Making Sense of Security

Securing your Digital World.

Making Sense of Security

Face scanning – privacy concern or identity protection?

What issues would face scanning attached to a mobile device resolve and, if used correctly, would it make the incursion into my privacy acceptable? On December 1st, China’s regulation took effect requiring each person to have a facial scan when subscribing for a new mobile phone. If you were not aware of this regulation your initial reaction, like mine, could be that this is an infringement of privacy rights. After all, why does any government need Read more…


80% of all Android apps encrypt traffic by default

Google keeps pushing in its mission for broader encryption adoption Android commands the lion’s share of the mobile operating system market. And with so many users under its wings, it should come as no surprise that Google has been doubling down on security. In a blog post this week, the tech behemoth announced that 80% of Android applications in its Google Play store encrypt network traffic by default, using the Transport Layer Security (TLS) protocol. Read more…


How to spot if your child is a victim of cyberbullying

What are some of the most common warning signs that your child is experiencing online harassment? Cyberbullying is by no means a new phenomenon; in fact, the term was added to the Oxford Dictionary back in 2011. However, as technology permeates almost every facet of our lives, the threat of online harassment is becoming more and more prevalent. It is increasingly common for schoolchildren to own smartphones, which often go hand-in-hand with social media accounts. Read more…


5 scam prevention tips for seniors

How can people who didn’t grow up with technology protect themselves against some of the most common types of online fraud? The conventional thinking is that seniors tend to be at a higher risk of falling prey to scam artists than their children or grandchildren. Regardless of whether this is true or not, older people in the United States alone are swindled out of some US$3 billion a year via all manner of schemes, including Read more…


Fortune 100 CISO Joins Armis To Fight Internet of Things Cybercrime

Curtis Simpson on changing mindsets and approaches to securing IoT in the enterprise– Casey Crane St. Petersburg, Fla. – Jan. 17, 2020 Whether it’s a vending machine, Bluetooth headphones, or a CCTV — the Internet of Things (IoT) can be seen everywhere. With connected devices so commonplace in consumer, enterprise, healthcare, manufacturing, and retail environments, they’re easy to integrate into the flow of things. But something that’s not as easy is remembering that, at their Read more…


Analyst Webcast: SANS Top New Attacks and Threat Report – April 28, 2020 1:00pm US/Eastern

Tuesday, April 28th, 2020 at 1:00 PM EDT (17:00:00 UTC) John Pescatore Sponsors You can now attend the webcast using your mobile device! Overview As we move into 2020, news reports have been filled with reports of deepfakes, attacks against election systems, quantum computing advances and more. SANS instructors Heather Mahalik, Ed Skoudis and Johannes Ullrich present their analysis of the new attack techniques currently in use that will affect you and share their projections Read more…


Special Webcast: SANS Women in Cybersecurity Forum – April 24, 2020 8:30am US/Eastern

Friday, April 24th, 2020 at 8:30 AM EST (12:30:00 UTC) You can now attend the webcast using your mobile device! Overview In the Washington D.C. area? Join us at the Live Event. Register here. Today, women are entering and rising through the ranks of cybersecurity experts, with more expected to join these ranks in coming years. For example, females will represent more than 20% of the global cybersecurity workforce by the end of this year, Read more…


Analyst Webcast: Zero Trust: What You Need to Know to Secure Your Data and Networks – April 21, 2020 1:00pm US/Eastern

Tuesday, April 21st, 2020 at 1:00 PM EDT (17:00:00 UTC) Dave Shackleford and Ricardo Font Sponsor You can now attend the webcast using your mobile device! Overview By not trusting by default anything and everything inside and outside of your networks, the “zero trust” concept protects against attacks and breaches. Although zero trust has focused on network access control (NAC) and identity management, as threats evolve, security professionals are expanding the notion of zero trust Read more…


Special Webcast: Driving Cybersecurity Change Establishing a Culture of Protect, Detect and Respond Highlights – April 7, 2020 10:30am US/Eastern

Driving Cybersecurity Change – Establishing a Culture of Protect, Detect and Respond Highlights Tuesday, April 7th, 2020 at 10:30 AM EDT (14:30:00 UTC) Lance Spitzner Sponsor You can now attend the webcast using your mobile device! Overview   Cybersecurity is no longer just about technology it is ultimately about organizational change. Change in not only how people think about security but what they prioritize and how they act, from the Board of Directors on down. Read more…


Special Webcast: Your Password Doesnt Matter – February 5, 2020 3:30pm US/Eastern

Your Password Doesn’t Matter Wednesday, February 5th, 2020 at 3:30 PM EST (20:30:00 UTC) Alex Weinert Sponsor You can now attend the webcast using your mobile device! Overview A challenge for nearly every company is how to deal with passwords because let’s face it – a breach is bound to happen without augmenting or replacing passwords with stronger authentication methods that people can easily adopt. Learn why your password doesnt matter in most attacks, and Read more…


Cybersecurity Trends 2020: Technology is getting smarter – are we?

With 2019 ending, ESET experts offer their insights into how new innovations will impact our privacy, security and lives in the not so distant future A tumultuous 2019 is steadily but surely wrapping up. Before we all step into the New Year full of hopes and expectations, we take a step back to look at what the year ahead may have in store for us all in our annual Trends report. The past year has Read more…


Data leak exposes 750,000 birth certificate applications

A variety of sensitive information has been there for the taking due to an unsecured cloud storage container Over 752,000 birth certificate applications have been exposed online by an unnamed company that enables people to obtain copies of birth and death records from state governments in the United States, TechCrunch reports. Needless to say, the exposed cache of documents includes a variety of personal information. The leak was reported by Fidus Information Security, a company specializing Read more…


Chrome now warns you if your password has been stolen

The browser’s latest version also aims to up the ante in phishing protection Google has added a new feature to its Chrome web browser that will alert users if their login credentials have been compromised in a security breach, according to the company’s announcement. This may sound familiar, and with good reason. The functionality builds on Chrome’s Password Checkup browser extension, which was rolled out in February of this year and has since been downloaded Read more…


2FA: Double down on your security

The second authentication factor might be a minor inconvenience, but it provides a major security boost With past years riddled with security breaches, it is high time we evaluated the way we secure our online presence. The usual way to secure most of your digital accounts is by using a password, no question about it. The problem is you have tens – even hundreds – of accounts you need to secure. How do you go Read more…


The worst passwords of 2019: Did yours make the list?

These passwords may win the popularity contest but lose flat out in security Year after year, analyses show that millions of people make, to put it mildly, questionable choices when it comes to the passwords they use to protect their accounts. And fresh statistics for the year that is drawing to a close confirm that bad habits do die hard and many people willingly put themselves in the firing line of account-takeover attacks. Drawing on Read more…


It’s time to disconnect RDP from the internet

Brute-force attacks and BlueKeep exploits usurp convenience of direct RDP connections; ESET releases a tool to test your Windows machines for vulnerable versions While the BlueKeep (CVE-2019-0708) vulnerability has not, to date, caused widespread havoc, and we will be looking at the reasons why in this post, it is still very early in its exploitation life cycle. The fact remains that many systems are still not patched, and a thoroughly wormable version of the exploit might Read more…


38,000 people forced to pick up email passwords in person

Malware and legal requirements force academics and students to join a near-endless line in order to pick up their passwords Usually, if you forget your password or need to change it for other reasons, getting a new one is a straightforward process that involves a few clicks. Now imagine you would have to prove your identity and retrieve your password in person. Don’t rush to laugh this off as a bizarre fantasy, as thousands of Read more…


5 major US wireless carriers vulnerable to SIM swapping attacks

When it comes to protection against this insidious type of scam, the telcos’ authentication procedures leave a lot be desired, a study finds Five major US wireless carriers – AT&T, T-Mobile, Verizon, Tracfone and US Mobile – are susceptible to SIM swap scams, a danger apparently looming large especially over prepaid accounts, a study by Princeton University researchers has found. SIM swapping attacks, also known as port-out or SIM swap scams, have been a serious Read more…


Millions of modems at risk of remote hijacking

Multiple cable modem models from various manufacturers found vulnerable to takeover attacks Hundreds of millions of cable modems from various manufacturers may be susceptible to a critical vulnerability that can enable attackers to intercept people’s private messages or redirect their internet traffic, new research has found. Tracked as CVE-2019-19494 and nicknamed Cable Haunt, the vulnerability is estimated to have affected nearly all cable modems in Europe until recently, with many still remaining at risk. How Read more…


Threat Roundup for January 10 to January 17

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 10 and Jan 17. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats. As a reminder, the information provided for the following threats in this post is non-exhaustive Read more…


New JhoneRAT Malware Targets Middle East

Researchers say that JhoneRAT has various anti-detection techniques – including making use of Google Drive, Google Forms and Twitter. Researchers are warning of a new remote access trojan (RAT), dubbed JhoneRAT, which is being distributed as part of an active campaign, ongoing since November 2019, that targets victims in the Middle East. Once downloaded, the RAT gathers information on the victims’ computers and is also able to download additional payloads. Evidence shows that the attackers behind JhoneRAT Read more…


Feds Cut Off Access to Billions of Breached Records with Site Takedown

The WeLeakInfo “data breach notification” domain is no more. The feds and international law enforcement have taken down a website that was selling access to billions of stolen personal records. The FBI and the Department of Justice said on Thursday that they, in conjunction with the Dutch police, the United Kingdom’s National Crime Agency and Germany’s Bundeskriminalamt, have seized the internet domain name “weleakinfo.com,” effectively suspending its operations. Separately, in conjunction with the case, the Read more…


Mobile Carrier Customer Service Ushers in SIM-Swap Fraud

Weak challenge questions by customer service reps make it easy for fraudsters to hijack a phone line and bypass 2FA to breach accounts. Mobile carriers have left the door wide open to SIM-swap attacks, particularly when it comes to prepaid accounts, researchers have found. SIM swapping is a form of fraud that allows crooks to bypass SMS-based two-factor authentication (2FA) and crack online banking or other high-value accounts. According to PhishLabs, a typical attack would Read more…


Why baby boomers are looking to IoT and analytics to stay safe

IoT security is becoming a top-of-mind priority in the personal care industry. Essence group believes it has the solution and had it on display at CES 2020. TechRepublic’s Karen Roby talked to Josh Locke, vice-president of sales at Essence Security, at CES 2020 about its Internet of Things(IoT) products for senior care. The following is an edited transcript of their conversation.  Josh Locke: This is Essence Group. We’re representing four different business channels to our Essence Group umbrella, and we specialize in IoT Read more…


Why blockchain-based cybersecurity may be the answer for vulnerable IoT networks

CES 2020: A “hacked” robot was on display to demonstrate how SigmaDots serverless architecture is poised to fend off IoT security threats. View Original Source Article HERE


Special Webcast: Cyber Threat Intelligence Solutions Forum: Intel-Use Cases for Destructive Scenarios – March 27, 2020 8:30am US/Eastern

Friday, March 27th, 2020 at 8:30 AM EST (12:30:00 UTC) Robert M. Lee You can now attend the webcast using your mobile device! Overview In the Washington D.C. area? Join us at the Live Event. Register here. Cyber threat intelligence has a wide range of use-cases for security practitioners. Over the past few SANS cyber threat intelligence forums we’ve focused on tactical level insights and lessons learned from the field as well as operational level Read more…


Special Webcast: Faster, Better, AND Cheaper: Improving security operations using open source tools – March 18, 2020 3:30pm US/Eastern

Wednesday, March 18th, 2020 at 3:30 PM EST (19:30:00 UTC) John Hubbard You can now attend the webcast using your mobile device! Overview Let’s face it, a well-run cyber defense operation doesn’t often meet the definition of inexpensive by any standards, but does it necessarily require many thousands of dollars in fancy vendor tools? With the maturation of open source tools, the answer to that question is now a definite “no”, but many organizations continue Read more…


Special Webcast: From X-rays to hex-rays – March 16, 2020 3:30pm US/Eastern

From X-rays to hex-rays Monday, March 16th, 2020 at 3:30 PM EST (19:30:00 UTC) Mathias Fuchs You can now attend the webcast using your mobile device! Overview Certified SANS Instructor Mathias Fuchs discusses what it takes to get into cybersecurity and what he thinks makes a great Digital Forensicator. Mathias will share personal stories from the front line in his roles, from his early days in biomedical computer sciences up to the present day. Speaker Read more…


Special Webcast: Finding Answers Faster Using OSINT and DFIR Skills – February 28, 2020 3:30pm US/Eastern

Friday, February 28th, 2020 at 3:30 PM EST (20:30:00 UTC) Jeff Lomas You can now attend the webcast using your mobile device! Overview Digital forensic examiners, investigators, and analysts are faced with the growing challenge of how to use digital forensic data and online data to fulfill intelligence requirements in a timely manner. Evidence for online video activity is present in nearly every mobile and computer forensic examination, but no current digital forensic tools can Read more…


Special Webcast: The NICE Cybersecurity Workforce Framework: What is it and Why is it Important? – February 20, 2020 10:30am US/Eastern

The NICE Cybersecurity Workforce Framework: What is it and Why is it Important? Thursday, February 20th, 2020 at 10:30 AM EST (15:30:00 UTC) Rodney Petersen You can now attend the webcast using your mobile device! Overview The National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework provides a common taxonomy and lexicon for describing cybersecurity work. The components of the NICE Framework include 7 categories, 33 specialty areas, 52 work roles, and a corresponding catalogue of Read more…


News Wrap: PoC Exploits, Cable Haunt and Joker Malware

Are publicly-released PoC exploits good or bad? Why is the Joker malware giving Google a headache? The Threatpost team discusses all this and more in this week’s news wrap. This week’s news wrap podcast breaks down the biggest Threatpost security stories of the week, including: Various proof-of-concept exploits being released for serious vulnerabilities this week – including for the recently-patched crypto-spoofing vulnerability found by the National Security Agency and reported to Microsoft. Multiple cable modems Read more…


5 tips to avoid spear-phishing attacks

by Paul Ducklin The word “Burisma” is all over the news at the moment – it’s a Ukranian energy company that, according to some claims, was broken into by Russian hackers looking for sensitive data to steal. As you can imagine, the way the hackers got in is supposed to have been by means of phishing attacks. Phishing, very briefly defined, is where a cybercriminal tricks you into revealing something electronically that you ought to Read more…


Mobile Banking Malware Up 50% in First Half of 2019

A new report from Check Point recaps the cybercrime trends, statistics, and vulnerabilities that defined the security landscape in 2019. In the last year, 28% of organizations were hit with a botnet infection. Roughly one-third of cyberattacks were perpetrated by insiders, and 27% of all global businesses were affected by threats involving mobile devices. Mobile banking malware jumped 50% in the first half of 2019. These numbers come from Check Point Research’s “2020 Cyber Security Read more…


Microsoft patches severe Windows flaw after tip‑off from NSA

The US intelligence agency expects attackers to waste no time in developing tools aimed at exploiting the vulnerability Microsoft has shipped out a security patch to address a serious vulnerability in the Windows operating system that, if abused, could enable attackers to make malware appear as though it was code from a legitimate source. The vulnerability, which is being fixed as part of this month’s Patch Tuesday rollout, affects a key cryptographic component of Windows Read more…


You can now turn your iPhone into a Google security key

And it doesn’t require much more than downloading a dedicated app Last year, Google made it possible for most Android users to use their phone as a physical security key for their Google accounts. Fast forward a few months and most iPhone users receive the same option. According to Google’s blog post yesterday, the feature was introduced with an update to the Google Smart Lock app on iOS and is available to all iPhone owners Read more…


FBI shuts down website selling billions of stolen records

A subscription to the trove of personal details could be had for as little as $2 US law enforcement has seized the WeLeakInfo.com domain name for peddling personal data stolen in data breaches. The shadowy website offered a pay-to-play scenario that allowed anyone to search for and access other people’s personal details, according to a statement from the Department of Justice (DOJ). WeLeakInfo.com “claimed to provide its users a search engine to review and obtain Read more…


Social Media Privacy Settings

Overview Social media sites, such as Snapchat, Facebook, Twitter, Instagram, and LinkedIn, are amazing resources, allowing you to meet, interact, and share with people around the world. However, with all this power comes risks–not just for you, but your family, friends, and employer. In this newsletter, we cover the key steps to making the most of social media securely and safely. Posting Be careful and think before posting. Anything you post will most likely become Read more…


FBI Seizes Domain That Sold Info Stolen in Data Breaches

Enterprise Vulnerabilities From DHS/US-CERT’s National Vulnerability Database CVE-2019-20003 PUBLISHED: 2020-01-17 Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored XSS via the Debug-Log and Display-Log components. This could be exploited when an attacker sends an crafted string for FTP authentication. CVE-2019-3686 PUBLISHED: 2020-01-17 openQA before commit c172e8883d8f32fced5e02f9b6faaacc913df27b was vulnerable to XSS in the distri and version parameter. This was reported through the bug bounty program of Offensive Security CVE-2019-3683 PUBLISHED: 2020-01-17 The keystone-json-assignment package in SUSE Read more…


7 Ways to Get the Most Out of a Penetration Test

You’ll get the best results when you’re clear on what you want to accomplish from a pen test. 1 of 8 Here’s what you don’t want from a pen test: A 600-page report packed with detail that overwhelms everyone in your organization. Andrew Hay, chief operating officer at Lares, a security consultancy, says he’s seen too many times where pen testers overload their customers with so much information that they don’t wind up doing anything Read more…


ADP Users Hit with Phishing Scam Ahead of Tax Season

Fraudulent emails tell recipients their W-2 forms are ready and prompt them to click malicious links. Cybercriminals eager to jump-start tax season have launched a phishing campaign targeting some ADP users, telling them their W-2 forms are ready and prompting them to click a malicious link. Links embedded in the fraudulent email redirect users to a phishing website designed to look like an ADP login page. These domains were registered the same day as the Read more…


New phishing attack hijacks email conversations: How companies can protect employees

By inserting themselves into business emails among employees, cybercriminals can trick victims into wiring money or sharing payment information, says security firm Barracuda Networks. Cybercriminals use a variety of tricks to try to convince unsuspecting users to reveal sensitive and valuable information. Phishing is a well-known and general method. A more specific and direct technique gaining traction is conversation hijacking. By impersonating employees or other trusted individuals and inserting themselves in a message thread, criminals try to Read more…


Domain Name of WeLeakInfo.com Seized by FBI and DOJ

The Federal Bureau of Investigations (FBI) and the Department of Justice (DOJ) announced that they have seized the domain name for weleakinfo.com. On January 16, the U.S. Attorney’s Office for the District of Columbia announced that the FBI and DOJ had executed a warrant to seize the domain of weleakinfo.com in cooperation with law enforcement agencies in the United Kingdom, Germany, the Netherlands and Ireland. As quoted in a press statement released by the Department Read more…


Overseas Payment Processor and its Former CEO Settle FTC Allegations That They Enabled a Deceptive “Free Trial” Offer Scheme

A Latvian payment processor and its former CEO have agreed to settle the Federal Trade Commission’s complaint against them. The complaint alleges that they engaged in unlawful conduct that enabled a deceptive “free trial” offer scheme by U.S.-based defendants.  “Transact Pro helped scammers drain people’s accounts without their permission,” said Andrew Smith, Director of the Bureau of Consumer Protection. “The FTC will continue to aggressively pursue payment processors that are complicit in illegal conduct, whether they Read more…


Defendants in FTC Credit Repair Scheme Case Agree to Settle Charges

FTC

The operators of a bogus credit repair scheme are banned from the credit repair business and subject to a wide array of other requirements under settlement terms with the Federal Trade Commission. The settlements relate to an FTC complaint filed in June 2019 alleging that the defendants targeted consumers with false promises of substantially improving consumers’ credit scores by claiming to remove all negative items and “hard” credit inquiries (which can often change a consumer’s Read more…


Most high-risk apps have poor safety practices: Google Survey

High-risk consumers are conscious that criminals are more likely than the mainstream, but many of them still have poor security behaviors, a Google survey shows. High-risk user groups involve executives, lawmakers and their staff, campaigners, bloggers and media influencers. Those in these groups are more likely to be targeted in cyber attacks because of their jobs or online activities. The Harris Poll was conducted by Google to evaluate 500 U.S. high-risk users; 100 in each Read more…


Google will now accept your iPhone as an authentication key

by Lisa Vaas On Monday, Google pushed out an update for the iOS version of Smart Lock, its built-in, on-by-default password manager. Smart Lock – which has been available for Google’s Chrome browser since 2017 – now also lets iOS users set up their device as the second factor in two-factor authentication (2FA), meaning that you no longer have to carry around a separate security key dongle. Smart Lock for iOS uses the iPhone’s Secure Read more…


Facial recognition is real-life ‘Black Mirror’ stuff, Ocasio-Cortez says

by Lisa Vaas During a House hearing on Wednesday, Rep. Alexandria Ocasio-Cortez said that the spread of surveillance via ubiquitous facial recognition is like something out of the tech dystopia TV show “Black Mirror.” This is some real-life “Black Mirror” stuff that we’re seeing here. Call this episode “Surveil Them While They’re Obliviously Playing With Puppy Dog Filters.” Wednesday’s was the third hearing on the topic for the House Oversight and Reform Committee, which is Read more…


With International Tensions Flaring, Cyber-Risk Is Heating Up for All Businesses

Risks of nation-state attacks go beyond Iran, and the need for awareness and security don’t stop at any national border. (image by Pablo Lagarto, via Adobe Stock) When security issues shift from phishing and Trojans to things that explode in the night, they tend to get a lot of attention. Recent military action involving the United States and Iran has led many to speculate about possible cybersecurity repercussions, but experts question whether the threat landscape Read more…


New Attack Campaigns Suggest Emotet Threat Is Far From Over

Malware described by the DHS as among the worst ever continues to evolve and grow, researchers from Cisco Talos, Cofense, and Check Point Software say. In a troubling development for organizations, security researchers are reporting a recent resurgence in activity related to Emotet — malware that the US Department of Homeland Security (DHS) has previously described as among the most destructive ever. Cisco Talos on Thursday reported seeing increased Emotet activity targeting US military domains Read more…


Google Account Security Keys Launch for iPhone

iPhone users can now use Bluetooth to secure their Google accounts. Google has extended its Advanced Protection Program for account security to the iPhone platform, aimed at those that are the most-targeted by cybercriminals: Members of political campaign teams, journalists, activists, executives, employees in regulated industries such as finance or government, and others. It has also made the program simpler to sign up to for Android users. The idea is to add another log-in factor Read more…


%d bloggers like this: