What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-12-03 07:00:00 | Best Ways to Reduce Your Digital Footprint Now (lien direct) | Every activity you perform online, whether it is commenting on a news article, sharing something on social media or your shopping preferences leaves a digital footprint. This digital trail helps organizations find more about you. And while it does offer a certain degree of convenience, it can be a real hazard to your online privacy. Fortunately, there are several ways you can use to reduce your digital footprint and help ensure your privacy. Understanding Your Digital Footprint A digital footprint is a trail of data a person leaves online while using the internet. This data includes your search history, photos and videos you might have uploaded, newsletter subscriptions and more. Also known as the \'digital shadow,\' your footprint data can help paint a picture of who you are. Therefore, most apps, websites and online marketers use your digital footprint to personalize your browsing experience. However, your online footprint can also wreck your online privacy in several ways and is one of the common causes of data breaches. Since almost every action is recorded online, the record that forms a footprint is unique to every user. The type of footprint depends on how it is left or collected. There are two main types of digital footprints: Active Digital Footprint An active digital footprint is the data you intentionally leave online or rather the things you actively do online. This includes your online posts, comments, online shopping or even signing up for a newsletter. All these things are parts of your active digital footprint. Passive Digital Footprint A passive digital footprint is the data you share unintentionally. This data usually depends on the cookies that a website is using whenever you visit it. Using cookies, a website may track how many times you have visited it, your biometric and geolocation data and even your IP address. Both active and passive digital footprints can be tracked and stored by multiple sources. If you are curious about how to check your digital footprint, consider these four main methods: search your name on popular search engines like Google and Yahoo, use digital footprint checkers, check your public accounts and also look for data breaches through breach detection services. Does My Digital Footprint Disrupt My Online Privacy? Can I Delete It? A digital footprint is permanent, and deleting it is next to impossible. Once your data is public, you have little control over how others use it. All the information left behind due to your online activities is used and stored by third-party services, your services providers or the government. However, one of the most dangerous aspects of an online footprint is that you never know how big it is. Since every app and site collects, stores and shares bits of your information, there is no way to completely track and eliminate all that information. This means that even the parts of your life you would want to keep private such as your medical information can be revealed online through your online orders or search history. Here are some ways your online footprint disrupts your privacy: Information is valuable to cybercriminals, who can exploit your digital footprint. They can gather enough relevant information to commit identity theft, phishing, cyberbullying and bank scams. You receive more spam emails and phone calls. Since your information is shared publicly and with third parties, it is one of the reasons you receive spam emails. Potential employers may gain access to outdated and unwanted information and reject you on that basis. According to a study, seven out of ten employers run an employee background check on social media platforms and have rejected 57% of people | Spam Tool Threat Studies Medical | Yahoo | ★★ |
 |
2022-10-18 08:41:18 | The benefits of taking an intent-based approach to detecting Business Email Compromise (lien direct) |  By Abhishek Singh.BEC is a multi-stage attack. Adversaries first identify targets, then they establish rapport with the victim before exploiting them for whatever their end goal is. In the case of BEC, a threat actor can impersonate any employee in the organization to trick targets. A policy that checks for authorized email addresses of the sender can prevent BEC attacks. However, scaling the approach for every employee in a large organization is a challenge. Building an executive profile based on email analysis using a machine learning model and scanning emails against that profile will detect BEC. Data collection for building and training machine learning algorithms can take time, though, opening a window of opportunity for threat actors to exploit. Detection of exploitation techniques such as lookalike domains and any differences in the email addresses in the "From" and "Reply-to" fields can also detect BEC messages. However, the final verdict cannot account for the threat actor's intent. The intent-based approach detects BEC and then classifies it into the type of scam. It catches BEC messages, irrespective of whether a threat actor is impersonating a C-level executive or any employee in an organization. Classification based on the type of scam can help identify which segment of an organization was targeted and which employees were being impersonated by the threat actor. The additional information will further assist in better designing preventive features to stop BEC. Business email compromise (BEC) is one of the most financially damaging online crimes. As per the internet crime 221 report, the total loss in 2021 due to BEC is around 2.4 billion dollars. Since 2013, BEC has resulted in a 43 billion dollars loss. The report defines BEC as a scam targeting businesses (not individuals) working with foreign suppliers and companies regularly performing wire transfer payments. Fraudsters carry out these sophisticated scams to conduct the unauthorized transfer of funds. This introduces the challenge of how to detect and block these campaigns as they continue to compromise organizations successfully. There are a variety of approaches to identifying BEC email messages, such as using policy to allow emails from authorized email addresses, detecting exploitation techniques used by threat actors, building profiles by analysis of emails, and validating against the profile to detect BEC. These approaches have a variety of limitations or shortcomings. Cisco Talos is taking a different approach and using an intent-based model to identify and block BEC messages. Before we get too deep into the intent-based model, take a deeper look at the commonly used approaches to block BEC from the simplistic through machine learning (ML) approaches. Policy-based detection The first place to start is with policy-based detection as it is one of the most common and simplistic approaches to blocking BEC campaigns. Let's start by looking at an example of a BEC email. |
Threat Medical Cloud | Yahoo Uber APT 38 APT 37 APT 29 APT 19 APT 15 APT 10 | |
|
2016-02-24 14:00:00 | Operation BlockBuster unveils the actors behind the Sony attacks (lien direct) | Today, a coordinated coalition involving AlienVault and several other security companies led by Novetta is announcing Operation BlockBuster. This industry initiative was created to share information and potentially disrupt the infrastructure and tools from an actor named the Lazarus Group. The Lazarus Group has been responsible for several operations since at least 2009, including the attack that affected Sony Pictures Entertainment in 2014.Part of our research on this actor was presented at the Kaspersky Security Analyst Summit (SAS) in Tenerife, Spain on February 9th, 2016 as a joint talk between AlienVault and Kaspersky’s Global Research and Analysis Team.In the research that AlienVault and Kaspersky collaborated on, we attributed several campaigns to this actor. Armed with some of the indicators that US-CERT made public after the Sony attack, we continued to analyze different campaigns in 2015 that we suspected were being launched by the same actor. Eventually we were also able to attribute previous activity to the same attackers including:Sony Pictures Entertainment - 2014Operation DarkSeoul - 2013Operation Troy - 2013Wild Positron / Duuzer - 2015Besides several campaigns were the Lazarus group has utilized wipers to perform destructive attacks, they have also been busy using the same tools to perform data theft and cyber espionage operations.Today, as part of the Operation BlockBuster release, we want to share some of our findings and TTP’s from the Lazarus Group that allowed us to link and attribute all the campaigns and tools into the same cluster of activity. We highly recommend that you read the comprehensive report Novetta published today that includes details on the project’s scope and the more than 45 malware families identified, and includes signatures and guidance to help organizations detect and stop the group’s actions.Encryption/Shared keysOne of the key findings that gave us the opportunity to link several families to the same actors was finding a dropper that the attackers use. This dropper contains a compressed resource (ZIP) with the name “MYRES” that is protected by a password. The attackers have reused the same password in different occasions and we were able to find droppers containing different families used by the group. This actor also reuses the code libraries they utilize to perform RSA encryption. We were also able to find the exact same public key in multiple variants.Batch scriptsThis actor often uses BAT files that share the same skeleton in order to delete the initial files after infection. We have seem them reuse this technique across multiple droppers and payloads.Obfuscation functionsThe Lazarus Group uses a few different methods to obfuscate API functions and dynamically load them. One of them consist on using a simple XOR schema. |
Medical | Yahoo APT 38 |
1
We have: 3 articles.
We have: 3 articles.
To see everything:
Our RSS (filtrered)
