Tag: GREAT | Page 2

Are QR codes a great invention or a cybersecurity threat?

September 21, 2022/in Computer Security

In 2021, 75.8 million smartphone users in the United States scanned a QR code on their mobile devices, up by 15.3% compared to 2020.

The usage of mobile QR code scanners is projected to experience continued growth, reaching approximately 99.5 million users in the U.S. by 2025.

QR codes have grown more appealing to threat actors as it has become more widely adopted. The same accessibility that makes them helpful also makes them efficient delivery methods for malware and phishing scams.

With 59% of respondents believing that QR codes would be a permanent part of using their mobile phone in the future, what are the cybersecurity ramifications of mainstream QR Codes?

Cybersecurity specialists Ping Identity have explored the rising threat of QR Code attacks and how to protect yourself from getting scammed.

What are QR codes?

QR codes are matrix bar codes that frequently let customers access exclusive coupons, go to business websites, get exclusive offers, or discover more about goods and services.

Consumers can easily scan and interpret the message contained in a QR code box by pointing a smartphone’s camera at the code after installing a QR code reader application.

Why QR codes are not often secure

The biggest problem with QR codes is that humans cannot read their format, making it impossible for us to tell if a QR code is real or false just by glancing at it.

Below are some ways that malicious parties can utilise QR codes against you:

Phishing

Another issue known as QPhishing is the usage of QR codes in phishing scams. A cybercriminal could add a phishing website URL to a legal QR code.

Users are then prompted by the phishing website to divulge their data, which crooks will then sell on the dark web. In addition, they could pressure you into purchasing for goods that bring them money.

These phishing websites are barely distinguishable from real websites, giving the victim the impression that they are trustworthy.

With a few small exceptions, they are largely perfect reproductions of the original. For instance, the “.com” in the domain name can be changed to something else, such “ai” or “in.”

Malware attacks

To infect anyone who…

Source…

“Technology Brings Great Things, But Also Reflects Risks And Aspects”

August 20, 2022/in Computer Security

Sebastian Bortnik, a specialist in technology and computer security, a reference in issues related to the fair use of technology, will be in San Francisco for the first time to speak as part of the “Adolescent Now” conference.Organized by the Municipal Corporation Health Secretariat on 26 and 27 August. There will be time to address various issues and create space for teens and their support groups such as parents and teachers.

Bortnick, on Friday, will be in charge of two talks, one aimed at young people’s “grooming: virtual harassment?” And the remaining one, “Adolescence, Social Networks and Wellness”, for parents.

Before Coming to San Francisco, the Expert Speaks Morning of El Periodico (FM 97.1)where he said: “When this invitation came, I found it a very interesting prospect to talk about a topic that teens are connected to, with social networks, with applications, about the Internet. cell phones, a problem that is super current, until so many years ago it was something that didn’t exist”.

According to Bortnik, “today we find that” Our children are facing a very different adolescence from us because of hyperconnectivity, so not having the experience makes us feel like we have nothing to contribute. And that puts us in very dangerous places,” he warned.

risk to teenagers

“The Internet and technologies have brought great things to our lives, but also new risks and aspects that force us to reflect,” said the expert. We have to be cautious because internet connection is no trivial matter, very serious things can happen with the issue of cyberbullying, which for example is about violence on the network; Very serious situations, cases ending in suicide, cases of grooming that ended in non-consensual dissemination of images and many other situations”.

In return, the speaker acknowledged that adolescent anxiety and depression are “two problems that have increased greatly in recent years” and undoubtedly have to do with the use of technology, Then he recalled: “I started in 2009 with these talks to teach kids how to take care of their passwords, but over time I realized that it wasn’t the most important thing, but much more serious. Things…

Source…

The Great Euro Sat Hack Should Be A Warning To Us All

June 6, 2022/in Internet Security

Military officials and civilian security researchers have been warning us for years: cyberattacks are becoming a very real part of modern warfare. Far from being limited to military targets, cyberattacks can take out everything from vital public infrastructure to commercial and industrial operations, too.

In the early hours of February 24, as the Russian invasion force began raining missiles on Ukrainian cities, another attack was in progress in the digital realm. Suddenly, satellite terminals across Europe were going offline, with many suffering permanent damage from the attack.

Details remain hazy, but researchers and military analysts have pieced together a picture of what happened that night. The Great Euro Sat Hack prove to be the latest example of how vulnerable our digital infrastructure can be in wartime.

A Network Is Only As Secure As Its Weakest Point

The KA-SAT satellite operated owned by US company Viasat was launched in 2010. It’s charged with providing broadband satellite internet across Europe, with some limited coverage also extending to parts of the Middle East. Customers of the service include residential users across Europe, and many industrial systems as well.

5,800 wind turbines lost their satellite data connections during the attack, compromising remote monitoring of the hardware. Service was restored through a combination of replacing affected satellite modems and installing supplementary cellular/LTE data links. Credit: ENERCON press site

On February 24, when Russian forces began their full-scale invasion of Ukraine, the KA-SAT system similarly came under attack. Thousands of terminals suddenly went offline in the early hours of the morning. Far from being limited to just Ukraine, users in Greece, Poland, Italy, Hungary, and Germany were all affected.

Notably, 5,800 wind turbines in Germany had their administration systems go dark as the attack raged. When the satellite links went down, monitoring the wind turbines via SCADA systems was no longer possible. Thankfully, grid stability was not affected according to operator ENERCON, as grid operators maintained control over the wind power input to the grid via other methods.

Early reports…

Source…

Oh great, hackers found a new way to sneak malware into your computer

May 9, 2022/in Computer Security

Cybersecurity experts recently discovered a new technique for storing malware on an unsuspecting PC. Used by hackers, it involves slipping malware inside of Windows 11 event logs. To make matters worse, this new technique is designed to make the infection process nearly impossible to detect until it’s too late.

Researchers at Kaspersky (thanks Bleeping Computer) analyzed a recent sample of the malware on a customer’s computer in February of this year. During their analysis, they found that a hacker was able to plant fileless malware into a victim’s file system by hiding it away in your Windows events logs. A first, according to Kaspersky.

This sophisticated attack injects shellcode payloads into Windows event logs into the KMS (Key Management Services) via a custom malware dropper and basically hides in plain sight.

The dropper then loads malicious code by taking advantage of a DLL exploit and hides itself as a copy of a legitimate error file. So, even if you check your event logs, it’ll look like nothing out of the ordinary. The attacker can then install a Trojan virus (or, in this case, a number of Trojans), which will wreak havoc on a system.

Denis Legezo, lead security researcher at Kaspersky, told Bleeping Computer that “the actor behind the campaign is rather skilled by itself, or at least has a good set of quite profound commercial tools.” The purpose of the attack is to obtain valuable user data.

Kaspersky never revealed who the company that was was hit by what it’s calling a “targeted campaign.” The victim of this attack, in this case, was tricked into downloading a RAR archive from a legitimate file sharing service. Once its downloaded, it secretly runs itself, and you’re pretty much screwed.

So how do you defend yourself against an attack like this? You should continue to follow your company’s cybersecurity best practices, like never clicking on suspicious links in emails and texts. Ensuring you know what you’re downloading, and where it is from, before hitting open on any files or folders remains one of the best defenses we have against the dark hacking arts.

Source…

Tag Archive for: GREAT

What are QR codes?

Why QR codes are not often secure

Phishing

Malware attacks

risk to teenagers

A Network Is Only As Secure As Its Weakest Point