Posts

Expert: Amazon’s new Sidewalk network is banking on your ‘laziness,’ how to opt-out

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


(WSPA) – Are you comfortable with sharing your internet? If you use an Amazon device, chances are right now you are doing just that.

The company quietly launched its new shared network called Amazon Sidewalk on June 8. It gave users eight days to opt-out before their devices connected to create the new service.

Some cybersecurity experts are concerned and why they say Amazon “primed” you to do nothing about it.

Whether you know your neighbors, chances are right now your Ring camera and Echo speaker are linked to their devices through a new shared network called Amazon Sidewalk.

No text or email notifications went out to customers like the Orszaks in Greenville, South Carolina.

“It’s the first I heard of it is when you came up. I think it’s wrong,” said Midge Orszak.

“It seems like they should have emailed everybody and told them about the change. It shouldn’t be opt out, it should be opt in,” said Jeff Orszak.

Cyber security expert John Sinderman, the CEO of Pivotal IT, couldn’t agree more.

“I think what they’re counting on is the laziness of the user because they figure they’re just not going to turn it off,” said John Sinderman, the CEO of Pivotal IT.

Before we talk security, what exactly are users who don’t opt out getting?

Amazon says Sidewalk creates a new network using existing Ring and Echo devices that now share a portion of your internet bandwidth. The service not only ensures your products still work, even if your internet goes down, but it also provides more connectivity to products outdoors like lights and motion sensors.

“I don’t see the need for it. I’m able to get everything I need without this sharing,” Orszak said.

Amazon is quick to point out that Sidewalk “does not share your WiFi,” but Sinderman says while technically correct, that’s splitting hairs.

“They’re putting a device on their network that now will allow other devices from as far as a mile away to connect to that device on their network. In our world that is a potential vulnerability, it could allow access into your network from a network that’s not trusted,” Sinderman said.

Amazon says…

Source…

Surge in Android banking malware and RDP attacks

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


A new report from cybersecurity firm ESET has revealed rapid abuse of trending vulnerabilities and configuration flaws by cyber crooks.

The T1 2021 Threat Report found 59.6% increase in Remote Desktop Protocol (RDP) attack attempts globally in T1 2021 vs T3 2020, while Android banking malware increased by 158.7% for the same period. Cryptocurrency threats increased by 18.6%.

The report, summarises key statistics from ESET detection systems and highlighting notable examples of ESETs cybersecurity research, including exclusive, previously unpublished updates on current threats.

ESET Research aims to have a tri-annual publication, meaning that each report will cover a four-month period. The T1 abbreviation describes the period from January to April, T2 from May to August, and T3 from September to December.

“During the first four months of this year, the COVID-19 pandemic was still the number one news topic globally; however, it became notably less prominent in the threat landscape,” says Roman Kov, chief research officer at ESET. 

“One could say fortunately, yet as you will see in our report, we are continuing to see worrying examples of cyber crooks rapidly abusing trending vulnerabilities and configuration flaws with a focus on achieving high returns on investment,” he says.

“These abuses include continued abuse of the remote desktop protocol (RDP), which remains the number one target of brute-force attacks, increased numbers of cryptocurrency threats, and a steep increase of Android banking malware detections.”

The featured story of the report recounts ESET Research’s analysis of a vulnerability chain that allows an attacker to take over any reachable Exchange server. The attack has become a global crisis and ESET researchers identified more than 10 different threat actors or groups that likely leveraged this vulnerability chain.

The research presented in the T1 2021 Threat Report brings several updates and new findings about the APT groups Turla and Lazarus. It also includes information about a malicious iOS tweak, which is an application that leverages runtime patching in order to change program behaviour, to execute shell commands on jailbroken and compromised iOS…

Source…

Cyber Security in Financial Services 2020



Android Malware Named TeaBot Banking Trojan Targets Sixty Banks in Germany, Spain, Italy, Belgium, and the Netherlands

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Cleafy security researchers discovered a new banking trojan targeting banks in Europe. They named the new Android malware variant “TeaBot” because it is not related to other banking trojans.

The Android malware abuses Android’s Accessibility Services to overlay legitimate banking apps, intercept user actions and two-factor authentication codes, and perform arbitrary actions.

Cleafy’s Threat Intelligence and Incident Response team discovered the malware in January 2021. By March 29, the researchers detected malicious injections against Italian banks, and Belgium and Netherlands banks by May 2021.

TeaBot Android malware can stream a device’s screen and mimic user interaction

The researchers explained that the primary goal of TeaBot is stealing victims’ banking credentials for fraudulent purposes by abusing Android’s Accessibility Services.

The Android malware achieves a real-time interaction with the compromised device to bypass “new device enrollment” and perform an Account Takeover (ATO).

When TeaBot is successfully installed in the victim’s device, attackers can obtain a live stream of the device screen on demand and also interact with it.

The banking trojan can also send, intercept, and hide SMS messages to bypass two-factor authentication.

Like other Android banking trojans such as Anubis, Cerberus/Alien it overlays banks’ mobile applications to steal login and credit card information. It also observes and intercepts user actions and can perform arbitrary actions.

Unlike other banking trojans like EventBot that observe all installed apps, TeaBot only spied on selected banking applications. Consequently, it downloads specific payloads to perform overlay attacks against specific banks.

“TeaBot, during its first communications with the C2, sends the list of installed apps to verify if the infected devices had one or more targeted apps already installed,” the researchers noted.

Cleafy researchers also discovered that the Android malware sent user interaction information for specific bank apps every ten seconds to the command server. This strategy ensured that there is little traffic between the Android malware and the…

Source…