Android Spyware Poses Threats to Users of Facebook, Skype, WhatsApp, and Other Leading Social Media Apps

Google has detected a family of Android malware, known as Tizi, that is able to steal sensitive data from popular social media apps such as Facebook, LinkedIn, Skype, Telegram, Twitter, Viber, and WhatsApp.

In a blog post, Google security engineers described Tizi as a fully featured backdoor that installs spyware with some rooting capabilities. The blog noted that Tizi was used in a targeted attack against devices in certain African countries, specifically: Kenya, Nigeria, and Tanzania.

If the malware gains root in a device, it simplifies and strengthens the task of infiltrating apps. The backdoor malware contains various capabilities common to spyware, such as: recording calls from WhatsApp, Viber, and Skype; sending and receiving SMS messages; and accessing calendar events, call logs, contacts, photos, WiFi encryption keys, and a list of all installed apps.

In addition, Tizi apps can record ambient audio and take pictures without displaying the image on the device’s screen.

Most of the vulnerabilities target older chipsets, devices, and Android versions. Google reports that it has fixed all of the listed vulnerabilities.

However, if a Tizi app is unable to take control of a device because the vulnerabilities it tries to use are all patched, it will still attempt to perform some actions through the high level of permissions it asks the user to grant to it, mainly around reading and sending SMS messages, and monitoring, redirecting, and preventing outgoing phone calls.

What You Can Do

To reduce the chance of your device being affected by malware and other threats, Google recommend these basic steps:

Ensure Google Play Protect is enabled: Google Play Protect is on by default, but you can turn it off. Google recommends that you always keep Google Play Protect on.

Check permissions: Be cautious with apps that request unreasonable permissions. For example, a flashlight app shouldn’t need access to send SMS messages.

Enable a secure lock screen: Pick a PIN, pattern, or password that is easy for you to remember and hard for others to guess.

Update your device: Keep your device up-to-date with the latest security patches. As Tizi exploited older and publicly known security vulnerabilities, devices that have up-to-date security patches are less exposed to attacks from Tizi.

Locate your device: Practice finding your device, because you are far more likely to lose your device than install a potentially harmful application.

To ensure maximum safety for your Android device and everything on it, install antivirus software.

Posted From VIPRE

5 Simple Ways to Protect Yourself from Hackers

Equifax revealed a giant cybersecurity breach compromised the personal information of as many as 143 million Americans – almost half the country. Cybercriminals now have access to sensitive information, including names, social security numbers, birth dates, addresses, and the numbers of some driver’s licenses. Although it can be overwhelming, there are preventative steps you can take to prevent hackers from being successful at using this information to compromise your identity.

Here are five simple ways you can protect yourself from hackers:

  1. Cover Your Webcam

Hackers love to snoop on people’s webcams — so they can infect them with malware. Their favorite tool is a remote access Trojan that takes over your computer, steals files, records your conversations, and can even activate your webcam to spy on you.

The most effective way to cover your camera is to use painter’s tape. Designed to stick evenly and be removed easily without damaging the target surface, this tape can be bought at any hardware store or paint supplies store.

Covering your webcam is no substitute for keeping your computer patched and running strong antivirus software. The best approach: cover your camera and use antivirus software.

  1. Encrypt Your Hard Drive

If your hard drive is not protected by data encryption, a hacker can steal anything on it — including photos, financial documents, personal communications, and work data.

Data encryption is software that converts the information stored on your computer into code that is unreadable to hackers. Both major operating systems, Windows and Mac offer free, automatic encryption. Window’s version is BitLocker and Mac’s is FileVault.

  1. Use Password Management Software

This lets you store multiple passwords in encrypted form, so you don’t have to remember them. You can access all your passwords using one master password and are automatically logged in to your favorite sites.

  1. Protect Your Home Wi-Fi Network

Your system comes with a default username and password that’s the same for every unit. Change the settings immediately because they are favorite targets for hackers to access your wireless security system. Never fail to install the updates.

At the same time, buy a top-quality router. The same drill applies — change the default login and password before installing, and regularly update the firmware.

Secure your Wi-Fi network with unique login credentials that are difficult to guess. Use WPA2 network encryption and a firewall.

  1. Protect Your Identity

Here are some tips from USA.gov:

  • Secure your social security number (SSN). Don’t carry your social security card in your wallet or write your number on your checks.
  • Don’t respond to unsolicited requests for personal information (your name, birthdate, social security number, or bank account number) by phone, mail, or online.
  • Watch out for “shoulder surfers.” Shield your keypad when typing your passwords on computers and at ATMs.
  • Collect your mail promptly. Ask the post office to put your mail on hold when you are away from home for several days.
  • Pay attention to your billing cycles. If bills or financial statements are late, contact the sender.
  • Review your receipts, and compare them with account statements. Search for unauthorized transactions.
  • Shred receipts, credit offers, account statements, and expired cards, to prevent “dumpster divers” from getting your personal information.
  • Store personal information in a safe place at home and at work.
  • Install firewalls and virus-detection software on your home computer.
  • Create complex passwords that identity thieves cannot guess easily.
  • Order your credit report once a year and review it to see if it includes accounts that you did not open.

Posted From VIPRE Security News

 

Kaspersky Lab Used by Russia as a Tool to Spy on the U.S.

Software from Russian-based Kaspersky Lab has been used to steal sensitive and classified National Security Agency (NSA) data from an NSA contractor’s personal computer, according to the Wall Street Journal.

The 2015 hack apparently happened when the contractor took the data from the NSA and loaded it onto his computer, which contained Kaspersky antivirus software. Allegedly, the software enabled Russian hackers to see his files. The hack has not been disclosed by the government, noted the Wall Street Journal.

The Washington Post reported that the contractor, a U.S. citizen born in Vietnam, worked for the division of the NSA that creates tools to break into computers overseas for the purpose of gathering intelligence. The employee, who was sacked in 2015, probably did not take the materials for malicious purposes such as handing them to a foreign spy agency, The Washington Post noted.

A New York Times article details how Israeli intelligence officers looked on in real time as Russian government hackers searched computers for the code names of American intelligence programs.

Interestingly, neither the Wall Street Journal nor the Washington Post addressed the issue of why the employee took classified information home on his laptop.

Equally as interesting, the reports provide no information about how an NSA employee’s laptop could be hacked so easily, nor why it took a year for the hack to be disclosed. Plus, neither newspaper provided any evidence of Kaspersky Lab working directly for the Russian secret service.

In a statement, Kaspersky said:

“Kaspersky Lab has not been provided any evidence substantiating the company’s involvement in the alleged incident reported by the Wall Street Journal on October 5, 2017, and it is unfortunate that news coverage of unproven claims continue to perpetuate accusations about the company. 

“However, as the trustworthiness and integrity of our products are fundamental to our business, we are seriously concerned about the article’s implications that attackers may have exploited our software. We reiterate our willingness to work alongside U.S. authorities to address any concerns they may have about our products and respectfully request any relevant information that would enable the company to begin an investigation at the earliest opportunity. 

“As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight.”

Last month, the U.S. Government, Best Buy, and Office Depot suspended business with Kaspersky, as we reported in a blog.

The government issued a binding directive that federal civilian agencies identify Kaspersky software on their networks, and remove it after 90 days, unless otherwise directed.

The Department of Homeland Security (DHS) said it was “concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” DHS said in a statement.

Cross Posted from VIPRE

Report: Macs Vulnerable to Attack Through Firmware Weaknesses

Timely News as October is National Cyber Security Awareness Month (NCSAM)

A report from Duo Security details a potentially systemic issue that leaves Mac computers susceptible to highly targeted and stealthy attacks.

The report shows Mac users who have updated to the latest operating system or downloaded the most recent security update may not be as secure as they originally thought.

Duo Security’s analysis of more than 73,000 Macs across various industries found the Extensible Firmware Interface (EFI) in many models was not receiving security updates that users thought they were getting. This left users susceptible to previously disclosed vulnerabilities such as Thunderstrike 2 and the recent WikiLeaks Vault 7 data dumps that detail attacks against firmware.

Best Deal

Threats Are Lurking While You Trick or Treat!

Stay safe from cybercrime this Halloween with 35% off VIPRE!

Shop Now

While Apple devices were the focus of the study, experts at the company told The Washington Post that Windows-based machines are even more likely to be at risk, because of the range of manufacturers involved in building PCs.

In 2015, Apple began bundling its software and firmware updates in an effort to ensure users automatically obtain the most current firmware security. This allowed Duo Security to analyze the state of Apple’s EFI security by looking at Mac updates over the past three years.

Duo Security’s key findings are:

  • Users running a version of the Mac OS that is older than the latest major release (High Sierra) likely have EFI firmware that has not received the latest fixes for known EFI issues. This means those systems can be software-secure but firmware-
  • On average, 4.2% of Macs running an EFI firmware version that’s different from what they should be running.
  • At least 16 models have never received any EFI firmware updates. The 21.5” iMac, released in late 2015, has the highest occurrence of incorrect EFI firmware with 43% of sampled systems running incorrect versions.
  • 47 models capable of running 10.12, 10.11, 10.10 did not have an EFI firmware patch addressing the vulnerability, Thunderstrike. 31 models did not have an EFI firmware patch addressing the remote version of the vulnerability, Thunderstrike 2.
  • Two recent security updates issued by Apple (Security Update 2017-001 for 10.10 and 10.11) contained the wrong firmware with the update. This would indicate regression or a lag in quality assurance.

The National Cyber Security Awareness Month (NCSAM) was created in 2003 by the U.S. Department of Homeland Security and National Cyber Security Alliance to ensure everyone has the resources they need to stay safe and secure online. The goal of NCSAM is to increase the awareness of the ever-evolving cyber security landscape and bring attention to different measures people can take to keep their information protected.

Re posted from VIPRE

U.S. Government Bans Use of Kaspersky Security Software in Federal Agencies

The U.S. Government, Best Buy, and Office Depot All Suspend Business with the Software Giant

Kaspersky could lose all its federal contracts within a few months, after the U.S. government issued a stern directive concerning the company’s possible involvement in state-sponsored cyber espionage.

Last week the government issued a binding directive that federal civilian agencies identify Kaspersky software on their networks, and remove it after 90 days, unless otherwise directed.

The Department of Homeland Security (DHS) “is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” DHS said in a statement. “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”

The directive comes months after the federal General Services Administration, the agency in charge of government purchasing, removed Kaspersky from its list of approved vendors.

In a recent blog, we noted that the U.S. government was concerned about Kaspersky’s possible ties to Russia’s spying apparatus and the possible spying activities of Kaspersky employees in the United States.

Kaspersky entered the media spotlight earlier this year following the Justice Department’s investigation into whether the Russian government colluded with President Donald Trump’s 2016 campaign.

Last week, Kaspersky said in a statement that it “doesn’t have inappropriate ties with any government, which is why no credible evidence has been presented publicly by anyone or any organization to back up the false allegations made against the company.”

Save 25%

Switch from Kaspersky

Now that Kaspersky software is no longer being sold by Best Buy and is likely to be banned by the Federal Government, this is the perfect time to stop using your Kaspersky product – and switch to VIPRE Business Advanced Security and save 25%.

Learn More

It also said that the Russian law requiring assistance does not apply to the company.

“Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts, and it’s disconcerting that a private company can be considered guilty until proven innocent, due to geopolitical issues,” Kaspersky said. “The company looks forward to working with DHS, as Kaspersky Lab ardently believes a deeper examination of the company will substantiate that these allegations are without merit.”

The department gave Kaspersky 90 days to prove its products are not a security risk or to mitigate the concerns.

“We’ve determined that [Kaspersky software] poses an unacceptable amount of risk based on our assessment,” Christopher Krebs, a senior DHS official told the Washington Post. “If they want to provide additional information or mitigation strategies, our door is open.”

The bad news for the company has rolled over into the commercial space, with retailer Best Buy suspending sales of Kaspersky software, noted an article in thehill.com.

Kaspersky confirmed it had parted ways with Best Buy in a statement emailed to thehill.com.

“Kaspersky Lab and Best Buy have suspended their relationship at this time; however, the relationship may be re-evaluated in the future,” the software firm said. “Kaspersky Lab has enjoyed an almost decade-long partnership with Best Buy and its customer base, and the company will continue to offer its industry-leading cybersecurity solutions to consumers through its website and other retailers.”

Looking to remove Kaspersky from your device? Follow our 7 easy steps to uninstall Kaspersky Software here.

Posted by ORIGINALLY by VIPRE

The Better Business Bureau is warning businesses about bogus emails

The Better Business Bureau is warning businesses about bogus emails claiming to be from the BBB.

The Bureau says these emails are not coming from the BBB and are part of a widespread phishing attack.

The BBB says they’ve received hundreds of inquires about the bogus emails.

The email claims the business is in violation of either the Safety and Health Act, the Fair Labor Standards Act or has a BBB complaint.

The link asks you to download a document for more information, but the BBB says to not click on it, as it may download malware onto your computer.

The BBB says to follow these steps if you get the email:

1. Do NOT click on any links or attachments.
2. Read the email carefully for signs that it may be fake (for example, misspellings, grammar, generic greetings such as “Dear member” instead of a name, BBB internal department names that do not seem familiar, etc.).
3. Be wary of any urgent instructions to take specified action such as “Click on the link or your account will be closed.”
4. Hover your mouse over links without clicking to see if the address is truly from bbb.org. The URL in the text should match the URL that your mouse detects. If the two do not match, it is most likely a scam.
5. Send a copy of the email to phishing@council.bbb.org (Note: This address is only for scams that use the BBB name or logo)
6. Delete the email from your computer completely (be sure to empty your “trash can” or “recycling bin,” as well).
7. Run anti-virus software updates frequently and do a full system scan.
8. Keep a close eye on your bank statements for any unexpected or unexplained transactions.

What is Phishing?

Phishing is often a sophisticated email attempt to trick the recipient into first opening a fraudulent message and then revealing personal and financial information.

A phishing email usually arrives disguised as an email from a legitimate company or known person. Of course, the email is from one of the bad guys.

The bogus email might seek a payment and direct the user to a replica of a banking website, for example, or to a phony payment center of a utility company.

Phishing email also may be crafted strictly to lure a user to a malicious website, where malware would be installed through the user’s browser via an undetected download. The victim could then be monitored by a criminal enterprise in search of sensitive data.

Charity donations, online banking problems, or IRS inquiries are common themes in phishing scams.

Some Internet browsers have phishing and malware detection in their default settings, but not all. Don’t reply to or click links within texts, emails, or pop-up messages requesting personal information.

Some tips to help protect against phishing emails:

  • Do not respond to any unsolicited e-mails of this nature.
  • Do not click on any attachments associated with such emails, as they may contain viruses or malware.
  • If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email.
  • If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address. In any case, don’t cut and paste the link in the message.
  • Don’t email personal or financial information. Email is not a secure method of transmitting personal information.
  • If you initiate a transaction and want to provide your personal or financial information through an organization’s Web site, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”).
  • Use anti-virus software such as VIPRE and keep your computer security up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files.
Support