Independent – Page 82 – PossibleThreat Articles

Phishing for Apples, Bobbing for Links

January 13, 2020 0 Comments apple phishing, Latest Warnings, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 13 Jan 2020 16:09:58 +0000

Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple, whose brand by many measures has emerged as the most targeted. Past stories here have examined how scammers working with organized gangs try to phish iCloud credentials from Apple customers who have a mobile device that is lost or stolen. Today’s piece looks at the well-crafted links used in some of these lures.

Independent Krebs Security

Alleged Member of Neo-Nazi Swatting Group Charged

January 10, 2020 0 Comments atomwaffen division, chanz, deadnet, doxbin, FBI, john william kirby kelley, Ne'er-Do-Well News, zheme

Credit to Author: BrianKrebs| Date: Sat, 11 Jan 2020 03:22:27 +0000

Federal investigators on Friday arrested a Virginia man accused of being part of a neo-Nazi group that targeted hundreds of people in “swatting” attacks, wherein fake bomb threats, hostage situations and other violent scenarios were phoned in to police as part of a scheme to trick them into visiting potentially deadly force on a target’s address.

Independent Krebs Security

Lawmakers Prod FCC to Act on SIM Swapping

January 9, 2020 0 Comments ajit pai, anna eshoo, edward markey, FCC, michael terpin, Nicholas Truglia, ron wyden, sherrod brown, SIM swapping, ted lieu, u.s. federal communications commission, yvette clarke

Credit to Author: BrianKrebs| Date: Thu, 09 Jan 2020 19:44:55 +0000

Crooks have stolen tens of millions of dollars and other valuable commodities from thousands of consumers via “SIM swapping,” a particularly invasive form of fraud that involves tricking a target’s mobile carrier into transferring someone’s wireless service to a device they control. But the U.S. Federal Communications Commission (FCC), the entity responsible for overseeing wireless industry practices, has so far remained largely silent on the matter. Now, a cadre of Senate lawmakers is demanding to know what, if anything, the agency might be doing to track and combat SIM swapping.

ComputerWorld Independent

Mozilla patches Firefox zero-day as attackers exploit flaw

January 9, 2020 0 Comments Browsers, Security

Credit to Author: Gregg Keizer| Date: Thu, 09 Jan 2020 11:46:00 -0800

Just one day after releasing Firefox 72, Mozilla updated the browser with a fix to shut down active attacks, the company acknowledged.

On Wednesday, Mozilla issued Firefox 72.0.1, which included one change: A patch for the vulnerability identified as CVE-2019-17026. “We are aware of targeted attacks in the wild abusing this flaw,” Mozilla said in the short description of the flaw, signaling that criminals were already leveraging the zero-day vulnerability, the term applied because there no time elapses between patching and exploitation.

To read this article in full, please click here

ComputerWorld Independent

Your Windows PC may become collateral damage in any conflict with Iran

January 9, 2020 0 Comments cyber attacks, Security, Windows

Credit to Author: Preston Gralla| Date: Thu, 09 Jan 2020 10:18:00 -0800

When Iran launches cyberattacks in revenge for the killing of Major Gen. Qasem Soleimani — which it almost certainly will do — the attack vector, as always, will be Windows. And when that happens, your PC and your business’s PCs will be right in the crosshairs. Here’s why — and how you can protect your machines and your business.

A long history of U.S.-Iranian cyberwarfare

To understand the coming cyberattacks, it’s useful to look back. For more than a decade, the U.S. and Iran have engaged in low-level cyberwarfare, with occasional bursts of higher-level attacks. The most destructive of them was Stuxnet, launched in 2009 by the U.S. and Israel against Iran’s nuclear program. It exploited four zero-day flaws in Windows machines, which controlled the centrifuges Iran used to create nuclear material that can be used in nuclear weapons.

To read this article in full, please click here

ComputerWorld Independent

Apple wants privacy laws to protect its users

January 8, 2020 0 Comments Apple, iOS, iPhone, Mobile, Security

Credit to Author: Jonny Evans| Date: Wed, 08 Jan 2020 06:54:00 -0800

Your iPhone (like most smartphones) knows when it is picked up, what you do with it, who you call, where you go, who you know – and a bunch more personal information, too.

The snag with your device knowing all this information is that once the data is understood, that information can be shared or even used against you.

Information is power

Jane Horvath, Apple’s senior director for global privacy, appeared at CES 2020 this week to discuss the company’s approach to smartphone security. She stressed the company’s opposition to the creation of software backdoors into devices, and also said:

To read this article in full, please click here

ComputerWorld Independent

Apple’s wants privacy laws to protect its users

January 8, 2020 0 Comments Apple, iOS, iPhone, Mobile, Security

Credit to Author: Jonny Evans| Date: Wed, 08 Jan 2020 06:54:00 -0800

Your iPhone (like most smartphones) knows when it is picked up, what you do with it, who you call, where you go, who you know – and a bunch more personal information, too.

Information is power

The snag with your device knowing all this information is that once the data is understood than that information can be shared or even used against you.

Jane Horvath, Apple’s senior director for global privacy, appeared at CES 2012 to discuss the company’s approach to smartphone security.

To read this article in full, please click here

ComputerWorld Independent

How to fix insecure LDAP binds

January 8, 2020 0 Comments Security

Prevent Windows admin credentials from being exposed in cleartext with this tip.

Independent Krebs Security

Tricky Phish Angles for Persistence, Not Passwords

January 7, 2020 0 Comments jeff jones, Latest Warnings, login.microsoftonline.com, michael tyler, microsoft office 365, microsoftonline.com, phishlabs, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 07 Jan 2020 21:35:40 +0000

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service. Anyone who takes the bait will inadvertently forward a digital token to the attackers that gives them indefinite access to the victim’s email, files and contacts — even after the victim has changed their password.

ComputerWorld Independent

FAQ: Last-minute answers about Windows 7's post-retirement patches

January 7, 2020 0 Comments IDG Insider, Microsoft, PCs, Security, Windows

Credit to Author: Gregg Keizer| Date: Tue, 07 Jan 2020 04:53:00 -0800

A week from now, Microsoft will serve customers with the last for-free Windows 7 security update, in effect retiring the 2009 operating system.

However, hundreds of millions of personal computers will still power up thanks to Windows 7 on Jan. 14, and for an indeterminate timespan after that date. Windows 7 may be retiring, but it’s not disappearing.

Microsoft admitted as much more than a year ago when it announced Extended Security Updates (ESU), a program for commercial customers who needed more time to ditch Windows 7. ESU would provide patches for some security vulnerabilities for as long as three years. For a fee.

To read this article in full, please click here

(Insider Story)