Monday 1 January 2018
Sunday 29 January 2017
"Can You Hear Me?"
Police Warn: New "Can You Hear Me?" Phone Scam Could Cost You A Lot
Now this is scary!
Police are warning cellphone users of a terrifying new scam, multiple news agencies report. The scam is brilliantly simple: all it consists of is a scammer calling from an unfamiliar number (but often one with a familiar area code) and asking, "Can you hear me?" It seems like a simple question, and most people would just answer, "Yes." In this case, however, the hacker records you saying "Yes" and then uses the response to authorize credit card or bill charges.
ALERT: New "can you hear me" scam circulating around the U.S. cbsn.ws/2juqjiT
ALERT: New "can you hear me" scam circulating around the U.S. cbsn.ws/2juqjiT
"You say 'yes,' it gets recorded and they say that you have agreed to something," Susan Grant, director of consumer protection for the Consumer Federation of America, told CBS News. "I know that people think it's impolite to hang up, but it's a good strategy."
While "Can you hear me?" seems to be the most popular question, scammers are using other questions that would prompt a "Yes" response, like "Are you the homeowner?" and "Do you pay the bills."
Fox News provided the following tips to avoid this scam:
- Do not answer the phone from numbers you do not recognize.
- Do not give out personal information.
- Do not confirm your number over the phone.
- Do not answer questions over the phone.
If you do receive a suspicious call, authorities are advising people to hang up right away and call 911. And if you've already received a call like this, make sure to carefully monitor your credit activity!
Source: Good Housekeeping
Wednesday 14 December 2016
Friday 4 November 2016
DDoS attacks so powerful entire countries can be cut from the internet
Liberia has become the latest victim of the Mirai botnet
There has been another worrying development when it comes to massive-scale DDoS attacks, with the latest victim being an entire country – Liberia over in Africa, to be precise.
And as you won’t be surprised to hear if you’ve been following these stories, this is another assault which leverages the Mirai botnet to fire tons of traffic at the victim – that’s been the source of all these big attacks since the first massive volley against security researcher Brian Krebs (which reached some 620Gbps).
As ZDNet spotted, apparently the Mirai botnet employed in the attacks against Liberia is known as Botnet #14, and security expert Kevin Beaumont observesthis is the largest such botnet – consistently capable of producing over 500Gbps – which appears to also be the source of the recent massive attack on Dyn.
The hit on Dyn, which is a DNS provider, caused a massive web outage a fortnight ago, knocking out all manner of sites including Twitter, Netflix and Spotify.
Liberia has apparently suffered at the hands of a number of DDoS attacks which are short by nature, but worrying because they’re pretty much taking the entire country offline.
Glaring weakness
As Beaumont observes, that’s because Liberia relies on a single pipe for its internet access, and so has a single point of failure (and it’s not the only country like this). Websites hosted in Liberia were downed, and a journalist Beaumont spoke to said that internet connectivity was going offline at times matching the DDoS blasts.
Beaumont noted: “The attacks are extremely worrying because they suggest a Mirai operator who has enough capacity to seriously impact systems in a nation state.”
The truth is that few people are on the internet in Liberia anyway – only around one in 20 of the population – but ZDNet also managed to get some confirmation from a person returning to the country, who said they experienced ‘minor interruptions’ to their internet usage on Wednesday evening.
But given the low-profile target country and the very short nature of the attacks, it seems that this is just the botnet’s owner(s) testing out firepower against a nation. It’s what might come next that’s worrying, of course, when the DDoS cannons are aimed and let loose with a sustained barrage.
As we saw with the Dyn affair, the sort of damage these large-scale attacks can now muster is quite frightening. And worse still, there’s the prospect of Mirai being cranked up in terms of its potential power as more easily compromised IoT devices (security cameras, DVRs, routers and so on) are hacked and join the massing botnet ranks.
The other major concern is the use of possible DDoS amplification techniques, such as the one we reported on last month, which could potentially be used to inflict assaults of 35Tbps or even more by seriously powering up these botnet-based attacks.
Source: http://www.techradar.com/
Saturday 25 January 2014
Cyber Threats Hit Record Levels
Cyber threats and vulnerabilities have reached their highest level for more than a decade, networking equipment specialist Cisco's latest security study reveals.
According to the Cisco 2014 Annual Security Report, which became available this week, cumulative annual alert totals rose by 14% on the year in October 2013. The IT major says that the malicious activity witnessed is at its highest level since the firm began tracking it back in 2000 as the targets of such attacks are failing to address the challenges of the quickly evolving threat landscape.
According to the report, there is a dire need for security professionals worldwide. This, coupled with the lack of adequate systems at most enterprises, leaves organisations without the necessary resources to address cyber attacks. Cisco has estimated that the global shortage of security experts will exceed one million this year.
A startling finding of the study is that all 30 of a sample of the biggest multinational company networks generated visitor traffic to websites with malware, with 96% reviewing communicated traffic to hijacked servers and 92% transmitting traffic to empty web pages, which is also usually associated with exposure to malicious activity, Cisco noted.
And it seems that malicious attacks are widening their scope among verticals. In the past two years, sectors that had remained relatively unscathed by malicious breaches, such as agriculture and mining, witnessed a substantial rise in malware encounters, the IT company said.
The research found that Multipurpose Trojans prevailed in web-delivered malware last year, accounting for 27% of all encounters, and, among programming languages, Java is still the primary target of online criminals.
In addition, Android turned out to be by far the most targeted mobile platform, accounting for 99% of all mobile malware.
Source: www.misco.co.uk
According to the Cisco 2014 Annual Security Report, which became available this week, cumulative annual alert totals rose by 14% on the year in October 2013. The IT major says that the malicious activity witnessed is at its highest level since the firm began tracking it back in 2000 as the targets of such attacks are failing to address the challenges of the quickly evolving threat landscape.
According to the report, there is a dire need for security professionals worldwide. This, coupled with the lack of adequate systems at most enterprises, leaves organisations without the necessary resources to address cyber attacks. Cisco has estimated that the global shortage of security experts will exceed one million this year.
A startling finding of the study is that all 30 of a sample of the biggest multinational company networks generated visitor traffic to websites with malware, with 96% reviewing communicated traffic to hijacked servers and 92% transmitting traffic to empty web pages, which is also usually associated with exposure to malicious activity, Cisco noted.
And it seems that malicious attacks are widening their scope among verticals. In the past two years, sectors that had remained relatively unscathed by malicious breaches, such as agriculture and mining, witnessed a substantial rise in malware encounters, the IT company said.
The research found that Multipurpose Trojans prevailed in web-delivered malware last year, accounting for 27% of all encounters, and, among programming languages, Java is still the primary target of online criminals.
In addition, Android turned out to be by far the most targeted mobile platform, accounting for 99% of all mobile malware.
Source: www.misco.co.uk
Saturday 28 September 2013
Pirate Bay Co-Founder’s Sentence Cut In Half
- Pirate Bay co-founder Gottfrid Svartholm Warg's prison sentence for hacking and fraud has been reduced from two years to one. (Photo: Reuters)
Pirate Bay co-founder, Gottfrid Svartholm Warg had his prison sentence for hacking and fraud reduced from two years to one. A Swedish appellate court made the decision on Wednesday after finding that one of the hacking charges against Svartholm Warg lacked sufficient evidence, the Associated Press reported. Namely, charges relating to the hacking of Nordea Bank AB were dismissed, while other hacking charges were upheld.
The Pirate Bay co-founder's sentence was cut in half because the Svea Court of Appeal said it could not rule out Svartholm Warg's claim that others could have remotely accessed his computer to hack into the Nordea Bank AB's servers. While the court dismissed the bank hacking charges, it upheld the conviction against Svartholm Warg of hacking into the servers of two other companies, Applicate and Logica, which handle sensitive information for Sweden's police force and tax authority. The Wall Street Journal reported that Svartholm Warg was originally convicted of hacking into all three companies' servers in June, resulting in the two-year sentence.
The Pirate Bay is one of the world's biggest free file-sharing websites, giving millions of users a way to illegally download music, movies and software. Since launching the site in 2003, Svartholm Warg and fellow co-founder Fredrik Neij have been embroiled in controversy. In 2009, the co-founders, along with company spokesman Peter Sunde and businessman Carl Lundstrom, were given one-year sentences for copyright violation by a Swedish court and ordered to pay 46 million kronor ($6.5 million) in damages to the entertainment industry.
Svartholm Warg left the country while appealing that ruling. He was arrested in Cambodia in 2012 and deported back to Sweden after an international arrest warrant was issued against the Pirate Bay co-founder, per the AP. He served out his first sentence for copyright violation while under detention over his hacking charges.
But while the Pirate Bay co-founder might have had his sentence reduced in Sweden, he might not be out of hot water yet. Decrypted Tech reported that Svartholm Warg is facing extradition to Denmark, as he is a suspect in a breach that resulted in the theft of driving records and social security numbers. The Danish authorities expect to have Svartholm Warg in custody in a few days.
Source: idigitaltimes.com
Saturday 14 September 2013
61% Of Malware Attack Victims Lose Some Data Forever
Most IT users know that malware is dangerous but few are fully aware of the havoc it can wreak. A new survey from B2B International and Kaspersky Lab reveals the true scale of the malware problem: just 39% of victims manage to fully restore the data lost as a result of a breach.
As Kaspersky Lab points out, a quarter of malware attacks succeed in stealing or corrupting confidential information. In the case of 17% of victims all data is lost forever, while 44% manage a partial retrieval. This is cause for concern, considering the importance we attach to our data, Kaspersky Lab said. Among the survey respondents, 56% declared that they deemed their information more valuable than the machine storing it. The poll also showed that 10% of affected users have resorted to the services of outside experts in the effort to restore their lost data.
But a data recovery specialist may not always achieve complete success and sometimes nothing can be done. Even an expert will be helpless if the attackers have used a file encryptor. This malicious program encrypts the files on the user's computers and requires a unique key for decryption. This is the type of program known as ransomware because the attackers typically demand payment in return for the decryption key.
Computers and mobile devices have become an integral part of daily life so it would be virtually impossible not to store confidential information on digital devices. However, users can minimise the risk of data loss through regular back-ups and reliable anti-malware protection, Kaspersky Lab said.
Subscribe to:
Posts (Atom)