Google Docs phishing attack is fixed

Share this

Google Docs users were hit by a widespread phishing attempt everywhere being spammed with what appeared to be malicious invitations to log on to their Google accounts. Unlike your garden-variety cyberattack, many of the telltale signs that could tip off that something was awry are absent. What made this attack so tricky to detect was that it took advantage of Google’s legitimate tool for sharing data with responsible third-party apps. Since the bogus invitation was being routed through Google’s real system, nothing was misspelled, the icons looked accurate, and it’s hard to know something’s…

Share this
Read More

Phishing attacks using internationalized domains are hard to block

Share this

Attackers can evade a security mechanism and abuse Unicode domains to phish for the login credentials of Chrome, Firefox, and Opera users. Security researcher Xudong Zheng has developed a proof-of-concept that exploits an issue in some web browsers. Attackers can abuse this sleight of hand to redirect users to phishing websites. All they need to do is use Punycode, which relies on ASCII characters to convey foreign characters.  The Punycode domain “xn--pple-43d.com” is equivalent to “apple.com”, for example. As long as a web browser translates the Punycode into what’s known…

Share this
Read More

BankBot trojan hits Google Play

Share this

A trojan virus that affects Android devices leaked online in January. This was the BankBot, a banking malware which disguised itself as a harmless program and able to avoid Google’s security scans. Weeks after the attack, the malware found its way to Google Play Store. What makes this vicious banking Trojan threatening is that it was able to find a way of hiding in apps using a variety of names on Play Store. On is Funny Videos 2017 and the other is the HappyTimes Videos, with the latter discovered just…

Share this
Read More

ISPs argue Web history isn’t “sensitive” they should be able to sell it

Share this

Internet providers are continuing to argue that they should be free to share and sell users’ web history without permission because it isn’t “sensitive information.” “Web browsing and app usage history are not ‘sensitive information,’” CTIA said in a filing with the Federal Communications Commission yesterday. CTIA is the main lobbyist group representing mobile broadband providers such as AT&T, Verizon Wireless, T-Mobile USA, and Sprint. The disagreement is around whether internet providers should be treated differently than web companies, like Facebook and Google. Internet providers argue that it’s unfair that the…

Share this
Read More

WikiLeaks announces tech firm cooperation

wikileaks
Share this

The anti-secrecy platform WikiLeaks has said it would work with tech firms to fix security flaws before publishing them. Customers’ trust in firms like Google and Apple has already been eroded by the Snowden leaks. Google, Apple, Microsoft, Samsung and other major tech companies have been faced with new dilemmas by the latest WikiLeaks release. The “Vault 7” dump of CIA files has exposed a number of security breaches in their software, which US intelligence has exploited and kept secret so that it can continue to hack into smartphones, computers,…

Share this
Read More

FCC halts regulations to protect data security

Share this

Many people realize Web services like Facebook or Google are monitoring their activities and security is not guaranteed, but companies also collect data in less obvious ways. Large websites and smaller businesses running smartphone apps do everything they can to collect information to tailor advertising or sell it to third parties interested in doing the same. The Federal Communications Commission in the United states FCC has been pushing through rules requiring internet service providers to disclose in plain language how consumer data is collected, how it’s shared with third parties…

Share this
Read More

Tech devices in your home could be spying on you

tech
Share this

We’re living in a digital world where being connected is critical to almost everything we do. Some of the tech devices inside  homes could be spying on you and tracking every move you make, but there are some things you can do to stop it. Tech experts say technology today is watching, copying, and even sharing that information and you may not realize it. From teapots to toasters to refrigerators, is your technology spying on you? Jerry Irvine, a member of Homeland Security’s Cyber Task Force says home technology is…

Share this
Read More

New York unveils final cybersecurity regulations

Share this

Cybercriminals can cause significant financial losses for business entities as well as for  consumers whose private information may be revealed and/or stolen for illicit purposes. The financial services industry is a significant target of cybersecurity threats. The New York Department of Financial Services unveiled the final cybersecurity regulations, which includes certain regulatory minimum standards while encouraging firms to keep pace with technological advances. New York is the financial capital of the world, and it’s critical that we do everything in our power to protect consumers and our financial system from the…

Share this
Read More

Facebook rolls out safer logins with a security key

security key
Share this

Facebook is adding a new feature that will help protect users from getting their accounts compromised. Users can now use a security key to authenticate their identity during the login process. If you use a security key, hackers won’t be able to get into your Facebook account, even if they have your username and password. Tech crunch reports that Users are only required to enter their username and password, then the site they’re logging in to responds by texting them verification code. The user enters the verification code, proving that he…

Share this
Read More

United States Imposes Cybersecurity Sanctions on Russia

Share this

On December 29, 2016, President Obama issued a new executive order that expands the authority of the US Secretary of Treasury to impose sanctions on individuals and entities for cyber-attacks to maintain cybersecurity reports the Business Advisor. This action marks the first-time sanctions have been imposed under the Cybersecurity Sanctions Program established on April 1, 2015, with the designation of nine entities and individuals. The new executive order specifically sanctioned five entities and four individuals in Russia for cyber operations aimed at the US election. The State Department announced that…

Share this
Read More