Category Archives: Cyber Security

Be careful of using Chinese goods: Chinese smart TVs caught hoovering up data

Abstract

Millions of smart TVs in China may have collected data without the knowledge of viewers about Wi-Fi networks found within range and attached devices.

According to the South China Morning Post, an owner of a Skyworth smart TV posted last month on a Chinese technical forum that their suspicions were aroused when they felt their TV’s operation had slowed down, and wondered what background processes might be running.

The unnamed user examined the code running on his Android-powered Skyworth TV, and discovered it was scanning for devices connected to their family’s Wi-Fi every 10 minutes, scooping up information:

What do they collect?

“TV App installed in users TV sends back the hostname, mac, ip and even the network delay time. It also detects the surrounding wifi SSID names, The mac address is also packaged and sent to this domain name of gz-data.com.” GZ-Data.com is the domain name of Gozen Data, a data analytics company that specializes in delivering targeted advertising to smart TVs.

Read more in

https://www.bitdefender.com/box/blog/iot-news/chinese-smart-tvs-caught-hoovering-data-devices-customers-networks/

Good Read: Search Yourself Online

Abstract

You most likely have heard how important it is to protect your privacy and the information you share online. To demonstrate this, we are going to try something new; we are going to show you how to research yourself and discover what information is publicly known about you. The process is called OSINT, a fancy way of saying Open Source Intelligence.

Read more in

https://www.sans.org/newsletters/ouch/search-yourself-online/

Good Read: API First Security Strategy

Every software in the world is either an API or uses API. API (Application programming interface) has enabled the world to connect digitally and advances the broader use of IoT devices.

As APIs’ popularity rises, so does their prevalence as an attack vector for cybercriminals because bad actors have always loved the most target-rich technologies. Gartner forecasts that APIs will become the most common attack vector by next year. Yet despite higher awareness of the need for API security, breaches continue to happen.

Abstract

What does an API-first security strategy look like? Here are five observations:

1. High visibility is crucial. An API-first approach is all about acknowledging the API as a first-class citizen in an application’s design. Given the increase in vital work that the API does in communicating between applications, APIs must have the same scrutiny of access controls that a superuser (e.g., an IT administrative specialist with unlimited privileges) would.

2. REST APIs are a growing target. REST (REpresentational State Transfer) is the duct tape of technology — it defines how systems can be connected to (and interact with) each other by using HTTP requests to access and use data. REST API usage has become so widespread in enterprise application development that many companies have difficulties defining a clear picture of all their deployments. These visibility gaps make APIs harder to protect.

3. Encryption of all data is key. This is true not just when data is at rest, but also in transit. In this encryption scenario, the API would use TLS and authorization tokens to transmit data securely, and the data that the API is accessing should also be encrypted.

4. Credential stuffing is still a huge problem and an evolving threat. Credential stuffing is the practice of using an automated injection of stolen credentials to gain unauthorized access. Companies have gotten better at securing their front-end applications and webpages to defend against credential stuffing. Still, hackers increasingly have been targeting back-end APIs that historically tended to have fewer implemented security controls.

5. Automated checks should be standard practice. I’m seeing how rarely I see automated security checks as part of a CI/CD pipeline, if they are implemented at all. A mature application security team should work with the engineering squads to design and incorporate security into pipelines and allow an organization to scale security with its product offerings.

Reference

https://www.darkreading.com/application-security/5-objectives-for-establishing-an-api-first-security-strategy/a/d-id/1340622?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

All about Faraday Bags: Faraday bags is a way to protect phone from any hack

A Faraday bag is a type of Faraday cage. It protects electronics from being damaged by radio frequency interference (RFI) or from an electromagnetic pulse (EMP) by not allowing radio frequency or electromagnetic pulse waves to pass through the material.

It goes by a lot of names such as RFID bag, RFID blocking bag, or EMP bag.

How a Faraday bag works?

It creates a completely enclosed space that is surrounded by a mesh of conducting materials. When an electrical field on the outside of the Faraday cage interacts with the material, it causes the charges within the protected space to be distributed in a way that cancels the effects. It also works to protect against radio frequency interference.

This way the hackers, thieves, or government agencies who are trying to track your phone or any other device will not be able to get to it because of the outer layer of the Faraday bag.

Read more in

https://privacypros.io/faraday-bags/

CyberNews: Beware of installing Adblock. it may contain malware

Abstract

In the latest campaign, we have seen several apps impersonated by the malware: the ad blockers AdShield and Netshield, as well as the Opendns service. This article analyzes only fake AdShield app, but all the other cases follow the same scenario.

Statistics

According to data from kaspersky security network, at the time of preparing this article, since the beginning of February 2021, there have been attempts to install fake apps on the devices of more than 7 thousand users. At the peak of the current campaign, more than 2,500 unique users per day were attacked, with most of the victims located in russia and CIS countries.

Read more in

https://malwaredevil.com/2021/03/10/ad-blocker-with-miner-included/?utm_source=rss&utm_medium=rss&utm_campaign=ad-blocker-with-miner-included