0 0
Read Time:10 Minute, 10 Second

This Saturday evening, friends, we have collected for you another selection of interesting news from the world of IT👨🏻‍💻

Read our digest, discuss it in the comments and share it in your social networks and instant messengers😉



👉🏻Outdated versions of Sberbank-Online will no longer work on smartphones from January 16

👉🏻The cybersecurity market in Russia is growing contrary to forecasts https://t.me/anti_malware/14128

👉🏻Media: banks started testing forwarding transaction notifications via VK Messenger instead of sending SMS messages

👉🏻The State Duma identified the possible creators of the future Russian mobile OS

👉🏻Russian industry will almost completely switch to domestic software in 2030


Pessimistic forecasts regarding the Russian information security market did not come true, according to Positive Technologies . Despite an expected 11% decline in volume, preliminary estimates show that the market has grown by 10-20%. The response to mass attacks was the growth in the share of services in the field of cybersecurity. This is the main result of the year through the eyes of Positive Technologies. We are talking about a request for work related to security analysis, monitoring information security events, incident response and investigation, the company said in a press release.

The volume of such work at Positive Technologies more than doubled in 2022. The key factor that influenced the cybersecurity market in Russia last year was an unprecedented number of hacker attacks on domestic companies in various business areas, says Maxim Filippov, director of business development at Positive Technologies in Russia. “The active position of regulators and the state has become no less significant, making practical, effective cybersecurity a key need,” adds the top manager. “The rapid exit of foreign manufacturers of protective equipment negatively affected the dynamics of the market, however, it grew and became a different market for domestic manufacturers.”

According to Fillipov, in the coming years, the information security market in Russia will finally become the market of domestic manufacturers and will grow many times over. There will be even greater demand for technologies that can prevent hacker attacks before companies suffer irreparable damage. Forecasting an increase in the number of attacks this year and, as a result, the demand for technologies to prevent them, the company’s experts called the growth of interest in bug bounty platforms among companies in various business areas (including organizations with state participation), practical cyber exercises and means of protection a likely trend for the next year. with the maximum level of automation in terms of detecting hacker attacks and counteracting them. “The increase in the number of leaks, on the one hand, and turnover fines, on the other, will probably force Russian enterprises to think about revising their data protection architecture, as well as building an incident management process for timely notification of them,” the business consultant comments on the results of the year. on information security of Positive Technologies Aleksey Lukatsky.

The requirement for notification within 24 hours, regardless of holidays and weekends, is a serious challenge even for companies with experience in cybersecurity management, the expert emphasizes. Lukatsky also noted that the usual staff shortage in the industry will push the development of an information security service model, which involves the provision of cybersecurity services by an external provider.

In the new year, Positive Technologies experts predict:

  • The rise of hacktivism directed at government institutions. It can lead to negative consequences – from defacement of sites to the destruction of infrastructure.
  • Attacks on medical institutions and their clients: theft of confidential data, phishing attacks on patients, ransomware pressure, incidents aimed at hacking services and applications used to provide remote medical services.
  • Changes in the landscape of threats to the industry: the goals of criminals will often not be financial gain or obtaining large ransoms, but interruptions in the activities of enterprises, accidents, and shutdown of the most important technological processes.
  • The emergence of clones of online banks and attacks on financial companies through integrated systems.
  • An increase in the number of attacks on cloud service providers, continued attacks on the supply chains of software and services.
  • The development of attacks on online learning services, the continuation of ransomware attacks on science and education, and the attackers will pursue different goals: theft of research developments, personal and user credentials.
  • Improving the schemes of attacks on users using social engineering

Sberbank-Online mobile applications of outdated versions will stop working on users’ devices in a few days – from Monday, January 16, 2023. This was reported by the RIA Novosti news agency, citing a statement from Sberbank itself.

Outdated versions of Sberbank-Online will stop working on smartphones from January 16
It is noted that the applications will stop working, but users will be able to either update Sberbank-Online by installing a more recent version, or switch to the web version, available, including through a browser on smartphones.

Users of outdated versions of Sberbank-Online will be warned in advance via SMS and offered to update applications. For Android devices, this can be done on the Sberbank website or in the RuStore app store. The application for iOS is now installed and updated only at the bank’s offices. Sberbank also emphasized that a small number of customers now use outdated versions.


Several large Russian banks have begun testing in pilot mode sending notifications of financial transactions of customers on cards via VK Messenger instead of sending SMS messages and push notifications.

The experts explained that banks under sanctions are testing this possibility, whose official mobile applications have been removed from the Apple Store and Google Play, as well as those credit institutions that have problems sending push notifications, and sending SMS costs them 10-30 times more. than push.

Industry sources told the media that Sberbank, PSB, MCB, Expobank, Home Credit, Novikombank and Zenit are testing or going to use optional notifications to customers via VK Messenger as part of providing users with additional channels for delivering information about transactions, instead of or in addition to push notifications and SMS messages. Banks believe that the use of alternative channels of communication with customers will lead to lower costs in terms of sending messages on customer transactions.


The best personnel of four leaders of Russian IT – VK, Yandex, Sberbank and Rostelecom will be thrown into the creation of a national mobile OS. The conglomerate of developers plans to repeat the success of Huawei, which was under US sanctions and was forced to create its own operating system, the parliamentarian said.

Each of the companies has its own developments that allow creating their own system, fully compatible with Android, in a relatively short time, he added. Gorelkin in the Telegram channel called this initiative one of the most important IT projects on a national scale.

In Russia, they plan to select the three most promising domestic operating systems to optimize state support and make it easier for developers to adapt programs for a specific system, of which there are now more than 50 in the register of domestic software.

Red Expert – v2022.09
September 29, 2022 3:42 pm
Main Downloads
Linux x86_64
Linux x86
Windows x86_64
Windows x86
All downloads
bin/RedExpert-2022.09.tar.gz
bin/RedExpert-2022.09.zip
installer/RedExpert-2022.09-linux-x86_64.bin
installer/RedExpert-2022.09-linux-x86.bin
installer/RedExpert-2022.09-windows-x86_64.exe
installer/RedExpert-2022.09-windows-x86.exe
src/RedExpert-src-2022.09.tar.gz
src/RedExpert-src-2022.09.zip


A selection of materials on the information security system Astra Linux
GC “Astra”December 02, 2022
GOSTs for related technologies:

GOST R 59453.2-2021 Information security. formal access control model. Part 1. General Provisions
Part 1 of GOST describes the main provisions of the technology of mandatory access control and mandatory integrity control.

GOST R 59453.2-2021 Information security. formal access control model. Part 2. Recommendations for verification of the formal access control model
GOST R 58256-2018.

data protection. Information flow management in the information system. classification mark format

official documentation:

Astra Linux Special Edition RUSB.10015-01 (next update 1.7). Operational and additional documentation
https://wiki.astralinux.ru/pages/viewpage.action?pageId=137563555

Astra Linux Special Edition RUSB.10015-01 (next update 1.7). Developer Documentation
https://wiki.astralinux.ru/pages/viewpage.action?pageId=137564104

General information on access control mechanisms and integrity control:

Privacy level, privacy categories and integrity: what is what and how to work with it?
https://wiki.astralinux.ru/pages/viewpage.action?pageId=27362553

Mandatory Access Control and Mandatory Integrity Control
https://wiki.astralinux.ru/pages/viewpage.action?pageId=153486002

How to Set and Change Mandatory Attributes
https://wiki.astralinux.ru/pages/viewpage.action?pageId=1998876

Security label: structure and composition
https://wiki.astralinux.ru/pages/viewpage.action?pageId=48763550

Parsec kernel module parameters set in the loader
https://wiki.astralinux.ru/pages/viewpage.action?pageId=27361844

PARSEC Privileges
https://wiki.astralinux.ru/pages/viewpage.action?pageId=67112737

Parsec: /etc/parsec/mswitch.conf file format
https://wiki.astralinux.ru/pages/viewpage.action?pageId=43615149

PARSEC function reference
https://wiki.astralinux.ru/pages/viewpage.action?pageId=15466537

ufw firewall and iptables modules that support classification labels
https://wiki.astralinux.ru/pages/viewpage.action?pageId=68911165

Mechanisms for restricting the software environment:

Kiosk Mode
https://wiki.astralinux.ru/pages/viewpage.action?pageId=1998856

Comparison of operation of Kiosk-2 mode and Kiosk mode
https://wiki.astralinux.ru/pages/viewpage.action?pageId=79167693

System Kiosk-2: package parsec-kiosk2 (user restrictions)
https://wiki.astralinux.ru/pages/viewpage.action?pageId=57443245

Graphic kiosk
https://wiki.astralinux.ru/pages/viewpage.action?pageId=67108883

Additional integrity control mechanisms:

Astra Linux: Closed Environment Mode
https://wiki.astralinux.ru/pages/viewpage.action?pageId=41190634

Creation of an embedded signature in ELF files for the ZPS mode
https://wiki.astralinux.ru/pages/viewpage.action?pageId=61574460

Software signing
https://wiki.astralinux.ru/pages/viewpage.action?pageId=1998873

Working with the fly-admin-int-check utility
https://wiki.astralinux.ru/pages/viewpage.action?pageId=130423892

Retrospective of the development of information security in Astra Linux:

Astra Linux Special Edition (next update 1.6): Key changes in the information security system
https://wiki.astralinux.ru/pages/viewpage.action?pageId=27361820

Astra Linux Special Edition (next update x.7): Key changes in the complex of information security tools
https://wiki.astralinux.ru/pages/viewpage.action?pageId=153485983

List of functionality improvements provided by update #2021-1126SE17 (hot update 1.7.1)
https://wiki.astralinux.ru/pages/viewpage.action?pageId=153487328

List of functionality improvements provided by update #2022-0819SE17 (hot update 1.7.2)
https://wiki.astralinux.ru/pages/viewpage.action?pageId=211652161

Functionality improvements provided by update #2022-1110SE17 (hot update 1.7.3)
https://wiki.astralinux.ru/pages/viewpage.action?pageId=229283791

Summary table of differences between the next Astra Linux Special Edition updates
https://wiki.astralinux.ru/pages/viewpage.action?pageId=149064529

Other information security mechanisms:

Removable media in Astra Linux and accounting removable media
https://wiki.astralinux.ru/pages/viewpage.action?pageId=44892700

astra-safepolicy command line tools
https://wiki.astralinux.ru/pages/viewpage.action?pageId=109020865

Implementation of protection measures:

Possibilities of implementing information protection measures in accordance with the orders of the FSTEC of Russia using Astra Linux Special Edition x.7
https://wiki.astralinux.ru/pages/viewpage.action?pageId=181666117

Red Book: Astra Linux Special Edition RUSB.10015-01 and RUSB.10152-02 (next x.7 update)
https://wiki.astralinux.ru/pages/viewpage.action?pageId=153486034

Other reference information and methodological literature:

How we fix vulnerabilities in Astra Linux Special Edition OS
https://habr.com/ru/company/astralinux/blog/461691/

Modeling and verification of access control security policies in operating systems
https://www.ispras.ru/publications/2018/security_policy_modeling_and_verification/

Benefits of using IPS in Astra Linux Special Edition OS
https://habr.com/ru/company/astralinux/blog/670060/

A selection of video tutorials from the Youtub channel IT Preacher:

Astra Linux 1.6. HARDENED kernel – protection against nuclear exploits. Disable setting the execution bit.

Mandatory integrity control in Astra Linux 1.6. splitting root. PARSEC.

ZPS in Astra Linux 1.6. Dynamic integrity control. Closed software environment. Astra Linux.

Astra Linux 1.6. Regulatory integrity control. Astra Linux. Afick.

Clearing memory in Astra Linux 1.6. Clearing the swap area. Linux protection. Wiping data in Linux.

Blocking interpreters and blocking the console in Astra Linux. Disable setting the execution bit.

Macro blocking, sumac, ptrace in Astra Linux SE 1.6. Security Astra Linux 1.6.

Self-testing of CSIS Astra Linux SE 1.6. Astra Linux Security.




About Post Author

Treadstone 71

@Treadstone71LLC Cyber intelligence, counterintelligence, Influence Operations, Cyber Operations, OSINT, Clandestine Cyber HUMINT, cyber intel and OSINT training and analysis, cyber psyops, strategic intelligence, Open-Source Intelligence collection, analytic writing, structured analytic techniques, Target Adversary Research, cyber counterintelligence, strategic intelligence analysis, estimative intelligence, forecasting intelligence, warning intelligence, threat intelligence
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

By Treadstone 71

@Treadstone71LLC Cyber intelligence, counterintelligence, Influence Operations, Cyber Operations, OSINT, Clandestine Cyber HUMINT, cyber intel and OSINT training and analysis, cyber psyops, strategic intelligence, Open-Source Intelligence collection, analytic writing, structured analytic techniques, Target Adversary Research, cyber counterintelligence, strategic intelligence analysis, estimative intelligence, forecasting intelligence, warning intelligence, threat intelligence