Tag Archive for: Trouble

Georgia official’s dismissal of security audit could mean trouble in 2024


For the second time in four years, Georgia’s secretary of state stands at the center of a fight over the legitimacy of a U.S. presidential election. Only now, Brad Raffensperger — the Republican who once stood up to Donald Trump’s election fraud lies — is the one security experts see as the problem.

In a letter sent to state lawmakers last week, Raffensperger argues that a newly unsealed audit finding that there are dangerous vulnerabilities in Georgia’s widely used voting machine software is overblown and no fixes are needed.

“It’s more likely that I could win the lottery without buying a ticket” than that hackers flip enough votes to swing the election, he says in the letter.

But Raffensperger’s dismissive reaction to the unsparing audit conducted by security expert Alex Halderman has turned him into an object of intense criticism from cybersecurity specialists, who say he is painting legitimate research with the brush of far-right conspiracy theories — and imperiling the 2024 elections in the process.

“Raffensperger has lumped us with the election deniers,” said David Jefferson, a computer scientist at Lawrence Livermore National Laboratory and an expert on election technology. “But we cannot, out of fear of that confusion, stop talking about these vulnerabilities. They are real, they are there, and they must be addressed.”

Before its release last week, the analysis of Dominion Voting Systems’ ImageCastX ballot-marking devices was kept under seal for roughly two years as part of a long-running legal dispute between Raffensperger and local voting rights activists arguing the machines need to be replaced by hand-marked paper ballots.

Georgia is one of just two states in the country to use these ballot-marking devices as the primary form of voting across every precinct, and the plaintiffs — a Georgia-based non-profit group called the Coalition for Good Governance — have alleged its dependence on them is unacceptably risky because of the way the ImageCastX records voter’s choices: via machine-printed barcodes voters can’t corroborate with their own eyes.

The state has maintained throughout the court challenge that it has adequate…

Source…

DO NOT download this Chrome, Microsoft Edge update! Your PC will be in trouble


Chrome and Microsoft Edge users should avoid downloading updates from malicious websites, since a Magniber ransomware is widely spreading.

Do you see a update notification on your Google Chrome browser asking to download an update? If yes, close the page immediately and do not hit the download key. A new ransomware is widely spreading via malicious websites and it could make all data on your computer useless, unless you pay a ransom. The issue is also present on Microsoft Edge browser, given that it uses the same Chromium codes.

In a report from GBhackers.com, it is said that infamous Magniber ransomware is back. This one had a reputation for using the old Internet Explorer browser as its media to target innocent people. Now, the attackers are using Microsoft Edge and Google Chrome to do the same.

Magniber ransomware is back

The ransomware works the same way as it used to previously, except for the fact that it now works on Chrome and Edge browsers. The malware is often distributed through fake webpages pretending to offer a new update for your Chrome or Edge browser. Once the user click on “Update Chrome” or “Update Edge” buttons, the page downloads a browser extension of the .appx type.

Once the extension is installed, the program is executed in the background and the inevitable happens. The malicious files start encrypting the files on your Windows system in the background, without letting you have any idea about it.

Once the malicious encryption is finished, the program will throw up a Notepad document that contains the ransom note. You won’t eb able to access the files on your computer after this and the only way to get it back is by paying the ransom. The ransomware also makes victims download the Tor browser for the process.

How to avoid this ransomware

There are some common things to note in order to stay safe from such ransomware in the future.

– Never download any “update packages” for your Chrome or Edge browser from other websites. Chrome and Edge can download their updated from the servers automatically, hence, there’s no need for manual updating. Hackers often lure you into downloading an update…

Source…

HSBC in Big Trouble in its Biggest Market, China


As HSBC pivots further to Asia and away from the West, its business in China gets more and more complicated.

By Nick Corbishley for WOLF STREET:

HSBC, headquartered in the UK, is first and foremost an Asian bank. The Hongkong and Shanghai Banking Corporation Limited cut its teeth in the 19th century in Greater China. In 2020, its Mainland and Hong Kong operations accounted for 39% of its annual $50 billion in revenue, while the United Kingdom, its second largest market, brought in 28%. The bank is now selling off its retail banking units in France and the United States and scaling back its presence in some emerging markets in order to accelerate its eastward pivot.

But there’s a problem with this plan: Its success rests largely on the bank’s ability to maintain good relations with the Chinese government. And that is proving to be a tough proposition.

Relations have soured significantly over the past two years after it was revealed in 2019 that HSBC had ratted out Chinese telecom giant Huawei to the U.S. Department of Justice for breaching U.S. sanctions on Iran. The information provided by HSBC led to the arrest of Meng Wanzhou, Huawei’s chief financial officer and daughter of the company’s founder, in Vancouver in 2018.

As geopolitical tensions have escalated between the US and China, HSBC has had to walk a tightrope in its relations with China on the one hand and Washington and London on the other. The lenders’ travails reveal a core challenge for multinational firms operating in China: the market is vital to their growth prospects, but Western firms doing business there increasingly risk being mired in the ratcheting tensions between Beijing and the West.

But given the size and growth of the market, many big global banks have decided to continue expanding in China, whether organically or through acquisitions. HSBC Holdings PLC, Standard Chartered PLC and Citigroup Inc. have all unveiled plans to beef up their wealth management operations in China, targeting the growing middle class. But with net profits for foreign lenders falling precipitously and Beijing demanding that foreign companies toe the line as the US ramps up sanctions on China, it’s getting more…

Source…

Trouble mounts for WhatsApp, phone numbers of users found on Google search: Reports


WhatsApp has reportedly exposed the phone numbers of the web users on Google Search via indexing.

If reports are to be believed, this development essentially means that anyone, sitting in any part of the world, with the right search query can find your personal phone number on Google easily.

The Google search result reportedly displays the phone number only, and not your name.

However, a simple Truecaller search can reveal your identity.

According to internet security researcher – Rajshekhar Rajaharia, phone numbers of WhatsApp web users appeared on Google Search.

He further alleged that Google is also indexing the text messages of users.

“15 Jan 2021, If you are using @WhatsApp Web, your Mobile Number and Messages are being index by @Google again. Don’t know why WhatsApp is still not monitoring their website and google. This is 3rd time,” Rajshekhar Rajaharia said in a tweet.

Also read: Dense fog engulfs Assam, Meghalaya and Tripura

Notably, a few days back, Group chat links were also available on Google Search.

Anybody could simply search the name of the group on Google and join a group on WhatsApp using the link.

However, WhatsApp soon took cognizance of the vulnerability.

WhatsApp said, “Since March 2020, WhatsApp has included the ‘no index’ tag on all deep link pages which, according to Google, will exclude them from indexing. We have given our feedback to Google to not index these chats.”

Also read: Amidst concerns, WhatsApp delays implementation of its new privacy policy

Source…