Why Thieves are Targeting your Trash

Why Thieves are Targeting your Trash

A group of criminals in St. Tammany Parish, LA were arrested after they went dumpster diving. This criminal ring was targeting trash from a local loan business – one of those “cash now” places. The group rummaged through the trash to gather personal information about customers. They used this information to either steal existing credit cards or open new ones. Then they went on spending sprees. At some retailers, they convinced the cashiers to type in the credit card number so they didn’t need to swipe the card. This way they could use stolen card numbers even if they didn’t have a physical card. According to local police, the crime wave went on for about a year, affecting at...

how to protect against ransomware

5 Great Tips To Learn How To Protect From Ransomware

5 Great Tips To Learn How To Protect From Ransomware Every business owner and worker needs to learn how to protect from ransomware attacks. Ransomware is malicious software used by hackers to access and encrypt computers and computer networks. As the owner of the device or computer network, the encryption locks you out until you pay the demanded ransom. Only after you have paid are you allowed access to your device or network. Ransomware gets into your device or network in many different ways. However, social engineering is the most common. This means that the hackers study their targets and send them ransomware as genuine links or information. In businesses, which are the most common targets of ransomware attacks, hackers...

New Release: 2021 Remote Workforce Security Report

Holger Schultze wrote: The need to secure the remote workforce has never been more critical. A year into the pandemic, organizations are still grappling with how to protect their assets. The Remote Workforce Security Report reveals the status of organizations’ efforts to secure the new workforce, key challenges, and unique security threats faced by organizations, technology gaps and preferences, investment priorities, and more. Key findings include: Almost three-quarters of organizations are concerned about the security risks introduced by users working from home; despite these challenges, 86% are likely to continue supporting remote work in the future. Key security challenges cited include user awareness and training (57%),home/public WiFi network security (52%), and sensitive data leaving the perimeter (46%). The applications...

New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

Even though the UK has made ‘huge progress’ on cybersecurity efforts, the new Chief Executive of the National Cyber Security Centre (NCSC) Lindy Cameron believes that the current efforts are still not enough. The new security head previously worked as a Director-General for the North Ireland office. She also worked for the Department for International Development (DfID), and was responsible for international programs in Africa and APAC. In her upcoming speech to Queen’s University Belfast, she will highlight the recent SolarWinds hack on US government agencies, and the Microsoft Exchange zero-day vulnerability as current real-world examples. In a highlight from her speech, she talks about the growing threat of ransomware and how it is affecting public schools/universities. She will...

Android mobile phone monitoring tracking spy

Researchers Have Their Eye on Malicious Clones of Android Apps That Put Devices at Risk

Researchers at Check Point have found malicious apps in the Google Play Store that will download Trojans to infected devices. “Check Point Research (CPR) recently discovered a new Dropper spreading via the official Google Play store, which downloads and installs the AlienBot Banker and MRAT,” the researchers write. “This Dropper, dubbed Clast82, utilizes a series of techniques to avoid detection by Google Play Protect detection, completes the evaluation period successfully and changes the payload dropped from a non-malicious payload to the AlienBot Banker and MRAT.” The malicious apps posed as VPNs or audio apps. Once the malware was installed, it would gain access to the device’s banking apps. “The AlienBot malware family is a Malware-as-a-Service (MaaS) for Android devices...

Cybercrime Officially Has Its Own Global Ecosystem

Cybercrime Officially Has Its Own Global Ecosystem

Cybercrime Officially Has Its Own Global Ecosystem. From Services to Distribution, to Monetization, cybercriminals are getting so organized, cybersecurity experts are now beginning to see how vast the relationships to cybercrime and connections really are. It’s worrisome when your organization comes under cyberattack in the first place. ...

Vehicles Most Likely To Survive An EMP Attack

The 3 Vehicles Most Likely To Survive An EMP Attack

When it comes to disasters we all hope that our vehicle will get us out of dodge if needed… But, what would you do if there was an EMP attack? An electromagnetic pulse attack (EMP) is a burst of electromagnetic energy, it can be a natural occurrence or man-made. The problem is, there is no guarantee what will or won’t be damaged from an EMP. Our electric grid would likely be heavily damaged, if not destroyed – along with anything else electrical… Which includes our cars. Newer cars have so many electronic components that there is little hope they would safe. But, there are a few vehicles that have the best chance of surviving an EMP. Here are a...

survive brutal cold

Military Tips To Survive The Brutal Cold

“A man in the cold is not necessarily a cold man.”– Mike Tipton. Knowing how to survive is key. Tyson S. was a 30-year-old man from Utah who moved to a remote part of Alaska. He had been living alone after purchasing his cabin. His nearest neighbor was over 20 miles away. Beautiful mountains, rivers, and lakes separated Tyson from civilization. Yet, one mistake almost cost him his life. Tyson told police that his cabin had a very old stove. One evening, he put a big piece of cardboard in the stove to start a fire. But, the stove sent a spark up the chimney, which landed on the roof. A few hours later, Tyson noticed something dripping from...

Android phone ransomware

Attention Android Users: This Free VPN App Leaked the Data of 21 Million Users

Attention Android Users: This Free VPN App Leaked the Data of 21 Million Users To live our digital lives to the fullest, we rely on a variety of technologies to support our online activities. And while some apps and devices are meant to make certain tasks more convenient or provide us with greater security, others simply offer a false sense of security and could potentially lead to online misfortune. One such platform is SuperVPN. While users may applaud themselves for using a VPN to protect their privacy, this Android app is unfortunately spilling their secrets without their knowledge. ...

How Does Ransomware Spread Globally? Through Malware.

How Does Ransomware Spread Globally? Through Malware.

Ransomware is a type of malware that involves encrypting a company’s or individual’s useful data or blocking users from accessing their computer systems in exchange for a given amount of money. Cybercriminals are always on the look-out for creatives means for getting a hold of your data so that they can have them at ransom. Every day you hear of someone’s account being hacked. But, how does ransomware spread? You ask yourself. It is a common question that most people ask and wonder, especially when the attack strikes. This article delves into seven common ways through which Ransomware has and still manages to spread globally. They include the following. Email Attachments Email is a common avenue for ransomware transmission....

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage. We’ve covered impersonation scams before where cybercriminals pretend to be your CEO, hospital personnel, or even the government. New data from cybersecurity vendor Agari highlights the impersonation trends they found by looking at email throughout the second half of 2020. 63% percent of phishing emails impersonate trusted brands (with Microsoft continuing to top the list). This breaks down in the following manner: Brand display impersonation (62.6%)– where the display name looks to be UPS, Microsoft, Amazon, etc. Individual display name impersonation (22.1%) – where the display name represents...

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

A new social engineering scam demonstrates how cybercriminals are both evolving their tactics while still using tried and true methods that just work to attain their goals. I’ve covered scams impersonating Office 365 I don’t know how many times. But it’s not very often you hear about a scam that uses LinkedIn as both its distribution medium and its’ credential target. Last month, victim LinkedIn users received a message from one of their connections (which proved to have been compromised) that contained a link to a third-party website containing a “LinkedInSecureMessage” (which there is no such thing). Victims are taken to a page displaying the following very official-looking page: After pressing the “view document” button, they are presented with...

commit to protect privacy

Let’s Commit To Protect Our Privacy This Year

  Let’s Commit To Protect Our Privacy This Year How our new identity & privacy app can help By this point in the year you may have already broken some of your New Year’s resolutions, but here’s one to commit to keep: better protecting your online privacy. After all, we are likely to continue to spend more time online in 2021, whether it be for working, learning, or shopping. This makes taking some preventative steps to shield our identity information more important than ever. That’s why McAfee has been working on a new identity and privacy app for safeguarding your personal information, and we’d love for you to try it if you’re in the U.S. Here’s a little bit about our approach. We looked at some of the...

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency This month the UK’s National Crime Agency (NCA) arrested eight suspects who targeted famous sports stars and musicians in the US and stole from victim’s bank accounts and crypto wallets. We hadn’t heard much from the SIM-swapping side of cybercrime in quite a while. This method of tricking a carrier and anyone using a phone number as a form of authentication is accomplished by swapping out the legitimate SIM of the victim with one controlled by the criminal to take over the mobile number of their target. Once in control of the mobile phone number, it becomes far easier to reset passwords, gain access...

How Do Random Number Generators Work?

In a real-world casino, random chance plays a huge part in ensuring that games are fair. If neither the player nor the house can predict which card will be drawn next, or where the ball will stop on a roulette wheel, then the games are unpredictable, and therefore fair. Whilst relying on the laws of physics, or the near-infinite number of combinations that a deck of cards can be arranged into is easy in real life, when it comes to online casinos, things aren’t so simple. The problem is that making something truly random is really quite difficult. Humans are very bad at creating random combinations, and computer programs need to base any number that they generate on an already...

Text message package scam delivers more than your business bargained for

There’s a text message scam making the rounds that could target your mail room staff, receptionist, or other employees. The FTC has tips on how you can protect your business. Our Consumer Blog describes a text message people are receiving that claims to be a FedEx tracking notice. In variations on the scheme, fraudsters also are falsely invoking the names of UPS and the U.S. Postal Service. According to the text, there’s a “delivery” that needs to be scheduled by clicking on a link. From there, people are taken to an “Amazon” page, which invites them to complete a customer satisfaction survey. Then they’re told they’ve won a free prize. Just input a credit number to cover shipping and handling....

Facebook’s Twitter and Instagram accounts hijacked

by John E Dunn Last Friday, in full glare of the world, Facebook admins suddenly found themselves in an unseemly struggle to wrestle back control of the company’s Twitter accounts from attackers that had defaced them. Normally, these accounts trumpet new platform features or other assorted worthy accomplishments. But on Friday afternoon, a different type of tweet suddenly appeared: Hi, we are OurMine Well even Facebook is hackable but at least their security better than Twitter. The now deleted message continues by offering the services of OurMine to anyone wanting to improve their account security. The same group’s logo also appeared on Facebook’s Instagram account: Facebook’s Instagram account also hacked into by OurMine. Bad Times. It reportedly took the...

5 tips for you and your family on Safer Internet Day

by Paul Ducklin No matter how safe and secure you feel when you use your computer, there’s always room for improvement. Why not make Safer Internet Day the excuse you need to do all those cybersecurity tweaks you’ve been putting off… …such as picking proper passwords, turning on two-factor authentication, downloading the latest security updates, making backups of your most important files, and revisiting your privacy settings in case you’re oversharing by mistake? So, let’s go through those five tweaks one-by-one – they’re easier than you think, and much less hassle than you might fear. 1. PICK PROPER PASSWORDS Yes, we say this every year and we’ve been doing so for years. But we still see plenty of people...

5 tips for businesses on Safer Internet Day

by Paul Ducklin Safer Internet Day is here! Note that it’s more than just One Safe Internet Day, where you spend 24 hours taking security seriously, only to fall back on bad habits the day after. As the old saying goes, “Cybersecurity is a journey, not a destination,” and that’s why we have SAFER internet day – it’s all about getting BETTER at cybersecurity, no matter how safe you think you are already. So here are five things you can do in your business, regardless of its size, to help you and your colleagues keep ahead of the cybercrooks. 1. PATCH EARLY, PATCH OFTEN We’ve won part of this battle already, because most businesses these days do install security...

Ashley Madison Breach Extortion Scam Targets Hundreds

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter. View Original Source Article HERE...

Financial tech firms disagree on ban of customer data screen-scraping

by Lisa Vaas For years, financial technology (fintech) companies have used screen-scraping to retrieve customers’ financial data with their consent. Think lenders, financial management apps, personal finance dashboards, and accounting products doing useful things: like, say, your budgeting app will use screen-scraping to get at the incoming and outgoing transactions in your bank account, using the information to power its analysis… …putting your privacy, passcode and other security information in danger of getting lost along the way. Because of those potential dangers to people’s privacy and data, many in fintech are urging the Australian government to follow in the footsteps of the European Union (EU) and to ban screen-scraping. But the call is far from unanimous, with some saying...

Facebook to pay $550m to settle face-tagging suit

by Lisa Vaas A class-action lawsuit against Facebook for scanning a user’s face in photos and offering tagging suggestions looks like it’s finally done churning through the courts. The upshot: it will pay $550 million to settle the suit, Facebook disclosed in its quarterly earnings report on Wednesday. Filed in 2015, plaintiffs had claimed that the platform violated the strictest biometric privacy law in the land – Illinois’s Biometric Information Privacy Act (BIPA) – with its tag suggestions tool. Facebook started using that tool in 2015 to automatically recognize people’s faces in photos and suggest to their friends that they tag them. It’s done so without users’ permission and without telling them how long it would hang on to...

Trello exposed! Search turns up huge trove of private data

by John E Dunn Hands up who’s used the increasingly popular online collaboration platform Trello? Trello is great for organising to-do lists and for coordinating team tasks. But it has its downsides too. While the default for Trello boards is set to ‘private’, many users set them to ‘public’ which means that anyone can see what’s posted there. Not only that, search engines such as Google index public Trello boards, making it simple for anyone to uncover the boards’ contents using a specialised type of search called a ‘dork’. And it’s surprising how much sensitive data there is. Our global cybersecurity operations director at Sophos, Craig Jones, has been keeping an eye on this for a couple of years,...

Scroll to top