Google’s Messages App Now Defaults To RCS In Latest Move To Replace SMS

Posted in Commentary with tags on August 10, 2023 by itnerd

Google has announced it’s making its Messages by Google app more secure by making RCS the default for both new and existing Messages app users and end-to-end encryption for group chats is now also fully available to all RCS users.   “RCS is the modern industry standard for dynamic and secure messaging.  And now, all of your RCS conversations in Messages by Google are end-to-end encrypted, including group chats, which keeps them private between you and the people you’re messaging,” Google says.  With RCS enabled, users can take advantage of more advanced messaging features similar to those iMessage users have, like: 

  • Sharing high-res photos and videos 
  • See typing indicators  
  • Get read receipts 
  • Send messages over mobile data and Wi-Fi 
  • Rename, edit and remove themselves from group chats 
  • Use end-to-end encryption 

 Since rolling out RCS to U.S. Android users in 2019, Google has been pressuring Apple to adopt the technology in iMessage by launching a website to explain why RCS benefits consumers, but Apple has expressed in court filings, it has no interest in making a version of iMessage for Android. 

Ted Miracco, CEO, Approov Mobile Security had this to say:   

“Securing the mobile ecosystem is an important focus for both Google and Apple. RCS helps the Android ecosystem by adding some important security features that can help mitigate phishing messages, such as encryption and verified sender information. However, no messaging platform, including iMessage, is completely immune to phishing attempts. It’s still important for users to be cautious and exercise good judgment when interacting with messages. A more secure mobile environment is in everyone’s best interest, so we support this move by Google.”

I’m pretty sure that Apple doesn’t support this move as they have no need to do so. We’ll see how this latest move by Google works out.

Leave a comment »

Rogers Is Being Used In A Very Aggressive #Scam

Posted in Commentary with tags , on August 9, 2023 by itnerd

I haven’t been a customer of Canadian Telco Rogers for over a year. Thus when I got this email in my inbox, I was suspicious:

This email had me saying “this is a phishing email for sure.” And that was confirmed when I looked at the email address that it was sent from:

That’s not from rci.rogers.com which is Rogers corporate email domain. It isn’t even from rogers.com which is the email domain for Rogers Internet customers which should still ring alarm bells, but would at least be more likely to fool someone less tech savvy than I who gets this email. So, what’s the play here. Let’s find out by clicking the link which you should NEVER EVER DO:

After clicking the link, I was presented with this web page. If you look at the URL bar, this isn’t from Rogers as it doesn’t end in Rogers.com or something similar. It also has a clock at the bottom to get you to act on this “offer” if you want to call it that. You’ll also note that the website wants to send you notifications. If you’re presented with a prompt like this, you should decline to do so. I’ll show you why in a minute. What happens next is that it leads me through a survey. Here’s question 3 of 7 to illustrate this:

After you go through this nonsense, you get take to this site where you need to fill out your details:

Again, this isn’t a Rogers site. And again, you’ll note that there’s a prompt to show notifications. I put in some bogus info and got this page:

So, the endgame is that they want to get you to hand over your credit card details for a device that is supposed to be “free”. This form does validate that the credit card is active which illustrates a level of sophistication by the threat actors.

What about those requests to allow notifications? Well, seconds after I clicked allow, which again you should NEVER EVER DO, I got this:

Wow. A two for one. You get a credit card scam and a pop-up scam. I don’t see that every day. Clicking on the McAfee one got me this:

I also clicked on some of the other pop ups and got everything from gift card scams to investment scams. Clearly these threat actors are trying to get you in some way shape or form. And to add to this, all these scams go to different domains which prompt you to accept more notifications. Thus making your browser more and more of a dumpster fire. Fortunately for me, I reset my browser back to factory defaults to make all of this go away. But less savvy users may be unable to do so and fall for something or get frustrated.

The bottom line is that clearly there’s an aggressive threat actor using Rogers name to perpetrate a very aggressive scam. If you get this email, delete it and move on with your day. And I’ll be reporting this to Rogers so that they’re aware of this as well which won’t make the threat actors behind this too happy I’m sure.

1 Comment »

Twitter Slapped With $350K Fine For Contempt

Posted in Commentary with tags on August 9, 2023 by itnerd

Twitter is $350K lighter in the wallet because of the fact that they didn’t instantly comply with the Special Counsel’s request for access to Donald Trump’s Twitter account:

The US special counsel who is investigating Donald Trump obtained a search warrant for the former president’s Twitter account in January, and the social media platform delayed complying, a court filing on Wednesday showed.

The delay in compliance prompted a federal judge to hold Twitter in contempt and fine it $350,000, the filing showed.

The US special counsel, Jack Smith, has brought two indictments against Trump. The first case surrounds Trump’s alleged mishandling of classified documents, the second concerns alleged efforts to overturn the results of the 2020 presidential election and over.

Twitter really is playing with fire here. Angering the Justice Department is a really bad idea, and Elon is likely going to find this out the hard way. Much I like to say that Elon should smarten up before he gets burned. But there’s no chance that he will smarten up. Thus, fans of Elon, all three of them should prepare for impact.

Leave a comment »

The Police Service of Northern Ireland REALLY Screws Up And Publishes The Data Of ALL ITS STAFF

Posted in Commentary with tags on August 9, 2023 by itnerd

The good news is that The Police Service Of Northern Ireland didn’t get pwned by hackers. But the bad news is they might as well have been. I say that because they really screwed up and accidentally published the data on all their staff creating a critical incident in the process:

The Police Service of Northern Ireland (PSNI) earlier apologised for the self-inflicted security breach after it inadvertently published the information in response to a Freedom of Information (FOI) request on Tuesday.

The breach involved the surname, initials, the rank or grade, the work location and departments of all PSNI staff, but did not involve the officers’ and civilians’ private addresses.

Alliance Party leader Naomi Long said it was a concern that a member of staff, who she understands to be “relatively junior”, had access to the sensitive data.

PSNI said its chief constable Simon Byrne is cutting his family holiday short to deal with the crisis and is expected to answer questions from politicians.

This is bad. This is very bad. Why is this bad? Here’s why:

The information, which was available online for up to three hours, revealed members of the organised crime unit, intelligence officers stationed at ports and airports, officers in the surveillance unit and almost 40 PSNI staff based at MI5’s headquarters in Holywood, the Belfast Telegraph reported.

Clearly there was no process in place to limit who has access to this data. Nor were there any checks to make sure that the data was safe to release. This is another one of those cases where heads need to roll over this because I cannot imagine what the members of this police service are going through knowing that some of their personal information is out there right now.

#EpicFail

1 Comment »

Vicarius Introduces vuln_GPT

Posted in Commentary with tags on August 9, 2023 by itnerd

Vicarius, developers of the industry’s first fully autonomous end-to-end vulnerability remediation platform, today announced the launch of vuln_GPT, the world’s first Large Language Model (LLM) model trained to generate remediation scripts for software vulnerabilities in the race to find and fix vulnerabilities faster than hackers. The vuln_GPT engine will be freely offered within vsociety, Vicarius’ social community for security researchers. vuln_GPT scripts can then easily be deployed as part of its vRx solution that allows instant remediation of vulnerabilities.

n the ever-evolving digital landscape, there are currently 200,000 vulnerabilities detected in total, with ten percent (10%) discovered in the last year and increasing at an exponential pace. Manually identifying and handling zero-days is a heavy burden, requiring significant daily manpower. In the recent MOVEit vulnerability example, almost 60 days after identifying the first vulnerability, a quarter of the affected organizations still remain vulnerable. The advent of the latest AI-driven cyber threats, such as WormGPT, make it even harder to detect and block these threats.

When it comes to vulnerability management solutions, legacy vendors lean heavily on the assessment and detection side of the house, but have failed to pay appropriate attention to the remediation aspect. Remediation is already a complex process, and security teams remain cautious when applying vendor patches in fear of causing outages or downtime to their systems. Even if a patch is available, they will often undergo a waiting period in order to minimize any potential risk.

Enter vuln_GPT. This new AI-powered remediation engine can automatically generate a remediation script to execute a number of actions. For example, scripts can remove a file, close a port, disable a protocol, or initiate a compensating control. These are all strategies that can provide a sturdy and reliable fix while vendors work on releasing a patch or while security teams test one in a lab environment. Further, because vuln_GPT works without human intervention, it also makes vulnerability detection and remediation faster and more cost effective, without the need for large research teams or highly skilled security engineers, saving time and money.

Recently, there were critical zero-day vulnerabilities discovered in Terrestrial Trunked Radio (TETRA), a radio communications protocol widely used by government, law enforcement and military organizations worldwide. While some of the vulnerabilities can be fixed through firmware updates, others can’t and are more difficult to mitigate, in particular a backdoor in CVE-2022-24402 that can expose sensitive information. Using vuln_GPT, Vicarius takes the manual work out of identifying and applying the most effective compensating controls.

With vuln_GPT, Vicarius ushers in the era of AI-generated scripts to mitigate CVEs and helps to significantly close the gap between detection and remediation. MTTD (mean time to detect) remains a prominent issue for IT teams, but MTTR presents an even bigger challenge, since most teams are not well equipped to fix vulnerabilities quickly.

vuln_GPT enables security teams to quickly fix critical issues, significantly decrease their time to react, cut down the costly aftermath of an incident, and reduce MTTD and MTTR. Vicarius believes the timing is right to help solve the skills gap, particularly when in-house research teams are short staffed and under-resourced.

Leave a comment »

Email threats continue to increase in first half of 2023: Trend Micro 

Posted in Commentary with tags on August 9, 2023 by itnerd

Today, Trend Micro released its midyear cybersecurity threat report, which found that in the first half of 2023, theTrend Micro blocked more than 85 billion threats globally consisting of email threats, malicious files, and malicious URLs, a 27% year-over-year increase.   

In Canada, the detection of attacks from ransomware-as-a-service surged in the first half of 2023. To date, Trend Micro has blocked 394,518,518 email threats attempts in Canada, 24.6% more than last year. 

As AI adoption continues to grow at a stable pace, ransomware groups will become more creative. Findings show Cyber criminals are turning to AI-enabled tools to simplify enacting scams, automate refining targets, and increase scalability with a crop of new crimes. 

You can read the full report here: Stepping Ahead of Risk: Trend Micro 2023 Midyear Cybersecurity Threat Report

Leave a comment »

Uber Eats is now available for teen accounts

Posted in Commentary with tags on August 9, 2023 by itnerd

Today, Uber Eats is now available for teen accounts—meaning parents and guardians now have one less thing to worry about. Whether their teen needs a meal to refuel after practice or brain food to help them through a study session, parents and guardians can relax knowing their teen has a way to feed themselves, even if they’re not around. 

How Uber Eats for teens work: 

  • Deliveries from highly rated delivery people: Orders through teen accounts will always be delivered by highly rated delivery people. 
  • Teen-friendly view: Age-restricted items like alcohol will be filtered out.

Here is what a regular account view looks like:

Here is what a teen account view looks like:

  • Live tracking and real-time alerts: Anytime an order is placed through a teen account, the parent or guardian will receive real-time status updates from pickup to drop off. 
  • Support at your fingertips: If for whatever reason something goes wrong, the parent or guardian and the teen will be able to submit a support ticket in the app. 

Teen accounts enabled by parents and guardians will now provide access to Uber Eats and Uber Rides.  Launched earlier this year, teen accounts with Rides are designed for families on the go with safety features built into the experience for parents/guardians, teenage riders, and drivers. When a teen requests a trip, parents/guardians will be notified, can watch the trip right in their Uber app, and contact their teen or the driver. In addition, Uber safety features – like audio recording, live trip tracking, and PIN Verification to help make sure your teen is getting in the right car – will be mandatory. Only highly rated, experienced drivers will be able to receive requests for trips with teens, and drivers can always choose to stop receiving these trip requests. In case of an emergency, parents/guardians will have the ability to call 911 directly from the trip tracker screen. 

Leave a comment »

The UK Electoral Commission Was Pwned And The Pwnage Was Not Immediately Disclosed To The Public

Posted in Commentary with tags on August 9, 2023 by itnerd

The UK’s Electoral Commission revealed that a cyber attack which allowed unknown threat actors the data of 40 million voters. It gets worse though. This pwnage went unnoticed for a year and was not disclosed to the public for an additional 10 months. 

The Electoral Commission apologized for the security breach in which the names and addresses of all voters registered between 2014 and 2022 were open to “hostile actors” as far back as August 2021. The attack was discovered last October and reported within 72 hours to the Information Commissioner’s Office (ICO), as well as the National Crime Agency. However, the public has only now been informed that the electoral registers containing the data of millions of voters may have been accessible throughout that time. 

The Electoral Commission said it was “not able to know conclusively” what information had been accessed. It is not known whether the attackers were linked to a hostile state, such as Russia, or a criminal cyber gang. The watchdog said “much of the data” was already in the public domain and insisted it would be difficult for anyone to influence the outcome of the UK’s largely paper-based electoral system, but it acknowledged that voters would still be concerned. 

The attackers were able to access full copies of the electoral registers, held by the commission for research purposes and to enable permissibility checks on political donations. These registers include the name and address of anyone in the UK who was registered to vote between 2014 and 2022. The commission’s email system was also accessible during the attack. The full register held by the Electoral Commission contains name and address data that can be inspected by the public but only locally through electoral registration officers, with only handwritten notes allowed. The information is not permitted to be used for commercial or marketing purposes. The data of anonymous voters whose details are private for safety reasons and the addresses of overseas voters were not accessible to the intruders in the IT system. 

All together now…. Whiskey Tango Foxtrot????

This is an epic screw up and heads need to roll over it because it is totally unacceptable that data on 40 million people is out there in the hands of someone to do whatever nefarious things they plan on doing with it. Apologies are not enough. Actions to ensure that this never happens again along with having those who let this happen pay the price are the only way to stop epic screw ups like this going forward.

Leave a comment »

Appdome Launches Cyber Community Program with Pen Testers Around the World

Posted in Commentary with tags on August 9, 2023 by itnerd

Appdome, the one-stop shop for mobile app defense, today announced the launch of its new Mobile App Defense Project, a community program aimed at improving mobile DevSecOps through collaboration with more than 50 renowned mobile app penetration testers around the world. This initiative aims to foster a more secure mobile app economy, raise the bar on mobile app defense and provide rapid, validated, continuous cyber and anti-fraud solutions for all mobile applications globally.

As mobile application use and revenues continue to rise dramatically, mobile application security testing has become a hot topic and fast emerging discipline in the economic landscape. Cyber threats, attacks, tools, methods, and techniques targeting Android & iOS apps, infrastructures and users continue to evolve and proliferate. The Mobile App Defense Project is designed to harness the collective strength of the global pen testing community to provide cutting-edge cybersecurity, anti-fraud, anti-malware and other solutions in mobile applications worldwide.  

Through this program, Appdome will collaborate and share research with leading mobile app penetration testing companies, renowned for their expertise in identifying exploits, vulnerabilities and conducting rigorous security assessments of Android & iOS applications. Appdome will also integrate the recommendations provided by these partners into Appdome’s cyber defense automation platform to deepen and accelerate mobile app defenses for all mobile brands.  

As a community project, Appdome will also contribute cyber and threat research to the community as well as fund education, awareness, and other programs to benefit mutual customers and the broad cyber community defending mobile brands, businesses, and users.  

Some of the founding members of the Mobile App Defense Project include:

Leave a comment »

Guest Post: Online Identity & Privacy Protection Tips For Children

Posted in Commentary with tags on August 9, 2023 by itnerd

By Ani Chaudhuri, CEO, Dasera

Beyond the usual guidelines, there are several innovative and layered approaches that parents might not have considered:

  • Digital Footprint Starts at Birth: Avoid sharing identifiable information about your child on public platforms. This includes full names, birth dates, and locations. A harmless birth announcement can offer malicious actors a starting point.
  • Rethink “Smart” Toys: Before purchasing, scrutinize the data handling practices of internet-connected toys. Many collect vast amounts of information, and not all have stringent security measures.
  • Understand School Data Handling: Engage with your child’s school to understand how they store, use, and protect student data. Often, educational platforms have data vulnerabilities or share information with third parties.
  • Voice-Activated Devices: Devices like Siri or Alexa constantly listen for activation cues. Ensure they aren’t inadvertently recording your child’s conversations or information.
  • Online Gaming: Even games designed for younger children can have chat features. Ensure these are disabled or monitored. Personal information can be unintentionally shared during seemingly innocent in-game conversations.

From the moment they are born. It may sound extreme, but children have a digital identity almost from birth in our current digital era. Whether it’s hospital records, pediatrician visits, or the first photo shared on social media, their digital footprint begins immediately. Each of these instances carries data – a golden ticket for identity thieves. Protecting a child’s ID isn’t just about preventing financial fraud; it’s about safeguarding their entire digital existence and future reputation.

Child ID and privacy isn’t just about what parents should do; it’s equally about the don’ts and nevers:

  • Never Use Their Name for Passwords: Using a child’s name or birthdate as a password for any online service is a glaring risk. It’s often the first thing hackers will try.
  • Don’t Overlook Data Breaches: Not all data breaches make headlines. Watch for breaches involving services your child uses and act accordingly.
  • Never Assume a Platform is Safe: Just because a platform is designed for children doesn’t mean it’s secure. Constantly scrutinize its data practices.
  • Don’t Underestimate Word of Mouth: Children learn much from their peers. Educate them about the basics of data privacy so they can be advocates among their friends.

Protecting a child’s ID and privacy in today’s world requires vigilance, continuous education, and proactive measures. It’s not just about today’s threats but also about preventing potential risks in the future. Parents must be the first line of defense, even if it means challenging the status quo of digital interaction.

Leave a comment »

« Older Entries
Newer Entries »