Tag: January | SpinSafe

Ransomware Spikes 130% in January – Digital Transactions

February 5, 2024/in Internet Security

Already, 2024 is starting off with an unrelenting wave of ransomware attacks. The number of attacks last month, as registered by cybersecurity firm BlackFog, increased 130% from January 2023.

Cheyenne, Wyo.-based BlackFog says the 76 attacks noted this January are the second-highest it has ever recorded. The highest number came only in November, when nearly 90 attacks happened. The insidious nature of ransomware can mean companies pay to get their data decrypted by the criminals who scrambled it, and often have expensive followup actions to complete.

BlackFog’s data shows that the education sector, at 14, saw the most attacks followed by healthcare at eight and manufacturing at seven. Finance endured five attacks in January. The data also show that, in the past few months, ransomware attackers made a decided shift to small and mid-size organizations.

Most attacks still seek to extract data, with 91% of all ransomware having that goal, it says. The average ransom payout is $568,705, down 33% from the third quarter of 2023.

“We are now seeing extortion continue for years after the initial attack, even if the victim paid the initial ransom,” Darren Williams, BlackFog chief executive and founder, says in a statement. “There are so many ways to leverage data once it has been exfiltrated. Lastly, we see that China and Russia continue to dominate as the leading destinations for exfiltrated data, with 18% and 8% respectively.”

Organizations in the United States account for 57% of ransomware attacks, followed by the United Kingdom at 8%, and Singapore at 4%.

Source…

Galaxy S23 grabs a January update packed with over 70 security flaw fixes

January 14, 2024/in Mobile Security

What you need to know

Samsung has started pushing its January 2024 security update to the Galaxy S23, S22, and S21 in Europe.
The patch features nearly 75 vulnerability fixes with the majority labeled as “High” priority.
Samsung acknowledged its lack of burn-in screen protection measures but it’s unclear if such an update to bring it made it into the January patch.

Samsung is starting to roll out its new year security update a little late to a few of its flagship phones.

According to SamMobile, the January 2024 security patch is arriving for the Galaxy S23, Galaxy S22, and Galaxy S21 series in Europe. Owners of the latest flagship series will find firmware version S91xBXXS3BWL3 when updating at an approximate 400MB download size. Those with a Galaxy S22 should see S90xBXXS7DWL3 while the S21 finds G99xBXXS9FWL9.

It’s worth noting that the update doesn’t appear to have arrived for any FE devices, so far.

Samsung goes over a few fixes itself, however, the update packs nearly 75 fixes, according to the changelog. The majority of the fixes rank “High” on the Korean OEM’s priority scale, as well. The company has included a fix involving its “Notification service,” which could’ve allowed an attacker to access a user’s information. This fix pertains to devices utilizing Android 11 up to Android 14.

A “High” level fix arrives for Galaxy device’s Bluetooth pairing process. Samsung explains the fix should solve a vulnerability where an attacker could’ve paired a device without user interaction.

Additionally, the January security update may have returned Samsung’s burn-in screen protection measures. The company formally acknowledged the issue, stating it should arrive in January during its “next update version.” Unfortunately, it’s unclear if the protection made its way in with this patch. Burn-in protection slightly shifts the pixels on your display to help preserve your OLED screen.

The update is currently making its rounds to the following Galaxy devices, as well:

Samsung Galaxy Z Flip 5 cover screen quick settings

(Image credit: Derrek Lee / Android Central)

Since the update was first spotted in Europe, the Galaxy S23 series and others should begin picking it up in the U.S. soon. Your Galaxy device should automatically begin downloading, but if it…

Source…

Pixel Watch and Pixel Watch 2 get January 2024 security update

January 11, 2024/in Mobile Security

google pixel watch 2 left next to pixel watch 1 right

Rita El Khoury / Android Authority

TL;DR

Google is rolling out the first security patch of 2024 to the Pixel Watch and Pixel Watch 2.
Google says the rolling out will continue over the next week in phases depending on device and carrier.
The update comes with firmware version TWD9.240105.004.A1.

It’s the second week of January and it looks like Google is ready to roll out a new security patch. The patch will be the Pixel Watch and Pixel Watch 2’s first security update of 2024.

Google has announced it is starting to roll out the January 2024 security update to Pixel Watch devices running on Wear OS 4. If you haven’t received the update yet, don’t worry. The tech giant says the update is rolling out in phases depending on the device and carrier and will continue over the next week.

For this month’s patch, the build number is TWD9.240105.004.A1. If the OTA update is available to you, you should receive a notification on your watch to download and install.

The changes that come with January 2024’s patch can be found in the Android Security Bulletins. But the changes are mostly just fixes for security vulnerabilities.

To update your Pixel Watch or Pixel Watch 2, all you have to do is go to Settings and scroll down to System. After you tap on System updates, you should be able to see the current version your device is running on and if there are any updates available.

Source…

At least S$12 million lost in fake friend call scams since January; new variant involving Android malware

July 5, 2023/in Computer Security

SINGAPORE: At least S$12 million (US$8.9 million) has been lost in fake friend call scams since January 2023, the police said on Wednesday (Jul 5), warning of a new variant involving malicious Android links.

At least 3,700 victims have fallen prey to such scams since the beginning of the year.

They would receive text messages or phone calls from unknown numbers – with or without the +65 prefix. Scammers would claim to be a friend or an acquaintance and ask the victims to guess their real identity.

Once a name is provided, the scammer would assume the identity of the victim’s friend and ask them to update their contact details.

“The scammers would contact the victims subsequently to ask for a loan and would claim that he or she is unable to perform a banking transaction or is experiencing financial difficulties,” said the police.

Victims would then be provided with a local bank account to transfer the money.

While there has been a “persistent trend” of such scams, the police said they have seen a new variant where scammers would send victims malicious links, asking them to help with simple tasks such as making purchases, reserving seats at a restaurant or tracking a missing phone.

“These malicious links will lead victims to either phishing sites and/or the download of an Android Package Kit (APK) file, an application created for Android’s operating system,” said the police, adding that victims would discover unauthorised transactions after keying in their banking credentials or card details.

Source…

Tag Archive for: January

What you need to know