Connect with us

A hacker known as TrueFighter has been actively selling compromised Remote Desktop Protocol accounts on the Dark Web, says Nuspire.

Image: iStockphoto/stevanovicigor

With so many people still working from home, organizations and employees are more dependent than ever on remote access to internal PCs and networks. That means more users who need to tap into Remote Desktop Protocol (RDP) accounts, making those accounts more ubiquitous and more vulnerable.

Spotted by security firm Nuspire, one campaign that has resurfaced lately grabs RDP credentials or access and then sells them on underground forums. In a blog post published Monday, Nuspire describes how this campaign operates.

SEE: How to work from home: IT pro’s guidebook to telecommuting and remote work (TechRepublic Premium) 

An attacker dubbed TrueFighter has a history of hacking into networks, stealing RDP credentials, and then selling them for profit on the Dark Web. This attacker can target any type of organization but primarily focuses on those in the healthcare industry. First seen in October 2014, the campaign has recently triggered a spike in activity, according to Nuspire.

TrueFighter may be a single entity or an entire group, but Nuspire’s research suggests that it’s a single actor. Active on several underground forums and communities, TrueFighter specializes in the sale of compromised RDP accounts through which buyers gain remote administrative access to the networks of affected organizations.

Though the healthcare sector is a popular target, TruFighter has sold RDP credentials from other types of organizations, including a US hospital, a large EU hospital, a US water district, a US law firm, a US construction organization, a large US pawnshop, a Japanese medical university, a Brazilian medical organization, and a large company in the UK.

Exposed and vulnerable RDP access can easily be discovered through sites such as Shodan.io, a search engine for Internet of Things (IoT) devices. Using Shodan.io, Nuspire found more than 4.3 million exposed RDP connections, 30% of which were in the US. Hackers can then use an exploit framework such as FuzzBunch and a backdoor exploit like DoublePulsar to compromise those uncovered RDP connections.

TrueFighter mostly sells regular access to stolen RDP credentials. But in some cases it has offered the ability to escalate these accounts to domain admin access, for an additional fee, of course. In other cases, TrueFighter may simply break into a network and then sell the actual connection to other criminals. That tactic helps ensure that the attacker doesn’t spend too much time on the network where it could be detected, thereby losing access.

To help your organization protect itself against RDP credential attacks, Nuspire offers the following tips:

  1. Restrict access to RDP connections to trusted sources.
  2. Audit connectivity logs for unknown connections.
  3. Implement two-factor authentication for RDP logins.
  4. Audit administrative accounts regularly to ensure that unexpected accounts haven’t had their permissions escalated into admin accounts.

Also see

Source link

0
Continue Reading

Technology

Facebook, Twitter Arbitrarily Censuring ‘Nationalistic’ Content: Tejasvi Surya

facebook reuters full 1580352780952

BJP member Tejasvi Surya on Wednesday raised the issue of social media platforms like Twitter and Facebook allegedly arbitrarily censuring content posted by users, especially those with a “nationalistic approach” and sought government intervention for protection of such content.

Raising the issue during Zero Hour in Lok Sabha, Surya said for a long time there have been many “credible” allegations made against Twitter, Facebook and their affiliates of “arbitrary and unilateral regulation and censuring” of content posted by third party users, especially those with a “nationalistic approach”.

“This poses a significant constitutional challenge not only on the grounds of unreasonable restriction of free speech but also amounts to illegal interference during elections,” he said.

The MP said Facebook, Twitter and similar platforms claim themselves to be intermediaries within the meaning of the term under the IT Act, 2000.

He said the key element of this definition is that the role of the said intermediaries is limited to processing, storing and transmitting data of third party users and does not include intervention on content of the users.

Therefore, Section 79 of the Act provides these intermediaries exemption from liability. An intermediary receives protection that a regular publisher does not receive, he said.

Surya said while this is the explicit spirit of the statute, the Information Technology (Intermediary Guidelines) Rules, while laying down what sort of third party content must be prohibited by the privacy policy and terms and conditions of the intermediary, goes far beyond the remit of Article 19(2) of the Constitution read with Section 79 and 69 of the IT Act.

Article 19(2) of the Constitution authorises the government to impose, by law, reasonable restrictions upon the freedom of speech and expression “in the interests of… public order”, whereas section 69 of the IT Act allows the government to intercept any information and ask for information decryption.

Surya said the guidelines essentially empower private party intermediaries to remove on the basis of user complaints or suo moto any content deemed to be in violation of its guidelines.

He said these guidelines are not only ultra vires the parent statute but also unconstitutional as the grounds they provide are too wide and will fail the standards of constitutionality set out by the Supreme Court in the Shreya Singhal case while striking down Sec 66A of the IT Act (which provided police the power to arrest a person for posting “offensive” content online).

The guidelines are problematic because they empower private enterprises performing essentially a public function to act as censors of free speech without government oversight, thus effectively and severely impacting safeguards of the fundamental right to free speech, he said.

“I therefore urge the government to repeal such unconstitutional guidelines and issue new ones to govern social media platforms, thereby protecting the fundamental right to free speech of our citizens and protect our democracy from foreign interference,” he said.


Are Apple Watch SE, iPad 8th Gen the Perfect ‘Affordable’ Products for India? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Source link

0
Continue Reading

Technology

Google adds a COVID-19 layer to Maps app to show health status at county and state levels

img 4096

The new layer is color-coded, includes a count of new cases per 100,000 people, and indicates whether the count is going up or down.

A new layer in Google maps shows coronavirus case levels at the county and state levels.

Google Maps now has a COVID-19 layer that tracks how cases are trending at a county level on the mobile version of the app. You can see how cases are increasing or decreasing in your area as well as any places you may be visiting.

img-4096.jpg

Google Maps added a COVID-19 data layer to the mobile app.

To see COVID-19 data for a particular location, tap the layers button on the top right-hand corner and click on COVID-19 Info. You’ll see a number and “increasing” or “decreasing.” 

SEE: COVID-19 workplace policy (TechRepublic Premium)

This number is the seven-day average for the number of new cases per 100,000 people. The layer’s colors indicate:

  • Grey: Less than 1 case
  • Yellow: 1-10 cases
  • Orange: 10-20 cases
  • Dark orange: 20-30 cases
  • Red: 30-40 cases
  • Dark red: 40+ cases

This count includes both confirmed and probable cases in some locations. Probable cases are identified by public health officials and use criteria developed by government authorities. Some areas may not have data because local authorities haven’t published data or haven’t done so recently.

If you zoom out to the state level on a map of the US, there is a count for each state and an increasing or decreasing indicator with a matching color code.

In Europe, there is more data for some countries than others. Germany is gray, and the COVID-19 map layer shows data for individual states within the country. In France, there is data at the country level only with a rate of 14.8 cases per 100,000 which is increasing. Most of Asia is gray. 

The data comes from these sources:

  • Wikipedia
  • The New York Times
  • Johns Hopkins University CSSE COVID-19 Data
  • Brihanmumbai Municipal Corporation

The Kaiser Family Foundation lists 34 states as coronavirus hotspots. Utah’s positivity rate is 9.1% with a 104.5% change in cases over the last 14 days. If you zoom in to the county level, you can see that Utah County (65.5, increasing) is in worse shape than Salt Lake County (28, increasing). Many of the state’s rural areas are gray and show few cases. Overall the state is light orange.

In June, Google Maps added more information about transit conditions to help travelers avoid crowded metro and train stations. When you look up public transit directions for a trip, the recommended routes show relevant alerts from local transit agencies. These alerts can help you prepare accordingly if government mandates impact transit services or require you to wear a mask on public transportation. Transit alerts rolled out in Argentina, Australia, Belgium, Brazil, Colombia, France, India, Mexico, Netherlands, Spain, Thailand, United Kingdom and the U.S. where we have information from local transit agencies. 

This update also included driving alerts about COVID-19 checkpoints and restrictions along certain routes, such as national borders (starting first in Canada, Mexico, and the US). Maps users see an alert on the directions screen and after starting navigation if the route is impacted by these restrictions. 

Also see

Source link

0
Continue Reading

Technology

Immune Protein IL-17A Responsible for Lethal Side Effects of Gastric Cancer

1 4

The formation of scar tissue, or fibrosis, as gastric cancer disseminates throughout the peritoneum can be more lethal than the cancer itself and can interfere with chemotherapy. Researchers from Kanazawa University have now found that proinflammatory cytokine IL-17A from mast cells heavily influences the degree of fibrosis and causes structural changes in peritoneal cells. Preventing mast cells from releasing IL-17A may therefore be a promising treatment strategy for gastric cancer patients with peritoneal dissemination.

Immune Protein IL 17A Responsible for Lethal Side Effects of Gastric

Fig. 2 Expression of FAP was found in HPMCs treated with IL-17A using immunofluorescence staining. This means HPMCs were transformed into myofibroblast, so called CAF, by IL-17A. FAP: fibroblast activation protein as a marker of CAF. HPMCs: human peritoneal mesothelial cells. CAF: cancer associated fibroblast. Image credit: Kanazawa University

Gastric cancer, one of the leading causes of cancer-associated mortality worldwide, is renowned for its ability to disseminate throughout the peritoneal cavity. As well as causing secondary tumors in other organs, metastatic gastric cancer cells trigger extensive stromal fibrosis, or the formation of scar tissue, that can be more deadly than the cancer itself—bowel obstruction and hydronephrosis and jaundice are all common side effects of gastric cancer-associated fibrosis. What’s more, the densely packed scar tissue can disturb chemotherapy drugs from reaching their target due to intra-tumoral high pressure.

Preventing fibrosis could therefore improve the prognosis for gastric cancer patients. The problem is, researchers have yet to discover what causes fibrosis, let alone how to prevent it.

But in a study published recently in Gastric Cancer, researchers from Kanazawa University found that an inflammatory protein produced by mast cells, IL-17A, triggers cellular changes in the peritoneum, leading to stromal fibrosis in gastric cancer patients.

Lead author Katsuya Gunjigake from Kanazawa University’s Division of Cancer Medicine explains why the researchers targeted IL-17A.

“Over-stimulation of the immune system by IL-17A plays a major role in chronic inflammatory diseases such as rheumatoid arthritis and multiple sclerosis. It has also been associated with increased tumor growth and dissemination in various forms of cancer. Interestingly though, while studies had shown that IL-17A causes fibrosis in both Crohn’s disease and lung disease, no one had investigated the link between tissue fibrosis and IL-17A in cancer.”

By studying cancerous tissue from 70 gastric cancer patients with peritoneal dissemination, the researchers discovered that the degree of fibrosis was governed by the amount of IL-17A, and that IL-17A was being produced by a subgroup of white blood cells called mast cells.

Says Gunjigake, “Mast cells are most commonly associated with anaphylaxis but are also involved in pathogen defense and immune tolerance, among other things. They contain small particles called granules that are filled with molecules such as histamine, serotonin, and IL-17A that are released into the extracellular environment in a process known as degranulation.”

Immune Protein IL 17A Responsible for Lethal Side Effects of Gastric

Fig. 1 The number of IL-17A and MCT double positive cells correlated with the ratio of fibrotic area in the peritoneal tumors. This means IL-17A derived from mast cells may contribute tumor fibrosis. MCT: mast cell tryptase Fig. 2 Expression of FAP was found in HPMCs treated with IL-17A using immunofluorescence staining. This means HPMCs were transformed into myofibroblast, so called CAF, by IL-17A. FAP: fibroblast activation protein as a marker of CAF. HPMCs: human peritoneal mesothelial cells. CAF: cancer associated fibroblast. Fig. 3 Nude mouse was inoculated with human gastric cancer cell line MKN45-P cells intraperitoneally at day 0. Recombinant mouse IL-17A was administrated intraperitoneally at day 1, 3 and 7. Large and many peritoneal nodules were found at day 14. Fig. 4 Fibrosis in the peritoneal nodules was recognized as blue area by azan staining. Fibrous area in the tumor treated with IL-17A was wider than that without IL-17A. Image credit: Kanazawa University

The researchers then injected mice with human peritoneal cells and gastric cancer cells and examined the effects of IL-17A treatment, with interesting results.

“Not only did IL-17A increase tumor size and the degree of fibrosis, it also changed the structure of the peritoneal cells, enhancing their invasive and migratory capabilities,” explains responsible author Sachio Fushida.

“Given the obvious role of IL-17A in driving fibrosis, our results suggest that suppression of mast cell degranulation may be a promising treatment strategy for gastric cancer patients with peritoneal dissemination.”

Article

Interleukin-17A derived from mast cells contributes to fibrosis in gastric cancer with peritoneal dissemination

Journal: Gastric Cancer

Authors: Katsuya Gunjigake, Jun Kinoshita, Takahisa Yamaguchi, Hiroto Saito, Daisuke Fujimori, Toshihide Horiike, Shinichi Harada, Hidehiro Tajima, Itasu Ninomiya, Tetsuo Ohta, Sachio Fushida

DOI: 10.1007/s10120-020-01092-2

Funder

This work was supported by JSPS KAKENHI Grant Number 16K10494.

Source: Kanazawa University




Source link

0
Continue Reading

Trending