Login
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about recent skimming and phishing scams as we head into the holidays and how you can protect yourself and your organization. Also, read about how the p4 hacking team from Poland won Trend Micro’s Capture the Flag (CTF) competition in Tokyo.
Read on:
Skimming Scams and Redirection Schemes Phish Consumers Credentials Days Before Black Friday
Ahead of Black Friday, cybercriminals are busy rolling out schemes to trick consumers into sharing their card credentials. In one skimming operation, threat actors faked a retailer’s third-party payment service platform (PSP), resulting in a hybrid skimmer-phishing page. Another campaign used redirection malware on WordPress websites so that users would land on their malicious phishing page.
Polish Hacking Team Triumphs in Trend Micro CTF Competition
Machine learning, reverse engineering, and unearthing mobile and IoT vulnerabilities were among the disciplines tested during Trend Micro’s latest international capture the flag (CTF) competition. The fifth Raimund Genes Cup final pitted 13 teams of young hackers against one another. The winning team, p4 from Poland, claimed a ¥1 million prize (US $9,000) and 15,000 Zero Day Initiative points per player at the Tokyo event.
Patched GIF Processing Vulnerability CVE-2019-11932 Still Afflicts Multiple Mobile Apps
CVE-2019-11932, a vulnerability in WhatsApp for Android, was patched with version 2.19.244 of WhatsApp, but the underlying problem lies in the library called libpl_droidsonroids_gif.so, which is part of the android-gif-drawable package. While this flaw has also been patched, many applications still use the older version and remain at risk.
Don’t Overlook the Security of Your Supply Chain
In its 2020 Predictions report, Trend Micro states that organizations will face a growing risk from their cloud and the supply chain. The reliance on open source and third-party software and the introduction of modern workplace practices all present immense risks.
Trickbot Appears to Target OpenSSH and OpenVPN Data in Upgraded Password-Grabbing Module
Trickbot, which was a simple banking trojan when it arrived in 2016, has since mutated into a constantly evolving malware family that includes information theft, vulnerability exploitation, and rapid propagation among its capabilities. In Trend Micro’s recent blog, learn more about how to combat Trickbot and other similarly sophisticated threats.
Stranger Hacks into Baby Monitor, Tells Child, ‘I Love You’
A stranger hacked a Seattle couple’s baby monitor and used it to peer around their home remotely and tell the pair’s 3-year-old, “I love you,” the child’s mother said. It’s not the first time the monitor brand in question, Fredi, made by Shenzhen Jinbaixun Technology Co., Ltd., according to its website, has come under fire for being comparatively easy to access.
Microsoft Says New Dexphot Malware Infected More Than 80,000 Computers
Microsoft security engineers detailed today a new malware strain that has been infecting Windows computers since October 2018 to hijack their resources to mine cryptocurrency and generate revenue for the attackers. Named Dexphot, this malware reached its peak in mid-June this year when its botnet reached almost 80,000 infected computers.
How are you protecting yourself from skimming and phishing scams during this holiday season? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Skimming and Phishing Scams Ahead of Black Friday and Polish Hacking Team Wins Capture the Flag Competition appeared first on .
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about stalkerware and why it’s on the rise. Also, read about Trend Micro’s selection as a launch partner for the new Amazon Virtual Private Cloud (Amazon VPC) Ingress Routing service, announced during AWS re:Invent 2019.
Read on:
You’re in Safe Hands with Trend Micro Home Network Security
Your home should be a haven that protects you. In the cyber age, however, your router, computers, TVs, game consoles and smart devices are continuously connected to the internet and run the risk of being hacked—usually when you least expect it. This blog is the first of a three-part series outlining how to implement Home Network Security to protect your home.
Amazon Web Services Recognizes Trend Micro as Launch Partner for New Service
With Amazon VPC Ingress Routing, Trend Micro customers will gain benefits which include more flexibility and control traffic routing with transparent deployment and no need to re-architect. Deploying in-line allows customers to be proactive in their network security, which in turn can prevent and disrupt attacks before they can be successful.
What Worries CISOs Most In 2019
Trend Micro’s VP of infrastructure strategies, Bill Malik, recently sat down with a dozen senior IT security leaders to discuss challenges they are currently facing in light of considerable changes in their business environments. These include the high pace of acquisitions balancing executive and team focuses, bring-your-own-device (BYOD) policies and ransomware infections.
Ransomware Attack Hits Major U.S. Data Center Provider
CyrusOne, one of the biggest data center providers in the U.S., has suffered a ransomware attack and is currently working with law enforcement and forensics firms to investigate the attack. CyrusOne is also helping customers restore lost data from backups.
Stalkerware is government-style surveillance software used by individuals to spy on others, which is usually someone you know. With smartphone usage continuing to rise, a whole mini industry has appeared over the past couple of years selling monitoring software, or more treacherously, trojan spyware and code that can hide itself so that you don’t even know it’s on your device.
The California DMV Is Making $50M a Year Selling Drivers’ Personal Information
The California Department of Motor Vehicles is generating revenue of $50,000,000 a year through selling drivers’ personal information, according to a DMV document obtained by Motherboard. This information includes names, physical addresses, and car registration information.
Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK
Trend Micro has followed cyberespionage group TICK (a.k.a. “BRONZE BUTLER” or “REDBALDKNIGHT”) since 2008 but noticed an unusual increase in malware development and deployments towards November 2018 as part of a campaign dubbed “Operation ENDTRADE.”
Iran Targets Mideast Oil with ZeroCleare Wiper Malware
A freshly discovered wiper malware dubbed “ZeroCleare” has been deployed to target the energy and industrial sectors in the Middle East. According to IBM’s X-Force Incident Response and Intelligence Services (IRIS), ZeroCleare was involved in a recently spotted APT attack on an oil and gas company, in which it compromised a Windows machine via a vulnerable driver.
Trend Micro has found a new spyware family disguised as chat apps on a phishing website. Trend believes that the apps, which exhibit many cyberespionage behaviors, are initially used for a targeted attack campaign.
Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign
In November 2019, Trend Micro analyzed an exploit kit named Capesand that exploited Adobe Flash and Microsoft Internet Explorer flaws. During an analysis of the indicators of compromise (IoCs) in the deployed samples that were infecting the victim’s machines, we noticed that these samples were making use of obfuscation tools that made them virtually undetectable.
Trend Micro More Than Doubles Commitment to Underrepresented Persons in Cybersecurity
This week at AWS re:Invent, Trend Micro announced plans to further strengthen its commitment to underrepresented persons by more than doubling its annual time and financial investments to alleviate the skills and diversity gaps in cybersecurity.
Mobile Security: 80% of Android Apps Now Encrypt Network Traffic by Default
Three years ago, Google started its push to tighten network traffic protection from Android devices to web services. The company has provided an update stating that 80% of Android apps have adopted the HTTPS standard by default. HTTPS encrypts network traffic, preventing third parties from intercepting data from apps.
Magecart Sets Sights on Smith & Wesson, Other High-Profile Stores
After incidents in the past few months that saw the threat actor go after customers of online shops and hotel chains, threat actors from the infamous card-skimming group once again took action, this time on Black Friday on a new set of targets: high-profile stores, including firearms vendor Smith & Wesson (S&W).
Out on a Highway Run: Threats and Risks on ITS and Smart Vehicles
The research firm Counterpoint predicted that by 2022, the number of vehicles with embedded connectivity will grow by 270%. The expected increase in technology adoption, however, does not come without risks — from petty showcases of hacks to possibly bigger threats to safety and financial losses.
StrandHogg Android Vulnerability Allows Malware to Hijack Legitimate Apps
Researchers discovered a vulnerability in Android devices that allows malware to hijack legitimate apps. Using this vulnerability (StrandHogg), cybercriminals could trick users into granting permissions to their malicious apps and provide openings for phishing pages.
Ginp Trojan Targets Android Banking App Users, Steals Login Credentials and Credit Card Details
Counterfeit apps were found carrying a new version of the Android banking trojan Ginp (detected by Trend Micro as AndroidOS_Ginp.HRXB) to steal user login credentials and credit card details. ThreatFabric’s analysis of recent Ginp samples showed that it reused some code from Anubis, an Android malware family notorious for its use in cyberespionage activities before being re-tooled as a banking trojan.
What AWS re:Invent announcement did you find the most interesting? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Trend Micro Selected as Launch Partner for AWS Ingress Routing Service and Stalkerware on the Rise appeared first on .
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the threat campaign Waterbear and how it uses API hooking to evade security product detection. Also, read about December Patch Tuesday updates from Microsoft and Adobe.
Read on:
Waterbear is Back, Uses API Hooking to Evade Security Product Detection
Previously, Waterbear has been used for lateral movement, decrypting and triggering payloads with its loader component. In most cases, the payloads are backdoors that can receive and load additional modules. However, recently Trend Micro discovered a piece of Waterbear payload with a brand new purpose: hiding its network behaviors from a specific security product by API hooking techniques.
Microsoft December 2019 Patch Tuesday Plugs Windows Zero-Day
Microsoft has released today the December 2019 Patch Tuesday security updates. This month’s updates include fixes for 36 vulnerabilities, including a zero-day in the Windows operating system that has been exploited in the wild.
(Almost) Hollow and Innocent: Monero Miner Remains Undetected via Process Hollowing
Recently, Trend Micro found a cryptomining threat using process hollowing and a dropper component that requires a specific set of command line arguments to trigger its malicious behavior, leaving no trace for malicious activity detection or analysis to reference the file as malicious.
2020 Predictions: Black Hats Begin to Target Facial Recognition Technology
Research interest in defeating facial recognition technology is booming. Adversaries are likely taking notice, but don’t expect widespread adoption overnight. Jon Clay, director of threat communication at Trend Micro, points out that techniques ranging from deep fakes to adversarial machine learning are likely still in an early stage.
US, UK Governments Unite to Indict Hacker Behind Dreaded Dridex Malware
Maksim Yakubets, who allegedly runs Russia-based Evil Corp, the cybercriminal organization that developed and distributed banking malware Dridex, has been indicted in the United States by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC).
Trend Micro, McAfee and Bitdefender Top Cloud Workload Security List
Trend Micro, McAfee and Bitdefender were named among the leaders in a new report from Forrester Research on cloud workload security that covered 13 vendors.
BEC Scam Successfully Steals US $1 Million Using Look-Alike Domains
A Chinese venture capital firm lost US $1 million to scammers who successfully came between a deal the firm had with an Israeli startup. The business email compromise (BEC) campaign used by the attackers consisted of 32 emails and look-alike domains to trick both parties of their authenticity.
Retail Cyberattacks Set to Soar 20% in 2019 Holiday Season
As cybercriminals grow more sophisticated and holiday shoppers continue to flock online, researchers warn internet-based retailers could face a 20 percent uptick in cyberattacks this holiday season compared to last year.
Bug in Ryuk Ransomware’s Decryptor Can Lead to Loss of Data in Certain Files
Ryuk’s decryptor tool could cause data loss instead of reinstating file access to users. According to a blog post from Emsisoft, a bug with how the tool decrypts files could lead to incomplete recoveries, contrary to what the decryptor is meant to achieve.
Hacker Hacks Hacking Platform, Gets Paid $20,000 By the Hacked Hackers
HackerOne operates as a conduit between ethical hackers looking for vulnerabilities, and organizations like General Motors, Goldman Sachs, Google, Microsoft, Twitter, and the U.S. Pentagon, want to patch those security holes before malicious threat actors can exploit them. One of the hackers registered with the platform hacked HackerOne instead and was paid $20,000 (£15,250) by HackerOne as a result.
Trickbot’s Updated Password-Grabbing Module Targets More Apps, Services
Researchers from Security Intelligence have reported on a sudden increase of Trickbot’s activities in Japan, and Trend Micro researchers have found updates to the password-grabbing (pwgrab) module and possible changes to the Emotet variant that drops Trickbot.
Ransomware Recap: Snatch and Zeppelin Ransomware
Two ransomware families with noteworthy features – Snatch and Zeppelin –were spotted this week. Snatch ransomware is capable of forcing Windows machines to reboot into Safe Mode. Zeppelin ransomware, on the other hand, was responsible for infecting healthcare and IT organizations across Europe and the U.S.
Brian Krebs is the CISO MAG Cybersecurity Person of the Year
For the first time, CISO Mag named a Cybersecurity Person of the Year, who is defined as someone who been committed to bringing awareness into the realm of cybersecurity. In addition to recognizing Brian Krebs of KrebsOnSecurity.com, two other individuals were recognized: Trend Micro’s Rik Ferguson, VP of security research, and web security expert Troy Hunt.
Do you think retail cyberattacks will soar higher than 20 percent this holiday season? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: December Patch Tuesday Updates and Retail Cyberattacks Set to Soar 20 Percent During 2019 Holiday Season appeared first on .
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how Trend Micro’s collaboration with INTERPOL’s Global Complex for Innovation helped reduce cryptojacking by 78% in Southeast Asia. Also, read about three malicious apps in the Google Play Store that may be linked to the SideWinder threat group.
Read on:
First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group
Trend Micro found three malicious apps in the Google Play Store that work together to compromise a device and collect user information. The three malicious apps — disguised as photography and file manager tools — are likely to be connected to SideWinder, a known threat group that has reportedly targeted military entities’ Windows machines.
Operation Goldfish Alpha Reduces Cryptojacking Across Southeast Asia by 78%
Interpol announced the results of Operation Goldfish Alpha, a six-month effort to secure hacked routers across the Southeast Asia region. The international law enforcement agency said its efforts resulted in a drop of cryptojacking operations across Southeast Asia by 78%, compared to levels recorded in June 2019. Private sector partners included the Cyber Defense Institute and Trend Micro.
Celebrating Decades of Success with Microsoft at the Security 20/20 Awards
Trend Micro, having worked closely with Microsoft for decades, is honored to be nominated for the Microsoft Security 20/20 Partner awards in the Customer Impact and Industry Changemaker categories. Check out this blog for more information on the inaugural awards and Trend Micro’s recognitions.
Security Predictions for 2020 According to Trend Micro
Threat actors are shifting and adapting in their choice of attack vectors and tactics — prompting the need for businesses and users to stay ahead of the curve. Trend Micro has identified four key themes that will define 2020: a future that is set to be Complex, Exposed, Misconfigured and Defensible. Check out Digital Journal’s Q&A with Greg Young, vice president of cybersecurity at Trend Micro, to learn more about security expectations for this year.
The Everyday Cyber Threat Landscape: Trends from 2019 to 2020
In addition to security predictions for the new year, Trend Micro has listed some of the biggest threats from 2019 as well as some trends to keep an eye on as we begin 2020 in this blog. Many of the most dangerous attacks will look a lot like the ones Trend Micro warned about in 2019.
5 Key Security Lessons from the Cloud Hopper Mega Hack
In December 2019, the U.S. government issued indictments against two Chinese hackers who were allegedly involved in a multi-year effort to penetrate the systems of companies managing data and applications for customers via the computing cloud. The men, who remain at large, are thought to be part of a Chinese hacking collective known as APT10.
The Summit of Cybersecurity Sits Among the Clouds
Shifts in threats in the security landscape have led Trend Micro to develop Trend Micro Apex One, a newly redesigned endpoint protection solution. Trend Micro Apex One brings enhanced fileless attack detection and advanced behavioral analysis and combines Trend Micro’s powerful endpoint threat detection capabilities with endpoint detection and response (EDR) investigative capabilities.
New Iranian Data Wiper Malware Hits Bapco, Bahrain’s National Oil Company
Iranian state-sponsored hackers have deployed a new strain of data-wiping malware on the network of Bapco, Bahrain’s national oil company. The incident took place on December 29th and didn’t have the long-lasting effect hackers might have wanted, as only a portion of Bapco’s computer fleet was impacted and the company continued to operate after the malware’s detonation.
Ransomware Recap: Clop, DeathRansom, and Maze Ransomware
As the new year rolls in, new developments in different ransomware strains have emerged. For example, Clop ransomware has evolved to integrate a process killer that targets Windows 10 apps and various applications; DeathRansom can now encrypt files; and Maze ransomware has been targeting U.S. companies for stealing and encrypting data, alerted by the Federal Bureau of Investigation (FBI).
4 Ring Employees Fired for Spying on Customers
Smart doorbell company Ring said that it has fired four employees over the past four years for inappropriately accessing customer video footage. The disclosure comes in a recent letter to senators from Amazon-owned Ring as it attempts to defend the privacy of its platform, which has been plagued by data privacy incidents over the past year.
Web Skimming Attack on Blue Bear Affects School Admin Software Users
A web skimming attack was recently used to target Blue Bear, a school administration software that handles school accounting, student fees, and online stores for educational institutions. Names, credit card or debit card numbers, expiration dates and security codes, and Blue Bear account usernames and passwords may have been collected.
Patched Microsoft Access ‘MDB Leaker’ (CVE-2019-1463) Exposes Sensitive Data in Database Files
Researchers uncovered an information disclosure vulnerability (CVE-2019-1463) affecting Microsoft Access, which occurs when the software fails to properly handle objects in memory. The vulnerability, dubbed “MDB Leaker” by Mimecast Research Labs, resembles a patched information disclosure bug in Microsoft Office (CVE-2019-0560) found in January 2019.
A Trend Micro honeypot detected a cryptocurrency-mining threat on a compromised site, where the URL hxxps://upajmeter[.]com/assets/.style/min was used to host the command for downloading the main shell script. The miner, a multi-component threat, propagates by scanning vulnerable machines and brute-forcing (primarily default) credentials.
What are your thoughts on the rise of cryptomining malware and cryptojacking tactics? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: INTERPOL Collaboration Reduces Cryptojacking by 78% and Three Malicious Apps Found on Google Play May be Linked to SideWinder APT Group appeared first on .
We’re all getting a little more worldly wise to the dangers that lurk around every corner of our digital lives. We know that the flipside of being able to shop, chat, bank and share online at the push of a button is the risk of data theft, ransomware and identity fraud. That’s why we protect our families’ PCs and mobile devices with security solutions from proven providers like Trend Micro, and take extra care each time we fire up the internet.
But what about the firms that we entrust to handle our data securely?
Unfortunately, many of these organizations still aren’t doing enough to protect our personal and financial information. It could be data we enter online to pay for an item or open an account. Or it could be payment card details that we’ve used at a local outlet which are subsequently stored online. These companies are big targets for the bad guys, who only have to get lucky once to crack open an Aladdin’s Cave of lucrative customer data.
What does this mean? That data breaches are the new normal. Last year in the US there were a reported 1,473 of these incidents, exposing nearly 165 million customer records. The latest affected customers of convenience store and gas station chain Wawa — and it could be one of the biggest ever, affecting 30 million cards.
Let’s take a look at what happened, and what consumers can do to steal a march on the bad guys.
What happened this time?
Wawa first notified its customers of a payment card breach in December 2019. But although the firm discovered malware on its payment processing servers that month, it had actually been sitting there since March, potentially siphoning card data silently from every single Wawa location. That’s more than 850 stores, across Pennsylvania, New Jersey, Delaware, Maryland, Virginia, Florida, and Washington DC.
The company itself has so far declined to put a number on how many customers have been affected. However, while cardholders were still wondering whether they’ve been impacted or not, something else happened. At the end of January, a hacker began to upload the stolen cards to a notorious dark web marketplace, known as Joker’s Stash.
They are claiming to have 30 million stolen cards in total, which if accurate could make this one of the biggest card breaches of its kind, placing it alongside other incidents at Home Depot (2014) and Target (2013).
How does it affect me?
Once the data goes on sale on a dark web market like this, it is usually bought by scammers, who use it in follow-on identity fraud attacks. In this case, the stolen data includes debit and credit card numbers, expiration dates and cardholder names, but not PINs or CVV records. That means they can’t be used at ATMs and fraudsters will find it hard to use the cards online, as most merchants require the CVV number.
However, if the cards are of the old magstripe type, they could be cloned for use in face-to-face transactions.
Although Wawa said it has informed the relevant card issuers and brands, the cardholders themselves must monitor their cards for unusual transactions and then report to their issuer “in a timely manner” if they want to be reimbursed for any fraudulent usage. This can be a distressing, time-consuming process.
What should I do next?
This is by no means the first and it won’t be the last breach of this kind. In the past, data stolen from customers of Hilton Hotels, supermarket chain Hy-Vee, retailer Bebe Stores, and restaurant chains including Krystal, Moe’s and Schlotzsky’s has turned up for sale on Joker’s Stash. It can be dispiriting for consumers to see their personal data time and again compromised in this way by cyber-criminals.
Too often in the aftermath of such incidents, the customers themselves are left in the dark. There is no information on whether they’ve definitively had their personal or card data stolen, just an ominous sense that something bad may be about to happen. If the company itself doesn’t even know how many cards have been affected, how can you act decisively?
Credit monitoring is often provided by breached firms, but this is a less-than-perfect solution. For one thing, such services only alert the user if a new line of credit is being opened in their name — not if a stolen card is being used. And second, they only raise the alarm after the incident, by which time the fraudsters may already have made a serious dent in your finances.
Monitoring your bank account for fraudulent transactions is arguably more useful in cases like the Wawa breach, but it’s still too reactive. Here’s a handy 2-step plan which could provide better results:
Step 1: Dark web monitoring works
To get more proactive, consumers need Dark Web monitoring. These tools typically scour dark web sites like Joker’s Stash to look for your personal information. The beauty of this approach is that it can raise the alarm after a breach has occurred, when the data is posted to the Dark Web, but before a fraudster has had time to monetize your stolen details. With this information, you can proactively request that your lender block a particular card and issue a new one.
This approach works for all personal data you may want to keep protected, including email addresses, driver’s license, passport numbers and passwords.
Step 2: Password protection
Once you’ve determined that your data has been part of a breach and is being sold on the dark web, one of the most important things you can do is to change your passwords to any stolen accounts, in order to minimize the potential damage that fraudsters can do.
This is where password manager tools can come in very handy. They allow users to store and recall long, strong and unique credentials for each of the websites and apps they use. This means that if one password is compromised, as in a breach scenario, your other accounts will remain secure. It also makes passwords harder for hackers to guess, which they may try to do with automated tools if they already have your email address.
Following a breach, it also makes sense to look out for follow-on phishing attacks which may try to trick you into handing over more information to the fraudsters. Here are a few tips:
|
|
How Trend Micro can help
Fortunately, Trend Micro has several products that can help you, as a potential or actual victim of a data breach, to proactively mitigate the fallout from a serious security incident, or to foil the fraudsters:
Trend Micro ID Security: checks if your personal information has been uploaded to Dark Web sites by hackers. This highly secure service, available in apps for Android and iOS mobile devices, uses data hashing and an encrypted connected to keep your details safe, alerting when it has found a match on the Dark Web so you can take action. Use it to protect your emails, credit card numbers, passwords, bank accounts, passport details and more.
Trend Micro Password Manager: provides a secure place to store, manage and update your passwords. It remembers your log-ins, so you can create secure and unique credentials for each website/app you need to sign-in to. This means if one site is breached, hackers will not be able to use that password to open your other accounts. Password Manager is available for Windows, Mac, iOS, and Android, synchronizing your passwords across all four platforms.
Trend Micro Fraud Buster: is a free online service you can use to check suspicious emails It uses advanced machine learning technology to identify scam emails that don’t contain malicious URLs or attachments but still pose a risk to the user, because the email (which may be extortionist) reflects the fact that the fraudster probably got your email address from the Dark Web in the first place. Users can then decide to report the scam, get more details, or proceed as before.
Fraud Buster is also now integrated into Trend Micro Security for Windows, protecting Gmail and Outlook webmail in Internet Explorer, Chrome, and Firefox. It’s also integrated in Trend Micro Antivirus for Mac, where it does the same for Gmail webmail in Safari, Chrome and Firefox on the Mac.
In the end, only you can guard your identity credentials with vigilance.
The post The Wawa Breach: 30 Million Reasons to Try Dark Web Monitoring appeared first on .
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about why Zoom has released an update for its Linux, Mac, and Windows apps that removes the meeting ID from the app’s title bar. Also, read about Trend Micro’s latest research on cloud-specific security, with examples of threats and risks that organizations could face when migrating to the cloud or using cloud services.
Read on:
Trend Micro Study Shows Cloud Misconfiguration as Major Threat
This week, Trend Micro released new research findings concerning cloud security, a major area of concern for enterprises of all sizes. The research confirms the role of both human errors and complex deployments in creating cloud-based cyber threats; above all, Trend Micro notes the dangers of cloud misconfiguration to cloud environments.
NCSA Small Business Webinar Series
The National Cyber Security Alliance is hosting a series of webinars for small business owners, and Trend Micro is proud to support this effort with guest speakers sharing threat intelligence and security expertise. The topics will help small companies deal with the challenges of COVID-19, including sessions on telework, digital spring cleaning, e-commerce security, how to avoid COVID-19 scams and more.
Cisco ‘Critical Update’ Phishing Attack Steals Webex Credentials
An ongoing phishing campaign is reeling in victims with a recycled Cisco security advisory that warns of a critical vulnerability. The campaign urges victims to “update,” only to steal their credentials for Cisco’s Webex web conferencing platform instead. The campaign is looking to leverage the wave of remote workers who have come to rely on online conferencing tools like Webex and other platforms.
Principles of a Cloud Migration – From Step One to Done
Cloud migrations are happening every day and analysts predict over 75% of mid-size to large enterprises will migrate a workload to the cloud by 2021 – but how can you make sure your workload is successful? In this multi-part blog series, Trend Micro explores best practices, forward thinking, and use cases around creating a successful cloud migration from multiple perspectives.
Zoomed In: A Look into a Coinminer Bundled with Zoom Installer
Trend Micro recently found a Coinminer bundled with the legitimate installer of video conferencing app Zoom, luring users who want to install the software but end up downloading a malicious file. The compromised files are assumed to come from fraudulent websites. Trend Micro has been working with Zoom to ensure that they are able to communicate this to their users appropriately.
Investigation into a Nefilim Attack Shows Signs of Lateral Movement, Possible Data Exfiltration
Trend Micro’s Managed XDR (MxDR) and Incident Response (IR) teams recently investigated an incident involving a company that was hit by the Nefilim ransomware, which was initially discovered in March 2020. What makes Nefilim especially devious is that the threat actors behind the attack threaten to release the victim’s stolen data on an online leak site.
Zoom Removes Meeting IDs from App Title Bar to Improve Privacy
Video conferencing service Zoom has released an update for its Linux, Mac, and Windows apps that removes the meeting ID from the app’s title bar. The update comes after the company’s users have often leaked their meeting IDs, and even meeting passwords, when sharing screenshots of their meetings on social media.
Analysis: Suspicious “Very Hidden” Formula on Excel 4.0 Macro Sheet
A malicious Microsoft Excel 4.0 Macro sheet with a suspicious formula that is set as “Very Hidden” was submitted by a customer and further analyzed by Trend Micro researchers. The sheet is not readily accessible via the Microsoft Excel User Interface (UI) due to a feature documented in the Microsoft website that allows users to hide sheets. The compromised files were commonly used as an attachment in spam.
Actively Exploited MS Exchange Flaw Present on 80% of Exposed Servers
Attackers looking to exploit CVE-2020-0688, a critical Microsoft Exchange flaw patched by Microsoft in February 2020, don’t have to look hard to find a server they can attack: according to an internet-wide scan performed by Rapid7 researchers, there are at least 315,000 and possibly as many as 350,000 vulnerable on-premise Exchange servers (out of 433,464 total) out there.
Misconfigured Docker Daemon API Ports Attacked for Kinsing Malware Campaign
A campaign that targets misconfigured Docker Daemon API ports through Kinsing malware was reported by security researchers from Aqua Security. The campaign exploited the ports to run an Ubuntu container. According to the researchers, Kinsing malware’s strings revealed that it is a Golang-based Linux agent.
Threat Actors Deliver Courier-Themed Spam Campaign with Attached ACE Files
Trend Micro researchers detected a new courier service-themed malicious spam campaign that uses ACE files as attachments. The samples were gathered from Trend Micro’s honeypot. The email poses as a shipment arrival notification with a fake receipt attached. It then convinces receivers to download the attachment by asking them to check if the address on the receipt is correct.blo
Exploring Common Threats to Cloud Security
Trend Micro’s recent cloud research provides examples of threats and risks organizations could face when migrating to the cloud or using cloud services. No matter the cloud service or platform, the common theme is that misconfiguration continues to be one of the major pitfalls of cloud security, affecting both companies who subscribe to cloud services and users of software that are hosted on the cloud.
PowerPoint ‘Weakness’ Opens Door to Malicious Mouse-Over Attack
A researcher is sounding the alarm over what he believes could be a novel attack vector which allows a hacker to manipulate a PowerPoint file to download and begin the installation of malware, simply by hovering over a hypertext link. The technique does require a victim to accept one pop-up dialogue box to run or install a program. For those reasons, Microsoft does not consider this a vulnerability.
Cloud Transformation Is the Biggest Opportunity to Fix Security
Lower costs, improved efficiencies and faster time to market are some of the primary benefits of transitioning to the cloud. However, it’s not done overnight. It can take years to move complete data centers and operational applications to the cloud and the benefits won’t be fully realized until most functional data have been transitioned.
Who is World Wired Labs and Why Are They Selling an Android Trojan?
A company advertising a remote access tool frequently used by criminals and nation-state hackers may be serving as a front for a Chinese hacking group, according to research published by BlackBerry Cylance. In a report on remote access trojans (RAT), researchers detail an Android malware variant, which they call PWNDROID4, that can be used to monitor targets’ phone calls, record audio, send and receive text messages, and track victims’ GPS location.
Is your organization looking to migrate to the cloud? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Exploring Common Threats to Cloud Security and Zoom Removes Meeting IDs from App Title Bar to Improve Privacy appeared first on .
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about how the operators of the Shade (Troldesh) ransomware have shut down and released more than 750,000 decryption keys. Also, learn about an attack using Zoom installers to spread a WebMonitor RAT malware.
Read on:
The Industry 4.0 Lab Never Ignores Brownfields – What POLIMI and Trend Micro Aim to Prove
It takes time for new technologies to penetrate the market and even the most innovative technology must be used safely and with confidence. Industry 4.0 technology is no exception. Engineers and researchers, including those at Politecnico di Milano (POLIMI) and Trend Micro, are currently investigating how to map ICT technology principles onto OT environments, including factory environments.
Shade (Troldesh) Ransomware Shuts Down and Releases Decryption Keys
The operators of the Shade (Troldesh) ransomware have shut down and, as a sign of goodwill, have released more than 750,000 decryption keys that past victims can now use to recover their files. Security researchers from Kaspersky Lab have confirmed the validity of the leaked keys and are now working on creating a free decryption tool.
Trend Micro’s Top Ten MITRE Evaluation Considerations
The MITRE ATT&CK framework, and the evaluations, have gone a long way in helping advance the security industry, and the individual security products serving the market. The insight garnered from these evaluations is incredibly useful but can be hard to understand. In this blog, read Trend Micro’s top 10 key takeaways for its evaluation results.
New Android Malware Steals Banking Passwords, Private Data and Keystrokes
A new type of mobile banking malware has been discovered abusing Android’s accessibility features to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes. Dubbed “EventBot” by Cybereason researchers, the malware can target over 200 different financial apps, including banking, money transfer services, and crypto-currency wallets.
Principles of a Cloud Migration – Security, The W5H – Episode WHAT?
Last week in Trend Micro’s cloud migration blog series, we explained the “WHO” of securing a cloud migration, detailing each of the roles involved with implementing a successful security practice during the migration. This week, Trend Micro touches on the “WHAT” of security: the key principles required before your first workload moves.
Critical WordPress e-Learning Plugin Bugs Open Door to Cheating
Researchers have disclosed critical-severity flaws in three popular WordPress plugins used widely by colleges and universities: LearnPress, LearnDash and LifterLMS. The flaws, now patched, could allow students to steal personal information, change their grades, cheat on tests and more.
WebMonitor RAT Bundled with Zoom Installer
The COVID-19 pandemic has highlighted the usefulness of communication apps for work-from-home setups. However, as expected, cybercriminals look to exploit popular trends and user behavior. Trend Micro has witnessed threats against several messaging apps, including Zoom. In April, Trend Micro spotted an attack using Zoom installers to spread a cryptocurrency miner. Trend Micro recently encountered a similar attack that drops a different malware: RevCode WebMonitor RAT.
Group Behind TrickBot Spreads Fileless BazarBackdoor
A new campaign is spreading a new malware named “BazarBackdoor,” a fileless backdoor created by the same threat actors behind TrickBot, according to BleepingComputer. The conclusion is drawn due to similarities in code, crypters, and infrastructure between the two malware variants. The social engineering attacks used to spread the backdoor use topics such as customer complaints, COVID-19-themed payroll reports, and employee termination lists for the emails they send out.
Critical Adobe Illustrator, Bridge and Magento Flaws Patched
Adobe is warning of critical flaws in Adobe Bridge, Adobe Illustrator and the Magento e-commerce platform. If exploited, the most severe vulnerabilities could enable remote code execution on affected systems. Francis Provencher, Mat Powell, and an anonymous reporter were credited for discovering the flaws, all working with Trend Micro’s Zero Day Initiative.
Guidance on Kubernetes Threat Modeling
Kubernetes is one of the most used container orchestration systems in cloud environments. As such, like any widely used application, it is an attractive target for cybercriminals and other threat actors. In this blog, Trend Micro shares three general areas that cloud administrators need to secure their deployments against, as they can introduce threats or risks to their Kubernetes-driven containerization strategies.
Loki Info Stealer Propagates Through LZH Files
Trend Micro previously encountered a spam sample that propagates the info stealer Loki through Windows Cabinet (CAB) files. Recently, Trend Micro also acquired another sample that delivers the same malware, but through LZH compressed archive files. Trend Micro detects the attachment and the dropper as TrojanSpy.Win32.LOKI.TIOIBYTU.
Security 101: How Fileless Attacks Work and Persist in Systems
As security measures improve, modern adversaries continue to craft sophisticated techniques to evade detection. One of the most persistent evasion techniques involves fileless attacks, which don’t require malicious software to break into a system. Instead of relying on executables, these threats misuse tools that are already in the system to initiate attacks.
COVID-19 Lockdown Fuels Increase in RDP Attacks
The number of attacks abusing the remote desktop protocol (RDP) to compromise corporate environments has increased significantly over the past couple of months, according to Kaspersky. With employees worldwide forced to work from home due to the COVID-19 pandemic, the volume of corporate traffic has increased significantly, just as the use of third-party services has increased to keep teams connected and efficient.
What measures are you taking to secure your migration to the cloud? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Shade Ransomware Shuts Down, Releases Decryption Keys and WebMonitor RAT Bundled with Zoom Installer appeared first on .
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Microsoft’s largest-ever Patch Tuesday update including 129 CVEs. Also, read about a new Android Spyware dubbed ActionSpy.
Read on:
Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update
Microsoft has released patches for 129 vulnerabilities as part of its June Patch Tuesday updates – the highest number of CVEs ever released by Microsoft in a single month. Within the blockbuster security update, 11 critical remote code-execution flaws were patched in Windows, SharePoint server, Windows Shell, VBScript and other products.
#LetsTalkSecurity: Become the Hunter
This week, Rik Ferguson, vice president of Security Research at Trend Micro, hosted the sixth episode of #LetsTalkSecurity featuring guest Jake Williams, founder of Rendition Infosec. Check out this week’s episode and follow the link to find more information about upcoming episodes and guests.
Not Just Good Security Products, But a Good Partner
This week, Trend Micro announced it has been placed in the Champions quadrant of the Canalys Global Cybersecurity Leadership Matrix, in recognition of major investments and improvements in the channel over the past year. The report particularly highlights Trend Micro’s partner portal improvements that include significant investments in deal registration, sales kits, promotions and training.
12 Biggest Cloud Threats and Vulnerabilities In 2020
Data breaches, cybercrime and targeted attacks in the cloud have driven demand for cloud security products and services in recent years. From misconfigured storage buckets and excess privileges to Infrastructure as Code (IoC) templates and automated attacks, here’s a look at 12 of the biggest cloud threats technical experts are worried about this year. Data breaches, cybercrime and targeted attacks in the cloud have driven demand for cloud security products and services in recent years.
Trend Micro Guardian: Protecting Your Kids On-the-Go
Some smart devices are not limited for use on the home network, for example, your child’s mobile phone or tablet. Keeping your kids safe with on-the-go devices means extending your security policies beyond the home. Trend Micro Home Network Security makes it easy with its free app, Trend Micro Guardian. Guardian integrates with HNS’s parental control rules via Mobile Device Management technology to extend the rules you’ve applied on your home network to your children’s Wi-Fi/mobile connections outside the home.
Microsoft Discovers Cryptomining Gang Hijacking ML-Focused Kubernetes Clusters
Microsoft published a report detailing a never-before-seen series of attacks against Kubeflow, a toolkit for running machine learning (ML) operations on top of Kubernetes clusters. The attacks have been going on since April, and Microsoft says its end-goal has been to install a cryptocurrency miner on Kubernetes clusters running Kubeflow instances exposed to the internet.
New Tekya Ad Fraud Found on Google Play
In late March, researchers from CheckPoint found the Tekya malware family being used to carry out ad fraud on Google Play. These apps have since been removed from the store, but Trend Micro recently found a variant of this family that had made its way onto Google Play via five malicious apps, although these have also been removed.
Fake COVID-19 Contact-Tracing Apps Infect Android Phones
Security researchers have identified 12 malicious Android applications, disguised to appear as official government COVID-19 contact-tracing apps, distributing malware onto devices. The Anomali Threat Research team found multiple applications containing a range of malware families, primarily banking Trojan Anubis and SpyNote, an Android Trojan with the goal of collecting and monitoring data on infected devices.
Tracking, Detecting, and Thwarting PowerShell-based Malware and Attacks
While traditional malware and attacks rely on crafted executables to function, fileless malware reside in memory to evade traditional scanners and detection methods. PowerShell, a legitimate management tool used by system administrators, provides an ideal cover for threat actors as they craft payloads heavily dependent on its deep Windows integration. Trend Micro has published multiple reports on this phenomenon, which has been further validated by telemetry data.
Updated Analysis on Nefilim Ransomware’s Behavior
Shortly after the discovery of Nefilim in March 2019, Trend Micro released its analysis of the ransomware and its behavior. Through recent investigations of cases observed in several companies, Trend Micro has amassed more information on how this ransomware operates. Some notable updates added the use of other tools such as Mimikatz, AdFind, CobaltStrike, and MegaSync, and the description of events that occur within the attack phases weeks or even months before the ransomware is deployed.
New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa
While tracking Earth Empura, also known as POISON CARP/Evil Eye, Trend Micro identified an undocumented Android spyware it has dubbed ActionSpy. During the first quarter of 2020, Trend Micro observed Earth Empusa’s activity targeting users in Tibet and Turkey before they extended their scope to include Taiwan.
Babylon Health Admits ‘Software Error’ Led to Patient Data Breach
Babylon Health, a UK AI chatbot and telehealth startup which has been valued in excess of $2BN, has suffered an embarrassing data breach after a user of the app found he was able to access other patients’ video consultations. The company confirmed the breach yesterday, telling the BBC that a “software error” related to a feature that lets users switch from audio to video-based consultations part way through a call had caused a “small number” of UK users to be able to see others sessions.
In part three of this five-part blog series, Trend Micro looks at the security risks of promoting smart factories by examining overlooked attack vectors, feasible attack scenarios, and recommended defense strategies. This blog describes the usage of Industrial IoT (IIoT) devices and overlooked security risks in software supply chains.
Surprised by the new Android spyware ActionSpy that was revealed via phishing attacks from Earth Empusa? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update and New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa appeared first on .
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about two recently detected variants of existing Linux botnet malware types targeting exposed Docker servers. Also, read about a group of vulnerabilities dubbed Ripple20 that have the potential to critically impact millions of IoT devices across many different industries.
Read on:
The Fear of Vendor Lock-in Leads to Cloud Failures
Vendor lock-in, the fear that by investing too much with one vendor an organization reduces their options in the future, has been an often-quoted risk since the mid-1990s. Organizations continue to walk a fine line with their technology vendors. Ideally, you select a set of technologies that not only meet your current needs but that align with your future vision as well.
How Do I Select a Mobile Security Solution for My Business?
The percentage of companies admitting to suffering a mobile-related compromise has grown, despite a higher percentage of organizations deciding not to sacrifice the security of mobile devices to meet business targets. To make things worse, the C-suite is the most likely group within an organization to ask for relaxed mobile security protocols – despite also being highly targeted by cyberattacks.
Knowing Your Shared Security Responsibility in Microsoft Azure and Avoiding Misconfigurations
Trend Micro is excited to launch new Trend Micro Cloud One – Conformity capabilities that will strengthen protection for Azure resources. As with any launch, there is a lot of new information, so we held a Q&A with one of the founders of Conformity, Mike Rahmati. In the interview, Mike shares how these new capabilities can help customers prevent or easily remediate misconfigurations on Azure.
FBI Warns K-12 Schools of Ransomware Attacks via RDP
The US Federal Bureau of Investigation (FBI) this week sent out a security alert to K-12 schools about the increase in ransomware attacks during the coronavirus pandemic, and especially about ransomware gangs that abuse RDP connections to break into school systems.
XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers
Trend Micro recently detected variants of two existing Linux botnet malware types targeting exposed Docker servers: XORDDoS malware and Kaiji DDoS malware. Having Docker servers as their target is a new development for both XORDDoS and Kaiji; XORDDoS was known for targeting Linux hosts on cloud systems, while recently discovered Kaiji was first reported to affect internet of things (IoT) devices.
Frost & Sullivan Employee, Customer Data for Sale on Dark Web
A group is hawking records of more than 12,000 Frost & Sullivan employees and customers on a hacker folder. According to Cyble CEO Beenu Arora the breach was a result of a misconfigured backup directory on one of Frost & Sullivan’s public-facing servers. The KelvinSecurity Team said they put the information – which includes names, email addresses, company contacts, login names and hashed passwords – for sale in a hacking forum to sound the “alarm” after Frost & Sullivan didn’t respond to the group’s attempt to alert it to the exposed database.
Millions of IoT Devices Affected by Ripple20 Vulnerabilities
Israeli cybersecurity firm JSOF has released information on a group of vulnerabilities dubbed Ripple20. These vulnerabilities have the potential to critically impact millions of internet of things (IoT) devices across many different industries — crucial machines in the medical, oil and gas, transportation, power, and manufacturing industries can be affected by these bugs.
Nvidia Warns Windows Gamers of Serious Graphics Driver Bugs
Graphics chipmaker Nvidia has fixed two high-severity flaws in its graphics drivers. Attackers can exploit the vulnerabilities to view sensitive data, gain escalated privileges or launch denial-of-service (DoS) attacks in impacted Windows gaming devices.
Cyberattacks from the Frontlines: Incident Response Playbook for Beginners
For enterprises, staying competitive in an ever-changing market involves keeping up with the latest technological trends. However, without the parallel development of security infrastructure and robust response, new technology could be used as a conduit for cyberthreats that result in losses. Organizations should aim to prevent these breaches from happening — but having protocols for reducing a breach lifecycle is an essential and realistic approach for dealing with current threats.
OneClass Unsecured S3 Bucket Exposes PII on More than One Million Students, Instructors
An unsecured database belonging to remote learning platform OneClass has exposed information associated with more than a million students in North America who use the platform to access study guides and educational assistance. Data exposed includes full names, email addresses (some masked), schools and universities attended, phone numbers, school and university course enrollment details and OneClass account details.
During the past decade, various countries and industries have actively developed guidelines and frameworks for OT security. Recently, multiple guidelines have been integrated, and two standards as global standards are IEC62443 and the NIST CSF, SP800 series, from the viewpoint of security in smart factories. In this series, Trend Miro explains the overviews of IEC62443 and NIST CSF, in order to understand their concepts required for security in smart factories.
Many businesses have misperceptions about cloud environments, providers, and how to secure it all. In order to help separate fact from fiction when it comes to your cloud environment, Trend Micro debunks 8 myths to help you confidently take the next steps in the cloud.
Does your organization have an incident response playbook for potential breaches? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices appeared first on .
We’ve all been spending more of our time online since the crisis hit. Whether it’s ordering food for delivery, livestreaming concerts, holding virtual parties, or engaging in a little retail therapy, the digital interactions of many Americans are on the rise. This means we’re also sharing more of our personal and financial information online, with each other and the organizations we interact with. Unfortunately, as ever, there are bad guys around every digital corner looking for a piece of the action.
The bottom line is that personally identifiable information (PII) is the currency of internet crime. And cyber-criminals will do whatever they can to get their hands on it. When they commit identity theft with this data, it can be a messy business, potentially taking months for banks and businesses to investigate before you get your money and credit rating back. At a time of extreme financial hardship, this is the last thing anyone needs.
It therefore pays to be careful about how you use your data and how you protect it. Even more: it’s time to get proactive and monitor it—to try and spot early on if it has been stolen. Here’s what you need to know to protect your identity data.
How identity theft works
First, some data on the scope of the problem. In the second quarter of 2020 alone 349,641 identity theft reports were filed with the FTC. To put that in perspective, it’s over half of the number for the whole of 2019 (650,572), when consumers reported losing more than $1.9 billion to fraud. What’s driving this huge industry? A cybercrime economy estimated to be worth as much as $1.5 trillion annually.
Specialized online marketplaces and private forums provide a user-friendly way for cyber-criminals and fraudsters to easily buy and sell stolen identity data. Many are on the so-called dark web, which is hidden from search engines and requires a specialized anonymizing browser like Tor to access. However, plenty of this criminal activity also happens in plain sight, on social media sites and messaging platforms. This underground industry is an unstoppable force: as avenues are closed down by law enforcement or criminal in-fighting, other ones appear.
At-risk personal data could be anything from email and account log-ins to medical info, SSNs, card and bank details, insurance details and much more. It all has a value on the cybercrime underground and the price fraudsters are prepared to pay will depend on supply and demand, just like in the ‘real’ world.
There are various ways for attackers to get your data. The main ones are:
|
|
The COVID-19 challenge
As if this weren’t enough, consumers are especially exposed to risk during the current pandemic. Hackers are using the COVID-19 threat as a lure to infect your PC or steal identity data via the phishing tactics described above. They often impersonate trustworthy institutions/officials and emails may claim to include new information on outbreaks, or vaccines. Clicking through or divulging your personal info will land you in trouble. Other fraud attempts will try to sell counterfeit or non-existent medical or other products to help combat infection, harvesting your card details in the process. In March, Interpol seized 34,000 counterfeit COVID goods like surgical masks and $14m worth of potentially dangerous pharmaceuticals.
Phone-based attacks are also on the rise, especially those impersonating government officials. The aim here is to steal your identity data and apply for government emergency stimulus funds in your name. Of the 349,641 identity theft reports filed with the FTC in Q2 2020, 77,684 were specific to government documents or benefits fraud.
What do cybercriminals do with my identity data?
Once your PII is stolen, it’s typically sold on the dark web to those who use it for malicious purposes. It could be used to:
|
|
How do I protect my identity online?
The good news among all this bad is that if you remain skeptical about what you see online, are cautious about what you share, and follow some other simple rules, you’ll stand a greater chance of keeping your PII under lock and key. Best practices include:
|
|
How Trend Micro can help
Trend Micro offers solutions that can help to protect your digital identity.
Trend Micro ID Security is the best way to get proactive about data protection. It works 24/7 to monitor dark web sites for your PII and will sound the alarm immediately if it finds any sign your accounts or personal data have been stolen. It features
|
|
Trend Micro Password Manager enables you to manage all your website and app log-ins from one secure location. Because Password Manager remembers and recalls your credentials on-demand, you can create long, strong and unique passwords for each account. As you’re not sharing easy-to-remember passwords across multiple accounts, you’ll be protected from popular credential stuffing and similar attacks.
Finally, Trend Micro WiFi Protection will protect you if you’re out and about connecting to WiFi hotspots. It automatically detects when a WiFi connection isn’t secure and enables a VPN—making your connection safer and helping keep your identity data private.
In short, it’s time to take an active part in protecting your personal identity data—as if your digital life depended on it. In large part, it does.
The post Identity Fraud: How to Protect Your Identity Data, Accounts and Money During the Coronavirus Crisis appeared first on .
Today, there are so many different avenues where we receive information.
Personally, I prefer finding out what’s going on in the world by scanning my favorite news channels’ websites and by receiving personalized feeds and notifications to my phone. My wife, however, scans social media platforms – from Facebook to Twitter to Instagram – to discover the latest happenings. My teenage daughter spends 2+ hrs a day on social media platforms engaging with her friends.
While were initially meant to help us stay connected, they come with their own handful of security implications. Let’s explore what these threats are and how to stay protected.
Users rely on social media to feel connected. So while the world was social distancing, social media grew more popular than ever before – as of March 2020, people are on social media 44% more worldwide. However, with these platforms being so popular, they’ve become a hotspot for cybercriminal schemes.
There’s a variety of potential threats on social platforms, including misinformation, account takeovers, and phishing scams. The latter threat is all too common, as these platforms have become a popular avenue for cybercriminals to spread troublesome links and websites.
To lure unsuspecting users into clicking on these links, hackers often tap into what consumers care about. These topics have ranged from fake tech support scams to getting verified on Instagram.
At McAfee, we want users to enjoy a safe online social life. That’s why we created a new McAfee® WebAdvisor feature that scans for dangerous links across six major social media sites – Facebook, Twitter, YouTube, Instagram, Reddit, and LinkedIn – so users can scroll their feeds with confidence. To do this, McAfee WebAdvisor now color codes links across these social platforms, as it has always done for online searches, to show which ones are safe to visit.
It’s important to take advantage of new technologies that help us adapt and grow into security superstars. My family and I are excited to see this new feature roll out across our existing McAfee® Total Protection subscription. That way we can keep up with the latest news and trends, as well as stay connected with family and friends without worrying about any potential threats. I can sleep much better at night knowing that my whole family will be both connected and protected.
To stay updated on all things McAfee and for more resources on staying secure from home, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Stay Connected & Protected: Weaving Security Into Our Social Media Habits appeared first on McAfee Blogs.
Spooky season is among us, and ghosts and goblins aren’t the only things hiding in the shadows. Online threats are also lurking in the darkness, preparing to haunt devices and cause some hocus pocus for unsuspecting users. This Halloween season, researchers have found virtual zombies and witches among us – a new trojan that rises from the dead no matter how many times it’s deleted and malicious code that casts an evil spell to steal users’ credit card data.
Let’s unlock the mystery of these threats so you can avoid cyber-scares and continue to live your online life free from worry.
Just like zombies, malware can be a challenge to destroy. Oftentimes, it requires a user to completely wipe their device by backing up files, reinstalling the operating system, and starting from scratch. But what if this isn’t enough to stop the digital walking dead from wreaking havoc on your device?
Recently, a new type of Trojan has risen from the dead to haunt users no matter how many times it’s deleted. This zombie-like malware attaches itself to a user’s Windows 10 startup system, making it immune to system wipes since the malware can’t be found on the device’s hard drive. This stealthy malware hides on the device’s motherboard and creates a Trojan file that reinstalls the malware if the user tries to remove it. Once it sets itself up in the darkness, the malware scans for users’ private documents and sends them to an unknown host, leaving the user’s device in a ghoulish state.
A malware misfortune isn’t the only thing that users should beware of this Halloween. Cybercriminals have also managed to inject malicious code into a wireless provider’s web platform, casting an evil spell to steal users’ credit card data. The witches and warlocks allegedly responsible for casting this evil spell are part of a Magecart spin-off group that’s known for its phishing prowess. To pull off this attack, they plated a credit card skimmer onto the wireless provider’s checkout page. This allowed the hackers to exfiltrate users’ credit card data whenever they made a purchase – a spell that’s difficult to break.
While these threats might seem like just another Halloween trick, there are other forces at play. According to McAfee’s Quarterly Threats Report from July 2020, threats like malware phishing and trojans have proven opportunistic for cybercriminals as users spend more and more time online – whether it be working from home, distance learning, or connecting with friends and loved ones. In fact, McAfee Labs observed 375 threats per minute in Q1 2020 alone.
So, as hackers continue to adapt their techniques to take advantage of users spending more time online, it’s important that people educate themselves on emerging threats so they can take necessary precautions and live their digital lives free from worry.
Fortunately, there are a number of steps you can take to prevent these threats from haunting your digital life. Follow these tips to keep cybersecurity tricks at bay this spooky season:
Zombie malware is easily spread by phishing, which is when scammers try to trick you out of your private information or money. If you receive an email from an unknown user, it’s best to proceed with caution. Don’t click on any links or open any attachments in the email and delete the message altogether.
Look over your credit card accounts and bank statements often to check whether someone is fraudulently using your financial data – you can even sign up for transaction alerts that your bank or credit card company may provide. If you see any charges that you did not make, report it to the authorities immediately.
Add an extra layer of protection with a security solution like McAfee® Total Protection to help safeguard your digital life from malware and other threats. McAfee Total Protection also includes McAfee® WebAdvisor – web protection that enables users to sidestep attacks before they happen with clear warnings of risky websites, links, and files.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Trick or Treat: Avoid These Spooky Threats This Halloween appeared first on McAfee Blogs.
There are few situations more personal than a distressed family member calling to ask for financial help. But personal is precisely the angle bad actors are taking these days in scams that target both the young and old.
Called “The Grandparent Scam,” this con usually begins with a simple, “Hi, Grandma!” from a criminal posing as the victim’s grandchild who claims to be in trouble. Then comes the ask — that the loving (and worried) Grandparent wire money for bail, airfare, a collision, or some other emergency. Some scammers have even managed to spoof the incoming caller ID to read “U.S. District Court.”
Safe Family Tips: 1) Ask the caller to prove who they are and call the child’s parent or another relative to verify the situation. 2) Never wire money, gift cards, or send cash by courier. 3) Be skeptical of “urgent” requests and tearful pleas for cash or personal information.
While it’s hard to imagine being duped by this kind of phone call, you might be surprised to learn that it’s younger people falling hardest for scams. The Federal Trade Commission reports that Millennials (20-30-year-olds) are most likely to lose money to online fraud. The top 5 scams targeting Millennials include online shopping, business imposters, government imposters, fake check scams, and romance scams.
Safe Family Tips: Be skeptical when shopping online. Cybercriminals have created countless look-a-like merchant sites to gain access to your credit card and other personal information. Confirm the seller’s physical address and phone number before you make a purchase. Consider putting security software on your family’s devices that protect against malware, viruses, and provide families with Virtual Private Network (VPN) encryption for safe shopping.
With many school districts operating on a hybrid virtual and in-class education model, the digital gap between teachers and remote students has given bad actors a new channel to launch ransomware, phishing, and social engineering scams against exposed IT infrastructures. According to the FBI, “cyber actors are likely to increase targeting of K-12 schools during the COVID-19 pandemic.”
Too, a recent Microsoft Security Intelligence study found that 61 percent of the 7.7 million malware over the previous month targeted education, a number far higher than other sectors. Scams include malware attacks on e-learning platform ransomware attacks on larger districts.
Safe Family Tips: Inquire about on-site security measures in place at your child’s school. Look into software to protect your home network and personal devices against cyberattacks launched through email, school networks, or social media sites.
Your best defense against a scam — should it come via phone, email, or a website — is a solid offense. Consider boosting your cyber hygiene routine by using strong passwords, a VPN, and staying informed about the latest scams. By now, we know the bad actors online don’t discriminate based on age; they are out to steal data and dollars from anyone who lets down their guard.
The post Cruel Ghouls: New Digital Scams Target Every Age Group appeared first on McAfee Blogs.
Love finds a way. Even in a pandemic.
Across this year and last, a growing number of couples are sticking to their wedding dates as planned, yet with a twist—they’re holding them online.
Whether to comply with local guidance, accommodate friends and family who cannot travel, or some mix of both, online weddings are indeed happening. They take many forms—from streaming a small ceremony at a church or venue, to a couple in their home with an officiant in another location and attendees viewing online, love is indeed finding a way.
I was intrigued and ultimately moved by the story of one couple, Irene and Troy, which I read in an article about couples who have opted to hold an online wedding. According to the article, Irene said that the timing could not have been better. “My father, who is older in age, was especially thrilled to join our wedding from the comfort of his home, and virtually shared his sentiments on video for all to see. One of our guests who watched the virtual marriage shared: ‘We were moved and uplifted by it all… by your love to each other, your commitment, your generosity. We all needed it [at this time]: the affirmation of life and beauty and faith. It made us all happy. And, in a way, fulfilled.'”
That’s absolutely wonderful and a testament to the way a wedding can lift us all, particularly now—the embodiment of commitment, resilience, and love.
With more and more articles and services taking shape that describe the planning of an online wedding, I’d like to share a few of my thoughts about the technical and security considerations that will inevitably come up as couples plan and hold their online wedding ceremonies.
First off, you’ll need an official wedding license and to make sure that your locality recognizes an online wedding. Earlier in the pandemic, several states and localities issued legal orders to allow couples to get their wedding licenses online and even conduct their wedding online with a recognized officiant. Naturally, the answer as to whether you can hold an official wedding will vary where you live and what the exact requirements are. The best advice here is to consult with your local officials or family law practitioner to determine what options are legally available to you—from obtaining a wedding license either by mail or online, to who must officiate and witness the ceremony and how.
If you’re livestreaming your ceremony, a strong and reliable internet connection will top your list of must-haves. If it turns out that your location has so-so Wi-Fi or no internet at all, you can look into a mobile hotspot device. Available as either as a prepaid device or as a rental, the advantage of using a mobile hotspot device over the hotspot on your phone is that it can host multiple devices, have a better connection range than your phone, and last much longer than your phone in terms of battery usage.
Of course, the performance of a mobile hotspot will be influenced by the network that’s available to it. Check the specs of the device and the coverage in the area to see if it can support streaming reliably.
Given that 5G mobile connectivity is making its first appearances, you may find that your 5G-ready phone is a better choice than a 4G LTE mobile hotspot device. If this sounds like a bit much to you, or if you’d simply rather focus on other things for your big days, this is an area where you may want the help of a producer to coordinate this aspect of your online wedding.
An online wedding is a live streaming event, just like a show, your show, and it’s one you’ll want to have go off seamlessly so you and everyone else can bask in the moment. If you’ve been working, studying, or socializing online, you know what kind of headaches can crop up with video conferencing—bad lighting, bad sound, or simply the dreaded bad internet connection. That’s where a producer can help, both on the big day and well in advance of it too.
Depending on the size and experience you want for an online wedding ceremony, you can hire a dedicated producer who can oversee the technical aspects of your ceremony and even act as a digital emcee who can orchestrate the flow of your big day by making introductions, playing music, controlling the microphones of guests, or even setting up a digital receiving line so that everyone can get some dedicated time with the couple. They can help you select the streaming platform for your needs as well.
Online services like Wedfuly and SimplyEloped offer a variety of plans that can handle details such as these for you, from getting the right tech and camera angles in place to rehearsals just like an in-person ceremony—with the bonus of troubleshooting any issues. Other options include looking into local DJ services, as some of them have adapted to run online weddings too. As with any such service or wedding vendor like your photographer or florist, do your research. Look for testimonials from other couples and their guests to get a sense if the service and the experience they provide is the right fit for you.
Just like you need to keep any sort of video conference secure, that goes extra for your online wedding. My earlier advice on keeping video conferences secure still holds sway, yet I’ll add a few more things specific to weddings:
The mailed wedding invitation will always be an elegant and personal touch, yet the online wedding begs another kind of invitation—the sharing of a link and a password. As mentioned above, you can include this in your R.S.V.P. process by requesting your guests to share their email with you to receive the link and password. Another option is to use a shared spreadsheet in the cloud, like a Google Sheets or an Excel document in Office 365. You can direct invitees to the document and have them fill out their email address, number of attendees, and so on. This way, you can email your guests the secure link and password to your wedding when you’re ready.
If you’re feeling extra confident with online tools, you can set up an account with Mailchimp and deliver a mass email invite (designed with your colors and photos too) to your friends and family in one fell swoop. Similarly, there are yet more options for paperless invites. Check out this article for a rundown of other couple-friendly wedding invitation resources.
Contemporary wedding etiquette has taken shape over dozens of years, and once again it has adapted to the times. Some tips about online wedding etiquette are obvious. Like wearing sweatpants below dress attire is a no-no. However, some are a bit more subtle. From gift-giving to receptions to when to mute or unmute your mic, this article touches on many of the basics.
And don’t be shy to ask the couple or their coordinator questions if you’re uncertain about how the day will unfold or how you should dress. Just as with any wedding, some may be more formal or more casual than others. You can take a cue from the couple. In all, putting some extra effort into dressing up and maybe putting some flowers or a nice setting in the background will appear on the happy couple’s screen in wonderful ways. Imagine the look on their faces when they see you and your space looking joyful too!
If you’re looking for tips on how to get your devices and viewing space working and looking great, check out my earlier article on “Setting the Stage for Your Job Interview.” While it’s certainly focused on online interviews, much of the advice applies to setting up your device and your space for attending a wedding too.
For those of you who have your big day circled on the calendar, or soon will, congratulations! Whether you’re planning a ceremony that’s completely online or some manner of hybrid for your guests, I hope that what I’ve shared here will make your online wedding safer, more secure, and, above all, that much more memorable in the best of ways.
To stay updated on all things McAfee and for more resources on staying secure from home, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Digital Marriage—Making Sure Your Online Wedding is Safe and Secure appeared first on McAfee Blogs.
I’ve had such a busy morning! I’ve hunted down my favourite foundation, bought a puzzle mat, stocked up on special dog food for our naughty new puppy, ordered the groceries, made a few appointments and chatted with several friends. And guess what? I haven’t left my study – or changed out of my pyjamas!! Ssshhh!! Because it’s all happened online…
Of course, some of us embraced the benefits of the online world long before 2020 but the Pandemic forced almost everyone to replace our in-person activities and routines with online ones. New research from McAfee in their 2021 Consumer Security Mindset Report shows that 72% of Aussies made changes in their online activities last year out of convenience which makes complete sense!
But what’s so interesting is that now we have these super handy new online routines in place – we aren’t that keen to give them up! McAfee’s report shows that 76% of Aussies are planning on continuing with online banking, 59% of us want to keep connecting with friends and family online and 55% of us remain totally committed to online shopping! Hear, hear, I say! I am absolutely staying that course too!!
There’s no doubt that there is a lot of upside to managing our lives online but unfortunately there is also a downside – increased risk! The more time spent online, the greater the chance that we will be exposed to potential risks and threats such as phishing attacks, entering details into malicious websites or even becoming a victim of fraud.
McAfee’s research shows that we are aware of the risks of being online. In fact, 66% of us are concerned about the potential dangers of living our lives online with losing control of our financial data top of the list for the majority of us. And almost 2/3 (65%) of us are also worried about having our social media accounts hacked.
But pandemic life has meant that we are now a lot more comfortable with sharing information online. Whether it’s paperless transaction records, text and email notifications, opting to stay logged in or auto-populating forms with our credit card, this level of online sharing does make life so convenient but it can be a risky business! Why, I hear you ask? Because these conveniences usually only work when you share multiple pieces of your contact details. And the more you share, the greater your chance of being hacked or compromised. But the report was very clear – if we can make our online life more seamless then we are only too happy to share our key contact information! Oh dear!!
In addition to confessing that they don’t always take the necessary security precautions, Aussie consumers in McAfee’s report also admitted that they haven’t thought about why hackers might want their data. I don’t know how many people tell me that they don’t need to really bother with a lot of online precautions because they live a pretty boring life and don’t spend that much time online.
But this is a very dangerous way to think. Your online data is like a pot of gold to hackers. Not only can they use it to possibly steal your identity and try to empty your bank accounts but they can also on-sell it for a profit. But the majority of Aussies don’t stop to consider this with the research showing that 64% of Aussies have never considered just how valuable their online data is worth.
Hackers are ALWAYS on the lookout for new ‘up-to-date’ ways to exploit others for money. Don’t forget how quick they were to conjure up scams around COVID in early 2020 – it was just a matter of weeks before Aussies received phishing emails and malicious text messages with the aim of extracting personal information from vulnerable consumers.
But, encouragingly, 85% of Aussies said they would be far more proactive about managing their data if it could be traded as a currency.
The good news is that there are ways to secure your online life and minimise the risk of being hacked. Here are my top tips:
Yes, it might take a minute or 2 more, but using multi-factor authentication is an easy way to add an additional layer of security to protect your personal data and information. Commit to using it wherever it is offered!
If you live your life out & about like I do then you’ll be very tempted to use Wi-Fi. Using public Wi-Fi to conduct transactions, particularly financial ones is a big no-no! It takes keen hackers minimal effort to set up a fraudulent wi-fi service which could easily fool a busy person into connecting. Using a Virtual Private Network (or VPN) like McAfee® Safe Connect, is the best way of ensuring everything you share over Wi-Fi is safe and secure.
Browsing the internet with a tool like the McAfee WebAdvisor is a great way of ensuring dangerous malware is blocked if you click on a malicious link in a phishing email. You’ll have real peace of mind knowing you can manage your online life while someone looks out for you!
With 4 kids, 3 pets, 2 jobs – I know I could never get to the bottom of my ‘to-do’ lists without managing the bulk of it online. I often think I should send the internet an e-card at Christmas!! Of course, I understand why corners are cut and precautions are overlooked when we all feel so stretched for time. But just think about how much more time it would take if you were hacked and had to spend hours on the phone to your bank or if you had to reconfigure all your online accounts and social media platforms!!
So, you know what you need to do! Stay safe online everyone!
The post How 2020 Has Shaped The Way We Live Our Lives appeared first on McAfee Blogs.
How our new identity & privacy app can help
By this point in the year you may have already broken some of your New Year’s resolutions, but here’s one to keep: better protecting your online privacy.
After all, we are likely to continue to spend more time online in 2021, whether it be for working, learning, or shopping. This makes taking some preventative steps to shield our identity information more important than ever.
That’s why McAfee has been working on a new identity and privacy app for safeguarding your personal information, and we’d love for you to try it if you’re in the U.S.
Here’s a little bit about our approach. We looked at some of the key areas where users’ private information can be vulnerable, and designed a tool that offers easy-to-use, proactive protection for Windows, Android, and iOS devices, with consistent, familiar experiences regardless of the platform.
We know, for instance, that users are vulnerable when using unsecured networks, like public Wi-Fi. This is where a cybercriminal can potentially capture your login credentials and other personal information as it flows over the network, from your laptop to your bank’s website, for example.
So, we made sure to include a Virtual Private Network (VPN) to keep your information protected from prying eyes. It does this easily, and even automatically, by detecting when you’re on a public network and prompting you to turn on your VPN. The VPN then scrambles, or encrypts, your data as it flows over the network. Unlike some VPNs that require advanced settings to shield your data, our app offers seamless security.
Another area of high risk that we want to address is data breaches. Whether one of your personal accounts is hacked–or worse–another website somehow gets ahold of your data and subsequently gets breached, your data may end up on the dark web. This is where cybercriminals buy and sell information.
To detect these dangerous leaks, we included dark web monitoring, which alerts you if your login credentials have been exposed. It can even provide you with a link to the site that uses those credentials when the information is available. This allows you to swiftly reset your passwords, mitigating the risk.
Given that we saw a spike in corporate data breaches in 2020, where 58% of victims had their personal data compromised, I believe this kind of always-on monitoring of your private information is key.
Most importantly, we wanted to make this personal protection app easy to use and available across all your compatible devices. So, whether you’re out with just your phone, or home working at your PC, you have access to your protection, and can even pick up where you left off on a different device.
I know that organizing my digital life gives me one less thing to worry about, and I hope it’s the same for you. Give the app a try, and please let us know what you think since we are always open to your feedback.
Here’s to a happy and secure year!
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our email, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Let’s Commit To Protect Our Privacy This Year appeared first on McAfee Blogs.
In the eyes of hackers, scammers, and thieves, your online privacy and identity look like a giant jigsaw puzzle. One that they don’t need every piece to solve. They only need a few bits to do their dirty work, which means protecting every piece you put out there—a sort of holistic view on your personal security. One that protects you, not just your devices.
Here’s what’s at stake: we create and share loads of personal information simply by going about our day online, where each bit of information makes up a piece of that giant jigsaw puzzle. Some pieces directly identify us, like our tax returns, bank account information, or driver’s licenses. Other pieces of information indirectly identify us, like the IP addresses assigned to our computers, tablets, and phones—or device ID numbers, location information, and browsing history. And bad actors only need a few key pieces to do you harm, such as committing identity crime in your name or selling your personal information on sketchy websites or the dark web.
While people show great concern about their personal information, who has it and what’s done with it, our research shows that 70% of people feel like they have little or no control over the data that’s collected about them. However, you have plenty of ways that you can indeed take control—ways that can prevent, detect, and correct attacks on your privacy and identity. That’s where holistic protection comes in.
You can think of holistic protection as layers of shields that protect you and the devices you use. It gives you three layers in all—a Prevention Layer, Detection Layer, and a Correction Layer.
A holistic and comprehensive security solution like McAfee+ combines those three layers in a way that protects your personal information and keep your identity private, showing you how it does it along the way, so you can see exactly how safe you are. Let’s take a quick look of some of the protections you’ll find in each layer …
In the Prevention Layer, you’ll see:
In the Detection Layer, you have …
In the Correction Layer, several other protections have your back …
These are just a few examples of the protections in each layer. And you’ll find our most comprehensive holistic protection in McAfee+ Ultimate, covering your privacy, identity, and devices.
While your online privacy and identity may look a jigsaw puzzle, protecting it shouldn’t be as complicated. With a holistic security solution for your personal protection, you can minimize your exposure with layers of security that do much of the work for you.
Antivirus on your PC is not enough. It has not been enough for many decades now. And this becomes more evident as we continue to spend more time online, with the average person spending 6 hours and 54 minutes online each day, leaving clouds of personal information in their wake.
While standalone apps like a password manager, a VPN app, and an identity solution from different vendors can be piecemealed together with your device security, these are difficult to keep track of and burdensome to maintain.
We have combined the important tools you need into a seamless and comprehensive experience because good security software is something that you use daily to feel safer online. This is why we are working on your behalf to redefine security, so you can enjoy your connected life with confidence.
The post True Security Requires a Holistic Approach appeared first on McAfee Blog.
After much anticipation, you finally get a notification that you’re eligible to receive your COVID-19 vaccine. Upon getting your first dose, you may be eager to celebrate by sharing a picture of your vaccination card on social media. After all, many of your peers have been doing the same. However, these posts could actually put your online privacy and personal information at risk. While you want to share the good news, experts warn that scammers could potentially exploit the information on your card.
With more people becoming eligible to receive the COVID-19 vaccine, there has been a surge in social media posts featuring peoples’ vaccine cards. However, the Better Business Bureau stated that posting photos of your card can give criminals the data they need to create and sell fake vaccination cards. Not only do vaccine cards remind you of when your next appointment is, but they also contain important personal information such as your name, date of birth, and when and where you were vaccinated.
Currently, these cards are the only proof that people have that they’ve been vaccinated. While there is still uncertainty around the next phase of the pandemic and when life will return to “normal,” it’s possible these cards could be what gets you into a restaurant or on an airplane. If you post your vaccination card on social media, scammers could potentially forge your card and use it as their own pass into public places or use it to receive a second dose. Publicly posting medical information could also void your HIPAA protections. Furthermore, cybercriminals could significantly profit from your personal information since health care records sell for more than Social Security and credit card numbers on the dark web.
Your digital wellness is just as important as your physical wellness, so protecting your online data is crucial. It’s a good rule of thumb not to post photos with your name and other identifiable information on the internet. Although it may be tempting to post your vaccination card on social media, consider these tips to help protect your online security:
Think about who you want to share the good news with and what social media platform would be best for this. Create private groups or carefully select which followers can see your posts. Then, verify that you’ve updated your privacy settings accordingly. This will prevent scammers from lurking on your posts and extracting your personal information.
Instead of posting a photo of your vaccine card, share a picture of yourself outside the vaccination center. If your vaccination center provides “I got vaccinated” stickers, you can post a picture of that as well.
Taking steps towards protecting your digital well-being is just as important as taking steps towards protecting your physical health. By following these steps, you can help ensure that your online security will not be jeopardized by celebrating your vaccination.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our email, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Protect Your Digital Wellness: Don’t Post Your Vaccination Card Online appeared first on McAfee Blogs.
Many have seamlessly transitioned their fitness regimens out of the gym and into the living room since the start of the COVID-19 pandemic, thanks in part to the use of IoT devices. IoT (Internet of Things) denotes the web of interconnected physical devices embedded with sensors and software to collect and share information via the internet. The most common IoT devices used for virtual fitness include wearable fitness trackers and stationary machines equipped with digital interfaces. As effective as these devices are for facilitating a great workout, many do not realize the risks they pose for their online security. According to McAfee Labs Threats Report, new IoT malware increased by 7% at the start of the pandemic. There are various steps that users can take to continue using these devices securely without compromising performance. But first, it’s essential to understand why these devices are vulnerable to cyber-attacks.
IoT devices are just like any other laptop or mobile phone that can connect to the internet. They have embedded systems complete with firmware, software, and operating systems. As a result, they are exposed to the same vulnerabilities, namely malware and cyber-attacks.
One reason why IoT devices are so vulnerable is due to their update structure, or lack thereof. IoT devices lack the stringent security updates afforded to laptops or mobile phones. Because they do not frequently receive updates—and in some cases, never—they do not receive the necessary security patches to remain consistently secure.
What’s worse, if the developer goes out of business, there is no way to update the existing technology vulnerabilities. Alternatively, as newer models become available, older devices become less of a priority for developers and will not receive as many updates as their more contemporary counterparts.
Without these updates, cybercriminals can hack into these devices and taking advantage of the hardware components that make them a significant risk to users. For example, they can track someone’s location through a device’s GPS, or eavesdrop on private conversations through a video camera or audio technology.
IoT devices with unpatched vulnerabilities also present an easy entry point through which hackers can penetrate home networks and reach other devices. If these devices do not encrypt their data transmission between different devices and servers, hackers can intercept it to spoof communications. Spoofing is when a hacker impersonates a legitimate source, the back-end server or the IoT device in this case, to transmit false information. For instance, hackers can spoof communications between a wearable fitness tracker and the server to manipulate the tracking data to display excessive physical activity levels. They can then use this data for monetary gain by providing it to insurance companies and 3rd party websites with financial incentive programs.
Hackers can also exploit device vulnerabilities to spread malware to other devices on the same network to create a botnet or a web of interconnected devices programmed to execute automated tasks. They can then leverage this botnet to launch Distributed Denial of Service (DDoS) or Man in the Middle attacks.
Whether you own an IoT device to monitor your health or physical performance, it is essential to take the necessary precautions to minimize the risks they present to digital security. Here are a few tips to keep in mind when incorporating your device into your fitness routine.
Default names and passwords are low-hanging fruit for hackers and should be the first thing you address when securing your router. Default router names often include the make or model of the manufacturer. Changing it will reduce a hacker’s chance of infiltrating your home network by making the router model unidentifiable. Further, follow password best practices to ensure your router password is long, complex, and unique.
Next, make sure you enable the highest level of encryption which includes Wi-Fi Protected Access 2 (WPA2) or higher. Routers with older encryption protocols such as WPA or Wired Equivalent Privacy (WEP) are more susceptible to brute force attacks, where hackers will attempt to guess a person’s username and password through trial and error. WPA2 and higher encryption methods ensure that only authorized users can use your same network.
Lastly, create a guest network to segment your IoT devices from your more critical devices like laptops and mobile phones. If a hacker infiltrates your IoT devices, the damage is contained to the devices on that specific network.
Updates are critical because they go beyond regular bug fixes and algorithmic tweaks to adjust device software vulnerabilities.
Make it a point to stay on top of updates from your device manufacturer, especially since they will not always advertise their availability. Visit their website regularly to ensure you do not miss pertinent news or information that may impact you. Additionally, make sure to update the app corresponding to your IoT device. Go into your settings and schedule regular updates automatically, so you do not have to update manually.
Do your research before making a significant investment in an IoT device. Ask yourself if these devices are from a reputable vendor. Have they had previous data breaches in the past, or do they have a grade A track record for providing high-security products?
Also, take note of the information your IoT device collects, how vendors use this information and what they release to other users or third parties. Do they have privacy policies in place to protect their users’ data under PIPEDA regulation?
Above all, understand what control you have over your privacy and information usage. It is a good sign if an IoT device allows you to opt-out of having your information collected or lets you access and delete the data it does collect
Next time you go for a run with geolocation activated on your smartwatch, think again about what risks this poses to your virtual security and even your physical safety. Enhance your security by only enabling the features that are necessary to optimize your fitness performance. In doing so, you ensure that hackers cannot utilize them as a foothold to invade your privacy.
IoT devices have made in-home exercise routines possible, given their increase in availability and ease of use. However, despite their capabilities for optimizing the fitness experience, the nature of these devices has made them one of many threats to personal privacy and online safety. For an elevated fitness experience beyond a great workout, start securing your IoT devices to integrate them into your everyday exercise routine safely.
The post Don’t Sweat Your Security: How to Safely Incorporate IoT Into Your Fitness Routine appeared first on McAfee Blogs.
On Thursday, May 20, a final decision was issued in the Independent Review Process (IRP) brought by Afilias against the Internet Corporation for Assigned Names and Numbers (ICANN), rejecting Afilias’ petition to nullify the results of the July 27, 2016 public auction for the .WEB new generic top level domain (gTLD) and to award .WEB to Afilias at a substantially lower, non-competitive price. Nu Dotco, LLC (NDC) submitted the highest bid at the auction and was declared the winner, over Afilias’ lower, losing bid. Despite Afilias’ repeated objections to participation by NDC or Verisign in the IRP, the Panel ordered that NDC and Verisign could participate in the IRP in a limited way each as amicus curiae.
Consistent with NDC, Verisign and ICANN’s position in the IRP, the Order dismisses “the Claimant’s [Afilias’] request that Respondent [ICANN] be ordered by the Panel to disqualify NDC’s bid for .WEB, proceed with contracting the Registry Agreement for .WEB with the Claimant in accordance with the New gTLD Program Rules, and specify the bid price to be paid by the Claimant.” Contrary to Afilias’ position, all objections to the auction are referred to ICANN for determination. This includes Afilias’ objections as well as objections by NDC that Afilias violated the auction rules by engaging in secret discussions during the Blackout Period under the Program Rules.
Afilias’ claims for relief were based on its allegation that NDC violated the New gTLD Program Rules by entering into an agreement with Verisign, under which Verisign provided funds for NDC’s participation in the .WEB auction in exchange for NDC’s commitment, if it prevailed at the auction and entered into a registry agreement with ICANN, to assign its .WEB registry agreement to Verisign upon ICANN’s consent to the assignment. As the Panel determined, the relief requested by Afilias far exceeded the scope of proper IRP relief provided for in ICANN’s Bylaws, which limit an IRP to a determination whether or not ICANN has exceeded its mission or otherwise failed to comply with its Articles of Incorporation and Bylaws.
Issued two and a half years after Afilias initiated its IRP, the Panel’s decision unequivocally rejects Afilias’ attempt to misuse the IRP to rule on claims of NDC or Verisign misconduct or obtain the .WEB gTLD for itself despite its losing bid. The Panel held that it is for ICANN, which has the requisite knowledge, expertise, and experience, to determine whether NDC’s contract with Verisign violated ICANN’s Program Rules. The Panel further determined that it would be improper for the Panel to dictate what should be the consequences of an alleged violation of the rules contained in the gTLD Applicant Guidebook, if any took place. The Panel therefore denied Afilias’ requests for a binding declaration that ICANN must disqualify NDC’s bid for violating the Guidebook rules and award .WEB to Afilias.
Despite pursuing its claims in the IRP for over two years — at a cost of millions of dollars — Afilias failed to offer any evidence to support its allegations that NDC improperly failed to update its application and/or assigned its application to Verisign. Instead, the evidence was to the contrary. Indeed, Afilias failed to offer testimony from a single Afilias witness during the hearing on the merits, including witnesses with direct knowledge of relevant events and industry practices. It is apparent that Afilias failed to call as witnesses any of its own officers or employees because, testifying under penalty of perjury, they would have been forced to contradict the false allegations advanced by Afilias during the IRP. By contrast, ICANN, NDC and Verisign each supported their respective positions appropriately by calling witnesses to testify and be subject to cross-examination by the three-arbitrator panel and Afilias, under oath, with respect to the facts refuting Afilias’ claims.
Afilias also argued in the IRP that ICANN is a competition regulator and that ICANN’s commitment, contained in its Bylaws, to promote competition required ICANN to disqualify NDC’s bid for the .WEB gTLD because NDC’s contract with Verisign may lead to Verisign’s operation of .WEB. The Panel rejected Afilias’ claim, agreeing with ICANN and Verisign that “ICANN does not have the power, authority, or expertise to act as a competition regulator by challenging or policing anticompetitive transactions or conduct.” The Panel found ICANN’s evidence “compelling” that it fulfills its mission to promote competition through the expansion of the domain name space and facilitation of innovative approaches to the delivery of domain name registry services, not by acting as an antitrust regulator. The Panel quoted Afilias’ own statements to this effect, which were made outside of the IRP proceedings when Afilias had different interests.
Although the Panel rejected Afilias’ Guidebook and competition claims, it did find that the manner in which ICANN addressed complaints about the .WEB matter did not meet all of the commitments in its Bylaws. But even so, Afilias was awarded only a small portion of the legal fees it hoped to recover from ICANN.
It is now up to ICANN to move forward expeditiously to determine, consistent with its Bylaws, the validity of any objections under the New gTLD Program Rules in connection with the .WEB auction, including NDC and Verisign’s position that Afilias should be disqualified from making any further objections to NDC’s application.
As Verisign and NDC pointed out in 2016, the evidence during the IRP establishes that collusive conduct by Afilias in connection with the auction violated the Guidebook. The Guidebook and Auction Rules both prohibit applicants within a contention set from discussing “bidding strategies” or “settlement” during a designated Blackout Period in advance of an auction. Violation of the Blackout Period is a “serious violation” of ICANN’s rules and may result in forfeiture of an applicant’s application. The evidence adduced in the IRP proves that Afilias committed such violations and should be disqualified. On July 22, just four days before the public ICANN auction for .WEB, Afilias contacted NDC, following Afilias’ discussions with other applicants, to try to negotiate a private auction if ICANN would delay the public auction. Afilias knew the Blackout Period was in effect, but nonetheless violated it in an attempt to persuade NDC to participate in a private auction. Under the settlement Afilias proposed, Afilias would make millions of dollars even if it lost the auction, rather than auction proceeds being used for the internet community through the investment of such proceeds by ICANN as determined by the community.
All of the issues raised during the IRP were the subject of extensive briefing, evidentiary submissions and live testimony during the hearing on the merits, providing ICANN with a substantial record on which to render a determination with respect to .WEB and proceed forward with delegation of the new gTLD. Verisign stands ready to assist ICANN in any way we can to quickly resolve this matter so that domain names within the .WEB gTLD can finally be made available to businesses and consumers.
As a final observation: Afilias no longer operates a registry business, and has neither the platform, organization, nor necessary consents from ICANN, to support one. Inconsistent with Afilias’ claims in the IRP, Afilias transferred its entire registry business to Donuts during the pendency of the IRP. Although long in the works, the sale was not disclosed by Afilias either before or during the IRP hearings, nor, remarkably, did Afilias produce any company witness for examination who might have disclosed the sale to the panel of arbitrators or others. Based on a necessary public disclosure of the Donuts sale after the hearings and before entry of the Panel’s Order, the Panel included in its final Order a determination that it is for ICANN to determine whether the Afilias’ sale is itself a basis for a denial of Afilias’ claims with respect to .WEB.
The post IRP Panel Dismisses Afilias’ Claims to Reverse .WEB Auction and Award .WEB to Afilias appeared first on Verisign Blog.
The gig economy has become more prevalent in today’s world with the appeal and necessity of flexible work opportunities. Many take advantage of short-term contracts, side jobs, and freelance work to retain more control over how they spend their day and earn their income. However, the proliferation of these flexible work opportunities has transcended into the dark web, allowing individuals to conduct nefarious activities. Rather than contracting handyman or moving services on the dark web, you can find hackers contracting their website hacking services or buyers placing ads looking for a hacker to hire. These acts pose significant risks to online users, given the amount of stolen personal information on dark websites. Take a look at the activities you can expect to find on the dark web and the steps you can take to safeguard your online privacy.
The dark web is part of the public internet that search engines do not index. In other words, what happens on the dark web, stays on the dark web with no traceable records. Most people don’t realize that the dark web is not illegal despite its association with criminal activities. However, the dark web has retained a criminal reputation since it is challenging to track what goes on. As a result, criminals will often frequent the dark web to conduct a variety of illegal transactions, including hacking services.
Researchers are discovering an uptick in activity on dark web forums that includes buying and selling black hat hacking services. 90% of the activity on these forums is from people looking to hire hackers to infiltrate websites and steal databases. Additionally, 4% of the people frequenting dark web forums requested hacking services related to website hacking and malicious code injection.
Another 7% of people on the dark web are hackers contracting out their services and tools. These services and tools include web shells, a file uploaded to a server that an attacker can use to execute operating system commands, as well as access to administrative website interfaces and ready-made exploits. Many of the services offered on these forums range in specialties such as site infiltration to data extraction. As a result, they often attract a variety of customers with numerous requests.
Further, many of the ads seeking hacking services are aimed at database hacking. Those targeting databases are often financially incentivized hackers and companies out to steal their competitor’s information. Databases remain a popular target for hackers since they contain a significant amount of personal information ranging from first and last names to credit card numbers. Cybercriminals can then use this information to commit numerous crimes such as monetary theft, unemployment and tax relief fraud, and identity theft.
For example, the Canada Revenue Agency (CRA) had to suspend approximately 800,000 accounts after discovering matching credentials for sale on the dark web. In a previous data breach, hackers used login credentials to access taxpayer accounts, apply for COVID-19 relief funds, and reroute the funds into their bank accounts. Taxpayers could not log in to their accounts without first taking the necessary steps to regain safe access.
Users must protect their online presence and information as these criminal activities continue to escalate in demand. Here are the five must-dos after discovering a data breach to retain your online security.
Be one of the first to know about a data breach by leveraging security software such as McAfee Total Protection. A comprehensive security solution that includes dark web monitoring actively monitors the dark web for data breaches and exposed information. This information includes but is not limited to your date of birth, email addresses, credit card numbers, and personal identification numbers. Robust security software also provides steps for remediation after a data breach to guide the user to regain control and integrity of their data and privacy.
Companies are required to notify their customers of a data breach under the PIPEDA legislature. Be on the lookout for breach notices from relevant companies since they are often the first to know about a data breach impacting their online customers.
Create news alerts for companies that have access to your information to stay notified of the latest events. Additionally, create notifications for your bank and other financial accounts to monitor for suspicious activity such as unauthorized transactions or a drop in credit score. You will be better prepared to mitigate any cybersecurity threats with the right security software and knowledge of the latest risks.
Looking back to the 800,00 taxpayers whose accounts were suspended, they could not regain access without first changing their login credentials. Changing your login credentials such as your usernames, passwords, and security questions is a critical first step to take after any data breach.
Changing your credentials prevents hackers from accessing your personal information and ensures that you regain control over your account security. The chances of a hacker accessing your data are exceptionally high if you use the same credentials across different accounts. Thus, it’s essential to change your usernames and passwords regularly to ensure your information remains secure.
Just as important as changing your password regularly is changing your password following best practices. Create stronger passwords by using a combination of the following:
Long passwords with a minimum of 12 characters are also more effective than shorter passwords since it makes it more difficult for a hacker to guess. In sum, ensure all passwords are long, complex, and only used once. Use a password manager with a built-in generator like the one included in McAfee’s Total Protection solution to make it easier to access and manage passwords.
If your credentials are exposed in a data breach, using multifactor authentication will ensure hackers cannot access your information using only your login credentials. So even if your username and password are exposed, there is still a layer of security that hackers will not be able to bypass. Block out unauthorized login attempts by enabling multifactor authentication wherever applicable.
The dark web continues to be a primary destination for cybercrime. Online users must remain cautious about the information they retain in their online accounts and the websites with access to their personal information. Your data security and privacy are not always a guarantee, but the more precautions you take with your online safety, the better protected you will be.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our newsletter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post The Rise of the Dark Web Gig Economy appeared first on McAfee Blogs.
Today we wrap up Mobile World Congress (MWC) 2021. Whether you joined online or attended the hybrid conference in person, one thing is certain: today’s groundbreaking technology is paving the way for our future connectivity. Fittingly, the theme of this year’s event was Connected Impact, representing the role mobile connectivity plays in an ever-changing world, where flexibility and adaptability are critical. Here are four of the key consumer takeaways from this year’s conference:
COVID-19 truly put the power of online connectivity to the test. While 2020 was supposed to be the year of 5G connectivity, this was put on pause as the world faced social and financial uncertainty. Instead, the spotlight fell on legacy technologies to create a new normal for users. Consumers quickly had to figure out how to live their best lives online — from working from home to distance learning to digitally connecting with loved ones.
To help foster online connectivity for all, 5G must step back into the spotlight. Although publicly available 5G networks have been around for two years, it is unlikely that many users see much of a difference between 5G and LTE. For users to feel the impact of 5G, mobile carriers must expand the frequencies at the low and high ends of the spectrum, which is where 5G networks operate.
Qualcomm led the 5G announcements on Monday with the unveiling of its second-generation Qualcomm 5G RAN Platform for Small Cells (FSM200xx). This platform brings major enhancements to radio frequencies and is designed to take millimeter wave performance to more places: indoors, outdoors, and around the globe. According to Qualcomm, these advancements aim to facilitate greater mobile experiences and accelerate 5G performance and availability to users everywhere— thus reshaping opportunities for homes, hospitals, offices and more.
Technology and connectivity played a crucial role in our daily lives in 2020—and therefore, unsurprisingly, spending on health and wellness tech grew by 18.1%. But now, we must ask ourselves what role technology will play post-lockdown.
While they did not have a physical appearance at MWC this year, Samsung provided a sneak of their new wearables: they introduced the One UI Watch user experience, a new interface designed to make the Galaxy Watch and smartphone experience more deeply connected. Samsung also announced its expanded partnership with Google, promising to deliver better performance, longer battery life, and a larger ecosystem of apps to the Galaxy Watch. Although they did not unveil any hardware at MWC, Samsung did ensure that users can expect to see new devices like the Galaxy Z Fold 3 and the Galaxy Watch 4 at their Galaxy Unpacked event happening in July/August of 2021.
2020 also shone a bright light on the key role technology plays in the consumption and distribution of creative arts and entertainment. Lockdown put an even greater responsibility on streaming platforms — and the devices they are accessed on — to deliver content right to people’s homes.
To help meet entertainment consumption needs, Lenovo announced not one, not two, but five new Android tablets during MWC. Its largest tablet is the Yoga Tab 13, which features a built-in kickstand, 13-inch display with 2,160 x 1,350 resolution, up to 12 hours of battery life, and more. Lenovo is pitching this model as its “portable home cinema,” perfect for streaming on the go. It also unveiled the Yoga Tab 11 and the Tab P11 Plus, which are expected to be available in EMEA in July following the Yoga Tab 13’s June release date. For users hoping for a more compact, budget-friendly device, Lenovo also announced the Lenovo Tab M8 and the Lenovo Tab M7. Whichever model you select, one thing it certain — digital devices have and will continue to be instrumental in consumer entertainment.
These exciting announcements are a great representation of what the future holds for mobile technology and greater connectivity. The advancements in mobile connectivity have already made a positive impact on consumer lifestyles, but the rise in popularity of these devices has also caught the attention of cybercriminals looking to exploit consumers’ reliance on this technology.
More time spent online interacting with various apps and services simultaneously increases your chance of exposure to cybersecurity risks and threats. Unsurprisingly, cybercriminals were quick to take advantage of the increase in connectivity throughout 2020. McAfee Labs saw an average of 375 new threats per minute and a surge of hackers exploiting the pandemic through COVID-19 themed phishing campaigns, malicious apps, malware and more. For users to continue to live a connected life, they will need to take greater care of their online safety and ensure that security is top-of-mind in any given situation. Taking these precautions will provide greater peace of mind in the new mobile-driven world.
The post The Future of Mobile: Trends from Mobile World Congress 2021 appeared first on McAfee Blogs.
This fall, many students are headed back-to-school full time. However, just as workplaces now accommodate for remote work, schools are accommodating hybrid learning environments. While this may signal the end of things like snow days, it’s also created a new, more flexible style of learning that relies on computers, online connectivity, and apps to connect students with teachers and learning resources. It’s also a trend that’s not without risk, as evidenced by the more than 900 cybersecurity incidents, including personal data breaches, since 2016, according to the K-12 Cybersecurity Resource Center. This new style of learning comes with many implications for cybersecurity that we’ll discuss below, along with ways to protect learners and students of all ages.
Cameras and video conferencing software have become an integral part of the online learning experience. In the early days of 2020, we saw growing pains in the form of Zoom bombing, unintended sharing, and, on the lighter side, people learning to use fake backgrounds with hilarious consequences. And while many of these wrinkles have been smoothed out, for online learners, the fact remains that privacy is at risk anytime they use a camera.
Younger students:
Older students:
The good news is that while we’re all navigating the new world of learning online, there are more tools than ever to help you do so safely. A comprehensive security suite, like one of McAfee’s products, contains many of these security tools in one package, including tools for:
Younger students:
Older students:
Your child or teen’s portal to their online classroom is an important investment. After all, you’ll want them to be able to connect securely, communicate easily, and be able to handle any kind of online work they may need to do. Depending on the age of your child, this device may also have to be bomb-proof. Don’t worry some experts have already done the thinking for you with this list of computers for online learners.
There are many apps being used to facilitate online learning. And chances are, students will have to register, log-in, and provide identification. Regardless of age, here’s what NOT to provide.
Younger students:
Older students:
When students are learning in-person, the concept of being a good citizen is one that’s reinforced in the classroom and on the playground. Online, as students use forums, chats, and even social media to communicate, the concept of digital citizenship is just as important.
There’s a reason elementary schools have recess and high schools have lunch breaks. It gives kids time to step away from the books, stretch their legs, and refresh their minds. The same concept applies with online learning.
Younger students:
Older students:
For more extensive information about any of the recommendations above, please visit these resources.
The post 7 Safety Tips to Schooling in a Digital World appeared first on McAfee Blogs.
More senior adults are taking advantage of the array of wearable technology that helps them stay connected to healthcare providers and monitor their physical health and safety. But that newfound convivence comes with risk and, for many, the genuine fear of falling prey to an online hacker.
Wearable technology brings seniors both power and peace of mind. Many elderly consumers rely on wearable technology to monitor critical blood glucose levels, heart activity, and blood pressure. In addition, seniors and their families rely on fall detection, emergency alerts, and home security technology to monitor physical safety. Since the pandemic, wearable technology has played a central role in connecting virus-vulnerable seniors to healthcare professionals.
A recent study cites that 25 percent of U.S. homeowners with broadband internet expect to purchase a new connected consumer health or fitness device within the next year. Another study predicts the global market for wearable healthcare devices will reach $46.6 billion by 2025.
This kind of data is excellent to show consumer trends, but it also gives cybercriminals a road sign for new inroads into stealing consumer data.
So how do we dodge the digital dangers of our beloved wearable devices? With time, attention, and a few basics.
Sound like a hassle? Perhaps. However, following these basic protocols is likely far more manageable than having to navigate through the potential chaos connected to a data breach.
1. Install updates immediately. When it comes to protecting your wearables, security updates are not optional. Be sure to install the updates (usually with a single click) to protect your device from reported bugs, enhance functionality, and of course, seal up any security loopholes.
2. Add digital protection. It’s more than a buzz. Extra security solutions such a Virtual Private Network (VPN) and added security software can be your saving grace from prying eyes and help protect the health data you send over the internet. A VPN uses an encrypted connection to send and receive data. For example, if you use a VPN, a hacker trying to eavesdrop on your network will be met with a cacophony of jumbled data on their screen. In addition, installing comprehensive security software can thwart viruses and malware scams from infecting your digital landscape.
3. Level up your password IQ. Several practices can quickly shore up your password security: 1) Change your device’s default username and password immediately, 2) choose a strong password, 3) use Two Factor Authentication (2FA), and 4) keep your passwords in one place such as a password manager.
4. Switch devices off and on. Here’s a fun one—go old school. The National Security Alliance (NSA) recently advised consumers of one powerful way to thwart cybercriminals, especially with smartphones. Turn your device on and off every now and then. Better yet, if a device is not in use, shut it down.
5. Verify every source. Scams connected to your new device or health condition increasingly look legitimate. For that reason, verify sources, websites, and avoid giving out any personal information, and never send money to an unverified source. Scams come in the form of a phony email, people posing as an IT department or helpdesk, text message, pop-up, calendar invite, or even a direct message on social media. This is where antivirus software can save the day.
6. Ask for help. Beyond your device manual, Google and YouTube, if you are a senior and still have issues securing a new device, reach out for help. Don’t overlook the help desk associated with your new device, many of which also have a convenient online chat feature. Other possible resources include: Your local library, senior center, Agency on Aging, or community center may have help. In addition, AARP has published a list of helpful IT resources for seniors.
Having the right technology at your fingertips can feel like magic especially if you are a senior adult with health and safety concerns. In these times of widespread digital insecurity, giving even a little extra time and attention to these basic digital security protocols can bring a new level of peace and power to your daily routine.
The post Can Your Wearable Health Monitors Be Compromised? appeared first on McAfee Blog.
Businesses today have many options for interacting with customers online. The findings of our independent survey of online consumers suggest that websites and branded email continue to be critical components of many businesses’ online presence, essential to supporting consumer confidence and enabling effective interaction with customers.
The quantitative study, commissioned by Verisign and conducted in December 2019 and January 2020 by 451 Research, now a part of S&P Global Market Intelligence, surveyed 5,450 online consumers across key markets in North America, Latin America, Europe and Asia to help understand their sentiments on interacting with businesses online.
The survey was designed to arm service providers and registrars with an understanding of how the resources they provide to businesses can help create trust and deliver value to their customers.
Among those surveyed, approximately two-thirds (66%) agreed that a business with its own website is more credible than one without. Likewise, a majority indicated that they would expect it to be more difficult to verify the identity of (56%), find online (55%) and contact (54%) a business that does not have its own website.
Certainly, this doesn’t suggest that businesses should abandon other online channels, such as social media and search engine efforts, to focus on a website-only approach. Instead, 64% of respondents said that a business with many points of online presence is more credible than a business with few.
Still, the study suggests that other online resources should complement, rather than replace, a small business’s own website. Respondents identified a business’s own website as being one of the most popular online methods for learning about (69%) and conducting transactions with (57%) businesses. Further, 71% of respondents reported being more likely to recommend a business with a professional website.
Taken together, these findings suggest that a website can help add credibility and drive new business.
Trust is central to the relationship between a business and customers. This may be particularly true for online transactions (95% of survey respondents said they actively make purchases online), which require consumers to trust not only that the business will deliver the product or service for which they have paid, but also that it will not misuse payment or personal information.
A branded email address may be able to help, as an overwhelming number of respondents (85%) agreed that a business with a branded email address is more credible than one that uses a free email account. Respondents were more likely to have used a business’s branded email address (67%), than the telephone (56%) or social media (40%), to communicate with a business during the prior 12 months.
For a small business, failing to be perceived as credible online could mean lost business not just today, but also in the future. A website and branded email address can help businesses add credibility and more effectively engage with consumers online.
Service providers offer a variety of website-building tools, email hosting solutions, and domain name registration services that can help businesses – whether just starting or well-established – to have a website and use a branded email.
Detailed survey results are available in 451 Research’s Black & White Paper Websites, Branded Email Remain Key to SMB Internet Services.
Verisign is a global wholesale provider of some of the world’s most recognized top-level domains, including .com and .net. For website building tools and email hosting solutions, contact a registrar. You can find a registrar here.
The post Websites, Branded Email Remain Key to SMB Internet Services appeared first on Verisign Blog.
As I noted on May 26, the final decision issued on May 20 in the Independent Review Process (IRP) brought by Afilias against the Internet Corporation for Assigned Names and Numbers (ICANN) rejected Afilias’ petition to nullify the results of the public auction for .WEB, and it further rejected Afilias’ demand to have it be awarded .WEB (at a price substantially lower than the winning bid). Instead, as we urged, the IRP Panel determined that the ICANN Board should move forward with reviewing the objections made about .WEB, and to make a decision on delegation thereafter.
Afilias and its counsel both issued press releases claiming victory in an attempt to put a positive spin on the decision. In contrast to this public position, Afilias then quickly filed a 68-page application asking the Panel to reverse its decision. This application is, however, not permitted by the arbitration rules – which expressly prohibit such requests for “do overs.”
In addition to Afilias’ facially improper application, there is an even more serious instance of rule-breaking now described in a July 23 letter from Nu Dot Co (NDC) to ICANN. This letter sets out in considerable detail how Afilias engaged in prohibited conduct during the blackout period immediately before the .WEB auction in 2016, in violation of the auction rules. The letter shows how this rule violation is more than just a technicality; it was part of a broader scheme to rig the auction. The attachments to the letter shed light on how, during the blackout period, Afilias offered NDC money to stop ICANN’s public auction in favor of a private process – which would in turn deny the broader internet community the benefit of the proceeds of a public auction.
Afilias’ latest application to reverse the Panel’s decision, like its pre-auction misconduct 5 years ago, has only led to unnecessary delay of the delegation of .WEB. It is long past time for this multi-year campaign to come to an end. The Panel’s unanimous ruling makes clear that it strongly agrees.
The post Afilias’ Rule Violations Continue to Delay .WEB appeared first on Verisign Blog.
You open up your laptop and check the daily news. You see a headline stating that one of your favorite online retailers was breached and that thousands of their customers’ passwords were exposed. Data breaches like this frequently appear in the news, but many consumers don’t realize the implications these breaches have on their personal privacy. When data breaches occur, oftentimes billions of these hacked login credentials become available on the dark web, neatly packaged for criminals to download.1
Let’s dive into the differences between the deep web and the dark web, how cybercriminals use the dark web, and what you can do to protect your data.
You’ve probably heard of the deep and dark web but may not be aware of their differences.2 First, let’s start by noting that the dark web is always part of the deep web, but the deep web is not always the dark web.
The deep web refers to the pages on the internet that are not indexed in search engines, meaning that you can’t find them by performing a simple Google search. To access these pages, you have to know the exact address to the site and access it with specific software. Most personalized and password-protected sites appear on the deep web because they contain information that is not meant to be accessed by the general public. These sites include a user’s Netflix home page, password-protected sites for banking, and the internal sites of companies, organizations, and schools. These are all examples of legitimate areas of the deep web.
On the other hand, the dark web is the disreputable extension of the deep web. Like the deep web, the dark web also houses sites that are not indexed by search engines, but it also hides a user’s identity and location. It consists mostly of illegal products or content that could be harmful to organizations or the general public. Some examples include stolen credit card numbers, fake IDs, drugs, and hacking tools. To access the dark web, a user needs to download darknet software, the most popular being Tor.
Tor, which stands for “the onion routing project,” was developed by the U.S. Navy for the government in the mid-1990s. It was open-sourced in 2004, and that’s when it went public. Today, Tor is the dark web browser that the majority of people use to surf the internet anonymously. To do this, Tor hides a user’s IP address (or the unique address that identifies an internet-connected device or network) by bouncing their search request to multiple different locations. These bounces also referred to as relays, make it much harder for people to find users on the dark web.
Because of its ability to provide anonymity, the dark web is often tied to the world of cybercrime. Scammers frequently use the dark web to find software that allows them to access other people’s computers, banking credentials, Social Insurance Numbers, and credit card information. You may be wondering how all this private information ended up on the dark web in the first place. Oftentimes when a company is breached and their customers’ data is exposed, the hackers behind the breach will upload the stolen database to the dark web. This allows other cybercriminals to purchase the stolen information and use it to target users with other scams. Say that a criminal finds a database on the dark web that contains a bunch of personal email addresses. They can purchase the database and target every email address with a phishing campaign that contains malicious links that spread malware or attempt to trick users into handing over their username and password combinations.
Incorporating cybersecurity best practices into your daily life can help protect your data from hackers looking to take advantage of the data found on the dark web. Follow these tips to bring yourself greater peace of mind:
The chances of a hacker accessing your data are higher if you use the same credentials across different accounts. That’s why it’s important to use a strong, unique password for each of your online profiles. This minimizes the potential damage that could be done if a hacker does gain access to one of your accounts. You can also use a password manager with a built-in generator to make it easier for you to access and manage passwords. Enabling multi-factor authentication will also ensure that hackers cannot access your information using only your login credentials.
If you receive an email asking you to take immediate action, stop and think. Criminals often convey urgency in their phishing scams in the hopes that an unsuspecting user will click on a malicious link or hand over their personal details without considering the legitimacy of the message. Examine suspicious emails carefully to check for telltale signs of phishing, such as poor grammar, grainy logos, or bogus links. If an email claims to be from a well-known company or brand and asks for your credentials, claims that you need to update your password, or sends you a “free offer,” go directly to the source. Contact customer service through the company’s website (not the email) and inquire about the urgent request.
Be on the lookout for breach notices from relevant companies since they are often the first to know about a data breach impacting their online customers. Create news alerts for companies that have access to your information to stay notified of the latest events.
Additionally, create notifications for your bank and other financial accounts to monitor suspicious activity, such as unauthorized transactions or a drop in credit score. You will be better prepared to mitigate any cybersecurity threats with the right security software and knowledge of the latest risks.
Use a comprehensive security solution like McAfee Total Protection, which includes dark web monitoring for up to 10 email addresses. This software actively monitors the dark web for data breaches and exposed information. Personal details include but are not limited to your date of birth, email addresses, credit card numbers, and personal identification numbers. It also provides steps for remediation after a data breach to help you regain control and the integrity of your data and privacy. With a security solution like this in place, you can continue to live your connected life confidently.
The post What is the Dark Web? Everything You Need to Know appeared first on McAfee Blog.
The .web Independent Review Process (IRP) Panel issued a Final Decision six months ago, in May 2021. Immediately thereafter, the claimant, Afilias Domains No. 3 Limited (now a shell entity known as AltaNovo Domains Limited), filed an application seeking reconsideration of the Final Decision under Rule 33 of the arbitration rules. Rule 33 allows for the clarification of an ambiguous ruling and allows the Panel the opportunity to supplement its decision if it inadvertently failed to consider a claim or defense, but specifically does not permit wholesale reconsideration of a final decision. The problem for Afilias’ application, as we said at the time, was that it sought exactly that.
The Panel ruled on Afilias’ application on Dec. 21, 2021. In this latest ruling, the Panel not only rejected Afilias’ application in its entirety, but went further and sanctioned Afilias for having filed it in the first place. Quoting from the ruling:
In the opinion of the Panel, under the guise of seeking an additional decision, the Application is seeking reconsideration of core elements of the Final Decision. Likewise, under the guise of seeking interpretation, the Application is requesting additional declarations and advisory opinions on a number of questions, some of which had not been discussed in the proceedings leading to the Final Decision.
In such circumstances, the Panel cannot escape the conclusion that the Application is “frivolous” in the sense of it “having no sound basis (as in fact or law).” This finding suffices to entitle [ICANN] to the cost shifting decision it is seeking…the Panel hereby unanimously…Grants [ICANN’s] request that the Panel shift liability for the legal fees incurred by [ICANN] in connection with the Application, fixes at US $236,884.39 the amount of the legal fees to be reimbursed to [ICANN] by [Afilias]…and orders [Afilias] to pay this amount to [ICANN] within thirty (30) days….
In light of the Panel’s finding that Afililas’ Rule 33 application was so improper and frivolous as to be sanctionable, a serious question arises about the motives in filing it. Reading the history of the .web proceedings, one possible motivation is becoming more clear. The community will recall that, five years ago, Donuts (through its wholly-owned subsidiary Ruby Glen) failed in its bid to enjoin the .web auction when a federal court rejected false allegations that Nu Dot Co (NDC) had failed to disclose an ownership change. After the auction was conducted, Afilias then picked up the litigation baton from Donuts. Afilias’ IRP complaint demanded that the arbitration Panel nullify the auction results, and award .web to itself, thereby bypassing ICANN completely. In the May 2021 Final Decision the IRP Panel gave an unsurprising but firm “no” to Afilias’ request to supplant ICANN’s role, and instead directed ICANN’s Board to review the complaints about the conduct of the .web contention set members and then make a determination on delegation.
A result of this five-year battle has been to prevent ICANN from passing judgment on the .web situation. These proceedings have unsuccessfully sought to have courts and arbitrators stand in the shoes of ICANN, rather than letting ICANN discharge its mandated duty to determine what, if anything, should be done in response to the allegations regarding the pre-auction conduct of the contention set. This conduct includes Afilias’ own wrongdoing in violating the pre-auction communications blackout imposed in the Auction Rules. That misconduct is set forth in a July 23, 2021 letter by NDC to ICANN, since published by ICANN, containing written proof of Afilias’ violation of the auction rules. In its Dec. 21 ruling, the Panel made it unmistakably clear that it is ICANN – not a judge or a panel of arbitrators – who must first review all allegations of misconduct by the contention set, including the powerful evidence indicating that it is Afilias’ .web application, not NDC’s, that should be disqualified.
If Afilias’ motivation has been to avoid ICANN’s scrutiny of its own pre-auction misconduct, especially after exiting the registry business when it appears that its only significant asset is the .web application itself, then what we should expect to see next is for Afilias/AltaNovo to manufacture another delaying attack on the Final Decision. Perhaps this is why its litigation counsel has already written ICANN threatening to continue litigation “in all available fora whether within or outside of the United States of America.…”
It is long past time to put an end to this five-year campaign, which has interfered with ICANN’s duty to decide on the delegation of .web, harming the interests of the broader internet community. The new ruling obliges ICANN to take a decisive step in that direction.
The post IRP Panel Sanctions Afilias, Clears the Way for ICANN to Decide .web Disputes appeared first on Verisign Blog.
The internet has opened up wonderful new possibilities in our world, making life easier on many levels. You can pay your bills, schedule your next family vacation, and order groceries with the click of a button. While the internet offers many positive benefits, it also has some negatives. Although not entirely used for illicit purposes, the dark web is one part of the internet that can be used by criminals for illegal purposes, like selling stolen personal information.
But just what is the dark web? Basically, it’s a part of the internet that isn’t indexed by search engines. As an average internet user, you won’t come across the dark web since you need a special browser to access it. It’s certainly not something you need to stress about in your day-to-day browsing, and you shouldn’t let it scare you off the internet. Unless you actively seek it out, you’ll likely never have any contact with the dark web in your lifetime.
A better understanding of what the dark web is and the possible threats it contains can help you protect yourself, though. This guide provides the essential information you need, explaining the different levels of the web and revealing how you can stay safe. With this knowledge, you can continue to browse online with confidence. Find out more below.
The “dark web” refers to websites that aren’t indexed by search engines like Google and Bing. This might seem strange since most people want their websites to be found through specific searches. Practices like search engine optimization (SEO) are specifically implemented to help websites perform well and rank higher in search engine results.
So, why would someone not want their website to be picked up by a search engine? The primary purpose is to preserve privacy and anonymity. The individuals and organizations on the dark web often engage in illegal activities and want to keep their identities hidden — something that is difficult to do with an indexed website.
It’s important to note that the dark web should not be confused with the deep web, which is a part of the internet individuals access regularly. Although the terms are sometimes used interchangeably, they actually refer to different things. Deep web content — which isn’t picked up by search engines, either — includes pages that typically require additional credentials to access. Your online banking accounts and email accounts, for instance, are examples of deep web content.
The internet is home to billions of websites — an estimated 1.7 billion to be exact, although that number changes every day as new sites are made and others are deleted. Your daily internet activity likely falls within the publicly available and readily accessible portion of the internet (otherwise known as the surface web). However, there are additional “levels” of the internet beyond that top level. Read on to learn more.
The internet you use to search for more information is referred to as the surface web or open web. This is the readily visible part of the internet anyone can access with an internet connection and a normal web browser like Safari, Mozilla Firefox, or Google Chrome. Other terms for the surface web include the visible web, lightnet, or indexed web.
Examples of content you’ll find on the surface web include:
Basically, the sites you use daily — from your favorite news site to a local restaurant — are part of the surface web. What makes these websites part of the surface web is that they can be located via search queries and have recognizable endings like .com, .edu, .gov, or .org. You are able to find websites on the surface web because they are marked as “indexable,” meaning search engines can index and rank them. The sites are readily available on the search engine results pages (SERPs).
Interestingly, the surface web only makes up around 4% of the total internet, meaning the internet is a lot more than what you see on the surface. Think of it as an ocean — there’s the top layer of water you can see and then there’s the vast world beneath. The remainder of the internet is what’s below the surface.
The deep web refers to any page on the internet that isn’t indexed by search engines as described above. The deep web is the first level beneath the “surface” of the visible web — and it’s significantly larger than the surface web, accounting for an estimated 96% to 99% of the entire internet.
It’s important to note that just because this type of content isn’t on the surface doesn’t mean it’s nefarious or has ill intent. A lot of the time, this content isn’t indexed because it includes pages that are meant to be hidden to protect consumer privacy, such as those that require login credentials.
Here are some examples of content on the deep web:
Essentially, any webpage that requires a login is part of the deep web. That said, deep web content doesn’t necessarily have to fall into any of these categories. Any page that is non-indexable is technically also considered part of the deep web. It doesn’t have to require a login or contain sensitive data. Website creators and managers can mark pages as non-indexable if desired.
It’s worth noting that sometimes a single organization’s website will include elements of both the surface web and the deep web. Take a college or university website, for example. Most schools have a comprehensive website providing information about the school’s history, campus location, student body, available programs of study, extracurricular activities, and more.
However, many schools also have an intranet — sometimes linked from the main university page — that’s accessible only for students or staff. This is where students might sign up for classes and access their school email, for example. Since this is sensitive information and requires a unique login, it doesn’t need to be made publicly available via search engines.
In fact, it’s better in the interest of privacy that these pages aren’t readily visible. It helps to protect the user’s data. From this example, you can see that the “deep web” doesn’t have to be scary, illicit, or illegal. It serves a legitimate and useful purpose. You shouldn’t be afraid of the deep web. It’s further important to distinguish the deep web from the dark web — as the next section explains.
As mentioned, the deep web and the dark web sometimes get confused. However, they are distinct. Technically, the dark web is a niche or subsection within the deep web. It consists of websites that aren’t indexable and can’t be readily found online via web search engines. However, the dark web is a carefully concealed portion of the deep web that people go out of their way to keep hidden.
What makes the dark web distinct from the broader deep web is the fact that dark web content can only be accessed via a special browser. The Tor network is often used to access the dark web.
Additionally, the dark web has a unique registry operator and uses security tools like encryption and firewalls, further making it inaccessible via traditional web browsers. Plus, the dark web relies on randomized network infrastructure, creating virtual traffic tunnels. All of these technical details serve to promote anonymity and protect dark web users’ privacy.
The short answer is no, it’s not illegal to browse the dark web. In fact, there are instances where individuals can use it for good. Whistleblowers, for instance, can find the anonymity available through the dark web valuable when working with the FBI or another law enforcement organization.
That said, while it’s not illegal to browse the dark web, it’s also not completely void of criminal activity. Putting yourself in close proximity with illegal activities is rarely a good idea and could heighten your risk of being targeted by a criminal yourself. It’s often best to leave that part of the deep web alone.
There are also many technological threats on the dark web. Malicious software, also known as malware, is a critical concern and can affect unsuspecting users. Even simply browsing the dark web out of curiosity can expose you to such threats, like phishing malware or keyloggers. While an endpoint security program can identify such threats if they end up on your computer, it’s ideal to avoid them altogether.
Further, if you try to buy something on the dark web — even if it’s not illegal — there’s a chance you’ll be scammed. Dark web criminals use a variety of tricks to con people. For example, they may hold money in escrow but then shut down the e-commerce website and take off with the money. Due to the anonymous nature of the dark web, it’s very difficult for law enforcement to find such perpetrators.
Given its anonymous nature, the dark web clearly has an obvious appeal for cybercriminals. But just what do they use it for? The most obvious type of internet activity is the buying and selling of black market goods and services, from illegal drugs to illegal content. Cybercriminals may also run scams when selling such items, for example by taking a person’s money and not delivering the required product.
There are dark websites dedicated to the purchase and sale of illegal products or services (usually using untraceable cryptocurrencies like bitcoin) including:
Browsers like Tor, an open-source and free software, allow people to access dark websites where these goods are available, like a digital marketplace. These websites may look similar to any other surface or deep website you’d encounter. However, they differ in their domain suffix, ending in “.onion” instead of more obvious options like “.com” (Tor is actually short for The Onion Router, which is also where the term “onion routing” comes from — referring to anonymous communication on the dark web).
Onion sites often use scrambled names that make their URLs difficult to remember, minimizing the odds of being reported to authorities. It’s possible to search the dark web using specialized dark web search engines like Grams or link lists like The Hidden Wiki. However, these sources tend to be slow and unreliable, just like the dark web itself.
Some of this information can be extremely valuable on darknet forums. For example, while a Social Security number might go for $2, email credentials could sell for as much as $120,000. Hackers can make a lot of money and do so with less worry that they might get caught. Thanks to the Tor browser’s layers of encryption and IP scrambling, it’s difficult to track people down on this part of the web.
Again, although the dark web isn’t inherently bad, you should still be proactive in preventing your personal information from falling into the wrong hands. Here are a few ways you can help keep you and your family safe online:
The dark web might sound scary. The fact is, an everyday internet user like yourself likely won’t have any contact with this level of the internet. That said, it’s still important to take as many precautions as you can to keep your family and your technology safe.
McAfee provides everyday internet users with the tools they need to surf safely and confidently. Our award-winning antivirus software protects against threats like phishing, malware, and ransomware, and we also offer identity protection plans that come with a personalized Protection Score to check the health of your online information. Start browsing with confidence by using McAfee.
The post The Dark Web: A Definitive Guide appeared first on McAfee Blog.
While our tweens and tweens seem to grow into adults right before our eyes, their mobile usage matures into adulthood as well—and in many ways, we don’t see.
Girls and boys hit their mobile stride right about the same point in life, at age 15 where their mobile usage jumps significantly and reaches a level that they carry into adulthood, which is one of the several findings we uncovered in our global survey of parents, tweens, and teens this year.
So, what are tweens and teens up to on their mobile devices as they mature? And where do their parents fit in? We asked parents and kids alike. What we found gives us a look into the mobile lives of tweens and teens behind their lock screens.
For starters, parents and their kids alike say that their mobile device is the most important one in their life. Parents placed mobile in their top two with their mobile device or smartphone at 59% followed their computer or laptop at 42%. Tweens and teens put their mobile device or smartphone at the top of the list as well, yet at a decisive 74% worldwide, followed by their gaming console at 68%.
“Parents and their kids alike say that their mobile device is the most important thing in their life.”
Further, tweens and teens place a higher value on their smartphones to keep them connected with friends and family. Some 59% of parents said mobile was essential in this role, whereas tweens and teens put that figure at 64%. For parents, the runner-up device for keeping connected was the computer or laptop at 42%.
Yet quite interestingly, tweens and teens said their second-most important device for keeping connected with others is their gaming console, at 40%, perhaps indicating gaming’s role in creating and fostering friendships today. Of course, plenty of that gaming is happening on mobile as well, with half of all tweens and teens surveyed worldwide saying that they play games on their smartphones.
Broadly speaking, the activities kids do on their phones match up closely with what their parents think they’re doing on their phones. Yet there’s a fair share of secretive activity that happens within that.
Regarding general activity, parents and their tween- and teen-aged children worldwide see eye to eye when it comes to what parents think are their kids’ favorite activities on mobile are and what kids say they actually are:
However, and perhaps unsurprisingly, tweens and teens say they’ve kept some the things they’re watching, browsing, and streaming from their parents. When asked if they sometimes hide specific online activity from their parents, 59% of tweens and teens worldwide said they have done so in some form or other, including:
Worldwide, monitoring apps rank relatively low when it comes to parents keeping tabs on their children’s mobile usage. Use of parental controls software on smartphones came in at a 27% global average, with India (37%) and France (33%) leading the way, while Japan fell on the low end (12%).
Largely, parents appear to take up this work themselves, citing several other ways they take charge of their children’s time online:
Consistent with other research we recently gathered, families are relying on mobile more and more, yet this hasn’t seen an increase in mobile protection for the smartphones they count on.
Our research published in early 2011 found double-digit increases in mobile activities such as online banking, shopping, finances, and doctor visits, all of which can generate high-value data that are attractive to hackers and cybercriminals. Despite this newfound reliance on mobile, many smartphones worldwide remain unprotected. Children’s phones are less protected than their parents’ phones as well.
Taken together, these security lapses can lead to downloaded malware, data and identity theft, illicit crypto mining apps on the device, and other attacks that can put children and families at risk. For a deeper dive, you can view the full report.
Misconceptions about online protection may play a role in these lax measures. This survey found that 49% of parents think a new phone is more secure than a new computer, and 59% of tweens and teens thought the new phone was more secure—both denying the reality that smartphones, and the people using them, are subject to hacks and attacks just like with any other device that connects to the internet.
Amid this climate, more than 1/3 of families reported that a child in their household had been the victim of a financial information leak and 15% stated that there’d been an attempt to steal a child’s online account or identity. With smartphones providing children with a major onramp to the internet, it follows that stronger mobile security could help prevent such attacks from happening.
Protecting mobile devices and the family members who count on them takes on further importance when we consider that children in some nations rely heavily on their smartphones for online learning.
Although using mobile for online learning was relatively low globally at 23%, parents and children in three nations reported a high rate of attending classes and courses on mobile—with India at 54%, Mexico at 42%, and Brazil at 39%, once again posing the possibility that mobile offers many children the most reliable broadband connection required for such instruction. In other words, there are households where broadband comes by way of mobile, rather than a cable or fiber connection.
Meanwhile, other nations saw significantly lower figures for online learning on mobile, such as Germany at 7%, France at 8%, and Japan at 11%. The U.S., Canada, and the UK all reported rates of 17%.
“With smartphones providing children as a major onramp to the internet, it follows that stronger mobile security could prevent such attacks from happening”
Something we’ve yet to mention here is how much online shopping and banking kids are doing on their mobile devices. No question, tweens and teens are doing those things too at a global rate of 25% and 12% across all age groups respectively. Not surprisingly, those numbers climb as teens approach adulthood. This serves as a reminder that our children are maturing hand-in-hand with their smartphones, which asks a few things of us as parents as they grow and adjust to their mobile world.
As with all things parenting, there are moments of where you have a sense of what’s right for you and your child, yet you’re uncertain how to act on it. That’s definitely the case with smartphones and the internet in general. Despite having grown up alongside the internet over the course of our adult lives, we can still have plenty of questions. New ones. Old ones. Ones we weren’t even aware of until they cropped up.
With that, we’re glad you’re dropping by our blog. And you’re more than invited to visit whenever you can. A big focus of ours is providing you, as a parent, with resources that answer your questions, in addition to articles about online protection in general that simply make for good reading. Our aim is to help you think about what’s best for your family and give you some ideas about how you can see that through, particularly as our children grow in this mobile world of ours.
The post A Look Beyond Their Lock Screens: The Mobile Activity of Tweens and Teens appeared first on McAfee Blog.
Quick mental math challenge: How many Apple Watches can you buy with $118 billion dollars? If you guessed around 296 million watches congrats, you’re smarter than the writer of this blog! We had to use a calculator. The point is that’s the predicted size of the US wearable market by 2028 according to a recent report. That means for as much wearable tech as we have in our lives already, even more, is on the way.
If you own a piece of wearable tech it’s easy to understand why it’s so popular. After all, it can track our fitness, provide contextual help in daily life, and, in the case of hearing aids, even do cool things like sync with Bluetooth. As VR and AR gains a foothold who knows what other incredible tech might be headed our way by 2028? However wearable tech also comes with certain risks. The most prominent: cybercriminals potentially gaining access to your data.
The weakest link in the wearables space is your mobile phone, not the actual wearable device itself. That’s because wearables tend to link to your mobile device over a short-range wireless spectrum known as “Bluetooth.” This spectrum is used to send and receive data between your wearable device and your mobile. That makes your mobile a prime target for hackers.
Most commonly, hackers gain access to the data on your mobile through malware-laden apps. These apps are oftentimes designed to look like popular apps, but with enough differences that they don’t flag copyright suspicion.
Hackers can use these malicious apps to do a variety of things from making phone calls without your permission, sending and receiving texts, and extracting personal information—all potentially without your knowledge. They can also, with the help of your wearable, track your location through GPS and record any health issues you’ve entered into your wearable. The point is: once they have permissions to your mobile device, they have a lot of control and a lot of resources.
The hacker can then use this data to conduct varying forms of fraud. Need a special prescription from your doctor that happens to sell well on the black market? Well, so does the hacker. Going out for a jog in the morning? Good information for a burglar to know. These personal details just scratch the surface of information available for the taking on your mobile devices.
These types of threats aren’t limited to wearables, however. The Internet of Things—the phenomenon of devices connected to the Internet for analysis and optimization—encompasses all sorts of other electronic devices such as washing machines and refrigerators that can put your data at risk as well. But these life-changing devices can be secured through education and industry standards. Two things we’re working on day and night.
Of course, securing the weakest link in your wearables environment, your phone will go a long way towards keeping your data safe. But what happens when your computer, where you store backups of your smartphone, is compromised too? We’ve got you covered with McAfee LiveSafe service, our comprehensive security solution that provides protection for your entire online life.
The post The Wearable Future Is Hackable. Here’s What You Need To Know appeared first on McAfee Blog.
Well that was an unusual ending. Both my mouse and keyboard decided to drop off right at the end of this week's video and without any control whatsoever, there was no way to end the live stream! Wired devices from kids borrowed, I eventually got back control and later discovered that all things Bluetooth had suddenly decided to die without any warning whatsoever. I certainly wasn't updating drivers mid-live stream or anything like that so... 🤷♂️
Anyway, other than that it's business as usual this week, enjoy!
Didn't get a lot done this week, unless you count scuba diving, snorkelling, spear fishing and laying around on tropical sand cays 😎 This week is predominantly about the time we just spent up on the Great Barrier Reef which has very little relevance to infosec, IoT, 3D printing and the other usual topics. But as I refer to in the guitar lessons blog post referenced below, I share what I do pretty transparently and organically and this week, that's what I want to talk about. So, either enjoy it or skip it until next week when I'll back to business as usual 😊
It's back to business as usual with more data breaches, more poor handling of them and more IoT pain. I think on all those fronts there's a part of me that just likes the challenge and the opportunity to fix a broken thing. Or maybe I'm just a sucker for punishment, I don't know, but either way it's kept me entertained and given me plenty of new material for this week's video 😊
A short one this week as the previous 7 days disappeared with AusCERT and other commitments. Geez it was nice to not only be back at an event, but out there socialising and attending all the related things that tend to go along with it. I'll leave you with this tweet which was a bit of a highlight for me, having Ari alongside me at the event and watching his enthusiasm being part of the industry I love 😊
At #AusCERT with Ari for “take your son to work” day 🙂
— Troy Hunt (@troyhunt) May 12, 2022
I’m up next on stream 2 at 14:45 talking about Pwned Passwords, the FBI, the NCA and giving the whole thing over to the community, come say hi! https://t.co/PqSgb1AjMS pic.twitter.com/Z88xIrrHYW
Like most things in life, online privacy is a 2-way street. As consumers, we expect the companies we deal with online to manage and safeguard our data to a super professional level however we also have a role to play here too. So, this Privacy Awareness Week (PAW), let’s focus on what we can do to ensure our personal information is kept as secure, and private as possible.
There’s nothing like a dedicated ‘week’ to renew our focus and in my opinion, this year’s PAW does just that. This year’s theme is – The Foundation of Trust – we all have a role to play, a great reminder of how it’s up to all of us to ensure we manage online privacy. There’s no doubt that managing our privacy is low on the to-do list for many. And I get it – we’re all strapped for time, and we don’t ever think privacy breaches will affect us. Well, my friends, I’m here to tell you that privacy breaches do happen. Identity theft is a reality of living life online. In fact, in 2020/21, nearly 155,000 Aussies had their identities stolen and they were the cases that were reported. But the good news is that if you take a proactive approach, you can minimise the risk of this ever happening.
Believe it or not, most of your privacy action plan involves small steps that are, I promise, relatively painless. The most important thing here is that you need to commit to doing them. The last thing you want is to spend months dealing with the fallout from having your identity stolen. It’s exhausting, stressful, and absolutely worth avoiding.
Without further ado, here’s your action plan:
Strong and complex passwords are essential to keeping your online information tight. Ideally, a password should have between 8-10 characters and be a combination of letters – both lower and uppercase, numbers and symbols. Each online account should also have its own password too – which is a very overwhelming concept! Consider using a password manager such as McAfee’s TrueKey to help generate and manage passwords.
Ensure all the family checks their social media accounts to ensure they are set to private. This will mean that only their chosen friends can see their private information. Each social media platform will have its own ‘help’ page which provides specific steps on how to do this.
If you are serious about your online privacy, then you need to use public Wi-Fi sparingly. Unsecured public Wi-Fi is a very risky business. Anything you share could easily find its way into the hands of cybercriminals. So, avoid sharing any sensitive or personal information while using public Wi-Fi. If you travel regularly, consider investing in a VPN. A VPN (Virtual Private Network) encrypts your activity which means your login details and other sensitive information is protected. A great insurance policy!
Adding an additional layer of security to protect yourself when accessing your online accounts is another great way of guarding your online privacy. Turn on two-factor authentication for Google, Dropbox, Facebook and whatever other site offers it. For those new to this option, this means that in addition to your password, you will need to provide another form of identification to ensure you are who you say you are. Most commonly, this is a code sent to your mobile phone or generated by a smartphone app.
Most web surfers rely on Google for their searching but why not use a search engine that doesn’t collect and store the information? And there are loads of more ‘privacy focussed’ options to choose from. Check out DuckDuckGo, that doesn’t profile users or track or sell your information to third parties.
Comprehensive security protection software is an easy way to help firm up your online privacy too as it does a great job of keeping malicious software (malware) at bay. Malware can wreak absolute havoc: from installing pop ups to scanning for personal information. And if you’re likely to click dodgy links (we’re all human after all), then this is a no brainer! Super-duper security software will also guard you against viruses and online threats, direct you away from risky websites and dangerous downloads and protect your smartphones and tablets too, it can also back up your files. McAfee’s LiveSafe protection software comes with a 100% guarantee to protect you against viruses.
So, this Privacy Awareness week, please take the time to ensure you are doing all you can to nail your online privacy. And of course, please get your kids involved too. Do your research and find some stories of ‘real life’ people who have had their identity stolen to share around the dinner table because identity theft can absolutely happen to anyone!
Till next time,
Stay Safe!
Alex
The post Are You Playing A Role In Protecting Your Online Privacy? appeared first on McAfee Blog.
Data breaches, 3D printing and passwords - just the usual variety of things this week. More specifically, that really cool Pwned Passwords downloader that I know a bunch of people have been waiting on, and now we've finally released. It hits the existing k-anonymity API over 1 million times and that API is already going on 2 billion requests a month so I'm kinda curious to see what happens if everyone starts running the downloader at the same time... 🤔
So I basically spent my whole day yesterday playing with Ubiquiti gear and live-tweeting the experience 😊 This was an unapologetically geeky pleasure and it pretty much dominates this week's video but hey, it's a fun topic. Still, there's a bunch of data breach stuff up front and as I write this, 25M more records courtesy of the MGM breach are making their way up into HIBP. Get ready for a bunch of notification emails going out on that one. Here's this week's video:
Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia.
The Costa Rican publication CRprensa.com reports that affected systems at the Costa Rican Social Security Fund (CCSS) were taken offline on the morning of May 31, but that the extent of the breach was still unclear. The CCSS is responsible for Costa Rica’s public health sector, and worker and employer contributions are mandated by law.
A hand-written sign posted outside a public health center in Costa Rica today explained that all systems are down until further notice (thanks to @Xyb3rb3nd3r for sharing this photo).
A hand-written notice posted outside a public health clinic today in Costa Rica warned of system outages due to a cyberattack on the nation’s healthcare systems. The message reads: “Dear Users: We would like to inform you that due a problem related to the information systems of the institution, we are unable to expend any medicine prescriptions today until further notice. Thank you for your understanding- The pharmacy.”
Esteban Jimenez, founder of the Costa Rican cybersecurity consultancy ATTI Cyber, told KrebsOnSecurity the CCSS suffered a cyber attack that compromised the Unique Digital Medical File (EDUS) and the National Prescriptions System for the public pharmacies, and as a result medical centers have turned to paper forms and manual contingencies.
“Many smaller health centers located in rural areas have been forced to close due to not having the required equipment or communication with their respective central health areas and the National Retirement Fund (IVM) was completely blocked,” Jimenez said. “Taking into account that salaries of around fifty thousand employees and deposits for retired citizens were due today, so now the payments are in danger.”
Jimenez said the head of the CCSS has addressed the local media, confirming that the Hive ransomware was deployed on at least 30 out of 1,500 government servers, and that any estimation of time to recovery remains unknown. He added that many printers within the government agency this morning began churning out copies of the Hive ransom note.
Printers at the Costa Rican government health ministry went crazy this morning after the Hive ransomware group attacked. Image: Esteban Jimenez.
“HIVE has not yet released their ransom fee but attacks are expected to follow, other organizations are trying to get a hold on the emergency declaration to obtain additional funds to purchase new pieces of infrastructure, improve their backup structure amongst others,” Jimenez said.
A copy of the ransom note left behind by the intruders and subsequently uploaded to Virustotal.com indicates the CCSS intrusion was the work of Hive, which typically demands payment for a digital key needed to unlock files and servers compromised by the group’s ransomware.
A HIVE ransomware chat page for a specific victim (redacted).
On May 8, President Chaves used his first day in office to declare a national state of emergency after the Conti ransomware group threatened to publish gigabytes of sensitive data stolen from Costa Rica’s Ministry of Finance and other government agencies. Conti initially demanded $10 million, and later doubled the amount when Costa Rica refused to pay. On May 20, Conti leaked more than 670 gigabytes of data taken from Costa Rican government servers.
As CyberScoop reported on May 17, Chaves told local media he believed that collaborators within Costa Rica were helping Conti extort the government. Chaves offered no information to support this claim, but the timeline of Conti’s descent on Costa Rica is worth examining.
Most of Conti’s public communications about the Costa Rica attack have very clearly assigned credit for the intrusion to an individual or group calling itself “unc1756.” In March 2022, a new user by the same name registered on the Russian language crime forum Exploit.
A message Conti posted to its dark web blog on May 20.
On the evening of April 18, Costa Rica’s Ministry of Finance disclosed the Conti intrusion via Twitter. Earlier that same day, the user unc1756 posted a help wanted ad on Exploit saying they were looking to buy access to “special networks” in Costa Rica.
“By special networks I mean something like Haciendas,” unc1756 wrote on Exploit. Costa Rica’s Ministry of Finance is known in Spanish as the “Ministerio Hacienda de Costa Rica.” Unc1756 said they would pay $USD 500 or more for such access, and would work only with Russian-speaking people.
Experts say there are clues to suggest Conti and Hive are working together in their attacks on Costa Rica, and that the intrusions are tied to a rebranding effort by Conti. Shortly after Russia invaded Ukraine at the end of February, Conti declared its full support, aligning itself directly with Russia and against anyone who would stand against the motherland.
Conti’s threatening message this week regarding international interference in Ukraine.
Conti quickly deleted the declaration from its website, but the damage had already been done, and any favor or esteem that Conti had earned among the Ukrainian cybercriminal underground effectively evaporated overnight.
Shortly thereafter, a Ukrainian security expert leaked many months worth of internal chat records between Conti personnel as they plotted and executed attacks against hundreds of victim organizations. Those candid messages exposed what it’s like to work for Conti, how they undermined the security of their targets, as well as how the group’s leaders strategized for the upper hand in ransom negotiations.
But Conti’s declaration of solidarity with the Kremlin also made it increasingly ineffective as an instrument of financial extortion. According to cyber intelligence firm ADVIntel, Conti’s alliance with the Russian state soon left it largely unable to receive ransom payments because victim companies are being advised that paying a Conti ransom demand could mean violating U.S. economic sanctions on Russia.
“Conti as a brand became associated with the Russian state — a state that is currently undergoing extreme sanctions,” ADVIntel wrote in a lengthy analysis (PDF). “In the eyes of the state, each ransom payment going to Conti may have potentially gone to an individual under sanction, turning simple data extortion into a violation of OFAC regulation and sanction policies against Russia.”
Conti is by far the most aggressive and profitable ransomware group in operation today. Image: Chainalysis
ADVIntel says it first learned of Conti’s intrusion into Costa Rican government systems on April 14, and that it has seen internal Conti communications indicating that getting paid in the Costa Rica attack was not the goal.
Rather, ADVIntel argues, Conti was simply using it as a way to appear publicly that it was still operating as the world’s most lucrative ransomware collective, when in reality the core Conti leadership was busy dismantling the crime group and folding themselves and top affiliates into other ransomware groups that are already on friendly terms with Conti.
“The only goal Conti had wanted to meet with this final attack was to use the platform as a tool of publicity, performing their own death and subsequent rebirth in the most plausible way it could have been conceived,” ADVIntel concluded.
ADVIntel says Conti’s leaders and core affiliates are dispersing to several Conti-loyal crime collectives that use either ransomware lockers or strictly engage in data theft for ransom, including AlphV/BlackCat, AvosLocker, BlackByte, HelloKitty, Hive, and Karakurt.
Still, Hive appears to be perhaps the biggest beneficiary of any attrition from Conti: Twice over the past week, both Conti and Hive claimed responsibility for hacking the same companies. When the discrepancy was called out on Twitter, Hive updated its website to claim it was not affiliated with Conti.
Conti and Hive’s Costa Rican exploits mark the latest in a string of recent cyberattacks against government targets across Latin America. Around the same time it hacked Costa Rica in April, Conti announced it had hacked Peru’s National Directorate of Intelligence, threatening to publish sensitive stolen data if the government did not pay a ransom.
But Conti and Hive are not alone in targeting Latin American victims of late. According to data gathered from the victim shaming blogs maintained by multiple ransomware groups, over the past 90 days ransom actors have hacked and sought to extort 15 government agencies in Brazil, nine in Argentina, six in Colombia, four in Ecuador and three in Chile.
A recent report (PDF) by the Inter-American Development Bank suggests many Latin American countries lack the technical expertise or cybercrime laws to deal with today’s threats and threat actors.
“This study shows that the Latin American and Caribbean (LAC) region is not sufficiently prepared to handle cyberattacks,” the IADB document explains. “Only 7 of the 32 countries studied have a critical infrastructure protection plan, while 20 have established cybersecurity incident response teams, often called CERTs or CSIRTs. This limits their ability to identify and respond to attacks.”
A 14-year-old shares his thoughts about technology and the potential privacy and security implications of the internet
The post Talking to children about the internet: A kid’s perspective appeared first on WeLiveSecurity
FreshRSS 