Uncategorized

In Pakistan, threats continue to internet access, including social media

The recent clash over internet freedoms in Pakistan ignited over the weekend and fizzled out by Monday, yet it laid bare the nation’s profound tensions regarding online content regulation. On Saturday, a member of Pakistan’s Senate proposed a resolution calling for the prohibition of major social media platforms like Facebook, TikTok, Instagram, YouTube, and X (formerly Twitter) within the country. This move followed months of social media shutdowns and internet disruptions linked to the general election. According to the resolution, these platforms were accused of negatively impacting the youth by spreading malicious propaganda against the military and endorsing fake leadership. Senator Bahramand Tangi, in an interview with a Pakistani news outlet, alleged widespread misuse of social media by the majority in the country, specifically pointing fingers at journalists who he claimed openly favored political parties and disseminated their propaganda through social media. However, facing intense criticism over potential violations of constitutional freedoms, the resolution was withdrawn on Monday. Nevertheless, the specter of restrictive measures on social media and the internet continues to loom in Pakistan, as experts caution. Raman Jit Singh Chima, Asia Policy Director at digital rights organization Access Now, highlighted the already significant legal powers wielded by the government. In 2022, amendments to the Pakistan Electronic Crimes Act criminalized online defamation of authorities, imposing severe penalties. Recent events underscore this trend. Independent journalist Asad Ali Toor was arrested last month for allegedly breaching these laws through his online activities. The government and telecom authority frequently employ intrusive measures to block specific websites and communication channels, and they are not hesitant to shut down the internet entirely during protests or demonstrations. The recent restriction on X occurred amidst heightened sensitivity regarding social media limitations in Pakistan. On February 17, access to X was restricted amid escalating unrest and protests over allegations of election fraud. These measures, which also included suspending mobile services on election day, have drawn criticism from opposition groups and international observers. Despite facing backlash, there are concerns that the government may resort to more internet shutdowns and pressure social media platforms for content censorship, prompting calls from digital rights organizations for civil society and policymakers to mobilize against such arbitrary restrictions. While attempting to access the platform on Friday, one of the Pakistani citizens interviewed by Recorded Future News encountered the following message:

In Pakistan, threats continue to internet access, including social media Read More »

Facebook, Instagram appear to partly reconnect after nearly six-hour outage

post credit: Reuters.com Facebook and Instagram appeared to be partially reconnected to the global internet on Monday afternoon, nearly six hours into an outage that paralyzed the social media platform. Facebook and its WhatsApp and Instagram apps went dark at around noon Eastern time, in what website monitoring group Downdetector said was the largest such failure it had ever seen, with 10.6 million problem reports globally. Oct 4 (Reuters) – Facebook and Instagram appeared to be partially reconnected to the global internet on Monday afternoon, nearly six hours into an outage that paralyzed the social media platform. Facebook and its WhatsApp and Instagram apps went dark at around noon Eastern time, in what website monitoring group Downdetector said was the largest such failure it had ever seen, with 10.6 million problem reports globally. Around 5:45 pm ET, some Facebook users began to regain partial access to the social media app. WhatsApp continued to have connection problems for at least some people. The outage was the second blow to the social media giant in as many days after a whistleblower on Sunday accused the company of repeatedly prioritizing profit over clamping down on hate speech and misinformation. Shares of Facebook, which has nearly 2 billion daily active users, opened lower after the whistleblower report and slipped further to trade down 5.3% in afternoon trading on Monday. They were on track for their worst day in nearly a year, amid a broader selloff in technology stocks. Security experts said the disruption could be the result of an internal mistake, though sabotage by an insider would be theoretically possible. “Facebook basically locked its keys in its car,” tweeted Jonathan Zittrain, director of Harvard’s Berkman Klein Center for Internet & Society.

Facebook, Instagram appear to partly reconnect after nearly six-hour outage Read More »

Hackers Target Indian Military with Spyware Loaded in Dating and Communication Apps

News Credit: Cyware An active spyware campaign has been discovered that is mainly targeting Indian military personnel. The spyware campaign has been active since January and detected in dating and instant messaging apps. According to researchers, the recent version of PJobRAT spyware was first observed in December 2019. What has happened? Cyble and 360 Core Security Lab have recently detected the PJobRAT spyware and claimed that the spyware samples are disguised as Android dating apps. During their investigation, researchers detected that this recent variant is disguising as a dating app known as Trendbanter, as well as the Signal app, for non-resident Indians. In some of the cases, the spyware mimics other apps to fool unsuspecting users, such as HangOn, SignalLite, Rita, and Ponam. Moreover, through third-party app stores and other mediums, including malicious URLs and SMS, the attackers had accomplished their propagation goals in which they distributed multiple spyware. To hide in the app list, it imitates WhatsApp or any legitimate-looking app. However, the most unusual thing is that it doesn’t even have the exact icon shown in the app store with the installed one. About PJobRAT  The researchers who detected the recent operation did not link it to any of the hacker groups currently. However, the specific nature of the targets hint at China- or Pakistan-based actors. PJobRAT exfiltrates .pdf, .doc, .docx, .xls, .xlsx, .ppt, and .pptx files from the infected devices. It uploads address books, SMS, audio files, video files, and image files.  Additionally, it uploads a list of installed apps, WiFi/GPS information, geographic location, external storage files, phone number, WhatsApp contacts/messages, and recording via the mic or camera. Conclusion According to recent findings, the attackers behind this spyware are not sophisticated ones since their private servers are accessible publicly where they are holding the exfiltrated data. However, it doesn’t undermine the fact that it is still active and poses a danger to unsuspecting users.

Hackers Target Indian Military with Spyware Loaded in Dating and Communication Apps Read More »

Cisco Smart Switches Detected with Vulnerabilities

News Credit: e hacking news In Cisco’s Small Business 220 Series smart switches a researcher has uncovered various vulnerabilities, especially those with high severity assessments. This Monday, the networking giant advised its consumers that patches for these vulnerabilities are available.  The impact switch runs firmware versions earlier than 1.2.0.6 and has the web-based management interface enabled.  Cisco Systems, Inc. is a US conglomerate based in San Jose, California, in the Silicon Valley center. Cisco designs manufacture and distribute high-tech services and products for networking hardware, software, telecommunications equipment, and others.  Security researcher Jasper Lievisse Adriaanse has identified the vulnerabilities. He discovered four kinds of safety holes on the small enterprise switch as published in a notice by Cisco.  One can be used by a remote, unverified attacker, tracked as CVE-2021-1542, which is rated as high severity to take over the user session and obtain access to the web portal of a switch. The attacker could acquire managerial access to the management interface, based on the rights of the potential customer.  Another high-severity problem is CVE-2021-1541, which enables a remote device attacker with admin access to perform arbitrary root-privileged commands on the operating system underneath it. The two other weaknesses identified by the investigator, both of which were Cisco’s medium severity, might allow a remote attacker to initiate XSS (CVE-2021-1543) or HTML injection attacks (CVE-2021-1571).  “[In the case of the] XSS flaw, the vector which I tested and verified was by exploiting a vulnerability in how certain packets which are only valid on the same L2 domain are parsed,” Adriaanse explained. He added, “It should be possible, if you’re on the same L2 domain, to perform the XSS attack through CVE-2021-1543, obtain the CSRF token and perform arbitrary actions as the logged-in user. As I don’t write a lot of Javascript I didn’t attempt to write a payload to subsequently exploit CVE-2021-1541. Note however that due to lacking Content-Security-Policy headers you can use CVE-2021-1543 to include remote Javascript code. So you’re not limited by the packet size of the abused L2 protocol. I guess with enough experience and determination one could concoct a payload to do anything in the UI.”  The XSS defect is due to inspections by the web-based management interface of the device being submitted by the user. An attacker could use this error by deceiving the victims into clicking a malicious link and accessing a certain page. The attacker may induce weakness in running arbitrary script code in connection with the affected interface or access sensitive, browser-based information. The HTML Injection Vulnerability is caused by faulty parameter checks on affected pages. In order to address certain vulnerabilities, Cisco has published software updates.  Thank you… 🙂

Cisco Smart Switches Detected with Vulnerabilities Read More »