The federal government’s leading domestic cyber agency said Wednesday it has warned hundreds of entities about looming ransomware attacks before they occurred, which enabled people to prevent getting victimized.
Ransomware gangs have ripped through American computer networks during President Biden’s tenure, particularly affecting critical infrastructure targets including healthcare, gas pipelines and government systems.
The Cybersecurity and Infrastructure Security Agency is in the early stages of implementing new programs to warn people about cyberattacks inside networks and vulnerabilities in devices that are likely to be exploited.
CISA executive director Brandon Wales said Wednesday that his agency has leveraged relationships with cybersecurity companies to gather the information it uses to alert people that they are in hackers’ crosshairs before a cyberattack starts.
https://spinsafe.com/wp-content/uploads/2023/07/Cybersecurity_Kaseya_Ransomware_Attack_14230.jpg-43955_c0-280-6720-4200_s1200x700.jpg7001200SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2023-07-10 10:00:082023-07-10 10:00:08Biden administration takes credit for warning hundreds of targets before ransomware attacks
A circulating WhatsApp message offers a link to download a pink-themed version of the app, known as ‘WhatsApp Pink.’ However, it has been discovered that ‘WhatsApp Pink’ is a harmful app designed to steal sensitive data, including banking information, OTPs, photos, and contacts.
WhatsApp Pink Scam
The ‘WhatsApp Pink Scam,’ a deceptive scheme, was initially exposed by internet security researcher Rajshekhar Rajaharia in April 2021. Subsequently, the Mumbai Police Cyber Crime Wing issued a Twitter alert, offering guidance on how to defend against these scams.
To shield oneself from such fraudulent activities, it is essential to exclusively obtain and install applications from reliable sources like the Google Play Store. Apple users, in particular, benefit from added protection as Apple limits installations to trusted sources.
Protect Yourself from WhatsApp Pink Scam and Uninstall the Malicious App
Furthermore, it is important to refrain from installing apps from unfamiliar websites or APKs sent by unknown individuals. The ‘Forwarded’ label on WhatsApp messages can be useful in determining whether the message originated from a trusted source.
To remove WhatsApp Pink from your device, start by disconnecting any suspicious devices from the ‘Linked devices’ section in WhatsApp. The security researcher mentioned that WhatsApp Pink may conceal itself from the list of installed apps. If you encounter this issue, navigate to the ‘Apps’ section in your phone’s settings, locate ‘WhatsApp Pink’ with the pink logo, and select the uninstall option. It is worth noting that some malicious apps may not have a visible name in the app list, so be sure to remove any unidentified apps as well.
SMARTPHONE users are being urged to be app-rehensive amid a rise in dodgy apps.
According to cyber experts ESET, the number of Android threats soared by 57 per cent in the last few months of 2022.
Smartphone users are being urged to be apprehensive of dodgy apps on the riseCredit: Getty Images – Getty
This surge was driven by a 163 per cent increase in adware (the pop-up ads that are the bane of many user’s lives) and a growth of 83 per cent in “hidden app” detections.
Often bogus apps look just like the real thing.
Many people will only realise they’ve downloaded suspicious software when they’re hit with a charge they don’t recognise or see their battery drain for no reason.
However, experts from ESET, the internet security specialists, say that people can avoid downloading fake apps by doing some important checks before they hit download.
To keep your device safe, follow these seven tips for recognising a potential problem.
CHECK THE NUMBERS
Say you’re looking for what you would reasonably expect to be an app with hundreds of millions of users but only come across an app that, while sounding like the real thing, hasn’t racked up anywhere near as many downloads.
If that’s the case, the chances are high you’re dealing with an imposter app.
READ THE REVIEWS
If an app is rated poorly, you should probably give it a pass.
MOST READ IN THE IRISH SUN
On the other hand, tons of glowing reviews that all sound almost the same should also raise eyebrows.
This is especially the case with apps that have not been downloaded millions of times — many of those recommendations may be the work of fake reviewers or even bots.
CHECK THE VISUALS
Something about the app’s colour or the logo used doesn’t feel right . . .
If you’re in doubt, compare the visuals to those on the website of the service provider.
Malicious apps often mimic their legitimate counterparts and use similar, but not necessarily identical, logos.
Keep your eyes peeled for key details — a closer look, including at the URLs, often reveals some giveaways.
DOUBLE-CHECK ‘OFFICIAL APP’ CLAIMS
In one case documented by ESET research last year, cybercriminals distributed apps for online stores and…
Researchers at the Russian cybersecurity giant Kaspersky have issued a warning concerning what they say is an ongoing attack campaign exploiting a zero-click, zero-day iMessage vulnerability. This previously unknown vulnerability enables code-execution, including, the researchers say, “additional exploits for privilege escalation.”
Operation Triangulation Attacks Ongoing
The campaign, which Kaspersky has named Operation Triangulation, requires no user interaction. As such, this falls into the most critical of attack methodologies. Just the act of sending the malicious iMessage, which includes an attachment containing the exploit, triggers the vulnerability.
Rather disconcertingly, Kaspersky researchers say they have traced the earliest example of the attack back to 2019. As of yesterday, they also confirm that attacks are still ongoing.
Discovery Of The Zero-Click Attack
The security researchers became aware of the suspicious activity while monitoring the corporate network “dedicated for mobile devices using the Kaspersky Unified Monitoring and Analysis Platform (KUMA).” This activity was originating from a number of iPhones.
The traces of compromise were confirmed after researchers created offline backups of the iPhones in question and inspected them with a mobile verification toolkit. This found that the final payload was downloaded from a “fully-featured” advanced persistent threat (APT) platform. It has yet to be confirmed, however, the precise nature of that payload.
We understand that it runs using root privileges and drops a set of commands that can be used to collect both system and user information. Posting on Twitter, Kaspersky founder Eugene Kaspersky said that the attack “transmits private information to remote servers: microphone recordings, photos from instant messengers, geolocation and data about a number of other activities.”
Russia Suggests Attacks Involve iPhone Backdoor For NSA Spies
