Tag Archive for: tech

Microsoft hacked: Tech company reveals hack by Russia-backed group, Midnight Blizzard, or Nobelium

/in


CHICAGO — Microsoft revealed Friday that some of its corporate email accounts were hacked by a Russian-backed group.

The tech company said in a blog post that its security team detected the attack on Jan. 12 and quickly identified the group responsible: Midnight Blizzard, “the Russian state-sponsored actor also known as Nobelium.”

In late November, the group allegedly used a “password spray attack,” where a user uses a single common password against multiple accounts on the same application, to “compromise a legacy non-production test tenant account and gain a foothold,” according to Microsoft.

The group then “used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents,” the company said.

The hackers allegedly were targeting email accounts for information related to Midnight Blizzard, Microsoft said.

RELATED: Man says fraudulent accounts opened, home purchased in his name after city ransomware hack

Microsoft was able to remove the hacker’s access to the email accounts on Jan. 13, according to a company filing with the SEC.

“To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required,” the company said.

The company said it is in the process of informing its affected users.

The investigation is ongoing.

Copyright © 2024 ABC News Internet Ventures.

Source…

Browser Mistakes Tech Experts Say You Should Stop Making To Protect Your Device From Hackers And Viruses

/in


You may spend more time thinking about your apps these days — which apps are more likely to sell your data, which apps are killing your battery power, etc. But your browsers like Safari and Google Chrome may continue to fly under the radar a bit more. If you’re like most of us, you may take advantage of your browsers and assume they’re just there and that they require zero maintenance or thought. But this isn’t the entire truth. 

What you aren’t doing to your browser could be contributing to putting you at greater risk for hackers and viruses. Tech experts say these are the top browser mistakes you should stop making. 

Not Updating Your Browser

Browsers are similar to apps in that both need to be updated whenever updates become available. Your browser may show signs of little issues, like bugs, that can make it more vulnerable to hackers and viruses. App developers will release updates when they discovered problems with the apps, and downloading these updates can ensure your app is safer and more secure. If a browser update becomes available, make sure you download it ASAP.

Saving Passwords In Your Browser

 

At first, it seems like an extreme convenience. Your browser offers to save your passwords, and what could go wrong? At worst, this will allow you to not have to keep track of yet another complex password. But think of this from the perspective of a hacker who gains entry into your phone or computer — you’ve handed them your most important passwords on a silver platter when you save them in your browser. Even if a website asks to save your password in your browser, don’t give into the temptation.

Never Clearing Your Cookies and Cache

 

Your browser can get loaded down fast with information from websites that it stores in its cookies and cache. Although this isn’t an immediate security problem or one that leaves you more vulnerable to hackers, not clearing your cache can result in glitches when you visit certain sites and it can slow your device down. Resolve this by clearing your cache in Safari by going to Safari > Preferences > Advanced tab > Preferences > Empty Cache. On Chrome, go to More > Clear Browsing Data.

 

Keep these three browser mistakes in mind when…

Source…

5 dumb tech security mistakes you’re making

/in


You might think you have a solid cybersecurity plan. You use strong passwords and defensive measures like VPNs and firewalls. But even the strongest shield gets dented from time to time.

It’s hard to remember all the settings you’ve adjusted and the passwords you’ve made over the years. Let this be your reminder to go in and make a few quick changes to protect yourself. 

I’m giving away an iPhone 15 (valued at $799). To enter, try one issue of my free daily tech newsletter. That’s it. It’s one click to cancel the newsletter if it’s not for you, but I bet it will be.

YOUR SMART ASSISTANT IS LISTENING, BUT DOES THAT IMPACT THE ADS YOU SEE?

1. Using the same PIN for your phone lock screen as your bank

You don’t want to remember a bunch of codes. They’re easy to forget, so you keep it simple and reuse the same PIN.

Don’t give in to temptation! It could lead you to financial ruin. Say you’re relaxing in the coffee shop, and you open your phone. Someone standing behind you could notice your code, write it down and start using it to access your bank account within minutes.

To protect yourself, use different PINs. If you’re struggling to remember them all, consider a password manager. 

A mobile phone passcode security screen

A mobile phone passcode security screen is seen in this photo illustration. (Photo by STR/NurPhoto via Getty Images)

2. You keep Bluetooth on 24/7

Bluetooth is a short-range wireless radio technology that works similarly to Wi-Fi and cellular networks but performs simpler tasks at shorter ranges. You don’t need a cellular signal or network connection to use Bluetooth, and it doesn’t use data.

As with a Wi-Fi network or other connection, Bluetooth has vulnerabilities. Hackers and scammers must be close to you to use Bluetooth to hijack your phone — but in just about any public space, you’re arm’s length from strangers.

There are a couple of ways to disable Bluetooth on your iPhone. Go to Settings > Bluetooth and switch it off. You can also swipe down from the top right of your screen to open the Control Center and tap the Bluetooth icon.

TO DO: CHANGE YOUR SMART SPEAKER SETTINGS BEFORE THE HOLIDAYS

The same steps work for Android phones: Go to Settings > Connected Devices >…

Source…

Deimos Calls for Bolstered Education for Cybersecurity Protection – Tech | Business

/in



Sifax

Advertisements

…Only 24% of Africa’s financial businesses believe they have sufficient resources to counter attacks.

Deimos, a leading African cloud-focused cybersecurity company, renowned for its pivotal role in cloud-native development and security operations, is sounding the alarm for an urgent need to bolster cybersecurity awareness and education across multiple sectors.

With a diverse clientele spanning the public sector, fintech, and e-commerce, Deimos is resolute on the critical importance of proactive security measures in safeguarding businesses against cloud security vulnerabilities.

Deimos prioritises automated security processes to reduce manual reviews and controls, mitigating human errors.

In Verizon’s 2023 Data Breach Investigations Report, they estimate that 74% of breaches involved the human element, which includes social engineering attacks, errors or misuse.

As remote and hybrid work is the new normal, businesses increasingly rely on cloud technology. Deimos sheds light on three vital methods engineering teams must apply to increase their cloud security:

  1. “Shifting left” – moving the security planning, design, and testing of key products earlier in the software development life cycle, rather than after release.
  2. “Defending right” – Implementing firewalls and intrusion detection systems to protect products from external threats.
  3. Utilising automated tools to establish guardrails before moving into production – such as static and dynamic application security testing, or package vulnerability scanning, to analyse source code, software packages, or web application respectively, for vulnerabilities. Utilising automated tools to establish guardrails before moving into production.

These protections are crucial for Africa’s fast-growing tech ecosystem which holds lucrative data and assets within the cloud, making unprepared businesses an attractive target for cybercriminals.

Each breach further impacts millions of Africans, across the continent and diaspora, and whilst cyber security solutions are readily available, many are not followed.

Deimos highlights the common pitfalls that startup organisations…

Source…