Windows 10 is Retiring:
5 Amazon obscure settings you should change now
0
Epsilon
5 Amazon obscure settings you should change now

The items we buy say a lot about our lifestyles, our finances, and our domestic lives. If you have an Amazon account, the amount of data that the retail giant collects is astonishing. Many people don’t know you get much more just free two-day shipping with a Prime account.

With these different areas collecting data about you, if you are trying to maintain some semblance of your privacy, you’ll definitely want to check these five not-so-obvious settings.

1. Remove your Amazon public profile

2. Listen and delete your Alexa recordings

3. Make your lists private

4. Stop Amazon from tracking your browsing

5. Set a PIN on Alexa purchases

Click Here to read more.

Five Cyber-Security Threats Enterprises Will Confront in 2018
0
Epsilon
Five Cyber-Security Threats Enterprises Will Confront in 2018

NEWS ANALYSIS: Cyber-security threats will likely get worse next year as attacks get more sophisticated, but for organizations the focus will shift to loss prevention.

Attackers are changing their tactics so some of the malware that you have become used to dealing with in 2017 has declined in favor of some other types that will be worse. What won’t change is a persistent trend of organizations and their employees to fail to take even the most basic steps to protect themselves and their data. Here are five things you can expect:

  1. Ransomware attacks will get worse. Cyber-criminals have already discovered that holding someone’s data for ransom is a reliable means of extorting money in small amounts.
  2. Email will become a bigger threat than it was in 2017. This means that organizations will need to develop some means of authentication before employees can take certain important actions, such as transferring large amounts of money based on an emailed request, or sending the entire customer list to someone outside the company.
  3. Leaked exploits will make the spread of malware even harder to fight. New exploits will be leaked, giving hackers new ways to break into computers. The best defense will be to keep your systems updated religiously.
  4. Malware will become more targeted. You will need to be prepared for everything from order spoofing and bogus invoices to payment documentation that comes complete with embedded malware. As in the case of email, you will need to develop authentication methods if you can’t find automated methods available commercially.
  5. Stupidity will persist. No matter how good your policies and procedures may be, and no matter what or how many security products you throw at the problem, your staff will remain your weakest point unless you find a way to keep your staff from being able to do dumb things, such as clicking on email links.

Read More

PSA: A new phishing attack could trick you into giving away your Apple ID password
0
Epsilon
PSA: A new phishing attack could trick you into giving away your Apple ID password

If you’ve used an iOS device at all, you’ve almost certainly been presented with the above popup asking you to enter your Apple ID password. It often appears within the App Store and iTunes Store, but it also has a tendency to randomly popup from time to time due to something running in the background.

A new blog post from developer Felix Krause, however, explains how that popup could be used to easily trick someone into handing over their Apple ID and password…

The developer explains it is incredibly easy for an iOS app maker to recreate the Apple ID password prompt. From there, the app could send that popup and subsequently log the Apple ID and password. It takes less than 30 lines of code and could seemingly be dropped in any legitimate iOS app and sneak past App Store review teams.

Read More

How Google Is Changing Mobile Search to Compete With Facebook
0
Epsilon

Google on Wednesday announced an overhaul of its search app on mobile phones to include a personalized feed of links about hobbies, travel, sports and other topics, a move that puts the search company into more direct competition with social networks such as Facebook.

Google, the world’s largest search engine and a unit of Alphabet, said the changes would begin rolling out in the United States on Wednesday and other countries in the coming weeks.

The new offering is called “Google Feed,” a name that may conjure comparisons to Facebook’s “News Feed,” a feature on Facebook used to browse updates from friends, family and other sources.

Google (GOOG, +0.04%) said, however, that it was not trying to duplicate Facebook (FB, +0.38%), the world’s largest social network. Instead, the company said it wanted to create another place to see a stream of relevant search results.

“This feed is really about your interests… It’s not really about what your friends are interested in,” Ben Gomes, a Google vice president for engineering, said in a briefing with reporters.

Read More

***IMPORTANT!*** This Google Doc scam is spreading fast and will email everyone you know
0
Epsilon
***IMPORTANT!*** This Google Doc scam is spreading fast and will email everyone you know

A new Google Docs phishing scam just reared its head a few hours ago, and it’s spreading like wildfire. Google appears to be taking action to stop it, but in the meantime: be super, super wary of Google Doc invites for now. If you fall for this one (and plenty of otherwise eagle-eyed people have already), it’ll blast out the bait to everyone on your contact list.

Here’s what you need to know:

  • Clicking the link takes you to a real Google-hosted page, with a list of your Google accounts ready to click
  • It asks you to select an account and provide an app called “Google Docs” — yes, they were somehow allowed to name a third-party app “Google Docs” — with account permissions
  • As soon as you click the “ALLOW” button, this not-at-all-actually-Google Docs app now has permission to read your emails and email all your contacts… the latter of which it’ll start doing pretty much immediately, spreading the worm to pretty much everyone you’ve ever emailed.

This one is super sneaky; pretty much the only way to detect it before falling for it is to click the small “Google Docs” link on the actual Google-hosted page and notice that the developer info seems… off.

Read More

Google and Facebook duped in huge ‘scam’
0
Epsilon
Google and Facebook duped in huge ‘scam’

Small and big businesses alike can be targeted by internet scammers looking to cause trouble or make a quick buck. Google and Facebook, two of the biggest companies of all, fell for just such a trickster.

Small and big businesses alike can be targeted by internet scammers looking to cause trouble or make a quick buck. Google and Facebook, two of the biggest companies of all, fell for just such a trickster.Google and Facebook have confirmed that they fell victim to an alleged $100m scam.

In March, it was reported that a Lithuanian man had been charged over an email phishing attack against “two US-based internet companies” who were not named at the time.

They had allegedly been tricked into wiring more than $100m to the alleged scammer’s bank accounts.

On 27 April, Fortune reported that the two victims were Facebook and Google. The man accused of being behind the scam, Evaldas Rimasauskas, 48, allegedly posed as an Asia-based manufacturer and deceived the companies from at least 2013 until 2015.

“Fraudulent phishing emails were sent to employees and agents of the victim companies, which regularly conducted multimillion-dollar transactions with [the Asian] company,” the US Department of Justice (DOJ) said in March.

Read More

Over 1 million decrypted Gmail and Yahoo accounts allegedly up for sale on the Dark Web
0
Epsilon
Over 1 million decrypted Gmail and Yahoo accounts allegedly up for sale on the Dark Web

A dark web vendor is reportedly selling over 1 million decrypted Gmail and Yahoo accounts in an underground marketplace. The accounts listed for sale allegedly contain usernames, emails and plaintext passwords.

The cybercriminal allegedly selling the accounts is believed to be using the handle “SunTzu583”. The dark web vendor is allegedly selling 100,000 Yahoo accounts, from the 2012 Last.fm data breach, for 0.0079 bitcoins ($10.75). Another 145,000 Yahoo accounts from the 2013 Adobe breach and the 2008 MySpace hack were also reportedly found listed for sale, for 0.0102 bitcoins.

SunTzu583 is also reportedly selling 500,000 Gmail accounts for 0.0219 bitcoins. The accounts allegedly come from the 2008 MySpace hack, the 2013 Tumblr breach and the 2014 Bitcoin Security Forum breach, according to a report by HackRead.

Read More

Wide Impact: Highly Effective Gmail Phishing Technique Being Exploited
0
Epsilon
Wide Impact: Highly Effective Gmail Phishing Technique Being Exploited

The Phishing Attack: What you need to know

A new highly effective phishing technique targeting Gmail and other services has been gaining popularity during the past year among attackers. Over the past few weeks there have been reports of experienced technical users being hit by this.

This attack is currently being used to target Gmail customers and is also targeting other services.

The way the attack works is that an attacker will send an email to your Gmail account. That email may come from someone you know who has had their account hacked using this technique. It may also include something that looks like an image of an attachment you recognize from the sender.

Read More

Spotify is writing massive amounts of junk data to storage drives
0
Epsilon
Spotify is writing massive amounts of junk data to storage drives

For almost five months—possibly longer—the Spotify music streaming app has been assaulting users’ storage devices with enough data to potentially take years off their expected lifespans. Reports of tens or in some cases hundreds of gigabytes being written in an hour aren’t uncommon, and occasionally the recorded amounts are measured in terabytes. The overload happens even when Spotify is idle and isn’t storing any songs locally.

The behavior poses an unnecessary burden on users’ storage devices, particularly solid state drives, which come with a finite amount of write capacity. Continuously writing hundreds of gigabytes of needless data to a drive every day for months or years on end has the potential to cause an SSD to die years earlier than it otherwise would. And yet, Spotify apps for Windows, Mac, and Linux have engaged in this data assault since at least the middle of June, when multiple users reported the problem in the company’s official support forum.

Read more

Waves of cyber attacks hit Netflix, Spotify, Twitter
0
Epsilon
Waves of cyber attacks hit Netflix, Spotify, Twitter

If you live on the East Coast and had trouble accessing Twitter, Spotify Netflix, Amazon or Reddit Friday morning, you were not alone. At least two successive waves of online attacks blocked multiple major websites Friday, at times making it impossible for many users on the East Coast to access Twitter, Spotify, Netflix, Amazon, Tumblr and Reddit.

The first attacks appear to have begun around 7:10 am Friday, then resolved towards 9:30 am, but then a fresh wave began. The cause was a large-scale distributed denial of service attack (DDoS) against Internet performance company Dyn that blocked user access to many popular sites standstill.

Read More