Suche
Beiträge, die mit security getaggt sind
Researchers have found new versions of a sophisticated Android financial-fraud Trojan that’s notable for its ability to intercept calls a victim tries to place to customer-support personnel of their banks.
https://www.zimperium.com/blog/mishing-in-motion-uncovering-the-evolving-functionality-of-fakecall-malware/
#android #fakecall #vishing #malware #it #security #privacy #engineer #media #tech #news
![[ImageSource: Zimperium]
Overview of latest FakeCall attacks.
The FakeCall malware typically infiltrates a device through a malicious app downloaded from a compromised website or a phishing email. The app requests permission to become the default call handler. If granted, the malware gains extensive privileges.
A fake call interface mimics the actual Android dialer, displaying trusted contact information and names, elevating the level of deception to a point that's hard for victims to realize.
What makes this malware so dangerous is that when a user attempts to call their financial institution, the malware secretly hijacks the call and redirects it to an attacker's phone number instead.](https://nerdculture.de/system/media_attachments/files/113/413/326/251/269/062/original/531c03137c2b88d1.png "[ImageSource: Zimperium]
Overview of latest FakeCall attacks.
The FakeCall malware typically infiltrates a device through a malicious app downloaded from a compromised website or a phishing email. The app requests permission to become the default call handler. If granted, the malware gains extensive privileges.
A fake call interface mimics the actual Android dialer, displaying trusted contact information and names, elevating the level of deception to a point that's hard for victims to realize.
What makes this malware so dangerous is that when a user attempts to call their financial institution, the malware secretly hijacks the call and redirects it to an attacker's phone number instead.")
Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware - Zimperium
In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign.Zimperium
The company also seeks to improve the system's security and has expanded its security bounty program to include rewards of up to [$1 Million] for vulnerabilities that could compromise “the fundamental security and privacy guarantees of PCC”.
https://security.apple.com/blog/pcc-security-research
#apple #pcc #vm #securityresearch #bug #bounty #programming #ai #it #security #privacy #engineer #media #tech #news
![[ImageSource: Apple]
Interacting with the Private Cloud Compute client from the Virtual Research Environment.
Apple provides a Virtual Research Environment (VRE), which replicates locally the cloud intelligence system and allows inspecting it as well as testing its security and hunting for issues.
“The VRE runs the PCC node software in a virtual machine with only minor modifications. Userspace software runs identically to the PCC node, with the boot process and kernel adapted for virtualization,” Apple explains, sharing documentation on how to set up the Virtual Research Environment on your device.
VRE is present on macOS Sequia 15.1 Developer Preview and it needs a device with Apple silicaon and at least 16GB of unified memory.
<https://security.apple.com/documentation/private-cloud-compute/vresetup>](https://nerdculture.de/system/media_attachments/files/113/407/824/963/613/937/original/a72a81f16cf58a68.png "[ImageSource: Apple]
Interacting with the Private Cloud Compute client from the Virtual Research Environment.
Apple provides a Virtual Research Environment (VRE), which replicates locally the cloud intelligence system and allows inspecting it as well as testing its security and hunting for issues.
“The VRE runs the PCC node software in a virtual machine with only minor modifications. Userspace software runs identically to the PCC node, with the boot process and kernel adapted for virtualization,” Apple explains, sharing documentation on how to set up the Virtual Research Environment on your device.
VRE is present on macOS Sequia 15.1 Developer Preview and it needs a device with Apple silicaon and at least 16GB of unified memory.
<https://security.apple.com/documentation/private-cloud-compute/vresetup>")
https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-flaw-to-infect-3-300-sites-with-malware/
#technology #tech #web #blogging #security #cybersecurity #hacked #hackers #wordpress
https://www.wired.com/story/russia-hackers-microsoft-source-code/
#technology #tech #hacked #hackers #microsoft #security #cybersecurity #datasecurity
Russian Hackers Stole Microsoft Source Code—and the Attack Isn’t Over
Plus: An ex-Google engineer gets arrested for allegedly stealing trade secrets, hackers breach the top US cybersecurity agency, and X’s new feature exposes sensitive user data.Dhruv Mehrotra (WIRED)
Will this improve my security, privacy, coonvenience?
I'll let you know.
#2fa #mfa #security #securitykey
How to Secure Your Kid's Android Device
After finding risky software on an Android (Google’s mobile operating system) device marketed for kids, we wanted to put together some tips to help better secure your kid's Android device (and even your own).Electronic Frontier Foundation
Tut mir leid, dass ich nicht eingreifen konnte. Ich stand auf der Rolltreppe nach oben und eh ich wieder unten war, waren die drei weg. Weder auf der Website des Bahnhofs noch im Gebäude selbst habe ich ein Büro oder so der Security gefunden
Ach ja, bitte teilen!