Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Security Feature. Show all posts
Threat actors
Cyber Security Gmail Gmail checkmark system Google Security Feature Security flaw Threat actors

Google: Gmail Users Warned of a Security Flaw in its New Feature


Google has recently issued a warning to its 1.8 billion Gmail users following a security flaw that was discovered in one of its latest security functions.

The feature, Gmail checkmark system was introduced to assist users distinguish between certified businesses and organizations and legitimate emails from potential scammers. This is made possible through a blue checkmark, included in the function.

However, threat actors were able to take advantage of this feature, raising questions about the general security of Gmail.

Chris Plummer, a cybersecurity expert, found that cybercriminals could deceive Gmail into thinking their bogus businesses were real. This way, they shattered the trust Gmail users were supposed to have in the checkmark system.

"The sender found a way to dupe @gmail's authoritative stamp of approval, which end users are going to trust. This message went from a Facebook account to a UK netblock, to O365, to me. Nothing about this is legit," says Plummer.

Prior to these findings, Google dismissed the claims, calling this to be “intended behavior.” But after the issue gained a significant response following Plummer’s tweet related to the flaw, Google finally acknowledged the error.

Later, Google admitted its mistake and conducted a proper investigation into the matter. The flaw’s security was acknowledged, with Google labeling it as a ‘P1’ fix, which indicates it to be in the topmost priority status.

"After taking a closer look we realized that this indeed doesn't seem like a generic SPF vulnerability. Thus we are reopening this and the appropriate team is taking a closer look at what is going on […] We apologize again for the confusion and we understand our initial response might have been frustrating, thank you so much for pressing on for us to take a closer look at this! We'll keep you posted with our assessment and the direction that this issue takes," Google said in a statement.

Google’s warning serves as a caution to online users that security features too are vulnerable to flaws, regardless of how much advancement they may attain. Thus it is important to have a vigilant outlook on the ‘safety’ features. Users must also be careful when involving themselves with email communication.  

Read more »
VPN
Cyber Security Cybersecurity Security Feature User Data User Security VPN

Kill Switch: Your VPN is Useless Without This Essential Security Feature

 

Kill switch has turned out an essential security feature for VPN. If your virtual private network does not have a kill switch, internet users might have to look for a new VPN provider. 

In the instance, one’s VPN connection drops for any reason, a kill switch will immediately shut down the user’s internet connection. Thus, playing the role of a crucial VPN security feature, the kill switch ensures that the user data does not leak outside the VPN tunnel or be exposed online unencrypted – that may turn dangerous in many situations. 

Using a VPN, the user’s internet traffic is routed to a secure server at a location of his choice over an encrypted tunnel.  

Eventually, the user’s IP address will change to that of the server he is connecting to. This process not only allows access to geo-restricted content but also hides the user’s original IP address and internet traffic from ISP, government agencies, threat actors, and anyone who might be a threat to their online data.  

Why do VPN disconnections occur? 


Since no technology is error-free, even the best VPNs can have connection drops time and again. VPN disconnection happens for several reasons, some of which are listed below:  

• The user is using a weak or congested Wi-Fi connection — like a public Wi-Fi hotspot in a coffee shop, hotel, or airport. • User is switching to a different Wi-Fi network or switching from Wi-Fi to mobile data. • The computer goes to sleep. • An antivirus program or firewall on your computer is interfering with your VPN connection (in this case, make sure to whitelist your VPN software). • User is jumping from one VPN server to another, or they are frequently switching from one server to another, exceeding their VPN provider’s concurrent connection limit. • They use the OpenVPN UDP protocol, which is less stable than the TCP protocol (switch to TCP if you notice your VPN dropping). • The VPN server they are connecting to is down. • VPN app crashes.  

What if your VPN disconnects without a kill switch? 


In case a user’s VPN disconnects without enabling a kill switch, this will leave the internet connection active, exposing the user’s true IP address and web traffic the moment the disconnection continues unencrypted. 

As a result, the user’s online activities will be exposed, compromising any sensitive personal data one may have been accessing while connected to the VPN. A user can as well compromise his true location based on the exposed IP address. 

This could be problematic if the user is using VPN to access geographically restricted content and for professionals who use a VPN for crucial privacy needs. Using kill switch reduces the risk of such situations. 


How does a VPN kill switch operates? 


A VPN kill switch, when enabled continuously monitors the user’s VPN connection and scans for any change in his IP address or the status of one’s network. The kill switch will engage and block access to the internet connection in an instant if it detects any change in either. 

After the user reconnects to the VPN or the VPN tunnel reestablishes automatically, the kill switch will then allow the internet to reconnect, while still continuously monitoring the VPN connection.
Read more »
Technology
Microsoft Office 365 Phishing Mails Security Feature Technology

Microsoft Office 365 users will now be able to view their quarantined phishing messages

 

Microsoft Office 365 will now let users view their phishing messages that are automatically screened by Exchange Online Protection (EOP) filter. 



Through this new venture, users will now be able to reclaim that had been unwittingly marked as spam or phishing by EOP. (EOP- a cloud-based filtering service that scans messages and restricts malicious emails like spams, phishing emails, malware attachments from reaching to the end-user) 

"We understand that managing false positives is important to ensuring an email is delivered appropriately, and in the past, end-users weren't granted access to the quarantine to view messages," Microsoft debriefs on the new feature.

However, the new feature will be available as "read-only" access but the user can request a particular message to be dropped in the inbox that might have been accidentally quarantined. This new Office 365 ATP Request Release feature will be available to all users with the Advanced Threat Protection plan this month. 

Office also released a similar feature not too long ago - Application Guard which opens all files from unsafe locations in a secluded sandbox. This isolated sandbox doesn't allow malicious files to corrupt the device and software by not letting the file download any data, file, or extension from the attacker's server. 

Upcoming ATP security features and tools- 

Office 365 is alluding to enhance their security in the third quarter of the year with various new security features in the charts- 

  •  Improving Office 365 ATP Threat Explorer 
To elevate it's distinguishing ability to sort between malicious, spam, or phishing emails.

  •  Disable default email forwarding to external recipients
In order to prevent data theft and "automated malicious content blocking" to all users despite their custom settings.

  •  More transparency through email pathways-
Office ATP users would get more information on the route incoming emails take through Office's EOP (Exchange Online Protection) filtering system and they would know more about the "effectiveness of any security configuration changes" according to bleepingcomputer.com.

  •  New Configuration Analyzer 
This new feature is suspected to release in Q3 and would make it easier to compare your security policies settings efficacy to Office's recommended settings.
Read more »
Subscribe to: Posts (Atom)