Tag Archive for: Phone

When you buy a criminal’s phone, and paying for social media scams • Graham Cluley

/in


Smashing Security podcast #322: When you buy a criminal’s phone, and paying for social media scams

Personal information is going for a song, and the banks want social media sites to pay when their users get scammed.

All this and much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.

Hosts:

Graham Cluley – @gcluley
Carole Theriault – @caroletheriault

Episode links:

Sponsored by:

  • Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
  • Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
  • Outpost24 – Understand your shadow IT risk with a free attack surface analysis.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on Mastodon, on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.
Follow him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an email.

Source…

Israeli Phone Malware Maker QuaDream Apparently Ready To Call It Quits After Suffering A Little Negative Press

/in


from the cut-and-run dept

QuaDream, an NSO-alike with links to Israeli intelligence services, first made international headlines last year. And for the worst reasons. An investigation found QuaDream (much like NSO Group) sold iPhone-targeting malware to human rights violators. These sales were given a layer of plausible deniability, handled by a Cyprus-based company on behalf of QuaDream as it collected paychecks from garbage governments around the world.

Further investigations by Toronto’s Citizen Lab uncovered QuaDream’s links to abusive governments, as well as abusive deployments of its zero-click exploit to target journalists, activists, political opponents, and dissidents.

Now that it’s inadvertently shown its whole ass to the world, it appears QuaDream is shuttering its malware business. Or at least, it wants all of its critics to believe that’s what it’s doing. But this report from the Jerusalem Post indicates that, real or otherwise, QuaDream’s latest business move involves laying off several actual human beings.

Israeli cybersecurity company QuaDream reportedly summoned many of its 40 employees to a pre-termination hearing on Monday ahead of widespread layoffs, according to Globes.

This downturn (and its unfortunate effect on 40 QuaDream employees) is being blamed on everything but the company’s decision to sell to human rights abusers, engage in zero oversight of its products’ deployment, and it’s willingness to engage in ethically awful business practices.

QuaDream, which can only access iPhones (unlike NSO, which can also hack Android phones), wrote in a letter to court: “The crisis in the industry began due to the public disclosure of the activities of some of the companies from 2018 onward, which resulted in the fact that in November 2011, the US Chamber of Commerce put NSO and Candiru on its blacklist. Immediately after that, at the start of 2022, the regulator in Israel decided to reduce the number of countries to which it is allowed to sell the companies’ products in the industry from 102 to only 37, which caused a severe economic crisis in the entire industry.”

When you’re blaming a government for harming your business by…

Source…

How to tell if your computer or phone has been hacked

/in


The most brilliant hackers aren’t the ones who hack the most systems — they’re the ones who never get caught. If they’re clever and stealthy enough, a hacker can leave your system filled with malware or weird ads, confuse your friends and relatives with shady emails, and even drain your bank account.

No matter your device, a hacker with enough gumption and know-how can break in. Here are some surefire ways to know if your system has been hacked and what you can do to fix or prevent it, brought to you by sponsor TotalAV. Your best defense against viruses, keyloggers and other malware? A solid security suite.

Protecting all your devices

Hackers are more intelligent than ever, and more than 90% of malware changes constantly to evade detection. You need the right software to keep you safe. Hoping for the best won’t cut it anymore.

TotalAV’s award-winning antivirus security suite offers complete protection you can rely on, with built-in adware, ransomware and malware protection. TotalAV’s Safe Site browser extension detects and blocks dangerous phishing sites automatically, so you always know you’re entering your private data on the right site.

Best of all, you can protect up to five devices on a single account. It works with your Windows PC, Mac computer, iPhone and Android smartphones. Right now, get an annual plan for only $19 at ProtectWithKim.com. That’s over 85% off the regular price. What are you waiting for?

Worried your system has been compromised? Look for these warning signs.

1. Slowed to a crawl and too hot to be bothered

Malware tends to eat up a lot of system resources. After all, it’s an extra piece of unwanted software that intentionally runs your system dry. Programs on your computer can get sluggish or lag; by the time you finally notice, it may already be too late.

If your computer is working overtime to handle the unwanted software, that can cause it to heat up. This can be dangerous for the health of your tech.

Internal components can melt or…

Source…

Is Your Phone At Risk? Google Raises Security Alarm For Android Users

/in


In a blogpost, Tim Willis, who is head of Google’s Project Zero, said four of the vulnerabilities ‘allows for Internet-to-baseband remote code execution”. These bugs have put the security of the android systems at risk.

Updated Mar 17, 2023 | 10:48 PM IST

The Google security researchers said skilled hackers would be able to quickly create an ‘operational exploit’ to compromise affected devices silently and remotely.

Photo : Twitter

Almost every second person is using an android phone nowadays. However, the android system is not averse to bugs and hacking. Raising a major alarm, the Google security researches have warned of 18 different bugs in Samsung Exynos chips which are utilised in many top Android smartphones.

How your phone is at risk

In a blogpost, Tim Willis , who is head of Google’s Project Zero , said four of the vulnerabilities ‘allows for Internet-to-baseband remote code execution”. These bugs have put the security of the android systems at risk.

According to tests conducted by the Project Zero lab, an attacker can remotely hack the phone at the baseband level without any user interaction thanks to these four bugs. The cyber hacker just needed to know the phone number of the victim to compromise its security.

The Google security researchers said skilled hackers would be able to quickly create an ‘operational exploit’ to compromise affected devices silently and remotely.

How Can Samsung phone users fend off cyber attacks

Google’s Project Zero head Tim Willis has said the phone users having Samsung’s Exynos chipsets in their devices can turn off Wi-Fi calling and Voice-over-LTE ( VoLTE ) in their phones to fend off cyber attacks until security updates are made available.

According to Willis, the chances of security compromise in the phones are nil when the settings are turned off.

The bug currently affects devices from Samsung, Google-Pixel 6 and Pixel 7 series, Vivo, wearables using Exynos chipset. The bugs also affects vehicles using Exynos Auto T5123 chipset.

Google said affected Pixel devices have already received updates, while other devices may get security updates as per manufacturer.

Google withheld disclosure of four vulnerabilities

According to Tim Willis, Under the…

Source…