ISSUE 93

25 April 2019

Article of the Month Around the World


Project Hithawathi  Your confidante in Cyber Space


This project titles as �Hithawathi-Your Confidante� which was initially commenced in January 2014. Hithawathi project is a help desk designed for the victims and casualties of technology / internet related activities. The project was initiated by the community members of Internet Society � Sri Lanka Chapter (ISOC-LK) and LK Domain Registry (LKDR). It is connected and privileged to get assistance of national level organizations such as Sri Lanka Computer Emergency Response Team (Co-ordination Center), TechCERT, Sri Lanka Police and individuals such as students� counselors, legal advisors attached to different organizations , members of ISOC-LK and LKDR. Some of the individuals have been serving voluntarily.

Hithawathi can be described as a supporter, a listener, a guide, a helper to internet users, especially young girls & ladies, teenagers and minors� �Hithawathi� educates public recognizing incidents related to cyber harassment, cyber stalks, black mail incidents, cyber bulling, etc... . Also �Hithawathi� makes you aware of how to prevent such incidents and is always there to guide if such situations occur.
Hithawathi project mainly concerns women, children and those who are victimized or looking for information, however, it is not limited only for females. Anybody can request help or assistance from Hithawathi, regardless of their gender, age, language or any other limitations. The guidance is served in all three languages � Sinhala, Tamil and English.


This helpdesk can be contacted through different means � Hotline-telephone number +94 11 421 6062, email address � hithawathi@isoc.lk to make any request or seek assistance / guidance. Furthermore, it comes up with a website (www.hithawathi.lk), a blog (https://hithawati.blogspot.com) and a Facebook page (www.facebook.com/hithawathi) sharing knowledge, guidelines (of popular social networking sites), safety tips etc... The website provides guidelines to be safe from some of the harmful internet frauds, identify them and even report them.
Currently the hotline is available during office hours � Monday to Friday from 08.30 am � to 5.00pm. It is hoping to extend the service 24 X 7 in future.


 If you are happened to meet with any cyber space / internet related issue and you are not able to figure-out what to be done exactly or to whom to talk, then you may contact Hithawathi. Hithawathi is glad to support you specially directing you what to be done.
In some of these cases, the victim may have to make a complaint at the Police yet feeling uncomfortable to discuss some of the incidents with a male partner. Hithawathi caters for issues of this type through their helpline, which is handled by well trained and trustworthy female officers, who are willing to kindly listen to the victim and guide to the correct path.
In addition to the help desk, Hithawathi project will be conducting awareness sessions targeting young and female crowd in the country.
For more infomation refer:


Hotline- +94 11 421 6062

email address - hithawathi@isoc.lk

Blog- https://hithawati.blogspot.com

Facebook page- www.facebook.com/hithawathi












1 Statistics on the Internet growth in Sri Lanka
2.The Dragon Research Group (DRG)
3.TSUBAME (Internet threat monitoring system) from JPCERT | CC
4.Shadowserver Foundation
5. Team Cymru


Government Blockchain Spending to Increase Big by 2022



"We believe asset management, identity management, and smart contracts will be the leading blockchain solutions for government," Shawn McCarthy, IDC�s research director said in a statement. "Early spending will focus on supply chain and asset management solutions, while spending in later years will expand to include more identity management and complex financial transactions.."


North Korea�s Hidden Cobra Strikes U.S. Targets with HOPLIGHT


"...In an advisory this week, the United States Computer Emergency Readiness Team (US-CERT) said that there are nine different executable files being used to spread the malware, which is the work of the North Korean government�s Hidden Cobra APT (a.k.a. the Lazarus Group), it said. These files are signed with valid certificates to get around basic antivirus measures, and use encrypted connections to communicate with their command-and-control (C2) servers....."


OceanLotus: macOS malware update


'..Early in March 2019, a new macOS malware sample from the OceanLotus group was uploaded to VirusTotal, a popular online multi-scanner service. This backdoor executable bears the same features as the previous macOS variant we looked at, but its structure has changed and its detection was made harder. Unfortunately, we couldn�t find the dropper associated with this sample so we do not know the initial compromise vector.....'

How AI and Automation Can Uncover Attacks in the 2020 Election



'...Adversaries of the U.S. including Russia, China and Iran �probably already are looking to the 2020 U.S. elections as an opportunity to advance their interests� and �will use online influence operations to try to weaken democratic institutions.�...'

Researchers develop new tool for safety-critical software testing

    '....We entrust our lives to software every time we step aboard a high-tech aircraft or modern car. A long-term research effort guided by two researchers at the National Institute of Standards and Technology (NIST) and their collaborators has developed new tools to make this type of safety-critical software even safer.......'
Month in Brief
Facebook Incidents Reported to Sri Lanka CERT|CC in March 2019


  Statistics - Sri Lanka CERT|CC

Facial Recognition is Here: But Are We Ready?

'...Facial recognition is also already actively used by police forces and even at the White House. And it�s not just the U.S; biometrics are spreading worldwide. The EU last week approved a massive biometrics database that combines data from law enforcement, border patrol and more for both EU and non-EU citizens....'
Microsoft Office now the most targeted platform, as browser security improves 

"...Microsoft Office has become cybercriminals� preferred platform when carrying out attacks, and the number of incidents keeps increasing, Kaspersky Lab researchers said during the company�s annual conference, Security Analyst Summit, in Singapore....."
Cloud Atlas: Huawei's homegrown AI hardware hits shelves. Oh, and it's working on DNA storage

�...Chinese IT leviathan Huawei has launched a range of hardware for machine learning applications based on its own specialised silicon.......�
Google Helps Police Identify Devices Close to Crime Scenes Using Location Data

."..It's no secret that Google tracks you everywhere, even when you keep Google's Location History feature disabled.

As revealed by an Associated Press investigation in 2018, other Google apps like Maps or daily weather update service on Android allows the tech giant to continuously collect your precise latitude and longitude...."

Notice Board

Training and Awareness Programs - June  2019

From 18 th June 2019 to 21th June (4 days)

EDUCSIRT Training program


Brought to you by: