The National Anti-Scam Centre warns Australians who have had their money stolen by scammers to be wary of offers to recover it for an upfront charge.
The ACCC cautioned that scammers are targeting victims of scams with schemes that demand an upfront charge to recover funds lost in previous scams.
The ACCC advisory said “Reports that involve a money recovery element are on the rise. Between December 2023 and May 2024, Scamwatch received 158 reports with total losses of over $2.9 million, including losses from the original scam. The number of reports increased by 129 percent compared to the six months prior, however, financial losses decreased by 29 percent from $4.1 million.”
Victims of prior frauds are easily identifiable by thieves, who frequently retain and sell information about those they have abused. Australians 65 and over were the largest reporting category, with the highest average losses.
Authorities are concerned about re-victimization, which can aggravate the financial and emotional suffering caused by scams.
1. Unsolicited Contact: Legitimate recovery services don’t cold-call or email victims. Be wary if someone reaches out to you unexpectedly.
2. Upfront Fees: Legitimate recovery services typically work on a no-win, no-fee basis. If someone demands payment upfront, it’s a red flag.
3. Pressure Tactics: Scammers use urgency and fear to manipulate victims. They might claim that time is running out or that they need immediate payment.
4. Requests for Personal Information: Scammers often ask for personal details under the guise of verifying your identity. Be cautious about sharing sensitive information.
If you're not using strong, random passwords, your accounts might be more vulnerable than you think. A recent study by cybersecurity firm Kaspersky shows that a lot of passwords can be cracked in less than an hour due to advancements in computer processing power.
Kaspersky's research team used a massive database of 193 million passwords from the dark web. These passwords were hashed and salted, meaning they were somewhat protected, but still needed to be guessed. Using a powerful Nvidia RTX 4090 GPU, the researchers tested how quickly different algorithms could crack these passwords.
The results are alarming: simple eight-character passwords, made up of same-case letters and digits, could be cracked in as little as 17 seconds. Overall, they managed to crack 59% of the passwords in the database within an hour.
The team tried several methods, including the popular brute force attack, which attempts every possible combination of characters. While brute force is less effective for longer and more complex passwords, it still easily cracked many short, simple ones. They improved on brute force by incorporating common character patterns, words, names, dates, and sequences.
With the best algorithm, they guessed 45% of passwords in under a minute, 59% within an hour, and 73% within a month. Only 23% of passwords would take longer than a year to crack.
To protect your accounts, Kaspersky recommends using random, computer-generated passwords and avoiding obvious choices like words, names, or dates. They also suggest checking if your passwords have been compromised on sites like HaveIBeenPwned? and using unique passwords for different websites.
This research serves as a reminder of the importance of strong passwords in today's digital world. By taking these steps, you can significantly improve your online security and keep your accounts safe from hackers.
How to Protect Your Passwords
The importance of strong, secure passwords cannot be overstated. As the Kaspersky study shows, many common passwords are easily cracked with modern technology. Here are some tips to better protect your online accounts:
1. Use Random, Computer-Generated Passwords: These are much harder for hackers to guess because they don't follow predictable patterns.
2. Avoid Using Common Words and Names: Hackers often use dictionaries of common words and names to guess passwords.
3. Check for Compromised Passwords: Websites like HaveIBeenPwned? can tell you if your passwords have been leaked in a data breach.
4. Use Unique Passwords for Each Account: If one account gets hacked, unique passwords ensure that your other accounts remain secure.
Following these tips can help you stay ahead of hackers and protect your personal information. With the increasing power of modern computers, taking password security seriously is more important than ever.
Cybersecurity researchers at Zscaler ThreatLabz have uncovered a concerning trend in which cybercriminals are exploiting popular web hosting and blogging platforms to disseminate malware and steal sensitive data. This sophisticated tactic, known as SEO poisoning within the realm of Black Hat SEO techniques, has been employed to manipulate search engine results, pushing fraudulent websites to the forefront of users' search queries, thereby increasing the risk of unwittingly accessing malicious content.
How They Operate
The cybercriminals orchestrating these operations have devised intricate strategies to evade detection and entice unsuspecting users into downloading malware. They fabricate fraudulent websites spanning a wide array of topics, ranging from pirated software to culinary recipes, often hosted on well-established platforms such as Weebly. By adopting the guise of legitimate sites, complete with endorsements like "Powered by Weebly," they exploit users' trust in reputable services to perpetrate their malicious activities.
The process commences with cybercriminals setting up sham sites on web hosting services, adeptly avoiding detection by both hosting providers and users. When individuals search for relevant content and click on links from search results, they unknowingly find themselves on these malevolent sites. To circumvent scrutiny from security researchers, the perpetrators implement evasion techniques, including scrutinising referral URLs. Should a user access the site directly, indicating a potential analysis, the site tactfully sidesteps redirection to preserve its cloak of invisibility.
The Payload Delivery System
Malicious payloads are secretly delivered through multi-layered zipped files concealed within seemingly innocuous content. For instance, an individual seeking cracked software may inadvertently download malware instead of the anticipated content. Upon execution, the malware puts together a sequence of activities, encompassing process hollowing and DLL sideloading, aimed at downloading additional malware and establishing communication with command-and-control servers.
Tricks to Avoid Detection
To further complicate their activities, threat actors employ techniques, including string concatenation, mathematical manipulation, and the utilisation of password-protected ZIP archives. These tactics serve to confound security measures, rendering the malicious code arduous to decipher and bolstering the malware's ability to slightly pass over detection.
Data Theft and Deceptive Tactics
Once ensconced within a system, the malware embarks on an mission to harvest extensive troves of data, encompassing system information, browser data, credentials, and browsing history. Additionally, it sets its sights on emails pertaining to cryptocurrency exchanges, adeptly modifying email content and intercepting one-time authentication codes to facilitate unauthorised access.
How To Protect Yourself?
Keeping in mind such campaigns, users are advised to exercise utmost caution when procuring software from unfamiliar sources and to prioritise visiting reputable websites. Staying abreast of emerging cybersecurity threats and securing defences with robust protocols can substantially mitigate the risk of succumbing to potential infections.
A major data breach has impacted the online survey platform SurveyLama, putting the sensitive data of over four million individuals at risk. The breach, which occurred in February of this year, was confirmed by the company to Troy Hunt, the creator of the well-known website Have I Been Pwned?, which tracks email addresses exposed in data breaches.
What Happened:
Unknown attackers gained unauthorised access to SurveyLama's database, compromising users' names, dates of birth, email addresses, IP addresses, passwords, phone numbers, and postal addresses. This breach leaves users vulnerable to identity theft and phishing scams.
Implications for Users:
SurveyLama rewards its users for completing surveys, making them potential targets for phishing emails. While passwords were stored in encrypted forms (salted SHA-1, bcrypt, and argon2 hashes), some could still be susceptible to brute-force attacks, especially those hashed with SHA-1, which has known vulnerabilities. Users are strongly advised to update their passwords immediately as a precautionary measure.
Protective Measures:
SurveyLama has reportedly notified affected users via email about the breach. However, users should remain cautious of any suspicious emails, particularly those promising rewards in exchange for quick action. Although the stolen information has not yet been publicly posted or sold on the dark web, proactive steps should be taken to secure accounts.
Expert Insight:
Troy Hunt, upon receiving information about the breach, independently verified the data's authenticity. SurveyLama confirmed the security incident and assured users that passwords were stored in encrypted forms. Nonetheless, users are encouraged to reset their passwords not only on SurveyLama but also on other platforms where similar credentials may have been used.
While SurveyLama has taken steps to address the breach and notify affected users, the potential risks remain significant. The possibility of the stolen data being exploited privately or leaked to cybercriminals underscores the importance of immediate action by users to safeguard their personal information.
All in all, the SurveyLama data breach serves as a reminder of the ever-present threats to online security and the importance of vigilance in protecting personal data. Users must stay informed, remain cautious of suspicious activities, and take proactive measures to enhance their online security posture.
We are all drowning in information in this digital world and the widespread adoption of artificial intelligence (AI) has become increasingly commonplace within various spheres of business. However, this technological evolution has brought about the emergence of generative AI, presenting a myriad of cybersecurity concerns that weigh heavily on the minds of Chief Information Security Officers (CISOs). Let's synthesise this issue and see the intricacies from a microscopic light.
The lack of robust frameworks around data collection and input into generative AI models raises concerns about data privacy. Without enforceable policies, there's a risk of models inadvertently replicating and exposing sensitive corporate information, leading to data breaches.
The absence of strategic policies around generative AI and corporate data privacy can result in models being trained on proprietary codebases. This exposes valuable corporate IP, including API keys and other confidential information, to potential threats.
Despite the implementation of guardrails to prevent AI models from producing harmful or biased content, researchers have found ways to circumvent these safeguards. Known as "jailbreaks," these exploits enable attackers to manipulate AI models for malicious purposes, such as generating deceptive content or launching targeted attacks.
To mitigate these risks, organisations must adopt cybersecurity best practices tailored to generative AI usage:
1. Implement AI Governance: Establishing governance frameworks to regulate the deployment and usage of AI tools within the organisation is crucial. This includes transparency, accountability, and ongoing monitoring to ensure responsible AI practices.
2. Employee Training: Educating employees on the nuances of generative AI and the importance of data privacy is essential. Creating a culture of AI knowledge and providing continuous learning opportunities can help mitigate risks associated with misuse.
3. Data Discovery and Classification: Properly classifying data helps control access and minimise the risk of unauthorised exposure. Organisations should prioritise data discovery and classification processes to effectively manage sensitive information.
4. Utilise Data Governance and Security Tools: Employing data governance and security tools, such as Data Loss Prevention (DLP) and threat intelligence platforms, can enhance data security and enforcement of AI governance policies.
Various cybersecurity vendors provide solutions tailored to address the unique challenges associated with generative AI. Here's a closer look at some of these promising offerings:
1. Google Cloud Security AI Workbench: This solution, powered by advanced AI capabilities, assesses, summarizes, and prioritizes threat data from both proprietary and public sources. It incorporates threat intelligence from reputable sources like Google, Mandiant, and VirusTotal, offering enterprise-grade security and compliance support.
2. Microsoft Copilot for Security: Integrated with Microsoft's robust security ecosystem, Copilot leverages AI to proactively detect cyber threats, enhance threat intelligence, and automate incident response. It simplifies security operations and empowers users with step-by-step guidance, making it accessible even to junior staff members.
3. CrowdStrike Charlotte AI: Built on the Falcon platform, Charlotte AI utilizes conversational AI and natural language processing (NLP) capabilities to help security teams respond swiftly to threats. It enables users to ask questions, receive answers, and take action efficiently, reducing workload and improving overall efficiency.
4. Howso (formerly Diveplane): Howso focuses on advancing trustworthy AI by providing AI solutions that prioritize transparency, auditability, and accountability. Their Howso Engine offers exact data attribution, ensuring traceability and accountability of influence, while the Howso Synthesizer generates synthetic data that can be trusted for various use cases.
5. Cisco Security Cloud: Built on zero-trust principles, Cisco Security Cloud is an open and integrated security platform designed for multicloud environments. It integrates generative AI to enhance threat detection, streamline policy management, and simplify security operations with advanced AI analytics.
6. SecurityScorecard: SecurityScorecard offers solutions for supply chain cyber risk, external security, and risk operations, along with forward-looking threat intelligence. Their AI-driven platform provides detailed security ratings that offer actionable insights to organizations, aiding in understanding and improving their overall security posture.
7. Synthesis AI: Synthesis AI offers Synthesis Humans and Synthesis Scenarios, leveraging a combination of generative AI and cinematic digital general intelligence (DGI) pipelines. Their platform programmatically generates labelled images for machine learning models and provides realistic security simulation for cybersecurity training purposes.
These solutions represent a diverse array of offerings aimed at addressing the complex cybersecurity challenges posed by generative AI, providing organizations with the tools needed to safeguard their digital assets effectively.
While the adoption of generative AI presents immense opportunities for innovation, it also brings forth significant cybersecurity challenges. By implementing robust governance frameworks, educating employees, and leveraging advanced security solutions, organisations can navigate these risks and harness the transformative power of AI responsibly.
As generative AI technology gains momentum, the focus on cybersecurity threats surrounding the chips and processing units driving these innovations intensifies. The crux of the issue lies in the limited number of manufacturers producing chips capable of handling the extensive data sets crucial for generative AI systems, rendering them vulnerable targets for malicious attacks.
According to recent records, Nvidia, a leading player in GPU technology, announced cybersecurity partnerships during its annual GPU technology conference. This move underscores the escalating concerns within the industry regarding the security of chips and hardware powering AI technologies.
Traditionally, cyberattacks garner attention for targeting software vulnerabilities or network flaws. However, the emergence of AI technologies presents a new dimension of threat. Graphics processing units (GPUs), integral to the functioning of AI systems, are susceptible to similar security risks as central processing units (CPUs).
Experts highlight four main categories of security threats facing GPUs:
1. Malware attacks, including "cryptojacking" schemes where hackers exploit processing power for cryptocurrency mining.
2. Side-channel attacks, exploiting data transmission and processing flaws to steal information.
3. Firmware vulnerabilities, granting unauthorised access to hardware controls.
4. Supply chain attacks, targeting GPUs to compromise end-user systems or steal data.
Moreover, the proliferation of generative AI amplifies the risk of data poisoning attacks, where hackers manipulate training data to compromise AI models.
Despite documented vulnerabilities, successful attacks on GPUs remain relatively rare. However, the stakes are high, especially considering the premium users pay for GPU access. Even a minor decrease in functionality could result in significant losses for cloud service providers and customers.
In response to these challenges, startups are innovating AI chip designs to enhance security and efficiency. For instance, d-Matrix's chip partitions data to limit access in the event of a breach, ensuring robust protection against potential intrusions.
As discussions surrounding AI security evolve, there's a growing recognition of the need to address hardware and chip vulnerabilities alongside software concerns. This shift reflects a proactive approach to safeguarding AI technologies against emerging threats.
The intersection of generative AI and GPU technology highlights the critical importance of cybersecurity in the digital age. By understanding and addressing the complexities of GPU security, stakeholders can mitigate risks and foster a safer environment for AI innovation and adoption.
A colossal breach of data has rattled the digital world affecting billions of users across various platforms and organisations. This vile breach, dubbed the "mother of all breaches" (MOAB), has exposed a staggering 26 billion entries, including those from LinkedIn, Twitter, Dropbox, and others. Government agencies in several countries have also been hit.
The implications for businesses are imminent. The leaked data, totaling 12 terabytes, poses an ongoing threat to personal information and corporate security. It not only comprises information from past breaches but also includes new data, providing cybercriminals with a comprehensive toolkit for orchestrating various cyberattacks, including identity theft.
In response to this unprecedented threat, businesses are urged to adopt a proactive stance in monitoring their infrastructure. Key signals to watch for include unusual access scenarios, suspicious account activity, a surge in phishing attempts, abnormal network traffic, an increase in helpdesk requests, and customer complaints about unauthorised access or suspicious transactions.
This incident underscores the need for a new security paradigm, where companies prioritise user security over user experience. While some may resist this shift, it is essential for long-term protection against cyber threats. Implementing global security standards such as ISO/IEC 27001 and enhancing authentication policies are crucial steps in fortifying defences.
Authentication measures like multi-factor authentication and liveness detection technology are rapidly gaining traction as the go-to standards across industries. These methods not only reinforce security but also seamlessly integrate into user experiences, striking a delicate balance between safeguarding sensitive data and ensuring user convenience. By embracing these sophisticated authentication techniques, businesses can erect formidable defences against cyber threats while enhancing overall user satisfaction.
The recent MOAB incident serves as a sign of trouble for businesses worldwide to bolster their defence mechanisms and hone their cyber acumen. While the paramountcy of data security cannot be overstated, it is equally crucial for companies, particularly those engaging with consumers directly, to uphold user-friendly processes. By harmonising stringent security measures with intuitive and accessible procedures, businesses can adeptly traverse the complex system of cybersecurity, instilling trust among stakeholders and effectively mitigating potential risks in a rampant semblance of digital development.
To get a hold of the events, the MOAB data breach underlines the exponential need for businesses to invest in robust security measures while ensuring a smooth user experience. By staying a step ahead and proactive, companies can mitigate the risks posed by cyber threats and safeguard their customers' sensitive information.
Recent research has surfaced serious security vulnerabilities within ChatGPT plugins, raising concerns about potential data breaches and account takeovers. These flaws could allow attackers to gain control of organisational accounts on third-party platforms and access sensitive user data, including Personal Identifiable Information (PII).
According to Darren Guccione, CEO and co-founder of Keeper Security, the vulnerabilities found in ChatGPT plugins pose a significant risk to organisations as employees often input sensitive data, including intellectual property and financial information, into AI tools. Unauthorised access to such data could have severe consequences for businesses.
In November 2023, ChatGPT introduced a new feature called GPTs, which function similarly to plugins and present similar security risks, further complicating the situation.
In a recent advisory, the Salt Security research team identified three main types of vulnerabilities within ChatGPT plugins. Firstly, vulnerabilities were found in the plugin installation process, potentially allowing attackers to install malicious plugins and intercept user messages containing proprietary information.
Secondly, flaws were discovered within PluginLab, a framework for developing ChatGPT plugins, which could lead to account takeovers on third-party platforms like GitHub.
Lastly, OAuth redirection manipulation vulnerabilities were identified in several plugins, enabling attackers to steal user credentials and execute account takeovers.
Yaniv Balmas, vice president of research at Salt Security, emphasised the growing popularity of generative AI tools like ChatGPT and the corresponding increase in efforts by attackers to exploit these tools to gain access to sensitive data.
Following coordinated disclosure practices, Salt Labs worked with OpenAI and third-party vendors to promptly address these issues and reduce the risk of exploitation.
Sarah Jones, a cyber threat intelligence research analyst at Critical Start, outlined several measures that organisations can take to strengthen their defences against these vulnerabilities. These include:
1. Implementing permission-based installation:
This involves ensuring that only authorised users can install plugins, reducing the risk of malicious actors installing harmful plugins.
2. Introducing two-factor authentication:
By requiring users to provide two forms of identification, such as a password and a unique code sent to their phone, organisations can add an extra layer of security to their accounts.
3. Educating users on exercising caution with code and links:
It's essential to train employees to be cautious when interacting with code and links, as these can often be used as vectors for cyber attacks.
4. Monitoring plugin activity constantly:
By regularly monitoring plugin activity, organisations can detect any unusual behaviour or unauthorised access attempts promptly.
5. Subscribing to security advisories for updates:
Staying informed about security advisories and updates from ChatGPT and third-party vendors allows organisations to address vulnerabilities and apply patches promptly.
As organisations increasingly rely on AI technologies, it becomes crucial to address and mitigate the associated security risks effectively.
In an era where our daily lives intertwine with the digital world, the internet becomes both a companion and a potential threat, understanding the role of Virtual Private Networks (VPNs) is key to safeguarding your online experience. Whether you're working remotely, enjoying a coffee shop's Wi-Fi, or travelling, a VPN functions as a dependable safeguard against potential security risks.
What is a VPN?
A VPN, or Virtual Private Network, is your online security guard. Its purpose is to create a secure, private tunnel over the internet, encrypting your data and protecting it from prying eyes. This extra layer of security is especially crucial given the internet's initial design prioritising data transfer reliability over privacy.
How does it work?
Imagine your computer wanting to visit a website like ZDNET. Instead of sending unprotected data, a VPN encrypts it and sends it through a secure tunnel to a VPN server. This server then decrypts the information, establishing a safe connection between your device and the destination, ensuring your data remains confidential.
There are two main types of VPNs. Corporate VPNs connect private networks within the same organisation over the internet, securing data transmission. Consumer VPNs, offered as a service, protect your data transmission to the provider's data centre, enhancing security, especially on public Wi-Fi.
When should you use a VPN?
Whenever you're away from your secure home or office network and using public Wi-Fi, a VPN is your go-to. It adds an extra layer of protection against potential snoopers on open networks, especially when accessing services with personal information.
Choosing the right VPN service matters. While free VPNs exist, they often come with privacy risks. Some are even set up by malicious entities to harvest personal data. Opting for a reputable paid VPN service is a safer choice.
However, a VPN does not serve as an infallible solution for privacy. While it secures your connection, it does not have the capability to prevent websites from tracking your activities. Users are advised to maintain vigilance regarding potential privacy infringements that may extend beyond the scope of the VPN.
Concerned about your computer slowing down?
Advancements in CPU performance have effectively mitigated the impact of data encryption and decryption processes. However, network performance remains susceptible to the quality of public Wi-Fi and the geographical location of the VPN server.
Certain VPN services may impose limitations on usage, such as data caps or speed restrictions. These restrictions are often associated with free services. Therefore, opting for a dependable paid service that aligns with your specific requirements becomes imperative.
In the domain of online security, VPNs play a pivotal role. Whether safeguarding sensitive work data or ensuring privacy on public networks, a comprehensive understanding of VPN fundamentals empowers users to traverse the internet securely. It is advised to make informed choices, stay updated, and consider your VPN as a reliable tool for online protection.
Cloudflare, a prominent Internet security and DDoS protection company, recently fell victim to a cyberattack linked to the widespread Okta supply-chain campaign last fall. The breach, affecting Cloudflare's Atlassian Bitbucket, Confluence, and Jira platforms, commenced on Thanksgiving Day.
Cloudflare, in collaboration with industry and government partners, determined that a nation-state attacker aimed to gain persistent and widespread access to its global network. Working with CrowdStrike, the company found that cyber attackers initially accessed the internal wiki (Confluence) and bug database (Jira). They later established persistence on the Atlassian server and proceeded to explore potential points of entry. The assailants successfully breached Cloudflare's source code management system (Bitbucket) and an AWS instance.
The analysis revealed the attackers sought information about the configuration and management of Cloudflare's global network. They accessed various Jira tickets related to vulnerability management, secret rotation, MFA bypass, network access, and the company's response to the Okta incident. Fortunately, due to network segmentation and a zero-trust authentication approach limiting lateral movement, the attackers were largely prevented from accessing critical systems.
Despite minimal access, Cloudflare took comprehensive measures, rotating over 5,000 production credentials, segmenting test and staging systems, and conducting forensic triages on nearly 5,000 systems. The company also reimaged and rebooted every machine in its global network and all Atlassian products.
Experts emphasise the severity of supply chain attacks, highlighting the risk of non-human access being exploited by attackers to gain high-privilege access to internal systems. This breach underscores the importance of monitoring both cloud-based and on-premises solutions.
Notably, Cloudflare identified the compromise's connection to a prior Okta breach in October. Okta, an identity and access management services provider, disclosed a compromise in its customer support case management system, exposing sensitive customer data. The attackers leveraged access tokens and service account credentials obtained during the Okta compromise. All threat actor access was terminated on November 24, according to CrowdStrike.
In response, Cloudflare conducted a thorough security remediation, emphasising the need for credential rotation after a security incident. Okta confirmed its prior notification to customers about the October security incident, urging them to rotate credentials and providing indicators of compromise.
This incident draws attention to the ongoing challenges posed by sophisticated cyber threats, making it clear that the importance of continuous vigilance and proactive security measures is substantial. The collaboration between companies and security experts remains crucial in mitigating the impact of such attacks.
As cybersecurity threats continue to evolve, it is imperative for organisations to stay informed, implement robust security practices, and prioritise swift responses to potential breaches.