Read Time:4 Second
The FBI claims to have seized the domain and servers of hacking forum BreachForums
Monthly Archives: May 2024
Smashing Security podcast #372: The fake deepfake, and Estate insecurity
Read Time:23 Second
Remember when a US mother was accused of distributing explicit deepfake photos and videos to try to get her teenage daughter’s cheerleading rivals kicked off the team? Well, there has been a surprising development. And learn how cybercriminals have been stealing boomers’ one-time-passcodes via a secretive online service.
All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
A Vulnerability in SolarWinds Access Rights Manager Could Allow for Privilege Escalation
Read Time:27 Second
A vulnerability has been discovered in SolarWinds Access Rights Manager that could allow for privilege escalation. Successful exploitation of this vulnerability could allow for privilege escalation in the context of the affected service account. Depending on the privileges associated with the service account, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Read Time:28 Second
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Cyber-Attack Disrupts Christie’s $840M Art Auctions
Read Time:5 Second
Despite this setback, the auction house said bids can still be placed by phone and in-person
PDF Exploitation Targets Foxit Reader Users
Read Time:5 Second
CPR said exploit builders in .NET and Python have been employed to deploy this malware
USN-6766-2: Linux kernel vulnerabilities
Read Time:2 Minute, 44 Second
It was discovered that the Open vSwitch implementation in the Linux kernel
could overflow its stack during recursive action operations under certain
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-1151)
Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida
discovered that the Linux kernel mitigations for the initial Branch History
Injection vulnerability (CVE-2022-0001) were insufficient for Intel
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2024-2201)
Chenyuan Yang discovered that the RDS Protocol implementation in the Linux
kernel contained an out-of-bounds read vulnerability. An attacker could use
this to possibly cause a denial of service (system crash). (CVE-2024-23849)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– PowerPC architecture;
– S390 architecture;
– Core kernel;
– Block layer subsystem;
– Android drivers;
– Power management core;
– Bus devices;
– Hardware random number generator core;
– Cryptographic API;
– Device frequency;
– DMA engine subsystem;
– ARM SCMI message protocol;
– GPU drivers;
– HID subsystem;
– Hardware monitoring drivers;
– I2C subsystem;
– IIO ADC drivers;
– IIO subsystem;
– IIO Magnetometer sensors drivers;
– InfiniBand drivers;
– Media drivers;
– Network drivers;
– PCI driver for MicroSemi Switchtec;
– PHY drivers;
– SCSI drivers;
– DesignWare USB3 driver;
– BTRFS file system;
– Ceph distributed file system;
– Ext4 file system;
– F2FS file system;
– JFS file system;
– NILFS2 file system;
– NTFS3 file system;
– Pstore file system;
– SMB network file system;
– Memory management;
– CAN network layer;
– Networking core;
– HSR network protocol;
– IPv4 networking;
– IPv6 networking;
– Logical Link layer;
– Multipath TCP;
– Netfilter;
– NFC subsystem;
– SMC sockets;
– Sun RPC protocol;
– TIPC protocol;
– Unix domain sockets;
– Realtek audio codecs;
(CVE-2023-52594, CVE-2023-52601, CVE-2024-26826, CVE-2023-52622,
CVE-2024-26665, CVE-2023-52493, CVE-2023-52633, CVE-2024-26684,
CVE-2024-26663, CVE-2023-52618, CVE-2023-52588, CVE-2023-52637,
CVE-2024-26825, CVE-2023-52606, CVE-2024-26594, CVE-2024-26625,
CVE-2024-26720, CVE-2024-26614, CVE-2023-52627, CVE-2023-52602,
CVE-2024-26673, CVE-2024-26685, CVE-2023-52638, CVE-2023-52498,
CVE-2023-52619, CVE-2024-26910, CVE-2024-26689, CVE-2023-52583,
CVE-2024-26676, CVE-2024-26671, CVE-2024-26704, CVE-2024-26608,
CVE-2024-26610, CVE-2024-26592, CVE-2023-52599, CVE-2023-52595,
CVE-2024-26660, CVE-2023-52617, CVE-2024-26645, CVE-2023-52486,
CVE-2023-52631, CVE-2023-52607, CVE-2023-52608, CVE-2024-26722,
CVE-2024-26615, CVE-2023-52615, CVE-2024-26636, CVE-2023-52642,
CVE-2023-52587, CVE-2024-26712, CVE-2024-26675, CVE-2023-52614,
CVE-2024-26606, CVE-2024-26916, CVE-2024-26600, CVE-2024-26679,
CVE-2024-26829, CVE-2024-26641, CVE-2023-52623, CVE-2024-26627,
CVE-2024-26696, CVE-2024-26640, CVE-2024-26635, CVE-2023-52491,
CVE-2024-26664, CVE-2024-26602, CVE-2023-52604, CVE-2024-26717,
CVE-2023-52643, CVE-2024-26593, CVE-2023-52598, CVE-2024-26668,
CVE-2023-52435, CVE-2023-52597, CVE-2024-26715, CVE-2024-26707,
CVE-2023-52635, CVE-2024-26695, CVE-2024-26698, CVE-2023-52494,
CVE-2024-26920, CVE-2024-26808, CVE-2023-52616, CVE-2023-52492,
CVE-2024-26702, CVE-2024-26644, CVE-2023-52489, CVE-2024-26697)
Why You Need a Personal VPN
Read Time:2 Minute, 29 Second
It used to be the case that only businesses used virtual private networks (VPNs) to connect securely to the internet and keep their private data safe. But these days, with the rapid growth of online threats and privacy concerns, even casual internet users should seriously consider using a VPN. Nearly 30% of people now use VPNs for personal reasons, and that number is only growing as more people learn about how VPNs offer an effective way to safeguard online privacy, enhance security, and protect against various cyber threats.
If you are not familiar with this technology, a VPN essentially allows you to send and receive data across a public network as if it were a private network that encrypts, or scrambles, your information so others cannot read it. Let’s take a look at the top 3 reasons why a VPN could come in handy for you.
You work remotely—If you like to take your laptop or mobile device to the library or cafe, you probably connect through public Wi-Fi. The problem is that many free, public Wi-Fi networks are not secured. This means that a hacker could easily intercept the information you send over the public network, including your passwords and banking information. A personal VPN means you can connect securely any time you are away from home.
You want full access to the internet when traveling— When traveling, cybersecurity risks abound, from unsecured public Wi-Fi networks to potential data breaches. Using a VPN while traveling can mitigate these risks by encrypting your internet connection and protecting your sensitive information from hackers and other malicious actors.
You take your privacy seriously— Internet service providers (ISPs) often track and store information about what we do online, as do the websites we visit. This is how they serve up targeted ads and make money when we click on them. (They track us by identifying the unique number assigned to your device, called an Internet Protocol address.) However, when you use a VPN, your traffic is routed through different Internet Protocol addresses, making you anonymous.
What to look for in a VPN:
Now that you know why having a personal VPN is so useful, here are a few tips to help you choose the right product for you:
Ease of use—You want secure technology, without having to be a tech whiz to use it. That’s why you should look for a product that is easy to implement, like the McAfee Safe Connect VPN app, which allows you to easily and securely connect, ensuring that your passwords and data stay private when using public networks.
Robust security—Look for a VPN with bank-grade encryption. This way no one can read or access the private information you send over the network.
Access to virtual locations—With this feature, you can gain full access to the Internet and browse anonymously.
The post Why You Need a Personal VPN appeared first on McAfee Blog.
NCSC Expands Election Cybersecurity to Safeguard Candidates and Officials
Read Time:7 Second
The National Cyber Security Centre launches an opt-in Personal Internet Protection service to safeguard individuals from cyber threats during the upcoming election
How To Spot A Fake Facebook Account
Read Time:7 Minute, 11 Second
How do you manage your Facebook friends? Do you keep your list really tight and only include ‘active’ pals? Or do you accept everyone you’ve ever laid eyes on? I’m probably somewhere in between. But… if I have never had a personal conversation with them or ‘eyeballed’ them in the flesh, then they are not on my friend list!
On the average week, I usually receive a few friend requests. Some are from people who I may have just met or reconnected with when I’ve been out and about – lovely and totally acceptable! But I do also receive requests from people whom I have never met and then, even more bizarrely – requests from people who I am already friends with. Weird, yes, I agree! Now, my gut (and experience) tells me that these are fake accounts. Why? Well, I have never eyeballed any of these ‘new friends’ and, to top it off they have very little personal info on their profiles so that’s suspicious! And the requests from friends I already have? Well, unless I have heard directly from a friend that they are setting up a new Facebook account (very rare), these are likely fake accounts that scammers have set up to try and lure people known to the account holder to share private information. I recently mentioned my Facebook friend situation to my 20-year-old son who informed me he gets about 10 a week!
And while it can be annoying being harassed by randoms – as my kids would say – the issue is far bigger than that. Fake Facebook accounts are usually designed by clever cyber criminals who are trying to extract personal information from unsuspecting naive types – often kids and less tech-savvy types. And why do they want our personal information? It allows them to put together a profile that they can use to steal our identity so they can apply for loans, mobile phone plans, etc – but we’ll get to that later.
How Big Is The Fake Account Issue?
According to reports, Facebook deleted a whopping 27.67 billion fake accounts between October 2017 and mid 2023 – which is 3.5 times more than the total population of the entire planet! In early 2023, Facebook estimated that fake accounts represent approximately 4-5% of all active monthly users. Now, as of late 2023, there are over 3 billion active Facebook users which means there are around 150 million fake Facebook accounts. So, it’s highly likely that you (and your kids) will have been affected.
How To Tell If A Facebook Account Is Fake
Experts believe that fake accounts fall into two categories, being operated either by a bot (aka web robot) or by an ill-intentioned human. But irrespective of type, there are several warning signs that an account is fake. If the account in question displays any of these signs, then avoid it at all costs:
Beauty
Bots and scammers will use beauty to lure in ‘friends’ and will often feature a pic of a gorgeously attractive girl or handsome guy on their pages. Why? We are only human – an enticing photo dramatically increases the chance of having a friend request accepted.
But remember, ‘real people’ aren’t flawless and perfectly formed. But if you still aren’t sure, why not use Google Image search to verify the pic? As soon as you upload it to Google, you’ll quickly find it if there is someone else that belongs to that image.
However, AI image generators are also making this a little more complicated. These easy-to-use tools make it super easy for scammers to create alluring vaguely realistic images within minutes. And as these images are new, it’s very hard to find any data about the image making it harder to identify that the photo is not of a real person. All the scammer needs to do is provide 3 or more photos and the tool quickly generates an often appealing. So, please lock down your personal social media platforms so that cyber hackers can’t get their hands on your pics!
Not Many Pics But Too Many/Not Enough Friends
Bots and scammers tend not to post lots of photos. Their aim is to use minimum effort to create the illusion that a real person is behind the account, so they don’t bother too much with fleshing out a personal life.
But often, they will put a lot of effort into developing a fake friend list. This is always worth looking at. ‘Real’ Facebook users will usually have between 200 and 350 friends, so if the account in question has just a handful of friends, or instead several thousand then proceed with caution!
Weird (or No) Bio Information
If the biography information on the account seems fanciful or just plain unrealistic, then it’s likely not to be a legitimate account. I recently received a request from a US marine who had fought in every recent war, was a professional athlete, and had visited 30-plus countries in the last year! This fanciful detail had my alarm bells ringing and a reverse image search proved just that!
A lack of information in the About section is another red flag. ‘Real people’ usually like to enter their accomplishments and the schools/universities they attended in detail so they can connect more easily with old friends.
Sometimes scammers might attempt to flesh out this section by simply repeating a theme or city. For example: Works in Sydney, went to The University of Sydney, Lives in Sydney. And while it’s not a crime to work, live and study in Sydney – I did! – this coupled with an alluring picture and no friends does start to make you question the validity of the profile.
The Account Doesn’t Message
Bots can easily accept friend requests but can’t respond to messages. So, if you are unsure this is a great little test – just send a message and see what you get back!
Blank Wall
Blank walls are a dead giveaway for a fake account. If your possible ‘new friend’ has either no activity or just a few likes – then be suspicious!
The Account Name Doesn’t Match the URL
If the account name and URL don’t match then this is another red flag. When a genuine person’s Facebook account is hacked, a scammer (or new owner) may change the name on the account to better suit their new intentions. It’s important to note that stolen Facebook accounts can be bought and sold. For example, an account could be taken over by a scammer and then sold to someone who wants to become an influencer. The new owner, the influencer, has no need for the previous identity but simply wants the legitimacy (and friend list) of an established account.
Why Are Fake Facebook Accounts Created?
As mentioned earlier, cyber hackers (or scammers) create fake Facebook accounts with the aim of trying to friend people and get access to their personal information. Identity theft is their motivation. They can profit from this private information by personally taking out loans or credit cards in someone else’s name. Or – and this is more likely – they on-sell the information so others can do so.
But fake Facebook accounts can also be created just to make money. Buying and selling Facebook fans is a multimillion-dollar business, as both companies and individuals pay big money to get fans and likes on their pages. And with the software to create these fake Facebook pages costing no more than $200, you can see how easily profits can be made.
What To Do If You Are Sure A Facebook Account Is Fake
Most importantly, do NOT follow or accept a friend request from the account.
Report the account to Facebook by clicking the report option. When Facebook receives around 10-20 reports about a specific account they will investigate, so it’s worth doing.
Lastly, do NOT insist your kids delete their Facebook accounts because of the threat of fake accounts. Managing fake accounts is just part of living in our digital world. Our job is to teach our kids how to think critically so they can navigate the challenges of being online. Our biggest job as parents of digital natives is to teach them how to assess risks and navigate the challenges and obstacles. Whoever thought discussing a fake Facebook account could have so many benefits!
Take care.
Alex xx
The post How To Spot A Fake Facebook Account appeared first on McAfee Blog.