Tag Archive for: warning

Leaked U.S. assessment includes warning about Russian hackers accessing sensitive infrastructure

/in


A leaked U.S. intelligence assessment includes a stark reminder of the threat that hackers can pose to critical infrastructure. 

The assessment, which mostly focuses on Ukraine’s military effort against Russian forces and is believed by a senior U.S. official to be authentic, includes a warning that Russian hacktivists broke into a Canadian gas infrastructure company this year and have received directions from Russian intelligence. 

That access could provide a way to cause significant damage and possibly an explosion, the assessment notes. Such an attack is considered extremely difficult to pull off but remains among the intelligence community’s worst fears. And though no such major attacks have been found just yet, experts say they are an ever-present threat.

“It’s not the first time somebody’s gained access to critical infrastructure,” said John Hultquist, the vice president for threat intelligence at the cybersecurity company Mandiant, which is owned by Google. “It happens constantly. The Russian intelligence services do it all the time.”

The hacktivists, a Russian-speaking group called Zarya, broke into the computer network of an unnamed Canadian gas distribution facility in February and sent Russia’s FSB intelligence agency screenshots of what it claimed were controls “to increase valve pressure, disable alarms, and initiate an emergency operation [that] would cause an explosion,” the U.S. assessment says.

NBC News has not verified that claim, and it is unclear what company was involved. The official also said some of the documents may have been altered before they were posted online, though this part of the assessment shows no obvious signs of changes.

“If Zarya succeeded, it would mark the first time the IC has observed a pro-Russia hacking group execute a disruptive attack against Western industrial control systems,” the assessment says, using an abbreviation for the intelligence community.

No such disaster appears to have happened. But the assessment illustrates both how the U.S. worries about destructive hacks against Western energy infrastructure and how Russian intelligence can rely on domestic criminal hackers to work for them.

The assessment,…

Source…

Windows Defender Security warning Computer locked

/in


When surfing the Internet via a browser, you may see an error stating that your computer is locked and that you must contact Microsoft to resolve the issue. If you have not guessed already, this is a scam, and you should not contact the number listed on any condition. However, we still need to do something to get rid of the error message that keeps popping up. In this post, we will see what should be done if we keep getting Windows Defender Security warnings that the Computer is locked.

Windows Defender Security warning Computer locked

Why do I get a message saying my computer is locked?

That’s because a scammer is trying to scam you and hack into your computer. They do this by forcing your browser or some other app to go full-screen and stop you from doing anything on your computer. Once you contact the number, you will be asked to give remote access to your PC to them, and they will promise to fix the issue remotely.

Fix Windows Defender Security warning Computer locked

Cybercriminals send fake messages to you to scam and steal your money and they sound just like genuine tech experts and con you into transferring money to their bank account or accessing your account credentials and taking whatever they want. If you see a Windows Defender Security warning saying the Computer is locked, ignore the instructions in the message and then follow the suggestions mentioned below:

  1. Close your web browser
  2. Run Windows Defender Offline Scan at boot time
  3. Remove the browser’s cache
  4. Check your browser addons
  5. Reset the browser to its default settings

Let us see this in more detail.

1] Close your web browser

You may get scam messages when browsing malicious websites. They try to take over your computer and make your browser acquire the whole screen by switching to full-screen mode so that you don’t see the cross icon to close the browser and conclude that it is a genuine process. To do the same, hover over the center-top part of the window and see if a cross button appears. In case, no cross button appears, hit Win, right-click on the browser icon from the Taskbar and then click on Close window.

After closing the app from Taskbar, we need to close all its running instances. For that, open Task Manager by Ctrl + Shift + Esc, right-click on the browser…

Source…

Urgent security warning for Android users over ‘dangerous’ new bug that’s spread across the world

/in


A DANGEROUS malware bug is spreading across the globe and affecting Android users.

The so-called “Xenomorph Android” malware was first spotted last year, but has returned: and can endanger your bank applications.

A new malware is circulating around the globeCredit: Getty
Android users are encouraged to be extra alertCredit: Getty

Now, the bug is back, with worries that it’s spreading quickly without many knowing they have it on their device.

More than 400 baking applications and digital wallets are being targeted by the vicious virus.

Experts at TreatFabric said the malware can automatically hack accounts, including stealing bank account balances.

The bug can also make unauthorised transactions, and transfer money to other accounts without permission.

Xenomorph can now “completely automate the whole fraud chain”, from infecting software to making illicit transactions.

The attacks are concentrated with users in Spain, Turkey and the United States, but experts are worried it could spread.

Android owners have been warned to watch out when downloading any new applications.

Reading reviews and checking the names of developers on applications is a good way to ensure it’s reliable, and not malware.

This comes on the tails of Apple issuing a warning to iPhone users earlier this week.

Users are being urged to utilise the built-in security features on iPhone to protect your data and personal information.

The four part security checkup asks users to begin by setting a strong passcode.

Apple said: “Setting a passcode also turns on data protection, which encrypts your iPhone data with 256-bit AES encryption.”

Using Face ID or Touch ID adds an extra layer of protection, providing a secure and convenient way to unlock your iPhone, authorize payments, and sign in to third-party apps.

Turning on the “Find My” feature is a great help as it can find your device if it’s stolen.

It also allows you to erase your data if you can’t recover your device.

You can also control what features are available without unlocking your iPhone.

Disabling access to certain features can keep your device safer – for example, USB connections.

Android users are asked to be vigilant when downloading new applications

Source…

CISA Establishes Ransomware Vulnerability Warning Pilot Program

/in


Recognizing the persistent threat posed by ransomware attacks to organizations of all sizes, the Cybersecurity and Infrastructure Security Agency (CISA) announces today the establishment of the Ransomware Vulnerability Warning Pilot (RVWP) as authorized by the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) of 2022. Through the RVWP, CISA will determine vulnerabilities commonly associated with known ransomware exploitation and warn critical infrastructure entities with those vulnerabilities, enabling mitigation before a ransomware incident occurs.

The RVWP will identify organizations with internet-accessible vulnerabilities commonly associated with known ransomware actors by using existing services, data sources, technologies, and authorities, including our free Cyber Hygiene Vulnerability Scanning service. Organizations interested in enrolling can email [email protected].

CISA recently initiated the RVWP by notifying 93 organizations identified as running instances of Microsoft Exchange Service with a vulnerability called “ProxyNotShell,” which has been widely exploited by ransomware actors. This initial round of notifications demonstrated the effectiveness of this model in enabling timely risk reduction as we further scale the RVWP to additional vulnerabilities and organizations.

“Ransomware attacks continue to cause untenable levels of harm to organizations across the country, including target rich, resource poor entities like many school districts and hospitals” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA. “The RVWP will allow CISA to provide timely and actionable information that will directly reduce the prevalence of damaging ransomware incidents affecting American organizations. We encourage every organization to urgently mitigate vulnerabilities identified by this program and adopt strong security measures consistent with the U.S. government’s guidance on StopRansomware.gov.”

The RVWP will be coordinated by and aligned with the Joint Ransomware Task Force (JRTF), an inter-agency body established by CIRCIA and co-led by CISA and the FBI.

For more information on RVWP and other available…

Source…