Daily Archives: December 6, 2019

#cybersecurity | #hackerspace | Personal Online Privacy – Data & Browser Privacy

Source: National Cyber Security – Produced By Gregory Evans

Continuing a series on how to strengthen your personal online privacy, we are taking personal inventory of how we connect online. These were themes covered during our webinar on “Security Beyond Your Website: Personal Online Privacy” and during a Twitter conversation (through the #Digiblogchat weekly forum).

The first post in this series answers the question: How are we connecting online? Today we are going to answer: How can we stay safe and keep our data private?

Data Privacy Best Practices

After connecting to our WiFi router via our device  of choice, we’ll typically enter some interface or browser to start visiting the very websites Sucuri help protect from hackers.

However, that browser is one of the most common reasons for infections. Most viruses, ransomware, and unwanted programs are spread by visiting hacked or malicious websites through the browser. Therefore, we need to ensure that this is properly secured.

Update Your Browser

For Firefox and  Chrome, two of the most popular browser applications, the instructions are essentially identical:

Go to Firefox > About Mozilla Firefox

Go to Chrome > About Google Chrome

Google Chrome Update

Make sure the browser is up to date, so you know you are using the current version. Like your website, it’s important to keep software updated for the latest security patches.

Be sure to use this precise method to verify accurate updates. We described earlier this year how a malicious campaign injected scripts that pushed fake browser updates onto site visitors. This helped distribute ransomware or bank malware through small .JPG images that would’ve been normally dismissed based on their small size.

Browser Fingerprinting

Cookies can provide an interesting function for businesses. When you visit a website, third-party trackers (cookies, web beacons, flash cookies, pixel tags, etc.) get stored on your computer. Most companies will use these trackers to fingerprint a browser

Cookies can collect a lot of information about somebody; including:

  • IP
  • Browser history
  • Screen size
  • Time-zone
  • Plugins
  • Operating system

There are various browser tools that can help protect personal data by denying that tracking capability. For example, Panopticlick is a site which will analyze how well a browser and add-ons protect a user from online tracking. It will initiate a scan in an effort to answer questions such as:

  • Is the browser blocking tracking ads?
  • Is the browser blocking invisible trackers?
  • Does the browser unblock third parties that promise to honor Do Not Track?

So what happens if you answer “No” to any of those questions? One tool I’m actively using is known as “Privacy Badger”.

Here is an example of the types of attempted trackers faced when visiting ESPN.com:

ESPN.com trackers

There are 15 trackers.

How can Privacy Badger help? If an advertiser seems to be tracking you across multiple sites without your knowing, Privacy Badger automatically blocks them from loading any more content in your browser.

Cookies & Data Collection

Hackers can abuse cookies. We actually wrote about a case of fake malicious cookies detailing how an attacker stole active cookies, and then pretended to be that user (hijacking that user’s session). Once done, they were able to perform any actions an administrator-type user has permissions to perform.

Imagine stealing the keys and ID of a Brinks truck driver and walking into a jewelry store to “transport” (read “steal”) valuables, which can be very dangerous.

Having said that, most online accounts will automatically log out users after a certain period of inactivity. If you’re an administrator or someone with sensitive access, I would clear your cookies regularly.

On Google Chrome, you can control how cookies and site data are managed by visiting:


On Mozilla Firefox, you can visit the Privacy & Security section to do the same by visiting:


Password Management

Let’s say you are logging on to your website. Well, first thing is making sure that we’re always instilling this principle of exercising strong passwords for entry into any site — and we’ve already written about the best methods for creating a strong password. Whether it’s connecting to Facebook, or going to Amazon to buy something, or getting on Salesforce for work purposes, we need to make sure that we’re using strong, long, complex, and unique passwords for each and every one of these access points.

Using a Password Manager

For management of these passwords, I’m going to use LastPass as an example, primarily because I use it. It’s not to speak ill of any other password keepers. I know that KeePass is another well-used one. I’m just very familiar with LastPass.

You’ll notice on the right-hand side, you can dictate what the length is and how many factors you’re using to generate unique passwords. I use 16-character passwords for my own purposes with symbols.

More interesting is you can just log into your main LastPass account, create your own master password which allows you to manage them all.


This means you only need to remember your master password. It makes it really easy. It’s also available on mobile and that way you can also take that same security experience from your desktop browser to your phone.

Multi-Factor Authentication

Personally, I believe that multi-factor authentication should be a requirement to navigate the internet safely going into 2020.

A strong password won’t always be sufficient. I use a second layer, whether it’s receiving some temporary one-time code on your phone via text, or using some type of tool like Google Authenticator to log on.

Multi-Factor Authentication

My wife and I often receive enough emails, say from Dropbox or Amazon or Instagram saying, “Hey, here is your reset token to reset your password.”  We never did that. And so we know that someone’s trying to get in.

Of course, they won’t be able to because we’re getting some type of verification on our phones to validate those requests. If we didn’t, someone might’ve already compromised those accounts for us.

As John Lewis describes, implementing new habits like these can often make connecting online inconvenient sometimes. However, that moment or two it takes for you to verify that you’re the true account owner will greatly minimize the risk that someone else will claim ownership of your data and assets.

In our next post, we’ll talk about what to do if an online account has already been compromised and how to retrace your digital steps to uncover accounts you likely forgot about before it’s too late. Sign up to our email feed and don’t stop learning about website security.

Source link

The post #cybersecurity | #hackerspace |<p> Personal Online Privacy – Data & Browser Privacy <p> appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof

#cybersecurity | #hackerspace | Avast Threat Labs Uncovers Brazil Cyberattacks | Avast

Source: National Cyber Security – Produced By Gregory Evans

In late November the Avast Threat Labs team discovered cyberattacks that exploited Brazilian users’ routers to send them to phishing pages designed to look like actual websites the victim wanted to visit. In this case, sites included Brazilian banking, and news sites, as well as Netflix. 

The sites were:

  • bradesco.com.br
  • santandernetibe.com.br
  • pagseguro.com.br
  • terra.com.br
  • uol.com.br
  • Netflix.com

Online banking sites and sites like Netflix are often targeted by cybercriminals in such hijack attacks, as it allows them to easily steal valuable login credentials. 

This type of router attack is typically initiated when the user visits a compromised website with malicious advertising (malvertising), which is served using third-party ad networks to the site. In this case, users were automatically redirected to one of two router exploit kit landing pages initiating the attack on their router, without user interaction, in the background. Their routers then redirected them from real business pages to lookalike phishing sites. The Avast Web Shield blocked two malicious websites infecting users’ routers nearly 5,500 on Nov. 25, followed by more than 1,000 blocked URLs the following day.

The team visited the phishing version of the Banco Bradesco site, which victims of the router attacks were redirected to when trying to visit the bank’s website. The address bar on the site revealed the site was not a secure HTTPS site, which would have shown the padlock symbol. An error message also showed the site to be unsecured. Most of the links on the site don’t work. The login page does work, however, in the sense that the victim can log in to their account by filling in their credentials at the top of the page. 

The phishing site does not validate the login credentials, it has no way of doing so, so it just automatically pretends to log the user into their account. The phony site thus captures visitors’ usernames and passwords, and subsequently displays a pop-up message notifying the user the system is temporarily unavailable and to try again in a few minutes. This campaign is no longer active.

To prevent a DNS hijack attack:

  • Update your router’s admin credentials with a strong password.
  • Update router firmware to the latest version. You can typically find this on the router manufacturer’s website.
  • Change your login credentials, especially for your online banking services and router, using strong passwords.
  • Make sure to check if your banking website has a valid certificate, by looking for the padlock in the URL address bar of your browser.

The Avast Web Shield feature, included in both the free and premium version of Avast Antivirus proactively protects users against router CSRF attacks. Avast Wi-Fi inspector, part of the Avast Free Antivirus and premium consumer security software products, can also evaluate the strength of your router password, test the network for DNS hijack issues and show a list of hijacked domains.

Read more about the Avast Threat Labs investigation of the GhostDNS Exploit Kit on the team’s Decoded Blog.

Source link

The post #cybersecurity | #hackerspace |<p> Avast Threat Labs Uncovers Brazil Cyberattacks | Avast <p> appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof

#cybersecurity | #hackerspace | Apple Confirms iPhone Regularly Gathers Location Data, But Says It Doesn’t Leave the Phone

Source: National Cyber Security – Produced By Gregory Evans

Apple confirmed that their latest iPhone 11 phones come with a feature that requires regular geolocation checks, but the company said that information doesn’t leave the phone.

Security researcher Brian Krebs noticed that the latest iPhone 11 was making geolocation check seven when all apps that would require it had that feature disabled. The only way to stop this behavior would be to disable the geolocation feature system-wide. It turns out that things are more complicated than just apps with unpermitted access, as it pertains to a new chip called U1.

Apple says it respects user privacy, which makes it odd that the phones are gathering data for unknown purposes. At worst, geolocation data would be sent back to Apple, but the company assured everyone that the GPS information doesn’t leave the phone.

It took Apple a couple of days to address the problem fully, but now we know that the iPhone 11 access the GPS data with instructions from its U1 chip. That’s a component in the phone that manages ultra-wideband (UWB) communication, until now only used for AirDrop and to find nearby compatible devices.

“Ultra-wideband technology is an industry-standard technology and is subject to international regulatory requirements that require it to be turned off in certain locations… iOS uses Location Services to help determine if iPhone is in these prohibited locations in order to disable ultra-wideband and comply with regulations… The management of ultra-wideband compliance and its use of location data is done entirely on the device, and Apple is not collecting user location data,” Apple said to TechCrunch.

It turns out that other components in iOS need access to GPS data as well, but they have no dedicated toggle. It’s still a little bit unclear what Apple intends to do with the UI chip, but for now, iPhone users will have to deal with the fact that their devices collect location data, and that’s that.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Silviu STAHIE. Read the original post at: https://hotforsecurity.bitdefender.com/blog/apple-confirms-iphone-regularly-gathers-location-data-but-says-it-doesnt-leave-the-phone-21869.html

Source link

The post #cybersecurity | #hackerspace |<p> Apple Confirms iPhone Regularly Gathers Location Data, But Says It Doesn’t Leave the Phone <p> appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof

#cybersecurity | #hackerspace | Staying Safe when Shopping this Holiday Season: Bricks and Clicks Edition

Source: National Cyber Security – Produced By Gregory Evans

The shopping season is upon us, and like it or not there are lots of individuals who would love to replace your happiness with their sadness. Thus, at this festive time of the year, it is imperative to give some thought and prep time to you and your family’s shopping habits and the security that surrounds those habits. If you’re like most people, you will NOT be using cash for all your holiday purchases. Therefore, it’s important to ensure your taking steps to keep your card and bank accounts secure.

Most bad actors purchase or download software from what’s known as the “dark web”. Software in the dark web is generally “known” and proven to work code that can give malicious users the ability to assess, capture and attain user information and data from unknowing computer systems and users. The good news is most security vendors are aware of these software packages and actively track and alert on their installation, usage and existence.

As individuals, we should also take additional steps to ensure all accounts that we use are secure. What are some of the steps we should be taking this season to ensure our accounts are protected?

Staying Safe When Shopping Online

While very convenient, popular and propped up with the latest mobile apps and technology, online shopping is where most malicious activity happens, and it is where most of the media attention is given.

Is it possible that a vendor that you normally shop at has been hacked in the past? If so, were you aware of the hack and did you take steps to ensure your security? Maybe you received a letter providing you with a free one-year subscription to a credit card protection service? did you sign up?

Maybe a bad incident hit the (Read more…)

Source link

The post #cybersecurity | #hackerspace |<p> Staying Safe when Shopping this Holiday Season: Bricks and Clicks Edition <p> appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof