Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Email Breach. Show all posts

Microsoft Might Be Sharing Your Outlook Emails Without Your Knowledge

 



Microsoft's data collection practices are under scrutiny, as a recent report suggests the Outlook for Windows app might be sharing more user information than expected. With this app now default on Windows 11, the impact could be widespread. ProtonMail, a competitor to Outlook, discovered that user data collected includes emails, contacts, browsing history, and potentially location data. They even labeled Outlook for Windows as "a surveillance tool for targeted advertising." Users are automatically opted in to share their data with hundreds of third parties, mainly for advertising. Opting out involves a manual process for each of the 772 companies, making it cumbersome for users. This discovery raises concerns about user privacy, especially for those who use Outlook for daily communication and work-related tasks.

Microsoft is no stranger to data privacy issues, and recent reports indicate that Outlook for Windows might be playing a part in it. Last year, concerns were raised about Windows 11 collecting and sending data even before users connected to the internet. This time, ProtonMail, a direct competitor of Microsoft's email services, has shed light on data collection practices by Outlook for Windows, labelling it as "a surveillance tool for targeted advertising."

However, it's crucial to consider ProtonMail's position as a privacy-focused service competing with Microsoft. Their motive to criticise Outlook for Windows should be taken into account, as they aim to highlight the superiority of their own privacy and security features.

Outlook for Windows being a free app raises questions about how Microsoft supports it. Some argue that user data is used to support the app and introduce new features. While users can opt out of data sharing, the process is not as straightforward as it could be, requiring a per-advertiser toggle click rather than a simple 'reject all' button.

Actions to take

If the data-sharing concerns have you on edge, opting out is possible. Navigate to the 'General' section in your Outlook for Windows settings and find 'Advertising Preferences.' Here, a list of companies with toggles set to 'enable' will be displayed. While there's no universal 'reject all' button, each advertiser allows you to learn more about their privacy policies and opt out.

Creating a new Outlook email account may present an easier option, as the 'reject all' option appeared during testing. However, for existing accounts, manually deselecting advertisers is the route to take.

This scenario prompts us to reconsider the trade-off between free apps and data sharing. While Microsoft appears to make turning off data sharing relatively straightforward, it emphasizes the importance of scrutinizing user agreements and disclaimers for free apps, particularly those from Microsoft.

Protect Your Data

In an era where data privacy is paramount, understanding how apps utilise your information is crucial. As you use free apps like Outlook for Windows, take the time to review and adjust your settings to protect your data. Being proactive ensures that you are in control of what information is shared and with whom. Stay informed, stay secure.


Torrent Service Data Breach: What You Need to Know

 

A significant data breach has affected one of the top pirate providers, according to recent developments. Security and safety issues about online torrenting platforms have been brought up by the breach, which was found by experts in cybersecurity.
According to reports from TechRadar Pro, the breach exposed a significant amount of user data, potentially affecting thousands of users. Personal information, including email addresses, usernames, and hashed passwords, were among the data compromised. This breach has sent shockwaves through the online torrenting community, prompting users to reevaluate their online security measures.

Tech enthusiasts and torrent aficionados frequent these platforms for various reasons, including accessing hard-to-find content or sharing files among peers. However, this breach serves as a stark reminder of the risks associated with using such services.

Tech.co reports that the breach highlights the importance of maintaining strong, unique passwords and implementing additional security measures like two-factor authentication. Additionally, users are advised to be cautious about sharing sensitive information online and to regularly monitor their accounts for any suspicious activity.

Cybersecurity experts have urged affected users to change their passwords immediately, not only on the compromised torrent service but also on any other accounts where they may have used the same login credentials. This proactive approach can help mitigate the potential fallout from the breach.

The breach also emphasizes the need for torrent service providers to prioritize cybersecurity measures. Implementing robust encryption protocols and regularly updating security systems can go a long way in safeguarding user data.

Users and suppliers in the online torrenting community should take note of the recent data leak in a well-known torrent service. In today's digital world, vigilance, strong passwords, and extra security measures are essential. Users can enjoy a safer online experience and strengthen their defenses against potential breaches by implementing these precautions.





QR Code Phishing Attacks: A Rising Threat

Leading cybersecurity firms have reported a startling 587% increase in QR code-based phishing assaults in recent times. This concerning pattern demonstrates how fraudsters are changing their strategies to take advantage of people's confidence in QR codes for a variety of objectives.

QR codes, initially designed for convenience and efficiency, have become an integral part of our digital lives. From accessing websites to making payments, these two-dimensional barcodes have streamlined numerous processes. However, this surge in phishing attacks signifies that cybercriminals are adapting and finding innovative ways to exploit this technology.

Cybersecurity experts have identified several strategies employed by attackers in these QR code phishing campaigns. One common tactic involves distributing malicious QR codes via emails or social engineering techniques. Unsuspecting victims scan these codes, unwittingly granting cybercriminals access to sensitive information or infecting their devices with malware.

Furthermore, attackers are increasingly using QR codes in conjunction with fake landing pages that mimic legitimate websites. These convincing replicas deceive users into entering their credentials or personal information, which is then harvested by the attackers. This method has proven to be highly effective, as even cautious individuals can be easily tricked by sophisticated phishing pages.

To combat this rising threat, experts emphasize the importance of user education and awareness. Individuals should exercise caution when scanning QR codes, especially if received from unknown or unverified sources. Employing reputable security software that includes QR code scanning capabilities can also provide an additional layer of protection.

Additionally, businesses and organizations should implement multi-factor authentication measures and conduct regular security audits to identify and mitigate potential vulnerabilities. By staying vigilant and adopting proactive cybersecurity measures, individuals and businesses can help curb the success of QR code phishing attacks.

The surge in QR code-based phishing attacks serves as a stark reminder of the ever-evolving landscape of cyber threats. As technology advances, so do the tactics of cybercriminals. Vigilance, education, and robust cybersecurity practices are crucial in safeguarding against these sophisticated attacks.






Firefox Browser Enhances Email Security with New Built-in Tools

Mozilla Firefox, a well-known web browser, has significantly improved the protection of users' email addresses in an age where internet privacy and security have elevated worries. The addition of additional built-in technologies has made Firefox even more capable of protecting your online identity.

The latest feature, known as 'Email Masks,' is designed to keep your email address safe from prying eyes and potential phishing attacks. This innovation has been widely welcomed by the online community and security experts alike.

Email Masks work by allowing users to generate a unique and temporary email address, often referred to as an alias or a mask. Instead of using your primary email address for online services, you can create a disposable one within Firefox. This means that even if a website you've registered with gets hacked or sells your data, your actual email address remains hidden and secure.

To use this feature, simply right-click on the email field when signing up for a new service or website, and Firefox will offer the option to generate an Email Mask. You can then choose an alias that suits the purpose, and all emails sent to this alias will be forwarded to your primary inbox.

What makes Email Masks even more impressive is their flexibility. You can easily disable or delete a mask if you no longer wish to receive emails from a particular source. This ensures that you have complete control over your digital identity and who can reach your primary email address.

Furthermore, Firefox has integrated its popular Relay service into the browser. Firefox Relay helps you manage these Email Masks efficiently and provides an additional layer of security by forwarding only the legitimate emails while filtering out spam and potential threats.

This move aligns with Mozilla's commitment to prioritizing user privacy and security. By offering these tools natively within the browser, Firefox makes it more convenient for users to protect themselves against phishing attempts and data breaches.

The strategies used by cybercriminals change as the internet does. These new features highlight Mozilla's pro-active approach to user protection and show their commitment to staying ahead of these dangers.

Storm-0558 Breach: Microsoft Breach Risks Millions of Azure AD Apps


Storm-0558 breach, that enabled the China-based advanced persistent threat (APT) group to access emails of at least 25 US agencies seems to be more notorious than anticipated, since the breach may put significant risk on Microsoft cloud services than one could have predicted.

However, it will take weeks, if not months, to identify the full extent of the real compromise caused by the situation since many firms lack sufficient authentication logging.

Reportedly, the email breach enabled access to Microsoft 365 enterprise email accounts and the potentially sensitive information they contained by forging authentication tokens under the guise of authorized Azure Active Directory (AD) users thanks to a stolen Microsoft account (MSA) key.

There are also speculations that the lost MSA key could have additionally allowed threat actors to forge access tokens for "multiple types of Azure Active Directory applications, including every application that supports personal account authentication, such as SharePoint, Teams, OneDrive, customers' applications that support the 'login with Microsoft' functionality, and multitenant applications in certain conditions," as per a research by Wiz published on July 21. 

Head of research at Wiz, Shir Tamari further notes that the APT potentially was fixed in a position to "immediate single hop access to everything, any email box, file service or cloud account."

Scope of the Storm-0558 Breach

After reviving the key earlier in July, Microsoft released indicators of compromise (IoCs) for the email attack. However, assessing if the breach has in fact used the broader access to any of the loads of additional susceptible applications will be a significantly challenging task.

Tamari further explains, "We discovered that it may be difficult for customers to detect the use of forged tokens against their applications due to lack of logs on crucial fields related to the token verification process."

This situation sits next to the so-called “logging tax” that first came across as the aftermath of Microsoft’s initial disclosure of the Storm-0558 breach. 

Due to the fact that advanced logging with a feature of detecting suspicious behavior in systems has only been made available to customers with paid premium service, many Microsoft customers have been unable to see how the attacks have affected their companies. Microsoft quickly caved to industry pressure and pledged to make access to advanced logging free, but it will take some time before users everywhere install and use this update.

"Unfortunately, there is a lack of standardized practices when it comes to application-specific logging. Therefore, in most cases, application owners do not have detailed logs containing the raw access token or its signing key[…]As a result, identifying and investigating such events can prove exceedingly challenging for app owners," wrote Tamari.

While the stakes are still quite high, Yossi Rachman, director of security research for AD security company Semperis noted that the “main concern here is understanding how exactly threat actors were able to get their hands on the compromised Azure AD key, as these types of breaches have the potential of quickly turning into a SolarWinds-scale event."

Impact on Azure AD Customers

Wiz further noted that despite the fact that the key has been recovered, several Azure AD customers could still be at high risk, given that Storm-0558 could potentially have used its access to establish a persistent position through application-specific keys, or setting up backdoors. 

Moreover, applications that might have kept copies of the Azure AD public keys before they were revived, and applications that depend on local certificate stores or cached keys that may not have been updated remain vulnerable to token forging.

"It is imperative for these applications to immediately refresh the list of trusted certificates," Tamari urged. "Microsoft advises refreshing the cache of local stores and certificates at least once a day."

In another post, Wiz mentioned details as to which Azure AD configurations would be vulnerable to attack, and advised organizations to update their application caches and Azure SDKs to the latest versions. 

Tamari further notes, "The full impact of this incident is much larger than we initially understood it to be[…]We believe this event will have long-lasting implications on our trust of the cloud and the core components that support it, above all, the identity layer which is the basic fabric of everything we do in cloud. We must learn from it and improve."