Tag Archive for: Hidden

Billions of Android owners urged to turn on three hidden safety locks – you’re living on the edge without them

/in


THESE three quick tricks will keep upgrade your phone’s security.

You might be tempted to download a security subscription service to keep your Android safe from hackers or thieves.

There are three life-saving tips that will padlock your phone shutCredit: GETTY

But there are free, ready-to-go safety tricks hidden on your phone — you simply need to know where to look.

Here are three life-saving tips that will padlock your phone shut, according to Computer World.

1. Safe Browsing

Chrome‘s Safe Browsing mode is enabled by default, but there is a newer and more effective version.

It’s called “Enhanced Safe Browsing” and will operate “in the background to provide faster, proactive protection against dangerous websites, downloads, and extensions,” according to Google’s website.

Here’s how you access it:

  • Open Chrome on your Android.
  • Select the three-dot menu icon in the app’s upper-right corner.
  • Select Settings > Privacy and Security > Safe Browsing. Tap the dot next to “Enhanced protection.”

An extra helpful tip: Return to Chrome’s Settings menu and select “Safety check.”

This will open a useful one-tap tool for scanning browser settings and saved passwords, and will let you know of any possible breaches or weak spots in your security.

Most read in Phones & Gadgets

2. Smart Lock

Android’s Smart Lock feature is designed to make security simpler, by pausing the extra protections when it’s in your hands.

It will automatically allow you to keep your phone unlocked whenever you’re in a trusted place like your home or office, or when you’re connected to a commonly-used Bluetooth device, like your earbuds.

Here’s how depending on your device type:

  • For Android 12 and later, Android settings > Security > Advanced Settings.
  • For earlier Android versions, open Android settings > Security > Screen Lock.
  • For Samsung devices, Settings > Lock Screen.

3. Lockdown Mode

No, not that kind of lockdown.

The handy Android setting called “Lockdown Mode” provides you with an easy way to temporarily lockdown your phone.

In this mode, only a pattern, PIN, or password can get a person past your lock screen and into your device.

It temporarily shuts down your phone from all biometric and Smart Lock…

Source…

Bloodless hidden Cyber Wars against India

/in


Mass invisible bloodless cyber-attacks on our country’s institutions and organisations cripple our economy, industry, governance and national security. These attacks can be secretive, more often lethal and more severe than any military operation(s), which are more visible in physical deaths, bloodshed and destruction. These global and lower-scale attacks are becoming everyday occurrences like accidents, wars, fires, unauthorised access and excessively employed for sabotage, subversion and espionage through cyber warfare means of unlimited reach. This ‘white chair borne terrorism’ covers a broad spectrum of cyber-crimes encompassing Aeronautics, Airports, Banks, Defence, DRDO, Education, Hospitals, Hotels, Mints, Nuclear Energy, Oil, Power, Ports, Prasar Bharti (AIR & Doordarshan Kendras) Railways, Refineries, Space, Ship Building, Telecom & various vital Research Centres & Laboratories; in fact in every sphere of human activity. The FICN (Fake Indian Currency Notes) is being pumped by Pakistan in collaboration with China and other inimical forces to derail our economy, causing Economic Disaster to ruin and devastate our country without crossing LOC/IB and firing a bullet. Shockingly, often the FICN entering via Pakistan and some south Asian countries are so well designed that the original currency looks pale inferior.

Our adversaries, Pakistan and China, have realised that bullying India along IB/LOC/LAC will only work in tandem with Cyber Warfare co-opted seriously against India in conflict resolution to their choice and likings.

The recent cyber-attack on all the servers of the All India Institute of Medical Sciences (AIIMS), Delhi, was allegedly launched by China from Hanan province and Hong Kong, but the person, organisation and exact location have not been identified. Even if these are identified, then the possibility of using proxy or virtual servers by attackers does not exist. The Intelligence Fusion and Strategic Operations (IFSO), a cyber-terrorism unit of the Delhi Police, on 25 Nov 2022, registered a case of extortion and cyber terrorism. Multiple agencies, including The National Intelligence Agency (NIA), National Forensic Science University (NFSU), Delhi…

Source…

Ransomware campaign targets popular open-source packages with cleverly hidden payload

/in


An ongoing ransomware campaign hides its payload in an uncommon way by targeting popular open-source packages that typically receive nearly 15 million installations per week, according to new findings by Checkmarx and Phylum.

In a blog post, Checkmarx researchers said the campaign uses a form of typosquatting to target the popular “requests” package on Pypi and the “discord.js” package on NPM, and includes embedded ransomware. When executed, the ransomware encrypts files on the victim’s computer and demands payment of $100 in cryptocurrency to unlock them.

Unlike most open-source attacks where malicious packages are being executed upon installation, Alik Koldobsky, security researcher at Checkmarx, told SC Media that the payload is hidden in multiple strategic locations and only executes when the victims use the actual functions of the packages, which makes the campaign hard to detect by many security scanners.

 The malware payload supports multiple operating systems, allowing the campaign to target a wider audience. In addition, attackers named the ransomware messages and infrastructure after the U.S. Central Intelligence Agency.

A detailed attribution has yet to be done, but researchers discovered clues through further investigation that imply the attacker is Russian — the Telegram user account associated with the attack has a Russian phone number, and the attacker interacts with researchers directly in Russian.

Screenshot of a conversation with the attacker in Russian (credit: Checkmarx)

Even after Checkmarx reported the attacks, the offender’s account is still able to publish potentially malicious packages on NPM and PyPi, where software supply chain attacks are rampant. Researchers say they will continue to monitor for any new activity.

Koldobsky warned that there would be more attacks from the same actors as well as copycats, simply because the method is easy and impactful.

Besides the campaign’s uncommon way of hiding its payload, it is rare yet not unknown for ransomware attackers to use open source as a delivery system, said Mike Parkin, senior technical engineer at Vulcan Cyber. In August, Sonatype discovered multiple malicious Python packages that embedded…

Source…

Android owners warned of hidden risk when downloading apps on holiday – The US Sun

/in


ANDROID owners have been warned the apps they download on holiday may not be as secure as at home – even if they look and feel exactly the same.

Most apps are available globally and appear completely identical no matter where in the world you choose to download them.

Apps aren't necessarily the same throughout

1

Apps aren’t necessarily the same throughoutCredit: SOPA Images/LightRocket via Gett

But experts have revealed that beneath the surface things could be functioning quite differently – and not necessarily for the better.

User privacy and security can vary considerably when using the same app from country to country, according to the University of Michigan.

A team investigated more than 5,600 popular apps and uncovered hundreds with hidden changes depending on country.

127 of them had so-called “geodifferences” in permissions requested.

iPhone and Android owners urged to delete DOZENS of dubious apps now
Android users urged to DELETE 'dangerous' apps that rinse your bank account

49 of these made requests which are deemed “dangerous”.

And more than 100 had very different privacy policies based on country.

Apps in Bahrain, Tunisia and Canada requested the most additional dangerous permissions, experts claim.

“While our study corroborates reports of takedowns due to government requests, we also found many differences introduced by app developers,” said study co-author Renuka Kumar.

“We found instances of apps with settings and disclosures that expose users to higher or lower security and privacy risks depending on the country in which they’re downloaded.”

The research also lifted the lid on the huge number of geoblocked apps – apps which can only be downloaded in certain countries.

They found 3,672 apps in total were blocked in at least one of the 26 countries included in the study.

Iran and Tunisia apparently had the highest blocking rates, with popular apps like Microsoft Office, Adobe Reader, Flipboard and Google Books banned.

VPN apps were often blocked in Turkey and Russia too.

“Blocking by developers was significantly higher than takedowns requested by governments in all our countries and app categories,” Kumar wrote on The Conversation.

“App stores allow developers to target their apps to users based on a wide array of factors, including their country and their device’s specific features.”

Best Phone and Gadget tips and hacks

Looking for tips and…

Source…