fbpx
Security, Monitoring, Access Control, Networking, Computer Networking, LVT, Liquid Video Technologies, Greenville South Carolina, Gmail

Google is using Gmail to Track Purchases

Google is using Your Gmail Account to Track Your Purchases

Do you think your email on Gmail is private? If so, you may want to think again, as your Gmail messages are being scanned by Google for purchases, which are then displayed in your Google account.

This week, a user posted on Reddit about how they discovered that their Google Account’s Purchases page contained all of the purchases they have made from Amazon and other online stores even though they do not use Google Pay.

When I saw this, I checked my Google Account Purchases page, located at https://myaccount.google.com/purchases, and saw that it too contained the purchases I made from online services such as Dominos, Steam, 1-800-Flowers.com, Amazon, Adidas, and more.  Like the Reddit user, I do not use Google Pay.

Purchases Page
Purchases Page

The general consensus was that Gmail was analyzing incoming emails for purchase receipts and then extracting that information.

When BleepingComputer contacted Google about this, they confirmed the information was coming from Gmail messages. They also stated that this was being done to help their users find their data and that they do not use any information stored in your emails, including your purchases, to serve you ads.

“To help you easily view and keep track of your purchases, bookings and subscriptions in one place, we’ve created a private destination that can only be seen by you. You can delete this information at any time. We don’t use any information from your Gmail messages to serve you ads, and that includes the email receipts and confirmations shown on the Purchase page. We’re always working to help people understand and manage their data.”

While they may not be using this information to serve you ads, are they using it for something else? Google has not given us a definitive answer on this question.

Deleting purchase data is a pain

While Google told us that you can delete this information at any time, they did not mention how much of a pain it is to do so.

Instead of having a single setting that allows you to control how this data is saved, you need to go into each and every purchase and click on the Remove Purchase button. This will bring you to the original email that the data was pulled from and once this email is trashed, the purchase will be removed from the Purchases page.

Remove Purchase

With my Purchases having data going as far back as 2013 and showing approximately 300 purchases, it would be a big pain to manually delete each and every one.  Even worse, another account that I use for most of my purchasing has thousands of orders, which would take forever to clean up.

When searching for a way to stop Google from pulling purchases out of my Gmail emails, I could not find a setting that would allow me to do so.

CNBC who also covered this story this week, was also unable to find a setting that stopped Gmail from scanning emails and extracting purchase information.

G Suite customers appear to be spared

I use different email accounts depending on the particular purpose and one of these email accounts is through Google’s G Suite service.

When I checked the Purchases page for my G Suite account, I noticed that the page was empty even though it is commonly used to make online purchases. I also asked another person who uses G Suite and they too confirmed their page was empty.

While two people is not a large sample by any means, it could indicate that this data extraction is not occurring for G Suite accounts. I also could not find any settings in the G Suite Admin console that allows me configure these settings.

We have already asked Google if G Suite is excluded from this data extraction, but have not heard back as of yet.

Article Provided By: bleepingcomputer

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Access Control, Monitoring, Computer Networking, Networking, LVT, Liquid Video Technologies, Greenville South Carolina, Privacy

New Privacy Features for Mozilla Firefox

New Privacy Features for Mozilla Firefox, Lockwise Is Live

Mozilla announced new features and changes today that aim to increase the privacy of Firefox users by blocking trackers and offering updates to various Firefox security and privacy services.

These changes include enabling Firefox Enhanced Tracking Protection by default for new users, the official launch of their Firefox Lockwise password management service, an updated Firefox Container addon, and a dashboard for the Firefox Monitor data breach service.

These changes are covered in detail below.

Blocking tracking cookies by default

Mozilla has announced that new Firefox users will now block third-party tracking cookies by default.

When users install Firefox for the first time, the browser will be configured to use the Standard setting for the Content Blocking feature. This setting previously only blocked trackers in Private mode, but has now been changed to also automatically block third-party tracking cookies in normal browsing sessions.

Standard Content Blocking setting
Standard Content Blocking setting

There is one caveat to this default blocking. If you look at the image above, you can see that Firefox “allows some trackers so websites function properly”. This means that trackers on some sites are being allowed if blocking them would break the site and gives the site more time to resolve these issues.

For existing Firefox users, you can enable the blocking of third-party cookies by utilizing the Custom Content Blocking setting and selecting to block Trackers and Third-party trackers under the Cookies setting.

Custom Content Blocking Settings
Custom Content Blocking Settings

Mozilla plans on rolling out this default blocking to existing Firefox users in the near future.

Lockwise Desktop officially launches

In the past, Mozilla offered the LockBox iOS and Android apps, which allowed mobile users to log into their Mozilla account and see login credentials saved from Firefox Desktop.

In May, BleepingComputer broke the news that Mozilla was rebranding their LockBox password management service under a new name called Lockwise. As part of this rebranding, Mozilla was also releasing a Firefox Lockwise for Desktop addon that acts as the cornerstone for the Mozilla password management service.

As of today, this addon is now officially released and can be downloaded from the Firefox Lockwise site.

When installed, the Firefox Lockwise addon converts Firefox’s Login and Passwords panel into a full featured password management service where users can view all of their saved login credentials, create new entries, and edit existing ones.

Firefox Lockwise for Desktop
Firefox Lockwise for Desktop

As long as syncing is enabled, all devices that are logged into the same Mozilla account will now be able to access the saved credentials stored in Firefox Lockwise.

This service, though, still needs improvement as mobile users can currently only view login credentials saved from Firefox Desktop and new credentials cannot be created within the Firefox Lockwise mobile apps.

Firefox Lockwise for iOS
Firefox Lockwise for iOS

If Firefox plans on creating premium offerings from this service, which they are currently considering, they need to update their Lockwise apps in order to allow users to create and save new login credentials. Only then can they compete with other password management services.

Firefox Container

Mozilla has also launched an updated Facebook Container addon that will now block Facebook buttons used on sites that you visit.

When sites utilize Facebook scripts to show Like or Share buttons, Facebook can use these scripts to track you when on the site and between sites. The updated Facebook Container addon will block these buttons so that they are no longer able to track you as shown below.

Blocked Facebook button
Blocked Facebook button on Amazon

Firefox Monitor gets a new dashboard

Finally, Mozilla is launching a new dashboard for their Firefox Monitor data breach notification service.

“Today we’re launching a central dashboard to help you track and manage multiple email addresses, whether it’s your personal email accounts or ones for professional use.”

This new centralized dashboard will allow you to quickly view the email addresses being monitor, the data breaches that have exposed your information, and the passwords that have been exposed across all breaches.

Firefox Monitor Dashboard
Firefox Monitor Dashboard

With this dashboard, Firefox Monitor is beginning to grow into a service that feels more complete rather than thrown together as an value added service for their customers.

It also shows how they continue to increase the service offerings in order to eventually offer premium options as a way to generate revenue.

Article Provided By: BleepingComputer

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Access Control, Monitoring, Networking, LVT, Liquid Video Technologies, Greenville South Carolina, Cybercrime

Cybercrime Groups Flourish on Facebook

You might be surprised what you can buy on Facebook, if you know where to look. Researchers with Cisco’s Talos security research team have uncovered a wave of Facebook groups dedicated to making money from a variety of illicit and otherwise sketchy online behaviors, including phishing schemes, trading hacked credentials and spamming. The 74 groups researchers detected boasted a cumulative 385,000 members.

Remarkably, the groups weren’t even really trying to conceal their activities. For example, Talos found posts openly selling credit card numbers with three-digit CVV codes, some with accompanying photos of the card’s owner. According to the research group:

The majority of these groups use fairly obvious group names, including “Spam Professional,” “Spammer & Hacker Professional,” and “Facebook hack (Phishing).” Despite the fairly obvious names, some of these groups have managed to remain on Facebook for up to eight years, and in the process acquire tens of thousands of group members.

Beyond the sale of stolen credentials, Talos documented users selling shell accounts for governments and organizations, promoting their expertise in moving large sums of money and offering to create fake passports and other identifying documents.

The new research isn’t the first time that Facebook users have been busted for dealing in cybercrime. In 2018, Brian Krebs reported 120 groups with a cumulative 300,000-plus members engaged in similar activities, including phishing schemes, spamming, botnets and on-demand DDoS attacks.

As Talos researchers explain in their blog post, “Months later, though the specific groups identified by Krebs had been permanently disabled, Talos discovered a new set of groups, some having names remarkably similar, if not identical, to the groups reported on by Krebs.”

“While some groups were removed immediately, other groups only had specific posts removed,” Talos researcher Jaeson Schultz wrote. “Eventually, through contact with Facebook’s security team, the majority of malicious groups was quickly taken down, however new groups continue to pop up, and some are still active as of the date of publishing.”

Cybercrime groups are yet another example of the game of enforcement whack-a-mole that Facebook continues to play on its massive platform. At the social network’s scale — and without the company dedicating sufficient resources to more comprehensive detection methods — it’s difficult for Facebook to track the kinds of illicit or potentially harmful behaviors that flourish in unmonitored corners of its sprawling platform.

“These groups violated our policies against spam and financial fraud and we removed them,” a Facebook spokesperson told TechCrunch. “We know we need to be more vigilant and we’re investing heavily to fight this type of activity.”

Article Provided By: techcrunch

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Drones Stealing Sensitive Data

Drones Stealing Sensitive Data

DHS warns of Chinese-made drones stealing sensitive data

  • Drones contain components that can steal sensitive data and share on a server accessed beyond the company itself.
  • An industry analysis has revealed that nearly 80% of the drones used in the US and Canada are from DJI, which is headquartered in Shenzhen, China.

The US Department of Homeland Security warns that Chinese-made drones might be sharing sensitive flight data to its manufacturers on a server accessible to the Chinese government.

Contents of the alert

The US Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has warned that drones are a “potential risk to an organization’s information” and that it contains components that can steal sensitive data and share on a server accessed beyond the company itself.

“Those concerns apply with equal force to certain Chinese-made (unmanned aircraft systems)-connected devices capable of collecting and transferring potentially revealing data about their operations and the individuals and entities operating them, as China imposes unusually stringent obligations on its citizens to support national intelligence activities,” the alert read, CNN reported.

Which drone manufacturers are suspect?

The alert did not specify any manufacturer. However, industry analysis has revealed that nearly 80% of the drones used in the US and Canada are from DJI, which is headquartered in Shenzhen, China.

Key takeaway

Users are warned to be cautious while purchasing drones from China and to take security measures like turning off the device’s internet connection and removing secure digital cards to avoid data theft.

 

By:  Ryan Stewart

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Next Generation Endpoint Security

Next Generation Endpoint Security

Getting Past the Hype of Next Generation Endpoint Security

We’ve heard the same story for years. Antivirus software is not effective in stopping cyber-attacks, as hackers have adapted their techniques to evade signature-based detections. Even next-generation antivirus, which applies techniques such as machine learning and behavioral analytics, is no more effective at protecting an organization than its older sibling. But why? The simple answer is that nearly all AV and NGAV solutions focus their primary value on the prevention of malicious files – an attack vector that is slowly but surely disappearing in favor of file-less capabilities and the subversion of users and trusted applications.

Worse than their hyper-focus on the irrelevant, they continue to rely on historical attack analysis as a basis for future detections which leaves them unable to make high fidelity preventions and detections in real-time. They lack the visibility and threat intelligence necessary to understand an attacker’s tactics and techniques, which means these so-called NGAV solutions lack the confidence in their ability to identify malicious activity. The evidence of this is when they introduce unnecessary latency with cloud and human analysis, which do not function at the speed required to defend against modern threats.

So where does that leave companies in their search for better protection?

A modern endpoint protection strategy must include prevention, detection, and response capabilities. Effective automation of threat intelligence for prevention, along with robust detection and response means security analysts can spend their time improving defenses instead of repeatedly reacting to incidents caused by the same lack of real-time capabilities and unnecessary latency.

The convergence of Endpoint Detection and Response (EDR) into the Endpoint Protection Platform (EPP) can replace core AV/NGAV capabilities, but can also improve protection against the following:

  • Malware variants, including malware-based ransomware
  • Obfuscated malware, unknown malware, and zero-day attacks
  • Malicious scripts that leverage PowerShell, Visual Basic, Perl, Python, and Java/JAR
  • Memory-resident attacks and other malware-less attacks
  • Malicious use of good software

Of the hundred plus endpoint security vendors, Endgame’s endpoint protection platform and single autonomous agent simplifies antivirus replacement through:

  • Earliest Prevention – Protection against exploits, malware, file-less attacks, and ransomware
  • Fastest Detection and Response – Stops all attacks at the earliest stages of the MITRE ATT&CK™ matrix
  • Automated Threat Hunting – Built in discovery, deployment, and dissolvable agent

Endgame’s Artemis, the first intelligent security assistant, elevates and accelerates operators and analysts by responding to plain English questions and commands.  With Artemis, analysts can prioritize, triage, and remediate alerts in minutes across hundreds of thousands of endpoints that would have otherwise taken hours or days with traditional tools.

In an extremely crowded market, endpoint security tools must provide a simple, cost-effective replacement for antivirus while increasing value. With Endgame, your organization can quickly prevent malware and modern attacks across the entire MITRE ATT&CK framework with a single, autonomous agent.

 

Next Generation Endpoint Security  By: Matt Alderman

 

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Cyber-Crime Gang Busted

Cyber-Crime Gang Busted

GozNym cyber-crime gang which stole millions busted

 

An international crime gang which used malware to steal $100m (£77m) from more than 40,000 victims has been dismantled.

A complex police operation conducted investigations in the US, Bulgaria, Germany, Georgia, Moldova, and Ukraine.

The gang infected computers with GozNym malware, which captured online banking details to access bank accounts.

The gang was put together from criminals who advertised their skills on online forums.

The details of the operation were revealed at the headquarters of the European police agency Europol in The Hague.

It said that the investigation was unprecedented, especially in terms of cross-border co-operation.

Cyber-crime service

Ten members of the network have been charged in Pittsburgh, US on a range of offenses, including stealing money and laundering those funds using the US and foreign bank accounts.

Five Russian nationals remain on the run, including one who developed the GozNym malware and oversaw its development and management, including leasing it to other cyber-criminals.

Various other gang members now face prosecution in other countries, including:

  • The leader of the network, along with his technical assistant, faces charges in Georgia
  • Another member, whose role was to take over different bank accounts, has been extradited to the US from Bulgaria to face trial
  • A gang member who encrypted GozNym malware to make sure it was not detected on networks faces prosecution in Moldova
  • Two more face charges in Germany for money-laundering

Among the victims were small businesses, law firms, international corporations, and non-profit organizations.

Cyber-Crime Gang Busted

Europol said it was a great example of cross-border co-operation | Image copyright Getty IMAGES

One of the things that the operation has highlighted is how common the selling of nefarious cyber-skills has become, says Prof Alan Woodward, a computer scientist from University of Surrey.

“The developers of this malware advertised their ‘product’ so that other criminals could use their service to conduct banking fraud.

“What is known as ‘crime as a service’ has been a growing feature in recent years, allowing organized crime gangs to switch from their traditional haunts of drugs to much more lucrative cyber-crime.”

What is GozNym?

It is a hybrid of two other pieces of malware, Nymaim, and Gozi.

The first of these is what is known as a “dropper”, software that is designed to sneak other malware on to a device and install it. Up until 2015, Nymaim was used primarily to get ransomware on to devices.

Gozi has been around since 2007. Over the years it has resurfaced with new techniques, all aimed at stealing financial information. It was used in concerted attacks on US banks.

Combining the two created what one expert called a “double-headed monster”.

Presentational grey line

Analysis: Anna Holligan, BBC Hague correspondent

Cyber-Crime Gang Busted

Scott Brady said the case represented a “milestone” in the fight against international cybercrime

 

Unsuspecting citizens thought they were clicking a simple link – instead, they gave hackers access to their most intimate details.

US attorney for the Western District of Pennsylvania, Scott Brady stood alongside prosecutors and cyber-crime fighters from five other nations inside Europol’s high-security headquarters, to announce the takedown of what he described as a “global conspiracy”.

The suspected ringleader used GozNym malware and contracted different cyber-crime services – hard to detect bulletproof hosting platforms, money mules and spammers – to control more than 41,000 computers and enable cyber-thieves to steal and whitewash an estimated $100m from victims’ bank accounts.

Gang members in four countries have been charged – a coup for cyber-crime fighters who say the discovery of this sophisticated scam demonstrates the borderless nature of cyber-crime and need for cross border co-operation to detect and disrupt these networks.

 

By: Jane Wakefield

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Phishing Scam Targets Instagram

Phishing Scam Targets Instagram

New Phishing scam called ‘The Hotlist’ now targets the Instagram users

 

  • The new scam operates in a similar manner as the recent ‘The Nasty List’ scam.
  • The scam begins with Instagram users receiving a message regarding a list of their ‘hot’ photos on Instagram.

A new phishing scam called ‘The Hotlist’ has been found targeting Instagram users lately. This new scam operates in a similar manner as the recent ‘The Nasty List’ scam.

How does it work – The scam begins with Instagram users receiving a message regarding a list of their ‘hot’ photos on Instagram. The message reads something like, “I just saw a few of your photos on the @The_HotList_95 and they are already upvoted to #26!”.

Once the recipients visit the message sender’s account, then they are displayed with a post that says ‘Everyone Is On Here Look’ and includes a description along with a link that reads ‘Check what position you’re in!’.

If users click on the link, then they are taken to a fake Instagram login page that is used by scammers to steal login credentials. The link typically ends with .me domain, Bleeping Computer reported.

What are the impacts – The scam is being used to steal Instagram account details of users. Once the scammers grab the login credentials, they can use them later to send further phishing messages to other Instagram users.

How to stay safe – Users can avoid falling victim to such Instagram phishing scams by:

  • Not entering their login credentials if they are on a page that does not belong to the Instagram website;
  • Verifying the profile of the sender/source before sharing any personal information;
  • Ignoring message from an unknown source that asks you to share sensitive details as it can be a phishing scam.

 

By:   Ryan Stewart

 

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Cyber Security Doesn't Discriminate

Cyber Security Doesn’t Discriminate

Russian hackers are targeting European embassies, according to new report

Russian hackers recently attacked a number of embassies in Europe by emailing malicious attachments disguised as official State Department documents to officials, according to a new report from Check Point Research.

The hackers targeted European embassies in Nepal, Guyana, Kenya, Italy, Liberia, Bermuda, and Lebanon, among others. They typically emailed the officials Microsoft Excel sheets with malicious macros that appeared to have originated from the United States State Department. Once opened, the hackers were able to gain full control of the infected computer by weaponizing installed software called Team Viewer, a popular remote access service.

“It is hard to tell if there are geopolitical motives behind this campaign by looking solely at the list of countries it was targeting,” the press release says, “since it was not after a specific region and the victims came from different places in the world.”

Government finance officials were also subject to these attacks, and Check Point notes that these victims were of particular interest to the hackers. “They all appear to be handpicked government officials from several revenue authorities,” the press release says.

The hackers appeared to be highly sophisticated, carefully planning out the attacks, using decoy documents tailored to their victim’s interests, and targeting specific government officials. At the same time, other stages of the attack were carried out with less caution leaving personal information and browsing history belonging to the perpetrator exposed.

Check Point identified several other similar attack campaigns, including some targeting Russian-speaking victims as well.

While Russian in origin, it’s unlikely that these attacks were state-sponsored. One perpetrator was traced back a hacking and carding forum and registered under the same username, “EvaPiks,” on both. EvaPiks posted instructions for how to carry out this kind of cyber attack on forums and advised other users as well.

Due to the attackers’ background in the illegal carding community, Check Point suggested that they could have been “financially motivated.”

Updated 4/22/19 at 12:20 p.m. EST: The previous headline suggested that the Russian hackers attacked U.S. embassies, when the attackers targeted European embassies. The article has been updated to clarify this.

 

By: Makena Kelly

 

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

 

As Threats Evolve So Should You

As Threats Evolve So Should You

Microsoft Office now the most targeted platform, as browser security improves

Microsoft Office has become cybercriminals’ preferred platform when carrying out attacks, and the number of incidents keeps increasing, Kaspersky Lab researchers said during the company’s annual conference, Security Analyst Summit, in Singapore. Boris Larin, Vlad Stolyarov and Alexander Liskin showed that the threat landscape has changed in the past two years and urged users to keep their software up-to-date and to avoid opening files that come from untrusted sources to reduce the risk of infection.

Today, more than 70% of all the attacks Kaspersky Lab catches are targeting Microsoft Office, and only 14% take advantage of browser vulnerabilities. Two years ago, it was the opposite: Web-based vulnerabilities accounted for 45% of the attacks, while Microsoft Office had a 16% share.

Kaspersky researchers presented data showing increase in Microsoft Office exploits since 2016As Threats Evolve So Should You

Researchers said that this is because hacking browsers has become more expensive, as browser security has improved. “Browser developers put much effort into different kinds of security protections and mitigations,” Liskin said. “Attackers were looking for a new target, and MS Office has become a star.”

Liskin added that there are plenty of reasons why cybercriminals choose to attack the popular suite. “Microsoft Office has a huge number of different file formats,” he said. “It is deeply integrated into the Windows operating system.”

He also argued that when Microsoft created Office, it made several decisions that, in hindsight, aren’t optimal security-wise and are currently difficult to change. Making such alterations would have a significant impact on all the versions of the products, Liskin said.

The researchers pointed out that the most exploited vulnerabilities from the past two years are not in MS Office itself, but rather in related components. Two of those vulnerabilities, CVE-2017-11882 and CVE-2018-0802, exploit bugs found in Equation Editor. Cybercriminals prefer to use them because they can be found in every version of Microsoft Word released in the past 17 years. Moreover, building exploits for them does not require advanced skilled, because the Equation Editor binary lacks modern protections and mitigations. These are simple, logical vulnerabilities, the researchers said.

Exploit uses Internet Explorer to hack Office

Another interesting vulnerability is CVE-2018-8174. In this unusual case, the vulnerability was actually in Internet Explorer, but the exploit was found in an Office file. “The exploit was delivered as an obfuscated RTF document,” researcher Larin said. “This is the first exploit to use a vulnerability in Internet Explorer to hack Microsoft Office.”

The infection chain has three steps. First, the victim opens the malicious document. As they do this, a second stage of the exploit is downloaded: an HTML page that contains a VBScript code. This then triggers the third step, ause after free (UAF) vulnerability, and executes shellcode. UAF bugs are a type of memory corruption vulnerability that have been very successful in the past for browser exploitation. The technique works by referencing memory after it has been freed, causing the software to crash or allowing an attacker to execute code.

Cybercriminals act fast on Microsoft exploits

What intrigues Larin, Stolyarov and Liskin the most about the cases they’ve studied is how fast cybercriminals operate. Most incidents start with a Microsoft Office zero-day that’s used in a targeted campaign. Once it becomes public, it’s only a matter of days until exploits appear on the dark web. Sometimes, it can even be faster, as has happened with CVE-2017-11882, the first Office Equation Editor vulnerability Kaspersky Lab researchers uncovered. The publication of the proof of concept was followed by a massive spam campaign that began on the very same day.

Microsoft Office vulnerabilities might become even more common in the near future, as attackers continue to target the suite. Larin advised users to keep their software updated, and to pay attention to the files they receive from dubious email addresses. “Our best recommendation is not to open links and files received from untrusted sources, and have installed security solutions with advanced detection of exploits,” Larin added.

 

As Threats Evolve So Should You By Andrada Fiscutean

 

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

 

 

U.S. Patent Granted for Blockchain

U.S. Patent Granted for Blockchain

Blockchain Patent Granted to Cybersecurity Company Owned by U.S. Defense Contractor

 

Documents published by the United States Patent and Trademark Office (USPTO) on April 16 reveal that Texas-based cybersecurity company Forcepoint has been awarded a blockchain-related patent.

Forcepoint is owned by U.S. defense contractor Raytheon and private equity firm Vista Equity Partners, and Crunchbase estimates its yearly revenue to be $600 million.

The system described in the patent appears to be a complex user behavior monitoring and management system. The system would aim to store data about electronically-observable user interactions and then use this data to identify known good, anomalous and malevolent user actions to enhance the system’s cybersecurity.

Some versions of the system employ blockchain technology, according to the patent:

“In certain embodiments, the association of the additional context may be accomplished via a blockchain block within a user behavior profile blockchain […] implemented with appropriate time stamping to allow for versioning over time. ”

Furthermore, the patent also provides the possibility of storing user behavior data on the blockchain directly, noting that advantages of the solution are immutability and tamper-evident.

As Cointelegraph recently reported, digital payments giant PayPal has won a cybersecurity patentto protect users from crypto ransomware.

Also, at the beginning of the current month, global consulting company Accenture has patentedtwo solutions focused on blockchain interoperability.

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

 

 

1 2 3