The US Treasury Department has issued sanctions against Iran's intelligence agency in response to that country's cyberattack against Albania and other "cyber-enabled activities against the United States and its allies."β¦
In brief AT&T cybersecurity researchers have discovered a sneaky piece of malware targeting Linux endpoints and IoT devices in the hopes of gaining persistent access and turning victims into crypto-mining drones.β¦
The massive amounts of digital data being bought and sold β or sometimes freely shared β poses a grave national security risk, according to a former US policymaker and diplomat.β¦
Federal investigators and private companies seized $30 million in cryptocurrency stolen in March by North Korean-linked APT gang Lazarus Group from a video game developer, the latest example of the growing skills of government and cybersecurity experts to track and recover such ill-gotten gains.β¦
Facebook parent Meta has disbanded its Responsible Innovation Team (RIT) that it claimed last year was a central part of efforts to "proactively surface and address potential harms to society in all that we build."Β β¦
Communities like Craigslist, OfferUp, Facebook Marketplace and others are great for finding low- or no-cost stuff that one can pick up directly from a nearby seller, and for getting rid of useful things that donβt deserve to end up in a landfill. But when dealing with strangers from the Internet, there is always a risk that the person youβve agreed to meet has other intentions.
Nearly all U.S. states now have designated safe trading stations β mostly at local police departments β which ensure that all transactions are handled in plain view of both the authorities and security cameras.
These safe trading places exist because sometimes in-person transactions from the Internet donβt end well for one or more parties involved. The website Craigslistkillers has catalogued news links for at least 132 murders linked to Craigslist transactions since 2015. Many of these killings involved high-priced items like automobiles and consumer electronics, where the prospective buyer apparently intended all along to kill the owner and steal the item offered for sale. Others were motivated simply by a desire to hurt people.
This is not to say that using Craigslist is uniquely risky or dangerous; Iβm sure the vast majority of transactions generated by the site end amicably and without physical violence. And that probably holds true for all of Craigslistβs competitors.
Still, the risk of a deal going badly when one meets total strangers from the Internet is not zero, and so itβs only sensible to take a few simple precautions. For example, choosing to transact at a designated safe place such as a police station dramatically reduces the likelihood that anyone wishing you harm would even show up.
I recently stumbled upon one of these designated exchange places by accident, hence my interest in learning more about them. The one I encountered was at a Virginia county sheriffβs office, and it has two parking spots reserved with a sign that reads, βInternet Purchase & Exchange Location: This Area is Under 24 Hour Video Surveillanceβ [image above].
According to the list maintained at Safetradestations.com, there are four other such designated locations in Northern Virginia. And it appears most states now have them in at least some major cities. Safeexchangepoint.com also has a searchable index of safe trading locations in the United States and Canada.
Granted, not everyone is going to live close to one of these designated trading stations. Or maybe what you want to buy, sell or trade youβd rather not have recorded in front of police cameras. Either way, here are a few tips on staying safe while transacting in real life with strangers from the Internet (compliments of the aforementioned safe trading websites).
The safest exchange points are easily accessible and in a well-lit, public place where transactions are visible to others nearby. Try to arrange a meeting time that is during daylight hours, and consider bringing a friend along β especially when dealing with high-value items like laptops and smart phones.
Safeexchangepoint.com also advises that police or merchants that host their own exchange locations generally wonβt get involved in the details of your transaction unless specified otherwise, and that many police departments (but not all) are willing to check the serial number of an item for sale to make sure itβs not known to be stolen property.
Of course, itβs not always practical or possible to haul that old sofa to the local police department, or a used car that isnβt working. In those situations, safetradestations.com has some decent suggestions:
The US Commerce Department's Bureau of Industry and Security (BIS) has relaxed restrictions that barred export of some encryption technologies to Huawei, in the name of ensuring the United States is in a better position to negotiate global standards.β¦
Cisco patched three security vulnerabilities in its products this week, and said it will leave unpatched a VPN-hijacking flaw that affects four small business routers.β¦
Mandiant is "highly confident" that foreign cyberspies will target US election infrastructure, organizations, and individuals in the run-up to the November midterm elections.β¦
Google's open source security team says OSS-Fuzz, its community fuzzing service, has helped fix more than 8,000 security vulnerabilities and 26,000 other bugs in open source projects since its 2016 debut.β¦
US private equity investor Thoma Bravo has pulled out of its planned takeover of Darktrace, causing shares in the UK cybersecurity company to plummet.β¦
Have you ever said something you wish you could take back? Maybe it was a comment muttered in the heat of the moment that hurt someoneβs feelings. Or maybe you just had a night out full of silly antics that you wouldnβt want your boss or grandma to see.Β Β
These are completely normal occurrences that happen all the time. Weβre human! We make mistakes and letting loose every now and again is good for us. When these scenarios happen in person, weβre able to apologize or explain ourselves; however, the social media age complicates things. High-def cameras and video recorders are in everyoneβs pocket, meaning that in-person slip-ups or lapses in judgement can come back to haunt you in a cyberscheme known as doxing.Β
Doxing can be harmful to oneβs reputation and can cost someone their job, their friends, or their privacy. Here are five things you should know about doxing, plus some tips on how to prevent it from happening to you.Β
The term doxing originated from the phrase βdropping documents/docs.β It refers to a situation where an enemy or a rival seeks to tarnish the reputation of someone else by releasing documents (aka dropping docs) about them. These documents often contain personally identifiable information (PII) βΒ like full names, birthdates, addresses, employment details, financial information, phone numbers, email addresses β and private correspondences or embarrassing videos or photos. The doxer β or the person dropping the documents β will publish these private details online, whether thatβs on a forum, on social media, or a blog.Β
Doxing is considered cyberbullying because it is a form of online harassment. The doxer often does so with the intent of drumming up widespread hate about the victim and having the release of these private details negatively affect the victimβs life, such as getting them fired from their job or breaking up a relationship.Β
Doxing happens most frequently to public figures, such as celebrities, politicians, streamers, and journalists. It is also a prevalent practice in the hacking community, where hackers reveal the identities of the real people behind forum usernames. However, anyone is susceptible to having their PII or sensitive photos or videos widely released on the internet for the sake of reputation sabotage. All it takes is for one scorned partner, a disgruntled coworker, or a disagreement to set a doxer on a warpath.Β Β
When the saboteur doesnβt have to dig into your past via the dark web or through hacking a personal device, doxing isnβt illegal. Itβs malicious and can be emotionally damaging, but there is no law stopping a doxer from publishing the private details of someone else. Doxing crosses the line into a crime when it is accompanied by threats.Β Β
So, if a doxer didnβt hack a personal device or buy the PII off the dark web, where did they find these details? Oftentimes, people incriminate themselves with their social media footprint. What seems like ancient history in your social media timeline is again front and center after just a few minutes of scrolling.Β
Check out these tips that can lessen the chances of doxing happening to you:Β
In addition to the above tips, McAfee can help you fill in the gaps in your defense. McAfee Total Protection is an all-in-one privacy and identity protection service that includes all the tools you need to secure your PII and help you recover if identity theft occurs after a doxing incident. Personal Data Cleanup scans 40 risky data broker sites for your information. If you appear on any of those sites, McAfee will help you remove it to keep your PII out of a doxerβs hands.Β
The post 5 Things About Doxing You Should Know appeared first on McAfee Blog.
The North Korean state-sponsored crime ring Lazarus Group is behind a new cyberespionage campaign with the goal to steal data and trade secrets from energy providers across the US, Canada and Japan, according to Cisco Talos.β¦
It pays to do some research before taking a leap into the world of internet-connected toys
The post Toys behaving badly: How parents can protect their family from IoT threats appeared first on WeLiveSecurity