Posts

The Biden Administration just revealed its plan to stop the next Colonial Pipeline hack

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


On Wednesday, President Biden signed a National Security Memorandum that aims to improve national cybersecurity. 





© Provided by Popular Science


It directs the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) and the Department of Commerce’s National Institute of Standards and Technology (NIST) to collaborate with other agencies to develop cybersecurity performance standards for companies across the US that provide essential services like power, water, and transportation. When systems that control these vital infrastructures malfunction or are interrupted because of an incident such as a ransomware attack, it can jeopardize national security, economic security, as well as public health and safety.

Loading...

Load Error

The memorandum also formally establishes the President’s Industrial Control System Cybersecurity (ICS) Initiative, which is a voluntary, collaborative effort between the federal government and the critical infrastructure community to establish systems that can detect cyberthreats and send timely alerts. The ICS Initiative kicked off in mid-April with an Electricity Subsector pilot, in which the Department of Energy worked with over 150 electricity utilities to plan and deploy cybersecurity tech for their control systems. Officials also gathered a number of utility and pipeline CEOs to brief them on cybersecurity threats. 

The Department of Homeland Security’s Transportation Security Administration (TSA) rolled out a directive earlier this year requiring critical pipeline owners and operators to report cybersecurity incidents as well as have their current practices reviewed by a designated Cybersecurity Coordinator after a major petroleum pipeline was attacked by ransomware in May. 

[Related: How a ransomware attack shut down a major US fuel pipeline]

And last week, the TSA issued a second directive which requires owners and operators of pipelines that transport hazardous liquids and natural gas to instate measures that can protect against ransomware and other cyber attacks. They also require the development of a recovery plan. Owners will also have to review their cybersecurity design every year.

“Recent…

Source…

How to stop your phone from being infected with spyware


A SOPHISTICATED spyware is infecting iPhones with hackers gaining control over devices without any human interaction, a new report has revealed.

An investigation by Amnesty International has lifted the lid on spyware allegedly developed by Israeli surveillance firm NSO Group – used to target specific individuals.

Spyware usually lands on your phone from apps or programs installed

2

Spyware usually lands on your phone from apps or programs installedCredit: Getty – Contributor
There are ways to avoid spyware infecting your phone - and ways to remove it

2

There are ways to avoid spyware infecting your phone – and ways to remove itCredit: Getty

According to the probe, phones have been hacked using a so-called “zero-click” iMessage exploit and attacks exposed, for example, journalists and politicians who risk having their location and personal information monitored and potentially even used against them.

“Apple prides itself on its security and privacy features, but NSO Group has ripped these apart,” Amnesty International said in a statement, reports Fox Business.

“NSO Group can no longer hide behind the claim that its spyware is only used to fight crime.”

The report says a successful attack was recorded on a fully patched iPhone 12 running on iOS 14.6 in July.

“Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place,” Ivan Krstić, head of Apple security engineering and architecture, told Fox Business.

“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.

“While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”

AVOID SPYWARE

But there are ways to keep yourself protected from spyware and stop your phone from becoming infected with it.

Spyware – the most malicious being those that install software that changes your device setting and steal passwords – usually lands along with a program or app installed on your phone.

According to internet security company Kaspersky, spyware “often accompanies programs that are disguised as useful software, such as download managers, registry…

Source…

Microsoft did door-to-door router replacements to stop Trickbot malware

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Microsoft says it’s gone door-to-door replacing routers compromised with the Trickbot malware in Brazil and Latin America, hoping to squash an international hacking group. The Daily Beast reported the detail in an article about the group, which is an ongoing target for US Cyber Command as well as information security companies like Microsoft.

The Daily Beast reports that the hacking ring — also known as Trickbot and based in Russia, Belarus, Ukraine, and Suriname — is a persistent presence online. The group uses compromised computers as a massive botnet and runs ransomware attacks and other illegal operations. Trickbot is known to hijack routers and internet of things devices that are often easy to infect without owners realizing it. Eradicating malware from routers can be particularly difficult for users, making in-person replacement a surprisingly effective tactic.

Law enforcement agencies and companies have made some recent inroads into tackling Trickbot. The Justice Department charged a woman who allegedly helped develop it last month, and Microsoft boasted in 2020 that it had cut off 94 percent of the group’s server infrastructure, aiming to prevent any attacks on the US election. But Amy Hogan-Burney, general manager of Microsoft’s Digital Crimes Unit, told The Daily Beast that Trickbot remained a “continuing challenge.” That’s where the router replacement comes in — apparently as a partnership with local internet service providers.

Trickbot has been allegedly behind attacks on hospitals, schools, and governments, stealing login credentials and locking computer systems to demand payment. Microsoft’s door-to-door replacement operation is just one piece of the attempts to stop it, but it’s an interesting ground-level tactic in the malware fight.

Source…

Why fraudsters want to hack your Facebook and 7 ways to stop them

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


While millions of us routinely use Facebook on a daily basis, criminals are constantly on the look out to hack into them and the treasure trove of personal data lurking inside. 

Many of us will recognise the seemingly odd post from a friend on Facebook, swiftly followed by a ‘Ignore my posts, I’ve been hacked message’.

But why do the fraudsters do it? They can get access to people’s personal data through Facebook, yet much of that has already been made public to an extent, so what is the attraction of the wave of Facebook hacking, how is it done, and can you protect yourself?

Facebook have disabled more than 1.3billion fake accounts between January and March this year, but people are still getting hacked at times because they reuse easy to guess passwords

Facebook have disabled more than 1.3billion fake accounts between January and March this year, but people are still getting hacked at times because they reuse easy to guess passwords

Last month cybersecurity experts, Nordlocker, found a huge cache of stolen data containing 26million logins for popular websites such as Amazon, LinkedIn and Facebook.

They said the data had been stolen between 2018 and 2020 using custom Trojan-type malware which infiltrated over three million Windows-based computers and stole 1.2TB (terabytes) of personal information.

The battle to eliminate fake and hacked Facebook accounts rages on. 

Paul Vlissidis author of How to Survive the Internet and lead cyber-security advisor to Channel 4 show, Hunted, says: ‘I think there is a constant background of people getting their account compromised.

‘When the password information rocks up on the dark web, the hackers will use those passwords on various platforms of which Facebook is one. 

‘Hackers will sift through all of these accounts and see which ones are still current. They will put a list together and run a scam campaign against those groups.’

It’s not only breaches to your own Facebook account that you have to worry about. 

Security threats can also come from other account users. Between January and March this year, Facebook disabled more than 1.3billion fake accounts – 99.8 per cent of the time before they were reported.

While criminals use fake accounts to conduct phishing scams they increasingly prefer to hack into legitimate accounts.

Paul Vlissidis a cyber-security advisor to the Channel 4 show, Hunted, says there is a constant background of people getting their Facebook account compromised.

Paul Vlissidis a cyber-security advisor to the Channel 4 show, Hunted, says there is a…

Source…