Tag Archive for: push

The Privacy Danger Lurking in Push Notifications


To send those notifications that awaken a device and appear on its screen without a user’s interaction, apps and smartphone operating system makers must store tokens that identify the device of the intended recipient. That system has created what US senator Ron Wyden has called a “digital post office” that can be queried by law enforcement to identify users of an app or communications platform. And while it has served as a powerful tool for criminal surveillance, privacy advocates warn that it could just as easily be turned against others such as activists or those seeking an abortion in states where that’s now illegal.

In many cases, tech firms don’t even demand a court order for the data: Apple, in fact, only demanded a subpoena for the data until December. That allowed federal agents and police to obtain the identifying information without the involvement of a judge until it changed its policy to demand a judicial order.

Europe’s sweeping Digital Markets Act comes into force next week and is forcing major “gatekeeper” tech companies to open up their services. Meta-owned WhatsApp is opening its encryption to interoperate with other messaging apps; Google is giving European users more control over their data; and Apple will allow third-party app stores and the sideloading of apps for the first time.

Apple’s proposed changes have proved controversial, but ahead of the March 7 implementation date the company has reiterated its belief that sideloading apps creates more security and privacy risks. It may be easier for apps on third-party apps stores, the company says in a white paper, to contain malware or try to access people’s iPhone data. Apple says it is bringing in new checks to try to make sure apps are safe.

“These safeguards will help keep EU users’ iPhone experience as secure, privacy-protecting, and safe as possible—although not to the same degree as in the rest of the world,” the company claims. Apple also says it has heard from EU organizations, such as those in banking and defense, which say they are concerned about employees installing third-party apps on work devices.

WhatsApp scored a landmark legal win this week against the notorious mercenary hacking firm NSO…

Source…

Syncro Plans Cybersecurity Push in 2024


Managing complexity in the cybersecurity stack will be among the challenges for managed service providers going into 2024. There are so many point solutions from so many vendors, and end user companies are relying on their MSPs for protection.

But the complexity of the cybersecurity stack is not the only challenge ahead for MSPs. Managed service providers have weathered a year of inflation, higher prices, and other industry changes, too.

That’s according to PSA/RMM platform company Syncro’s CEO Emily Glass who recently spoke with ChannelE2E about what’s on her company’s technology roadmap for next year, what she’s hearing from MSPs, the results of her company’s recent pricing survey of MSPs and more.

Cybersecurity and MSPs

Cybersecurity continues to be at top of mind for MSPs and for Syncro, Glass told ChannelE2E.

The threat landscape is always changing. Plus, MSPs have the challenge of identifying the right vendors, managing those vendors, and then selling the solution to the end customer company.

Syncro operates a marketplace-type ecosystem to help MSPs navigate the many options they have for cybersecurity. The company has forged partnerships with vendors including Acronis and Proofpoint. Syncro has also introduced a number of innovations to its platform in 2023 to help its MSP partners with their cybersecurity such as an IP Allow list that lets MSPs lock down their logins to certain IP addresses. Syncro also offers single sign on capabilities. The company recently achieved SOC 2 compliance.

Looking ahead for 2024, Glass said that Syncro plans to introduce innovations around simplifying security solutions for MSPs. As the threat landscape has shaped, more solutions have come to market to protect against them. But that’s led to another problem.

“The solutions that are emerging to deal with cybersecurity threats are very fractured,” Glass said. “Syncro is looking to unite them, similar to what we did for PSA/RMM.”

Syncro offers a unified PSA (professional services automation) and RMM (remote monitoring and management) platform. The unified approach to these two core MSP business functions simplifies the operation of a managed services business.

“We believe that…

Source…

Ransomware, Vendor Hacks Push Breach Number to Record High


Cybercrime
,
Fraud Management & Cybercrime
,
Ransomware

Report: 2.6 Billion Personal Records Exposed in the Last 2 Years

Ransomware, Vendor Hacks Push Breach Number to Record High
Data breaches in the U.S. have hit an all-time high thanks to hacking incidents, including ransomware and vendor attacks, says a new study released by Apple and MIT. (Image: Getty)

The number of data breaches in the U.S. has hit an all-time high amid mounting attacks against third party vendors and aggressive ransomware attacks, says a report from Apple and a Massachusetts Institute of Technology researcher.

See Also: OnDemand | Understanding Human Behavior: Tackling Retail’s ATO & Fraud Prevention Challenge

Data breaches have more than tripled between 2013 and 2022, compromising 2.6 billion personal records in just the past two years – and that trend has continued to worsen in 2023, says the report written by MIT professor Stuart Madnick and published Thursday.

In the first eight months of 2023, more than 360 million people were affected by corporate and institutional data breaches, and 1 in 4 people in the U.S. had their health data exposed in data breaches.

More ransomware attacks were reported through January to September 2023 than in all of 2022, the report said. In the first three quarters of 2023, the number of ransomware attacks increased by nearly 70% compared to the same period in 2022.

A 2023 survey of 233 IT and cybersecurity professionals across 14 countries working in the healthcare sector found that 60% of organizations have faced a ransomware attack, which is…

Source…

Qakbot Hackers Continue to Push Malware After Takedown Attempt


The cybercriminals behind the Qakbot malware have been observed distributing ransomware and backdoors following the recent infrastructure takedown attempt by law enforcement, according to Cisco’s Talos research and threat intelligence group.

In late August, authorities in the United States and Europe announced the results of an international operation whose goal was the disruption of the notorious Qakbot botnet, aka Qbot and Pinkslipbot. 

The law enforcement operation involved the takeover of Qakbot infrastructure, the seizure of millions of dollars worth of cryptocurrency, and the distribution of a utility designed to automatically remove the malware from infected devices.

Talos has been monitoring Qakbot-related activities and on Thursday pointed out that a campaign launched by cybercriminals in early August has continued even after the law enforcement operation was announced.

As part of this campaign, the hackers have delivered Ransom Knight ransomware and the Remcos backdoor using phishing emails. This suggests, according to Talos, that the law enforcement operation impacted only Qakbot command and control (C&C) servers, without affecting spam delivery infrastructure.  

The campaign delivering Ransom Knight and Remcos malware appears to be the work of Qakbot affiliates known for a previous operation named ‘AA’, which ran in 2021 and 2022. 

“We assess Qakbot will likely continue to pose a significant threat moving forward. Given the operators remain active, they may choose to rebuild Qakbot infrastructure to fully resume their pre-takedown activity,” Talos said.

Advertisement. Scroll to continue reading.

SecurityWeek has also heard from others who have seen signs that the Qakbot infrastructure is being rebuilt, with cybercriminals moving to distribute new malware.

Qakbot, primarily delivered through spam emails, has been used to gain initial access to systems, to which cybercriminals could then distribute ransomware and other malware. 

When they announced the takedown attempt, US authorities said they had gained access to Qakbot infrastructure and identified more than 700,000 infected computers worldwide. The FBI redirected Qakbot traffic through servers…

Source…