Login
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child sexual exploitation and rape.
Image: Shutterstock.
Researchers at security firm Permiso Security say attacks against generative artificial intelligence (AI) infrastructure like Bedrock from Amazon Web Services (AWS) have increased markedly over the last six months, particularly when someone in the organization accidentally exposes their cloud credentials or key online, such as in a code repository like GitHub.
Investigating the abuse of AWS accounts for several organizations, Permiso found attackers had seized on stolen AWS credentials to interact with the large language models (LLMs) available on Bedrock. But they also soon discovered none of these AWS users had enabled full logging of LLM activity (by default, logs don’t include model prompts and outputs), and thus they lacked any visibility into what attackers were doing with that access.
So Permiso researchers decided to leak their own test AWS key on GitHub, while turning on logging so that they could see exactly what an attacker might ask for, and what the responses might be.
Within minutes, their bait key was scooped up and used in a service that offers AI-powered sex chats online.
“After reviewing the prompts and responses it became clear that the attacker was hosting an AI roleplaying service that leverages common jailbreak techniques to get the models to accept and respond with content that would normally be blocked,” Permiso researchers wrote in a report released today.
“Almost all of the roleplaying was of a sexual nature, with some of the content straying into darker topics such as child sexual abuse,” they continued. “Over the course of two days we saw over 75,000 successful model invocations, almost all of a sexual nature.”
Ian Ahl, senior vice president of threat research at Permiso, said attackers in possession of a working cloud account traditionally have used that access for run-of-the-mill financial cybercrime, such as cryptocurrency mining or spam. But over the past six months, Ahl said, Bedrock has emerged as one of the top targeted cloud services.
“Bad guy hosts a chat service, and subscribers pay them money,” Ahl said of the business model for commandeering Bedrock access to power sex chat bots. “They don’t want to pay for all the prompting that their subscribers are doing, so instead they hijack someone else’s infrastructure.”
Ahl said much of the AI-powered chat conversations initiated by the users of their honeypot AWS key were harmless roleplaying of sexual behavior.
“But a percentage of it is also geared toward very illegal stuff, like child sexual assault fantasies and rapes being played out,” Ahl said. “And these are typically things the large language models won’t be able to talk about.”
AWS’s Bedrock uses large language models from Anthropic, which incorporates a number of technical restrictions aimed at placing certain ethical guardrails on the use of their LLMs. But attackers can evade or “jailbreak” their way out of these restricted settings, usually by asking the AI to imagine itself in an elaborate hypothetical situation under which its normal restrictions might be relaxed or discarded altogether.
“A typical jailbreak will pose a very specific scenario, like you’re a writer who’s doing research for a book, and everyone involved is a consenting adult, even though they often end up chatting about nonconsensual things,” Ahl said.
In June 2024, security experts at Sysdig documented a new attack that leveraged stolen cloud credentials to target ten cloud-hosted LLMs. The attackers Sysdig wrote about gathered cloud credentials through a known security vulnerability, but the researchers also found the attackers sold LLM access to other cybercriminals while sticking the cloud account owner with an astronomical bill.
“Once initial access was obtained, they exfiltrated cloud credentials and gained access to the cloud environment, where they attempted to access local LLM models hosted by cloud providers: in this instance, a local Claude (v2/v3) LLM model from Anthropic was targeted,” Sysdig researchers wrote. “If undiscovered, this type of attack could result in over $46,000 of LLM consumption costs per day for the victim.”
Ahl said it’s not certain who is responsible for operating and selling these sex chat services, but Permiso suspects the activity may be tied to a platform cheekily named “chub[.]ai,” which offers a broad selection of pre-made AI characters with whom users can strike up a conversation. Permiso said almost every character name from the prompts they captured in their honeypot could be found at Chub.
Some of the AI chat bot characters offered by Chub. Some of these characters include the tags “rape” and “incest.”
Chub offers free registration, via its website or a mobile app. But after a few minutes of chatting with their newfound AI friends, users are asked to purchase a subscription. The site’s homepage features a banner at the top that reads: “Banned from OpenAI? Get unmetered access to uncensored alternatives for as little as $5 a month.”
Until late last week Chub offered a wide selection of characters in a category called “NSFL” or Not Safe for Life, a term meant to describe content that is disturbing or nauseating to the point of being emotionally scarring.
Fortune profiled Chub AI in a January 2024 story that described the service as a virtual brothel advertised by illustrated girls in spaghetti strap dresses who promise a chat-based “world without feminism,” where “girls offer sexual services.” From that piece:
Chub AI offers more than 500 such scenarios, and a growing number of other sites are enabling similar AI-powered child pornographic role-play. They are part of a broader uncensored AI economy that, according to Fortune’s interviews with 18 AI developers and founders, was spurred first by OpenAI and then accelerated by Meta’s release of its open-source Llama tool.
Fortune says Chub is run by someone using the handle “Lore,” who said they launched the service to help others evade content restrictions on AI platforms. Chub charges fees starting at $5 a month to use the new chatbots, and the founder told Fortune the site had generated more than $1 million in annualized revenue.
KrebsOnSecurity sought comment about Permiso’s research from AWS, which initially seemed to downplay the seriousness of the researchers’ findings. The company noted that AWS employs automated systems that will alert customers if their credentials or keys are found exposed online.
AWS explained that when a key or credential pair is flagged as exposed, it is then restricted to limit the amount of abuse that attackers can potentially commit with that access. For example, flagged credentials can’t be used to create or modify authorized accounts, or spin up new cloud resources.
Ahl said Permiso did indeed receive multiple alerts from AWS about their exposed key, including one that warned their account may have been used by an unauthorized party. But they said the restrictions AWS placed on the exposed key did nothing to stop the attackers from using it to abuse Bedrock services.
Sometime in the past few days, however, AWS responded by including Bedrock in the list of services that will be quarantined in the event an AWS key or credential pair is found compromised or exposed online. AWS confirmed that Bedrock was a new addition to its quarantine procedures.
Additionally, not long after KrebsOnSecurity began reporting this story, Chub’s website removed its NSFL section. It also appears to have removed cached copies of the site from the Wayback Machine at archive.org. Still, Permiso found that Chub’s user stats page shows the site has more than 3,000 AI conversation bots with the NSFL tag, and that 2,113 accounts were following the NSFL tag.
The user stats page at Chub shows more than 2,113 people have subscribed to its AI conversation bots with the “Not Safe for Life” designation.
Permiso said their entire two-day experiment generated a $3,500 bill from AWS. Most of that cost was tied to the 75,000 LLM invocations caused by the sex chat service that hijacked their key.
Paradoxically, Permiso found that while enabling these logs is the only way to know for sure how crooks might be using a stolen key, the cybercriminals who are reselling stolen or exposed AWS credentials for sex chats have started including programmatic checks in their code to ensure they aren’t using AWS keys that have prompt logging enabled.
“Enabling logging is actually a deterrent to these attackers because they are immediately checking to see if you have logging on,” Ahl said. “At least some of these guys will totally ignore those accounts, because they don’t want anyone to see what they’re doing.”
In a statement shared with KrebsOnSecurity, AWS said its services are operating securely, as designed, and that no customer action is needed. Here is their statement:
“AWS services are operating securely, as designed, and no customer action is needed. The researchers devised a testing scenario that deliberately disregarded security best practices to test what may happen in a very specific scenario. No customers were put at risk. To carry out this research, security researchers ignored fundamental security best practices and publicly shared an access key on the internet to observe what would happen.”
“AWS, nonetheless, quickly and automatically identified the exposure and notified the researchers, who opted not to take action. We then identified suspected compromised activity and took additional action to further restrict the account, which stopped this abuse. We recommend customers follow security best practices, such as protecting their access keys and avoiding the use of long-term keys to the extent possible. We thank Permiso Security for engaging AWS Security.”
AWS said customers can configure model invocation logging to collect Bedrock invocation logs, model input data, and model output data for all invocations in the AWS account used in Amazon Bedrock. Customers can also use CloudTrail to monitor Amazon Bedrock API calls.
The company said AWS customers also can use services such as GuardDuty to detect potential security concerns and Billing Alarms to provide notifications of abnormal billing activity. Finally, AWS Cost Explorer is intended to give customers a way to visualize and manage Bedrock costs and usage over time.
Anthropic told KrebsOnSecurity it is always working on novel techniques to make its models more resistant to jailbreaks.
“We remain committed to implementing strict policies and advanced techniques to protect users, as well as publishing our own research so that other AI developers can learn from it,” Anthropic said in an emailed statement. “We appreciate the research community’s efforts in highlighting potential vulnerabilities.”
Anthropic said it uses feedback from child safety experts at Thorn around signals often seen in child grooming to update its classifiers, enhance its usage policies, fine tune its models, and incorporate those signals into testing of future models.
Update: 5:01 p.m. ET: Chub has issued a statement saying they are only hosting the role-playing characters, and that the LLMs they use run on their own infrastructure.
“Our own LLMs run on our own infrastructure,” Chub wrote in an emailed statement. “Any individuals participating in such attacks can use any number of UIs that allow user-supplied keys to connect to third-party APIs. We do not participate in, enable or condone any illegal activity whatsoever.”
Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. While it’s unlikely that many programmers fell for this scam, it’s notable because less targeted versions of it are likely to be far more successful against the average Windows user.
A reader named Chris shared an email he received this week that spoofed GitHub’s security team and warned: “Hey there! We have detected a security vulnerability in your repository. Please contact us at https://github-scanner[.]com to get more information on how to fix this issue.”
Visiting that link generates a web page that asks the visitor to “Verify You Are Human” by solving an unusual CAPTCHA.
This malware attack pretends to be a CAPTCHA intended to separate humans from bots.
Clicking the “I’m not a robot” button generates a pop-up message asking the user to take three sequential steps to prove their humanity. Step 1 involves simultaneously pressing the keyboard key with the Windows icon and the letter “R,” which opens a Windows “Run” prompt that will execute any specified program that is already installed on the system.
Executing this series of keypresses prompts the built-in Windows Powershell to download password-stealing malware.
Step 2 asks the user to press the “CTRL” key and the letter “V” at the same time, which pastes malicious code from the site’s virtual clipboard.
Step 3 — pressing the “Enter” key — causes Windows to launch a PowerShell command, and then fetch and execute a malicious file from github-scanner[.]com called “l6e.exe.”
PowerShell is a powerful, cross-platform automation tool built into Windows that is designed to make it simpler for administrators to automate tasks on a PC or across multiple computers on the same network.
According to an analysis at the malware scanning service Virustotal.com, the malicious file downloaded by the pasted text is called Lumma Stealer, and it’s designed to snarf any credentials stored on the victim’s PC.
This phishing campaign may not have fooled many programmers, who no doubt natively understand that pressing the Windows and “R” keys will open up a “Run” prompt, or that Ctrl-V will dump the contents of the clipboard.
But I bet the same approach would work just fine to trick some of my less tech-savvy friends and relatives into running malware on their PCs. I’d also bet none of these people have ever heard of PowerShell, let alone had occasion to intentionally launch a PowerShell terminal.
Given those realities, it would be nice if there were a simple way to disable or at least heavily restrict PowerShell for normal end users for whom it could become more of a liability.
However, Microsoft strongly advises against nixing PowerShell because some core system processes and tasks may not function properly without it. What’s more, doing so requires tinkering with sensitive settings in the Windows registry, which can be a dicey undertaking even for the learned.
Still, it wouldn’t hurt to share this article with the Windows users in your life who fit the less-savvy profile. Because this particular scam has a great deal of room for growth and creativity.
Tapping your phone at the cash register makes for a smooth trip to the store. Far smoother than fumbling for your card at the checkout or dealing with a bunch of change. That’s the beauty of the digital wallet on your phone. And with that convenience comes something plenty important — keeping that digital wallet secure.
All the personal info, photos, and banking apps we already have on our phones already make them plenty valuable. A digital wallet makes them that much more valuable.
A few steps can keep your phone and digital wallet more secure. Further, other steps can protect your cards and identity if that phone gets lost or stolen.
Let’s start with a look at how digital wallets work.
For starters, digital wallets work much like a physical wallet. Through service apps like Apple Pay, Google Pay, Samsung Pay, PayPal, and others, you can store various payment types. That includes debit cards, credit cards, gift cards, and bank accounts.
The transaction is highly secure in general. When you use your digital wallet to make a purchase, the app creates a random ID for the transaction. It uses that ID rather than your actual account number to keep things secure. Encryption technology keeps things safer still by scrambling info during the process.
A digital wallet is safe, as long as you guard your smartphone just as closely as you would your physical wallet.
Here’s why you should secure your digital wallet and three tips to help you do so.
Fewer people use a lock screen than you might think. A finding from our global research showed that only 56% of adults said that they protect their smartphone with a password or passcode.[i] The problem with going unlocked is that if the phone gets lost or stolen, you’ve handed over a large part of your digital life to a thief. Setting up a lock screen is easy. It’s a simple feature found on iOS and Android devices.
Always protect your digital wallet with a lock, whether a unique passcode, fingerprint scan, or facial ID. This is the best and easiest way to deter cybercriminals. If you use a numerical code, make it different from the passcode on your phone. Also, make sure the numbers are random. Birthdays, anniversaries, house addresses, and the last digits of your phone number are all popular combinations and are crackable codes to a resourceful criminal.
Another way to secure your digital wallet is to make sure you always download the latest software updates. Developers are constantly finding and patching security holes, so the most up-to-date software is often the most secure. Turn on automatic updates to ensure you never miss a new release.
Before you swap your plastic cards for digital payment methods, ensure you research the digital banking app before downloading. Also, ensure that any app you download is through the official Apple or Android store or the financial institution’s official website. Then, check out how many downloads and reviews the app has. That’s one way you can make sure you’re downloading an official app and not an imposter. While most of the apps on official stores are legitimate, it’s always smart to check for typos, blurry logos, and unprofessional app descriptions.
So what happens if your phone ends up getting lost or stolen? A combination of device tracking, device locking, and remote erasing can help protect your phone and the data on it. Different device manufacturers have different ways of going about it, but the result is the same — you can prevent others from using your phone. You can even erase it if you’re truly worried that it’s in the wrong hands or if it’s gone for good. Apple provides iOS users with a step-by-step guide, and Google offers up a guide for Android users as well.
No doubt about it. Our phones get more and more valuable as the years go by. With an increasing amount of our financial lives coursing through them, protecting our phones becomes that much more important.
Comprehensive online protection like our McAfee+ plans can protect your phone. And it can protect something else. You. Namely, your privacy and your identity. Here’s a quick rundown: It can …
Protection like this is worth looking into, particularly as our phones become yet more valuable still thanks to digital wallets and payment apps like them.
[i] https://www.mcafee.com/content/dam/consumer/en-us/docs/reports/rp-connected-family-study-2022-global.pdf
The post How to Secure Your Digital Wallet appeared first on McAfee Blog.
More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds.
Image: Shutterstock.
Your Web browser knows how to find a site like example.com thanks to the global Domain Name System (DNS), which serves as a kind of phone book for the Internet by translating human-friendly website names (example.com) into numeric Internet addresses.
When someone registers a domain name, the registrar will typically provide two sets of DNS records that the customer then needs to assign to their domain. Those records are crucial because they allow Web browsers to find the Internet address of the hosting provider that is serving that domain.
But potential problems can arise when a domain’s DNS records are “lame,” meaning the authoritative name server does not have enough information about the domain and can’t resolve queries to find it. A domain can become lame in a variety of ways, such as when it is not assigned an Internet address, or because the name servers in the domain’s authoritative record are misconfigured or missing.
The reason lame domains are problematic is that a number of Web hosting and DNS providers allow users to claim control over a domain without accessing the true owner’s account at their DNS provider or registrar.
If this threat sounds familiar, that’s because it is hardly new. Back in 2019, KrebsOnSecurity wrote about thieves employing this method to seize control over thousands of domains registered at GoDaddy, and using those to send bomb threats and sextortion emails (GoDaddy says they fixed that weakness in their systems not long after that 2019 story).
In the 2019 campaign, the spammers created accounts on GoDaddy and were able to take over vulnerable domains simply by registering a free account at GoDaddy and being assigned the same DNS servers as the hijacked domain.
Three years before that, the same pervasive weakness was described in a blog post by security researcher Matthew Bryant, who showed how one could commandeer at least 120,000 domains via DNS weaknesses at some of the world’s largest hosting providers.
Incredibly, new research jointly released today by security experts at Infoblox and Eclypsium finds this same authentication weakness is still present at a number of large hosting and DNS providers.
“It’s easy to exploit, very hard to detect, and it’s entirely preventable,” said Dave Mitchell, principal threat researcher at Infoblox. “Free services make it easier [to exploit] at scale. And the bulk of these are at a handful of DNS providers.”
Infoblox’s report found there are multiple cybercriminal groups abusing these stolen domains as a globally dispersed “traffic distribution system,” which can be used to mask the true source or destination of web traffic and to funnel Web users to malicious or phishous websites.
Commandeering domains this way also can allow thieves to impersonate trusted brands and abuse their positive or at least neutral reputation when sending email from those domains, as we saw in 2019 with the GoDaddy attacks.
“Hijacked domains have been used directly in phishing attacks and scams, as well as large spam systems,” reads the Infoblox report, which refers to lame domains as “Sitting Ducks.” “There is evidence that some domains were used for Cobalt Strike and other malware command and control (C2). Other attacks have used hijacked domains in targeted phishing attacks by creating lookalike subdomains. A few actors have stockpiled hijacked domains for an unknown purpose.”
Eclypsium researchers estimate there are currently about one million Sitting Duck domains, and that at least 30,000 of them have been hijacked for malicious use since 2019.
“As of the time of writing, numerous DNS providers enable this through weak or nonexistent verification of domain ownership for a given account,” Eclypsium wrote.
The security firms said they found a number of compromised Sitting Duck domains were originally registered by brand protection companies that specialize in defensive domain registrations (reserving look-alike domains for top brands before those names can be grabbed by scammers) and combating trademark infringement.
For example, Infoblox found cybercriminal groups using a Sitting Duck domain called clickermediacorp[.]com, which was a CBS Interactive Inc. domain initially registered in 2009 at GoDaddy. However, in 2010 the DNS was updated to DNSMadeEasy.com servers, and in 2012 the domain was transferred to MarkMonitor.
Another hijacked Sitting Duck domain — anti-phishing[.]org — was registered in 2003 by the Anti-Phishing Working Group (APWG), a cybersecurity not-for-profit organization that closely tracks phishing attacks.
In many cases, the researchers discovered Sitting Duck domains that appear to have been configured to auto-renew at the registrar, but the authoritative DNS or hosting services were not renewed.
The researchers say Sitting Duck domains all possess three attributes that makes them vulnerable to takeover:
1) the domain uses or delegates authoritative DNS services to a different provider than the domain registrar;
2) the authoritative name server(s) for the domain does not have information about the Internet address the domain should point to;
3) the authoritative DNS provider is “exploitable,” i.e. an attacker can claim the domain at the provider and set up DNS records without access to the valid domain owner’s account at the domain registrar.
Image: Infoblox.
How does one know whether a DNS provider is exploitable? There is a frequently updated list published on GitHub called “Can I take over DNS,” which has been documenting exploitability by DNS provider over the past several years. The list includes examples for each of the named DNS providers.
In the case of the aforementioned Sitting Duck domain clickermediacorp[.]com, the domain appears to have been hijacked by scammers by claiming it at the web hosting firm DNSMadeEasy, which is owned by Digicert, one of the industry’s largest issuers of digital certificates (SSL/TLS certificates).
In an interview with KrebsOnSecurity, DNSMadeEasy founder and senior vice president Steve Job said the problem isn’t really his company’s to solve, noting that DNS providers who are also not domain registrars have no real way of validating whether a given customer legitimately owns the domain being claimed.
“We do shut down abusive accounts when we find them,” Job said. “But it’s my belief that the onus needs to be on the [domain registrants] themselves. If you’re going to buy something and point it somewhere you have no control over, we can’t prevent that.”
Infoblox, Eclypsium, and the DNS wiki listing at Github all say that web hosting giant Digital Ocean is among the vulnerable hosting firms. In response to questions, Digital Ocean said it was exploring options for mitigating such activity.
“The DigitalOcean DNS service is not authoritative, and we are not a domain registrar,” Digital Ocean wrote in an emailed response. “Where a domain owner has delegated authority to our DNS infrastructure with their registrar, and they have allowed their ownership of that DNS record in our infrastructure to lapse, that becomes a ‘lame delegation’ under this hijack model. We believe the root cause, ultimately, is poor management of domain name configuration by the owner, akin to leaving your keys in your unlocked car, but we acknowledge the opportunity to adjust our non-authoritative DNS service guardrails in an effort to help minimize the impact of a lapse in hygiene at the authoritative DNS level. We’re connected with the research teams to explore additional mitigation options.”
In a statement provided to KrebsOnSecurity, the hosting provider and registrar Hostinger said they were working to implement a solution to prevent lame duck attacks in the “upcoming weeks.”
“We are working on implementing an SOA-based domain verification system,” Hostinger wrote. “Custom nameservers with a Start of Authority (SOA) record will be used to verify whether the domain truly belongs to the customer. We aim to launch this user-friendly solution by the end of August. The final step is to deprecate preview domains, a functionality sometimes used by customers with malicious intents. Preview domains will be deprecated by the end of September. Legitimate users will be able to use randomly generated temporary subdomains instead.”
What did DNS providers that have struggled with this issue in the past do to address these authentication challenges? The security firms said that to claim a domain name, the best practice providers gave the account holder random name servers that required a change at the registrar before the domains could go live. They also found the best practice providers used various mechanisms to ensure that the newly assigned name server hosts did not match previous name server assignments.
[Side note: Infoblox observed that many of the hijacked domains were being hosted at Stark Industries Solutions, a sprawling hosting provider that appeared two weeks before Russia invaded Ukraine and has become the epicenter of countless cyberattacks against enemies of Russia].
Both Infoblox and Eclypsium said that without more cooperation and less finger-pointing by all stakeholders in the global DNS, attacks on sitting duck domains will continue to rise, with domain registrants and regular Internet users caught in the middle.
“Government organizations, regulators, and standards bodies should consider long-term solutions to vulnerabilities in the DNS management attack surface,” the Infoblox report concludes.
Reconnaissance is the first phase of penetration testing which means gathering information before any real attacks are planned So Ashok is an Incredible fast recon tool for penetration tester which is specially designed for Reconnaissance" title="Reconnaissance">Reconnaissance phase. And in Ashok-v1.1 you can find the advanced google dorker and wayback crawling machine.
FreshRSS 
- Wayback Crawler Machine
- Google Dorking without limits
- Github Information Grabbing
- Subdomain Identifier
- Cms/Technology Detector With Custom Headers
~> git clone https://github.com/ankitdobhal/Ashok
~> cd Ashok
~> python3.7 -m pip3 install -r requirements.txt
A detailed usage guide is available on Usage section of the Wiki.
But Some index of options is given below:
Ashok can be launched using a lightweight Python3.8-Alpine Docker image.
$ docker pull powerexploit/ashok-v1.2
$ docker container run -it powerexploit/ashok-v1.2 --help
MasterParser stands as a robust Digital Forensics and Incident Response tool meticulously crafted for the analysis of Linux logs within the var/log directory. Specifically designed to expedite the investigative process for security incidents on Linux systems, MasterParser adeptly scans supported logs, such as auth.log for example, extract critical details including SSH logins, user creations, event names, IP addresses and much more. The tool's generated summary presents this information in a clear and concise format, enhancing efficiency and accessibility for Incident Responders. Beyond its immediate utility for DFIR teams, MasterParser proves invaluable to the broader InfoSec and IT community, contributing significantly to the swift and comprehensive assessment of security events on Linux platforms.
Love MasterParser as much as we do? Dive into the fun and jazz up your screen with our exclusive MasterParser wallpaper! Click the link below and get ready to add a splash of excitement to your device! Download Wallpaper
This is the list of supported log formats within the var/log directory that MasterParser can analyze. In future updates, MasterParser will support additional log formats for analysis. |Supported Log Formats List| | --- | | auth.log |
If you wish to propose the addition of a new feature \ log format, kindly submit your request by creating an issue Click here to create a request
# How to navigate to "MasterParser-main" folder from the PS terminal
PS C:\> cd "C:\Users\user\Desktop\MasterParser-main\"
# How to show MasterParser menu
PS C:\Users\user\Desktop\MasterParser-main> .\MasterParser.ps1 -O Menu
# How to run MasterParser
PS C:\Users\user\Desktop\MasterParser-main> .\MasterParser.ps1 -O Start
https://github.com/YosfanEilay/MasterParser/assets/132997318/d26b4b3f-7816-42c3-be7f-7ee3946a2c70
People under 60 are losing it online. And by it, I mean money—thanks to digital identity theft.
In its simplest form, your digital identity is made up of a whole host of things that can be traced back to you and who you are. That can range anywhere from photos you post online to online shopping accounts, email accounts to telephone numbers, and bank accounts to your tax ID.
In this way, your digital identity is like dozens upon dozens of puzzle pieces made up of different accounts, ID numbers, and so forth. When put together, they create a picture of you. And that’s why those little puzzle pieces of your identity are such attractive targets for hackers. If they get the right combination of them, you can end up a victim of theft or fraud.
Here’s what’s happening: people under 60 were twice as likely to report losing money while shopping online. The spotlight also shows that adults under 60 are more than four times more likely to report losing money to an investment scam, and the majority of those losses happened in scams involving some form of cryptocurrency investments.
And it’s no surprise younger adults get targeted this way. They’re far more likely than any other age group to use mobile apps for peer-to-peer payments, transfer money between accounts, deposit checks, and pay bills. In short, there’s a lot of money flowing through the palms of their hands thanks to their phones, as well as their computers.
Protecting yourself from hackers and fraud means protecting your digital identity. And that can feel like a pretty huge task given all the information your digital identity includes. It can be done, though, especially if you think about your identity like a puzzle. A piece here, another piece there, can complete the picture (or complete it just enough) to give a hacker what they need to separate you from your money. Thus, the way to stay safe is to keep those puzzle pieces out of other people’s hands.
It’s actually not that tough. With a few new habits and a couple of apps to help you out, you can protect yourself from the headaches and flat-out pain of fraud. Here’s a list of straightforward things that you can get started on right away:
1. Start with the basics—security software
Protect yourself by protecting your stuff. Installing and using security software on your computers and phones can prevent all kinds of attacks and make you safer while you surf, bank, and shop online. I should emphasize it again—protect your phone. Only about half of people protect their phones even though they use them to hail rides, order food, send money to friends, and more. Going unprotected on your phone means you’re sending all that money on the internet in a way that’s far, far less safe than if you use online protection.
2. Create strong passwords
You hear this one all the time and for good reason—strong, unique passwords offer one of your best defenses against hackers. Never re-use them (or slight alterations of them) across the different platforms and services you use. Don’t forget to update them on the regular (that means at least every 60 days)! While that sounds like a lot of work, a password manager can keep on top of it all for you. And if your platform or service offers the use of two-factor authentication, definitely make use of that. It’s a further layer of security that makes hacking tougher for crooks.
3. Keep up to date with your updates
Updates have a way of popping up on our phones and computers nearly every day, resist the urge to put them off until later. Aside from making improvements, updates often include important security fixes. So, when you get an alert for your operating system or app on your devices, go ahead and update. Think of it as adding another line of defense from hackers who are looking to exploit old flaws in your apps.
4. Think twice when you share
Social media is one place hackers go to harvest personal information because people sometimes have a way of sharing more than they should. With info like your birthday, the name of your first school, your mother’s maiden name, or even the make of your first car, they can answer common security questions that could hack into your accounts. Crank up the privacy settings on your accounts so only friends and family can see your posts—and realize the best defense here is not to post any possibly sensitive info in the first place. Also, steer clear of those “quizzes” that sometimes pop up in your social feeds. Those are other ways that hackers try to gain bits of info that can put your identity at risk.
5. Shred it
Even though so many of us have gone paperless with our bills, identity theft by digging through the trash, or “dumpster diving,” is still a thing. Things like medical bills, tax documents, and checks still might make their way to your mailbox. You’ll want to dispose of them properly when you’re through with them. First, invest in a paper shredder. Once you’ve online deposited that check or paid that odd bill, shred it so that any personal or account info on there can’t be read (and can be recycled securely). Second, if you’re heading out of town for a bit, have a friend collect your mail or have the post office put a temporary hold on your mail. That’ll prevent thieves from lifting personal info right from your mailbox while you’re away.
6. Check your credit
Even if you don’t think there’s a problem, go ahead and check your credit. The thing is, someone could be charging things against your name without you even knowing it. Depending on where you live, different credit reporting agencies keep tabs on people’s credit. In the U.S., the big ones are Equifax, Experian, and TransUnion. Also in the U.S., the Fair Credit Reporting Act (FCRA) requires these agencies to provide you with a free credit check at least once every 12 months. Canada, the UK, and other nations likewise offer ways to get a free credit report. Run down your options—you may be surprised by what you find.
As I just mentioned, the quickest way to get sense of what’s happening with your identity is to check your credit. Identity theft goes beyond money. Crooks will steal identities to rent apartments, access medical services, and even get jobs. Things like that can show up on a credit report, such as when an unknown address shows up in a list of your current and former residences or when a company you’ve never worked for shows up as an employer. If you spot anything strange, track it down right away. Many businesses have fraud departments with procedures in place that can help you clear your name if you find a charge or service wrongfully billed under your name.
Other signs are far more obvious. You may find collection agencies calling or even see tax notices appearing in your mailbox (yikes). Clearly, cases like those are telltale signs that something is really wrong. In that case, report it right away:
Likewise, many nations offer similar government services. A quick search will point you in the right direction.
Another step you can take is to ask each credit bureau to freeze your credit, which prevents crooks from using your personal information to open new lines of credit or accounts in your name. Fraud alerts offer another line of protection for you as well, and you can learn more about fraud alerts here.
With so many bits and pieces of information making up your digital identity, a broader way of keeping it safe involves asking yourself a question: what could happen if someone got their hands on this info? Further realizing that even little snippets of unsecured info can lead to fraud or theft in your name helps—even that un-shredded bill or innocuous refund check for a couple of bucks could give a crook the puzzle piece they need. You can keep your digital identity safe by keeping those pieces of info out of other people’s hands.
The post How to Protect Your Digital Identity appeared first on McAfee Blog.
Throw open the windows and let in some fresh air. It’s time for spring cleaning.
And that goes for your digital stuff too.
Whether it’s indeed spring where you are or not, you can give your devices, apps, and online accounts a good decluttering. Now’s the time. Cleaning them up can protect your privacy and your identity because when there’s less lying about, there’s less for hackers to scoop up and exploit.
The reality is that we accumulate plenty of digital clutter that needs cleaning up from time to time. Think about it:
Together, these things take up space on your devices and, in some cases, can open you up to security hazards. Let’s take a look at how you can clean up in a few steps.
1. Review your accounts and delete the ones you don’t use. Look through your bookmarks, your password manager, or the other places where you store your passwords and usernames. Review the sites and services associated with them critically. If you haven’t used an account in some time, log in one last time, remove all personal info, and deactivate it.
Doing so can keep your email address, usernames, and passwords out of unnecessary circulation. Major breaches like this one happen with unfortunate regularity, and the sad thing is that you may not even be aware that a site you’ve used has been hit. Meanwhile, your name, password, and info associated with that account (such as your credit card) are in the hands of hackers. Limit your exposure. Close those old accounts.
2. Get organized, and safer too, with a password manager. While creating strong, unique passwords for each of our accounts is a must nowadays, it can be quite the feat, given all of the accounts in our lives. Here’s where a password manager comes in. It can create those strong, unique passwords for you. Not only that, but it also stores your passwords on secure servers, away from hackers and thieves.
Along those lines, never store your passwords on your computer or device, like a text document or spreadsheet. Should your device ever get compromised, lost, or stolen, having passwords stored on them are like handing over the keys to your digital life.
3. Clean your PC to improve your performance (and your security). Let’s face it, so many of us are so busy with the day-to-day that cleaning up our computers and laptops is way down the list. However, doing so once a month can keep our devices running stronger for longer and even give you that “new computer feeling,” particularly if you haven’t cleaned it up for some time. Check out our guide for improving PC performance. We will walk you through some straightforward steps that can make a marked difference.
Moreover, part of this process should entail bolstering your operating system and apps with the latest updates. Such updates can not only improve speed and functionality, but they also often include security upgrades as well that can make you safer in the long run. If your operating system and apps feature automatic updates, enable them, and they’ll do the work for you.
4. Organize and store your photos. Photos. Now there’s a topic all unto itself. Here’s the thing: Estimates show that worldwide we took somewhere around 1.2 trillion photos. And you certainly have your share.
However, your photos may be just sitting there, taking up storage space on your computer or phone, instead of becoming something special like an album, greeting cards, a wall hanging, or popping them into a digital picture frame for your kitchen or living room. And this is where a little spring cleaning can be a bit of fun. For tips on cleaning up your photos, backing them up, and making something special with them.
5. Delete old apps and the data associated with them. Let’s say you have a couple of apps on your phone for tracking your walks, runs, and exercise. You’ve since stopped using one altogether. Go ahead and delete the old one. But before you do, go in and delete your account associated with the app to ensure that any data stored off your phone, along with your password and user id are deleted as well.
For your computers and laptops, follow the same procedure, recognizing that they also may have account data stored elsewhere other than on your device.
In short, many apps today store information that’s stored and maintained by the app provider. Make sure you close your accounts so that data and information is taken out of circulation as well.
6. Shred your old files and encrypt the important files you’re holding on to. This bit of advice calls for using comprehensive security software on your devices. In addition to protecting you from viruses, malware, and other cyberattacks on your privacy and identity, it can help you protect your sensitive information as well. Such security software can offer:
7. Throwing away old computers and tech—dispose of them properly. When it comes time to say goodbye to an old friend, whether that’s a computer, laptop, phone, or tablet, do so in a way that’s friendly to the environment and your security.
Consider this … what’s on that old hard drive of yours? That old computer may contain loads of precious personal and financial info on it. The same goes for your tablets and phones. The Federal Trade Commission (FTC) offers some straightforward advice in their article about protecting your data before you get rid of your computer. You don’t want those old tax returns ending up in the trash unprotected.
When it comes time for disposal, you have a few options:
As with any spring cleaning, you’ll be glad you did it
Enjoying the benefits of your work—that’s what spring cleaning is all about, right? With this little list, you can end up with a digital life that’s safer and faster than before.
The post Digital Spring Cleaning: Seven Steps for Faster, Safer Devices appeared first on McAfee Blog.
