Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Hacking the Internet of Things. Show all posts
Malware prevention steps
Cybercrimes Hacking the Internet of Things malware Malware prevention steps

How to Prevent Malware on Your Android Device

Malware is a term that describes any malicious program or code that is harmful to systems. It seeks to invade, damage, or disable computers, networks, tablets, computer systems, and mobile devices, often by taking command of a device’s operations. 

According to recent happenings, studies show that all devices including smartwatches are all at risk. However, many organizations are working towards the prevention of such events by spreading correct information to the public domain. There are some steps you can follow to prevent your devices from falling into a malicious trap. 

Before learning the mitigating steps, learn how to identify if your devices are trapped by malware.  You will notice that your devices start working slowly, the screen is inundated with annoying ads, system crashes, you will also notice a mysterious loss of disk space, an increase in your system’s internet activity, browser settings will change, antivirus product stops working properly and you will lose the access to your files or your entire computer. 

Now learn how you can prevent such activities from happening on your devices. 

First Step is to Use a Secure Search Engine on Your Devices 

Now people are more aware that major search platforms are tracking them and collecting their private data. That’s why using a secure search engine is very important which can assure users that the engine is not storing IP addresses or personal information, no tracking data related to search queries, and encrypting and applying time-sensitive limits on active searches. 

Second Step is to Keep Your Phone Updated 

Most Android phones now stay updated automatically. However, one should keep checking. It also provides some critical security updates that help keep you safe. 

Third Step is to Clear Your Browser Cookies 

There are many ways that cookies can put your system at risk. Threat actors can store information from your cookies and use data against your devices. To stay safe, users are recommended to clear cookies from the system from time to time. 

Fourth is to Use Multiple Phone Accounts 

To save your data from threat actors and from crashing you can create multiple user accounts on your Android phone. You can keep your important data and apps safer by accessing certain content on separate accounts. 

Users are Recommended to Install Apps From Official Sources 

Internet users should install apps from official sources, like the Play Store or the Galaxy Store. Also, if something goes wrong or the apps get hacked one can hold an official source responsible for the same. 

Furthermore, internet users should avoid using cracked apps and games, meanwhile, it is strongly recommended that they do not click on random links in text messages.
Read more »
Woody Rat Malware
Hacking the Internet of Things malware Russia Woody Rat Malware

Russian Entities Hit by New Woody RAT Malware

 

Malwarebytes researchers discovered an unidentified malicious actor who has been victimizing Russian organizations with a brand new remote access trojan named Woody RAT for at least a year as part of a spear-phishing campaign. 

The Malware was being delivered via two methods: archive files and Microsoft Office documents compromising the Follina Windows Flaw (CVE-2022-30190). 

Like other state sponsors of cyber operations, Woody RAT facilitates a wide range of features that allows the group of threat actors to take full remote control of the system and steal important data from the infected systems. 

The team said that the attackers mainly focused on Russian organizations based on a fake domain they have registered, Malwarebytes is well aware of the fact that the attackers tried to target a Russian aerospace and defense entity known as OAK. 

“The earliest versions of this Rat were typically archived into a zip file pretending to be a document specific to a Russian group. When the Follina vulnerability became known to the world, the threat actor switched to it to distribute the payload, as identified by @MalwareHunterTeam.” states the report published by Malwarebytes. 

As per the technical data, the RAT is advanced malware that is equipped with multiple backdoor capabilities including writing arbitrary files to the machine, capturing screenshots, executing additional malware, enumerating directories, deleting files, and gathering a list of running processes. 

Also, the malware has two malicious codes; NET DLLs embedded inside named WoodySharpExecutor and WoodyPowerSession. WoodySharpExecutor allows the malware to run the NET code received from the C2, while WoodyPowerSession enables the malware to execute PowerShell commands and scripts received from the C2. 

Once the command threads are created the malware removes itself from the disk with the help of the ProcessHollowing technique. 

“This very capable Rat falls into the category of unknown threat actors we track. Historically, Chinese APTs such as the Tonto team as well as North Korea with Konni have targeted Russia. However, based on what we were able to collect, there weren’t any solid indicators to attribute this campaign to a specific threat actor,” concludes the report. 
Read more »
IOT Security
Cybersecurity Hacking the Internet of Things IoT IoT devices IOT Security

Internet of Things (IoT): Greater Threat for Businesses Reopening Amid COVID-19 Pandemic

 

Businesses have increasingly adopted IoT devices, especially amid the COVID-19 pandemic to keep their operations safe. Over the past year, the number of IoT devices employed by various organizations in their network has risen by a remarkable margin, as per research conducted by Palo Alto Networks' threat intelligence arm, Unit 42. 
 
While looking into the current IoT supply ecosystem, Unit 42 explained the multi exploits and vulnerabilities affecting IoT supply chains. The research also examined potential kinds of motivation for exploiting the IoT supply chain, illustrating how no layer is completely immune to the threat.  

The analysis of the same has been reported during this year's National Cybersecurity Awareness Month (NCSAM), which is encouraging the individual's role in protecting their part of cyberspace and stressing personal accountability and the significance of taking proactive measures to strengthen cybersecurity. 
 
The analysis also noted that supply chain attacks in IoT are of two types – through a piece of hardware modified to bring alterations in a device's performance or from software downloaded in a particular device that has been affected to hide malware. 
 
While highlighting a common breach of ethics, the research mentioned the incorporation of third-party and hardware components without making a list of the components added to the device. The practice makes it hard to find how many products from the same manufacturer are infected when a vulnerability is found on any of the components. Additionally, it also becomes difficult to determine how many devices across various vendors have been affected in general, by the vulnerability.

"The main goals for cyberespionage campaigns are maintaining long-term access to confidential information and to affected systems without being detected. The wide range of IoT devices, the access they have, the size of the user base, and the presence of trusted certificates make supply chain vendors attractive targets to advanced persistent threat (APT) groups..." the report stated. 
 
"In 2018, Operation ShadowHammer revealed that legitimate ASUS security certificates (such as “ASUSTeK Computer Inc.”) were abused by attackers and signed trojanized softwares, which misled targeted victims to install backdoors in their system and download additional malicious payloads onto their machines." 
 
While putting things in a cybercrime perspective, the report noted - "The potential access and impact of compromising a large number of IoT devices also make IoT vendors and unprotected devices popular choices for financially motivated cybercriminals. A NICTER report in 2019 shows close to 48% of dark web threats detected are IoT related. Also in 2019, Trend Micro researchers looked into cybercriminals in Russian-, Portuguese-, English-, Arabic-, and Spanish-speaking marketplaces and discovered various illicit services and products that are actively exploiting IoT devices." 
 
The report stressed the need to "enlist" all the devices connected to a certain network as it will help in identifying devices and their manufacturers, enabling administrators to patch, monitor, or even disconnect the devices when needed. There are instances when all the vulnerable devices are unknown in the absence of a complete list, therefore it is imperative to have complete visibility of the list of all the connected devices in order to defend your infrastructure. 
Read more »
Hacking the Internet of Things
Cyber Security News Hacking the Internet of Things

Couple has important message for other parents

Recently, a couple in Washington gave out an important message to other parents, after they had discovered their baby monitor had been hacked.

A couple in Minnesota, whose baby monitor had also been hacked earlier, had also been in the the news before.

“ We don’t know if they could hear but we know that they were watching, for sure,” said a parent.

The couple had been using the monitor for keeping an eye on their three-year old, who complained that somebody had been talking to him over the monitor at night.

Upon investigation they found out that their baby monitor had been hacked and was being controlled by hackers.

“It got me worried that they’ve seen things maybe they shouldn’t see that are private, our privacy’s been hacked,” said the parent.
Read more »
Subscribe to: Posts (Atom)