Tag: stops | SpinSafe

People are just realizing Android has special security setting that stops snoopers spying on you

July 2, 2023/in Mobile Security

IF you’re an Android user and privacy is a top priority, it’s worth trying out an expert-recommended setting.

Lots of specialists recommend using a Private DNS setting for Android that gives you extra protection while you’re online.

Some experts recommend trying out a Private DNS feature on AndroidCredit: Getty

DNS stands for Domain Name Service.

It’s like the phone book of the internet and translates website addresses you’re searching for into IP addresses.

Cybersecurity experts at Kaspersky have pointed out flaws with DNS.

The Kaspersky blog explains: “Almost every internet query starts with a computer contacting a DNS server to translate a site name entered into its IP address.

“And almost always it’s be done by the DNS server of your internet provider, while the request to it is neither encrypted nor signed.

“This insecurity brings many side effects.”

Side effects include your internet service provider knowing what sites you’ve visited.

They may use this information to send you targeted adverts.

Hackers can also attack this technology and could lead you to malicious sites or control your Wi-Fi network.

To avoid this, users of devices with Android 9 or above can try Private DNS mode.

Open your Settings, and click More connections and then select Private DNS.

The route to this may be slightly different depending on your Android model.

Next, you’ll have to specify a server and then click to confirm.

You should be able to research a server that’s right for you.

Revert back to your original settings via the same method if you encounter issues.

Source…

Qulliq Energy stops short of labelling cyberattack another Nunavut ransomware incident

January 30, 2023/in Internet Security

The Qulliq Energy Corp. says it was locked out of its data in January’s cyberattack, but stopped short of calling it a ransomware attack.

QEC announced last month it fell victim to a cyberattack, which was discovered on Jan. 15. While no operating technology, such as power plant infrastructure, was affected, QEC’s information technology, like email, billing and payroll databases were.

“There’s different levels of cyberattacks,” said Bill Nippard, QEC’s vice-president of operations and engineering. “In some cases they steal your data. In other cases, they simply lock your data out and encrypt it. So, at this point, we’re still continuing to investigate, but we don’t believe our data has been impacted, if you will.”

Asked whether the nature of the attack was the latter, where QEC was locked out of its systems and the data encrypted, Nippard said it was still early in the investigation.

“That appears to be the type of cyberattack that we’ve seen in this case. But it’s still very early in the investigation. There’s still a lot more details to be investigated.”

Whether this was a ransomware attack or not is significant because if it is, this would be the second time in more than three years the Government of Nunavut (GN) has been hit by such a cyberattack.

In November 2019, the GN’s entire IT system was hacked. It took six weeks to get all communities restored with core connectivity and applications. QEC was spared, because the public utility isn’t part of the GN’s IT system.

The 2019 attack cost the department of community and government services alone more than $5.4 million to fix, according to the government’s report on the attack. Recovery included replacing more than 1,400 workstations. A synopsis from Microsoft — which was hired by the GN to come in and rebuild the network — notes more than 5,500 devices were affected.

“QEC is not at liberty to discuss the details of the cyberattack,” Nippard said when asked outright if this was a ransomware attack, based on the details he had already provided.

“If you can appreciate, this is like untangling a very large knot. It takes time, and it takes some patience. We will get to the bottom of it all, but it’s going to take a…

Source…

Cyber crime: There is not a single institution where the buck stops

January 9, 2022/in Internet Security

Around 1.3 billion Indians have a unique digital identity; 750 million use smartphones and 800 million use the internet. The world’s biggest public information infrastructure needs a fortress to secure its cyberspace from armies threatening to weaponise data and digitally colonise nations.

When multiple organisations are handling cybersecurity, it becomes difficult to assign roles and responsibilities to them. There must be an umbrella organisation looking after cybersecurity in the country. —Muktesh Chander, senior IPS officer

Today, the cases of cyberattacks being converted into an FIR is mere 10 per cent. This is because law enforcement agencies cannot step in unless there is a complaint…

Today, there are many hands holding bricks, but the foundation is yet to be laid. In July, 2019, a taskforce was set up under Rajesh Pant, a retired lieutenant general and national security coordinator, to draw up a national cybersecurity strategy. The strategy, which has taken shape on paper and is awaiting the cabinet nod, proposes to create a national architecture that brings all arms dealing with cybersecurity under one umbrella organisation.

Since 2013 the entire cyber landscape has changed. Earlier, the Indian Computer Emergency Response Team (CERT-IN) was the only agency issuing alerts and training experts. Now more than half a dozen agencies exist, and the right hand does not know what the left hand is doing sometimes.

The National Critical Information Infrastructure Protection Centre (NCIIPC) protects critical infrastructure; the Defence Cyber Agency—headed by Mohit Gupta, a rear admiral—is the first joint cyber group of the tri-services, with nearly 150 experts handling cyberthreats for military establishments. The ministry of home affairs runs the Indian Cyber Crime Coordination Centre, which is setting up regional and district cybercrime cells to act as nodal points for quick registration of crimes. The ministry of electronics and communication runs the Cyber Swachhta Kendra, separately for botnet cleaning and malware analysis. For cross-border breaches, the cyber diplomacy wing of the ministry of external affairs comes in handy.

India is not the only…

Source…

City of Trenton Stops Sophisticated Vendor Phishing Scam in Its Tracks

May 14, 2021/in Mobile Security

Trenton to Launch Updated Cyber Security Training for Employees

Trenton, N.J. – Mayor W. Reed Gusciora announced today that the City of Trenton will launch updated cybersecurity employee training over the next few weeks after the City successfully stopped a sophisticated phishing scheme that used fake email addresses and URLs to closely mimic official city accounts.

“We’ve heard of an uptick in fraudulent calls and emails against our residents throughout the pandemic,” said Mayor Gusciora. “Looks like City Hall is also a target, and this is just one of several cyber-attacks we’ve had to fend off over the last year. As such, we’re launching updated training modules for City employees to ensure those attacks continue to be unsuccessful in the future.”

The scam, which started targeting Trenton’s Request for Quote (RFQ) process in February, was uncovered by the City’s IT Department, under the direction of CTO Joseph Rivera.

Cyber criminals posing as the City Business Administrator – complete with phony emails and phone numbers – sent fraudulent RFQs to vendors for potentially millions in stolen goods. The CTO was able to track down that a spoof Website was created called “tren0nNJ.org” with an email [email protected] on NameCheap.com.

After notifying vendors of the situation, the City reached out to the U.S. Secret Service Trenton Office, which worked with the City of Trenton IT and Law departments to convince NameCheap.com that fraud had occurred. After a cease-and-desist letter was issued from the City, NameCheap took the appropriate steps to shut down the URL and all affiliated emails. To date, efforts to prevent damage from the scam have been successful, and no losses have been incurred by the City.

Following the scam, the City of Trenton updated its training protocols regarding cybersecurity and will launch an online training module for all employees in the coming weeks.

This event follows another attempted cyberattack in the Spring of 2020, in which a hacker diverted upwards of $982,000 in funds from the City of Trenton in relation to Brit Global Insurance Company. Trenton’s IT Department worked with the company as part of an extensive…

Source…

Tag Archive for: stops

Most read in Phones & Gadgets