm workloads to the cloud by collaborating more critical with a cloud provider who can help CloudSimple with bigger investments and faster assimilation with the cloud to get the big impact of what we ask to them,” said Pangal in a written blog post. It is interesting because previously SimpleCloud was a company once central to Microsoft’s cloud ambitions.

So what is CloudSimple? CloudSimple is a firm that offers a service to the world’s leading cloud vendors to spread and manage workloads in a dedicated, private cloud in public clouds. With the full support of Microsoft and VMware, the first offering is a service for VMware. Pangal was established the CloudSimple in 2016, StorSimple is the previously found by him too. StorSimple is a cloud storage system builder that was bought by Microsoft. CloudSimple helps the company looking to move VMware workloads to the cloud without any transformation and continue to use the familiar VMware and cloud management tools they know. IT benefits from the aptitude and on-demand, the elastic infrastructure of the cloud, as well as lowering costs. The VMware project and plans for the designing, developing and optimizing the product which makes the computing more superfluous, available, accessible as well as easily scalable. There are three VMware products such as VMware server, workstation, and vSphere.

Vmware that show up on Google Cloud Platform, the users will get all of the intimacy form the cloud stuff, learning and keep their investment, as they behead on their cloud method and immediately give the latest  benefit to customers, run them flawlessly and safer from hybrid cloud area. Through Google’s existing partnership with CloudSimple, customers can drift their Vmare workloads from on-premise data centers directly into Google Cloud VMware Solution by CloudSimple, while also creating new Vmware workload as desired. The partnership with Google Cloud enables the mutual customers to run VMware workloads on VMware Cloud Foundation in Google Cloud Platform. The innovation prowess, modern infrastructure, and leadership in areas such as smart analytics convinced SimpleCloud that joining together with Google would further their joint vision. The acquisition came into real after GCP’s $2.6 billion deal in June to acquire Looker, the Business Intelligence (BI) specialist. As with Looker, CloudSimple is already a major GCP partner.

By acquiring SimpleCloud, this makes cloud competition increasing. Enterprise customer base is crucial to cloud service providers as their allocating to modernize IT infrastructure is increasing. The enterprises are fastly shifting from traditional application software to software as a service (SaaS), which is expected to contribute to the public cloud spending globally. However, Google’s acquisition of CloudSimple is likely to help it in delivering boost experience to enterprise customers. Moreover, customers will apply VMware tools and protect their investments with VMware on Google Cloud. Google acquires SimpleCloud is one of the Biggest Tech Breakthrough in a Generation. Became one of the earliest investors in a new type of device that experts say could have as much impact on society as electricity was discovered. Current technology will soon be out-of-date and replaced by this new device. In the process, it is expected to create many jobs and afford many benefits.

Things like this are actually not so surprising because as happened before, Google, which is a large company that has a combined company from aplhabet, the A-Z company. The names of the big and well-known companies owned by Google such as Google Maps, AdSense, DoubleClick and YouTube generate huge amounts of profits. In 2017, Google bought 11 company which are Limes Audio (Sweden), Fabric                   (United States), Kaggle (United States), AppBridge (United States), Owlchemy Labs (United States), Halli Labs (India), AIMatter (Belarus), HTC (portions) (Taiwan), Bitium               (United States), Relay Media (United States), and 60db (United States). In 2019, Google bought 7 companies, Superpod (United States), Alooma (Israel), Nightcorn (German), Looker (United States), Elastifile (United States), Socratic (United States), and the latest is CloudSimple (Unites States).

Indian WhatsApp users advised to update app over security concerns

With 400 billion users, India has WhatsApp’s largest user base. But the online messenger app has recently come under scrutiny in the country, as well in several other regions, after two recent serious security breaches.

The Indian Computer Emergency Response Team (CERT), the nation’s main cybersecurity agency, has asked Indian WhatsApp users to update the application to the newest version. The notice was issued after Facebook, the owner of WhatsApp, revealed that a major potential problem has been found on older versions of the widely used app. CERT classified this as a “High Severity” threat.

What the problem is

If an unknown number has sent you an MP4 file via WhatsApp, watch out. You could have been a victim of the latest hacking scheme.

CERT has released an official statement on its website. The statement reveals that there is a vulnerability in WhatsApp’s system. It means that an unknown remote attacker could exploit this vulnerability to install malicious spyware on a user’s phone just by using an MP4 video file.

The spyware is encoded into a specifically made MP4 file. It could be triggered even without user authentication. Once the receiver of the message opens the video, the spyware is automatically installed on the phone.

After the spyware is installed, the attacker could make changes to the phone system. According to CERT, the spyware causes a condition called Remote Code Execution (RCE) of Denial of Service (DoS). In other words, the remote attacker could launch commands to compromise any device that uses Android, Apple, or Windows operating systems. This problem has serious far-reaching implications because no matter where the users are located, their phones can still be targeted.

The problem can be found in both individual and business versions of WhatsApp until the newest updates were launched in October this year.

Similarity to the Pegasus Breach

This security problem is discovered just after the Pegasus Breach controversy. Earlier this year, WhatsApp came under fire after it was made known that its software has been abused by hackers. The hackers utilize the loophole in the system to install spyware on phones. The name of the malware is Pegasus. It is said to have targeted journalists, activists, and human rights lawyers, jeopardizing their activities and privacy.

Similar to the MP4 video method, Pegasus is also spyware that installs itself on the target’s phone. However, it exploits a weakness in the messaging app’s video call function. It is also more advanced than the other method. Even if the user does not answer the suspicious call, the spyware can still breach the phone.

An Israel-based corporation, NSO Group, has undergone public scrutiny because it was accused of providing the Pegasus spyware. WhatsApp has sued the tech firm in a US court, alleging that NSO Group has violated the app’s terms and conditions and holds responsibility for the attacks. But the NSO Group claims that it only cooperates with government agencies.

WhatsApp had informed users whose devices are potentially breached by the spyware. In India, at least 17 individuals’ devices were infected by Pegasus. These included activists and lawyers who champion human rights, as well as journalists. The government has denied having any part in the hacking.

Security improvements by WhatsApp

Facebook and WhatsApp had announced that they have come up with a solution for the vulnerability a few days ago. WhatsApp’s statement says that the app is “constantly working to improve the security” of their service.

Both Facebook and WhatsApp have claimed that the most recent security patch from the application has resolved the vulnerability issue. And WhatsApp has no reason to believe that its users were affected, its spokesperson said. However, no further details about the counteracting measures have been disclosed.

The messenger boasts that its end-to-end encryption makes it a secure means of communication. The encryption means that the messages can only be read on the sender and the recipient’s devices. But the claim is debatable. The two recent scandals are not even the first time the application has been criticized for endangering the security and privacy of its users.

Currently, WhatsApp is the messaging app with the largest number of users. But some are migrating to other applications such as Telegram in search of a safer option. The developers of WhatsApp must look into potential vulnerabilities and reinforce their defenses so as to prevent losing current and potential users.

In the meantime, do not forget to update the application on your device. You should take this precaution so that you can avoid any potential security breach. Otherwise, your device might be compromised.