Yes, you read the title correctly, scammers and hackers are resorting to phone calls to trick people into giving them access to their PCs. In fact, it happened to me just this week. Here is how it went down. A call came in on my land line. Being busy, I let it go to the answering machine. When I finally listened to the message a woman said that there was a problem with my Microsoft account and if I was the person who purchased Office 365, I should call back or press 1 for immediate help. Dire circumstances would occur otherwise like corruption of credentials, loss of data, inability to access accounts, etc.
Government agencies from around the world are often the first to make recommendations to individuals, groups, and companies about steps to take for the best cyber security. That advice is welcome and often can save users from falling prey to scams, hacks, and other cyber threats. In many situations, these agencies mandate levels of cybersecurity that must be achieved in industry, especially where the product or service is critical to the efficient functioning of daily life for a country. These include banking, power, and other municipal services.
Researchers have reported that a new malware called VPNFilter has infected as many as 500,000 routers worldwide. Over the last couple of days, more has come out about the malware and what it does. This is a sophisticated piece of software that has three stages. According to an article from PCMag.com, Stage 1 makes the connection back to the bad actors. Stage 2 sends the information being collected, and Stage 3 provides various plugins for Stage 2 even including the ability to use a Tor browser to communicate.
It's probably a safe bet that everyone with internet access has heard of the infamous dark web, that lawless electronic realm where all the bad actors hang out. But what is it and where is it? Why don’t dark web sites show up when we search for normal things?
According to a survey commissioned by Radware, a cybersecurity company, 20% of the Millennials (ages 18 – 34) surveyed said they would rather have the government be able to see their phone data than their significant other (SO). The article then asks an interesting question as a result of this finding, “Are Millennials simply resigned to the fact that privacy in the digital age is a thing of the past? Are they just accustomed to everything about them being ‘out there’?”
Since the beginning of 2018, there have been a series of attacks exploiting vulnerabilities in the central processing units (CPUs) of major chip makers. Called Spectre and Meltdown, these hacks allow the attackers to fool the CPU into providing sensitive information stored in unsecured portions of the CPU. Patches were issued and mitigated the damage although they did impact system performance for certain tasks, making the PCs run a touch slower.
Not all encryption software, tools, and techniques are created equal. While it is true that using some encryption is better than not using any at all, it is always smart to research your solution before and during using it. As a Hacker News article points out, serious flaws in two popular encryption tools, PGP and S/MIME have recently been discovered.