10 TIPS FOR SECURING YOUR SMARTPHONE

This month is National Cyber Security Awareness Month. Each week within October will take on adifferent theme, with this week's being 'Mobile'. So, with that in mind, we thought we'd prepare some tips to help keep your smartphone safe.

Top 5 threat protection best practices

Trend Micro predicts that there may be as many as a million Android malware threats by the end of the 2014. What's going on here? Make no mistake about it, there are REAL ANDROID MALWARE PROBLEMS. (Credit: Juniper Networks) Part of it is that Android is being targeted because it's extremely popular. The research company Canalys found that Android is running on 59.5 percent of all smart mobile devices that were shipped in the first quarter of 2013.

YES, YOUR SMARTPHONE CAMERA CAN BE USED TO SPY ON YOU...

Yes, smartphone cameras can be used to spy on you - if you're not careful. A researcher claims to have written an Android app that takes photos and videos using a smartphone camera, even while the screen is turned off - a pretty handy tool for a spy or a creepy stalker.

Free Security Scans - Find threats your antivirus missed

Malware is complex, seemingly everywhere and is often difficult to stop. It knows how to find your data,even on your mobile device and Mac. You can't ignore your the safety of your devices any longer: you need to recognize and stop these threats before they do MORE harm.

MALWARE ATTACKS ON ANDROID DEVICES SEE 600% INCREASE IN 2013 / 2014

Malware targeting the Android platform is exploding, with a 600 percent increase in just the past 12 months. That statistic is among the findings of a new study--Mobile Security Threat Report--unveiled last week at the Mobile World Congress in Barcelona, Spain.

Showing posts with label HACKERS. Show all posts
Showing posts with label HACKERS. Show all posts

Wednesday, November 29, 2017

Password Hacking and You

3:11 PM


There are 2 primary methods to hack passwords: Brute Force and Password Guessing. Of the 2, believe it or not, it is easier to guess someone’s password than to try every combination of letters, numbers and symbols. In a brute force attack, password attempts would progress from: a, b, c; to aa, ab, ac; to aaa, aab, aac; and so on.  
The core question is not, “Can my password be hacked?”, but rather “How long would it take?”. That’s where password entropy comes into play for our (the user’s) benefit. Loosely defined, entropy is disorder. Since a brute force attack is a very orderly attack, the more disorder you have in your password = better.  
Numbers Game
With 5 lower case characters, an online attack would get your password right in an average of 1 hour, 21 minutes. However, by introducing say a capital letter, a number, and a special character, that time rises to around 1.5 months.
With 7 lower case characters, a brute force attack would consume ~3.2 months, but if you introduce those other random characters, it rockets up to an average of 11 centuries! Taking it even further, at 8 characters the online crack time goes to 1,000 centuries which is effectively long enough to be considered near impossible under current computing capabilities.  
That said, if the hacker is able to do an offline, or massive cracking array scenario, the password can again be deduced in a matter of hours. As such, even though the typical minimum / safe password length is 8 characters, what you use as your password matters even more.
Simplicity Opens the Door
Every attempt to get your password will begin with guessing. According to a released “hack file” of 5 million passwords, we know what the most common passwords are, so hackers will start there.
Top passwords for 2016:

123456, password, 12345, 12345678, football, qwerty, 1234567890, 1234567, princess, 1234, login, welcome, solo, abc123, admin, 121212, flower, passw0rd, dragon, sunshine, master, hottie, loveme, zaq1zaq1, password1
4% of the passwords were “123456”! That’s 200,000 people in the sample set with that password!
Read more »

Friday, November 10, 2017

180M Smartphones Vulnerable To Hacker Eavesdropping

11:15 AM


Appthority, the enterprise mobile threat protection company, announced news on Thursday (Nov. 9) that it published research on its recent discovery of a so-called Eavesdropper vulnerability, in which hackers can intercept texts, voice messages and other user data from millions of smartphones through their mobile apps.
In a press release, the company said the cyberattack vulnerability is caused by “developers carelessly hard coding their credentials in mobile applications that use the Twilio Rest API or SDK, despite best practices the company clearly outlines in its documentation.” Twilio, said Appthority, has reached out to all developers with affected apps and is actively working to secure their accounts.
According to the company, Appthority mobile security researchers have identified this as a real and ongoing threat affecting close to 700 apps in enterprise mobile environments, over 170 of which are live in the official app stores today. Affected Android apps have been downloaded up to 180 million times, the company said.
What’s more, the company said the issue is not specific to developers who create apps with Twilio. Hard coding of credentials is a common developer error that increases the security risks of mobile apps. Appthority researchers are finding that developers who hardcode credentials in one service are likely to make the same error with other services.
Examples of apps with the Eavesdropper vulnerability include an app for secure communication for a federal law enforcement agency, an app that enables enterprise sales teams to record audio and annotate discussions in real-time and branded and white label navigation apps for customers, such as AT&T and U.S. Cellular, the mobile threat protection company stated in its press release.

“Eavesdropper poses a serious enterprise data threat because it allows an attacker to access confidential company information, which may include a range of sensitive information often shared in an enterprise environment, such as negotiations, pricing discussions, recruiting calls, product and technology disclosures, health diagnoses, market data or M&A planning,” said Seth Hardy, Appthority director of Security Research in the release. “An attacker could convert recorded audio files to text and search a massive data set for keywords and find valuable data.”

via pymnts
Read more »

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes