Tag Archive for: support

Apple’s Pledge to Support RCS Messaging Could Finally Kill SMS


Good news is coming to your group chat. Today, Apple said it will add support for the RCS messaging standard to the iPhone. The website 9to5Mac broke the news that Apple will release a software update some time next year that will bring support to iOS for the messaging standard, which is already widely used by Android phones.

RCS, or Rich Communications Standard, is a messaging service that’s a step up from the SMS and MMS messaging standards that smartphones have used since they first arrived. RCS can do more than SMS and MMS: It allows users to share higher-resolution photos and videos between their devices; it supports read receipts; and there’s more fun stuff, like the ability to easily drop emoji and GIFs into a conversation. It also adds extra layers of security that the older messaging standards lack.

Apple has famously shunned RCS in favor of its own iMessage platform, resulting in a layer of incompatibility that anyone with an Android phone—or any iPhone user who regularly texts people with Android phones—is painfully aware of. Videos shared between iOS and Android are crunchy and low-bandwidth, and Android users are often confounded by group chats, with missed messages, absent emoji, and other glitches.

For years, Apple has been relying on SMS and MMS to bridge the digital divide between these messaging platforms. It’s the last major holdout, as RCS is already supported by major players like Google, Verizon, AT&T, and T-Mobile. When Apple adds support for RCS, it won’t need that old bridge, and the move could signal the eventual death of SMS.

“It’s long been time for SMS to go away,” says Anshel Sag, principal analyst at the technology analyst firm Moor Insights and Strategy. “Now SMS can die, it can be sunset. So all the viruses and all the security flaws that are due to SMS can be eliminated.”

The move isn’t happening immediately; Apple told 9to5Mac that RCS support will come “in the later half of next year.” This timing suggests that support could arrive with the next version of iOS, which typically rolls out in September.

So it’s a ways out, but it’s certainly closer than Apple’s previous plan for the feature, which was apparently “never.”…

Source…

WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams


Aug 19, 2023THNMalvertising / Website Security

Cybersecurity researchers have detailed an updated version of an advanced fingerprinting and redirection toolkit called WoofLocker that’s engineered to conduct tech support scams.

The sophisticated traffic redirection scheme was first documented by Malwarebytes in January 2020, leveraging JavaScript embedded in compromised websites to perform anti-bot and web traffic filtering checks to serve next-stage JavaScript that redirects users to a browser locker (aka browlock).

This redirection mechanism, in turn, makes use of steganographic tricks to conceal the JavaScript code within a PNG image that’s served only when the validation phase is successful. Should a user be detected as a bot or not interesting traffic, a decoy PNG file without the malicious code is used.

WoofLocker is also known as 404Browlock due to the fact that visiting the browlock URL directly without the appropriate redirection or one-time session token results in a 404 error page.

The cybersecurity firm’s latest analysis shows that the campaign is still ongoing.

Cybersecurity

“The tactics and techniques are very similar, but the infrastructure is now more robust than before to defeat potential takedown attempts,” Jérôme Segura, director of threat intelligence at Malwarebytes, said.

“It is just as difficult to reproduce and study the redirection mechanism now as it was then, especially in light of new fingerprinting checks” to detect the presence of virtual machines, certain browser extensions, and security tools.

A majority of the sites loading WoofLocker are adult websites, with the infrastructure using hosting providers in Bulgaria and Ukraine that give the threat actors stronger protection against takedowns.

The primary goal of browser lockers is to get targeted victims to call for assistance to resolve (non-existent) computer problems and gain remote control over the computer to draft an invoice that recommends affected individuals to pay for a security solution to address the problem.

“This is handled by third-parties via fraudulent call centers,” Segura noted back in 2020. “The threat actor behind the traffic redirection and browlock will get paid for each successful…

Source…

Support from British businesses crucial in removing over 235000 … – National Cyber Security Centre



Support from British businesses crucial in removing over 235000 …  National Cyber Security Centre

Source…

Celerium Announces Compromise Defender™ Solution with Defensive Support Against Cl0p/MOVEit Ransomware Threats


Compromise Defender is a new Celerium solution that implements in 30 minutes and leverages automation to detect and disrupt cyber compromise activity.

TYSON’S CORNER, June 22, 2023 /PRNewswire/ — Celerium Inc., a leading cyber defense company, today announces the release of its latest cybersecurity solution, Compromise Defender™. As an integral part of Celerium’s Cyber Defense Network™, this innovative solution combines rapid implementation and automation to provide early detection and defense of compromise activity.

Celerium powers active cyber defense solutions to help protect companies and communities from increasing cyberattacks. (PRNewsfoto/Celerium)

Celerium powers active cyber defense solutions to help protect companies and communities from increasing cyberattacks. (PRNewsfoto/Celerium)

Research by IBM found that the average detection time of a data breach is around 200 days, nearly seven months. The need for early detection and defense against compromise activity, which often succeeds the network intrusion phase of a cyber incident and can be a precursor to later-stage ransomware and data breach attacks, is more critical than ever. Celerium created Compromise Defender to address this need.

“Small and medium-sized businesses and local government organizations are overloaded and overwhelmed with cybersecurity challenges,” said Tommy McDowell, General Manager of Celerium. “Our aim with Compromise Defender is to lighten their load by providing a real-time, automated solution that not only detects threats early but also launches an effective defense.”

Celerium specifically designed Compromise Defender for busy and overloaded organizations, with quick setup and easy operation:

  • 30-minute non-intrusive implementation, without any hardware or software to install.

  • Secure connectivity between an organization’s perimeter firewalls to Celerium’s Decision Engine hosted on the AWS cloud.

  • 100% automated, eliminating the need for integration with SIEM or IT security stack solutions.

  • Autonomous operation, requiring no IT staff for day-to-day management.

  • Real-time automated defense mechanisms to block network threats and compromise activity. The real-time mechanism re-optimizes network defense measures every 15 minutes.

  • Integrated automated analysis and reporting platforms show compromise activity (of reconnaissance, C2 server…

Source…