Tech Talk Show Notes
November 29 – December 5, 2020
It’s the most wonderful time of the year for hackers to target home gamers. Gamers are typically on the younger side and more trusting and comfortable with technology.
- Don’t Readily Share Personal Information
- Take Care of Your Home Network
- Use Multifactor Authentication
- Stay Away From Chats
- Avoid Third-Party Stores and Apps
- Disable Universal Plug and Play
- Beware of Scams While Playing and Buying Games Online
Of nearly 100 apps tested, 40% have significant security issues, using either GPS locations or bespoke Bluetooth proximity detection to determine exposure.
Guardsquare analyzed 95 contact-tracing apps — 52 Android apps and 43 iOS apps — and found that 40% did not use the Apple-Google protocol, which is designed to protect user privacy. Many of those applications instead used global positioning system (GPS) data to determine users’ locations and linked that to their phone numbers or passport identifiers, the company stated in the analysis, published today.
Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC).
The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the theft of data, and the disruption of distance learning services. Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year. These issues will be particularly challenging for K-12 schools that face resource limitations; therefore, educational leadership, information technology personnel, and security personnel will need to balance this risk when determining their cybersecurity investments.
When it comes to defending an organization against cyberthreats, knowing your enemy is not enough. Equally important is knowing what the enemy knows about you and how much you know about yourself.
Increasingly, attackers have gone from breaking into a target network to simply logging into them using credentials available from a variety of sources and obtained in different ways, including social engineering, simple Web searches, and Dark Web markets
Red-team tools are used to attack companies to test their security, and FireEye’s revelation earlier this week that it had been infiltrated by a nation-state hacking operation that stole its red-team hacking tools served as a chilling reminder to the security industry that no one is impermeable to an attack.
Several reports and sources say Russia’s SVR foreign service agency, aka APT 29 or Cozy Bear, was the perpetrator. “What was really cool is they not only published the red-team tools the Russians stole, but the countermeasures of those tools,” Trinity Cyber’s Ryan says. That wasn’t the case with the NSA’s tool breach, he notes. “Everybody was kind of on their own” to defend against attacks using them, including the infamous EternalBlue exploit.
The attack works against the Chrome, Firefox, Edge, and Yandex browsers, and it remains ongoing.
If not detected and blocked, Adrozek adds browser extensions, modifies a specific DLL per target browser, and changes browser settings to insert additional, unauthorized ads into web pages, often on top of legitimate ads from search engines. The intended effect is for users, searching for certain keywords, to inadvertently click on these malware-inserted ads, which lead to affiliated pages. The attackers earn through affiliate advertising programs, which pay by the amount of traffic referred to sponsored affiliated pages.
The cyber-criminal groups behind some of the most notorious and damaging ransomware attacks are using the same tactics and techniques as nation-state-backed hacking operations – and they’re only going to get more sophisticated as they look for even bigger pay days.
One of the key reasons why ransomware has become such a common cyberattack is because it’s the easiest way for malicious hackers to make money from a compromised network. Cyber-criminal hackers uncover vulnerabilities on networks then spend months laying the groundwork to compromise the systems with ransomware before finally unleashing the attack and encrypting the network.