Tag Archive for: Avoid

I’m a cyber-security expert – this is how I live to avoid getting hacked

/in


Jake Moore could hack into your WhatsApp account in just a few clicks. He isn’t a scammer, but he knows how they operate. He has been a cybercrime expert for 13 years and, as the former Police Head of Digital Forensics, he has seen most of the tricks. These days though, the tricks are becoming increasingly advanced.

According to data from the accounting firm BDO, the amount of online fraud committed in the UK more than doubled in 2023, costing £2.3 billion. UK Finance reported that romance scams and ID theft are among the fastest-growing categories with a total of 1.4m cases recorded.

William Wragg, a senior Conservative MP, recently fell victim to a targeted online scam. He admitted to handing over the personal phone numbers of colleagues, after being blackmailed by someone on the dating app Grindr.

Moore advises companies on how to avoid these sorts of ever-changing security risks. It starts with simple, daily habits. “I find it interesting that the more I talk to people about basic cybersecurity, the more I realise that people either don’t know about it, or they just put it off,” says Moore. “It’s like doing your insurance. It is a bit boring.”

But by putting off these easy, everyday steps, phone users are at increasing risk of alarmingly complex scams, from fake calls by AI voice software to webcam hacking. The secret to safety is consistency: “It’s all about that balance between security and convenience.”

Here, Moore shares what he does regularly to make sure his personal life is safe from fraud, and online blackmail.

I never send texts

Moore would never send an SMS text; not even an iMessage. These are too vulnerable to hacking, as they can be intercepted by third-party software. “WhatsApp offers end-to-end encryption, which is an absolute must. It means that the communication cannot be intercepted by anyone, even Meta, which owns WhatsApp,” he says.

Read Next

I tried the Danish art of doing nothing and realised how much of life passes me by

If a hacker can type into your texts, they can steal personal information needed to commit fraud.

“Going one step further. You can use platforms such as Signal. Everyone that I speak to in cybersecurity will use Signal for messaging as it is extremely privacy-focused,” says Moore. Both…

Source…

This sneaky Android malware has an all-new way to avoid being detected

/in


Cybersecurity researchers have found a new version of a well-known Android banking trojan malware which sports quite a creative method of hiding in plain sight.

PixPirate targets mostly Brazilian consumers with accounts on the Pix instant payment platform, which allegedly counts more than 140 million customers, and services transactions north of $250 billion.

The campaign’s goal was to divert the cash to attacker-owned accounts. Usually, banking trojans on Android would try to hide by changing their app icons and names. Often, the trojans would assume the “settings” icon, or something similar, tricking the victims into looking elsewhere, or simply into being too afraid to remove the app from their device. PixPirate, on the other hand, gets rid of all of that by not having an icon in the first place.

Running the malware

The big caveat here is that without the icon, the victims cannot launch the trojan, so that crucial part of the equation is left to the attackers.

The campaign consists of two apps – the dropper, and the “droppee”. The dropper is being distributed on third-party stores, shady websites, and via social media channels, and is designed to deliver the final payload – droppee – and to run it (after asking for Accessibility and other permissions).

Droppee, which is PixPirate’s filename, exports a service to which other apps can connect to. The dropper connects to that service, allowing it to run the trojan. Even after removing the dropper, the malware can still run on its own, on certain triggers (for example, on boot, on network change, or on other system events).

The entire process, from harvesting user credentials, to initiating money transfer, is automated, and done in the background without the victim’s knowledge or consent. The only thing standing in the way, the researchers claim, are Accessibility Service permissions.

It is also worth mentioning that this method only works on older versions of Android, up to Pie (9).

Via BleepingComputer

More from TechRadar Pro

Source…

Vigilance needed to avoid the hacking

/in


A few days ago, I got an email from my doctor’s office, reminding me of a coming appointment.

The email encouraged me to check in electronically – complete with a delusory enticement to “avoid the wait.”

The doctor’s office, or rather the health care behemoth that owns the doctor’s office, encouraged me to fill out a full health questionnaire on its “user-friendly” portal. It would like me to pay for services that way, too, because nobody wants the fuss of human interchange or the hoary drill of a personal check, a clear indication of AARP membership.

I’ve become deeply suspicious of these electronic portals, and not just because I’m uncomfortable answering questions about how many sex partners I’ve had. (A response to which I lose either way).

Despite their declarations of defending a patient’s privacy with their last breath, hospital systems seem scandalously easy to hack, putting patient lives and financial security at risk.

The number of U.S. hospital systems known to have been hit by ransomware in 2023 doubled from 2022, cybersecurity firm Emsisoft reported. One of them was a shattering breach of Prospect Medical Holdings, owner of Waterbury Hospital, which paralyzed the hospitals’ operations for nearly six weeks. Full extent of the damage may never be fully known, but we already know that 110,000 Connecticut residents and 24,000 employees of the California-based hospital chain may have had some of their personal information, including Social Security numbers, compromised.

More than 6 million Americans had their medical data stolen or exposed in more than 400 cyberattacks, the U.S. Department of Health and Human Services reported last year. Increasingly, the perpetrators are not rogue hackers in suburban basements but organized criminal gangs and foreign agents.

And my doctor’s office wants me to pay online?

C’mon. I may still use stamps, but I’m no dupe.

Last year, the president of the American Hospital Association said the record number of hacks of hospitals was putting patients at risk. It already has. A state Department of Public Health investigation into Waterbury Hospital found numerous deficiencies and violations over the…

Source…

Can CRI members really avoid paying ransomware ransoms?

/in


  • The International Counter Ransomware Initiative met this week and outlined how its members would combat the growing threat of cybercrime.
  • Among the commitments was a recommendation for CRI members not to pay ransoms.
  • This will be accomplished through training and knowledge sharing among the CRI members.

Ransomware has the ability to entirely upend a business and without proper disaster recovery, a business could be forced to cough up and pay the ransom attackers demand.

This week, 50 members of the International Counter Ransomware Initiative (CRI) met in Washington, D.C for the third convening of the initiative. South Africa is a member of this group. During this meeting the group outlined the development of capabilities to disrupt attackers and the infrastructure they use to conduct said attacks.

There are some great suggestions here such as mentoring and training new CRI members, using artificial intelligence to counter ransomware and even share information about attacks between CRI members.

In addition, there was mention of adopting a policy where governments who are members of the CRI declare that they won’t pay ransoms.

“Through the Policy Pillar, CRI members affirmed the importance of strong and aligned messaging discouraging paying ransomware demands and leading by example. CRI members endorsed a statement that relevant institutions under our national government authority should not pay ransomware extortion demands. CRI members intend to implement the Financial Action Task Force (FATF)’s Recommendation 15 on the regulation of virtual assets and related service providers, which would help stem the illicit flow of funds and disrupt the ransomware payment ecosystem,” reads a briefing published by The White House.

This sounds great but the fact of the matter is that many companies still pay ransoms. In its The State of Ransomware 2023 report, Sophos found that 46 percent of the 3 000 IT and cybersecurity leaders surveyed reported that ransomware ransoms were being paid.

While not paying a ransom is regarded as best practice in the cybersecurity space, as we mentioned, if there aren’t proper backups of data, disaster response and…

Source…