Data released from a consumer security risks survey found that nearly a third of participants are casual when making online transactions. This action leads to security vulnerability of financial data at risk and poses problems for banks and e-payment systems if they have to refund their clients’ losses.
The study was conducted through an online survey from May to June this year with users from 23 countries. Though users are worried about cyber threats, they still do little to protect themselves. Shocking data shows that children are the most vulnerable Internet users, which poses as a danger for parents.
Read moreA survey by One Poll and Dimensional Research on holiday shopping security practices evaluated online cybersecurity awareness of consumers from the USA and United Kingdom, and revealed that a lot of people believe emails from “trusted brands” are safe to click, and some respondents anticipate doing at least part of their holiday shopping while at work.
Cybercriminals are very resourceful, and they know that the siren song of a good deal is almost always irresistible to bargain hunters. The number one reason to click is trust in a brand, which isn't good there are some very convincing phishing emails that look nearly identical to the real thing.
Read moreExperts warned about the wave of Internet fraud with mobile applications: users of WhatsApp messenger propose to disable the indicator read messages. New feature – indicator reading messages – appeared in WhatsApp in November.
One gray check mark indicates that the message came to the messenger server, dual gray – on a mobile device, dual blue – the chat window is opened by the user. Not all users have approved the innovation, but at the moment to get rid of it is impossible. The dissatisfaction of the users of the most popular in the world of instant messenger benefited from the Scam.
Read moreVirus analysts explored a new Trojan horse, designed to infect smartphones and tablets running the Android OS. This malicious program is capable of stealing personal information of owners of mobile devices, as well as to steal money from Bank accounts.
To start its malicious activity it can only after installation in the system by the owner of the mobile device. It should be noted that the choice of application for simulation depends entirely on the imagination of writers and can be absolutely anything. Once installed, the Trojan sets up a shortcut on the home screen. In Fact, virus is able to implement on the infected Android device two attack scenario.
Read moreInternational bank HSBC said that its operations in Turkey had been hacked and the personal data of some million customers’ credit cards had been compromised, while emphasizing that there is no financial risk for the clients. HSBC Turkey identified the attack through its internal controls.
The information compromised consisted of card numbers and linked account numbers, card expiry dates and card holders’ names, the bank said. There is no evidence that any of its customers’ other financial information or personal information was compromised. The bank stated that its customers may continue to perform all banking transactions as usual.
Read moreCybercriminals have started a new trend for conducting distributed denial-of-service attacks and rely on a type of DNS amplification that leverages text records for making the operation more effective; in some campaigns, parts of a press release from the White House have been observed by researchers.
The tactic is not new, but more and more incidents of this sort have been recorded. The entertainment sector is the most targeted. Attackers have used large TXT records in reflection attacks in the past. Cybercriminals often use intermediate victims to reflect the bad traffic to their target.
Read moreResearchers have spotted a new technique used by phishers which could trick even more users into believing they are entering their information in a legitimate web form.
Instead of replicating as faithfully as possible a legitimate website, the attackers need only to set up a phishing page with a proxy program which will act as a relay to the legitimate site, and create a few fake pages for when users need to enter their personal and financial information. In the spotted attack, users are directed to the malicious site by clicking on a search result they got by entering a product's name. The attackers used a number of techniques to make the URL appear in the results.
Read moreCyberespionage is the weapon of choice in the 21st century. Even a seemingly harmless mobile app is able to find out quite a few secrets that a careless user might reveal, let alone full-scale surveillance campaigns specifically targeted at representatives of major businesses and government organizations.
This autumn’s newest revelation is the discovery of a spy network, dubbed ‘Darkhotel’, which had been active for seven years in a number of Asian hotels. Furthermore, smart and professional spies involved in this long-running operation created a comprehensive toolkit consisting of various methods that can be used to break into victims’ computers.
Read moreAs banks and retailers are barreling toward a 2015 deadline to replace magnetic-stripe credit and debit cards with more secure cards that come embedded with a microchip, researchers have announced a critical flaw in the card system.
The card system fails to recognize transactions made in non-UK foreign currencies and can therefore be tricked into approving any transaction. What’s more, because the cards allow for contactless transactions, wherein consumers need only to have the card in the vicinity of a reader without swiping it, a thief carrying a card reader designed to read a card that’s stored in a wallet or purse could conduct fraudulent transactions without the victim ever removing their card.
Read moreThe persistence of the Shellshock vulnerability remains high more than a month after it first surfaced. The latest attacks involved SMTP servers belonging to web hosts. Attackers are using Shellshock exploits targeting the now infamous vulnerability in Bash in order to drop a perl script onto compromised computers.
The script adds the hacked computers to a botnet that receives its commands over IRC. The attack leverages Shellshock as a main attack vector through the subject, body, to, from fields. Once compromised, a perl botnet is activated and beaconing on IRC for further instructions.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland