Category Archives: Security

Problems and threats of smartphones, safety issues, serious security problem and different types of Security software and smartphones hacking issues

You must also assign an access code to all apps that contain personal or sensitive data

The best ways to protect your sensitive data of the smartphone

The advancement of technology, the benefits of the Internet and the possibilities offered by the different apps that currently exist, allow us to enjoy a large number of advantages on a daily basis.

However, in some cases we can be victims of hackers with the ability to clone phone, steal our personal information or sensitive data and generate scams that harm us greatly.

You must also assign an access code to all apps that contain personal or sensitive data

That is why it is essential that you know and put into practice some tips that allow you to protect your sensitive data properly. With these simple actions you can continue to enjoy the benefits of technology, safely and effectively.

Activate the lock function of your smartphone

It is an extremely simple action that will allow you to protect the content of your smartphone. Activate the lock function and create a passcode consisting of four or six digits. A more efficient alternative is to create a password by combining letters and numbers.

In case this form of blocking does not seem friendly to you, you can choose to draw a pattern, read your fingerprint, or facial identification. Today’s smartphones offer you several options to choose from.

You must also assign an access code to all apps that contain personal or sensitive data.

Update your cell phone’s operating system

Usually, smartphones send a notification indicating that it is time to update their software, apps or operating system. It is important that you pay attention to this message, as the update implies very beneficial improvements for your phone.

Among the improvements it is common to include bug fixes in the security area, or optimizations of some functions. All this with the aim of offering a higher level of protection against possible attacks by cybercriminals.

Install a free Antivirus Apps at least

Installing a protection tool on your smartphone can prevent you from downloading malicious files, and could protect your mobile device from a harmful file that is already on it.

There are a number of protection tools you can choose from. Select the most appropriate for your phone and protect it from hackers and malware.

Avoid using public WiFi as much as possible

Using public WiFi is a way of dangerously exposing your smartphone. These open networks are the ideal setting for attack by cybercriminals.

Avoid using this type of connection, especially if you are going to access mobile banking apps or those that handle some other type of valuable information.

Download apps only from official sites

Every time you want to add a mobile application to your smartphone, you need to download it from the corresponding official website. Avoid doing it from unknown sites.

This same practice is what you must implement when making purchases online. In this case, you must make sure that the sales platform is the official one, and that its payment systems are recognized and secure.

As an additional tip, validate that the web address of the site begins with “https”, this guarantees that the page has an SSL certificate.

Implement two-factor authentication

With two-factor or 2FA authentication, you add an extra step of security to your smartphone.

With this technique, in addition to entering the standard password, you must enter a code that the 2FA app sends you. For many, this is somewhat tedious, but it is well worth the effort. You would be raising a second protective shield between your phone and the dangers in the world of technology.

Don’t expose yourself on social media

Although social media is very important in many ways, it is also often dangerous if you expose yourself too much.

Avoid indicating personal data in the profile of social networks, and in your publications. Activate all the security mechanisms and filter your friends and followers very well.

You must learn to use the functions that technology offers you correctly, in order to enjoy it safely.

US researchers have discovered a vulnerability of Android smartphones that can steal users' personal data

Bluetooth devices endanger smartphones: the list

US researchers have discovered a vulnerability of Android smartphones that can steal users' personal data

US researchers have discovered a vulnerability of Android smartphones that can steal users’ personal data

A new vulnerability affects Android smartphones and endangers hundreds of thousands of devices. The alarm was raised by researchers from Purdue University and Iowa University who published a research paper showing that some Bluetooth devices or USB accessories are able to steal relevant smartphone information such as the IMEI number , the code used to identify a mobile phone.

The technique discovered by the researchers allows a potential hacker an endless series of actions. All very dangerous and endangering users’ personal data . But not only. The devices can be used in turn to launch DDoS attacks (acronym of Distributed Denial of Service) able to KO a website or a company network. The search was carried out on a dozen Android smartphones with different processors: Qualcomm, HiSilicon (Kirin) and Samsung (Exynos) and all were vulnerable to attack, even if in a different way.

The researchers immediately alerted the producers and waited ninety days before publishing the report, to allow time to develop a patch. The only company that gave the researchers an answer was Samsung, which started developing a fix that will be published with the next updates.

How the vulnerability that affects Android smartphones works

Let’s start with the conclusion: the vulnerability discovered by the researchers is rather complicated to implement and requires a big investment in terms of time and hours by the hackers. But some attackers could still exploit it to steal your personal information.

As explained in the research paper, the vulnerability affects several Android smartphones , which exploit an operating system flaw to “enter” the device. To do this it is necessary to use Bluetooth devices or USB accessories designed specifically for this type of operation. Researchers have shown that using these devices it is possible to execute AT commands . These are commands that set features such as connection type, waiting times, and busy signal detection. Also, you can also get the IMEI number of the smartphone, take control of the mobile phone for perform DDoS attacks or remotely stop smartphone connectivity. A series of important activities in a person’s everyday life.

The list of Android smartphones affected by the vulnerability

The researchers tested ten devices from six different manufacturers . Here is the complete list:

Galaxy S8 +
Google Pixel 2
Huawei Nexus 6P
Motorola Nexus 6
Galaxy Note 2
Galaxy S3
LG Nexus 5
HTC Desire 10 Lifestyle
Huawei P8 Lite

These are fairly dated smartphones, but this does not mean that newer devices are not equally vulnerable to attack. As mentioned above, researchers have warned manufacturers that they are working to release a security patch as soon as possible. Samsung was the first to get to work to find a solution to the problem.


Ransomware: what it is and how to protect yourself

The Ransomware is not a new aggression. In fact, the first time this type of computer attack was recognized was around 1989 and it spread from one computer to another through the use of a diskette. Currently all information and devices are connected through the network.
Thanks to the existence of different programs of Ransomware in open source and the possibility of obtaining great economic benefits this type of aggressions has become more frequent with the passage of time . The aim of the attacker always responds to economic reasons. The Ransomware is not intended to damage the victim’s files but to steal them and then ask for a ransom for them .

But how can we prevent a Ransomware attack from occurring?

Here are some tips:

Update the operating system and applications regularly . Most updates have security patches that are essential to ensure the security of any device. Updating web browsers is especially important.

Backup copies : Regularly backing up your operating system on external devices is highly recommended. If there is any loss of information or any type of aggression we can ensure that we have a receipt. There is a large number of free cloud storage systems.

Use antivirus and update it : Avast is a very practical option because it offers different degrees of protection that include Ransomware devices.

Take preventive measures : For example, you should avoid opening files and links that come from unknown sources. All those emails that come from an unreliable contact should be automatically deleted without even opening it. On the other hand, when you are going to enter your personal data in any form, make sure that the web has HTTPS protocol enabled.
Only by following these simple measures will you be able to protect yourself against attacks with Ransomware.

Confirmed: installing an antivirus on Android is exactly the same as not doing it

Installing an antivirus on Android is exactly the same as not installing it

Confirmed: installing an antivirus on Android is exactly the same as not doing it

Every year there are 1 or 2 ‘viruses’ important for mobile phones, it is even said that 2019 will be the year of malware thanks to the increase and the proliferation of fake apps with malicious code , backdoors, banking Trojans and the boom of cryptomining malware . Currently there are several free antivirus for Android phones , but it has been confirmed that installing them is exactly the same as not doing it.

A report from AV-Comparatives shows that the company has tested 250 antivirus applications for Android, Google’s platform, and that they have discovered that only 80% of them approved the basic standards of the site . That is, more than 30% of the malicious apps of 2018 were detected and had zero false alarms, although some applications fell short.

To carry out the study, the tests were conducted in January 2019 and the researchers used a Samsung Galaxy S9 with Android 8.9 Oreo and a Nexus 5 with Android 6.01 . The mechanics was to check the effectiveness of the 250 applications against the 2,000 most common malware threats for Android during 2018.

Only 23 apps detected 100% of the threats

2019 will be the year of the malware according to the latest report of the well-known McAfee antivirus

During the study it is also reflected that the applications overlooked antivirus known as AVG, Kaspersky, McAfee and Symantec, which usually catch everything . In addition, it is reflected that antimalware apps from 32 suppliers have been removed from Play Store in the last two months since the test was conducted.

Of all the antivirus, only 80 detected more than 30% of the malware, and of those, 23 detected 100% of the threats . Researchers advise users not to get carried away by the users’ qualifications , since most of them offer a rating based on their experience, without knowing if that app offers effective protection.

The study also recommends users to use antivirus from well-known, verified and reputable suppliers . An investigation that illustrates the challenge faced by Google and other store operators when it comes to selecting applications.

WinRAR has a bug

WinRAR has a bug: 500 million users at risk

WinRAR has a bug
CheckPoint researchers discovered a vulnerability in WinRAR that endangered the PCs of 500 million users. Here’s what to do to defend yourself

A bug in WinRAR has endangered the personal data of over 500 million users . Check Point researchers, a company specializing in cybersecurity, discovered the flaw and immediately warned the developers of WinRAR. A patch to solve the problem has already been released. The bug r any PC vulnerable to any type of cyber attack and gave hackers the ability to take control of the computer and the entire corporate network.

The vulnerability was present on WinRAR since the release of the first version and has affected all the versions developed in the last 19 years. The problem lay in the UNACEV2.DLL library used to decompress files in ACE format. By exploiting the vulnerability, hackers could hide viruses in the ACE files that infect the computer without the user being aware of it. The library had no countermeasure against this type of attack and made the PC vulnerable. WinRAR has released a patch that disables the offending library.

What is likely to use an old version of WinRAR

If you are still using an outdated version of WinRAR, you are endangering the security of your data and your PC. The vulnerability discovered by CheckPoint researchers allows hackers to take control of the PC and the corporate network. The developers of WinRAR have released a new version ( WinRAR 5.70 Beta 1 ) that solves the problem by disabling the use of the UNACEV2.DLL library. The only drawback concerns the end of support for ACE formats that can no longer be decompressed using WinRAR.

To update WinRAR just access the program website and download the latest version of the software.

he vast majority of targeted attacks start from a phishing mail

How do hackers spy on us: How To avoid the risk of hackers stealing data

he vast majority of targeted attacks start from a phishing mail
Just a photo or phone number to discover your identity on the Internet. Do not you believe it? Then you do not know the experiments conducted by Kaspersky.

In recent years hacker attacks have increased exponentially. Some of these episodes have resulted in the theft of personal data of millions of social network users and other sites that required registration. In other cases, however, it was targeted attacks, to take possession of personal data of specific people or to enter their computers and their mobile devices.

According to the well-known computer security company Kaspersky, the vast majority of targeted attacks start from a phishing mail . This means that hackers have managed to get hold of some user data and used them for a more complex and profitable attack on them. But how do hackers steal the data ? Kaspersky himself did an experiment: he tried to replicate all the possible ways in which a hacker can obtain information about us starting from an anonymous photo, a name and surname or an email address and telephone number.

How to find out a person’s name from a photo

When a hacker has only one photo available, his search starts uphill. There are sites like FindFace that can recover a person’s social identity if we provide him with several shots to process. Once it was a free tool and open to the public, now the company prefers to sell its technology only to governments and large companies. A hacker could also use Google, but with very few results because the search for images does not shine for accuracy and can only find the photos posted on websites and not those posted on social networks.

How to find a person with name and surname

Having the name and surname available, however, the hacker’s mission begins to be simpler. Unless the user has a very common name and surname, like Mario Rossi. With these two data it is often possible to find at least one more or less public social profile of the user, from which extrapolate other useful information to continue the attack.

How to find a person with email

With email and phone number an attacker can use services like Pipl, which collects information from different social networks and creates almost complete profiles with everything on the web about that person. If the username of the personal email box is then the same as that of the company, an attacker could use programs like Namechk or Knowem that automatically track an account created with hundreds of different services including: Facebook, Blogger, Ebay, WordPress, Pinterest and many others. Therefore, starting from a company email address, you can easily reach a personal profile.

What to do to avoid identity theft

To avoid the risk of hackers stealing data, Kaspersky reiterates some basic advice:

Do not register on social networks with e-mail addresses or phone numbers that are then made public
Do not use the same photo on personal and work profiles
Use different names to prevent one profile from leading to another and so on
Do not make life easier for cybercriminals by posting unnecessary information about you on social networks

A computer scientist has discovered four vulnerabilities in Wi-Fi that would endanger millions of devices including PS4 and Xbox

PS4 and Xbox at risk of hackers due to Wi-Fi

A computer scientist has discovered four vulnerabilities in Wi-Fi that would endanger millions of devices including PS4 and Xbox
We use Wi-Fi technology every day to connect our devices to the Internet. It has become normal to activate the Wi-Fi icon and wait for the few seconds that separate us from the Net. Unfortunately, Wi-Fi hides a problem that could put millions of devices at risk. The wanted Denis Selianin has discovered four vulnerabilities that endanger certain devices that use Wi-Fi technology .

There are 6.2 billion electronic devices potentially attacked by hackers due to a series of Wi-Fi vulnerabilities discovered by the company researcher Embedi and among them there are also millions of PlayStation 4, Xbox One, Windows Surface laptops, Chromebooks, and smartphones of many brands. It all depends, Selianin explains, on a trivial security problem with the ThreadX operating system , used as a firmware to run most of the Wi-Fi chips.

What are the vulnerabilities affecting Wi-Fi

For example, the researcher was able to easily violate a Marvell Acastar 88W8897 wireless network chip that is extremely widespread. The potential vulnerabilities discovered by Selianin are four, all very simple to put in place for a hacker and all very dangerous for the damage they could cause. One of the vulnerabilities, for example, can be activated without any user interaction when scanning available networks. The tested Marvel chip, in fact, scans the networks independently every five minutes. Thanks to the bug in the ThreadX operating systemhowever, with each of these scans, malicious code portions could be sent to the devices to take control of them. And this even if the devices are not connected to any network, but are simply detectable because in the range of the Wi-Fi chip .

Selianin explained that he had found two methods to exploit this bug: one worked only with the Marvell chipset, the other with any ThreadX-based firmware. The researcher has also shown the code to exploit these vulnerabilities, hiding the technical details that would allow hackers to use it to infect billions of devices with Wi-Fi chips controlled by ThreadX.

How to protect your devices

The big problem is just the huge diffusion that this operating system has had on devices of all kinds. Now Express Logic, the company that develops ThreadX, will have to quickly create a patch to ” plug the holes ” discovered by Selianin and, even more difficult, the update of the operating system will have to be spread on all devices with WiFi chips that already they use it. Users, meanwhile, do not have many ways to protect themselves because the Wi-Fi chip scans networks on its own. On PS4 and Xbox One , for example, the only option is to disable Wi-Fi from the console settings . On laptops and smartphones, however, use without Wi-Fi is almost unthinkable today.