Search This Blog

Showing posts with label Security. Show all posts

Same Phishing Risks Faced By Start-Ups and Big Corporations

Reports of a near-perfect phishing attempt have surfaced after a large number of remote employees with health and work environment benefits through human resources giant TriNet received such emails.

The emails were shared with TechCrunch, an American online publisher, in order to 'verify their authenticity' and when two independent security researchers were approached to offer their evaluations, both were of the view that it was a phishing email indeed contrived to steal usernames and passwords.

Furthermore, even a $3.7 billion corporation like TriNet, let alone the other big giants are not doing what's needed to counteract such phishing attack on the grounds that had they proactively utilized basic email security techniques, it would have been significantly simpler to identify that the email was not in actuality a phish, but an authentic company email.

Anyway, the issue isn't even a new one for TriNet or for that matter any other big company.

For instance just the previous year, security firm Agari discovered that only 14% of all Fortune 500 companies were utilizing DMARC, a domain security feature that prevents 'email spoofing' and effectively implements it and the new data provided by Agari to TechCrunch shows that figure has risen to just a single percentage point in the last year, bringing it to a small 15%.

Nonetheless, it’s safe to assume that both phishing and impersonation are 'fundamentally' human issues with the intent to attempt to fool clueless victims into turning over their usernames, email addresses and passwords to hackers who at that point login and steal data or money. On that account, it is recommended for the users to always be vigilant when they are at the receiving end of such emails.

FaceApp has access to more than 150 Million user's faces and names

Everyone is busy posting pictures of themselves how they will look in the future, while security researchers are really worried about the data that users are giving them. 

The Cybersecurity experts at Checkpoint have said that the Russian owned app doesn't have access to your camera roll, but it 'might store' the image that you modified. 

Till now, more than 100 million people have downloaded the app from the Google Play store. While it is a top-ranked app on the iOS App Store. 

According to the terms and condition of the FaceApp, ‘You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you. When you post or otherwise share User Content on or through our Services, you understand that your User Content and any associated information (such as your [username], location or profile photo) will be visible to the public.’

However, the firm addressed the privacy concerns saying that they are storing the uploaded photo in the cloud to increase their performance and deal with the traffic.

In the statement released they clarified that even though their 'core R&D team is located in Russia, none of the user data is transferred to Russia'. 

Bit Torrent’s peer-to-peer app and its uTorrent counterpart susceptible to a depraved Hijacking Errancy.

Google researcher Tavis Ormandy recently detailed a host of DNS rebinding exploits in Windows versions of Bit Torrent’s peer-to-peer app and its lightweight uTorrent counterpart.

The rebinding exploits lets attackers resolve web domains to the user's computer, essentially giving them illegal access to the user’s personal data.This illegal approach could help them to execute remote code, download malware to Windows' start up folder, grab downloaded files and access the download history of the user.

The flaws address on all unpatched versions, including uTorrent Web. Bit Torrent engineering VP Dave Rees says that the flaws in the conventional client have been fixed in beta versions released last week. Adding further that those that are on the stable releases are set to release in the coming week.

Ormandy was initially more concerned that Bit Torrent hadn't appropriately settled uTorrent Web's issues and also partly stressed by the recurring in lack of communication after reporting the fix in December, but Rees later added that the patch is now in place that should address that exploit, the full statement of his is below:

"On December 4, 2017, we were made aware of several vulnerabilities in the uTorrent and Bit Torrent Windows desktop clients. We began work immediately to address the issue. Our fix is complete and is available in the most recent beta release (build released on 16 Feb 2018). This week, we will begin to deliver it to our installed base of users. All users will be updated with the fix automatically over the following days. The nature of the exploit is such that an attacker could craft a URL that would cause actions to trigger in the client without the user's consent (e.g. adding a torrent).”

"Bit Torrent was also made aware yesterday that its new beta product, uTorrent Web, is vulnerable to a similar bug. This is a different product and wasn't covered by the original vulnerabilities. The team behind uTorrent Web released a patch for that issue yesterday and we highly encourage all uTorrent Web customers to update to the latest available build available on our website and also via the in-application update notification.”

"As always, we encourage all customers to always stay up to date."

It's not certain till now whether anyone has made use of the exploits in the wild or not. Having said that, it’s smarter to stay wary as it would only take a visit to the wrong website to trigger an attack, and the consequences following it could be particularly severe.