Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for The most widespread ...

 Threats

Anyone who has had any contact with Amazon knows that, from time to time, you may come across scammers who parasitically exploit the marketplace’s popularity. They defraud all sorts of users: sellers, buyers, regular users, and one-time visitors. Even if you’ve never logged on to Amazon (real talk, though:   show more ...

never?), some of these scams can affect you, too. We’ll focus first on buyers because they form the largest group, but we won’t ignore everyone else. I shop on Amazon. What should I look out for? For many years now, phishing — that timeless classic of Internet fraud — has remained the main threat to most ordinary users. A scammer’s main target is your personal data, and preferably data that gives access to important accounts (ideally, finance-related accounts). An Amazon account, as you might guess, is a worthwhile prize. Scammers try to obtain this data using fraudulent e-mails, text messages, or calls purporting to come from Amazon. There are dozens of phishing techniques, but most often, they stress urgency. Below, you’ll find the main types of phishing e-mails our antispam analysts have come across recently. Fake message about an Amazon Prime subscription You receive an e-mail or text message claiming you’ll soon be charged for the Amazon Prime subscription you (allegedly) purchased and providing a number you can call to cancel the purchase. If you call it, they’ll try to trick or pressure you into revealing your username, password, and card number. There is also a version of this scheme that involves persuading victims to install the remote access program TeamViewer on their computers — and that relieved ordinary Britons of a million pounds over a three-month period in 2019. Fake alerts about suspicious activity on your Amazon account One of the most common phishing techniques uses a message that appears to come from Amazon and refers to suspicious activity or unauthorized transactions in your account. In this scenario, the scammers try to frighten you by making you think someone hacked your account. A phishing e-mail saying your account has been locked because of suspicious activity To put things right, the notification says, you need to click a link. The link leads to a fake Amazon site, and if you enter your username and password there, that information goes straight to the scammers, who use them to hack your account (for real). One woman in Fife, Scotland, ended up losing £80,000 as a result of such a call. Confirmation of an Amazon order you didn’t make Your Sony PlayStation will soon be shipped to the address you provided. Didn’t order one? Just call us and we’ll fix everything. As you may have guessed, making that call is a bad idea. Once again, scammers are after easy money and personal data. One woman in Australia lost AU$4,000 this way; the scammers got her to buy Amazon gift cards. A fraudulent e-mail purporting to be from Amazon, claiming an expensive order — which you never placed — is on its way to you Fraud involving paying for products with a gift card Gift cards are central to a common ploy: You find a product online at a very good price, but the seller suggests you transfer the details of an Amazon gift card as payment. We do not recommend playing along. You’ll end up with no money on the card and no purchase. It’s always best to pay for online purchases in ways that allow you to challenge the payment if something goes wrong. The main purpose of an Amazon gift card, as the name suggests, is to be given as a gift. Any challenge to sending one of these cards to an unscrupulous anonymous seller won’t hold up. Fake requests to buy gift cards Another option is a fake e-mail from your boss urgently requesting a pack of Amazon gift cards. It may come as a surprise, but people still fall for this trick. The sender doesn’t have to be your boss, either; it could be a relative, such as a grandmother uncomfortable with technology, asking you to buy several small-value gift cards as Christmas gifts for the whole family. The most effective counter is also the simplest: contact your boss (or grandmother) using a different method (don’t reply to the e-mail) and make sure everything is all right. Fake notifications about a bonus or gift We’ve seen examples of scammers using the stick, but they also use the carrot to lure people in. If they can’t intimidate you with talk of hacking your account or suspicious transactions, they can still send you an e-mail about accumulated bonus points about to expire or some other gift. The result is the same: If you click the link and enter data on the fake site, it will be sent to the scammers. Don’t do it. You’re supposedly entitled to a bonus from Amazon, but you’ll have to go to a phishing site to get it I sell products on Amazon. Should I look out for anything? Scammers don’t care if you’re a buyer or a seller; either way, you have money they want. If you sell on Amazon, look out for these scams. A “failed delivery” The delivery failure scam has already become a classic of Internet fraud (and perhaps of fraud in general). What can you do if a buyer claims their package never arrived? Does Amazon have ways to combat this kind of scam? Yes. Always choose delivery with precise tracking for your package, which lets you track it every step of the way, including learning when it’s received. Product substitution after receipt What if a buyer replaces the product they purchased with a damaged one and demands compensation? This one’s up to you: Before shipping the item, take a picture or video of the item in good condition and seal the package with a protective sticker. If the sticker’s broken, then you clearly held up your end of the deal. Some shameless individuals have earned hundreds of thousands of dollars on illegal returns, replacing real goods with boxes of dirt. They were caught in the end, and justice prevailed, but sellers can experience real damage before everything shakes out. I don’t have any kind of connection to Amazon. Should I be on the lookout for anything? Surprisingly, yes. Amazon’s gravitational influence can affect you even if you’ve never visited the platform’s website. Fake Amazon job offers Take, for example, fake job offers. The scam starts out on a similar path, but instead of a gift or a delivery problem, the person with the unfamiliar phone number is offering you a job at Amazon. Weird, sure, but the prospect of working from home with a flexible schedule, making several thousand dollars per month is tempting. Hang on: There’s an applicant fee. That you pay with an Amazon gift card. Sound familiar? It’s time to hang up. After all, Amazon advertises open jobs on its website and does not charge for the privilege of applying. Another version of this scam invites people to write reviews of products on Amazon and get paid for it. Victims are redirected to a phishing site, and any data entered there will fall into the hands of scammers. Mysterious packages and rigging ratings Another type of fraud worth mentioning is rigging a seller’s rating using a method called “brushing.” It begins with a package of random stuff you didn’t even order. Some of the unwanted packages contained slippers, light bulbs, or seeds, for example. The trick lies in the reviews. An unscrupulous seller can register hundreds of fake accounts, sell some cheap items to each of them, send said items to random addresses from a leaked database, and post rave reviews purporting to come from those fake accounts. In some cases, the packages have even gone to dead people. This scam doesn’t pose a direct threat to the recipient, but if you receive a package like this, it’s very likely your data has leaked. Therefore, we recommend checking your e-mail addresses against this database of known leaks and, if necessary, changing your passwords. That done, report any such package to Amazon support so the company can deal with the fraudulent accounts. How can I protect myself from fraud on Amazon? Here are the basic rules for handling suspicious e-mails to protect yourself against phishing and other high-tech deception methods: Remember that Amazon will never ask you for your account login information by e-mail or text message; If you suspect a notification e-mail is fake, but you’re still worried, log in to your account directly (not by clicking the link in the e-mail!) and check for warnings or notifications; Pay attention to grammar. If the language looks perfect, the e-mail isn’t necessarily legit, but if you see errors, then you’re almost certainly looking at spam; If you’ve entered your details where you shouldn’t, or if you suspect you’ve been hacked, immediately contact Amazon support; Never send a product before you see the payment directly in your personal account, not simply a promise that it’s coming; Conduct all communication and monetary transactions within Amazon, the best assurance of successfully resolving any issues that may arise; Remember that phishing messages can come not only by e-mail, but also in texts (a method of fraud called smishing), and by voice over the phone (that would be vishing); Install on all of your devices reliable protection that will warn you about online scams and phishing, prevent your financial details from being intercepted, and save you from a whole bunch of other online troubles.

 Breaches and Incidents

Hacktivists have reportedly downed the website of Uganda Police in the wake of protests triggered by the arrest of Robert Kyagulanyi Ssentamu, also known by his pop star alias, Bobi Wine.

 Expert Blogs and Opinion

Ransomware, already a major enterprise threat, is growing more problematic as operators brainstorm new ways to make their attacks easier to launch and more devastating for victims.

 Trends, Reports, Analysis

A GBG study revealed that a third of consumers have become more concerned about fraud due to COVID-19 and 33% of the public believe their personal information is currently for sale on the dark web.

 Malware and Vulnerabilities

A recent review by the NCC Group and Which? of nearly a dozen inexpensive video doorbells sold via online markets such as Amazon and eBay uncovered multiple security vulnerabilities in each device.

 Malware and Vulnerabilities

Within a short span of its discovery, the Egregor ransomware has been linked to alleged attacks against organizations such as GEFCO, Crytek, Ubisoft, and Barnes & Noble, with the latest being Cencosud.

 Trends, Reports, Analysis

COVID-19 has reorganized the risk landscape for chief audit executives (CAEs), as CAEs have listed IT governance as the top risk for 2021, besides other long-standing vulnerabilities, as per Gartner.

 Malware and Vulnerabilities

As we approach the U.S. tax season, security experts are warning about Mount Locker ransomware actors who are prepping their attacks to specifically target users of the TurboTax software.

 Threat Actors

According to recent research, OceanLotus (also known as APT32) has launched a campaign against the Cambodian government leveraging an ASEAN-themed spear-phishing attack.

 Threat Actors

Bitdefender researchers discovered a Chinese APT group stealthily attack Southeast Asian governments. Although much of the C&C servers were found to be offline, the operations are still functional.

 Identity Theft, Fraud, Scams

According to the agency, “unattributed cyber actors” are registering domains designed to spoof legitimate websites pertaining to the FBI, “indicating the potential for future operational activity.”

 Feed

Ubuntu Security Notice 4643-1 - It was discovered that atftp's FTP server did not properly handler certain input. An attacker could use this to to cause a denial of service or possibly execute arbitrary code. It was discovered that atftp's FTP server did not make proper use of mutexes when locking certain data structures. An attacker could use this to cause a denial of service via a NULL pointer dereference.

 Feed

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant   show more ...

to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

 Feed

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the   show more ...

broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

 Feed

This Metasploit module exploits an unauthenticated command injection vulnerability found in ZeroShell version 3.9.0 in the "/cgi-bin/kerbynet" url. As sudo is configured to execute /bin/tar without a password (NOPASSWD) it is possible to run root commands using the "checkpoint" tar options.

 Feed

Red Hat Security Advisory 2020-5218-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only   show more ...

the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a denial of service vulnerability.

 Feed

Red Hat Security Advisory 2020-5118-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.

 Feed

Red Hat Security Advisory 2020-5119-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.

 Feed

Red Hat Security Advisory 2020-5203-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

 Feed

Ubuntu Security Notice 4642-1 - It was discovered that PDFResurrect incorrectly handled certain memory operations during PDF summary generation. An attacker could use this to cause out-of-bounds writes, resulting in a denial of service or arbitrary code execution.

 Feed

Ubuntu Security Notice 4641-1 - It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. An attacker could possibly use this issue to cause a denial of   show more ...

service. It was discovered that Libextractor incorrectly handled certain specially crafted files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

 Feed

Red Hat Security Advisory 2020-5206-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.

 Feed

Ubuntu Security Notice 4640-1 - James Henstridge discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle snap client connections. An attacker could possibly use this to expose sensitive information.

 Feed

Red Hat Security Advisory 2020-5201-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.

 Feed

Red Hat Security Advisory 2020-5198-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation.

 Feed

VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system. "A malicious actor with network access to the administrative configurator on port 8443 and a valid password for the configurator admin account can execute commands with unrestricted privileges on the underlying operating

 Feed

An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar. According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonly used program on Linux servers, and is a new version of the malware belonging to a threat actor

 Android

If you or your kids are fans of Minecraft then take care before installing apps that modify the immensely popular game. Security researchers say that they have discovered over 20 fake ‘modpack’ apps that are actually designed to bombard users with adverts in such an intrusive and aggressive fashion that using the phone becomes virtually impossible.

 Business + Partners

This November 28 may be the most important Small Business Saturday since the occasion was founded by American Express in 2010. As early as July, nearly half (43 percent) of small businesses had closed at least temporarily, according to a study published in the Proceedings of the National Academy of Sciences. Research   show more ...

also suggests that 30 percent of small businesses expect to exhaust their cash on hand before year’s end. Eighty-eight percent have already spent the funds allocated to them by the U.S. government’s Paycheck Protection Program loan. While hopes will be buoyed for some by recent positive developments in the search for a vaccine, uncertainty and hard times no doubt still lie ahead. That’s why Webroot encourages advocates and partners to shop small this November 28. For our customers, we aim to be a source of support and sound consultation as we recover together. Challenges and opportunities for small businesses and MSPs Many of the small businesses affected by COVID-19 are among Webroot’s clientele. Many more, especially managed service providers, count small businesses as their most important customers. We’ve heard from many who are suffering from lost contracts following office closures, fewer onsite projects, disappearing budgets for business development projects and a general slowdown of new business. Others are witnessing a shift in the work they do and the services most in-demand. For some, COVID-related challenges have presented opportunities to step up and offer services made necessary by new realities. Unsurprisingly, the already trending adoption of cloud infrastructure has quickened its pace in the age of remote work. “We’ve had to speed up migrating some clients on-premise file servers to online cloud solutions,” according to Russell Harris, a support engineer and project manager at Maya Solutions Ltd., a UK-based MSP specializing in Apple product support For David Yates, president of Geeks R Us, a West Coast provider of various technical services, the shift to remote work was the push some of his customers needed to leave physical servers behind. “A few clients who were reluctant to move to the cloud have now embraced it. This was the impetus that they needed to finally migrate away from on-premise servers,” he said. Many MSPs have also taken it upon themselves to guide their clients through the transition to remote work, especially in terms of security. “We’ve had to shift to more cloud, VPN and helping our clients work remotely,” says Nathan Hardester, a telecoms administrator with Whidbey Tech Solutions, a Washington-based MSP. Cybersecurity education is another opportunity for MSPs looking to help small business clients up their cyber resilience. We know that many office workers are overly confident in their ability to detect a phishing attack, so MSPs should position themselves as educators. Already, in the COVID-era, some are finding themselves do exactly that. Asked what’s changed at Maya Solutions since the pandemic, Harris responds “needing to provide additional training on online safety due to many working from home on their own devices.” Making it through together Many MSPs—often small businesses themselves—rely on their small business clients run for their success. And on this Small Business Saturday, small businesses need us all more than ever. Despite the challenges, there are opportunities for MSPs to step up and guide their clients through the changing way we work. For more tips on staying cyber resilient through COVID-19 and beyond, stay tuned to our Community threat and check out these tips for MSPs looking to help small businesses bounce back. The post Small Businesses are Counting on Their MSPs this Small Business Saturday appeared first on Webroot Blog.

2020-11
Aggregator history
Tuesday, November 24
SUN
MON
TUE
WED
THU
FRI
SAT
NovemberDecemberJanuary