Tag Archive for: Activities

Federal Gov’t Suspends Mining Activities At OAU, Environs 

/in


The federal government has suspended further mining activities within Obafemi Awolowo University (OAU) and Obafemi Awolowo University Teaching Hospitals (OAUTH) complex in Ile-Ife, Osun State.

The minister of solid minerals development, Dr. Dele Alake, who declared the indefinite suspension, said the order will be in place pending the conclusion of investigations into suspected illegal mining around the university, its teaching hospital, and environs.

In a statement by the special assistant to the mnister, Segun Tomori, Dr Alake said the action followed reports in certain sections of the media about activities of illegal miners within the precincts of the university, adding that

the ministry had immediately swung into action to ascertain the veracity of the allegations.

“Following the outcry generated by reports of illegal mining or suspicion of nefarious activities by mining operators within OAU, we immediately deployed officials of the Nigeria Geological Survey Agency (NGSA) and Mines Inspectorate for on-the-spot assessment. Preliminary reports that reached me indicated that there were indeed some activities around the premises. The ministry then stopped all activities, whether legal or illegal, for further investigations,” the Minister asserted.

 

Speaking further, Alake revealed that upon summoning some operators discovered to be carrying out illegal activities, they presented some licences and letters of consent which necessitated further investigations to ascertain its authenticity, hence the imperative of inviting the university authorities for a parley.

“We have a had a very fruitful meeting, and a lot of facts have come out of it. Based on the outcome of the meeting, I announce the indefinite suspension, with immediate effect, all mining activities within the premises of the University, the University teaching hospital and in fact around the area and boundaries of the university, until the conclusion of thorough investigations,” the Minister added.

 

In his response, OAU vice chancellor, Prof Adebayo Bamire, expressed gratitude to the Minister for the audience, highlighting the capacity of the university to play an active role in exploration, research, and…

Source…

A Malware Found on Android Apps Can Steal and Monitor All User Activities

/in


A malware named VajraSpy has been found in more than 12 mobile applications. It is known as Remote Access Trojan (RAT) and about 6 applications from Google Play have been affected by it. Google has immediately removed those apps from Play Store but they are still available as third party apps on the internet, as reported by WeLiveSecurity and ESET. Most of these applications are related to messaging and news. When these apps affected by RAT are installed, your device immediately gets malware and the apps can easily steal your personal information, private data and can even record your phone calls. It can also automatically turn on your front camera and monitor you. It can automatically obtain all the permissions on your mobile phone and can then do surveillance and monitoring of the user, from their notifications to messages and images.

Researchers from ESET were the first ones to report this virus and the PatchWork APT group is behind this and they have been targeting people in Pakistan since 2015. In 2022, this group accidentally unveiled their own malware campaign and they were using Ragnatela RAT for spreading the virus. ESET researchers also found the applications that had the same VajraSpy Code. These applications included Rafaqat, which is a news app. The other applications were related to messaging namely, Privee Talk, MeetMe, Let’s Chat, Quick Chat and ChitChat. The apps that are affected by VajraSpy but are available outside of Google Play are Hello Chat, Yahoo Talk, TikTalk, Nidus, GlowChat and Wave Chat. All of these apps are messaging apps.

As third-party websites do not mention the number of people who have downloaded apps from them, we cannot say anything about how many people have been affected by that virus. ESET has said that most of the victims are from India and Pakistan and they have been tricked into installing these applications. Google Play is introducing a new policy that will make it hard for apps with malware to be on the platform. Till then, people shouldn’t download apps recommended by people they don’t know.

VajraSpy malware infiltrates 12+ mobile apps, including Google Play, posing severe privacy threats.

Photo: Digital Information World – AIgen

Read next: Google Has Removed the Cache Link From its Search Engine Results, Cache Operator will…

Source…

Medusa group steps up ransomware activities

/in


He added that the group doesn’t have a code of ethics, as some groups claim to have. “Throughout 2023, we saw the group compromise multiple school districts and publish highly sensitive information about students,” Santos says.

Medusa uses initial access brokers for network access

Other distinctions include Medusa having its own media and branding team, focusing on exploiting internet-facing vulnerabilities, and using initial access brokers (IABs) to gain access to systems. “Initial access brokers provide threat actors with valet access to the front door of an organization,” Galiette explains. “While there’s a cost associated with it, leveraging these groups has proven very lucrative in the past.”

“Overall,” Galiette adds, “we’re seeing the more active or advanced ransomware groups leverage initial access brokers. The smaller or emerging ransomware groups don’t necessarily have the capital to leverage IABs in the same way.”

The group is also into double ransoms. “The use of a double ransom is notable for Medusa, where they leverage one ransom to decrypt the encrypted parts of an environment and a separate extortion demand to prevent leaking stolen data from their victims onto the larger internet,” says Steve Stone, head of Rubrik Zero Labs, the cybersecurity research unit of Rubrik, a global data security and backup software company.

Indiscriminate targeting a universal threat posed by ransomware actors

The emergence of the Medusa ransomware in late 2022 and its notoriety in 2023 marks a significant development in the ransomware landscape, the Unit 42 report noted. This operation showcases complex propagation methods, leveraging both system vulnerabilities and initial access brokers, while adeptly avoiding detection through living-off-the-land techniques.

The Medusa Blog signifies a tactical evolution toward multi-extortion, with the group employing transparent pressure tactics on victims through ransom demands publicized online, it continued. With 74 organizations across a spectrum of industries affected to date, Medusa’s indiscriminate targeting emphasizes the universal threat posed by such ransomware actors.

Source…

Activities, History, FAQs, Dates, and Facts About computer security

/in


National Computer Security Day 2023: National Computer Security Day is observed annually on November 30. Cybersecurity impacts every aspect of our lives, including our financial transactions, political elections, and spending habits. We cannot afford another MyDoom, the most destructive email virus in history, that wreaked havoc costing $38.5 billion; therefore, let’s educate ourselves on online safety!

National Computer Security Day History

It seems as though we hear about cybersecurity breaches every day. Globally, ensuring the online security of individuals and organizations is of the utmost importance. It is a thought that occupies a prominent position in our thoughts on National Computer Security Day. National Computer Security Day has a fascinating history.

Researchers from Cornell University discovered an unidentified pathogen infiltrating their computer systems on November 2, 1988. Four hours after its initial discovery, the “Morris worm” malware infiltrated a number of additional university systems, including the ARPANET, which served as an early prototype of the contemporary internet.

Six days later, two Defense Advanced Research Projects Agency (DARPA) computer experts advised the formation of a “National Computer Infection Action Team” (NCAT) to respond to these types of attacks around the clock, 365 days a year. The Software Engineering Institute (SEI), a Carnegie Mellon University-affiliated research facility, established the Computer Emergency Response Team (CERT) on November 14.

The Washington, D.C. chapter of the Association for Computing Machinery’s (ACM) Special Interest Group on Security, Audit, and Control established National Computer Security Day in 1988 to bring attention to cybercrimes and infections. As stated in an article from “Networld” in 2004, the selection of November 30 as Computer Security Day (CSD) was intended to maintain a heightened awareness of security concerns amidst the holiday season, a time when individuals are generally preoccupied with holiday shopping rather than preventing security breaches. CERT and the Department of Homeland Security of the United States merged in 2003 to establish the National Cyber Awareness…

Source…