Tag: Don’t | Page 2

NSFW Facebook ads being used to spread dangerous malware — don’t click on these

October 31, 2023/in Computer Security

Hackers have devised a clever new way to trick unsuspecting Facebook users into downloading malware on their computers.

While having your Facebook hacked is bad enough as it is, a new campaign discovered by Bitdefender uses compromised Facebook Business accounts to deliver the NodeStealer malware.

Just like with other info-stealing malware, NodeStealer targets Windows PCs with the goal of stealing browser cookies as well as saved usernames and passwords which can then be used to compromise a user’s other online accounts.

According to a blog post from Meta’s engineering team, previous NodeStealer campaigns have used malicious documents to distribute this dangerous malware. However, this time around, hackers are now using malicious ads to do so.

Here’s everything you need to know about this latest NodeStealer campaign and why you might want to think twice before clicking on any ads you see online.

Duping Facebook users with fake photo albums

(Image credit: Shutterstock)

During its investigation into this new NodeStealer campaign, Bitdefender found that the hackers behind it have come up with an interesting way to get potential victims to click on their malicious ads.

In a blog post detailing its findings, the firm’s security researchers explained that NSFW ads are the main lure used in this campaign. These ads are for Facebook pages which feature scantily clad women as male users are the targeted demographic.

Bitdefender found a number of fake Facebook profiles using “Album Update”, “Album Girl News Update”, “Private Album Update”, “Hot Album Update Today” or other similar names. These profiles feature one or two photos of young women where their faces or NSFW outfits are censored.

Once these fake profiles are set up, the hackers then begin running ads on Facebook to promote their content with short descriptions like “New stuff is online today” or “Watch now before it’s deleted” to instill a sense of urgency and get unsuspecting users to click on them.

When a potential victim does click on one of these ads, instead of getting access to an album full of NSFW photos, they instead download a Windows executable. While most people know the dangers of…

Source…

Five things organizations don’t consider before a ransomware attack

October 26, 2023/in Internet Security

Ransomware is generally considered to be one of the greatest threats facing organizations today. Following the release of the recent report on ransomware by the National Cyber Security Centre, the Rt Hon Tom Tugendhat, Minister of State, said ransomware attacks are evolving and that “the rollout of ransomware as a service means an advanced knowledge of computing is no longer needed to reap havoc; criminals are able to access software that will do much of the hard work for them.”

Despite heightened risks, awareness of the true risks posed by a ransomware attack remains low, with many organizations operating without incident response plans and rarely or never testing their cyber defenses. Many will be aware of some of the more high-profile ransomware attacks such as the MOVEit compromise, arguably the largest hack of the year, which impacted several large UK organizations, but are likely to assume that their size protects them from being targeted – particularly if they are smaller.

This isn’t the case: all organizations, large and small need to be aware and prepared.

When hit by ransomware, the victim has little breathing room to act, respond and mitigate. Preparedness goes beyond the direct incident response plan. Organizations also need to be asking questions like: Do we have a resource plan for an extended period of response and recovery? What if our CISO happens to be on holiday? What if the backups are compromised? Based on our experiences on the frontline, here are five common things organizations don’t think about before a ransomware attack.

Stuart McKenzie

Head of Mandiant Consulting for EMEA.

How do you keep the team motivated during an attack?

When a ransomware attack strikes, organizations run out of people before money or any other resource. Responding to a ransomware attack is more akin to a marathon than a sprint: organizations often underestimate the toll it takes on operations that are taken for granted.

Ransomware recovery can be a long haul operation and so it’s essential to ensure those on the frontline responding to the threat are motivated, supported and equipped with the right tools, should an attack persist for a long period of time….

Source…

Don’t trust that update! Untold number of Android users duped by dangerous SpyNote trojan

October 18, 2023/in Mobile Security

Android users have been put on spyware high-alert as a banking trojan by the name of SpyNote has recently returned to the limelight.

The Android-based malware has been a background security threat for users since 2022. However, now in its third revision and with source code of of one of its variants (known as ‘CypherRat’) having leaked online in January of 2023, detections of this spyware have spiked throughout the year.

SpyNote isn’t like many of the threats Android users face. You won’t find it tucked away inside of an innocuous app on the malware infected hellscape that is Google Play — at least not for now.

Instead, its primary method of spreading is through ‘Smishing’ or SMS phishing. These SMS messages can range from government updates to social media alerts with links to malicious apps. Here users will be misled into downloading an Android Package file (.APK), that works outside of the Google Play Store to infect a device and begin it’s nefarious deeds.

SpyNote: What does it do?

As stated, SpyNote primary method of infection is through SMS phishing attacks. However, variants of the spyware do exist and its methods of infection may evolve over time.

If you’re unlucky enough to fall foul of these attempts, the third-party app (while posing as an official update or legitimate service) tricks the user into accepting various permissions — after which, it will hide itself from view and begin to work behind the scenes at collecting user data in the following ways.

Audio recording: Including microphone access and phone calls.
Camera recording: Being able to access a victims camera for pictures or video.
Keylogging: Recording every input and tap you make on your device.
Credential theft: Stealing user logins (usernames, passwords, passkeys, and more) by intercepting banking, crypto wallets, and social media apps.
Screen recording: Through screenshot captures and device streaming.
GPS tracking: Accessing location services to track a victims location.

SpyNote: Do I have it, and how do I remove it?

SpyNote’s presence is hard to detect, and even harder to remove. If you’ve accessed a link to an app through SMS at any point, one of the ways you can tell if SpyNote is present on your device is by…

Source…

Don’t expect quick fixes in ‘red-teaming’ of AI models. Security was an afterthought

August 14, 2023/in Computer Security

BOSTON — White House officials concerned by AI chatbots’ potential for societal harm and the Silicon Valley powerhouses rushing them to market are heavily invested in a three-day competition ending Sunday at the DefCon hacker convention in Las Vegas.

Some 2,200 competitors tapped on laptops seeking to expose flaws in eight leading large-language models representative of technology’s next big thing. But don’t expect quick results from this first-ever independent “red-teaming” of multiple models.

Findings won’t be made public until about February. And even then, fixing flaws in these digital constructs — whose inner workings are neither wholly trustworthy nor fully fathomed even by their creators — will take time and millions of dollars.

Current AI models are simply too unwieldy, brittle and malleable, academic and corporate research shows. Security was an afterthought in their training as data scientists amassed breathtakingly complex collections of images and text. They are prone to racial and cultural biases, and easily manipulated.

“It’s tempting to pretend we can sprinkle some magic security dust on these systems after they are built, patch them into submission, or bolt special security apparatus on the side,” said Gary McGraw, a cybsersecurity veteran and co-founder of the Berryville Institute of Machine Learning. DefCon competitors are “more likely to walk away finding new, hard problems,” said Bruce Schneier, a Harvard public-interest technologist. “This is computer security 30 years ago. We’re just breaking stuff left and right.”

Michael Sellitto of Anthropic, which provided one of the AI testing models, acknowledged in a press briefing that understanding their capabilities and safety issues “is sort of an open area of scientific inquiry.”

Conventional software uses well-defined code to issue explicit, step-by-step instructions. OpenAI’s ChatGPT, Google’s Bard and other language models are different. Trained largely by ingesting — and classifying — billions of datapoints in internet crawls, they are perpetual works-in-progress, an unsettling prospect given their transformative potential for humanity.

After publicly releasing chatbots last fall, the…

Source…

Tag Archive for: Don’t