Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for What to do if you’ ...

 Tips

We often write about how to prevent cybersecurity hazards and have given advice on more than one occasion about what to do if your account is hacked or your mobile phone is stolen. Today, lets tackle a more complex situation: someone is trying to hack or deceive you, but youre unsure about the extent of the problem.   show more ...

For example: You clicked a website link in an email or ad, but then had second thoughts and became suspicious about said link. Someone claiming to be from Microsoft called to remove a virus from your computer. You received an erroneous bill, called customer support, and they sent you a helpful link to solve the problem and avoid overpayment. What should you do to prevent hacking? Dont give any more information This is the first and most fundamental rule that you can apply without hesitation. If you get bad vibes from a website asking for your name, email, phone… or bank card information — close it immediately. If youre talking to someone on the phone — even if they claim to be from your bank or tech support — and the conversation seems even just a little strange, hang up immediately and dont answer if they call back. Scammers often employ elaborate schemes; they might call from a different number or contact you through an instant messenger — perhaps pretending to be someone else or from a different organization. Ignore them. If youre communicating through video conferencing tools like Zoom, end the meeting and close the application. Disconnect your device from the internet This is an essential point if youve installed any applications at someones request, or someones done something on your computer using remote control tools — including Zoom, Skype, MS Teams, or Google Meet. If this is the case, theres a high probability that malware has been installed on your computer or smartphone. To prevent the criminals from controlling your device remotely, immediately disconnect your computer/phone from the internet by turning off Wi-Fi and cellular data. The simplest and fastest way to do this is to activate Airplane Mode on your phone, or unplug the Ethernet cable if your computer is connected to the net via one. Think about what the hackers might have learned If youve visited a suspicious website or talked on the phone, try to remember any information you entered on the site or shared with the caller. Address and name? Phone number? Bank card number? Password? If you only shared your name, address, and phone number, no further action is required, but stay on your guard — most likely the scammers will try to attack again based on your data, possibly using a different scam. The situation is worse if youve shared more sensitive information, such as passwords, photos of personal documents, or banking information: in this case, follow the advice in the next two sections. Change your passwords Quickly log in to all services where the compromised password was used and change it to a new one — unique for each service. If you disconnected your device from the internet, use another device rather than plugging in the potentially infected one. Dont hesitate to ask your neighbors or co-workers for help if you dont have another device. Time is of the essence here — every minute counts. When accessing any services, enter the site address manually or open it through your browser bookmarks rather than clicking on links in recent emails. If the password you entered was for an online banking platform, a payment system, or any account containing money, simply changing the password is not enough — take the following steps to save your funds. Contact your bank, credit bureau, or service provider If you provided bank card numbers or other financial information, contact the bank immediately. You can usually block cards through a dedicated hotline, as well as through the mobile application and your personal account on the website. For other types of data, such as bank account details, consult with specialists from the bank or online service about protective measures to take. Dont wait for a call from the bank – they could be scammers; call the number listed on the banks website or mobile application yourself. If youve shared extensive personal information or photographs of documents, malicious actors may use this data fraudulently, such as to apply for loans. To prevent this from happening, contact the credit bureau and inquire about available protective measures you can take. These measures vary from country to country — see these examples for the U.S.A., Germany, and Russia — but typically include setting up notifications for any inquiries about your credit history (checking your credit history is the first step in applying for a loan), blocking new inquiries, or self-banning credit issuance — making it impossible to obtain a loan in your name. Check your computer If you followed our advice and disconnected your computer from the internet due to potential infection, thoroughly check it for malware or potentially unsafe software before reconnecting to the network. If you already have a comprehensive protection system installed, such as Kaspersky Premium, ensure that the protection databases have been updated recently and all protection and scanning technologies are enabled, and then run a full scan. Its crucial to run the deepest possible scan, applying settings that can detect not only malware but also potentially dangerous software such as remote control tools. Remove any detected malware according to the instructions of the security application. What should you do if your computer lacks protection or if the protection databases are outdated? Use another computer to download protection from the manufacturers official website, then transfer the installation files across using a USB flash drive. Check for any suspicious activity After taking all the steps described above, make sure that the attackers havent managed to do anything harmful with the potentially compromised accounts. If these are online store or bank accounts, check your recent purchases. If you see any purchases you didnt make, try to cancel them by contacting the online store/bank. On social networks, check recent posts, new friends, photo album content, and so on. In messaging apps, check your recent chats to make sure no fraudulent messages were sent from your account. For all accounts, verify your contact information, name, profile picture, address, and payment information. If you notice any changes, it means the account has been compromised; change your password and, if possible, secure the account with two-factor authentication. Be sure to check the information about which devices are linked to your accounts with online services, social networks, and messaging apps. Having hacked an account, attackers try to maintain access to it — for example, by linking their device to it. Depending on the service, this connection might persist even after you change your password. Therefore, its crucial to ensure that you recognize all devices and active sessions listed in the Security section (this section might be called Devices, Connected devices, Recent sessions, and so on, depending on the specific service). Next to the name of the connected device, theres usually a button to Disconnect device or End session, allowing you to kick out any strangers. If you cannot identify any devices and/or sessions listed, disconnect them after making sure you remember your updated password. Youll have to re-log-in to your accounts with the new password (you changed the password, didnt you?) — but now the attackers wont have access. The hardest thing to deal with is the consequences of an email hack. Firstly, besides all the above, youll have to check the mail forwarding rules. Make sure that neither your mailbox settings nor your message processing rules have forwarding of your emails to third-party addresses enabled. Secondly, if any other service accounts are linked to your email, attackers can hack into most of them. If you find any signs that your email has been tampered with, youll need to check for suspicious activity and change the password on all services linked to that email address. Prevention is better than cure Following the advice above requires a significant amount of time, effort, and patience. To minimize the risks of fraud as much as possible, its best to take precautionary measures in advance. Protect your smartphone from potential theft or loss. Use unique passwords and two-factor authentication for every account. A password manager with a built-in authenticator will help you create new unique passwords and store both the passwords and the authentication tokens. Install a comprehensive security system on all your computers and smartphones. This will prevent most phishing and fraud attempts through malicious emails and links.

 Feed

Ubuntu Security Notice 6424-1 - It was discovered that kramdown did not restrict Rouge formatters to the correct namespace. An attacker could use this issue to cause kramdown to execute arbitrary code.

 Feed

Ubuntu Security Notice 6423-1 - It was discovered that CUE incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code.

 Feed

Ubuntu Security Notice 6422-1 - It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. It was discovered that Ring incorrectly handled certain   show more ...

inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

 Feed

Red Hat Security Advisory 2023-5538-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

 Feed

Red Hat Security Advisory 2023-5527-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

 Feed

Red Hat Security Advisory 2023-5539-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

 Feed

Red Hat Security Advisory 2023-5534-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

 Feed

Red Hat Security Advisory 2023-5529-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

 Feed

Red Hat Security Advisory 2023-5537-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

 Feed

Red Hat Security Advisory 2023-5536-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

 Feed

Red Hat Security Advisory 2023-5533-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs. Issues addressed include HTTP request smuggling, buffer overflow, bypass, crlf injection, and denial of service vulnerabilities.

 Feed

Red Hat Security Advisory 2023-5540-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

 Feed

Red Hat Security Advisory 2023-5526-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

 Feed

Red Hat Security Advisory 2023-5528-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

 Feed

A recently disclosed critical flaw in Citrix NetScaler ADC and Gateway devices is being exploited by threat actors to conduct a credential harvesting campaign. IBM X-Force, which uncovered the activity last month, said adversaries exploited "CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user

 Feed

A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote code execution (RCE) on affected hosts. Tracked as CVE-2023-43641 (CVSS score: 8.8), the issue is described as a case of memory corruption in libcue, a library designed for parsing cue sheet files. It impacts versions 2.2.1 and prior. libcue is incorporated into

 Feed

Google on Tuesday announced the ability for all users to set up passkeys by default, five months after it rolled out support for the FIDO Alliance-backed passwordless standard for Google Accounts on all platforms. "This means the next time you sign in to your account, you'll start seeing prompts to create and use passkeys, simplifying your future sign-ins," Google's Sriram Karra and Christiaan

 Feed

Certain online risks to children are on the rise, according to a recent report from Thorn, a technology nonprofit whose mission is to build technology to defend children from sexual abuse. Research shared in the Emerging Online Trends in Child Sexual Abuse 2023 report, indicates that minors are increasingly taking and sharing sexual images of themselves. This activity may occur consensually or

 Feed

A previously undocumented threat actor of unknown provenance has been linked to a number of attacks targeting organizations in the manufacturing, IT, and biomedical sectors in Taiwan. The Symantec Threat Hunter Team, part of Broadcom, attributed the attacks to an advanced persistent threat (APT) it tracks under the name Grayling. Evidence shows that the campaign began in February 2023 and

 Feed

A sophisticated Magecart campaign has been observed manipulating websites' default 404 error page to conceal malicious code in what's been described as the latest evolution of the attacks. The activity, per Akamai, targets Magento and WooCommerce websites, with some of the victims belonging to large organizations in the food and retail industries. "In this campaign, all the victim websites we

 Feed

Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset. The layer 7 attacks were detected in late August 2023, the companies said in a coordinated disclosure. The cumulative susceptibility to this attack is being tracked as CVE-2023-44487,

2023-10
Aggregator history
Tuesday, October 10
SUN
MON
TUE
WED
THU
FRI
SAT
OctoberNovemberDecember