Tag Archives: support scams

AVIEN resources update 10th October 2018

Updates to Anti-Social Media 

Catalin Cimpanu for ZDnet: Google sets new rules for third-party apps to access Gmail data – “All Gmail third-party apps with full access to Gmail user data will need to re-submit for a review by February 15, 2019, or be removed.” Meanwhile, according to the Hacker News: Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users’ Data.

“The vulnerability was open since 2015 and fixed after Google discovered it in March 2018, but the company chose not to disclose the breach to the public—at the time when Facebook was being roasted for Cambridge Analytica scandal.”

The Register comments: Google now minus Google Plus: Social mini-network faces axe in data leak bug drama – “Project Zero would have been all over this – yet it remained under wraps”


Pierluigi Paganani: Hackers can compromise your WhatsApp account by tricking you into answering a video call

The Register:  Rap for WhatsApp chat app chaps in phone-to-pwn security nap flap – “Memory corruption flaw present in Android, iOS builds. Aaand it’s been fixed”

Updates to Cryptocurrency/Crypto-mining News and Resources

Cecilia Pastorino for ESET: Blockchain: What is it, how it works and how it is being used in the market – “A closer look at the technology that is rapidly growing in popularity”


Help Net, citing a report by Webroot: Cryptomining dethrones ransomware as top threat in 2018

Updates to GDPR page

Amber Welch for Security Boulevard: Phishing the GDPR Data Subject Rights – “Companies across the globe are now working toward compliance with the EU GDPR, while phishers may be preparing to exploit their new compliance processes. Airbnb first fell prey to a GDPR-related scam, with more surely to come. Unfortunately, many GDPR security efforts have focused primarily on Article 32 while overlooking new ancillary compliance program risks.”

Updates to Internet of (not necessarily necessary) Things

[Many of the Things that crop up on this page are indeed necessary. But that doesn’t mean that connecting them to the Internet of Things (or even the Internet of Everything) is necessary, or even desirable, given how often that connectivity widens the attack surface.]

SEC Consult: MILLIONS OF XIONGMAI VIDEO SURVEILLANCE DEVICES CAN BE HACKED VIA CLOUD FEATURE (XMEYE P2P CLOUD)

Shaun Nichols for The Register: World’s largest CCTV maker leaves at least 9 million cameras open to public viewing – “Xiongmai’s cloud portal opens sneaky backdoor into servers….Yet another IoT device vendor has been found to be exposing their products to attackers with basic security lapses.”


Netlab 360: 70+ different types of home routers(all together 100,000+) are being hijacked by GhostDNS – “Just like the regular dnschanger, this campaign attempts to guess the password on the router’s web authentication page or bypass the authentication through the dnscfg.cgi exploit, then changes the router’s default DNS address to the Rogue DNS Server[3]through the corresponding DNS configuration interface.”

Tomáš Foltýn for ESET: Most routers full of firmware flaws that leave users at risk
– “If you own a Wi-Fi router, it may well be riddled with security holes that expose you to a host of threats” There’s a comment to this piece by TrevorX that’s well worth reading.


The Register: Which? That smart home camera? The one with the vulns? Really? – “Which? Magazine has been called out for recommending a line of smart home cameras with known vulnerabilities.”


Pierluigi Paganini: Expert presented a new attack technique to compromise MikroTik Routers – “The experts at Tenable Research presented the technique on October 7 at DerbyCon 8.0 during the talk “Bug Hunting in RouterOS” at Derbycon, it leverages a known directory traversal flaw tracked as CVE-2018-14847.”

Updates to Meltdown/Spectre and other chip-related resources

Thomas Claburn for The Register: Intel’s commitment to making its stuff secure is called into question – ‘In an email to The Register in response to our report about the problems posed by the Manufacturing Mode in Intel’s Management Engine (ME), which if left open leaves processors vulnerable to local attack, Kanthak called Intel’s statement “a blatant lie.”‘

Updates to: Ransomware Resources

Help Net, citing a report by Webroot: Cryptomining dethrones ransomware as top threat in 2018

Updates to Tech support scams resource page

Probably won’t get to be a full post, but a comment on one of my ESET blog articles pointed out that “A similar variation is still going round starting with the assertion that your broadband speed is below par and he was working on behalf of my ISP. When we got as far as typing “assoc” in the command window I looked for proof of identification (which I should have asked for at the start!). As tempers flared I hung up the line.”

Updates to Mac Virus

More commentary on China, Apple, and supply-chain hacking

Android, iOS, and macOS issues

 

David Harley

Advertisements

25th April AVIEN Resource Updates

Updates to Anti-Social Media 

The Register: Happy having Amazon tiptoe into your house? Why not the car, then? In-trunk delivery – what could go wrong? – “New Bezos scheme opens up vehicles as drop-off points” What could go wrong?

Sophos: Ex-Reddit mogul apologizes for making the world ‘a worse place’ “New York Magazine recently interviewed McComas for a project called “The Internet Apologizes.”That project has involved interviews with more than a dozen prominent technology figures about “what has gone wrong with the contemporary internet.” “

Updates to Cryptocurrency/Crypto-mining News and Resources

Graham Cluley for ESET: Ethereum cryptocurrency wallets raided after Amazon’s internet domain service hijacked

Help Net Security: Exfiltrating private keys from air-gapped cold wallets

Fortinet: Python-Based Malware Uses NSA Exploit to Propagate Monero (XMR) Miner

Bill Harris for Recode: Bitcoin is the greatest scam in history “It’s a colossal pump-and-dump scheme, the likes of which the world has never seen.” Harsh!

Updates to Meltdown/Spectre and other chip-related resources

Kyle Orland for Ars Technica: The “unpatchable” exploit that makes every current Nintendo Switch hackable [Updated] “Newly published Tegra bootROM exploit could be a big headache for Nintendo and others.” Commentary from The Verge: Nintendo’s Switch can be hacked to run custom apps and games.

Updates to Internet of (not necessarily necessary) Things

Help Net: Effective intrusion detection for the Internet of Things – summarizes the research paper D¨IOT: A Crowdsourced Self-learning Approach for Detecting Compromised IoT Devices

Healthcare IT News: Abbott releases firmware patch to fix cybersecurity flaws in 350,000 medical devices

Help Net: Cybersecurity task force addresses medical device safety. Also: Help Net – FDA plans to improve medical device cybersecurity

Updates to Tech support scams resource page

 Christopher Burgess for Security Boulevard: When Scammers Fill the Tech Support Void Burgess says: “I still haven’t figured out why those companies that provide tech support tend to hide the connectivity to these saviors of their brand in the weeds of the website, but they do, and we search—and sometimes we strike gold.” (I have some thoughts to add on this.)

Updates to: Ransomware Resources

Reuters: Ukrainian energy ministry website hit by ransomware attack

Graham Cluley: The firms that piggyback on ransomware attacks for profit “DON’T WANT TO PAY THE RANSOM? PAY US, AND WE’LL PAY IT FOR YOU! … It seems there are firms out there who are charging ransomware victims a hefty premium for the safe return of your data – when all that’s actually happening is they are paying the ransom on your behalf.”

Ross Ryan for the Prince Edward Island Guardian: P.E.I. government website hit by ransomware attack

Updates to Specific Ransomware Families and Types

Europol: WORLD’S BIGGEST MARKETPLACE SELLING INTERNET PARALYSING DDOS ATTACKS TAKEN DOWN

Updates to Mac Virus

Evil maids and Apple debugs

David Harley

Support Scams – What to do next

My latest article for ESET’s WeLiveSecurity blog expands on an article that originally appeared in a lengthy article on support scams for ITSecurity UK, and subsequently in an article for the ESET Threat Radar Report for December 2015.

Support scams: What do I do now? covers some of the options for people who’ve allowed a support scammer to access their PC and, on discovering that they’ve been duped, have asked about the implications of that mistake and what they need to do next.

Link added to support scam resources page.

David Harley

iOS support scams – added to resources page

Added to the PC ‘Tech Support’ Cold-Call Scam Resources page today….

Here’s an extract from another Mac Virus article – iOS Support Scams – on tech support scams, this time targeting iOS users:

A new blog by Graham Cluley for Intego actually has some points in common with my most recent blog here (which also involved pop-ups misused by support scammers, particularly in the context of Safari). However, Graham’s article is about iOS, whereas mine related to questions asked regarding OS X and Safari (citing advice from Thomas Reed that also addressed other browsers).

David Harley