Tag: Top | Page 59

Tag Archive for: Top

A Look into Top Couriers’ Digital Footprint

October 30, 2020/in Internet Security

Just as no man is an island, no company can perform core functions without other organizations’ help. This fact is highlighted in today’s age of outsourcing, partnership, and third-party connections. Unfortunately, threat actors have also found a massive opportunity in these relationships. Targeting a third-party vendor often allows them to target the vendor’s clientele.

In this post, we used our Third-Party Risk Management (TPRM) solutions to look at some of the popularly used express mail courier services that several companies worldwide partner with — FedEx, DHL, China Post, and UPS. These companies are often targeted since they have thousands, if not millions, of personally identifiable information (PII) in their records. In August 2020, for example, a Canadian courier became a victim of a ransomware attack, giving threat actors access to its customers’ personal details.

Potential “Unknowns” in the Digital Footprint of FedEx, DHL, China Post, and UPS

We gathered a total of 24,601 domains and subdomains containing the words “fedex,” “dhl,” “chinapost,” and “ups.” A vast majority of the subdomains were not owned by any of the courier companies, as confirmed by a bulk WHOIS lookup.

Indeed, only 40 domains appeared to be managed by the legitimate companies, as they matched WHOIS record details with the official couriers’ domain names. This number represents less than 1% of the total number of subdomains in our dataset. The table below shows the breakdown.

Company	# of domains with matching WHOIS record details	Percentage match
UPS	38	0.15%
DHL	1	0.00%
FedEx	1	0.00%
China Post	0	0.00%

TLD

We studied the top-level domain (TLD) distribution of the domains and subdomains obtained and ran them against the most abused TLDs known to direct visitors to phishing and botnet command-and-control (C&C) servers. Seven of the most abused TLDs made up more than half (53%) of the total number of subdomains.

The pie chart shows the TLD distribution of the subdomains under the .com, .net, .org, .de, .ru, .info, and .eu TLDs against all other TLDs not included in the list of most abused.

All seven TLDs were among the most abused by botnet operators. The .com TLD was also most favored by…

Source…

Top 5 security hacks for iOS 14 and Android 11 – Tech Observer

October 24, 2020/in Mobile Security

If you have updated your Apple phone or your Android to the latest version – iOS 14 or Android 11 respectively – you may have noticed that they come with enhanced privacy controls. These new versions allow you to more easily check, and change, the personal information and phone features that individual apps can access.

So how about taking this opportunity to give your personal and work phones a mobile privacy health check? Even if you are running earlier OS versions – or do not have a smartphone at all – it’s still worth taking a few minutes to check the privacy settings in your digital life and ensure that they are where you want them to be.

Before you start

If you have loads of apps installed, don’t worry: you can check some of the most important permissions for all of them in one go. Alternatively, focus on the apps you use most. (If you do forget to check up on old apps, Android 11 will reset all “sensitive” permissions automatically if an app is not used for a few months.)

Watch out for apps that are asking for access to features or information that they very clearly don’t need – a calculator that’s insisting on using your camera and knowing your location, for instance.

If you have any apps like this, then you should be asking yourself, “Do I want this app on my phone at all?” It could be an overtly malicious app or overly-aggressive adware that’s out to collect as much information as possible for monetization through a data broker. If in doubt, don’t bother trying to tune up its privacy settings – get rid of it.

Top five things to check on iOS 14 and Android 11 to pep up privacy

For iOS 14 you can manage all your privacy settings through Settings > Privacy. On Android 11, the location of the Privacy section varies from device to device, so you may need to look around for the settings pages. However, the Android Permission manager page lets you see all app permissions in one place.

1) Location services

This is one of the most important permissions to check and both iOS and Android offer a centralized one-click block option that covers all apps. They have also made it easier to find out which apps already have permission to know…

Source…