Articles

Wipro's New Tech Centre Will Enhance Tech Standard.

India’s third-largest IT services company Wipro on Tuesday said it has opened a new technology centre in Plano, Texas. The centre will initially employ 150 people and Wipro will increase the headcount to 2,000 in the next few years. Currently, the company’s Texas headcount stands at 1,400. “The Texas Technology Center is focused on developing niche capabilities in new and emerging technologies for Wipro’s clients, which include some of the nation’s most innovative companies,” it said.

The new facility will primarily house the company’s US cybersecurity centre as well as serve as a hub for advanced analytics. “With more than 1,400 employees in Texas and major operations now in Plano, Dallas and Houston, Wipro is playing an important role in the Texas economy,” said Texas governor Greg Abbott.
Via http://www.financialexpress.com/

Alexander Nix Of Cambridge Analytica's : A Villain Or A Tech Genius.

LONDON:  The British press and parliamentarians - and his own former employees - are divided over how to characterize the mysterious, plummy, exquisitely tailored Alexander Nix, founder of the now infamous Cambridge Analytica, the London data-munchers who boasted they helped Donald Trump win election and are now suspected of violating the privacy of tens of millions of Facebook users.

A lot of lawmakers here, and in Washington and further abroad, want to hear more from Nix. But he has gone dark since he was suspended last week - ousted after he was caught bragging on hidden camera that his company's operatives could entrap political rivals in far-off lands with beautiful Ukrainian women.

On Tuesday, Nix was described as a kind of Dr. Evil by one member of the British Parliament committee investigating Cambridge Analytica, alongside Facebook and fake news, who wondered aloud during a public hearing in the House of Commons whether the 42-year-old Nix might have fashioned himself the leader of SMERSH, a fictional nemesis of James Bond.

At the hearing, Christopher Wylie, Nix's former director of research and now whistleblower, said he saw less 007, more hustler.

"He's a salesman; he likes to sell stuff," Wylie told the committee, explaining that as head of Cambridge Analytica, Nix's job was to woo clients, not write algorithms.

"He has no background in psychology, technology, marketing or politics," the whistleblower told The Washington Post.

Wylie said that Nix and his company didn't care if they broke laws in developing countries, as long as they won elections for their clients - in Nigeria, Kenya, Ghana and the Caribbean.

Asked what he thought might be Nix's next move, Wylie - a Brexit supporter who sports pink hair and a nose ring - suggested, "Jail?"

Ad 
Wylie told the parliamentary committee members that what Nix told them last month about his company's use of Facebook data was "exceptionally misleading and, to be frank, not only misleading, but dishonest."

The company has denied wrongdoing. Nix denied using Facebook data inappropriately.

Nix did not respond to text and telephone messages from The Washington Post seeking comment.

Nix landed at SCL Group in 2003, the progenitor of Cambridge Analytica, which was founded in 2013 with funding from Republican mega-donor Robert Mercer in partnership with former Trump adviser Steve Bannon.

Nix has a reputation as a polished presenter, a dealmaker who donned his Savile Row suits as armor to do battle in hotel lobby bars in Africa and Asia - and hard-sell his product, which was influencing people and winning elections.

"He had a standard pitch," Wylie said, which was, we have the best and brightest in the best offices at the best addresses in London and Cambridge, and by the way, I went to Eton.

"It was all designed to present a very posh veneer to clients, where this went down very well, in developing countries in the commonwealth," said Wylie.

Nix attended the exclusive Eton College and after that the University of Manchester. He worked in banking and finance, in Mexico City and London, in his 20s and 30s.

Yet, there are gaps in the basic Nix bio.

The Internet tells us that he plays polo, quite well, for a team called the Libertines and others. There are plenty of photos of Nix astride his ponies.

But his polo friends are no longer answering phone calls from the press.

Married? Children? The Daily Mail reported last week on "a vast home in west London, which he and his girlfriend, Norwegian shipping heiress Caroline Paus, bought for £4.5 million [$6.4 million] in February 2012."

In his testimony in Parliament on Tuesday, Wylie said they once delayed a meeting because Nix had to pick up a $280,000 chandelier.

Three of his former employees told The Post that Nix was, alternatively, a hard-charger, a bully, a mentor, an idea man, charming, a phony and the real deal.

One former employee, who declined to be named because he had signed a nondisclosure agreement, said Nix was a devoted family man.

An associate who worked with Nix in 2012 in the run-up to the national election in Kenya said, "He was very aggressive, a typical, 'I'm extremely posh and therefore I know what I'm doing.' You know the type," he said.

In media profiles published before the Cambridge Analytica scandal broke, Nix was hailed as a "genius."

But extremely private. He once threatened to walk out of an interview that began with basic questions about family, upbringing and school, protesting that no one wanted to know what breakfast cereal he ate.

Billed as a rock star in the data-tech conference circle, Nix provocatively proclaimed that the old days of putting up clever advertisements designed by creative types to lure consumers were over, and that a new age was upon us, with microtargeting of voters based on data-mined psychological profiles of individuals' deep hopes and fears.

Alternatively, his competitors dismissed Nix as a huckster "selling snake oil." Or as a Financial Times columnist put it: "an adman bigging up his data-science firm." Adding scornfully, "There are lots of them."

Last week, Nix was suspended as chief executive of Cambridge Analytica "pending a full, independent investigation." This came hours after Britain's Channel 4 broadcast a segment showing Nix, captured on hidden video, boasting that his company could employ operatives to pose as wealthy developers to entrap overseas politicians into accepting bribes on hidden video cameras.

The irony.

Nix told the BBC he was speaking with a certain amount of "hyperbole" and humoring the Channel 4 undercover team. That defense has not gone well.

Last week, a British Parliament committee investigating fake news and Facebook requested that Nix return to speak before the panel, alleging that his testimony in February might have been misleading.

"We are also interested in asking you again about your claim that you 'do not work with Facebook data,' " which was challenged by recent revelations in the British and American press.

The letter closed with a warning: "Giving false statements to a select committee is a very serious matter. We urge you to come forward and explain your comments at a committee hearing."

On Friday, Britain's High Court granted the information commissioner a warrant to search Cambridge Analytica's files and servers in London. Investigators spent seven hours in the offices.

Nix has denied any wrongdoing.

Hours before the first expose appeared last week, Nix told the BBC that Cambridge Analytica was approached in 2014 by "a very respectable academic," Cambridge University psychologist Aleksandr Kogan, "who said he had the wherewithal, the legitimate and legal wherewithal, to collect data on Facebook users that we might be able to use as part of our model."

As part of the Kogan's research, Facebook provided him with access to data on 57 billion Facebook friendships, according to a research paper the professor co-authored.

Facebook founder and chief executive Mark Zuckerberg on Sunday apologized for "a breach of trust" in advertisements placed in major newspapers, including The Washington Post.
via https://www.ndtv.com/

SPYRUS NEWS : Providing Very Strong Security In This Insecure World , Grab The Security Now.

SPYRUS SEMS provides a very strong security and productivity solution for any organization deploying SPYRUS encrypting secure storage drives and/or our Microsoft certified bootable Windows  To Go Live Drives. While these drives provide the strongest Data-at-Rest protection when used by the mobile workforce, organizations are faced with another challenge that is the management, audit and policy enforcement of these high capacity, small form factor devices. SEMS solves that problem. SEMS was designed to operate on the Windows server ecosystem on premise or on Microsoft Azure with ability to scale from proof of concept with a small number of devices to deployments with tens of thousands of devices under management.


SEMS extends a true end-to-end security approach to mobile users to protect data at rest; in transit and enabling the enterprise to comply with government regulations. With SEMS device management, enterprise administrators can centrally register, block/unblock, revoke, set policies, audit, and “kill” the SPYRUS hardware encrypted devices.

 
SPYRUS delivers innovative encryption solutions that offer the strongest protection for data in motion, data at rest and data at work. For over 20 years, SPYRUS has delivered leading hardware-based encryption, authentication, and digital content security products to government, financial, and healthcare enterprises. To prevent the insertion of untrusted components, patented Secured by SPYRUS security technology is proudly designed, engineered, and manufactured in the USA to meet FIPS 140-2 Level 3 standards. SPYRUS has collaborated closely with Microsoft to deliver certified portable platforms for Windows 7, Windows 8, Window 8.1. and Windows 10. SPYRUS is headquartered in San Jose, California. See www.spyrus.com for more information.

Spyrus

Grab Your USB Drive now and be a part of the best secure cyber security world.

Anyone Can Find Your Aadhar Data Due To Vulnerability Claims French Security Researcher.

Vulnerability in mAadhaar Android app allows anyone to steal your Aadhaar data, finds French security researcher


Vulnerability in mAadhaar Android app allows anyone to steal your...
After an investigation by a leading English news daily in India discovered how Aadhaar details of the entire country were being sold at Rs 500, a French security researcher found yet another massive loophole that allows anyone with basic programming knowledge to break into the mAadhaar Android app and steal user data.
The French-researcher alias Eliot Alderson who goes by the handle @fs0c131y on Twitter revealed in a thread of Tweets how the password to the local database which the mAadhaar app uses to store sensitive information like your biometric preferences, KYC profile data, and user passwords, can be easily acquired. Essentially, if someone has access to your phone, your Mobile Aadhaar PIN can be compromised with ease.
Also Read : mAadhar Hardcoded PassWord - Hacker Ritz
We reached out to the researcher who said that the mAadhaar app uses a local database on the phone to store information like your password, app preferences and the likes. It’s a common practice by developers to do so. That local database is protected by a password which is randomly generated. However, @fs0c131y found that the way to generate this password randomly is poorly written.





The app is saving your biometric settings in a local database which is protected with a password. To generate the password they used a random number with 123456789 as seed and a hardcoded string db_password_123 🤦‍♂️

Essentially, the password is generated using a random number with the seed as “123456789” and a hardcoded string “db_password_123” which remains the same for every phone. Using this, anyone with access to your phone can break into the app and get your user password and basically, get access to all your demographic and biometric details.




A lot of people asking me how bad is the generation of the local database password in the .

I published a small POC here: https://github.com/fs0c131y/AadhaarDatabasePasswordPOC 

If you start the application multiple times you will see that the generated password are always the same

The researcher even made a proof-of-concept on Github to demonstrate the flaw. He made an application with the same code so that if you run it multiple times, it will give you the same password over and over again instead of the randomised password the app is supposed to generate. 




Storing data in a local database is a common practise in the world.

In the app they store:
- user password data (hash)
- notification
- Ki value
- EKYC Profile Data
- Biometric Prefs
- Bio Lock Timeout
- App Configuration

The mAadhaar app, @fs0c131y found, stores your photograph on the local database, which is a biometric information by itself, apart from your eKYC profile data, and more. Furthermore, the eKYC profile data stores the user ID, the Aadhaar ID, your name, date of birth, gender, address and your photograph.
The researcher uses an alias Elias Alderson, which is the name of the protagonist of Mr. Robot, a popular TV series about cyber security and hacking. He had earlier found a backdoor on OnePlus devices which granted hackers with root access and other sensitive information with ease.
The researcher even shared the information with UIDAI that supervises the Aadhaar project in the country. However, the last time a reporter tried to inform the authority about a breach in the Aadhaar system, the regulatory body filed an FIR against her. It remains to be seen how UIDAI handles the new revelation and more importantly, what steps the authority takes to remedy the issue and make the app secure.
The mAadhar Hardcoded PassWord - Hacker Ritz can be get from here - Special report from One Of The World's Best Cyber Security News Editor.
via Digit

Feedspot ranked Top 40 Cyber Security News Websites And Hacker Ritz Is In The List ! Celebration Time !

Few days back, Feedspot ranked Top 40 Cyber Security News Websites/Blogs out of thousands of blogs from all over the World.
Feedspot  is a Modern RSS Reader. If you're trying to keep up with news and content on multiple web sites, you're faced with the never ending task of visiting those sites to check for new content. Feedspot allows you to put all of your reading in one location.

In the previous listing of Feedspot of Top 100 Infosec Blogs we secured #95 position.
Our Blog Hacker Ritz is also in the list of Top 100 Infosec Blog all over the World with a ranking of #96.






and now Feedspot again make a listing of Top 40 Cyber Security News Website and here we are awarded with a rank of #33 across the globe.



Crypto Mining Crackdown By China Threatens Bitcoin's Future

With its price dropping, sky-high transaction fees, growing tractionamong competitors, and regulatory agencies taking action in several countries, Bitcoin is starved for good news. Today marked another blow against dominant cryptocurrency: China is working to rid itself of bitcoin mining companies.


As Reports:
Chinese authorities outlined proposals this week to discourage bitcoin mining — the computing process that makes transactions with the cryptocurrency possible. Officials plan to limit the industry’s power use and have asked local governments to guide miners toward an “orderly” exit from the business, people familiar with the matter said [...] Miners have until recently flocked to China because of the country’s inexpensive electricity, local chipmaking factories and cheap labor. They now have little choice but to look elsewhere.
Mining is the process by which sets of bitcoin transactions—called blocks—are verified and added to the blockchain ledger. That verification relies on having powerful computers solve difficult math problems—with a correctly solved block netting a payout in bitcoin.
Always-on hardware performing intensive computations has steered the trend in mining over Bitcoin’s nine years away from individuals with dedicated laptops and towards syndicates using specialized hardware (called ASICs) in countries with cheap electricity. The confluence of those needs has thus far been met largely in China.
There’s another problem, and it’s one that’s baked into how Bitcoin functions. When it first debuted, the reward for mining a block was 50 BTC. Today it stands at 12.5, having gone down by half in November of 2012, and again in July of 2016. It’s expected to fall to 6.25 BTC in June of 2020.
That’s further complicated by another feature of Bitcoin: the difficulty of those problems thousands of ASICs are humming away to solve generally increases every 2016 blocks.
Around five years ago, it no longer made financial sense for individual Bitcoin enthusiasts to invest in mining. The probability of successfully solving a block was past parity with the cost of running the firetrap hobbyist equipment required to play. With China divesting itself of the mining industry, the enormous amount of electricity soaked up by professional hardware and diminishing return on investment suggests the margins these companies operate on will be razor thin—and trending towards nonexistent.
And without miners to validate bitcoin transactions, the “future of money” is dead in the water.

© [Ritik banger] and [Hacker ritz], [2017]. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to [Ritik banger] and [Hacker ritz] with appropriate and specific direction to the original content.
Designed by Ritik Banger . All rights reserved . Powered by Blogger.
© Copyright 2017. Website by Hacker Ritz