#FactCheck - Viral Images of Indian Army Eating Near Border area Revealed as AI-Generated Fabrication

Introduction

In the labyrinthine world of cybersecurity, a new spectre has emerged from the digital ether, casting a long shadow over the seemingly impregnable orchards of Apple's macOS. This phantom, known as SpectralBlur, is a backdoor so cunningly crafted that it remained shrouded in the obscurity of cyberspace, undetected by the vigilant eyes of antivirus software until its recent unmasking. The discovery of SpectralBlur is not just a tale of technological intrigue but a narrative that weaves together the threads of geopolitical manoeuvring, the relentless pursuit of digital supremacy, and the ever-evolving landscape of cyber warfare.

SpectralBlur, a term that conjures images of ghostly interference and elusive threats, is indeed a fitting moniker for this new macOS backdoor threat. Cybersecurity researchers have peeled back the layers of the digital onion to reveal a moderately capable backdoor that can upload and download files, execute shell commands, update its configuration, delete files, and enter states of hibernation or sleep, all at the behest of a remote command-and-control server. Greg Lesnewich, a security researcher whose name has become synonymous with the relentless pursuit of digital malefactors, has shed light on this new threat that overlaps with a known malware family attributed to the enigmatic North Korean threat actors.

SpectralBlur similar to Lazarus Group’s KANDYKORN

The malware shares its DNA with KANDYKORN, also known as SockRacket, an advanced implant that functions as a remote access trojan capable of taking control of a compromised host. It is a digital puppeteer, pulling the strings of infected systems with a malevolent grace. The KANDYKORN activity also intersects with another campaign orchestrated by the Lazarus sub-group known as BlueNoroff, or TA444, which culminates in the deployment of a backdoor referred to as RustBucket and a late-stage payload dubbed ObjCShellz.

Recently, the threat actor has been observed combining disparate pieces of these two infection chains, leveraging RustBucket droppers to deliver KANDYKORN. This latest finding is another sign that North Korean threat actors are increasingly setting their sights on macOS to infiltrate high-value targets, particularly those within the cryptocurrency and blockchain industries. 'TA444 keeps running fast and furious with these new macOS malware families,' Lesnewich remarked, painting a picture of a relentless adversary in the digital realm.

Patrick Wardle, a security researcher whose insights into the inner workings of SpectralBlur have further illuminated the threat landscape, noted that the Mach-O binary was uploaded to the VirusTotal malware scanning service in August 2023 from Colombia. The functional similarities between KANDYKORN and SpectralBlur have raised the possibility that they may have been built by different developers with the same requirements. What makes the malware stand out are its attempts to hinder analysis and evade detection while using grant to set up a pseudo-terminal and execute shell commands received from the C2 server.

The disclosure comes as 21 new malware families designed to target macOS systems, including ransomware, information stealers, remote access trojans, and nation-state-backed malware, were discovered in 2023, up from 13 identified in 2022. 'With the continued growth and popularity of macOS (especially in the enterprise!), 2024 will surely bring a bevvy of new macOS malware,' Wardle noted, his words a harbinger of the digital storms on the horizon.

Hackers are beefing up their efforts to go after the best MacBooks as security researchers have discovered a brand new macOS backdoor which appears to have ties to another recently identified Mac malware strain. As reported by Security Week, this new Mac malware has been dubbed SpectralBlur and although it was uploaded to VirusTotal back in August of last year, it remained undetected by the best antivirus software until it recently caught the attention of Proofpoint’s Greg Lesnewich.

Lesnewich explained that SpectralBlur has similar capabilities to other backdoors as it can upload and download files, delete files and hibernate or sleep when given commands from a hacker-controlled command-and-control (C2) server. What is surprising about this new Mac malware strain though is that it shares similarities to the KandyKorn macOS backdoor which was created by the infamous North Korean hacking group Lazarus.

Just like SpectralBlur, KandyKorn is designed to evade detection while providing the hackers behind it with the ability to monitor and control infected Macs. Although different, these two Mac malware strains appear to be built based on the same requirements. Once installed on a vulnerable Mac, SpectralBlur executes a function that allows it to decrypt and encrypt network traffic to help it avoid being detected. However, it can also erase files after opening them and then overwrite the data they contain with zeros..

How to keep your Apple computers safe from hackers

As with the best iPhones, keeping your Mac up to date is the easiest and most important way to keep it safe from hackers. Hackers often prey on users who haven’t updated their devices to the latest software as they can exploit unpatched vulnerabilities and security flaws.

Checking to see if you're running the latest macOS version is quite easy. Just click on the Apple Logo in the top right corner of your computer, head to System Preferences and then click on Software Update. If you need a bit more help, check out our guide on how to update a Mac for more detailed instructions with pictures.

Even though your Mac has its own built-in malware scanner from Apple called xProtect, you should consider using one of the best Mac antivirus software solutions for additional protection. Paid antivirus software is often updated more frequently and you often also get access to other extras to help keep you safe online like a password manager or a VPN.

Besides updating your Mac frequently and using antivirus software, you must be careful online. This means sticking to trusted online retailers, carefully checking the URLs of the websites you visit and avoiding opening links and attachments sent to you via email or social media from people you don’t know. Likewise, you should also learn how to spot a phishing scam to know which emails you want to delete right away.

Conclusion 

The thing about hackers and other cybercriminals is that they are constantly evolving their tactics and attack methods. This helps them avoid detection and allows them to devise brand-new ways to trick ordinary people. With the surge we saw in Mac malware last year, though, Apple will likely be working on beefing up xProtect and macOS to better defend against these new threats.

References 

• https://www.scmagazine.com/news/new-macos-malware-spectralblur-idd-as-north-korean-backdoor
• https://www.tomsguide.com/news/this-new-macos-backdoor-lets-hackers-take-over-your-mac-remotely-how-to-stay-safe
• https://thehackernews.com/2024/01/spectralblur-new-macos-backdoor-threat.html

Cyber, is the new weapon today! Cyber Violence is violence in cyber-space that has led to violation of cyber rights of individuals, especially those of children and women. Online violence and harassment have been overlooked laying more emphasis on offline or physical violence.

New Delhi [India], November 12 (ANI/NewsVoir): Cyber, is the new weapon today! Cyber Violence is violence in cyber-space that has led to violation of cyber rights of individuals, especially those of children and women. Online violence and harassment have been overlooked laying more emphasis on offline or physical violence. Cyber violence very often permanently, psychologically impacts the victims and their families. Various forms of threats ranging from morphing, stalking, solicitation of children for sexual purposes, online grooming, have grave consequences on the victims disturbing their mental well-being. Maintaining mental well-being in cyber space is a challenge we wish to promote and advocate for, in order to build responsible netizens.

Together, we stand against violation of cyber rights and strongly believe; it is critical to allow everyone to feel safe online. Netizen’s safety rights must be protected from all kinds of abuse and violence. Setting a mission of ‘Making India Cyber Safe for Children and Women’, Responsible Netism a social purpose organization in association with CyberPeace Foundation, an award-winning Cyber Security think tank working towards bringing CyberPeace in CyberSpace for more than two decades, host its 6th Annual National Conference on Cyber Psychology themed “India Fights Cyber Violence”, scheduled for Saturday, January 22, 2022. Ta advocate on the theme, the campaign #IndiaFightsCyberViolence was launched on November 11, 2021 by Vinay Sahasrabuddhe – President ICCR, Member of Parliament, Priyank Kanoongo – Chairperson, NCPCR and Rekha Sharma, Chairperson NCW at the ICCR Auditorium Delhi. The session was also attended by the CyberPeace Foundation team members.

Vinay Sahasrabuddhe has been a strong advocate of online safety of children, he shared his visionary words and focused on 3 R’s, Research, Reform and Reshape. He recommended extensive research was necessary to strongly voice concerns and remedies based on evidence-based research which would help us reform intervention strategies and the reshape the existing framework to best suit the needs to protect women and children in cyber space. The NCW Chairperson Rekha Sharma shared how critical it is to create awareness about online safety rights of women and reiterated the need for spreading awareness about online safety to reach the last mile in order to build collective action and bring change. She also mentioned the need to conducting nationwide trainings for the police personal to handle and report online distress.

Priyank Kanoongo, the Chairperson of NCPCR has been very proactively advocating for the cause of child online protection and has been instrumental in voicing critical in fiercely voicing his thoughts on protecting online safety rights of children across India. He shared the following thoughts at the launch. He said there is dire need to educate parents about online safety in order to let the information trickle down to their children. He said NCPCR does not hold any inhibitions in naming and shaming violators of child rights be it offline or online and will always raise a strong voice against platform ‘s inability to protect children in cyber space.

Vineet Kumar, Founder and Global President, CyberPeace Foundation, the partnering organization shared that this nationwide movement will build great momentum on the cause of online protection of children and women cross the country and urged organizations across India to pledge their support to the cause. The more people joining this movement would build collective pressure to formulate guidelines and policies the make cyber space safe for children and women. Sonali Patankar – Founder Responsible Netism shared the objective of the campaign was to let online safety reach the last mile and build on aggressive reporting of online content. The movement was an effort to make the campaign India Fights Cyber Violence to make India cyber safe for children.

She shared that the campaign launch would be followed by a nationwide research conducted to understand parents perspectives on cyber violence which would be handy in representing recommendations on women and child safety protocols through commoners. There would be a round table for organizations working with children chaired by Priyank Kanoongo on November 22 followed by a round table held for organizations working with Women chaired by Rekha Sharma Madam on December 22, 2021. The campaign would culminate in the Responsible Netism 6th National Cyber Psychology Conference scheduled for January 22, 2022 that would witness a compilation of the research and the work done throughout the campaign.

The launch was attended by Sujay Patki – Social Activist and Advisor Responsible Netism and Shilpa Chandolikar trustee Responsible Netism, Adv Khushbu Jain Advocate Supreme Court of India followed by the vote of thanks by Unmesh Joshi – Co-founder Responsible Netism. With the success of the launch and the support of NCPCR and NCW, we are sure to make this a nation-wide movement to protect cyber safety rights of netizens and strongly believe in collective action to make India Cyber Safe for Women and Children.

This story is provided by NewsVoir. ANI will not be responsible in any way for the content of this article. (ANI/NewsVoir)(This story has not been edited by Devdiscourse staff and is auto-generated from a syndicated feed.)

Source: https://www.devdiscourse.com/article/business/1804283-cyberpeace-foundation-and-responsible-netism-launches-campaign-india-fights-cyber-violence-against-women-and-children

Introduction

In the digital realm of social media, Meta Platforms, the driving force behind Facebook and Instagram, faces intense scrutiny following The Wall Street Journal's investigative report. This exploration delves deeper into critical issues surrounding child safety on these widespread platforms, unravelling algorithmic intricacies, enforcement dilemmas, and the ethical maze surrounding monetisation features. Instances of "parent-managed minor accounts" leveraging Meta's subscription tools to monetise content featuring young individuals have raised eyebrows. While skirting the line of legality, this practice prompts concerns due to its potential appeal to adults and the associated inappropriate interactions. It's a nuanced issue demanding nuanced solutions.

Failed Algorithms 

The very heartbeat of Meta's digital ecosystem, its algorithms, has come under intense scrutiny. These algorithms, designed to curate and deliver content, were found to actively promoting accounts featuring explicit content to users with known pedophilic interests. The revelation sparks a crucial conversation about the ethical responsibilities tied to the algorithms shaping our digital experiences. Striking the right balance between personalised content delivery and safeguarding users is a delicate task.

While algorithms play a pivotal role in tailoring content to users' preferences, Meta needs to reevaluate the algorithms to ensure they don't inadvertently promote inappropriate content. Stricter checks and balances within the algorithmic framework can help prevent the inadvertent amplification of content that may exploit or endanger minors.

Major Enforcement Challenges

Meta's enforcement challenges have come to light as previously banned parent-run accounts resurrect, gaining official verification and accumulating large followings. The struggle to remove associated backup profiles adds layers to concerns about the effectiveness of Meta's enforcement mechanisms. It underscores the need for a robust system capable of swift and thorough actions against policy violators.

To enhance enforcement mechanisms, Meta should invest in advanced content detection tools and employ a dedicated team for consistent monitoring. This proactive approach can mitigate the risks associated with inappropriate content and reinforce a safer online environment for all users.

The financial dynamics of Meta's ecosystem expose concerns about the exploitation of videos that are eligible for cash gifts from followers. The decision to expand the subscription feature before implementing adequate safety measures poses ethical questions. Prioritising financial gains over user safety risks tarnishing the platform's reputation and trustworthiness. A re-evaluation of this strategy is crucial for maintaining a healthy and secure online environment.

To address safety concerns tied to monetisation features, Meta should consider implementing stricter eligibility criteria for content creators. Verifying the legitimacy and appropriateness of content before allowing it to be monetised can act as a preventive measure against the exploitation of the system.

Meta's Response 

In the aftermath of the revelations, Meta's spokesperson, Andy Stone, took centre stage to defend the company's actions. Stone emphasised ongoing efforts to enhance safety measures, asserting Meta's commitment to rectifying the situation. However, critics argue that Meta's response lacks the decisive actions required to align with industry standards observed on other platforms. The debate continues over the delicate balance between user safety and the pursuit of financial gain. A more transparent and accountable approach to addressing these concerns is imperative.

To rebuild trust and credibility, Meta needs to implement concrete and visible changes. This includes transparent communication about the steps taken to address the identified issues, continuous updates on progress, and a commitment to a user-centric approach that prioritises safety over financial interests.

The formation of a task force in June 2023 was a commendable step to tackle child sexualisation on the platform. However, the effectiveness of these efforts remains limited. Persistent challenges in detecting and preventing potential child safety hazards underscore the need for continuous improvement. Legislative scrutiny adds an extra layer of pressure, emphasising the urgency for Meta to enhance its strategies for user protection.

To overcome ongoing challenges, Meta should collaborate with external child safety organisations, experts, and regulators. Open dialogues and partnerships can provide valuable insights and recommendations, fostering a collaborative approach to creating a safer online environment.

Drawing a parallel with competitors such as Patreon and OnlyFans reveals stark differences in child safety practices. While Meta grapples with its challenges, these platforms maintain stringent policies against certain content involving minors. This comparison underscores the need for universal industry standards to safeguard minors effectively. Collaborative efforts within the industry to establish and adhere to such standards can contribute to a safer digital environment for all.

To align with industry standards, Meta should actively participate in cross-industry collaborations and adopt best practices from platforms with successful child safety measures. This collaborative approach ensures a unified effort to protect users across various digital platforms.

Conclusion

Navigating the intricate landscape of child safety concerns on Meta Platforms demands a nuanced and comprehensive approach. The identified algorithmic failures, enforcement challenges, and controversies surrounding monetisation features underscore the urgency for Meta to reassess and fortify its commitment to being a responsible digital space. As the platform faces this critical examination, it has an opportunity to not only rectify the existing issues but to set a precedent for ethical and secure social media engagement.

This comprehensive exploration aims not only to shed light on the existing issues but also to provide a roadmap for Meta Platforms to evolve into a safer and more responsible digital space. The responsibility lies not just in acknowledging shortcomings but in actively working towards solutions that prioritise the well-being of its users.

References

• https://timesofindia.indiatimes.com/gadgets-news/instagram-facebook-prioritised-money-over-child-safety-claims-report/articleshow/107952778.cms
• https://www.adweek.com/blognetwork/meta-staff-found-instagram-tool-enabled-child-exploitation-the-company-pressed-ahead-anyway/107604/
• https://www.tbsnews.net/tech/meta-staff-found-instagram-subscription-tool-facilitated-child-exploitation-yet-company

‍