Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Category: #Cybersecurity (Page 1 of 5)

How to Hide Files with Google’s Safe Folder on Android

files-safe-folder-1.png
Smartphones are incredibly personal devices, and they can contain sensitive information. If you’re worried about prying eyes finding something they shouldn’t, you can hide and lock files behind a four-digital pin with Safe Folder in the Files by Google Android app.

Read This Article on How-To Geek ›

Source: https://www.howtogeek.com/684738/how-to-hide-files-with-googles-safe-folder-on-android/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Joe Fedewa

Chrome Extensions with 80 Million Installs Caught Injecting Phony Search Results

Phony extensions on the Chrome Web StoreAdGuard

Extensions are part of why Chrome is the most popular browser on the planet, but they’re also one of the most common vectors for security issues. This week researchers at AdGuard found a bunch of them posing as legitimate tools but injecting fake search results into pages on Google and Bing.

According to the report, no less than 295 extensions featured on the Chrome Web Store (Google’s online repository of Chrome extensions) were injecting advertising links into search results. Collectively, they were being used by an estimated 80 million users. In an especially unfunny twist, many of the extensions were posing as ad-blocking tools, with most offered as frivolous wallpaper collections and new tab themes. Other phony techniques on display include false affiliate cookies and just straight-up spam.

Google seems to have removed the malicious extensions from the Chrome Web Store, but users still need to remove them manually from their browsers if they’re already installed. If you’re curious to find out if you have any of these extensions installed, you can take a look at the full list.

Source: AdGuard

Source: https://www.reviewgeek.com/50039/chrome-extensions-with-80-million-installs-caught-injecting-phony-search-results/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Michael Crider

Millions of Android Phones Are at Risk Due to “Achilles” Flaw in Qualcomm Chips

jiaso0byg5r9zz71f49c.jpg

When you’re on the hunt for a new smartphone, it’s likely that you’re focused on price, design, and features first—and probably not the silicon inside powering it. However, researchers have found that Qualcomm’s Snapdragon chip, one of the most widely used in Android phones, has hundreds of bits of vulnerable code…

Read more…

Source: https://gizmodo.com/millions-of-android-phones-are-at-risk-due-to-achilles-1844645940
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Victoria Song

How Are Security Vulnerabilities Ranked? (CVSS)

1d2fa741.png
If you’ve been reading about security bugs online, you’ve probably ran into scores given to exploits. These are scored based on the Common Vulnerability Scoring System, used to categorize exploits into the Common Vulnerability and Exposures database. We’ll discuss what makes up the score.

Read This Article on CloudSavvy IT ›

Source: https://www.cloudsavvyit.com/5738/how-are-security-vulnerabilities-ranked-cvss/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Anthony Heddings

The Best Authenticator Apps for Linux Desktop

linux-authenticator-apps-featured-image. If you have ever used two-factor authentication before, then you have probably heard of tools like Google Authenticator. To make use of many of these services, you’ll have to have your phone near you. Luckily, there are desktop authenticator apps that can provide you with the secret key you need to log in to your account. Below are the best authenticator apps for the Linux desktop. 1. Yubico Yubico provides tokens for multi-factor authentication. It supports all services which are currently compatible with other authenticator apps, including Google Authenticator. Yubico works… Read more13770163.gif

Source: https://tracking.feedpress.com/link/12555/13770163/best-linux-authenticator-apps
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: William Elcock

How to Move Microsoft Authenticator to a New Phone

microsoft-authenticator-logo.jpg
Using an authenticator app for two-factor authentication (2FA) is more secure than SMS messages, but what if you switch phones? Here’s how to move your 2FA accounts if you use Microsoft Authenticator.

Read This Article on How-To Geek ›

Source: https://www.howtogeek.com/682273/how-to-move-microsoft-authenticator-to-a-new-phone/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Rob Woodgate

New Netflix Phishing Scam Can Steal Credit Card Info

news-netflix-phishing-scam-featured.jpg Netflix is great for providing so many hours of television and movies, making it the go-to entertainment option for many. But as enjoyable as it is, it can still provide some trouble. This is what the Amorblox site found out when it discovered a Netflix phishing scam that is stealing credit card information. How the Netflix Phishing Scam Works Before abandoning Netflix, it may be beneficial to find out how the scam works and how it was found, as perhaps you can changes things up a little to be sure it doesn’t happen to you so that you… Read more13764987.gif

Source: https://tracking.feedpress.com/link/12555/13764987/netflix-phishing-scam-steal-credit-card-info
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Laura Tucker

Garmin global outage caused by ransomware attack, sources say

An ongoing global outage at sport and fitness tech giant Garmin was caused by a ransomware attack, according to two sources with direct knowledge of the incident.

The incident began late Wednesday and continued through the weekend, causing disruption to the company’s online services for millions of users, including Garmin Connect, which syncs user activity and data to the cloud and other devices. The attack also took down flyGarmin, its aviation navigation and route-planning service.

Portions of Garmin’s website were also offline at the time of writing.

Garmin has said little about the incident so far. A banner on its website reads: “We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”

The two sources, who spoke on the condition of anonymity as they are not authorized to speak to the press, told TechCrunch that Garmin was trying to bring its network back online after the ransomware attack. One of the sources confirmed that the WastedLocker ransomware was to blame for the outage.

One other news outlet appeared to confirm that the outage was caused by WastedLocker.

Garmin’s online services have been down for days. The cause is believed to be ransomware, according to two sources with direct knowledge of the incident. (Screenshot: TechCrunch)

WastedLocker is a new kind of ransomware, detailed by security researchers at Malwarebytes in May, operated by a hacker group known as Evil Corp. Like other file-encrypting malware, WastedLocker infects computers, and locks the user’s files in exchange for a ransom, typically demanded in cryptocurrency.

Malwarebytes said that WastedLocker does not yet appear to have the capability to steal or exfiltrate data before encrypting the victim’s files, unlike other, newer ransomware strains. That means companies with backups may be able to escape paying the ransom. But companies without backups have faced ransom demands as much as $10 million.

The FBI has also long discouraged victims from paying ransoms related to malware attacks.

Evil Corp has a long history of malware and ransomware attacks. The group, allegedly led by a Russian national Maksim Yakubets, is known to have used Dridex, a powerful password-stealing malware that was used to steal more than $100 million from hundreds of banks over the past decade. Later, Dridex was also used as a way to deliver ransomware.

Yakubets, who remains at large, was indicted by the Justice Department last year for his alleged part in the group’s “unimaginable” amount of cybercrime during the past decade, according to U.S. prosecutors.

The Treasury also imposed sanctions on Evil Corp, including Yakubets and two other alleged members, for their involvement in the decade-long hacking campaign.

By imposing sanctions, it’s near-impossible for U.S.-based companies to pay the ransom — even if they wanted to — as U.S. nationals are “generally prohibited from engaging in transactions with them,” per a Treasury statement.

Brett Callow, a threat analyst and ransomware expert at security firm Emsisoft, said those sanctions make it “especially complicated” for U.S.-based companies dealing with WastedLocker infections.

“WastedLocker has been attributed by some security companies to Evil Corp, and the known members of Evil Corp — which purportedly has loose connections to the Russian government — have been sanctioned by the U.S. Treasury,” said Callow. “As a result of those sanctions, U.S persons are generally prohibited from transacting with those known members. This would seem to create a legal minefield for any company which may be considering paying a WastedLocker ransom,” he said.

Efforts to contact the alleged hackers were unsuccessful. The group uses different email addresses in each ransom note. We sent an email to two known email addresses associated with a previous WastedLocker incident, but did not hear back.

A Garmin spokesperson could not be reached for comment by phone or email on Saturday. (Garmin’s email servers have been down since the start of the incident.) Messages sent over Twitter were also not returned. We’ll update if we hear back.

Techcrunch?d=2mJPEYqXBVI Techcrunch?d=7Q72WNTAKBA Techcrunch?d=yIl2AUoC8zA Techcrunch?i=2nMcw3j9EaU:X4K836U5LCA:-BT Techcrunch?i=2nMcw3j9EaU:X4K836U5LCA:D7D Techcrunch?d=qj6IDK7rITs

Source: https://techcrunch.com/2020/07/25/garmin-outage-ransomware-sources/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Zack Whittaker

It’s time to start using a password manager: Here’s how

7350afb0-888f-11ea-96fd-f8175b1f8740The last thing anyone needs right now is to have their Zoom, Twitter, Skype, Nest, or any vital account hijacked and stolen. Not only do you lose your connections and access to communication and community, but recovering anything with most companies…

Source: https://www.engadget.com/best-password-managers-130023333.html
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By:

Bill Gates and Elon Musk Didn’t Get Hacked—Twitter Did

9a262dbe.jpg
Last night was a long one for Twitter. Bill Gates, Elon Musk, President Barack Obama, Apple, Uber, and more started tweeting offers to double people’s money if they sent bitcoin to a specific wallet. None of that was true, of course, it was a scam. And now Twitter is admitting its internal tools made the giant hack possible.

Read This Article on Review Geek ›

Source: https://www.reviewgeek.com/47803/bill-gates-and-elon-musk-didnt-get-hacked-twitter-did/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Josh Hendrickson

« Older posts