Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Schrödinger’s kit ...

 Tips

At first glance, TikTok, the fun and fresh social media platform doesn’t seem to offer much beyond addictive dance videos and risky challenges, but TikTok does host educational content as well, with more added every day. You just need to know how to find it. The search for knowledge — on TikTok? Social media   show more ...

feeds don’t come together randomly; they’re based on users’ interests. If you keep liking funny cat videos, more of them will appear in your recommendations. It’s that simple. You can find more practical kinds of content on TikTok, however. For example, teachers from early childhood to higher education, scientists of all stripes, historians, art critics, and other professionals and enthusiasts from all over the world use their TikTok accounts to share short videos demonstrating lab experiments, solving math problems, recounting historical events, and much more. Essentially, to make a TikTok account into an interesting educational resource, all you have to do is watch and like interesting educational videos. How to find educational content on TikTok So, how do you find that educational content? Start with hashtags — the # sign plus a word or short phrase on a specific topic from this year’s coursework, such as #antarctic or #climatechange. Here are a few hashtags you can use to begin crafting your own educational TikTok feed: #learnontiktok This tag applies to educational videos, but it may also include various lifehacks, tips, and the like. Despite its extremely general mission, adding this hashtag to your searches may help you turn up some useful videos. #[schoolsubject] We’re in school for a long time, so use a variety of hashtags based on the learning level and subject matter at hand. For example, to find educational videos and accounts related to mathematics, you might start with #math or #algebra before drilling down (a little) to concepts such as #longdivision for younger learners or #planets for astrophysics. You can also search using specific key phrases such as “negative numbers.” The #history tag has lots of educational videos about history. For more focused results, add #historyfacts, #ancientcivilizations, #wwii, and so on. Just like with math, using more specific terms narrows the results. Ditto any other subject, such as #geology, #anthropology, #paleontology, #economics, and more — it’s not rocket science (#rocketscience, however, is.) Of course, TikTok also has tons of helpful videos for foreign-language learners. Add “speaking” or “language” to the name of the language: for example, #russianspeaking or #germanlanguage. We offer the above simply as a taste — a way to think about how the TikTok platform can educate and inform, not just entertain. The first step is to train your newsfeed and recommendations properly. It may take a while, but it’s well worth the effort.

image for Home network monitor ...

 Products

Getting connected has never been so easy. In the not-so-distant past, you might’ve needed technical certification to get a home Wi-Fi network up and running, but that hasn’t been the case for quite a few years. These days, home networking is practically plug-and-play. Note that we haven’t mentioned   show more ...

security anywhere yet. Of course, any reader of this blog knows that’s a trap. The challenge of home and external networking is to get connected reliably and safely. When it comes to home networking, we really don’t recommend skipping the few steps needed to get and stay connected in a safe, secure way. That means changing the default network name and password, cutting off remote access, and doing a few other things. How Kaspersky Security Cloud improves your home network security The first time you run the latest iteration our all-in-one home security solution, Kaspersky Security Cloud, it automatically gets to know your home network. In addition to protecting the devices you know you have connected to the network, it catalogues all networked devices in case something doesn’t belong. An example of a network map in Kaspersky Security Cloud In the utility’s Home Network interface, you can view the list of connected devices, add friendly names, and perform some light administration. Critically, the device list includes MAC addresses for all connected devices (as well as the device type and name, its operating system, and IP address, plus a note about which devices are running Kaspersky software). If you see something that doesn’t belong, you can then use your router’s administration software to kick it off the network and block it for good. Information about a device connected to your network includes its MAC address, which you can use to kick the device off the network and block it in your router’s settings Once you have your network mapped and have ensured that every device on it is a welcome one, then outsiders should not be able to help themselves to your network connection. That said, in the event a new device sneaks onto the network, Kaspersky Security Cloud alerts you so that you can quickly cut off its access. In the event that you would prefer not to be notified about new devices joining your network, Windows users can disable the notifications — ad hoc, using the Disable notifications for this network link in the notification, or through the application’s preferences: Open the main application window; Click the network icon that corresponds to your connection type (e.g., wired or wireless) toward the bottom of the window; In the “Devices in my network” window, click the menu icon (three dots); Select Disable notifications. You can also use the above instructions simply to confirm that your notification settings reflect your preferences. What else is new in Kaspersky Security Cloud? When we say that Kaspersky Security Cloud gets to know your home network, we should also mention that in its latest iteration, we’ve added wired connections to the map. Although most connections these days are wireless — smartphones, tablets, laptops — it’s also entirely likely you have a stationary device or two wired right to your router with an Ethernet cable. As fast as Wi-Fi connections are, devices near enough to your router can still benefit from that ultrafast Ethernet connection; and many families still have a central desktop computer plugged in and acting as a household hub. Therefore, we added that visibility to the new Kaspersky Security Cloud. We also added tools to simplify the process of adding protection to other users’ devices. They include the ability to generate QR codes and share links to help your family members add Kaspersky security to their devices. You can easily share protection with your family using QR codes Features such as automatic checking of e-mail addresses for potential data leaks have bene expanded as well. Account Check already let users know if data associated with their e-mail addresses leaks online; now the feature is substantially easier to use, automatically checking the e-mail addresses users enter when logging in to accounts and also providing the option for users to add e-mail addresses to the list of addresses the product checks. The Account Check feature lets you know if data associated with your e-mail addresses is leaked online To home network security and beyond Securing your home network is also just one more reason to install and maintain the best security available. With just about everything in the world connected to just about everything else, and cybercriminals organized to pounce on everything from one person’s overused passwords to a vulnerability in a huge network, the one true security tip simply doesn’t exist. It takes a product, ultimately to secure your network. Kaspersky Security Cloud‘s specialized module for home network security adds measures of control for home users.

image for Chinese Antivirus Fi ...

 Ne'er-Do-Well News

The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their   show more ...

customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. Image: FBI Charging documents say the seven men are part of a hacking group known variously as “APT41,” “Barium,” “Winnti,” “Wicked Panda,” and “Wicked Spider.” Once inside of a target organization, the hackers stole source code, software code signing certificates, customer account data and other information they could use or resell. APT41’s activities span from the mid-2000s to the present day. Earlier this year, for example, the group was tied to a particularly aggressive malware campaign that exploited recent vulnerabilities in widely-used networking products, including flaws in Cisco and D-Link routers, as well as Citrix and Pulse VPN appliances. Security firm FireEye dubbed that hacking blitz “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.” The government alleges the group monetized its illicit access by deploying ransomware and “cryptojacking” tools (using compromised systems to mine cryptocurrencies like Bitcoin). In addition, the gang targeted video game companies and their customers in a bid to steal digital items of value that could be resold, such as points, powers and other items that could be used to enhance the game-playing experience. APT41 was known to hide its malware inside fake resumes that were sent to targets. It also deployed more complex supply chain attacks, in which they would hack a software company and modify the code with malware. “The victim software firm — unaware of the changes to its product, would subsequently distribute the modified software to its third-party customers, who were thereby defrauded into installing malicious software code on their own computers,” the indictments explain. While the various charging documents released in this case do not mention it per se, it is clear that members of this group also favored another form of supply chain attacks — hiding their malware inside commercial tools they created and advertised as legitimate security software and PC utilities. One of the men indicted as part of APT41 — now 35-year-old Tan DaiLin — was the subject of a 2012 KrebsOnSecurity story that sought to shed light on a Chinese antivirus product marketed as Anvisoft. At the time, the product had been “whitelisted” or marked as safe by competing, more established antivirus vendors, although the company seemed unresponsive to user complaints and to questions about its leadership and origins. Tan DaiLin, a.k.a. “Wicked Rose,” in his younger years. Image: iDefense Anvisoft claimed to be based in California and Canada, but a search on the company’s brand name turned up trademark registration records that put Anvisoft in the high-tech zone of Chengdu in the Sichuan Province of China. A review of Anvisoft’s website registration records showed the company’s domain originally was created by Tan DaiLin, an infamous Chinese hacker who went by the aliases “Wicked Rose” and “Withered Rose.” At the time of story, DaiLin was 28 years old. That story cited a 2007 report (PDF) from iDefense, which detailed DaiLin’s role as the leader of a state-sponsored, four-man hacking team called NCPH (short for Network Crack Program Hacker). According to iDefense, in 2006 the group was responsible for crafting a rootkit that took advantage of a zero-day vulnerability in Microsoft Word, and was used in attacks on “a large DoD entity” within the USA. “Wicked Rose and the NCPH hacking group are implicated in multiple Office based attacks over a two year period,” the iDefense report stated. When I first scanned Anvisoft at Virustotal.com back in 2012, none of the antivirus products detected it as suspicious or malicious. But in the days that followed, several antivirus products began flagging it for bundling at least two trojan horse programs designed to steal passwords from various online gaming platforms. Security analysts and U.S. prosecutors say APT41 operated out of a Chinese enterprise called Chengdu 404 that purported to be a network technology company but which served a legal front for the hacking group’s illegal activities, and that Chengdu 404 used its global network of compromised systems as a kind of dragnet for information that might be useful to the Chinese Communist Party. Chengdu404’s offices in China. Image: DOJ. “CHENGDU 404 developed a ‘big data’ product named ‘SonarX,’ which was described…as an ‘Information Risk Assessment System,'” the government’s indictment reads. “SonarX served as an easily searchable repository for social media data that previously had been obtained by CHENGDU 404.” The group allegedly used SonarX to search for individuals linked to various Hong Kong democracy and independence movements, and snoop on a U.S.-backed media outlet that ran stories examining the Chinese government’s treatment of Uyghur people living in its Xinjian region. As noted by TechCrunch, after the indictments were filed prosecutors said they obtained warrants to seize websites, domains and servers associated with the group’s operations, effectively shutting them down and hindering their operations. “The alleged hackers are still believed to be in China, but the allegations serve as a ‘name and shame’ effort employed by the Justice Department in recent years against state-backed cyber attackers,” wrote TechCrunch’s Zack Whittaker.

image for Spotlight Podcast: I ...

 Companies

In this Spotlight Podcast, sponsored by The Trusted Computing Group, we speak with Matthew Areno, a Principal Engineer in the Intel Product Assurance and Security (IPAS) group about the fast-changing landscape of cyber threats including attacks on hardware and software supply chains. The post Spotlight Podcast:   show more ...

Intel’s Matt Areno –...Read the whole entry... » Related StoriesSpotlight Podcast: CTO Zulfikar Ramzan on RSA’s Next Act: Security Start-UpSpotlight Podcast: Taking a Risk-Based Approach to Election SecurityPKI Points the Way for Identity and Authentication in IoT

 Malware and Vulnerabilities

The Apple Safari web browser contains a remote code execution vulnerability in its Webkit feature. Specifically, an attacker could trigger a use-after-free condition in WebCore.

 Malware and Vulnerabilities

While repairing an old AM radio and listening to a podcast on his iPhone, researcher Doctor Cube discovered that the radio was receiving the audio from his iPhone when tuned to 950-970kHz.

 Companies to Watch

Avertium, backed by private equity firm Sunstone Partners, has acquired 1440 Security. The financial terms of the deal were not disclosed.

 Malware and Vulnerabilities

Researchers lay bare the details for Zerologon, a now-patched Windows vulnerability that could have allowed access to an organization’s Active Directory domain controllers.

 Trends, Reports, Analysis

LockBit is a Ransomware-as-a-Service (RaaS) in operation since September 2019 that was developed to encrypt large companies in a few hours as a way of preventing its early detection by machines.

 Feed

Ubuntu Security Notice 4519-1 - Ratchanan Srirattanamet discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle memory under certain error conditions in the Bluez 5 module. An attacker could use this issue to cause PulseAudio to crash, resulting in a denial of service, or possibly execute arbitrary code.

 Feed

Apple Security Advisory 2020-09-16-1 - iOS 14.0 and iPadOS 14.0 are now available and address code execution, cross site scripting, out of bounds read, and out of bounds write vulnerabilities.

 Feed

TP-Link cloud cameras NCXXX series (NC200, NC210, NC220, NC230, NC250, NC260, NC450) are vulnerable to an authenticated command injection vulnerability. In all devices except NC210, despite a check on the name length in swSystemSetProductAliasCheck, no other checks are in place in order to prevent shell metacharacters   show more ...

from being introduced. The system name would then be used in swBonjourStartHTTP as part of a shell command where arbitrary commands could be injected and executed as root. NC210 devices cannot be exploited directly via /setsysname.cgi due to proper input validation. NC210 devices are still vulnerable since swBonjourStartHTTP did not perform any validation when reading the alias name from the configuration file. The configuration file can be written, and code execution can be achieved by combining this issue with CVE-2020-12110.

 Feed

Ubuntu Security Notice 4517-1 - It was discovered that Email-Address-List does not properly parse email addresses during email-ingestion. A remote attacker could use this issue to cause an algorithmic complexity attack, resulting in a denial of service.

 Feed

The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors. According to the U.S. Treasury and the Federal Bureau of Investigation (FBI), the sanctions target

 Feed

After a long wait and months of beta testing, Google last week finally released Android 11, the latest version of the Android mobile operating system—with features offering billions of its users more control over their data security and privacy. Android security is always a hot topic and almost always for the wrong reason, including Google's failure to prevent malicious apps from being

2020-09
Aggregator history
Friday, September 18
TUE
WED
THU
FRI
SAT
SUN
MON
SeptemberOctoberNovember