Network security | Since virtual assistants were launched a few years ago, security experts have been concerned that systems like Siri and Alexa could easily become a privacy threat tool at hand. hackers. How has the Specter flaw been dropped during the last 7 months? Google introduces the new Nest Mini smart speaker Scientists have found a way to hack Alexa, Google Home or Siri with just one laser But few people pay attention to the threat posed by a subtle light emitted. Researchers in Japan and at the University of Michigan announced on Monday to find a way to hijack devices like Google Home, Amazon Alexa or Apple Siri from a distance. hundred meters by projecting a laser or flashlight onto the mic of the above products.
Network security | The shopping season has arrived, and a lot of people are spending their time searching online stores for good value electronics, including smartphones, computers, and other smart devices, including smart TVs. smarttv The Smart TV category has become more and more popular over the last few years, not only because more and more people want to connect to the Internet and enjoy services like Skype or Netflix, but also because of more and more Manufacturers are launching new Smart TV models, with average prices on the decline. But according to the FBI (US Federal Bureau of Investigation), buying Smart TV is not easy because of the security risks surrounding this type of product.
Network security | Since ransomware became a leading threat in the mid-2010s, people have been arguing a lot about proper handling of a ransomware attack and whether or not to pay a ransom. Microsoft: We do not encourage users to pay for ransomware A necessary point of this debate is the "official advice" from the various companies or government agencies given to the victim. For example, in late 2015, one of the FBI agents publicly admitted that they often asked victims to pay ransom. At the time, many were shocked to learn that the FBI was protecting victims by paying ransomeware to make criminal gangs more profitable. The FBI (Federal Bureau of Investigation) changed its position the following month, specifically in 2016, after US senators sent a letter to "ask" why the agency was helping. Crime. Since then, what the FBI needed to do was delay the victim's decision to pay the ransom and not have any formal advice. Instead, the agency only asked one thing: victims should report their infected case so they can classify which ransomware group is the most active today and have an overall awareness of the whole. " disease "ransomware.
Apple has reopened its bug-hunting program to pay for security researchers. Apple offers a reward of $ 1 million or more for discoveries about the major vulnerabilities that exist in their operating systems. Apple is open to the bounty program when it detects bugs on its platforms This program was previously open by invitation only in 2016 and now it has been expanded, not limited to iOS. At the Black Hat conference in August, Apple announced that it would open the program publicly, and that iCloud, iPadOS, macOS, tvOS and watchOS would also be on the receiving error list.
Network security | The majority of ToTok users live in the UAE, but recently the number of users in the US has increased rapidly. According to Engadget, US officials told the New York Times that the ToTok messaging app was essentially a spy tool of the United Arab Emirates (UAE) government. Specifically, intelligence documents say the UAE uses ToTok to read user messages, track location (wearing a weather forecast feature), identify social relationships and view photos / videos. use for sharing. The majority of ToTok users live in the UAE, but recently the number of users in the US has increased rapidly. ToTok was developed by a company called Breej Holding, actually owned by DarkMatter, a cyber espionage agency operated by UAE intelligence officials and former NSA military intelligence officers, Israel. The application is also related to Pax AI, a data mining company based in the UAE intelligence agency (top photo). The app itself is a modified version of the YeeCall messaging app of Chinese origin.
There's an app preinstalled on Samsung Galaxy phones, partnering with a Chinese security company to "hunt" junk files. On January 6, a post appeared on Reddit's largest Android forum with an "alarm" news: "Chinese spyware is pre-installed on all Samsung phones"! "I know the title of the article is a bit sensitive, but no words can describe the situation better than that," the article author admitted. The problem lies with a utility included in Samsung's Device Care app, a mandatory feature that comes pre-installed on every version of Android operating system modified by Samsung and therefore cannot be removed. Using packet analysis tools on a Galaxy S10 phone, the author discovered some strange Internet traffic coming out of the Device Care app's storage scanning feature. parses junk files that can be deleted to free memory). This memory scanning utility then sends data back to the domain names originating from China. And since memory scanning software generally needs access to every file on your device, these sent data may include ... anything that belongs to you.
Network security | Under the new policy, Google's Project Zero will only disclose information about security holes "after exactly 90 days," even if the bug has been fixed before that time limit. The Google Project Zero's security research group has recently announced it will test a new policy whereby it will not make publicly available information about security vulnerabilities early enough, in the event that the developer Software developers have released a fix. "It will only be revealed after exactly 90 days, even if the flaw may have been fixed before the deadline" will be the group's new rule. Project Zero will test this regulation for a period of 1 year before deciding whether to practice it permanently or not.
Network security | Recently, Bkav has released a free tool to check for NSACrypt vulnerabilities on Windows 10. This is the vulnerability that the US National Security Agency (NSA) issued a notice calling users to immediately update the patch. because of its severity. According to the latest statistics of Bkav, there are currently about 60% of users checking vulnerabilities with Bkav's free tool that has not yet updated the operating system to patch the NSACrypt flaw. However, it is estimated that there are 2.76 million computers in Vietnam at risk of being exploited by the NSACrypt vulnerability.
Network security | Some of Facebook's official social media accounts have been temporarily hacked by a company that has been breaching accounts belonging to other major tech companies. Last Friday night, the hacking company OurMine broke into Facebook's official accounts on Twitter and Instagram, and posted on Twitter, "Hello, we are OurMine. Well, even Facebook can hack but few their security is better than Twitter ". The company says its purpose is to raise awareness about network vulnerabilities. Even Facebook was hacked, losing both Twitter and Instagram accounts OurMine announced that even Facebook could be hacked, but at least their security is better than Twitter
Network security | We have long thought that Macs are safer and less vulnerable to malware than Windows. But that is no longer true. According to a recent report, for the first time in history, the number of threats targeting the Mac surpassed the PC by 2: 1 in 2019. This report was released by Malwarebytes, an antivirus software developer. In its 2020 Malware Status Report, the company said it found that the number of threats targeting Macs increased by more than 400% over the same period last year. While the company claims that part of the increase is due to the increase in Mac users, it has calculated the number of endpoint threats on both Mac OS and Windows. How is the result? In 2019, the company detected an average of 11 threats per endpoint on a Mac, compared to 5.8 threats per endpoint on Windows. Compared to 2018, the number of threats on each endpoint on the Mac increased from 4.8 to 11.