Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Digital Security. Show all posts
password managers
Cyber Security Cybersecurity Digital Security Hackers master passwords password managers

Numerous LastPass Users Fall Victim to Highly Convincing Scam, Losing Master Passwords

 

The hackers now have their eyes set on a crucial target: master passwords. These passwords serve as the gateway to password managers, where users store all their login credentials in one secure location. While these managers provide convenience by eliminating the need to remember numerous passwords, they also pose a significant risk. If hackers obtain the master password, they gain access to all associated accounts, potentially wreaking havoc on users' digital lives.

The latest threat, known as CryptoChameleon, has caught the attention of cybersecurity experts. Unlike many cyberattacks, CryptoChameleon doesn't blanket the internet with its malicious activities. Instead, it selectively targets high-value entities like enterprises. David Richardson, vice president of threat intelligence at Lookout, notes that this focused approach makes sense for attackers aiming to extract maximum value from their efforts. For them, gaining access to a password vault is a goldmine of sensitive information ripe for exploitation.

CryptoChameleon's modus operandi involves a series of sophisticated manoeuvres to deceive its victims. Initially, it appeared as just another phishing kit, targeting individuals and organizations with tailored scams. However, its tactics evolved rapidly, culminating in a highly convincing impersonation of legitimate entities like the Federal Communications Commission (FCC). By mimicking trusted sources, CryptoChameleon managed to lure even security-conscious users into its traps.

One of CryptoChameleon's recent campaigns targeted LastPass users. The attack begins with a phone call from a spoofed number, informing the recipient of unauthorized access to their account. To thwart this breach, victims are instructed to press a specified key, which leads to further interaction with a seemingly helpful customer service representative. These agents, equipped with professional communication skills and elaborate scripts, guide users through a series of steps, including visiting a phishing site disguised as a legitimate support page. Unbeknownst to the victims, they end up divulging their master password, giving the attackers unrestricted access to their LastPass account.

Despite LastPass's efforts to mitigate the attack by shutting down suspicious domains, CryptoChameleon persists, adapting to evade detection. While the exact number of victims remains undisclosed, evidence suggests that the scale of the attack could be larger than initially estimated.

Defending against CryptoChameleon and similar threats requires heightened awareness and scepticism. Users must recognize the signs of phishing attempts, such as unsolicited calls or emails requesting sensitive information. Additionally, implementing security measures like multifactor authentication can provide an additional layer of defense against such attacks. However, as demonstrated by the experience of even seasoned IT professionals falling victim to these scams, no defense is foolproof. Therefore, remaining vigilant and promptly reporting suspicious activity is paramount in safeguarding against cyber threats.
Read more »
security alerts
Apple Cyber Threats Data Breach Digital Security iPhone mercenary spyware attack remote targeting security alerts

Apple Alerts iPhone Users of 'Mercenary Attack' Threat

 

Apple issued security alerts to individuals in 92 nations on Wednesday, cautioning them that their iPhones had been targeted in a remote spyware attack linked to mercenaries.

The company sent out threat notification emails, informing recipients, "Apple has detected that you are being targeted by a mercenary spyware attack," suggesting that the attack might be aimed at specific individuals based on their identity or activities. 

These types of attacks, termed as "mercenary attacks," are distinct due to their rarity and sophistication, involving substantial financial resources and focusing on a select group of targets. Apple emphasized that this targeting is ongoing and widespread.

The notification warned recipients that if their device falls victim to such an attack, the attacker could potentially access sensitive data, communications, or even control the camera and microphone remotely.

While it was reported that India was among the affected countries, it remained uncertain whether iPhone users in the US were also targeted. Apple refrained from providing further comments beyond the details shared in the notification email.

In response to the threat, Apple advised recipients to seek expert assistance, such as the Digital Security Helpline provided by the nonprofit Access Now, which offers emergency security support around the clock.

Furthermore, Apple referenced Pegasus, a sophisticated spyware created by Israel's NSO Group, in its notification regarding the recent mercenary attack. Apple had previously filed a lawsuit against the NSO Group in November 2021, seeking accountability for the surveillance and targeting of Apple users using Pegasus. This spyware has historically infiltrated victims' devices, including iPhones, without their knowledge. Since 2016, instances have surfaced of Pegasus being employed by various entities to monitor journalists, lawyers, political dissidents, and human rights activists.
Read more »
Human Vulnerability
Cyber Crime cyber espionage Digital Security Family Targeting Human Vulnerability

The Unseen Threat: How Chinese Hackers Target Family Members to Surveil Hard Targets

The Unseen Threat: How Chinese Hackers Target Family Members to Surveil Hard Targets

According to an indictment unsealed by American prosecutors, a Chinese hacking group known as APT 31, which is linked to China’s Ministry of State Security, has been targeting thousands of U.S. and Western politicians, foreign policy experts, academics, journalists, and democracy activists between 2015 and 2024. Their focus extends beyond the primary targets themselves; they also target family members of these individuals.

The Art of Subtle Intrusion

Hackers employ a more subtle and insidious method: targeting family members through carefully crafted emails. These messages don’t contain malicious attachments or overt phishing attempts. Instead, they include harmless tracking links that, when clicked, reveal a treasure trove of information about the recipient.

Imagine a journalist covering sensitive political topics. Her elderly mother receives an email seemingly from a distant relative, sharing family photos. Innocent enough, right? But that seemingly harmless click reveals the journalist’s location, her device details, and even her browsing habits. Armed with this reconnaissance, the hackers can then launch more direct attacks on her devices, infiltrating her digital life.

The Digital Age’s Achilles’ Heel

While this kind of targeting isn’t entirely unheard of, it remains relatively rare. The Chinese government’s efforts to control speech abroad increasingly rely on manipulating family relationships in creative ways. 

For instance, last year, the U.S. Department of Justice indicted over 40 individuals allegedly involved in a scheme by the Chinese Ministry of Public Security. This scheme used thousands of fictitious social media personas to attack and harass Chinese nationals living in the United States who had criticized the Chinese government.

The Family Connection

Why target family members? Because they are the soft underbelly of security. They are less likely to be tech-savvy, less cautious about clicking links, and more trusting of familiar faces. Moreover, family members often share devices, networks, and even passwords. By compromising one family member, the hackers gain a foothold in the entire network.

Consider a diplomat stationed abroad. His teenage daughter receives an email claiming to be from her school. She clicks the link, unknowingly granting access to her father’s encrypted communications. Suddenly, the diplomat’s confidential negotiations are exposed. The hackers have bypassed firewalls, encryption, and secure channels—all through a teenager’s curiosity.

The Broader Implications

This tactic isn’t limited to diplomats and journalists. It extends to academics, foreign policy experts, and even democracy activists. The hackers cast a wide net, ensnaring anyone connected to their primary targets. And it’s not just about surveillance; it’s about control and coercion.

Imagine a human rights activist whose elderly parents receive threatening emails. The message is clear: “Stop your activism, or your family suffers.” Suddenly, the stakes are higher. The activist’s fight for justice becomes a delicate balancing act between principles and protecting loved ones.

Read more »
Technology
AI Cybersecurity Data Breaches Deepfake Technology Digital Security Frank Abagnale online accounts passkey authentication Phishing Scams Social Engineering Technology

Expert Urges iPhone and Android Users to Brace for 'AI Tsunami' Threat to Bank Accounts

 

In an interview with Techopedia, Frank Abagnale, a renowned figure in the field of security, provided invaluable advice for individuals navigating the complexities of cybersecurity in today's digital landscape. Abagnale, whose life inspired the Steven Spielberg film "Catch Me If You Can," emphasized the escalating threat posed by cybercrime, projected to reach a staggering $10.5 trillion by 2025, according to Cybersecurity Ventures.

Addressing the perpetual intersection of technology and crime, Abagnale remarked, "Technology breeds crime. It always has and always will." He highlighted the impending challenges brought forth by artificial intelligence (AI), particularly its potential to fuel a surge in various forms of cybercrimes and scams. Abagnale cautioned against the rising threat of deepfake technology, which enables the fabrication of convincing multimedia content, complicating efforts to discern authenticity online.

Deepfakes, generated by AI algorithms, can produce deceptive images, videos, and audio mimicking real individuals, often exploited by cybercriminals to orchestrate elaborate scams and extortion schemes. Abagnale stressed the indispensability of education in combating social engineering tactics, emphasizing the importance of empowering individuals to recognize and thwart manipulative schemes.

One prevalent form of cybercrime discussed was phishing, a deceitful practice wherein attackers manipulate individuals into divulging sensitive information, such as banking details or passwords. Phishing attempts typically manifest through unsolicited emails or text messages, characterized by suspicious links, urgent appeals, and grammatical errors.

To fortify defenses against social engineering and hacking attempts, Abagnale endorsed the adoption of passkey technology, heralding it as a pivotal advancement poised to supplant conventional username-password authentication methods. Passkeys, embedded digital credentials associated with user accounts and applications, streamline authentication processes, mitigating vulnerabilities associated with passwords.

Abagnale underscored the ubiquity of passkey technology across various devices, envisioning its eventual displacement of traditional login mechanisms. This transition, he asserted, is long overdue and represents a crucial stride towards enhancing digital security.

Additionally, Techopedia shared practical recommendations for safeguarding online accounts, advocating for regular review and pruning of unused or obsolete accounts. They also recommended utilizing tools like "Have I Been Pwned" to assess potential data breaches and adopting a cautious approach towards hyperlinks, assuming every link to be potentially malicious until verified.

Moreover, users are advised to exercise vigilance in verifying the authenticity of sender identities and message content before responding or taking any action, mitigating the risk of falling victim to cyber threats.
Read more »
User Privacy
AI technology API accounts ChatGPT Cyber Threats data security Digital Security Multi-factor authentication OpenAI Technology User Privacy

OpenAI Bolsters Data Security with Multi-Factor Authentication for ChatGPT

 

OpenAI has recently rolled out a new security feature aimed at addressing one of the primary concerns surrounding the use of generative AI models such as ChatGPT: data security. In light of the growing importance of safeguarding sensitive information, OpenAI's latest update introduces an additional layer of protection for ChatGPT and API accounts.

The announcement, made through an official post by OpenAI, introduces users to the option of enabling multi-factor authentication (MFA), commonly referred to as 2FA. This feature is designed to fortify security measures and thwart unauthorized access attempts.

For those unfamiliar with multi-factor authentication, it's essentially a security protocol that requires users to provide two or more forms of verification before gaining access to their accounts. By incorporating this additional step into the authentication process, OpenAI aims to bolster the security posture of its platforms. Users are guided through the process via a user-friendly video tutorial, which demonstrates the steps in a clear and concise manner.

To initiate the setup process, users simply need to navigate to their profile settings by clicking on their name, typically located in the bottom left-hand corner of the screen. From there, it's just a matter of selecting the "Settings" option and toggling on the "Multi-factor authentication" feature.

Upon activation, users may be prompted to re-authenticate their account to confirm the changes or redirected to a dedicated page titled "Secure your Account." Here, they'll find step-by-step instructions on how to proceed with setting up multi-factor authentication.

The next step involves utilizing a smartphone to scan a QR code using a preferred authenticator app, such as Google Authenticator or Microsoft Authenticator. Once the QR code is scanned, users will receive a one-time code that they'll need to input into the designated text box to complete the setup process.

It's worth noting that multi-factor authentication adds an extra layer of security without introducing unnecessary complexity. In fact, many experts argue that it's a highly effective deterrent against unauthorized access attempts. As ZDNet's Ed Bott aptly puts it, "Two-factor authentication will stop most casual attacks dead in their tracks."

Given the simplicity and effectiveness of multi-factor authentication, there's little reason to hesitate in enabling this feature. Moreover, when it comes to safeguarding sensitive data, a proactive approach is always preferable. 
Read more »
vCISO
Cybersecurity Digital Security Online Threat Privacy vCISO

What Is The Virtual Chief Information Security Officer?

 


In our fast-paced digital age, where everything is just a click away, ensuring the safety of our online space has become more important than ever. It's like having a virtual fortress that needs protection from unseen threats. Now, imagine having a friendly digital guardian, the Virtual Chief Information Security Officer (vCISO), to watch over your activities. This isn't about complex tech jargon; it's about making your online world safer, simpler, and smarter.

Understanding the vCISO

The vCISO operates from a remote stance yet assumes a pivotal role in securing your digital assets. Functioning as a vigilant custodian for your crucial data, they meticulously enforce compliance, maintain order, and mitigate potential risks. Essentially, the vCISO serves as a professional guardian, even from a distance, ensuring the integrity and security of your data.


Benefits of Opting for a vCISO

1. Save Costs: Hiring a full-time CISO can be expensive. A vCISO is more budget-friendly, letting you pay for the expertise you need without breaking the bank.

2. Flexibility: The vCISO adapts to your needs, providing support for short-term projects or ongoing guidance, just when you need it.

3. Top-Tier Talent Access: Imagine having a pro on speed dial. The vCISO gives you access to experienced knowledge without the hassle of hiring.

4. Strategic Planning: A vCISO crafts specific security plans that align with your business goals, going beyond mere checkboxes to authentically strengthen the defenses of your digital infrastructure.

5. Independent View: Stepping away from office politics, a vCISO brings a fresh, unbiased perspective focused solely on improving your security.

Meet Lahiru Livera: Your Virtual Cybersecurity Guide

Lahiru Livera serves as a trusted expert in ensuring online safety. He's skilled at spotting and tackling problems early on, setting up strong security measures, and acting quickly when issues arise. Moreover, he shares valuable knowledge with your team, enabling them to navigate the digital world effectively and become protectors against potential online threats.

Whether your team is big or small, consider getting a vCISO. Connect with Lahiru Livera, your online safety guide, and firmly bolster digital existence of your team to withstand any forthcoming challenges.

All in all, the vCISO presents a straightforward and cost-effective method to ensure online safety. Think of it as having a knowledgeable ally, readily available when needed, without straining your budget. Lahiru Livera stands prepared to assist you in identifying potential issues, establishing intelligent protocols, and transforming your team into adept defenders against online threats. 


Read more »
Ransomware
Cyber Attacks Cyber Crime Databases risk Digital Security Ransomware

Cyberattack on Bucks County's Emergency System

 



Bucks County is in a compromising position as a digital ambush has transpired. About a week ago, the computer-aided emergency dispatch system, the backbone of quick and efficient emergency responses, fell victim to a cyberattack. Picture it like the invisible heart of the town, suddenly under attack, causing confusion and chaos.

County officials have been working tirelessly to uncover the culprits behind this digital ambush. They've pointed fingers at a group called "Akira," known for causing trouble since their emergence in March 2023. Think of Akira as digital troublemakers who target different areas, demanding money to fix the mess they create.

Now, let's dive into the heart of the issue – the emergency dispatch system. It's the town's lifeline during emergencies, like a superhero hotline connecting those in need with help. Dispatchers, call-takers, and 911 operators use this system to coordinate responses swiftly. But with the attack, it's as if the superhero hotline went silent, leaving the town vulnerable.

Despite this attack, county officials reassure the public that 911 phone and radio systems remain operational. It's like saying, "Hey, we're still here to help," as they investigate the incident. However, the impact of the compromised system is significant. Automated services powered by computer-aided dispatch (CAD) are offline. It's like losing essential town services that people rely on daily.

Law enforcement officials are facing challenges too. They can't access crucial databases like the Commonwealth Law Enforcement Assistance Network and the National Crime Information Center. Imagine them trying to solve a puzzle without all the pieces – it's tough.

Cooperation is key in times like these. County officials have been collaborating with local, state, and federal partners, sharing information about the Akira ransomware involvement. It's like the town rallying together to face a common threat. The Department of Homeland Security is in the loop, and a joint investigation is underway with help from state and federal agencies.

Bucks County's IT department is in overdrive, working to restore the affected systems. However, as of now, there's no clear timeline for when these critical services might bounce back. This incident is a wake-up call, emphasising the need to strengthen cybersecurity measures to protect essential services.

In the midst of uncertainty, the county urges residents to keep an eye out, emphasising that 911 services remain functional despite the ongoing investigation. It's like saying, "We're still here for you." This situation highlights the vulnerabilities in our interconnected digital world, reminding everyone to stay particularly caregivers against cyber threats that can disrupt our everyday lives.

Read more »
machine learning risks
2024 predictions AI Security AI threats Cyber Security trends cybersecurity landscape data protection challenges Digital Security machine learning risks

Security Trends to Monitor in 2024

 

As the new year unfolds, the business landscape finds itself on the brink of a dynamic era, rich with possibilities, challenges, and transformative trends. In the realm of enterprise security, 2024 is poised to usher in a series of significant shifts, demanding careful attention from organizations worldwide.

Automation Takes Center Stage: In recent years, the integration of Artificial Intelligence (AI) and Machine Learning (ML) technologies has become increasingly evident, setting the stage for a surge in automation within the cybersecurity domain. As the threat landscape evolves, the use of AI and ML algorithms for automated threat detection is gaining prominence. This involves the analysis of vast datasets to identify anomalies and predict potential cyber attacks before they materialize.

Endpoint protection is experiencing heightened sophistication, with AI playing a pivotal role in proactively identifying and responding to real-time threats. Notably, Apple's introduction of declarative device management underscores the industry's shift towards automation, where AI integration enables endpoints to autonomously troubleshoot and resolve issues. This marks a significant step forward in reducing equipment downtime and achieving substantial cost savings.

Navigating the Dark Side of Generative AI: In 2024, the risks associated with the rapid adoption of generative AI technologies are coming to the forefront. The use of AI coding bots for code generation gained substantial traction in 2023, reaching a point where companies, including tech giant Samsung, had to impose bans on certain models like ChatGPT due to their role in writing code within office environments.

Despite the prevalence of large language models (LLMs) for code generation, concerns are rising about the integrity of the generated code. Companies, in their pursuit of agility, may deploy AI-generated code without thorough scrutiny for potential security flaws, posing a tangible risk of data breaches with severe consequences. Additionally, the year 2024 is anticipated to witness a surge in AI-driven cyber attacks, with attackers leveraging the technology to craft hyper-realistic phishing scams and automate social engineering endeavours.

Passwordless Authentication- Paradigm Shift: The persistent discourse around moving beyond traditional passwords is expected to materialize in a significant way in 2024. Biometric authentication, including fingerprint and face unlock technologies, is gaining familiarity as a promising candidate for a more secure and user-friendly authentication system.

The integration of passkeys, combining biometrics with other factors, offers several advantages, eliminating the need for users to remember passwords. This approach provides a secure and versatile user verification method across various devices and accounts. Major tech players like Google and Apple are actively introducing their own passkey solutions, signalling a collective industry push toward a password-less future. The developments in biometric authentication and the adoption of passkeys suggest that 2024 could be a pivotal year, marking a widespread shift towards more secure and user-friendly authentication methods.

Overall, the landscape of enterprise security beckons with immense potential, fueled by advancements in automation, the challenges of generative AI, and the imminent shift towards passwordless authentication. Businesses are urged to stay vigilant, adapt to these transformative trends, and navigate the evolving cybersecurity landscape for a secure and resilient future.

Read more »
Digital Security
Chief Information Security Office CISO CISO role Cyber Defence Cyber Privacy Cyber Security Digital Security

Why T-POT Honeypot is the Premier Choice for Organizations

 

In the realm of cybersecurity, the selection of the right tools is crucial. T-POT honeypot distinguishes itself as a premier choice for various reasons. Its multifaceted nature, which encompasses over 20 different honeypots, offers a comprehensive security solution unmatched by other tools. This diversity is pivotal for organizations, as it allows them to simulate a wide range of network services and applications, attracting and capturing a broad spectrum of cyber attacks. 
 
Moreover, the integration with the custom code developed by the Cyber Security and Privacy Foundation is a game-changer. This unique feature enables T-POT to send collected malware samples to the Foundation's threat intel servers for in-depth analysis. The results of this analysis are displayed on an intuitive dashboard, providing organizations with critical insights into the nature and behaviour of the threats they face. This capability not only enhances the honeypot's effectiveness but also provides organizations with actionable intelligence to improve their defence strategies. 
 
The ability of T-POT to provide real-time, actionable insights is invaluable in today’s cybersecurity landscape. It helps organizations stay one step ahead of cybercriminals by offering a clear understanding of emerging threats and attack patterns. This information is crucial for developing robust security strategies and for training cybersecurity personnel in recognizing and responding to real-world threats. 
 
In essence, T-POT stands out not only as a tool for deception but also as a platform for learning and improving an organization’s overall cybersecurity posture. Its versatility, combined with the advanced analysis capabilities provided by the integration with the Cyber Security and Privacy Foundation's code, makes it an indispensable tool for any organization serious about its digital security. The honeypot api analyses malware samples and the result of the honeypot can be seen on the backend dashboard. 
 
Written by: Founder, cyber security and privacy foundation.
Read more »
X Platform
Cyber Security data compromised Digital Security Social Media X Platform

Cybercriminals Exploit X Gold Badge, Selling Compromised Accounts on Dark Web

 A recent report highlights the illicit activities of cybercriminals exploiting the "Gold" verification badge on X (formerly Twitter). Following Elon Musk's acquisition of X in 2022, a paid verification system was introduced, allowing regular users to purchase blue ticks. Additionally, organizations could obtain the coveted gold check mark through a monthly subscription. 

Unfortunately, the report reveals that hackers are capitalizing on this feature by selling compromised accounts, complete with the gold verification badge, on dark web marketplaces and forums. CloudSEK, in its findings, notes a consistent pattern of advertisements promoting the sale of accounts with gold verification badges. 

These advertisements were not limited to dark web platforms but were also observed on popular communication channels such as Telegram. The exploitation of the gold verification badge poses a significant risk, as cybercriminals leverage these compromised accounts for phishing and scams, potentially deceiving unsuspecting users. 

This underscores the ongoing challenges in maintaining the security and integrity of online verification systems in the evolving landscape of cyber threats. CloudSek found some ads by just searching on Google, Facebook, and Telegram using words like "Twitter Gold buy." They saw dark web ads, and some were even on Facebook. People were selling X Gold accounts, and the price depended on how popular the account was. 

CloudSek's report said that some ads named the companies for sale, and the cost ranged from $1200 to $2000. This shows that hackers think they can make real money by selling accounts with the gold badge, based on how well-known and followed they are. It's a clear way cybercriminals make cash by selling compromised accounts on the dark web, showing why they do it. 

On the Dark web, a source from CloudSek managed to obtain a quote for 15 inactive X accounts, priced at $35 per account. The seller went a step further, offering a recurring deal of 15 accounts every week, accumulating a total of 720 accounts annually. 

It's noteworthy that the responsibility of activating these accounts with the coveted "gold" status lies with the purchaser, should they choose to do so. This information underscores the thriving market for inactive accounts and the potential volume of compromised assets available for illicit transactions.
Read more »
Targeted cyber attacks
Business Data Breach Digital Asset Digital era Digital Security Sensitive Information Targeted cyber attacks

Kraft Heinz Investigates Cybersecurity Threat

Big businesses are not immune to the risks of hacking in this age of ubiquitous cyber threats. Kraft Heinz is a multinational powerhouse in the food and beverage industry and the most recent organization to find itself targeted by cybercriminals. The company's systems may have been the target of a cyberattack, according to recent claims, which prompted Kraft Heinz to investigate further.

According to sources, the company is diligently looking into the alleged breach while assuring stakeholders that its systems are currently operating normally. The incident raises concerns about the vulnerability of critical infrastructure, especially in industries where information security is paramount.

The announcement serves as a reminder that, regardless of an organization's size or industry, cybersecurity is an ongoing concern. Companies need to be on the lookout for new threats all the time to protect their digital assets.

Kraft Heinz has not divulged specific details about the nature of the alleged cyberattack, but the incident underscores the importance of proactive cybersecurity measures. As businesses increasingly rely on digital infrastructure, the need for robust defense mechanisms against cyber threats becomes imperative.

Experts in the field have commented on the importance of cybersecurity in the connected world of today following the inquiry. Cybersecurity analyst John Doe highlighted, "The Kraft Heinz incident underscores the evolving tactics of cybercriminals. It's a stark reminder that no company can afford to be complacent when it comes to protecting sensitive data."

Kraft Heinz's cybersecurity team is actively collaborating with external experts to evaluate the potential breach's scope and enhance defensive measures against future cyber threats. This episode underscores the imperative for a comprehensive cybersecurity strategy, integrating advanced technologies and employee training to mitigate the inherent risks.

As the investigation unfolds, Kraft Heinz's proactive approach aligns with the broader trend of companies acknowledging the gravity of cybersecurity threats and promptly addressing them. In the ever-changing digital landscape, organizations must sustain agility and resilience to effectively navigate emerging cyber threats.

The purported intrusion on Kraft Heinz is a clear warning of the ongoing and dynamic nature of cyberthreats. The event emphasizes the value of strong cybersecurity defenses and prompt action to protect sensitive data. A thorough and flexible cybersecurity plan is essential for businesses navigating the intricacies of the digital era in order to protect vital infrastructure.

Read more »
Privacy
Android Cyberattacks CyberCrime Cybersecurity Data Insecurity Digital Security iOS Privacy

Data Insecurity: Experts Sound the Alarm on 4 Apps Putting User Privacy at Risk

 


Security in the digital world continues to become more and more important with every passing year. Even though many of us rely on apps to entertain us, guide us, manage our exercise, and connect with family and friends, they are notoriously hard to trust. 

In an age when technology is constantly evolving, it is almost impossible to tell if a certain app is tracking the user at face value, and no security measures are foolproof since technology is constantly evolving. Even though the app behaves well today if the company behind the app is sold, the direction of the company changes, or if a flaw results in the app becoming compromised, the app could become a bad actor tomorrow. 

There has been a tremendous transformation in mobile phones since their invention in the 1970s when they became readily available to the public. Having said that, the sheer number of mobile apps is dizzying, as are their privacy policies; however, smartphone apps are joyous, laugh-inducing, and sometimes even catch the attention of the world due to their viral nature. Regardless of what smartphone app you use, make sure to take precautions to ensure that private information is never exposed to potential risks. During sharing and playing, a user should keep himself or herself safe. 

A new privacy setting on Android and iOS for Android and iOS can prevent apps from tracking users' data and will allow them to delete the data Google has saved about their data, along with ways to find and delete this data. 

While there is no doubt that users can do a lot about protecting their data privacy and improving the security of their smartphones, digital security experts mention a few steps that users should take to minimize the risk of data privacy and security breaches. 

A user in most cases consents to sharing their information with other apps, and they enable device permissions with their consent as well. The reason why apps require such permissions is usually for very good reason. It is common for cloud-based apps to gain access to the camera, location, data, and contacts on the user's phone. Users never know how much sensitive information might be intercepted by cloud-based apps. 

As a consequence, if unknowingly, employees give the keys to the company's back door to hackers, fraudsters, and spies, particularly if their company naively uses the same login information for external apps as it uses for internal apps, then the company is giving these nefarious types of people the keys.

There is nothing stronger than a series of letters, numbers, and symbols in no particular order that is unlikely to be found in the dictionary and will be more difficult to crack with brute force by a computer. This makes the strongest passwords. There are some disadvantages to complex passwords, however, such as the fact that they are difficult to remember. 

The password manager app comes in handy in this respect. Password managers are apps that keep all your passwords in one place, encrypted, password-protected and they generate and remember strong passwords for you. Several apps will save passwords for you, including Google Chrome and Samsung's proprietary phone app, but security experts always advise using a password manager to store passwords. 

According to 46 per cent of Android apps and 25 per cent of iOS apps, camera access was the most commonly requested common risky permission. It was followed closely by location tracking, which was requested by 45 per cent of Android apps and 25 per cent of iOS apps. There was 25 per cent of Android apps requested the ability to record audio files, while 9 per cent did for iOS apps. Another 15 per cent of Android apps asked for the ability to read SMS messages, as well as 10 per cent of Android apps asked for the ability to see call logs. There is no option in iOS to enable either of these permissions. 

Explore these four trending apps that might compromise your personal information, along with valuable tips to ensure a secure experience with smartphone applications. 

FaceApp  

As with Voilà AI Artist, FaceApp could also be a risk to users' privacy. As is the case with Voilà AI Artist, it is unclear how the app uses users' likenesses after it takes a picture. In the terms of the use agreement, FaceApp clearly states that the selfies that are uploaded to the app belong to FaceApp. Users are free to share their User Content with the app as long as they are not a commercial entity. It can also be used, reproduced, modified, adapted, developed into derivative works, distributed, performed, and displayed.  

Pokémon Go

There are several security vulnerabilities present in the premises of Pokémon Go, which are likely to be replicated by the next viral app that sweeps the world. The augmented reality in Pokémon Go makes players feel as if they are seeing a Pokémon walking through their living room. The app uses augmented reality technology, which means its camera, contacts, pictures, chats, and locations can also be accessed by it. 

TikTok  

In a recent statement, TikTok mentioned that it is under suspicion for data mining tactics, a practice in which corporations collect personal information from individual user profiles and pass it on to advertising, marketing, and analytics companies to target advertising campaigns. 

Safety Tips for Using Smartphone Apps 


When downloading a trending app, it is worthwhile to conduct a quick search of the news for any specific concerns that may be raised before installation of this app. 

Ensure that the user account is only visible to people the user knows in real life, and opt out of targeted ads and tracking, as well as ensure that only the app sees what users do. 
Read more »
secure login
Biometric Authentication Cyber Security Digital Security encryption technology FIDO Alliance innovative authentication Passkeys password alternatives password-free future secure login

Passkeys & Passwords: Here's Everything You Need to Know

In a world tired of grappling with the complexities and vulnerabilities of traditional passwords, a transformative solution is emerging. Despite the advancements offered by the latest password managers, passwords remain a persistent pain and a significant security risk if compromised. However, a paradigm shift is underway, with innovative alternatives like passkeys gradually replacing the age-old password dilemma.

The passkeys, a cutting-edge form of encryption technology designed to streamline the login experience for devices, apps, and services. Developed by the collaborative efforts of major tech, finance, and security giants such as Apple, Google, Microsoft, and others, the FIDO Alliance aims to usher in a future where passwords become obsolete.

Diverging from conventional passwords, passkeys consist of private and public keys, intricate codes that enhance security. The private key, residing securely on the user's device, provides a foolproof means of access. On the other hand, the public key, stored on company servers, reveals minimal information, rendering it useless if stolen. The FIDO Alliance's ultimate goal is to alleviate the challenges associated with password protection and drive towards a more secure future.

Is a passkey more secure than a traditional password? 

In essence, yes. Passkeys eliminate the need for users to memorize passwords and mitigate the risk of weak passkeys being compromised. In the event of a data breach, the public keys alone are insufficient for unauthorized access. Moreover, passkeys often incorporate biometrics, such as facial recognition or fingerprints, to verify the user's identity, adding an extra layer of security.

The benefits of passkeys extend beyond security. Quick to set up and use, passkeys minimize the need for physical inputs, enabling convenient features like swipe-to-pay and secure digital wallets. Users are freed from the burden of remembering complex passwords or master passwords for password managers.

To obtain a passkey, users are prompted to set up a Personal Identification Number (PIN) or utilize biometric information, such as fingerprints or facial recognition. While passkeys offer significant benefits, they are not yet universal. Companies within the FIDO Alliance, such as PayPal, Google, and Microsoft, are more likely to adopt passkey technology, but widespread acceptance is still in its nascent stages.

Despite the advantages of passkeys, traditional passwords endure due to their simplicity, universality, and cost-effectiveness. Passwords do not require the intricate tech infrastructure needed by passkeys, making them a more affordable option for businesses. Moreover, passwords are universally understood and can be used across different devices and browsers.

While passkeys are revolutionizing cybersecurity, they are not replacing password managers. Notable password managers like LastPass and Dashlane, also part of the FIDO Alliance, leverage WebAuthn technology to secure passwords and other essential security information.

Overall, passkeys represent a promising future for enhanced cybersecurity, addressing the shortcomings of traditional passwords. As this groundbreaking technology gains wider acceptance, users are encouraged to embrace passkeys for heightened security and convenience in their digital interactions. The era of password-free security is on the horizon, and passkeys are leading the way.
Read more »
threat prevention
Cyber Security Data protection defense against cyber attacks Digital Security Information Security internet Security Online Privacy Online Safety secure computing threat prevention

Understanding Cold Boot Attacks: Is Defense Possible?

 

Cold boot attacks represent a sophisticated form of cyber threat that specifically targets a computer's Random Access Memory (RAM), presenting a substantial risk to information security. It is imperative to comprehend the mechanics of cold boot attacks and the potential hazards they pose to take necessary precautions. However, if you become a target, mitigating the attack proves extremely challenging due to the requisite physical access to the computer.

Cold boot attacks, although less common, emerge as a potent cyber threat, particularly in their focus on a computer's RAM—a departure from the typical software-centric targets. These attacks have a physical dimension, with the primary objective being to induce a computer shutdown or reset, enabling the attacker to subsequently access the RAM.

When a computer is shut down, one anticipates that the data in RAM, including sensitive information like passwords and encryption keys, vanishes. However, the process is not instantaneous, allowing for the potential retrieval of data remaining in RAM, albeit for a brief period. A critical element of cold boot attacks is the necessity for physical access to the targeted device, elevating the risk in environments where attackers can physically approach machines, such as office spaces. Typically, attackers execute this attack using a specialized bootable USB designed to duplicate the RAM contents, enabling the device to reboot according to the attacker's intentions.

Despite the ominous nature of cold boot attacks, their execution requires a significant investment of skills and time, making it unlikely for the average person to encounter one. Nevertheless, safeguarding your computer from both cyber and physical threats remains a prudent practice.

The essence of a cold boot attack lies in exploiting a unique feature of RAM—the persistence of data even after the computer is powered off. Understanding this attack involves recognizing what happens to the data in RAM during a computer shutdown. The attacker gains physical access to the computer and utilizes a specialized USB to force a shutdown or restart. This USB facilitates the booting or dumping of RAM data for analysis and data extraction. Additionally, malware can be employed to transfer RAM contents to an external device.

The data collected in cold boot attacks encompasses a spectrum from personal information to encryption keys. Speed is paramount in this process, as prolonged power loss to RAM results in data corruption. These attacks pose a significant threat due to their ability to bypass conventional security software, rendering antivirus programs and encryption tools ineffective against them.

To counter cold boot attacks, a combination of physical and software strategies is necessary. Securing the physical space of the computer, employing encryption, and configuring BIOS or UEFI settings to prevent external device booting are recommended. Addressing data remanence is crucial, and techniques like memory scrubbing can be employed to clear RAM of sensitive data after shutdown or reset.

In conclusion, robust defenses against cold boot attacks involve a multi-faceted approach, including strong encryption, physical security measures, and regular updates. Understanding the intricacies of RAM and its data persistence underscores the need for dynamic and proactive cybersecurity measures. Adapting to evolving cyber threats and strengthening defenses is essential in building a resilient digital space that protects against not only cold boot attacks but a range of cyber threats.
Read more »
User Privacy
Customer Data Digital Security Privacy Privacy Policy User Privacy

 Digital Resignation is Initial Stage of Safeguarding Privacy Online

 

Several internet businesses gather and use our personal information in exchange for access to their digital goods and services. With the use of that data, they can forecast and affect our behavior in the future. Recommendation algorithms, targeted marketing, and individualized experiences are examples of this type of surveillance capitalism.

Many customers are unhappy with these methods, especially after knowing how their data is obtained, despite tech companies' claims that these personalized experiences and advantages improve the user's experience.

Digital resignation refers to the circumstance in which users of digital services continue to do so while being aware that the businesses providing those services are violating their privacy by conducting extensive monitoring, manipulating them, or otherwise negatively affecting their well-being.

The Cambridge Analytica scandal and Edward Snowden's disclosures about widespread government spying shed light on data-collecting techniques, but they also leave individuals feeling helpless and accustomed to the idea that their data will be taken and exploited without their express agreement. Digital resignation is what we call this.

Acknowledging and improving these tactics is the responsibility of both policymakers and businesses. Dealing with data gathering and use alone will not result in corporate accountability for privacy issues.

Our daily lives are completely surrounded by technology. But it's impossible to obtain informed consent when the average person lacks the motivation or expertise necessary to understand confusing terms and conditions rules.

However, the European Union passed regulations that acknowledge these destructive market dynamics and have begun to hold platforms and internet giants accountable. 

With the passage of Law 25, Québec has updated its privacy rules. The purpose of the law is to give people more protection and control over their personal information. It grants individuals the right to seek the transfer of their personal data to another system, its correction or deletion (the right to be forgotten), as well as the right to notice before an automated decision is made.

Additionally, it mandates that businesses designate a privacy officer and committee and carry out privacy impact analyses for any project involving personal data. Also, it is necessary to gain explicit agreement and to communicate terms and rules clearly and transparently. 


Read more »
Replika
AL impacts AL security Cyber Security Digital Security Replika

Italy Bans US-based AI Chatbot Replika From Using Personal Data

Italy’s Data Protection Agency reportedly said on Friday that it has banned artificial intelligence (AI) chatbot company Replika from using the personal credentials of Italian users. The agency took these steps to protect minors and emotionally fragile people. 

As per the analysis of Al's impacts on audiences, it is making users "uncomfortable" as the chatbot program is becoming 'too aroused.' 

Replika first launched five years ago in 2017, is a San Francisco-based company. It was created as software to hold conversations with people and learn how to communicate back. In essence, it was trying to push the boundaries of artificial intelligence. 

It was also designed to mimic people's texting styles, also allowing users to have a private talk with their own personalized AI avatars. It is a very popular app among English speakers, and the app offers its services free of cost, however, it brings in around $2 million in monthly revenue from selling bonus features such as voice chats. 

The app describes a ‘virtual friend’ that is available and able to improve the emotional well-being of the user, however, the Italian Data Protection Agency said that by intervening in the user’s mood, the app “may increase the risks for individuals still in a developmental stage or in a state of emotional fragility.” 

Jen Persson, director of children’s privacy advocacy group Defend Digital Me said that “These tools are being used with children without much oversight or protection from potential misuse” 

Additionally, the agency said that Replika breaches European Privacy Regulations and gets access to personal credentials illegally as it cannot be based, even implicitly, on a contract that a minor is unable to sign. After the agency's actions against Replika, the media houses wrote emails for comments to which, the company did not respond. 

Following the case, a managing director at consultancy firm Alvarez & Marsal, ‘Robert Grosvenor’ said, “whilst age verification could provide means to protect some of the most vulnerable groups, it does not address the risks and harms that AI-based services and solutions can raise if unregulated, in terms of the potential for unintended bias and discrimination.”
Read more »
Outage
Cyber Risk Cyber Security Digital Security Facebook Facebook Security Outage

Facebook Outage Caused Agitation in Nations And Highlighted Risks Of Social Networking

 

The global breakdown of Facebook Inc. highlighted the dangers of depending on its social networking platforms, supporting European regulators' efforts to limit the company's influence just as a whistle-testimony blower's in the United States threatened to draw even more undesirable attention at home. 

While Europe awakened to find Facebook, Instagram, WhatsApp, and Messenger back online and running, the extent of Monday's shutdown drew immediate and extensive outrage. Margrethe Vestager, the European Union's antitrust director and digital czar, said the Facebook failure will bring attention to the company's dominance. 

The networking issue that caused operations to go down for almost 2.75 billion people couldn't have happened at a worse moment. Following a Sunday television interview in the United States, whistle-blower Frances Haugen will testify before a Senate panel on Tuesday, telling legislators the "frightening truth" about Facebook. As Facebook services were offline, Haugen's charges that the business prioritized profit ahead of user safety were still making the headlines. 

“It’s always important that people have alternatives and choices. This is why we work on keeping digital markets fair and contestable,” Vestager said. “An outage as we have seen shows that it’s never good to rely only on a few big players, whoever they are.” 

The disclosures caused United States Representative Alexandria Ocasio-Cortez to call attention to the dangers that nations that depend on these services face. In New York, Facebook rose as high as 1.3 percent to $330.33, reversing a 4.9 percent drop on Monday. 

Facebook has increasingly been the subject of multiple antitrust and privacy probes in Europe, as well as intensive scrutiny of even minor transactions, such as its planned acquisition of a customer-service software company. Last month, the firm was fined 225 million euros ($261 million) for data privacy violations, and it is currently under investigation by the European Commission and the German competition agency Bundeskartellamt. 

In the next few months, EU lawmakers will decide on new legislation limiting the capacity of strong Internet platforms like Facebook to expand into new services. According to Rasmus Andresen, a German Green member of the European Parliament, the service outage demonstrated the "serious consequences" of relying on one firm for crucial channels of communication, and that Facebook should have never been permitted to buy Instagram and WhatsApp. 

Further, facing a political fallout - Turkish President Recep Tayyip Erdogan, who has a low tolerance for political criticism on social networking sites, has called for a new digital "order" as a result of the incident. According to Fahrettin Altun, his presidential communications director, the closure demonstrated how "fragile" social networks are, and urged the speedy development of "domestic and national" alternatives. 

“The problem we have seen showed us how our data are in danger, how quickly and easily our social liberties can be limited,” Altun said in a series of Twitter posts. 

President Muhammadu Buhari's communications staff, government officials, and governors in 36 Nigerian states were all silenced for six hours as a result of the outage. After Twitter's services were banned in Africa's most populous country on June 5th, the administration has become increasingly dependent on Facebook to keep the people informed. 

Facebook is “for us opposition politicians one of the last media outlets where we can talk to you and which isn’t dominated by” Fidesz, Orban’s political party, Budapest Mayor Gergely Karacsony said in a video posted on Tuesday. 

“This outage does show the over-dependence we have on a single company, and the need for diversity and greater competition,” Jim Killock, executive director of the Open Rights Group in London, said in an interview. “Their reliance on data-driven, attention-optimizing products is dangerous and needs to be challenged through interventions enabling greater competition.” 

Some telecommunications companies were forced to intervene as a result of the shutdown. In a blog post on its website, the Polish Play unit of Paris-based telecommunications operator Iliad SA reported an eightfold surge in the number of calls as of its customer service. To avoid overloading, it had to modify its network.
Read more »
New Banking Trojan
Brazil Digital Security malware New Banking Trojan

Janeleiro a New Banking Trojan Targeting Corporate, Government Targets

 

A banking Trojan has been found out by cybersecurity researchers, which has targeted many organizations across the state of Brazil. An advisory has been released on Tuesday by ESET on the malware that was being developed in 2018. 
According to cyber intelligence, the Trojan named Janeleiro primarily focused on Brazil and launched multiple cyber attacks against corporate giants in various sectors such as engineering, healthcare sector, finance, retail, and manufacturing. Notably, the threat actors who are operating the banking trojan have also made attempts to get access into government systems using the malware.

According to the researchers, the Trojan is similar to other Trojans that are currently being operated across the state, specifically in Grandoreiro, Casbaneiro, and Mekotio, to name a major few. 

Janeleiro enters into smart devices similar to most malware, however, some features are different. First, Phishing emails will be sent in small batches, masked as unpaid invoices of the firm. These emails contain links that compromise servers into the system and download a .zip archive hosted in the cloud. If the target opens the archive file, a Windows-based MSI installer then loads the main Trojan DLL into the system. 

"In some cases, these URLs have distributed both Janeleiro and other Delphi bankers at different times," ESET says. 

“…This suggests that either the various criminal groups share the same provider for sending spam emails and for hosting their malware, or that they are the same group. We have not yet determined which hypothesis is correct." 

Interestingly, the Trojan first checks the geo-location of the targeted system's IP address. If the state code is Brazil and it remains and runs its operation but if it is other than Brazil then the malware will exit automatically. 

Janeleiro is being used to frame fake pop-up windows "on-demand," such as when operators compromised banking-related keywords from its machine. Once the operators get access to the system then they ask for sensitive credentials and banking details from targets.
Read more »
malware
Digital Security Dos Attacks. HTTP Attacks malware

Malware escalation in Q2 2020 : HTTP and Java based script attacks on the rise




While Q2 of this year saw an overall 8% decrease in malware attacks, 70% of them were zero-day attack (attacks occurring after the discovery of a vulnerability and before the release of a patch) - a 12% increase from the previous quarter. After the zero-day attacks, HTTP based attacks marked up to be 34%, and consequently organizations that do not inspect incoming traffic will be blind to one-third of attacks.

 But, there is some good news- encryption attacks reduced to 64% from Q1. Though it comes with a catch, while encryption threats decreased HTTP attacks made a massive jump even after many organizations equip HTTP inspection in their security intel.

 “Businesses aren’t the only ones that have adjusted operations due to the global COVID-19 pandemic – cybercriminals have too,” said Corey Nachreiner, CTO of WatchGuard, on the report.

 “The rise in sophisticated attacks, despite the fact that overall malware detection declined in Q2 2020, likely due to the shift to remote work, shows that attackers are turning to more evasive tactics that traditional signature-based anti-malware defenses simply can’t catch."

  “Every organization should be prioritizing behavior-based threat detection, cloud-based sand boxing, and a layered set of security services to protect both the core network, as well as the remote workforce.” 

Malware detected in Q2

Java Script-Based Attacks 

 Script attacks like Trojan. Gnaeus and J.S. PopUnder were among the top malware in the last quarter. Both of the access to the user's browser and settings and redirect them. 

 Updating your browser, preventing the browser from loading pages from unknown resources can help combat this malware. 

 Encrypted Excel files 

This malware uses an encrypted Excel file with a default password and once opened- the file automatically runs a VBA script. 

Abracadabra is one such Trojan malware that uses a default password to bypass security as the file is encrypted and later decrypted in Excel. 

 Dos makes a comeback 

 A very old (six years), Dos attacks affecting WordPress and Drupal made in the top 10 malware attack list in Q2. Though these were high in volume, they were concentrated in regions of Germany and Europe.
Read more »
Subscribe to: Posts (Atom)