Cybercriminals Resort to Shady Ad Practices that Rip Off Users

The Hacker News published a report on using malicious ad practices on mobile devices.

Shady ad practices have become a significant source of threats for many mobile devices. Apart from being used as a channel to distribute malware, the attack vector is seeing a potential role in technical support scams using browser locking web pages, and for the propagation of fleeceware apps.

Read further

 


Switching to Signal? Turn on these settings now for greater privacy and security

ZDNet in view of the great migration to Signal gives some valuable advise on how to improve its privacy.

Many people are making the switch from WhatsApp to Signal. Many are switching because of the increased privacy and security that Signal offers.

But with a few simple tweaks, did you know that you can make Signal even more secure?

There are a few settings I suggest you enable. There are some cosmetic differences between the iOS and Android versions of Signal, but these tips apply to both platforms.

Read further on ZDNet


Christmas Fraud or How to Defend Your Money and Business During Sales Time and After

Black Friday is behind with all new online sales and cybercrime records (thanks to COVID-19). The Christmas time has come and new sales seasons are to come so there is no good time to forget about cybersecurity risks of every holiday season. Below are some recommendations from Trilight experts.

If you are a buyer, think twice before trusting e-mails and websites during your deals. While millions of buyers go to online shops for pleasant emotions hackers search for confidential personal and financial data.

A popular fraud scheme is based on phishing letters are messages faking well known online brands and online sellers. Take some simple proactive steps to avoid a catch like this:

1. Before trusting the email which you seem to have received from your favourite retail brands or online platforms, make sure you've read its contents attentively. Unusual grammatical or spelling mistakes make a first hint. A good example here are numerous phishing sites gone online during recent Amazon sales on Prime Day. Study sender's email to find more proofs to your suspicions.

2. Do not succumb to temptation of downloading special holiday seasonal subscription or promo codes from suspicious letter. And, of course, never follow the links from such messages. Fraud phishing messages might contain malware or links to wrong URL-addresses which will download to your device zero day malwares or extortion software putting financial and private data at serious risk.

3. If you are not sure about specific messages, try to correlate link in email address with the target link address by pointing to it. If they lead to different addresses, you may inform your Internet access or security service provider of this email to put an end to spreading potential vulnerability among online buyers.

4. And last but not least. Be careful entering URL-addresses manually. One error and you get to erroneous domain with misprint (similar, yet fake URL-address is often a phishing site). To avoid such risks, think about password manager. They are not only a good line of defense from weak passwords, but they also will not be fooled by malicious URL-addresses often overlooked by human eye prone to errors.For sellers: keep your security systems active, duly protected and compatible with PCI DSS.

As we mentioned above not only buyers can become victims of cybercrimes. Below are the action points for sellers to increase their cybercrime resilience.

1. Start with the security training to introduce latest phishing attacks to your team, including data types hunted for by cybercriminals, as well as cunning fraud emails. Give your team a simple way to inform your cybersecurity personnel of such suspicious emails or similar activities.

2. If you plan to keep your physical shops running, make sure all operating systems used at your points of sale have latest security updates. Consider additional security measures such as effective defense against malwares, NGFW, server protection and encryption to protect critically important systems of your retail network. Network segmentation will also help create limited and isolated zones managed with more refined access control.

3. If your retail business uses cloud applications and you have an extended multisite network of branches, franchise and delivery partners then zero trust philosophy becomes critically important. Basic principle is to trust nothing and check everything. It will help establish reliable access to distributed retail network with higher privacy of card holders.

4. Go through mandatory audit to make sure your existing cybersecurity system meets PCI DSS recommendations.

If your retail business does not have sufficient internal experience with cybersecurity or your IT team is not big enough then it is a good reason to engage a cybersecurity partner which will establish continuous monitoring and protection of your retail network, online system etc. from suspicious activities.


Microsoft says it identified 40+ victims of the SolarWinds hack

The Security Magazine reports on notorious SolarWinds disaster.

Microsoft said it identified more than 40 of its customers that installed trojanized versions of the SolarWinds Orion platform and where hackers escalated intrusions with additional, second-stage payloads.

The OS maker said it was able to discover these intrusions using data collected by Microsoft Defender antivirus product, a free antivirus product built into all Windows installations.

Read more on the Security Magazine


Phishing campaign spoofs Microsoft domain. Is lack of DMARC enforcement to blame?

SCMagazine reported on phishing campaign involving Microsoft domain.

An email security company says its researchers observed a spear phishing campaign that exactly spoofed a Microsoft email domain to trick Office 365 users. This suggests Microsoft's servers were not enforcing protective DMARC authentication protocols when communications were received and perhaps still are not.

The campaign, according to a blog post published by the company Ironscales, uses a lure that suggests the recipient has important email messages that have been quarantined, and must click a link to salvage them. The phishing email reportedly alludes to a hosted email security feature that Microsoft introduced last September as a way to salvage emails that are wrongly labeled as spam, or phishes by the company's Exchange Online Protection filtering service.

Read further on the SCMagazine


TrickBot Malware Gets UEFI/BIOS Bootkit Feature to Remain Undetected

The Hacker News reports on the features of TrickBot, one of the most notorious and adaptable malware botnets in the world.

The new functionality, dubbed "TrickBoot" by Advanced Intelligence (AdvIntel) and Eclypsium, makes use of readily available tools to check devices for well-known vulnerabilities that can allow attackers to inject malicious code in the UEFI/BIOS firmware of a device, granting the attackers an effective mechanism of persistent malware storage.

"This marks a significant step in the evolution of TrickBot as UEFI level implants are the deepest, most powerful, and stealthy form of bootkits," the researchers said.

Read further on The Hacker News


Google Rolls Out End-to-End Encryption for Android Messages

The Security Magazine dwell on Google finally introducing E2EE for its Message platform.

Google has finally announced that end-to-end encryption (E2EE) will begin rolling out on its Messages platform, bringing it in line with rivals WhatsApp and iMessage in the security stakes.

Messages by Google is built on the open Rich Communication Services (RCS) standard to offer improvements over legacy SMS such as anti-spam, launching of video calls direct from conversations, Smart Reply and more

Read further on the Security Magazine

 


UN and Europol Warn of Growing AI Cyber-Threat

InfoSecurity Magazine published a report on growing threat of AI cybercrime

Cyber-criminals are just getting started with their malicious targeting and abuse of artificial intelligence (AI), according to a new report from Europol and the UN.

Compiled with help from Trend Micro, the Malicious Uses and Abuses of Artificial Intelligence report predicts AI will in the future be used as both attack vector and attack surface.

Read more on the InfoSecurity Magazine


ThreatList: Pharma Mobile Phishing Attacks Turn to Malware

As companies fight for leadership in developing COVID-10 vaccine, cybercriminals do not rest as well...

After the breakout of the COVID-19 pandemic, mobile phishing attacks targeting pharmaceutical companies have shifted their focus from credential theft to malware delivery.

As pharmaceutical companies such as Pfizer race to develop a vaccine for COVID-19, mobile phishing gangs are swapping up their tactics in hopes to get their hands on critical research.

Read further on the Threat Post


Deception Technology: No Longer Only A Fortune 2000 Solution

The Hacker News reported on the latest developments in deception technology which made it more affordable.

A cyber-attacker successfully breaks into your environment and begins sneaking around to find something valuable - intellectual property, bank account credentials, company plans, whatever. The attacker makes his way to a certain host on a network node to browse the directories, and suddenly, his connection is cut off. The stolen username and password he acquired no longer works.

Unknowingly, the attacker triggered a well-concealed trap that detected his presence, took immediate action to sever his connection, and then blocked his reconnect ability. Very cool.

Read more on The Hacker News