Tag Archive for: message

Hackers Blast Violent Gaza Message at a Popular Israeli Movie Theater


On Jan. 23, Turkish hacktivists projected political messages about the war in Gaza onto digital signage in an Israeli movie theater.

The group, called MeshSec, targeted Lev Cinemas in Tel Aviv, one of the most frequented theaters in the country.

In imperfect Hebrew, the message read: “Stupid Jews, you are all terrorist killers. You are cowards. You will take responsibility for the hundreds of innocent children who died in Gaza. We will not give you peace, even in your movie theaters, until your massacres are over. We will destroy you all. We will limit your access to the Internet and banking services. God is with us.”

The attack is just the latest case of psychologically oriented hacktivism invading Israeli public spaces since Oct. 7.

How a Popular Movie Theater Got Hacked

Hacking into digital billboards, it turns out, isn’t so unlike hacking into any other corporate IT resource.

“Basically how it works is that there’s a computer, or a management panel that runs any content you put on-screen — it could be a billboard, screens outside of a theater, anything like this,” explains Gil Messing, chief of staff at Check Point Software. “The hackers are scanning the Internet to find any kind of exposed Internet connections, and default or no password protection, for things like this that they find interesting.

“Once they’re inside the management panel, they can change the actual content on the panel to show whatever they want. It’s kind of like changing a picture on a webpage,” he adds.

The simplicity of the attack was equaled by the simplicity of the fix. As the Lev Cinemas CEO told Israeli news outlet YNet: “There is an external system that updates our screens and trailers. The hackers got into this system, and put up their messages — and within a few minutes we got on it, took it down, and the event was over.”

Psychological Warfare in Israel’s Streets

Amid the myriad DDoS, wipers, espionage, and more peppering Israel’s various public and private industries in recent months, some hacktivist outfits have focused on spreading political messaging to civilians in the streets.

Consider: Lev Cinemas Tel Aviv is located on the upper floors of the Dizengoff center mall, located at the heart of the…

Source…

Twitter’s new encrypted message feature criticized by security and privacy experts



Washington
CNN
 — 

Privacy and security experts widely panned a new feature that Twitter unveiled Wednesday that encrypts some direct messages between users, raising questions about the future of user safety on the platform.

Twitter’s early efforts at securing direct messages with encryption appear to be riddled with caveats, flaws and risks that may endanger users, the experts said after the company rolled out its initial release.

With the first iteration of the feature, only users who are paying subscribers to Twitter Blue or whose organizations have paid to be verified with the company may use encrypted messages.

In addition, encrypted messages may only be sent between two individuals, not groups. Encrypting images, video and other media is not supported. Both participants must either have exchanged direct messages in the past, or the recipient of an encrypted message must already follow the sender.

Perhaps most crucially, Twitter acknowledged that even with the encryption feature enabled, the company itself, and other third parties, can still potentially access user messages.

“I’m trying to be positive about Twitter deploying encrypted DMs even though there are so many things about this system that make it feel like a v0.1 release, or are just obnoxious,” said Matthew Green, a cryptographer and computer science professor at Johns Hopkins University, in a tweet.

Twitter’s former chief information security officer, Lea Kissner, publicly pleaded with Twitter’s current engineering team to improve the feature quickly.

“Twitter folks, seriously. I left some design docs somewhere. Please use them,” Kissner said on Bluesky, a rival platform.

Twitter has described encrypted messaging as key to the company’s future of becoming “the most trusted platform on the internet.” But the rollout provides another example of how, under CEO Elon Musk, Twitter has forged ahead with significant changes to the platform over the warnings of independent researchers about potential unintended consequences…

Source…

Google Chrome users ALERT! Beware of this error message, stop loss


If you are a Google Chrome user you need to be a bit careful before clicking on any of unknown links. Several security experts have warned users of a fake Google Chrome error message. Informing about the same, a blog post by Trend Micro stated, “Google Chrome users who use the browser regularly should be wary of a new attack campaign that distributes malware by posing as a Google Chrome update error message. The attack campaign has been operational since February 2023 and has a large impact area.” Another report by NTT Security has also informed of the same.

How this malware works

The malware attacks the users when they visit a legitimate or compromised website that has been infected with a malicious code, including code relating to adult sites, blogs, news sites, and online stores. As a person visits these websites, a fake Google Chrome error message will pop up asking to download an update to fix a supposed security issue.

According to the blog post, in the name of the update, what will really be downloaded is a ZIP file that has an EXE file inside. This EXE file contains a Monero miner that will use the user’s computer’s processing power to mine cryptocurrency for the attackers.

Also read: Looking for a smartphone? To check mobile finder

According to a report by The Sun, the prompt message reads “An error occurred in Chrome automatic update. Please install the update package manually later, or wait for the next automatic update.”

It can be known that mining crypto needs a huge amount of power, which might increase your energy bills. Notably, if you become a victim to this malware, your computer may slow down and become unresponsive. The downloaded malware also has the potential to acquire sensitive information such as log-in credentials and financial data from your computer. Most importantly, your device will be vulnerable to further malware attacks.

How to protect yourself from malware attack

Step 1:

Do not click on any of the prompts popping up on a website.

Step 2:

Be careful of what you download on your device. Always…

Source…

Galaxy S23 Gets Samsung Message Guard To Protect Against Zero-Click Hacks


In a press note announcing Samsung Message Guard, the company describes the solution as an advanced “sandbox” and a “virtual quarantine.” The primary objective of Message Guard is to isolate messages delivered to the smartphone before it can access the device’s files and operating system. Every time a text message is delivered to a Samsung smartphone protected by Message Guard, the tool checks the file bit by bit. This process happens in a controlled environment in such a way that it cannot infect the rest of the smartphone.

Samsung claims that the Message Guard tool preemptively neutralizes any threat hidden in text messages and image files before they could harm the device. What makes the tool even more effective is that it does not need to be enabled separately by the user, and runs invisibly in the background without needing any user interaction. 

In its current form, the tool works with Samsung’s own Messaging app as well as Google Messages. However, Samsung has promised a software update that will also widen the protection net to third-party messaging apps.

Samsung Message Guard is currently enabled by default on the company’s newest Galaxy S23 smartphones. However, the solution will roll out to a broader lineup of Galaxy smartphones and tablets later this year, the company confirmed.

Source…