On Sunday, February 11, over 160 million viewers from around the globe watched Super Bowl LVIII, making it one of the most viewed annual sporting events. It is also a good bet that a record number of⦠Read more on Cisco Blogs
When you open yourβ―laptop or your mobile device, what is the first thing you do? Do you head to your favorite social media site to skim the latest news, orβ―doβ―you placeβ―your weeklyβ―grocery delivery order?β―No matter what your daily onlineβ―habits are, even the slightest degree of caution can go a long way inβ―staying secure online.β―Β
Thatβs because hackersβ―are experts atβ―hidingβ―malwareβ―inβ―yourβ―everydayβ―online routines,β―or evenβ―infiltrating yourβ―cookies toβ―stealβ―login informationβ―and learn aboutβ―your personal preferences.β―Β
According to aβ―StatsCanβ―Canadianβ―internet use survey,β―six out of tenβ―internet usersβ―reported experiencing a cybersecurity incident.β―There are many hoops to jump through when navigating the digital landscape.β―Byβ―takingβ―the necessaryβ―steps to remedy vulnerabilities in your digitalβ―activity,β―youβ―canβ―dramatically improveβ―your online protection.β―Β
Cybercriminals take advantage of online users throughβ―routineβ―avenues you would not expect.β―Here areβ―threeβ―commonβ―waysβ―thatβ―cybercriminalsβ―eavesdrop on onlineβ―users.β―Β
Adware, or advertising-supported software, generates ads in the user interface of a personβs device.β―Adware isβ―most often used to generate revenue for the developer by targeting unsuspecting online users with personalized ads paid by third parties. These third parties usually pay per view, click, or application installation.β―β―Β
Though not always malicious, adwareβ―crossesβ―into dangerous territory whenβ―it isβ―downloaded withoutβ―aβ―userβsβ―consentβ―andβ―has nefariousβ―intent. In this case,β―the adwareβ―becomes known as a potentially unwanted application (PUA) that can remain undetectedβ―on usersβ devicesβ―for long periods of time.β―According to a report by the Cybersecure Policy Exchange, an unintentionally installed or downloaded computer virus or piece of malware is one of theβ―top five cybercrimesβ―that Canadians experience.β―Theβ―PUAβ―can then create issues like frequent crashes and slowβ―performance.β―β―Β
Users unknowingly download adware onto their device when they download a free ad-supported program or visit a non-secure site that does not use the Hypertext Transfer Protocol Secure (HTTPS) to encrypt online communication.β―β―Β
Hackersβ―also useβ―invasive tactics known asβ―ad injections, where theyβ―inject adsβ―with malicious codeβ―for increased monetary gain.β―This is a practice known asβ―βmalvertising.ββ―If a user clicks on a seemingly legitimate and well-placed ad, they risk exposing themselves to numerous online threats. These ads can be infected with malware such as viruses orβ―spyware.β―For example, hackers canβ―exploit browser vulnerabilitiesβ―to download malware, steal information about the device system, and gain control over its operations. Hackers can also use malvertising toβ―runβ―fraudulent tech support scams, steal cookie data, or sell information to third-party ad networks.β―Β
Another vulnerabilityβ―that manyβ―may not realize is theirβ―browserβs built-in autofill functions. As tempting as it is to use your browserβs autofill function to populate aβ―long form,β―this shortcut may not be safe. Cybercriminals have found ways to capture credentials by inserting fake login boxes onto a web page that users cannot see.β―So,β―when you accept the option to autofill your username and password, youβ―are also populating these fake boxes.β―β―Β
Take a proactive approach to your digital protectionβ―theβ―next time youβ―are browsing the internet by reassessing your online habits.β―Check out these fiveβ―tipsβ―to ensure you areβ―staying as safe as possible online.β―Β
Cookie data can contain anything from login information to credit card numbers. Cybercriminals looking to exploit this information can hijack browser sessions to pose as legitimate users and steal cookies as they travel across networks and servers. As a result, itβ―is essential for online users to regularly clear out their cookies to better protect their information from falling into the wrong hands. Navigate to your browserβs history, where you can wipe the data associated with each browser session, including your cookies.β―β―Β
Clearing your browserβs cookie data will also remove your saved logins, which is why leveraging aβ―password managerβ―can make it easier to access regularly visited online accounts.β―β―Β
Many browsers come with a built-in password generator and manager; however, it is better to entrust your logins and password to aβ―reputableβ―password manager.β―Browser password managers are not as secureβ―asβ―password managers, becauseβ―anyone who has access to your device will also access your online information.β―A password manager, β―provides a more secure solution sinceβ―it requiresβ―you to log in with a separate master password.β―A password manager also worksβ―across various browsers and can generate stronger passwords than those created by your browser.β―β―Β
In addition to clearing cookie data, usersβ―shouldβ―adjust their browser settings to ensure their online sessions remain private.β―β―Β
Another option is to access the internet inβ―Private Browsingβ―Modeβ―toβ―automatically block third-party tracking, making it a quick and easy option to ensure private browsing. Users can also enable the βdo not trackβ function of their browser to prevent third-party tracking by advertisers and websites. Additionally, you can adjust your browser settings to block pop-up ads and control site permissions, such as access to cameras and locations.β―β―Β
Ad blockersβ―suppressβ―unwanted and potentially malicious ads to ensure a safer browsing experience.β―Ad blockers can also make it easier to view page layout by removing distracting ads and optimizing page load speed. Additionally, they prevent websites from tracking your information that third parties can sell.β―Β
Deploying a security solution likeβ―McAfee+ Ultimateβ―ensures the safest internet browsing experience through a holistic approach for threat detection, protection, and remediation. Equipped with a password manager, antivirus software, and firewall protection, users can effectivelyβ―sidestepβ―online threats while browsing theβ―internet.β―Moreover, it includes comprehensive privacy and identity protection, such as our Personal Data Cleanup, dark web monitoring, credit monitoring, along with ways you can quickly Lock or freeze your credit file to help prevent accounts from being opened in your name.Β
Your online behaviorβ―canβ―say a lot about youβ―so make sureβ―you safeguard your internet protection. Whether itβ―is through malvertising or invisible forms, hackers can glean information to paint a picture of who you are to target you through deceptive tactics. Cybercriminals are always looking for vulnerabilities which is why assessing your online habits sooner rather than later is a critical first step to smarter online browsing.β―Β
The post How to Protect Your Online Privacy appeared first on McAfee Blog.
SwaggerSpy is a tool designed for automated Open Source Intelligence (OSINT) on SwaggerHub. This project aims to streamline the process of gathering intelligence from APIs documented on SwaggerHub, providing valuable insights for security researchers, developers, and IT professionals.
Swagger is an open-source framework that allows developers to design, build, document, and consume RESTful web services. It simplifies API development by providing a standard way to describe REST APIs using a JSON or YAML format. Swagger enables developers to create interactive documentation for their APIs, making it easier for both developers and non-developers to understand and use the API.
SwaggerHub is a collaborative platform for designing, building, and managing APIs using the Swagger framework. It offers a centralized repository for API documentation, version control, and collaboration among team members. SwaggerHub simplifies the API development lifecycle by providing a unified platform for API design and testing.
Performing OSINT on SwaggerHub is crucial because developers, in their pursuit of efficient API documentation and sharing, may inadvertently expose sensitive information. Here are key reasons why OSINT on SwaggerHub is valuable:
Developer Oversights: Developers might unintentionally include secrets, credentials, or sensitive information in API documentation on SwaggerHub. These oversights can lead to security vulnerabilities and unauthorized access if not identified and addressed promptly.
Security Best Practices: OSINT on SwaggerHub helps enforce security best practices. Identifying and rectifying potential security issues early in the development lifecycle is essential to ensure the confidentiality and integrity of APIs.
Preventing Data Leaks: By systematically scanning SwaggerHub for sensitive information, organizations can proactively prevent data leaks. This is especially crucial in today's interconnected digital landscape where APIs play a vital role in data exchange between services.
Risk Mitigation: Understanding that developers might forget to remove or obfuscate sensitive details in API documentation underscores the importance of continuous OSINT on SwaggerHub. This proactive approach mitigates the risk of unintentional exposure of critical information.
Compliance and Privacy: Many industries have stringent compliance requirements regarding the protection of sensitive data. OSINT on SwaggerHub ensures that APIs adhere to these regulations, promoting a culture of compliance and safeguarding user privacy.
Educational Opportunities: Identifying oversights in SwaggerHub documentation provides educational opportunities for developers. It encourages a security-conscious mindset, fostering a culture of awareness and responsible information handling.
By recognizing that developers can inadvertently expose secrets, OSINT on SwaggerHub becomes an integral part of the overall security strategy, safeguarding against potential threats and promoting a secure API ecosystem.
SwaggerSpy obtains information from SwaggerHub and utilizes regular expressions to inspect API documentation for sensitive information, such as secrets and credentials.
To use SwaggerSpy, follow these steps:
git clone https://github.com/UndeadSec/SwaggerSpy.git
cd SwaggerSpy
pip install -r requirements.txt
python swaggerspy.py searchterm
SwaggerSpy is intended for educational and research purposes only. Users are responsible for ensuring that their use of this tool complies with applicable laws and regulations.
Contributions to SwaggerSpy are welcome! Feel free to submit issues, feature requests, or pull requests to help improve this tool.
SwaggerSpy is developed and maintained by Alisson Moretto (UndeadSec)
I'm a passionate cyber threat intelligence pro who loves sharing insights and crafting cybersecurity tools.
SwaggerSpy is licensed under the MIT License. See the LICENSE file for details.
Special thanks to @Liodeus for providing project inspiration through swaggerHole.
Attackers are abusing MySQL instances for conducting nefarious operations on the Internet. The cybercriminals are targeting exposed MySQL instances and triggering infections at scale to exfiltrate data, destruct data, and extort money via ransom. For example one of the significant threats MySQL deployments face is ransomware. We have authored a tool named "MELEE" to detect potential infections in MySQL instances. The tool allows security researchers, penetration testers, and threat intelligence experts to detect compromised and infected MySQL instances running malicious code. The tool also enables you to conduct efficient research in the field of malware targeting cloud databases. In this release of the tool, the following modules are supported: