Tag Archive for: Error

Human Error is Biggest Cybersecurity Threat, CTOs Say

/in


Almost two-thirds (59%) of CTOs believe that human error is the biggest cybersecurity threat facing their organisation today, according to research from IT consulting company STX Next.

Human error, which can range from downloading a malware-infected attachment to failing to use a strong password, was found to be the more threatening than the potential of both ransomware (48%) and phishing (40%) attacks. With the workforce representing organisations’ biggest attack surface, human error has previously been reported to account for as many as 95% of all cybersecurity breaches.

In response to these threats, CTOs are deploying a range of tactics in order to protect their teams and wider organisation, and are taking advantage of the many solutions on the market. Multi-factor authentication, which has taken off in recent years, has been adopted by 94% of companies, 91% are using identity access management technology (IAM), 58% are using security information and event management (SIEM) technology and 86% are using single sign-on (SSO) solutions.

Security is among main challenges for CTOs

The findings were taken from STX Next’s 2023 Global CTO Survey, which surveyed 500 global CTOs about the biggest challenges facing their organisation. 

Other key findings from the research included:

  • A quarter (24%) of CTOs said that security was their biggest challenge across the organisation, the fourth most popular response.
  • Despite the growing threat of attack, just less than half (49%) of companies surveyed said that they currently have a cyber insurance policy in place, while 59% of businesses have implemented a ransomware protection solution.
  • In-house security teams are still in the minority: just 36% of companies have a dedicated team or department providing security services, whereas 53% of companies are using the services of external specialised companies for security.

“The data from this year’s survey indicates that employees are still the weakest point of company security,” comments Krzysztof Olejniczak, CISO at STX Next. “Despite deployment of comprehensive technology, poor implementation, substandard support processes or lack of governance can render these efforts useless. In…

Source…

How hackers fake”404” error page to steal sensitive data

/in


Hackers are faking 404 error pages of online retailer’s websites to hide malicious codes and steal customer’s credit card information. 

Hackers are faking 404 error pages of online retailer’s websites to hide malicious codes and steal customer’s credit card information. 
| Photo Credit: Reuters

Hackers are faking 404 error pages of online retailer’s websites to hide malicious codes and steal customer’s credit card information. These attacks are part of a variant observed by researchers of Akamai Security Intelligence Group. Other attacks methods include concealing code in the HTML image tag’s “onerror” and an image binary to make it appear as the Meta Pixel code snippet, Bleeping Computer reported.

While the campaign is mainly targeted at Magento and WooCommerce sites, hackers are also targeting renowned organizations in the food and retail sectors, the report said.

Analysis by security researchers found that the hackers behind the campaign have altered the default error page for websites to hide malicious code. The code displays a fake form that the website visitors are expected to fill out with sensitive details including their credit card number, expiration data, and security code.

Once victims share the data on the bogus form, they get a fake “session timeout” error. Meanwhile, the information shared by them is sent to the hacker via an image request URL carrying the string as a query parameter. This helps the attackers evade detection by network monitoring tools, as the request looks like a benign image fetch event.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

While hackers have targeted online stores in the past to steal sensitive user information, the idea of manipulating error pages and the concealment technique is “highly innovative” and something that hasn’t been seen in the past, read Akamai’s report.

The report further along with the methods used in the campaign reinforces the fact that web skimming techniques are constantly evolving, and are becoming more sophisticated, which makes detection and mitigation more complicated.

Source…

How to Fix a “Security policy prevents use of Camera” Android Error

/in


Getting a “Security policy prevents use of Camera” error while trying to use your Android phone’s Camera app? You might have disabled a sensor option on your phone, or your app might be acting up. Here are a few ways to resolve your issue, so you can get back to capturing beautiful pictures.

While there are various reasons your Camera app displays the above error, the most common ones are that your phone has a minor bug, the Camera app’s cache is corrupt, or the settings are faulty, you have a malicious app installed on your phone, your phone’s system settings are incorrect, and more.

Activate the Sensors on Your Samsung or Another Android Phone

One reason you can’t use your Android phone’s Camera app and get an error message is that you’ve disabled your phone’s various sensors. Some phones offer this option in the Quick Settings menu, and you or someone else may have toggled the option to disable the sensors.

You can fix that by ensuring your sensors are turned on.

Activate the Sensors on Your Android Phone from Quick Settings

  1. Pull down twice from the top of your phone’s screen.
  2. Tap Sensors Off to activate your phone’s sensors.

Activate the Sensors on Your Android Phone from Settings

If you don’t see the Sensors Off option in Quick Settings, enable the option in your phone’s settings menu as follows:

  1. Open Settings on your Android phone.
  2. Select About phone > Software information in Settings and tap Build number seven times. This will unlock the Developer options menu.
  3. Head back to Settings’ main screen and choose Developer options > Quick settings developer tiles.
  4. Turn on the Sensors Off option.
  1. Pull down twice from the top of your phone’s screen and choose Sensors Off.

After activating your phone’s sensors, launch the Camera app and see if the app works.

Reboot Your Samsung Phone or Another Android Phone

Android’s minor system problems can cause your Camera app not to work. In this situation, you can resolve most minor system issues by simply rebooting your phone.

Doing that turns off all your phone’s features and then reloads those features, fixing minor issues….

Source…

Google Chrome users ALERT! Beware of this error message, stop loss

/in


If you are a Google Chrome user you need to be a bit careful before clicking on any of unknown links. Several security experts have warned users of a fake Google Chrome error message. Informing about the same, a blog post by Trend Micro stated, “Google Chrome users who use the browser regularly should be wary of a new attack campaign that distributes malware by posing as a Google Chrome update error message. The attack campaign has been operational since February 2023 and has a large impact area.” Another report by NTT Security has also informed of the same.

How this malware works

The malware attacks the users when they visit a legitimate or compromised website that has been infected with a malicious code, including code relating to adult sites, blogs, news sites, and online stores. As a person visits these websites, a fake Google Chrome error message will pop up asking to download an update to fix a supposed security issue.

According to the blog post, in the name of the update, what will really be downloaded is a ZIP file that has an EXE file inside. This EXE file contains a Monero miner that will use the user’s computer’s processing power to mine cryptocurrency for the attackers.

Also read: Looking for a smartphone? To check mobile finder

According to a report by The Sun, the prompt message reads “An error occurred in Chrome automatic update. Please install the update package manually later, or wait for the next automatic update.”

It can be known that mining crypto needs a huge amount of power, which might increase your energy bills. Notably, if you become a victim to this malware, your computer may slow down and become unresponsive. The downloaded malware also has the potential to acquire sensitive information such as log-in credentials and financial data from your computer. Most importantly, your device will be vulnerable to further malware attacks.

How to protect yourself from malware attack

Step 1:

Do not click on any of the prompts popping up on a website.

Step 2:

Be careful of what you download on your device. Always…

Source…