Tag Archive for: You’re

Worried about your cellphone being hacked. You’re not alone


Hackers and hacking have been around for a long time.

Cybernews, an online research-based publication that investigates and tracks hacking, said the term “was first used in relation to using technical know-how back in 1955 at a meeting of the Technical Model Railroad Club. In the meeting minutes, it was used to describe how members modified the functions of their high-tech train sets.”

More than 60 years later, there are lot more items around capable of being hacked than just high-tech train sets. So the folks at Bespoke Software Development (www.bespokesoftwaredevelopment.com) commissioned a study to find out what household items could be targets for hackers.

Using an online analytics tool, the company’s study found the No. 1 item, by far and away, was the cellphone. Worldwide, the study found that the phrase “How to know if your phone is hacked” or similar phrases were used 716,400 times during the study period, which took place earlier this month.

Source…

Ransomware Threat Intel: You’re Soaking In It!


Ransomware is the preeminent cyber threat facing both public and private sector organizations. By one estimate, around four in 10 organizations experienced a ransomware attack (PDF) in the last two years. Moreover, the stakes of ransomware incidents have risen right along with their frequency. Today’s ransomware attacks are complex feats of extortion that combine data theft, malware deployment, denial of service, and other techniques. Ransomware attacks have been linked to disruption of critical infrastructure, from hospitals to gas distribution pipelines.

Tackling ransomware threats is a top priority for both law enforcement and private sector security firms. The recent attacks affecting critical infrastructure in the US inject urgency into the government’s response to the ransomware threat.

For example, following the attack on the Colonial Pipeline, servers and bitcoin wallets used by the DarkSide ransomware group and its affiliates were seized and disabled, forcing the group to cease operations. At the same time, the Biden administration rallied like-minded countries to its Counter Ransomware Initiative (CRI) to work on improving cross-border coordination in areas like criminal investigations and prosecution as well as diplomatic cooperation.

The bad news: Neither stepped-up response nor better international cooperation will make the ransomware problem disappear. Organizations need to improve their ability to detect and prevent emerging ransomware attacks. To quote Chief Brody from the movie Jaws, “You’re gonna need a bigger boat” to stop ransomware, or at least a different boat. So, what does this new ransomware-catching boat look like? Here are some thoughts.

Quality Threat Intelligence Is Key
Ransomware is too diverse a threat to succumb to any “silver bullet” security solution. To stop ransomware, organizations must first develop an in-depth understanding of the tooling, capabilities, and behaviors of ransomware groups likely to target them. To get to this level of understanding, your organization needs up-to-date threat intelligence.

What constitutes ransomware threat intelligence? It can be strategic, tactical, or operational. Ideally, you will use some of each. Strategic…

Source…

Scream’s hacking scene is possible, but you’re probably ok.


Two elements combined to make this article happen. The first was that October was Cybersecurity Awareness Month. Second, smack-dab in the middle of the month, the first trailer for the new Scream movie dropped. It contained a scene that had us a little concerned. See if you can spot it.

Obviously, we’re talking about the smart locks scene. All your locks in your home unlock, so you whip out your smartphone and re-lock them, only to see them all unlock again. The implication here is that Mr. Scary Killer person has hacked into their victim’s smart home account and can control all the devices throughout the home. Yikes.

As someone who doesn’t carry keys to his house because of all the smart locks, I was getting a little nervous. So I decided to talk to someone about it. I reached out to John Shier, senior security adviser at Sophos to talk about it. He gave me some good news and some bad news. I’ll start with the bad news.

Yes, this is possible. The good news is, it’s rather hard to do and the better news is, the chances of this happening to you are infinitesimal unless of course you also have someone who really wants to do you harm. But the honest truth is, there’s a good chance that enough of your data is out there that could make something like this possible.

LOLwut?

There are two things that combine to make this possible: Social engineering and data breaches. Separately, either of these can get an attacker enough information to hack your smart home. Together, it becomes even more possible. But you have to understand, when we say this is possible, we have to quickly caveat it by saying that it’s not very likely.

If you accept the idea of the movie that there’s a lot of planning and premeditation there, then this becomes a lot easier, which is to say it’s more plausible. The fact is, data breaches happen frequently and people often re-use email addresses and passwords for multiple services. Your password exposed from XYZ company (we’re not data-breach shaming here) could well be the same username and password that you use for your smart locks. Even if the password is different, the email address is a key piece of information toward other ways to hack your way…

Source…

If you’re taking advantage of Prime Day, be careful you’re not being taken advantage of


This year’s Amazon Prime Day – well, two-days – is upon us once again. Peak shopping days like these are seen by many as a chance to grab a bargain on a new gadget, toy or appliance. But if you’re planning on taking advantage of the deals on offer, you should be aware that there are plenty of scammers out there keen to take advantage of you as well.

Research conducted by Bolster Research already highlighted a sharp rise