Tuesday, July 14

Parents Family

Stalkerware Use Surges During Lockdown | Avast
Children Teens, Cyber Security, Free, How-to Tips, Parents Family

Stalkerware Use Surges During Lockdown | Avast

Use of this unethical tracking software has surged during lockdown, but here’s how you can protect yourselfCompared to January and February this year, before lockdown measures took effect, March through June saw a surge in the use of stalkerware, an insidious kind of software that allows users to track both the physical and digital moves of others, sometimes accessing photos, videos, and emails, sometimes even tapping into their WhatsApp and Facebook accounts.  It’s a sad truth that domestic violence incidents have increased since stay-at-home orders were issued, but that abusive behavior seems to have carried over into the digital world as well. Avast Threat Labs observed a 51% increase in spyware and stalkerware from March through June, in comparison to the first two months of the year....
Exploiting SSTI in Thymeleaf
Children Teens, Cyber Security, Free, How-to Tips, Parents Family, Seniors Aging

Exploiting SSTI in Thymeleaf

One of the most comfortable ways to build web pages is by using server-side templates. Such templates let you create HTML pages that include special elements that you can fill and modify dynamically. They are easy to understand for designers and easy to maintain for developers. There are many server-side template engines for different server-side languages and environments. One of them is Thymeleaf, which works with Java. Server-side template injections (SSTI) are vulnerabilities that let the attacker inject code into such server-side templates. In simple terms, the attacker can introduce code that is actually processed by the server-side template. This may result in remote code execution (RCE), which is a very serious vulnerability. In many cases, such RCE happens in a sandbox e...
Online Tips – Keeping Kids Safe [Video]
Children Teens, Cyber Security, Dr Don, Free, How-to Tips, Parents Family, Social Media, Virus

Online Tips – Keeping Kids Safe [Video]

Online Tips -Top cybersecurity tips for keeping kids safe online If you’re among the millions of people working from home while also trying to entertain and educate your kids during the coronavirus pandemic, we imagine things have been pretty chaotic. Were it not for the option of sitting your kids in front of a laptop for a few hours to do their schoolwork or play games, things might be even worse. But while the technology gives you a break, do you have complete peace of mind about your children’s safety online? The Internet can be a dangerous place, which is why we talk so often about the importance of secure browsing. We’re not only talking about parental controls, which, although they help you limit the kinds of activities that kids do online, don’t address a ...
5 ways to detect a phishing email – with examples
Children Teens, Cyber Security, Free, How-to Tips, Parents Family, Resources, Seniors Aging

5 ways to detect a phishing email – with examples

Phishing is one of the most common methods of cyber crime, but despite how much we think we know about scam emails, people still frequently fall victim. Action Fraud receives more than 400,000 reports of phishing emails each year, and according to Verizon’s 2020 Data Breach Investigations Report, more than two thirds of data breaches involved social engineering attacks such as phishing. In this blog, we use real phishing email examples to demonstrate five clues to help you spot scams. 1. The message is sent from a public email domain No legitimate organisation will send emails from an address that ends ‘@gmail.com’. Not even Google. Most organisations, except some small operations, will have their own email domain and company accounts. For example, legitimate ema...
Cyber Security, Free, Guide, How-to Tips, Internet Crime, Parents Family, Resources

Joker billing fraud malware eluded Google Play security to infect Android devices

A new variant targeted Android users to subscribe them to premium services without their consent, according to Check Point Research. iStock/Jirsak Google sometimes has a tough time keeping malware out of its mobile app store. Though the company employs Google Play Protect to scan and vet apps that contain malware, savvy cybercriminals can devise ways to sneak past those defenses.Always a thorn in Google's side, the Joker malware arrived as a new variant a few months ago and evaded Google Play Protect to infect legitimate apps and sign people up to premium services. A blog pos...
Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com
Children Teens, Cyber Security, Internet Crime, Parents Family

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com

For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same. Earlier this year, KrebsOnSecurity heard from the owners of Privnote.com, who complained that someone had set up a fake clone of their site that was fooling quite a few regular users of the service. And it’s not hard to see why: Privnotes.com is confusingly similar in name...
Turn on MFA Before Crooks Do It For You
Children Teens, Cyber Security, Free, How-to Tips, Parents Family

Turn on MFA Before Crooks Do It For You

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident. As a career chief privacy officer for different organizations, Dennis Dayman has tried to instill in his twin boys the importance of securing their online identities against account takeovers. Both are avid gamers on Microsoft’s Xbox platform, and for years their father managed their accounts via his own Microsoft ac...
‘BlueLeaks’ Exposes Files from Hundreds of Police Departments
Children Teens, Cyber Security, Free, Guide, Parents Family, Resources

‘BlueLeaks’ Exposes Files from Hundreds of Police Departments

Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “BlueLeaks” and made searchable online, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals. The collection — nearly 270 gigabytes in total — is the latest release from Distributed Denial of Secrets (DDoSecrets), an alternative to Wikileaks that publishes caches of previously secret data. A partial screenshot of the BlueLeaks data cache. In a post on Twitter, DDoSecrets said the BlueLeaks archive indexes “ten years of data from over 200 police departments, fusion centers and other law enforcement training and support resources,” and that ...
New Charges, Sentencing in Satori IoT Botnet Conspiracy
Children Teens, Cyber Security, Free, How-to Tips, Parents Family

New Charges, Sentencing in Satori IoT Botnet Conspiracy

The U.S. Justice Department today charged a Canadian and a Northern Ireland man for allegedly conspiring to build botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. In addition, a defendant in the United States was sentenced today to drug treatment and 18 months community confinement for his admitted role in the botnet conspiracy. Indictments unsealed by a federal court in Alaska today allege 20-year-old Aaron Sterritt from Larne, Northern Ireland, and 21-year-old Logan Shwydiuk of Saskatoon, Canada conspired to build, operate and improve their IoT crime machines over several years. Prosecutors say Sterritt, using the hacker aliases “Vamp” and “Viktor,” was the b...
COVID-19 ‘Breach Bubble’ Waiting to Pop?
Cyber Security, Free, How-to Tips, Internet Crime, Parents Family, Virus

COVID-19 ‘Breach Bubble’ Waiting to Pop?

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. But fraud experts say recent developments suggest both trends are about to change — and likely for the worse. The economic laws of supply and demand hold just as true in the business world as they do in the cybercrime space. Global lockdowns from COVID-19 have resulted in far fewer fraudsters willing or able to visit retail stores to use their counterfeit cards, and the decreased demand has severely depressed prices in the underground for purloined card data. An ad for a site sell...