Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Computer Security. Show all posts
Protect Personal Data
Computer Security Computer Security Tips Cyber Security Cyber Security Tips Protect Personal Data

Russian IT expert Menshakov listed the ways to protect personal data


According to the expert, to protect yourself from phishing attacks and fraud using malicious software aimed at people working remotely, you need to follow certain rules. In particular, follow the news and discuss threats.

"Knowledge is power. The best defense against online threats is an attack. In the context of the digital space, this means having up-to-date information. The more you know about the methods of deceiving users, the less likely that you will become a victim of hackers and believe a phishing email with an offer to buy a COVID-19 vaccine online or a coupon for vaccination without a queue," said Mr. Menshakov.

The expert also advises checking the sources of emails. It is equally important not to trust emails and text messages from people you know or from organizations that contain requests or improbably tempting offers. Before you click on the link, you need to go to the company's website yourself or call its support service. Checking the sources will protect you from downloading malicious content from phishing links.

"Hover the cursor over the links, study the composition of the URL. If you receive an email with a link, hover your mouse over it, but do not click on it. This way you can see where this URL leads. If the address looks suspicious, delete the message. Risk indicators: Fake links usually look like links to trusted sites, but may contain extra words or domains. If there are doubts about the nature of the URL, do not click on it," advised the expert.

In addition, Menshakov recommends that you secure your devices with several complementary tools. In particular, you can use two-factor authentication (2FA) passwords.

"Regular password changes and two-factor authentication (2FA) are the most effective way to fight hackers," noted the expert.

In addition, you should use a virtual private network (VPN), which will help you establish an encrypted connection and hide activities on the network from hackers.

Read more »
Security News
Computer Security Data Leakage Privacy Russia Security News

Russian experts give tips on how to prevent personal data leakage

In Russia, the number of cyber attacks increased by almost a quarter in the first quarter of 2020, said Anton Kukanov, head of the Russian Quality System (Roskachestvo) for Digital Expertise, citing Positive Technologies data.

The expert also clarified that about 13% of fraudulent links were related to the topic of the coronavirus pandemic. He drew attention to the fact that almost half of all stolen information in the first quarter of 2020 were usernames and passwords.

According to Anton Kukanov, the main purpose of scammers is not the personal data of users, but payment information.

"They use phishing campaigns, social engineering techniques, and a wide range of malicious programs for this purpose, such as keyloggers that record and transmit passwords, remote access programs that allow a hacker to control the device," said Mr. Kukanov.

The expert advises not to click on suspicious links and not to use sites with illegal content in order to prevent fraudsters from stealing logins and passwords. In particular, resources with free movies, including new products, or games that users love so much, can actually be "monetized" by viral software.

"It is also not recommended downloading applications on third-party sites. You need to do it exclusively in official stores, otherwise, you can quickly "catch" the virus. However, there is a risk of "infecting" the gadget through the official store, although less", noted Anton Kukanov.

Moreover, a specialist from Roskachestvo advises looking at the rating of the application before installing it and read reviews without fail in order not to download an application with a virus.

He also recommended paying attention to the permissions that are requested by installed applications. For security reasons, according to Kukanov, it is better to reject those that contradict the meaning of the application.

Read more »
International Computer Security Day
Computer Security Cyber Security Cyber Security and Privacy Foundation Cyber Security awareness Information Security News International Computer Security Day

November 30 Computer Security Day by Cyber Security and Privacy Foundation


International Computer Security Day is the day which takes place annually on November 30 and is celebrated to raise awareness in computer security - help people to prevent them falling prey to malware attacks, scams, loss of personal and company data .

Cyber Security and Privacy Foundation(CSPF) & Anna University CSE Department celebrated the Computer Security Day on November 30, 2019 at Anna University, Chennai, India.


Michael Costa

Michael Costa, Deputy Consulate General of Australia for South India, was the chief guest of the event.  The event started with welcome address speech by R. RamaMurthy, chairman of CSPF.

The speakers:
  • Dr. R.K. RAGHAVAN- Former High Commissioner of India, Republic of Cyprus.
  • Dr.R.SADAKATHULLAH– Former Regional Director,RBI,Chennai.
  • Dr. S SATHIK-Former Vice Chancellor, University of Madras.
  • SUGATA ROY – Specialist for Communication, Advocacy & Partnerships of UNICEF
  • R. RAM KUMAR - CEO, Amvion Labs Pvt Ltd
  • SURIYA - Head – Reeja Vajra APT Scan, CSPF Pte Ltd., Singapore

Read more »
Russian Cyber Security
Computer Security Information Security News Russia Russian Cyber Security

Russia developed a new protected computer “Elbrus 801M”


Russian developers from the concern "Avtomatika", part of the Russian State Corporation" Rostec", presented a new high-performance monoblock computer “Elbrus 801M” at the XIV International Aviation and Space Show (MAKS)-2019.

According to the developers, “Elbrus 801M” meets all the usual requirements for a modern office computer, but at the same time, this machine is superior to foreign analogs in terms of cybersecurity.

As the developer’s representative explained, the new computer is protected from most hacking methods known today.

According to Rostec, the main users of this monoblock will be government agencies, as well as companies from the defense sector, oil, energy and transport industries.

According to experts, new monoblock “Elbrus 801М” will be in demand by users due to the high level of performance, cyber security and ergonomic characteristics. Experts said that the performance of the monoblock exceeds 120 GFlops. It is noted that the monoblock was created on the basis of the Russian eight-core Central microprocessor “Elbrus-8”.

“We are already ready to take orders for the production of such computers. Our monoblocks based on Russian-made processors are interested in those who need computer equipment with domestic processors, with a high level of protection against cyber attacks,” - said the developer’s Assistant, Konstantin Trushkin.

According to him, the development of the monoblock cost ten times cheaper than foreign industry leaders.

It’s important to note that the motherboard, processor, peripheral controller of the computer are created in Russia. Domestic software is also used: BIOS and Russian-made operating system Elbrus Linux. It is known that “Elbrus 801M” is compatible with 32-bit operating systems, such as Microsoft Windows.

“Most of the known hacker methods of hacking against “Elbrus” do not work. The original command system of monoblock requires the creation of new viruses, which today simply does not exist, they have not yet been developed,” said Trushkin.

By 2020, it is planned to sell several thousand pieces of equipment. In addition, in 2020, an improved “Elbrus” model with a next-generation processor should appear.
Read more »
Security Tools
Computer Security Cyber Security Tool Cyberattack Google Google Security Tools Security Tools

Google’s security tools can shield from cyber-attacks

Google has long been asking users to enable its security tools for shielding all its services - from Gmail to Google Photos - from hacking attempts.

The search giant has been pretty vocal about the importance of these features, but now, instead of urging users, it has released hard stats revealing how useful these capabilities can really be.

Let's take a look.

Advantage

Adding phone number can fend off bot-based attacks.

Researchers from New York University and the University of California, San Diego partnered with Google to assess at the impact of its security tools in preventing hijack attempts.

The results, presented recently at The Web Conference, revealed that simply adding a recovery phone number to Google account helped block a 100% bot-based attacks, 99% of automated phishing attacks, and 66% of targeted attacks.

Protection

Two-factor authentication offers highest security.

Google has been saying this for years and the stats prove it - two-step verification is the securest offering right now.

The studies reveal that using phone number-based 2SV (SMS verification) blocked 100% of automated bots, 96% of bulk phishing attacks, and 76% of targeted attacks.

Meanwhile, on-device prompts prevented 100% of automated bots, 99% of bulk phishing attacks and 90% of targeted attacks.

Security key offers strongest shield.

Notably, among all two-step verification methods, using a physical security key proved to be the strong account shield. It blocked all kind of attacks with a 100% success rate.

Risk

Google also showed what happens when you don't use 2SV.

The same study also measured the effectiveness of default sign-in verification techniques, like last location signed-in or your secondary email.

These knowledge-based methods are used when the company detects a suspicious sign-in attempt, say from a new device/location, and you don't have a 2SV on.

The results showed these methods can block bot-based attacks but can fail miserably against phishing or targeted hijack.
Read more »
USB
Computer Security US USB

Indian Pleads Guilty To Destroying University Computers via USB Killer Drive



An Indian national in the US 'pleaded guilty' for this week to pulverizing 59 computers at the College of St. Rose, in New York, through a weaponized USB thumb drive named "USB Killer" that he bought on the web.

The gadget empowered the 27-year old Vishwanath Akuthota to effectively damage gear and equipment worth $51,109, roughly accounting for Rs. 35, 46,700 alongside $7,362 approximately Rs. 5, 10,900 in employee time for exploring and supplanting pulverized hardware.

The incident occurred on February 14, as indicated by court documents acquired by ZDNet, and the suspect recorded himself while pulverizing some of the computers. In the recording, the he was seen saying, "I'm going to kill this guy,", and once he was finished with the procedure, he was seen saying things like, "it's dead" and "it's gone. Boom."


The explanation behind the crime anyway isn't known as of yet.

Surprisingly the weaponized thumb drive known as USB Killer is effectively accessible on the web and he had bought it from a rather well-known online store that sells these kinds of gadgets.

USB Killer devices work by quickly charging thumb drive capacitors from the USB control supply, and after that releasing the electrical current again into the USB slot - all in mere seconds- - successfully frying the computer to which the USB Killer device is connected to.

Akuthota was arrested on February 22 and will be condemned not long from now, on August 12. He faces up to ten years in prison, a fine of up to $250,000, and a term of post-imprisonment supervised release of up to 3 years.

Read more »
United States
Computer Security Cyberattack KiLLer MiNd National Cyber Security RSA United States

Cyberattacks can even take human lives

Cyberattacks by nation-states will soon kill people, either deliberately or unintentionally, a senior security researcher told attendees at the RSA Conference this week.

The May 2017 WannaCry attacks by North Korea and the NotPetya attacks by the Russian military in June 2017 shut down hospitals, disrupted shipping and cost hundreds of millions of dollars in losses — much of it in the form of collateral damage.

It is inevitable, she said during her RSA presentation yesterday (March 5), that future nation-state attacks on such scale will cause loss of life.

"I rarely get to stand up in front of groups and tell them that the news is getting better," Joyce told the crowd. "But if you have purely destructive malware backed by a nation-state, then where does that leave us?"

NotPetya, which targeted tax-collection software that every business in Ukraine was obliged to run, masqueraded as ransomware, Joyce explained. But it was impossible to decrypt the affected data even if a ransom was paid. The goal of NotPetya was purely destructive, and the destruction streamed outward from Ukraine to infect companies and other institutions in 65 other countries.
Part of the collateral damage was at U.S. hospitals, Joyce said, where some patients could not be immediately treated as a result.

"A friend of mine who was suffering from throat cancer was turned away and told to come back next week," Joyce said.

"If you have purely destructive malware backed by a nation-state, then where does that leave us?"
—Sandra Joyce, FireEye senior vice president


Had anyone died as a result of NotPetya, that would have been an unintended consequence of a specific attack on Ukraine's economy. But nation-state malware already exists that is designed to deliberately kill people, according to Joyce.
Read more »
iPhone
Computer Security CyberCrime and Law Cyberhacking eBay Hacking Tools iPhone

iPhone hacking tool for sale on eBay

iPhones are renown for their security -- to the point that even law enforcement agencies have trouble accessing their contents. An Israeli firm, Cellebrite, became well-known when it transpired that hacking tools it made were used by the US government to crack locked iPhones and now its hacking tools are available to buy on eBay.

Cellebrite phone-cracking devices, beloved by law enforcement, are available at bargain-basement prices so you can get a gander at all the devices that the police have presumably been able to squeeze for data.

The Cellebrite Universal Forensic Extraction Device (UFED) is a smartphone hacking tool commonly used by the FBI, Department of Homeland Security and other law enforcement agencies in the US and elsewhere. It’s the most powerful tool yet created by the Israeli company, able to extract a huge amount of data – even data which has been deleted from phones.

Security researcher Matthew Hickey who is the co-founder of the training academy, Hacker House recently told Forbes that he’d picked up a dozen Cellebrite UFED devices for dirt cheap and probed them for data, which he found in spades.

For as little as $100-$1000, you can get your hands on a second-hand piece of Cellebrite equipment (a fraction of its usual selling price). For just a few Benjamins, you could get a Cellebrite UFED (Universal Forensic Extraction Device) and use it for whatever you might fancy.

A brand new one normally costs $5,000 to $15,000 depending on the model.

What surprised Hickey was that nobody bothered to wipe these things before dumping them onto eBay, he told Forbes:

“You’d think a forensics device used by law enforcement would be wiped before resale. The sheer volume of these units appearing online is indicative that some may not be renewing Cellebrite and disposing of the units elsewhere.”
Read more »
Subscribe to: Posts (Atom)