Security, Video Surveillance, Surveillance, Computer Networking, Access Control, Monitoring, LVT, Liquid Video Technologies, Greenville South Carolina

Security Lapse Exposed Honda’s Network

An exposed database at automotive giant Honda allowed anyone to see which systems on its network were vulnerable to unpatched security flaws, potentially giving hackers insider knowledge of the company’s weak points.

The server contained 134 million rows of employee systems data from the company’s endpoint security service, containing technical details of each computer and device connected to the internal network.

There was no password on the database, allowing anyone to access and read the data.

The data included which operating system a user was running, its unique network identifiers and IP address, the status of the endpoint protection and which patches were installed. That could allow an attacker to figure out which systems are at risk of certain vulnerabilities, or tailor attacks toward machines of interest using exploits known to target vulnerable devices. (We’re not naming the endpoint provider as it could prove useful for an attacker.)

In some cases the database would reveal the endpoint security status — including if a device was unprotected.

Security researcher Justin Paine found the exposed database earlier this month. The database was shut down hours after he made contact with the company.

“I thought this was likely to be just a single Honda dealership,” Paine said. “The odds of that seemed far more likely than a database containing information related to all of Honda’s global network of employee machines.”

The database contained records on multiple Honda offices around the world, including Mexico, the U.K. and the U.S., said Paine.

He also found the chief executive’s computer in the logs, including which operating system he uses, the patches installed and more. The records also included his email address and the last time he logged on.

“What makes this data particularly dangerous in the hands of an attacker is that it shows you exactly where the soft spots are,” said Paine. “This data contained enough identifiable information to make it extremely simple to locate specific high-value employees, and in the hands of an attacker this leaked data could be used to silently monitor for ways to launch very targeted attacks on those executives,” he said.

Honda spokesperson Marcos Frommer told TechCrunch: “The security of our data is critical to us, and we are continually reviewing our processes to ensure that our data is protected. We have investigated this specific issue and have taken steps to address the matter.”

“We will take appropriate actions in accordance with relevant laws and regulations, and will continue to work on proactive security measures to prevent similar incidents in the future,” said the spokesperson.

It’s the latest find by Paine in recent months. Earlier this year he found a huge database of call logs and SMS messages exposed on the internet, and also the viewing habits of a library and university streaming service.

Article Provided By: techcrunch

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina


If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Networking, Access Control, Monitoring, Security Systems, Liquid Video Technologies, Greenville South Carolina

The 6 Deadly Mobile Security Threats

The emergence of mobile security threats has been there over the past few years. Since mobile devices have become mini computers with complete top-level internet capabilities, the threat to these devices has increased. Many statistics today show that cellular security threats are the most widespread in the device market. Android, the largest cellular platform notes that up to 50% of users can be exposed to risk at any given time for various reasons. There are a number of deadly mobile security threat methods in 2019.


As the hacking attacks get more sophisticated, hackers have increasingly turned to phishing. Phishing is the process of soliciting information from especially via unsafe links. Mobile devices are some of the most threatened tools when it comes to phishing. This is because of the delicate nature of mobile screens. Not only is it easy to click on an unsafe link unintentionally, but it is also possible to fail to differentiate between safe and unsafe links. Mobile device users also spend more time on their machines than PC users. This is why phishing is a huge threat in 2019.

When hacking attacks are increasingly sophisticated, hackers are increasingly turning to phishing. Phishing is the process of requesting information from mainly through unsafe links. Mobile devices are some of the most threatened tools for phishing. This is because of the soft nature of the mobile screen. It’s not only easy to accidentally click on insecure links, but also may fail to distinguish between safe and unsafe links. Users of mobile devices also spend more time on their machines than PC users. This is why phishing is a big threat in 2019.

Wi-Fi and Spoofing network

One of the biggest threats with free WiFi is the hacker’s ability to position himself between your mobile and the access point. So, instead of talking directly to a hotspot, you are sending your information to hackers. Hackers will have all the access to all the information that you send like e-mails, telephone numbers, credit card information, business data, and so on. And once a hacker has all the information, they will have a field day.

Similarly, free WiFi is also a main source of insecurity. The network is also in the field of mobile devices. With so many networks scattered across the places, identity spoofing is easy, because they use fake access points. With increasing access to network comes to increasing phishing attacks, often created through cloned networks through several accounts. The victim ends up disclosing all the critical information and ends up losing his asset. There are tools that can help protect you from identity theft.

Exposing Data

In today’s world data is very critical, and on any mobile out there, users store their banking and financial information and personal information. So one has to be sure that someday you are more likely to lose this information. Data leaks occur as a result of installing an app that requires a confusing set-permissions or simply because they do not have clear permission. Most free apps often fall into this category. The user has to make sure that the app that he installs on his mobile is coming from a reputed source.


The world of mobile devices has seen many forms of malware. The current threat generation is spyware. This is a small program that tracks and store user information without their consent. Spyware programs are mostly used by malicious companies and individuals who benefit in certain ways of knowing the location of certain mobile users. Spyware is spread in the same way as other malware programs. Therefore, the best spyware is an ordinary antivirus program.

Wrong code

Bad cryptography is also the main source of insecurity. During the application development process, engineers may end up using bad coding techniques. In such cases, apps that are created can be unsafe and become a source of threat to all devices. Today app development requires compliance with modern cryptographic standards. Often when cryptography is badly used, the problem is usually a lack of time or financial resources to allow the complete application process. Application development needs to be done until finality. All processes involved in the development, including testing, must be carried out in accordance with modern requirements. Doing this can eliminate deficiencies in the code and make the application safer.

Responsible Development

The threat of social engineering is increasing. On mobile devices, many different strategies are used by attackers. The main strategies include using false information to try and get data from mobile users. Currently, hackers use inventive language to get a little of their personal information. They can do this for a long time and collect enough data to carry out attacks. Social engineering attacks have increased due to the many applications and communication platforms.

Article Provided By: Hacker Combat

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina


If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Access Control, Networking, Monitoring, LVT, Liquid Video Technologies, Greenville South Carolina, Cybersecurity, Practices

Cyber Security: Definition, Practices & More

Learn about cyber security, why it’s important, and how to get started building a cyber security program.


Cyber security refers to the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access. Cyber security may also be referred to as information technology security.


Cyber security is important because government, military, corporate, financial, and medical organizations collect, process, and store unprecedented amounts of data on computers and other devices. A significant portion of that data can be sensitive information, whether that be intellectual property, financial data, personal information, or other types of data for which unauthorized access or exposure could have negative consequences. Organizations transmit sensitive data across networks and to other devices in the course of doing businesses, and cyber security describes the discipline dedicated to protecting that information and the systems used to process or store it. As the volume and sophistication of cyber attacks grow, companies and organizations, especially those that are tasked with safeguarding information relating to national security, health, or financial records, need to take steps to protect their sensitive business and personnel information. As early as March 2013, the nation’s top intelligence officials cautioned that cyber attacks and digital spying are the top threat to national security, eclipsing even terrorism.


For an effective cyber security, an organization needs to coordinate its efforts throughout its entire information system. Elements of cyber encompass all of the following:

The most difficult challenge in cyber security is the ever-evolving nature of security risks themselves. Traditionally, organizations and the government have focused most of their cyber security resources on perimeter security to protect only their most crucial system components and defend against known treats. Today, this approach is insufficient, as the threats advance and change more quickly than organizations can keep up with. As a result, advisory organizations promote more proactive and adaptive approaches to cyber security. Similarly, the National Institute of Standards and Technology (NIST) issued guidelines in its risk assessment framework that recommend a shift toward continuous monitoring and real-time assessments, a data-focused approach to security as opposed to the traditional perimeter-based model.


The National Cyber Security Alliance, through SafeOnline.org, recommends a top-down approach to cyber security in which corporate management leads the charge in prioritizing cyber security management across all business practices. NCSA advises that companies must be prepared to “respond to the inevitable cyber incident, restore normal operations, and ensure that company assets and the company’s reputation are protected.” NCSA’s guidelines for conducting cyber risk assessments focus on three key areas: identifying your organization’s “crown jewels,” or your most valuable information requiring protection; identifying the threats and risks facing that information; and outlining the damage your organization would incur should that data be lost or wrongfully exposed. Cyber risk assessments should also consider any regulations that impact the way your company collects, stores, and secures data, such as PCI-DSS, HIPAA, SOX, FISMA, and others. Following a cyber risk assessment, develop and implement a plan to mitigate cyber risk, protect the “crown jewels” outlined in your assessment, and effectively detect and respond to security incidents. This plan should encompass both the processes and technologies required to build a mature cyber security program. An ever-evolving field, cyber security best practices must evolve to accommodate the increasingly sophisticated attacks carried out by attackers. Combining sound cyber security measures with an educated and security-minded employee base provides the best defense against cyber criminals attempting to gain access to your company’s sensitive data. While it may seem like a daunting task, start small and focus on your most sensitive data, scaling your efforts as your cyber program matures.

Article Provided By: Digital Guardian

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina


If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Network Security, Liquid Video Technologies, Greenville, South Carolina

10 Most Neglected Data Security Practices

The 2018 Netwrix IT Risks Report explores how organizations are working to ensure compliance and beat cyber threats. Unfortunately, the results indicate that organizations aren’t doing enough to defeat the bad guys. Here are the 10 most neglected security best practices: 

1. Classify data based on its sensitivity.

Security experts recommend that organizations classify data at least twice per year so they can reset access rights and ensure that only the right people have access to data.   

Reality check: 64% of organizations admit that they classify data based on its level of sensitivity just once per year or even less frequently.   

Pro tip: Many organizations rely on users to classify data, which rarely works well. Look for data discovery and classification products that automate the classification process.   

2. Update data access rights.

To prevent unauthorized access to data, security experts recommend strictly enforcing the least-privilege principle, as well as reviewing access rights every six months and after important events like an employee termination.   

Reality check: 51% of organizations do not update data access rights even once a year.   

Pro tip: Look for governance solutions that can assess and control access rights, both as part of an ongoing process as well as ad hoc. Also look for reporting and alerting tools that can ensure it’s all being done correctly and securely.   

3. Review data available to everyone.

To reduce risk to sensitive data, security experts say that at least every three months, organizations should check that folders and shares available to everyone don’t contain sensitive data.   

Reality check: 76% of organizations are not doing this frequently enough, and some never do it at all.   

Pro tip: Look for solutions that can automate a continuous program to discover, classify and secure content regardless of where it resides, so you can reduce your attack surface.   

4. Get rid of stale data.

When you no longer need data for daily operations, it should be archived or deleted. To mitigate security risks, experts recommend doing this every 90 days.   

Reality check: Only 18% of organizations delete unnecessary data once a quarter, meaning that 82% of organizations are needlessly increasing their threat exposure.   

Pro tip: Deploy an automated solution that can find stale data and collaborate with the data owners to determine which data can be archived or permanently deleted.   

5. Conduct asset inventory regularly.

Security experts encourage you to identify all your assets (e.g. databases, software and computer equipment) and determine who is responsible for them at least once a quarter. 

Reality check: Just 29% of organizations stick to the recommended schedule.   

Pro tip: Choose an asset tracking solution that streamlines data collection and analysis to locate every asset within your company. Make sure it is easy to use and fits your needs.   

6. Update and patch software promptly. 

Installing security updates to your software in a timely manner enables you to mitigate vulnerabilities. The recommended frequency depends on patch and system importance and other factors; it varies from weekly for critical security patches to quarterly for less urgent patches, such as maintenance patches.   

Reality check: 33% of organizations do not update their software even once in 90 days.  

Pro tip: Establish a dedicated testing environment or at least a segment for patch testing to avoid incompatibility or performance issues.   

7. Perform vulnerability assessments.

Regular vulnerability assessments help you locate security gaps and reduce your exposure to attacks. Security experts recommend running these assessments at least once a month.   

Reality check: 82% of organizations do this only twice a year or don’t do it at all.   

Pro tip: Find products that can continuously evaluate threats to your data and make sure you know which threat actors do most harm to your business. Even better, find tools that provide alerts to reduce the number of false alarms.   

8. Create and maintain an incident response plan.

There are several parts to a resilient security response plan: Draft a plan, get it approved, regularly train employees and do test runs.   

Reality check: 83% of organizations admit to failing to execute all these stages.   

Pro tip: Conduct random tests to see how admins and regular users react to security threats and evaluate how your plan is working in real life.

9. Update admin passwords regularly.

If an administrator’s credentials are compromised by attackers, whether the credential is shared or not, the entire IT infrastructure is at risk. Security experts recommend changing admin passwords at least every quarter.

Reality check: Only 38% of organizations change their admin passwords at least once every 90 days.

Pro tip: Don’t use shared admin passwords, even if you update them every week. Each privileged user should have their own admin credentials and the passwords should be changed regularly.

10. Update user passwords regularly.

While the goal of threat actors is to get administrative credentials, the gateway to that information is oftentimes accessing a user’s credentials. A security best practice is to require users to change their passwords at least every 90 days.   

Reality check: 42% organizations mandate a password change less frequently than once a quarter.   

Pro tip: Require users to choose strong passwords (with a minimum number of characters and symbols) and change them once every 90 days. Also consider deploying multifactor authentication and single sign-on.   

Following these security best practices can help you reduce your attack surface and minimize the risk of security and compliance issues. Rigorously implementing security basics such as finding, classifying and securing your data is essential to preventing attackers from stealing your sensitive data and ruining your company’s reputation. 

Article Provided By: Information Security Buzz

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina


If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Monitoring, Surveillance, Computer Networking, Access Control, LVT, Liquid Video Technologies, Greenville South Carolina

Do Smartphones Impact Your Cybersecurity?

Remote working is slowly becoming a trend to watch for, and companies all around the world are mostly willing to accommodate. Studies suggest that companies spend as much as $350 per employee every month to provide company-issued smartphones and laptops, which is not that negligible of a number. Regardless of that, only 11 percent have taken more than a single measure to keep their mobile networks safe from a potential data breach.

Cybercrime Is on the Rise

Speaking of recent studies, one of them found that the widespread usage of company smartphones caused several corporate data breaches. And the financial consequences can be downright mind-numbing. In fact, they reached a total of $7.8 million in the last year alone. Taking a look at the statistics presented by ONS doesn’t make things any more reassuring either. Did you know there were more than 1.7 million incidents of cybercrime between April 2017 and March 2018?

The 3 Phases of Cyber-Security

So it goes without saying that companies should invest more resources and effort into reinforcing their cyber-security. This starts with picking the right software. According to the industry experts, cyber-security should be approached in a linear order, and these are the 3 phases of it:

  1. Detection
  2. Prevention
  3. Containment

With that being said, an ounce of prevention is worth a pound of cure, so patching up any holes remains an important part of the overall strategy. Keeping your internal network malware-free today will save you a ton of problems tomorrow.

A Company-Wide Policy Will Get You Far

There is something the companies can do that is beyond the technical cyber-security measures. Namely, coming up with a company-wide mobile threat defense policy. Observing the landscape reveals that numerous companies are starting to recognize the importance of investing money into educating their employees. By undergoing rigorous training, they are able to recognize the most prevalent cyber-security threats and suspicious-looking emails.

Another important aspect of keeping the company tech safe is using a unique password on every account. It’s also important to change them periodically.

What Are the Top 3 Cyber-Security Risks to Be Aware Of?

Knowing the risks is half the battle. Otherwise, how are you going to fight it if you can’t pinpoint the threat you’re up against?

1. Phishing attempts

Phishing is a clever trick designed by hackers to trick you into handing over your sensitive personal details. Often, they are able to accomplish this by passing themselves as a form of authority and pressuring you into handing over your login credentials. They don’t ask for them directly; rather, they try to divert you to a fake login page that serves no other purpose than to steal information from unsuspecting victims.

If sensitive company details fall into the wrong hands, all hell breaks loose. And let’s not even get started on regulatory fines, the loss of trust, etc. Unfortunately, phishing attacks seem to be increasing in frequency, so taking extra care certainly won’t hurt. Bear in mind that these are not limited to email either; text message based phishing is another threat the companies need to be aware of.

2. Being too liberal with syncing company data with personal devices

You can take all the steps in the world to protect your company data. But what good does it do if it finds its way to a personal device with subpar protection against external attacks? On a similar note, using company devices for personal matters poses risks as well.

In normal circumstances, a personal device would get infected with malware in case the user lands on a malicious website. But as much of an impenetrable fortress your company devices may be, there is always something that can weaken their defenses.

3. Not taking enough time when choosing a VPN

VPN is one of the primary ways employees use to access a company network while they’re not physically present in the office. That’s because a VPN allows you to establish a secure connection regardless of your current location.

However, doing your research is a crucial part of the process when choosing a business VPN, as not all of them are equally good. Some free providers, for example, monetize their product in unethical ways, which involve selling your bandwidth, redirecting your browser and installing malware behind your back. Moreover, don’t forget that a VPN will only protect you from certain cyberthreats, so exercising common sense is still needed.

Article Provided By: Security Magazine

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina


If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Computer Networking, Surveillance, Monitoring, Networking, LVT, Liquid Video Technologies, Greenville South Carolina, Microsoft

Microsoft Releases July Security Updates

Microsoft today released its monthly batch of software security updates for the July month to patch a total of 77 vulnerabilities, 14 are rated Critical, 62 are Important, and 1 is rated Moderate in severity.

The July 2019 security updates include patches for various supported versions of Windows operating systems and other Microsoft products, including Internet Explorer, Edge, Office, Azure DevOps, Open Source Software, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Exchange Server.

Details of 6 security vulnerabilities, all rated important, were made public before a patch was released, none of which were found being exploited in the wild.

However, two new privilege escalation vulnerabilities, one affects all supported versions of the Windows operating system, and the other affects Windows 7 and Server 2008, have been reported as being actively exploited in the wild.

Both actively exploited vulnerabilities lead to elevation of privilege, one (CVE-2019-1132) of which resides in the Win32k component and could allow an attacker to run arbitrary code in kernel mode.

However, the other actively exploited vulnerability (CVE-2019-0880) resides in the way splwow64 (Thunking Spooler APIs) handles certain calls, allowing an attacker or a malicious program to elevate its privileges on an affected system from low-integrity to medium-integrity.

The publicly known flaws affect Docker runtime, SymCrypt Windows cryptographic library, Remote Desktop Services, Azure Automation, Microsoft SQL server, and Windows AppX Deployment Service (AppXSVC).

Microsoft also released updates to patch 14 critical vulnerabilities, and as expected, all of them lead to remote code execution attacks and affect Microsoft products ranging from Internet Explorer and Edge to Windows Server DHCP, Azure DevOps and Team Foundation Servers.

Some important-rated vulnerabilities also lead to remote code execution attacks, while others allow elevation of privilege, information disclosure, cross-site scripting (XSS), security feature bypass, spoofing, and denial of service attacks.

Users and system administrators are strongly advised to apply the latest Microsoft security patches as soon as possible to keep hackers and cyber criminals away from taking control of their Windows computer systems.

For installing the latest security updates, users can head on to Settings → Update & Security → Windows Update → Check for updates on their Windows computers or can install the updates manually.

For addressing problematic updates on Windows 10 devices, Microsoft also introduced a safety measure in March this year that automatically uninstalls buggy software updates installed on your system if your OS detects a startup failure.

Article Provided By: thehackernews

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina


If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Monitoring, Computer Networking, Surveillance, Access Control, LVT, Liquid Video Technologies, Greenville South Carolina

Security Flaw in Pre-Installed Dell Software

Security Flaw in Pre-Installed Dell Support Software Affects Million of Computers

Dell’s SupportAssist utility that comes pre-installed on millions of Dell laptops and PCs contains a security vulnerability that could allow malicious software or rogue logged-in users to escalate their privileges to administrator-level and access sensitive information.

Discovered by security researchers at SafeBreach Labs, the vulnerability, identified as CVE-2019-12280, is a privilege-escalation issue and affects Dell’s SupportAssist application for business PCs (version 2.0) and home PCs (version 3.2.1 and all prior versions).

Dell SupportAssist, formerly known as Dell System Detect, checks the health of your system’s hardware and software, alerting customers to take appropriate action to resolve them. To do so, it runs on your computer with SYSTEM-level permissions.

With this high-level privileges, the utility interacts with the Dell Support website and automatically detects Service Tag or Express Service Code of your Dell product, scans the existing device drivers and installs missing or available driver updates, along with performing hardware diagnostic tests.

However, researchers at SafeBreach Labs discovered that the software insecurely loads .dll files from user-controlled folders when run, leaving a spot for malware and rogue logged-in users to corrupt existing DLLs or replace them with malicious ones.

Security, Monitoring, Computer Networking, Access Control, Surveillance, LVT, Liquid Video Technologies, Greenville South Carolina

Therefore, when SupportAssist loads those tainted DLLs, malicious code gets injected into the program and executed within the context of an administrator, thus easily allowing the attacker to gain complete control of a targeted system.

“According to Dell’s website, SupportAssist is pre-installed on most of Dell devices running Windows. This means that as long as the software is not patched, the vulnerability affects millions of Dell PC users,” the researchers say.

What’s worrisome? Researchers believe that Dell is not the only company whose PCs are impacted by this particular security issue.

Since Dell SupportAssist is written and maintained by Nevada-based diagnostics and customer support firm PC-Doctor, other PC makers that bundle the same diagnostic and troubleshooting tools into their own computers with different names may also be vulnerable.

“After SafeBreach Labs sent the details to Dell, we discovered that this vulnerability affects additional OEMs which use a rebranded version of the PC-Doctor Toolbox for Windows software components,” the researchers say.

Also, according to the PC-Doctor website, PC makers have “pre-installed over 100 million copies of PC-Doctor for Windows on computer systems worldwide,” which means the flaw also affects other OEMs that rely on PC-Doctor for specialized troubleshooting tools.

Since Dell’s SupportAssist software use a signed driver by PC-Doctor to access low-level memory and hardware, researchers demonstrated this vulnerability to read the content of an arbitrary physical memory address as a proof-of-concept.

SafeBreach Labs reported the vulnerability to Dell on 29th April 2019, and the company then reported the issue to PC Doctor and released fixes provided by PC-Doctor on 28th May for affected SupportAssist versions.

Dell Business and home PC users are recommended to update their software to Dell SupportAssist for Business PCs version 2.0.1 and Dell SupportAssist for Home PCs version 3.2.2 respectively.

It’s not the first time when Dell SupportAssist has been found affected by a severe security vulnerability.

In April this year, Dell also addressed a critical remote code execution vulnerability in the utility that would have allowed remote attackers to download and install malware from a remote server on affected Dell computers and take full control over them.

Article Provided By: The Hacker News

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina


If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Surveillance, Security, Monitoring, Automation, Access Control, LVT, Liquid Video Technologies, Greenville South Carolina

Chinese Secretly Installing Spyware App

China’s Border Guards Secretly Installing Spyware App on Tourists’ Phones

Chinese authorities are secretly installing surveillance apps on smartphones of foreigners at border crossings in the Xinjiang region who are entering from neighboring Kyrgyzstan, an international investigation revealed.

Xinjiang (XUAR) is an autonomous territory and home to many Muslim ethnic minority groups where China is known to be conducting massive surveillance operations, especially on the activities of Uighurs, a Muslim Turkic minority group of about 8 million people.

The Chinese government has blamed the Muslim Turkic minority group for Islamic extremism and deadly attacks on Chinese targets.

According to a joint investigation by New York Times, the Guardian, Süddeutsche Zeitung and more, the surveillance app has been designed to instantly extract emails, texts, calendar entries, call records, contacts and insecurely uploads them to a local server set-up at the check-point only.

This suggests that the spyware app has not been designed to continuously and remotely track people while in China. In fact, in the majority of cases, the report says the surveillance app is uninstalled before the phone is returned to its owner.

The spyware, called Feng Cai (蜂采) or BXAQ, also scans infected Android devices for over 73,000 pre-defined files related to Islamic extremist groups, including ISIS recruitment fliers, bomb-making instructions, and images of executions.

Surveillance, Monitoring, Security, Access Control, Automation, LVT, Liquid Video Technologies, Greenville South Carolina

Besides this, it also looks for segments from the Quran, portions of an Arabic dictionary and information on the Dalai Lama, and for some bizarre reason, the list also includes a song from a Japanese grindcore band called Unholy Grace.

The app can directly be installed on Android phones, but for tourists, journalists, and other foreigners, using Apple devices, the border guards reportedly connect their phones to a hardware-based device that is believed to install similar spyware.

According to researchers at German cybersecurity firm Cure53, who analyzed [PDF] a sample of the surveillance app, the names that appear in Feng Cai app’s source code suggest that the app was developed by a unit of FiberHome, a Chinese telecom manufacturer that is partly owned by the government.

“The app is very simple in terms of its user interface, with just three available functions: Scan, Upload, and Uninstall,” the researchers said.

However, it remains unclear how long the collected information on travelers is stored on the Chinese server, or how the government uses it.

“The Chinese government, both in law and practice, often conflates peaceful religious activities with terrorism,” Maya Wang, a Chinese researcher at Human Rights Watch, told NY Times. “You can see in Xinjiang, privacy is a gateway right: Once you lose your right to privacy, you’re going to be afraid of practicing your religion, speaking what’s on your mind or even thinking your thoughts.”

It’s not the first time when Chinese authorities have been caught using spyware to keep tabs on people in the Xinjiang region, as this kind of intensive surveillance is very common in that region. However, it’s the first time when tourists are believed to have been the primary target.

In 2017, Chinese authorities had forced Xinjiang residents as well into installing a similar spyware app, called Jingwang, on their mobile devices that was intended to prevent them from accessing terrorist information.

Article Provided By: The Hacker News

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina


If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Monitoring, Access Control, Computer Networking, Networking, LVT, Liquid Video Technologies, Greenville South Carolina, iOS 13

Users Warned About iOS 13 Security Problem

When the “Sign in with Apple” functionality to appear as part of iOS 13 was announced at the Worldwide Developers Conference (WWDC) back on June 3, it was met with broad approval from Apple users. After all, what’s not to like about having an alternative to signing in to applications and services via your Facebook, Google, or Twitter account? It turns out, truth be told, quite a lot. Just how much depends upon whom you are talking to, of course.

The OpenID Foundation (OIDF), whose own OpenID Connect platform shares much in common with the proposed Apple solution and counts Google, Microsoft and PayPal amongst its members, is edging towards the not so keen side of the fence. Moreover, it’s not alone either.

In a  June 27 open letter addressed to Craig Federighi, senior vice-president of software engineering at Apple, Nat Sakimura, OIDF chairman, begins with some faint praise regarding Apple’s “efforts to allow users to log in to third-party mobile and Web applications with their Apple ID using OpenID Connect.” It very quickly goes downhill from there, however.

After explaining how OpenID Connect has been developed by a broad range of companies, along with experts from within the OIDF itself, the letter points out how it has become a widely-adopted protocol built on OAuth 2.0 to enable third-party logins in a secure and standard manner. The differences between OpenID Connect and Sign in with Apple, the letter continues, expose users “to greater security and privacy risks.”

It then goes on to insist that developers will be unnecessarily burdened by having to work on both as Apple will insist they offer it alongside the others, whereas by “closing the current gaps,” the OIDF argues, “Apple would be interoperable with widely-available OpenID Connect Relying Party software.”

So what seems to be the real problem here? The Apple system gets around having to pass your email to the third-party developer by creating a disposable one-off email address just for that purpose, assuming you choose to hide your real email address. By doing so, you also avoid the data aggregation problem that these sign-on platforms enable by seeing the various apps and services you use, which could build an accurate, and valuable, marketing profile. Opting out of emails can be done by deactivating individual service addresses, and Apple knows the apps you are using anyway so, assuming you trust it with that information, then the Sign in with Apple platform adds no new privacy concerns.

Why, then, is it being painted as such a security and privacy risk by the OIDF?

The answer comes mainly in the form of those “differences” mentioned earlier. These include failure to use the Proof Key for Code Exchange (PKCE) system that mitigates code injection and code replay attack threats. A document listing the differences was updated July 3 to acknowledge fixes that had been made since the open letter was sent.

That document can be found here and is worth reading as it also describes the specific attack and privacy problems that remain as a result of the protocol differences. These include Cross-Site Request Forgery (CSRF) attacks and potential leakage of the ID Token, which contains a set of personal data and Authorization Code, which could be used in the aforementioned code injection attack. According to this latest information, only the Apple documentation regarding the exchange of authorization codes has been fixed to date.

Sean Wright, an application security specialist, understands only too well how the problem with many open protocols is that at times organizations modify the protocol or standard just a little bit. “This causes potential compatibility issues when other organizations try to integrate,” Wright says, “so I can see why OpenID is so interested in trying to ensure that Apple sticks to the standard.” As for the security issues, these potentially stick their collective heads above the development parapet only because it will be a modification of a protocol and so open to newly introduced vulnerabilities.

A poll of information security professionals on Twitter revealed, that 60% thinking OIDF was right to call Apple out on these issues. The remaining 40% being evenly split between thinking OIDF was wrong, and it not mattering as both options improve security and privacy anyway.

“Any extra layer of security or privacy support added to accounts is a bonus in my book,” says Jake Moore, a security specialist at ESET, who continues, “but admittedly it appears this could still be even more secure by today’s standards.” Moore said that because Apple is dealing with millions of accounts, sadly this means if it were to make signing in too tricky for the average user, then there’s a risk that customers could be lost. “Albeit a bold move,” he concludes, “I like seeing accounts that force users to make their accounts more secure with strong password policies and Multi-Function Authentication as default.”

Neira Jones is a partner at the Global Cyber Alliance and an internationally renowned cyber risk and information security speaker. Jones tells that she thinks that while there will undoubtedly be teething problems, as with anything new, Sign in with Apple remains a good thing. “I do not doubt that Apple will address the security issues,” Jones says, “but whether Apple will fix the interoperability issues mentioned by OpenID remains to be seen as a number of factors are at play.” After all, Apple has traditionally been in the business of remaining a closed ecosystem, and Jones isn’t sure that will change any time soon.

Not that it’s impossible given that Facebook has announced the Libra cryptocurrency and in amongst the white paper documentation there’s a paragraph that states: “An additional goal of the association is to develop and promote an open identity standard. We believe that decentralized and portable digital identity is a prerequisite to financial inclusion and competition.”

With more than 3 billion users, Facebook is potentially hoping for a big play in the identity space, according to Jones. They may or may not succeed, but Facebook does have a trust issue. “Apple haven’t,” Jones concludes, “or certainly not to the extent of Facebook’s trust issues.”

Article Provided By: Forbes

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina


If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Monitoring, Access Control, Networking, LVT, Liquid Video Technologies, Greenville South Carolina, Election

Election Official Highlights Email Threat

US Election Security Official Highlights Email Threat

SANTA FE, N.M. (AP) — Beware the phishing attempts.

An election security official with the U.S. Department of Homeland Security on Tuesday warned top state election officials nationwide to safeguard against fraudulent emails targeting state and local election workers.

The emails appear as if they come from a legitimate source and contain links that, if clicked, can open up election data systems to manipulation or attacks.

Geoff Hale, director of the department’s Election Security Initiative, told a gathering of secretaries of state that the nation’s decentralized voting systems remain especially vulnerable to emails that can trick unsuspecting workers into providing access to elections databases.

“We know that phishing is how a significant number of state and local government networks become exploited,” Hale told scores of secretaries of state gathered in the New Mexico capital city. “Understanding your organization’s susceptibility to phishing is one of the biggest things you can do.”

Email phishing schemes haunted the electoral landscape in 2016. Hillary Clinton’s 2016 campaign chairman, John Podesta, fell for trick emails on his personal account, allowing Russians to steal thousands of messages about the inner workings of the campaign. Targeted phishing emails also allowed Russians to gain access to the Democratic Congressional Campaign Committee’s networks and eventually exploited that to gain entry to the Democratic National Committee.

In the run-up to the 2020 vote, Iowa Secretary of State Paul Pate, a Republican, is calling phishing the No. 1 concern when it comes to securing election-related computer systems in his state.

Iowa’s 100 county political subdivisions make the threat especially challenging. He said his fear is that phishing emails may target overlooked public employees who don’t have adequate training.

“If they get into the courthouse, they can then get into the county auditor, which is our elections folks — and that’s not a good thing,” Pate said.

Pate’s agency is fighting back with two-factor identification requirements for anyone accessing state voter systems, and mandatory annual cyber-security training sessions.

Phishing threats lay bare the difficulties of guarding election systems across large rural expanses. New Mexico Democratic Secretary of State Maggie Toulouse Oliver says new federal funding is needed to bolster cyber security in counties that are too small to hire information technology specialists. There are seven counties in the state with fewer than 5,000 residents; Harding County is home to about 700.

State election chiefs gathered in Santa Fe for the first time since the release of special counsel Robert Mueller’s report documenting Russian meddling in the 2016 election.

California’s Secretary of State Alex Padilla said he, too, is concerned about so-called soft cybersecurity threats, beyond voting equipment or software, such as predatory phishing for security weaknesses among election workers.

“You can read the Mueller report on what the most effective strategies were that the Russians engaged in, and most cyber experts will tell you that it’s still phishing attempts that are rampant,” he said.

Article Provided By: SFGate

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina


If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.


1 2 3 7