Tag: spying | Page 2

Tag Archive for: spying

Apple Zero-Days, iMessage Used in 4-Year, Ongoing Spying Effort

June 4, 2023/in Internet Security

For at least the past four years, an advanced persistent threat (APT) actor has been covertly stealing information from iOS devices belonging to an unknown number of victims, using a zero-click exploit delivered via iMessage. Russia’s top intelligence apparatus, the Federal Security Service of the Russian Federation (FSB), is alleging that the attacks are the work of the National Security Agency (NSA) in the United States, and that they have affected thousands of Russian diplomats and others. So far, there’s no evidence to support those claims.

What can be confirmed is the fact that researchers from Kaspersky discovered the malware after spotting suspicious activity originating from dozens of infected iOS phones on its own corporate Wi-Fi network. The company’s ongoing investigation of the campaign — which is still active, researchers stressed — showed the malware is quietly transmitting microphone recordings, photos from instant messages, the user’s geolocation and other private data about the owner to remote command-and-control (C2) servers.

Kaspersky said that it’s “quite confident” that the company was not the sole target of Operation Triangulation, as it has dubbed the campaign. The security vendor is currently working with other researchers and national computer emergency response teams to understand the full scope of the attack — and notes that for now, attribution is difficult.

“We’re awaiting further information from our colleagues from national CERTs and the cybersecurity community to understand the real exposure of this espionage campaign,” Igor Kuznetsov, head of the EEMEA unit at the Kaspersky Global Research and Analysis Team, tells Dark Reading. “Although not certain, we believe that the attack was not targeted specifically at Kaspersky — the company’s just first to discover it.”

He adds, “Judging by the cyberattack characteristics, we’re unable to link this cyberespionage campaign to any existing threat actor.”

Further, “It’s very hard to attribute anything to anyone,” Kuznetsov told Reuters in specific response to Russia’s US spying allegations.

Russia’s Claims of US Spy Plot

For its part, the FSB said in a media statement that the spyware…

Source…

https://spinsafe.com/wp-content/uploads/2023/06/ios_Tada_Images_shutterstock.jpg 667 1000 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-06-04 22:30:102023-06-04 22:30:10Apple Zero-Days, iMessage Used in 4-Year, Ongoing Spying Effort

How to stop hackers from spying on you through a Ring camera or video doorbell

June 1, 2023/in Computer Security

People who use internet-enabled security camera systems like Amazon Ring or Google Nest to keep their homes safe could be opening up their virtual worlds to hackers, or even employees of the companies.

The devices, typically placed on the outside of homes and aimed at entryways, record live footage of who is approaching the premises, with many residents using the technology to deter package thieves and otherwise monitor their homes. But users who don’t properly secure their devices could be inviting criminals to snoop around their digital networks and potentially gain access to reams of sensitive personal data.

In a case highlighting such vulnerabilities, Amazon this week agreed to pay $5.8 million to the Federal Trade Commission to settle allegations it gave its Ring surveillance employees “unfettered” access to personal videos. The agency in its lawsuit also claimed that Amazon failed to protect customer security, leading to hackers threatening or sexually propositioning Ring owners.

Gavin Millard, a cybersecurity expert at Tenable, a firm that alerts clients to tech vulnerabilities, said there are ways to leverage video doorbells and cameras’ security features without exposing one’s private lives and information to bad actors. Here are five ways users of the technology can protect themselves.

Reset default username and password

Never keep the username and password that a home security system assigns you by default. Because they can be easily guessed by hackers, they should be changed immediately, Millard said.

“Often when consumers buy the devices, they don’t change them from their default, insecure configurations,” Millard told CBS MoneyWatch.

Changing this password is crucial because once hackers breach one device, they can explore others that are connected to the same home network. For example, bad actors can use search engine Shodan to scan the whole internet for any connected devices, from webcams to smart lightbulbs.

“I can ask it to show me every single internet-connected camera and try ‘Admin’ and ‘Password’ as the username and password, and you could access the video streams of any that are vulnerable,” he explained.

Two-factor authentication

In…

Source…

https://spinsafe.com/wp-content/uploads/2023/06/gettyimages-1062204468.jpg 630 1200 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-06-01 20:00:132023-06-01 20:00:13How to stop hackers from spying on you through a Ring camera or video doorbell

How to change your computer’s settings to stop spying programs

December 18, 2022/in Computer Security

Your phone knows a lot about you. It tracks your movement, browsing habits, downloads, and more. Go here for a trick to know when your phone’s camera or microphone is being used.

You also need to worry about social media apps, voice assistants, and smart TVs from listening and recording what you have to say. Tap or click for steps to put a stop to it.

Phone apps ask permission to access your camera, mic, and location. You can go into your phone’s settings to grant or restrict these permissions. Did you know you can do the same for your PC or Mac? Here’s how:

How to change app permissions on Windows

Windows has a Privacy page where you can fiddle with your app permissions. It just takes a few clicks.

Change app permissions on Windows 11

• Go to Start > Settings > Privacy & security.

• Under App permissions, select an option (for example, Location). Then choose which apps can access it.

• You can also use the Recent activity dropdown menu for each permission to show which apps are accessing them.

Change app permissions on Windows 10

• Go to Start > Settings > Privacy.

• Under App permissions, select an option (for example, Microphone). Then choose which apps can access it.

There are many permissions on the list, including access to your calendar, files and folders, email, music library, notifications, and webcam. Consider whether an app truly needs the access level it requests by default.

See a complete list of app permissions and what they allow access to here.

RELATED: If you have this popular file program on your Mac, delete it now.

How to change app permissions on macOS

You receive an alert when a third-party app tries to access and control your Mac through accessibility features. You must specifically grant the app access to your Mac in Privacy & Security settings.

You can go into your settings to change permissions at any time. Here’s how:

• Open the Apple menu and choose System Settings > Privacy & Security.

• A list of program permissions will appear on the screen, such as Location Services, showing which applications have access to which permissions.

• Click on any permission to see the apps that have access to it. Use the toggle switch to turn off permissions for each…

Source…

https://spinsafe.com/wp-content/uploads/2022/12/How-to-change-your-computers-settings-to-stop-spying-programs.jpg 372 660 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2022-12-18 15:30:052022-12-18 15:30:05How to change your computer’s settings to stop spying programs

WhatsApp’s cloned app spying on Indians via recording video, audio

October 10, 2022/in Internet Security

New Delhi: India is among the countries with highest number of Android trojan detections and a cloned, third-party unofficial version of WhatsApp is leading in spying on people’s chats in the country, a new report has warned.

Behind a large portion of Android spyware detection in the past four months was ‘GB WhatsApp’ — a popular but cloned third-party version of WhatsApp, according to the report by cyber-security firm ESET.

Such malicious apps have a wide range of spying capabilities, including recording audio and video.

“The cloned app is not available on Google Play and, therefore, there are no security checks in place compared with the legitimate WhatsApp, and versions available on various download websites are riddled with malware,” said the report.

India (35 per cent) was also ranked second after China (53 per cent) as the geolocation for bots making up the largest internet of things (IoT) botnet called ‘Mozi’ from May to August 2022.

The IoT botnet ‘Mozi’ saw the number of bots drop by 23 per cdnt from 500,000 compromised devices to 383,000 in May-August.

However, China and India continued to have the highest number of IoT bots geolocated inside the respective countries.

“These statistics confirm the assumption that the ‘Mozi’ botnet is on autopilot, running without human supervision since its reputed author was arrested in 2021,” said the report.

Even with declining numbers, Russian IP addresses continued to be responsible for the largest portion of remote desktop protocol (RDP) attacks.

“Russia was also the country that was most targeted by ransomware, with some of the attacks being politically or ideologically motivated by the war,” said Roman Kovac, Chief Research Officer at ESET.

The report also examined threats mostly impacting home users.

“In terms of threats directly affecting virtual and physical currencies, a web skimmer known as Magecart remains the leading threat going after online shoppers’ credit card details,” said Kovac.

Source…

https://spinsafe.com/wp-content/uploads/2022/10/whatsapp-cloned-jpeg-1.jpg 900 1200 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2022-10-10 01:30:062022-10-10 01:30:06WhatsApp’s cloned app spying on Indians via recording video, audio