Author: admin

The hacking subsidiary of the Iranian Islamic Revolutionary Guard Corps (RGC) has targeted satellite, communications, oil and gas and government sectors in the US and UAE

KPMG research finds money laundering accounted for the majority of fraud cases heard in the first half of 2024

ESET uncovers a South Korean cyber-espionage campaign featuring a zero-day exploit for WPS Office

Das unternehmerische Risikomanagement gleicht dem Steuern eines Schiffes. Es gilt, viele Variablen, die zudem von Schiff zu Schiff unterschiedlich sein können, zu beachten. IT- und Sicherheitsteams müssen sich zwar nicht um nautische Herausforderungen kümmern, aber ähnlich wie Kapitäne müssen sie Risiken auf eine für ihr Unternehmen angemessene Weise bewerten und managen. Ähnlich wie ein Schiff […]

Matthew Green wrote a really good blog post on what Telegram’s encryption is and is not.

A safer internet isn’t a nice thing to have. It’s a necessity because we rely on it so heavily. And there’s plenty we can do to make it happen. 

A safer internet might seem like it’s a bit out of our hands as individuals. The truth is that each of us plays a major role in making it so. As members, contributors, and participants who hop on the internet daily, our actions can make the internet a safer place. 

So, specifically, what can we do? Take a few moments to ponder the questions that follow. Using them can help frame your thinking about internet safety and how you can make yourself, and others, safer. 

1. How am I keeping my devices safe? 
2. How am I keeping myself and my family safe? 
3. How am I treating other people online? 

How am I keeping my devices safe?  

Device safety is relatively straightforward provided you take the steps to ensure it. You can protect your things with comprehensive online protection like our McAfee+ plans, you can update your devices and apps, and you can use strong, unique passwords with the help of a password manager. 

Put another way, internet safety is another way to keep your house in shape. Just as you mow your lawn, swap out the batteries in your smoke alarm, or change the filters in your heating system, much goes the same for the way you should look after computers, tablets, phones, and connected devices in your home. They need your regular care and maintenance as well. Again, good security software can handle so much of this automatically or with relatively easy effort on your part. 

If you’re wondering where to start with looking after the security of your devices, check out our article on how to become an IT pro in your home. It makes the process easy by breaking down the basics into steps that build your confidence along the way. 

How am I keeping myself and my family safe?  

This includes all kinds of topics. The range covers identity theft, protecting your personal info, privacy, cyberbullying, screen time, when to get a smartphone for your child, and learning how to spot scams online. Just to name a few. And if you visit our blogs from time to time, you see that we cover those and other topics in detail. It offers a solid resource any time you have questions. 

Certainly, you have tools that can give you a big hand with those concerns. That includes virtual private networks (VPNs) that encrypt your personal info, built-in browser advisors that help you search and surf safely, plus scam protection that lets you know when sketchy links pop up in emails and messages. 

However, internet safety goes beyond devices. It’s a mindset.  As with driving a car, so much of our online safety relies on our behaviors and good judgment. For example, one piece of research found that ninety-one percent of all cyberattacks start with phishing emails.ⁱ  

As Tomas Holt, professor of criminal justice at Michigan State University, states, “An individual’s characteristics are critical in studying how cybercrime perseveres, particularly the person’s impulsiveness and the activities that they engage in while online that have the greatest impact on their risk.”  

Put another way, scammers bank on an itchy clicker-finger — where a quick click opens the door for an attack. Educating your family about the risks out there, such as phishing attacks and sketchy links that crop up in search goes a long way to keep everyone out of trouble. In combination with online protection software like ours covers the rest of the way. 

How am I treating other people online?  

A big part of a safer internet is us. Specifically, how we treat each other — and how we project ourselves to friends, family, and the wider internet. With so much of our communication happening online through the written word or posted pictures, all of it creates a climate around each of us. It can take on an uplifting air or mire you in a cloud of negativity. What’s more, it’s largely out there for all to see. Especially on social media. 

Take time to pause and reflect on your climate. A good place to start is with basic etiquette. Verywell Family put together an article on internet etiquette for kids, yet when you give it a close read, you’ll see that it provides good advice for everyone.ⁱⁱ  

In summary, their advice focuses on five key points: 

1. Treat others how you want to be treated — this is the “Golden Rule,” which applies online just as it does in every other aspect of our lives. 
2. Keep messages and posts positive and truthful — steering clear of rudeness, hurtful sarcasm, and rumor-mongering is the way to go here. 
3. Double-check messages before hitting send — ask yourself if what you’ve written can be misinterpreted, especially when people can’t see your facial expression or hear your tone of voice.
4. Don’t violate a friend’s confidence — think about that picture or post … will it embarrass someone you know or share something not meant to be shared? 
5. Avoid digital drama — learn when to respectfully exit a conversation that’s getting mean, rude, or otherwise hurtful. 

Of course, the flip side to all of this is what to do when someone targets you with their bad behavior. Such as when an online troll who hurls hurtful or malicious comments your way. That’s a topic in itself. Check out our article on internet trolls and how to handle them. Once again, the advice there is great for everyone in the family. 

Being safer … take it in steps

We’ve shared quite a bit of info in this article and loaded it up with plenty of helpful links too. Don’t feel like you have to take care of everything in one sitting. See what you have in place and make notes about where you’d like to make improvements. Then, start working down the list. A few minutes each week dedicated to your security can greatly increase your security, safety, and savvy. 

[i] https://www.darkreading.com/endpoint/91–of-cyberattacks-start-with-a-phishing-email/d/d-id/1327704

[ii] https://www.verywellfamily.com/things-to-teach-your-kids-about-digital-etiquette-460548

The post Internet Safety Begins with All of Us appeared first on McAfee Blog.

Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. A bit of digging reveals the missives were sent by a California political consulting firm as part of a well-meaning but potentially counterproductive get-out-the-vote effort that had all the hallmarks of a phishing campaign.

On Aug. 27, the local Channel 4 affiliate WDIV in Detroit warned about a new SMS message wave that they said could prevent registered voters from casting their ballot. The story didn’t explain how or why the scam could block eligible voters from casting ballots, but it did show one of the related text messages, which linked to the site all-vote.com.

“We have you in our records as not registered to vote,” the unbidden SMS advised. “Check your registration status & register in 2 minutes.”

Similar warnings came from an ABC station in Arizona, and from an NBC affiliate in Pennsylvania, where election officials just issued an alert to be on the lookout for scam messages coming from all-vote.com. Some people interviewed who received the messages said they figured it was a scam because they knew for a fact they were registered to vote in their state. WDIV even interviewed a seventh-grader from Canada who said he also got the SMS saying he wasn’t registered to vote.

Someone trying to determine whether all-vote.com was legitimate might visit the main URL first (as opposed to just clicking the link in the SMS) to find out more about the organization. But visiting all-vote.com directly presents one with a login page to an online service called bl.ink. DomainTools.com finds all-vote.com was registered on July 10, 2024. Red flag #1.

Another version of this SMS campaign told recipients to check their voter status at a site called votewin.org, which DomainTools says was registered July 9, 2024. There is little information about who runs votewin.org on its website, and the contact page leads to generic contact form. Red Flag #2.

What’s more, Votewin.org asks visitors to supply their name, address, email address, date of birth, mobile phone number, while pre-checking options to sign the visitor up for more notifications. Big Red Flag #3.

Votewin.org’s Terms of Service referenced a California-based voter engagement platform called VoteAmerica LLC. The same voter registration query form advertised in the SMS messages is available if one clicks the “check your registration status” link on voteamerica.org.

VoteAmerica founder Debra Cleaver told KrebsOnSecurity the entity responsible for the SMS campaigns telling people they weren’t registered is Movement Labs, a political consulting firm in San Francisco.

Cleaver said her office had received several inquiries about the messages, which violate a key tenet of election outreach: Never tell the recipient what their voter status may be.

“That’s one of the worst practices,” Cleaver said. “You never tell someone what the voter file says because voter files are not reliable, and are often out of date.”

Reached via email, Movement Labs founder Yoni Landau said the SMS campaigns targeted “underrepresented groups in the electorate, young people, folks who are moving, low income households and the like, who are unregistered in our databases, with the intent to help them register to vote.”

Landau said filling out the form on Votewin.org merely checks to see if the visitor is registered to vote in their state, and then attempts to help them register if not.

“We understand that many people are jarred by the messages – we tested hundreds of variations of messages and found that these had the largest impact on someone’s likelihood to register,” he said. “I’m deeply sorry for anyone that may have gotten the message in error, who is registered to vote, and we’re looking into our content now to see if there are any variations that might be less certain but still as effective in generating new legal registrations.”

Cleaver said Movement Labs’ SMS campaign may have been incompetent, but it wasn’t malicious.

“When you work in voter mobilization, it’s not enough to want to do good, you actually need to be good,” she said. “At the end of the day the end result of incompetence and maliciousness is the same: increased chaos, reduced voter turnout, and long-term harm to our democracy.”

To register to vote or to update your voter registration, visit vote.gov and select your state or region.

The flaw in Microsoft 365 Copilot allowed data theft using ASCII smuggling and prompt injection

The Texas Dow Employees Credit Union told the Maine Attorney General the MOVEit data breach compromised information of over 500,000 members

A US Justice Department watchdog has found “significant weaknesses” in the FBI’s physical and online media storage and disposal processes