The Joyous Union of Bitcoin and Mobile Phones

By: Soha Ali

Cryptocurrency and smartphones are married to each other whether we like it or not. One is the first successfully implemented form of digital hard money and the other is a mini-supercomputer in your pocket. It makes sense why two futuristic technologies would eventually join hands.

The seamless integration of crypto into smartphones is exactly what the SIKURPhone (read: Secure Phone) is all about. Although we have told you about crypto-supported smartphones before, none of them have been as innovative as the SIKURPhone (neither have they been so badly named.)

This device is a successor to the 2016 GranitePhone – the supposed world’s most secure smartphone. But this time, there’s a crypto twist in the mix.

The company embraced the blockchain trends and added advanced crypto functionality into the device by integrating a cold storage wallet. So you can keep all your cryptocurrency on the phone and carry it with you wherever you want. With this you can track your current balance, store currencies on SIKUR’s cloud, check the pricing for different cryptocurrencies, or read the crypto-related news in a special newsfeed space.

Now, I know what you’re thinking. Why would anyone want to store sensitive financial data on a smartphone, a device that’s usually so prone to being hacked or misplaced? Well, that brings us to the extensive security that the SIKURPhone has in it:

The Unhackable Phone

The company gave their devices to HackerOne, a company that is famous for testing vulnerabilities in software, to see if they could expose any problems and hack the device. Long story short, they tried for 2 months and failed. That should tell you just how secure your crypto-monies are going to be!

Other than that, the device has advanced remote wipe features so in the event that you lose your SIKURPhone or it gets stolen, you can completely remove any traces of your information from it, thus protecting your cryptocurrency.


Cyber-Attacks Are Top Business Risk in North America and Europe

By: Phil Muncaster

Cyber-attacks are the number one business risk in the regions of Europe, North America and East Asia and the Pacific, according to a major new study from the World Economic Forum(WEF).

Its Regional Risks for Doing Business report highlights the opinions of 12,000 executives from across the globe.

While “unemployment or underemployment” and “failure of national governance” take first and second place respectively, cyber threats have moved from eighth in last year’s report to fifth this year.

It tended to be viewed as a greater risk in more advanced economies: 19 countries from Europe and North America plus India, Indonesia, Japan, Singapore and the United Arab Emirates ranked it as number one.

In Europe, the UK and Germany both placed cyber-attacks as the number one risk.

Bromium’s EMEA CTO, Fraser Kyne, argued that businesses are still suffering despite spending an estimated $118bn on cybersecurity globally.

“When looking at the causes of breaches, it’s evident that email attachments, links and downloads are the most common methods used by hackers. Be it HR professionals opening infected CVs from unknown sources, or employees clicking links on malware-riddled social media sites on their lunch break, users provide hackers with an easy route to bypass security,” he added.

“These simple attack methods are still effective because the architecture cybersecurity is built on is fundamentally flawed, as it overwhelmingly relies on detecting these threats. We’re increasingly seeing zero-day and other polymorphic malware being used to evade detection. Even the more sophisticated detection-based tools that utilize machine learning, AI and behavioral analytics to identify anomalies and patterns can potentially struggle to determine what is good and what is bad – and are certainly never able to be 100% accurate.”


‘Almost all’ Pakistani banks hacked in security breach, says FIA cybercrime head

By: Shakeel Qarar

In a shocking revelation, the head of the Federal Investigation Agency’s (FIA) cybercrime wing has said data from “almost all” Pakistani banks was stolen in a recent security breach.

“According to a recent report we have received, data from almost all Pakistani banks has been reportedly hacked,” FIA Cybercrimes Director retired Capt Mohammad Shoaib told Geo Newson Tuesday.

When pressed to clarify, the official said data from “most of the banks” operating in the country had been compromised.

Speaking to DawnNewsTV, Shoaib said hackers based outside Pakistan had breached the security systems of several local banks. “The hackers have stolen large amounts of money from people’s accounts,” he added.

“The recent attack on banks has made it quite clear that there is a need for improvement in the security system of our banks,” he observed.

He said the FIA has written to all banks, and a meeting of the banks’ heads and security managements is being called. The meeting will look into ways the security infrastructure of banks can be bolstered.

“Banks are the custodians of the money people have stored in them,” Shoaib said. “They are also responsible if their security features are so weak that they result in pilferage.”

It wasn’t immediately clear when exactly the security breach took place.

According to Shoaib, more than 100 cases are being investigated by the agency in connection with the breach.

“An element of banking fraud which is a cause of concern is that banks hide the theft [that involves them]… and the clients report [the theft] to the banks and not to us, resulting in a loss of people’s money,” he told DawnNewsTV.

“We are trying to play a proactive role in preventing bank pilferage,” he added.

Shoaib said the agency has arrested many gangs involved in cybercrimes and recovered stolen money from them.

A gang was arrested last week whose members used to disguise themselves as army officials and withdraw money from banks after gathering people’s data, the official added.


WhatsApp: Newest Attack Target for Mobile Phishing

By: Uladzislau Murashka


Phishing attacks aren’t nearly as successful as they used to be because by now people have learned to look out for the emails that ask them to provide sensitive details. While this is true for emails, it seems that pioneer attackers have embraced other ways of utilizing phishing attacks, namely through messaging services such as WhatsApp, Skype, and even plain old SMS.

Mobile Phishing
Mobile phishing is an issue that shows no signs of abating anytime soon. According to Verizon, 90% of their recorded data breaches began with a phishing attack and right now mobile is an increasingly common attack vector.

Recent research from Wandera shows a new trend among cyber-criminals toward mobile phishing. Every day, dozens of new attacks are detected and many of them last less than a day before being shut down and relocated elsewhere. These phishing attacks share many standard features, notably centering around the use of WhatsApp.

Distribution Methods
Now that there is a widespread awareness of the dangers email-based phishing attacks bring, many savvy cyber-criminals are instead moving on to using other vectors that allow them to attack mobile devices. Many of such attacks center on WhatsApp as both the initial method of delivery and the way to reach more targets after every single success.

It isn’t just the awareness that has led to this shift. Email clients and providers have many built-in tools that identify any potential phishing emails and alert the user or automatically delete the email.

In contrast, there are no such security measures for SMS, or for app-based messaging services. Given the sheer number of different messaging apps out there, it is challenging to develop a catch-all defense against mobile phishing attacks. This results in mobile-based attacks being at least three times more effective than the phishing that takes place through desktop. Without any doubt, mobile providers should make further investments into raising cybersecurity awareness and improving it on mobile.

Exploiting WhatsApp
Unlike with phishing emails, which are often flagged as potentially malicious, there is no filtering or alert system on WhatsApp either. When a user receives a link on WhatsApp, it usually generates a preview of that website’s logo and page title. These are easy for an attacker to fake but might give a phishing message enough of a veneer of legitimacy for the user to get caught off guard.


SIKURPhone – Beyond a Cryptocurrency Wallet and Ready for Financial Transactions

By: sikur

Whilst Sikurs competitors are promising to release secure blockchain devices, Sikur is already delivering a full and innovative operating system experience. SikurOS is powering devices that can deliver much more than secure cryptocurrency wallets and other gadgets to protect assets.

2018 has been an incredible year for us – from the rush of launching SIKURPhone at Mobile World Congress, in Barcelona, to porting SikurOS to different hardware. It has been an exciting journey and we still have more to come, said Alexandre Vasconcelos, Sikurs COO.

SikurOS is a very innovative model, although its concepts are widely available. An operating system that is capable of effectively protecting user data is an approach that has taken SIKURPhone to the next level. Combining safety with convenience is a challenge that Sikurs research and development team face every day.

According to Group-IB, more than $882 million in cryptocurrency assets was lost to fraud and hacks in 2017 and 2018, mostly in the Asian market, including the over $500 million hack of Japanese Cryptocurrency Exchange Coincheck. Protecting cryptocurrency coins for the regular investor with simplicity and usability is already possible with SIKURPhone.

After passing rigorous tests by HackerOne with a bug bounty program, securing cryptocurrency is a challenge that SIKURPhone has already overcome. Sikur is now daring to take it a step further with the Trading Station concept.


Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

Sikur lança solução que traz camada adicional para aplicações críticas

By: TI Inside Online

Embora os concorrentes da Sikur estejam prometendo lançar dispositivos blockchain seguros, a Sikur já está oferecendo um sistema operacional completo para uso de carteiras de criptomoedas seguras e outros gadgets para proteger ativos.

“2018 tem sido um ano incrível para nós – desde a corrida de lançamento do SIKURPhone no Mobile World Congress, em Barcelona, ??até a portabilidade do SikurOS para diferentes hardwares. Foi uma jornada emocionante e ainda temos mais por vir”, disse Alexandre Vasconcelos, COO da Sikur.

“O SikurOS é um modelo muito inovador, embora seus conceitos estejam amplamente disponíveis. Um sistema operacional capaz de proteger efetivamente os dados do usuário é uma abordagem que levou o SIKURPhone a combinar segurança com conveniência, um desafio que a equipe de pesquisa e desenvolvimento da Sikur enfrenta todos os dias”, completa.

De acordo com o Group-IB, mais de US$ 882 milhões em ativos de criptomoeda foram perdidos para fraudes e hackers em 2017 e 2018, principalmente no mercado asiático, incluindo os mais de US$ 500 milhões do Japanese Cryptocurrency Exchange Coincheck. Proteger moedas de criptomoedas para o investidor regular com simplicidade e usabilidade é o que promete o SIKURPhone.

Depois de passar por testes rigorosos da HackerOne com um programa de recompensas de bugs, garantir a criptomoeda é um desafio que a SIKURPhone já superou. Sikur está agora se atrevendo a dar um passo adiante com o conceito de Trading Station.

“O mercado financeiro é dinâmico e está em constante mudança. Os números de fraude e perda continuam aumentando à medida que a variedade de métodos de transação digital cresce. As soluções existentes não fornecem flexibilidade, usabilidade e segurança suficientes para o usuário moderno. A Sikur’s Trading Station usa a força do SikurOS e fornece camadas extras de segurança para aplicativos financeiros que exigem proteção máxima. Também introduz liberdade e flexibilidade para realizar operações de qualquer lugar, sem a necessidade de estar em escritórios ou redes altamente protegidas. As ações de trading, mobile banking e mPOS (Mobile Point of Sale) são alguns exemplos do mundo real onde a SIKURPhone pode fazer uma grande diferença para a indústria”, disse Fabio Fischer, vice-presidente executivo da Sikur.

Proteger dados localmente e na nuvem é uma alta prioridade para empresas e governos. Portanto, ter aplicativos conhecidos nesses dispositivos está se tornando obrigatório, pois a segurança preocupa mais pessoas a cada ano.

“Na Sikur, a inovação faz parte do nosso DNA. Estamos sempre procurando criar. Essa energia dá a todos mais poder e determinação para progredir. O conceito de Trading Station vem dessa maneira de pensar”, diz Alexandre Stumpf, CTO da Sikur.


Xperiaをデータ保護に特化させたスマホ「SIKURPhone XZ1/XA2」発表

By: Engadget Japan

セキュリティ企業のSikurは、データ保護に特化したスマートフォン「SIKURPhone XZ1/XA2」を発表しました。その名前や本体デザインからもわかるように、ソニーのXperia XZ1/XA2がベースの端末となっています。


SIKURPhone XZ1/XA2はAndroid OSをベースとしたカスタムOS「SikurOS」を搭載。クラウドベースの専用アプリにて暗号化通信を利用したボイスメッセージを送受信したり、ドキュメントを編集したり、動画通話が利用できます。なお、アプリの専用ストアは2018年末までにローンチされる予定です。

さらにSikurによれば、SIKURPhone XZ1/XA2は暗号通貨の取り扱いにおいても「最も安全なデジタルウォレット」だとしています。また、エンタープライズ用途としては遠隔でのデバイスやユーザーの管理が可能です。

本体スペックはベースのスマートフォンと変わらず、SIKURPhone XZ1はディスプレイが5.2インチでプロセッサがSnapdragon 835、1900万画素カメラを搭載。SIKURPhone XA2はディスプレイが5.2インチでプロセッサがSnapdragon 630、2300万画素カメラを搭載しています。

SIKURPhone XZ1/XA2の価格はそれぞれ850ドル(約9万6000円)と650ドル(約7万4000円)。最新ではありませんが十分なスペックにセキュリティ機能を搭載したスマートフォンとして、企業からの需要が見込まれそうです。


SIKURPhone – 仮想通貨ウォレットを超えて金融取引の準備が整う

By: Business Wire

  • SIKURPhone – ファースト・クラスのセキュリティーを備えたハイエンド・スマートフォンの利便性
  • セキュア・コミュニケーション市場で先頭を歩むデバイス
  • オペレーティングシステムのSikurOSがセキュリティー思想の基盤

ロンドン–(BUSINESS WIRE)– (ビジネスワイヤ) — Sikurの競合企業はセキュアなブロックチェーン・デバイスを発表すると約束している段階ですが、Sikurは、完全な革新的なオペレーティングシステムの体験を既に提供しています。SikurOSは、安全な仮想通貨ウォレットや資産を守るためのその他のガジェット以上のものを多数もたらすことができるデバイスで使用されています。

「2018年は私たちにとって信じられない年となっています。バルセロナで行われたモバイル・ワールド・コングレスでSIKURPhoneを発表してから、SikurOSを異なるハードウェアに移植するまで前進しました。これまで活発な作業が続いてきましたが、まだ新たなものが控えています」と、Sikur最高執行責任者(COO)のAlexandre Vasconcelosは述べています。




「金融市場は動的なものであり、常に変化しています。デジタル取引方法の種類が拡大するにつれて、詐欺や紛失事件の数は増加を続けています。これまでのソリューションでは、現代のユーザーが必要とする柔軟性、容易さ、セキュリティーを十分に提供することができません。Sikurのトレーディング・ステーションはSikurOSの能力を利用し、最高度の保護を必要とする金融アプリに追加的なセキュリティー・レイヤーを提供します。どの場所にいても操作を実行できる自由と柔軟性も実現し、オフィスや高度に保護されたネットワークから操作する必要はなくなります。株式の取引、モバイル・バンキング、mPOS(モバイル販売)は、SIKURPhoneが業界で大きな改革を起こすことのできる実際的事例の一部です」と、SikurのエグゼクティブVPのFabio Fischerは語っています。


「Sikurでは、イノベーションが浸透しています。私たちは常に創造を目指しています。このエネルギーが、前進するために必要なパワーと決意を全員に与えています。トレーディング・ステーションのコンセプトはこのような考え方から出てきたものです」と、SikurのCTOのAlexandre Stumpfは述べています。


Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer

By: Mohit Kumar

Cybersecurity researchers have revealed an unpatched logical flaw in Microsoft Office 2016 and older versions that could allow an attacker to embed malicious code inside a document file, tricking users into running malware onto their computers.

Discovered by researchers at Cymulate, the bug abuses the ‘Online Video‘ option in Word documents, a feature that allows users to embedded an online video with a link to YouTube, as shown.

When a user adds an online video link to an MS Word document, the Online Video feature automatically generates an HTML embed script, which is executed when the thumbnail inside the document is clicked by the viewer.

Researchers decided to go public with their findings three months after Microsoft refused to acknowledge the reported issue as a security vulnerability.

How Does the New MS Word Attack Works?

Since the Word Doc files (.docx) are actually zip packages of its media and configuration files, it can easily be opened and edited.

According to the researchers, the configuration file called ‘document.xml,’ which is a default XML file used by Word and contains the generated embedded-video code, can be edited to replace the current video iFrame code with any HTML or javascript code that would run in the background.



Cybercrime Damages $6 Trillion By 2021

By: Steve Morgan

Cybercriminal activity is one of the biggest challenges that humanity will face in the next two decades

The 2017 Official Annual Cybercrime Report is sponsored by Herjavec Group,  a leading global information security advisory firm and Managed Security Services Provider (MSSP) with offices across the United States, Canada, and the United Kingdom. Download PDF

Cybercrime is the greatest threat to every company in the world, and one of the biggest problems with mankind. The impact on society is reflected in the numbers.

Last year, Cybersecurity Ventures predicted that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, and will be more profitable than the global trade of all major illegal drugs combined.

The cybercrime prediction stands, and over the past year it has been corroborated by hundreds of major media outlets, universities and colleges, senior government officials, associations, industry experts, the largest technology and cybersecurity companies, and cybercrime fighters globally.

The damage cost projections are based on historical cybercrime figures including recent year-over-year growth, a dramatic increase in hostile nation state sponsored and organized crime gang hacking activities, and a cyber attack surface which will be an order of magnitude greater in 2021 than it is today.

Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.