fbpx
Security, Video Surveillance, Surveillance, Computer Networking, Access Control, Monitoring, LVT, Liquid Video Technologies, Greenville South Carolina

Security Lapse Exposed Honda’s Network

An exposed database at automotive giant Honda allowed anyone to see which systems on its network were vulnerable to unpatched security flaws, potentially giving hackers insider knowledge of the company’s weak points.

The server contained 134 million rows of employee systems data from the company’s endpoint security service, containing technical details of each computer and device connected to the internal network.

There was no password on the database, allowing anyone to access and read the data.

The data included which operating system a user was running, its unique network identifiers and IP address, the status of the endpoint protection and which patches were installed. That could allow an attacker to figure out which systems are at risk of certain vulnerabilities, or tailor attacks toward machines of interest using exploits known to target vulnerable devices. (We’re not naming the endpoint provider as it could prove useful for an attacker.)

In some cases the database would reveal the endpoint security status — including if a device was unprotected.

Security researcher Justin Paine found the exposed database earlier this month. The database was shut down hours after he made contact with the company.

“I thought this was likely to be just a single Honda dealership,” Paine said. “The odds of that seemed far more likely than a database containing information related to all of Honda’s global network of employee machines.”

The database contained records on multiple Honda offices around the world, including Mexico, the U.K. and the U.S., said Paine.

He also found the chief executive’s computer in the logs, including which operating system he uses, the patches installed and more. The records also included his email address and the last time he logged on.

“What makes this data particularly dangerous in the hands of an attacker is that it shows you exactly where the soft spots are,” said Paine. “This data contained enough identifiable information to make it extremely simple to locate specific high-value employees, and in the hands of an attacker this leaked data could be used to silently monitor for ways to launch very targeted attacks on those executives,” he said.

Honda spokesperson Marcos Frommer told TechCrunch: “The security of our data is critical to us, and we are continually reviewing our processes to ensure that our data is protected. We have investigated this specific issue and have taken steps to address the matter.”

“We will take appropriate actions in accordance with relevant laws and regulations, and will continue to work on proactive security measures to prevent similar incidents in the future,” said the spokesperson.

It’s the latest find by Paine in recent months. Earlier this year he found a huge database of call logs and SMS messages exposed on the internet, and also the viewing habits of a library and university streaming service.

Article Provided By: techcrunch

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Video Surveillance, Surveillance, Monitoring, Access Control, Computer Networking, LVT, Liquid Video Technologies, Greenville South Carolina

Florida Prepares for Election Security

Local elections offices in Florida received funds on July 8 to be used for 2020 election security improvements, according to a news report.

The report says the awards vary from about $450 to more than $500,000 and that the funds distributed at the beginning of July included:

  • $46,096 to Lake County
  • $12,140 to Marion County
  • $16,741 to Sumter County

Marion County’s Supervisor of Elections Wesley Wilcox says, “We are the largest swing state in the U.S. That is a huge prize. I really feel the 2020 general election in November will be the biggest turnout election that we’ve ever had. We have more people than ever before, but I think interest is also going to be at an all-time high.” In 2018, Lake County received about $242,000, Marion County received $268,000 and Sumter County received $119,000 to go toward election security.

Susan Greenhalgh, programs vice president at National Election Defense Coalition, says problems in election security are difficult because of the combination of computer use and anonymity of the voting process. “We have a secret ballot,” Greenhalgh said, “which is very, very important to the integrity of our elections, but it also creates a security issue. If machinery is somehow corrupted, you won’t know because there’s no way to go back and check like with other transactions. If you go to a bank, you get a receipt. That’s not how voting works.” Greenhalgh adds that if votes were taken by raising a hand, it would be easy to verify how many votes were cast for each option, and problems could be fixed if someone saw their vote was missed in a count.

Aubrey Jewett, a political science professor at the University of Central Florida,  says people focus on computer hacking as the primary source of misrepresentation in elections, but that paper ballots are no less susceptible to mistakes, notes the report.

“Sometimes baskets of ballots appear,” he said. “Sometimes things get misplaced. The potential for old-fashioned election tampering – in the sense of paper ballots – is there.” Jewett says two keys to preventing security breaches in elections are in recognizing that security needs to be maintained “from the very start of the process to the very end” and that security efforts continue to get funding, says the report. Jewett says computer hacking is one of the larger security threats facing U.S. elections. “As anyone who has dealt with computers and software knows, viruses and security threats evolve over time,” he said. “You have to be constantly vigilant to stay on top of those threats and to make sure you’re not vulnerable.”

Jewett says Florida has some systems in place to stop obvious stealing. “It doesn’t mean we can rest on our laurels by any means ’cause hackers are always hacking,” he added. “Even though the tabulating machines are not connected to the internet, there’s the worry that people can hack in and change the vote totals at the (Supervisor of Elections) Office.”

The report notes election hacks could include people filling in absentee ballots for dead family members or registering to vote in two states, which is a huge issue for Florida due to the large population of voters who live in other states, says the report.

Article Provided By: Security Magazine

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Monitoring, Access Control, Video Surveillance, Surveillance, LVT, Liquid Video Technologies, Greenville South Carolina

Facebook Messenger Kids Security Flaw

But this protection somehow wasn’t in place for group chats, The Verge discovered, meaning children were able to communicate with users who hadn’t been parent-approved.

Facebook said on Monday, July 22 that it has been sending out “thousands” of alerts to parents over the past week, explaining that it’s aware of the security flaw and has closed down affected group chats.

“We recently notified some parents of Messenger Kids account users about a technical error that we detected affecting a small number of group chats,” a Facebook spokesperson told Digital Trends. “We turned off the affected chats and provided parents with additional resources on Messenger Kids and online safety.”

Messenger Kids only lets children select from approved users for one-to-one chats. They can also enter a chat group that has been started by an approved user. But until Facebook spotted the bug last week, that chat group could contain other individuals approved by the parent of the person that started the chat group, though not approved by the parent of the child entering that group.

In such cases, children could have been talking to someone in a chat group whom the parent knew nothing about. While everyone in the group should have been approved by someone, the flaw is likely to concern many parents as the app’s security was not as tight as Facebook had claimed.

The social networking giant is yet to offer more detailed information on the incident, including how long the issue was present in the app.

The unsettling revelation comes in the same week that the U.S. Federal Trade Commission is expected to announce a colossal $5 billion settlement with Facebook over its handling of data belonging to 87 million users caught up in the Cambridge Analytica privacy scandal. Whether there will be any fallout in response to this latest slip-up remains to be seen.

Article Provided By: Digital Trends

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Surveillance, Monitoring, Video Surveillance, Access Control, Security Systems, LVT, Liquid Video Technologies, Greenville South Carolina

British Airways Suspends Flights to Cairo

British Airways canceled all flights to Cairo for 7 days for security reasons.

“We constantly review our security arrangements at all our airports around the world, and have suspended flights to Cairo for seven days as a precaution to allow for further assessment,” the airline said in a statement.

“The safety and security of our customers and crew is always our priority, and we would never operate an aircraft unless it was safe to do so.”

The UK Foreign and Commonwealth Office (FCO) updated its advice to travelers on July 19, saying “Terrorists are very likely to try to carry out attacks in Egypt. Although most attacks occur in North Sinai, there is a risk of terrorist attacks across the country. Attacks could be indiscriminate, affecting Egyptian security forces, religious sites, large public gatherings and places visited by foreigners. There is a heightened threat of terrorist attacks in or around religious sites and during religious festivals, such as the month of Ramadan and the Christmas period (including Coptic Christmas), when terrorist groups have sometimes called for attacks. Terrorist attacks have occurred over local holiday weekends. Terrorists have attacked tourists in Egypt in the past. There is a heightened threat of terrorist attacks targeting Coptic Christians from extremists linked to Daesh-Sinai in Egypt.”

The US State Department has issued several travel advisories this year warning Americans to exercise increased caution in Egypt because of terrorism concerns.

Article Provided By: Security Magazine

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Monitoring, Surveillance, Computer Networking, Access Control, LVT, Liquid Video Technologies, Greenville South Carolina

Do Smartphones Impact Your Cybersecurity?

Remote working is slowly becoming a trend to watch for, and companies all around the world are mostly willing to accommodate. Studies suggest that companies spend as much as $350 per employee every month to provide company-issued smartphones and laptops, which is not that negligible of a number. Regardless of that, only 11 percent have taken more than a single measure to keep their mobile networks safe from a potential data breach.

Cybercrime Is on the Rise

Speaking of recent studies, one of them found that the widespread usage of company smartphones caused several corporate data breaches. And the financial consequences can be downright mind-numbing. In fact, they reached a total of $7.8 million in the last year alone. Taking a look at the statistics presented by ONS doesn’t make things any more reassuring either. Did you know there were more than 1.7 million incidents of cybercrime between April 2017 and March 2018?

The 3 Phases of Cyber-Security

So it goes without saying that companies should invest more resources and effort into reinforcing their cyber-security. This starts with picking the right software. According to the industry experts, cyber-security should be approached in a linear order, and these are the 3 phases of it:

  1. Detection
  2. Prevention
  3. Containment

With that being said, an ounce of prevention is worth a pound of cure, so patching up any holes remains an important part of the overall strategy. Keeping your internal network malware-free today will save you a ton of problems tomorrow.

A Company-Wide Policy Will Get You Far

There is something the companies can do that is beyond the technical cyber-security measures. Namely, coming up with a company-wide mobile threat defense policy. Observing the landscape reveals that numerous companies are starting to recognize the importance of investing money into educating their employees. By undergoing rigorous training, they are able to recognize the most prevalent cyber-security threats and suspicious-looking emails.

Another important aspect of keeping the company tech safe is using a unique password on every account. It’s also important to change them periodically.

What Are the Top 3 Cyber-Security Risks to Be Aware Of?

Knowing the risks is half the battle. Otherwise, how are you going to fight it if you can’t pinpoint the threat you’re up against?

1. Phishing attempts

Phishing is a clever trick designed by hackers to trick you into handing over your sensitive personal details. Often, they are able to accomplish this by passing themselves as a form of authority and pressuring you into handing over your login credentials. They don’t ask for them directly; rather, they try to divert you to a fake login page that serves no other purpose than to steal information from unsuspecting victims.

If sensitive company details fall into the wrong hands, all hell breaks loose. And let’s not even get started on regulatory fines, the loss of trust, etc. Unfortunately, phishing attacks seem to be increasing in frequency, so taking extra care certainly won’t hurt. Bear in mind that these are not limited to email either; text message based phishing is another threat the companies need to be aware of.

2. Being too liberal with syncing company data with personal devices

You can take all the steps in the world to protect your company data. But what good does it do if it finds its way to a personal device with subpar protection against external attacks? On a similar note, using company devices for personal matters poses risks as well.

In normal circumstances, a personal device would get infected with malware in case the user lands on a malicious website. But as much of an impenetrable fortress your company devices may be, there is always something that can weaken their defenses.

3. Not taking enough time when choosing a VPN

VPN is one of the primary ways employees use to access a company network while they’re not physically present in the office. That’s because a VPN allows you to establish a secure connection regardless of your current location.

However, doing your research is a crucial part of the process when choosing a business VPN, as not all of them are equally good. Some free providers, for example, monetize their product in unethical ways, which involve selling your bandwidth, redirecting your browser and installing malware behind your back. Moreover, don’t forget that a VPN will only protect you from certain cyberthreats, so exercising common sense is still needed.

Article Provided By: Security Magazine

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Video Surveillance, Surveillance, Security, Monitoring, Access Control, LVT, Liquid Video Technologies, Greenville South Carolina

Can Video Surveillance Eliminate Doubt?

Ecommerce retailers face many challenges as consumers become more dependent on the convenience of online purchasing. Beyond the mere logistical challenge of effectively managing an e-commerce transaction, retailers are also challenged with the increased number of package theft which hits their bottom-line. Current home security solutions are missing that delicate dance between effective solutions and convenience.

Video surveillance and smart home technology are two of the most common forms of security that homeowners rely on to reduce theft, but are they doing enough? Or, do these solutions provide a false-sense of security to homeowners? In order to understand theft and security better, we must first take a look at the most common forms of home security – specifically, video surveillance.

In the public domain, there is empirical evidence that CCTV surveillance systems are effective in reducing the instances of theft where cameras are placed. However, there is debate over the impact these systems have at reducing overall theft. Simply put, criminals continue to commit unlawful acts, just outside of the camera view. When it comes to home surveillance, the proliferation of easy-to-install, DIY cameras and surveillance systems would suggest that they are effective in deterring theft. However, if this is the case, then why do we still lock our doors and windows when we leave our homes? Maybe it has something to do with the nuances in video surveillance – sometimes appearing active, while mostly acting as passive security. For the average homeowner, home surveillance solutions, methods and technologies fall into the category of passive security.

Most of us know that the term “security” is fairly broad, with surveillance being no exception. Video surveillance cameras consistently fall into the category of security, yet they are disproportionate to what security actually means – which is freedom from danger, risk and fear. Video surveillance presents a sense of security, but passive functionality means that crimes can and still do occur in plain view of cameras. This is not a claim that home surveillance is not effective, but rather a reinforcement that we need collective measurements of active security in order to take us closer to the freedom and peace of mind we all desire.

It is unrealistic to assume that everyone who is worried about their security has the means to afford or equip their homes with traditional notions of active security, such as privately contracted security guards. However, there are other active security measures individuals can take to experience peace of mind in the home. Active security expands far beyond the scope of security guards. Active security is discriminant. It allows approved activity based on user, time, and even frequency. This form of security is a closed loop system that is “actively” providing real-time feedback and alerts for an intrusion. With that being said, there are cases to be made for an active form of video surveillance. This is because it can perform active security so long as it has a process for monitoring. However, if there is no dedicated person assigned to actively watch the surveillance, then the monitoring is rendered useless.

As traditional video surveillance appears to be quite limited, it requires a more intelligent approach. As myriad of video surveillance systems storm the market, it should be expected that traditional video surveillance adapts in order to become a more active means of security. When done correctly, active video surveillance utilizes technological advancements in motion detection, real-time alerts, IoT technology and remote-control access. This enables users to constantly interact with their video surveillance, while simultaneously giving them autonomy to go about their day without having to constantly monitor a screen. Video surveillance has the opportunity to do more than just store videos and images of theft. When coupled with complementary systems, video surveillance can be a form of active security, and eliminate doubt at doorsteps across the globe.

Article Provided By: Security Magazine

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security- Access Control, Surveillance, Monitoring, Computer Networking, LVT, Liquid Video Technologies, Greenville South Carolina

7-Eleven’s Mobile Payment App Shut Down

7-Eleven’s mobile payment app shut down after hackers nab $500K from customers

But just days after the system went live at the beginning of last week, a number of customers started complaining that they were being charged for items they hadn’t bought.

The company has now suspended use of its mobile payment service while it investigates 7Pay’s security procedures, or lack thereof. In a statement released at the end of last week, 7-Eleven admitted that hackers had accessed the app and made bogus transactions affecting 900 customers to the tune of $506,000.

On Saturday, July 6, the Japan Times reported the arrest of two Chinese men who may be connected to the hack, with one of them suspected of attempted fraud after paying 730,000 yen (about $6,750) to purchase nearly 150 cartons of e-cigarette cartridges from a 7-Eleven store in Tokyo, allegedly using stolen IDs.

7Pay working using a bar code that appeared on the customer’s smartphone, with a cashier scanning it to charge the cost of the items to the customer’s linked debit or credit card.

But a report by ZDNet said the app was so poorly designed that it allowed anyone with knowledge of a customer’s email address, date of birth, and phone number to take over an account.

The hacker did this by using the data to reset an account’s password, with the reset link able to be sent to the hacker’s email address instead of the account owner’s. The hacker could then take control of the account.

The suggestion is that hackers automated the attack using information gathered in previous online security breaches targeting Japanese databases.

The alarming ease with which hackers were able to exploit 7Pay prompted the Japanese government to get involved, with the Ministry of Economy, Trade, and Industry accusing 7-Eleven of failing to properly adhere to guidelines preventing such unauthorized access. The company, which operates more than 20,000 stores in Japan, has apologized for the mishap and promised to fully reimburse those affected.

The 7Pay incident brings to mind another mobile payment breach several years ago when the now-defunct CurrentC system was targeted by hackers during its testing phase. Whether 7Pay will be resurrected with much-improved security or ends up going the same way as CurrentC remains to be seen.

Article Provided By: Digital Trends

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Surveillance, Security, Monitoring, Automation, Access Control, LVT, Liquid Video Technologies, Greenville South Carolina

Chinese Secretly Installing Spyware App

China’s Border Guards Secretly Installing Spyware App on Tourists’ Phones

Chinese authorities are secretly installing surveillance apps on smartphones of foreigners at border crossings in the Xinjiang region who are entering from neighboring Kyrgyzstan, an international investigation revealed.

Xinjiang (XUAR) is an autonomous territory and home to many Muslim ethnic minority groups where China is known to be conducting massive surveillance operations, especially on the activities of Uighurs, a Muslim Turkic minority group of about 8 million people.

The Chinese government has blamed the Muslim Turkic minority group for Islamic extremism and deadly attacks on Chinese targets.

According to a joint investigation by New York Times, the Guardian, Süddeutsche Zeitung and more, the surveillance app has been designed to instantly extract emails, texts, calendar entries, call records, contacts and insecurely uploads them to a local server set-up at the check-point only.

This suggests that the spyware app has not been designed to continuously and remotely track people while in China. In fact, in the majority of cases, the report says the surveillance app is uninstalled before the phone is returned to its owner.

The spyware, called Feng Cai (蜂采) or BXAQ, also scans infected Android devices for over 73,000 pre-defined files related to Islamic extremist groups, including ISIS recruitment fliers, bomb-making instructions, and images of executions.

Surveillance, Monitoring, Security, Access Control, Automation, LVT, Liquid Video Technologies, Greenville South Carolina

Besides this, it also looks for segments from the Quran, portions of an Arabic dictionary and information on the Dalai Lama, and for some bizarre reason, the list also includes a song from a Japanese grindcore band called Unholy Grace.

The app can directly be installed on Android phones, but for tourists, journalists, and other foreigners, using Apple devices, the border guards reportedly connect their phones to a hardware-based device that is believed to install similar spyware.

According to researchers at German cybersecurity firm Cure53, who analyzed [PDF] a sample of the surveillance app, the names that appear in Feng Cai app’s source code suggest that the app was developed by a unit of FiberHome, a Chinese telecom manufacturer that is partly owned by the government.

“The app is very simple in terms of its user interface, with just three available functions: Scan, Upload, and Uninstall,” the researchers said.

However, it remains unclear how long the collected information on travelers is stored on the Chinese server, or how the government uses it.

“The Chinese government, both in law and practice, often conflates peaceful religious activities with terrorism,” Maya Wang, a Chinese researcher at Human Rights Watch, told NY Times. “You can see in Xinjiang, privacy is a gateway right: Once you lose your right to privacy, you’re going to be afraid of practicing your religion, speaking what’s on your mind or even thinking your thoughts.”

It’s not the first time when Chinese authorities have been caught using spyware to keep tabs on people in the Xinjiang region, as this kind of intensive surveillance is very common in that region. However, it’s the first time when tourists are believed to have been the primary target.

In 2017, Chinese authorities had forced Xinjiang residents as well into installing a similar spyware app, called Jingwang, on their mobile devices that was intended to prevent them from accessing terrorist information.

Article Provided By: The Hacker News

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Monitoring, Surveillance, Access Control, Networking, LVT, Liquid Video Technologies, Greenville South Carolina

Microsoft Adds an Extra Security Layer

Microsoft Adds an Extra Security Layer to its OneDrive Storage Service

Microsoft  today announced OneDrive Personal Vault, a new security layer on top of its OneDrive online file storage service that adds additional security features to keep your files save. The security features ensure that the only way to access these files is with a strong authentication method or two-step verification, which can include a fingerprint or face recognition with a Window Hello-compatible device, PIN code or a one-time code sent by email or SMS (which isn’t necessarily the most secure method, of course), or by using Microsoft Authenticator.

Security, Surveillance, Monitoring, Computer Networking, Networking, Liquid Video Technologies, Greenville South CarolinaIn addition, Microsoft is also doubling the storage plan for its $1.99/month standalone OneDrive subscription from 50GB to 100GB. If you’re on a free plan, you’ll be able to try Personal Vault, too, but Microsoft will limit the number of files you can store in it.

The new Personal Vault will be available to OneDrive users on the web, on Windows 10 and through Microsoft’s mobile apps. It’ll roll out to users in Australia, New Zealand and Canada soon and become available to all OneDrive users by the end of the year.

By default, all OneDrive files are already encrypted at rest and in transit. Personal Vault essentially adds another layer of optional security features on top of this. In that OneDrive app, this is represented by a special Personal Vault folder that you can then use to save your most important files — or those with the largest amount of sensitive information (think financial records etc.).

On Windows 10 PCs, Personal Vault also sets up a Bitlocker-encrypted area on your local hard drive to sync your Personal Vault files.

Article Provided By: techcrunch

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

Security, Monitoring, Computer Networking, Access Control, Networking, Liquid Video Technologies, Greenville South Carolina, File Sharing

Increase in Abuse of File Sharing Services

Security researchers are warning of a “dramatic” increase in the exploitation of legitimate file sharing services to deliver malware in email-based attacks, especially OneDrive.

FireEye claimed in its latest Email Threat Report for Q1 2019 that services including WeTransfer, Dropbox, Google Drive and OneDrive are increasingly being used to host malicious and phishing files.

However, while Dropbox was most commonly used of all the services, OneDrive is catching up fast. From hardly being used in any attacks in Q4 2018, it shot up by over 60% in the intervening months.

Hackers are using such services as they bypass the initial domain reputation checks made by security tools.

Detection filters are also challenged by the use of “nested emails.” With this tactic, a first email contains a second email as attachment, which in turn contains the malicious content or URL.

FireEye also warned of a 17% increase in total phishing emails spotted over the previous quarter, with the most-spoofed brands including Microsoft, followed by OneDrive, Apple, PayPal and Amazon.

Hackers are increasingly using HTTPS in phishing attacks featuring URLs in a bid to trick users into clicking. FireEye observed a 26% quarter-on-quarter increase in the tactic, which exploits the consumer perception that HTTPS is inherently secure.

In fact, the FBI was recently forced to issue an alert warning that HTTPS and padlock icons in the address bar are not enough to prove the authenticity of sites.

It said that users should resist clicking on links in unsolicited emails, it added.

Finally, FireEye warned that cyber-criminals are expanding their repertoire when it comes to BEC attacks.

In one version they target the payroll department with requests to change the bank details of senior executives with the hope of diverting their salary. In another, they focus on accounts payable but pretend to be trusted suppliers who are owed money, instead of the CEO/CFO.

Article Provided By: infosecurity

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

 

If you would like liquidvideotechnologies.com to discuss developing your Home SecuritySystem, Networking, Access ControlFire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.

1 2 3 5