Archive for November, 2018

Google Fi – New cellular service with MVNO support

Google Fi is a new cellular service with MVNO support as shared below:

Google Fi drops ‘Project’ and adds MVNO support for most Android devices, iPhones

https://fi.google.com/about/

https://en.wikipedia.org/wiki/Mobile_virtual_network_operator

Back in 2015, Project Fi launched as Google’s take on cellular service and has over the years added new features, as well as support for more phones. As suggested earlier this month, the MVNO is now simply called Google Fi and vastly expanding its Android device compatibility and supporting iPhones.

Google Fi Rebrand — The first change today is a rebrand from “Project Fi” to just “Google Fi.” A more modern logo makes use of the four Google colors — though in different shades — and of course dots. Dropping the beta-sounding “Project” from the name also reflects a more long-term commitment to the service by Google. In terms of how the service works for existing customers, nothing is changing with today’s announcements.

Best Security Practices – Prevent Phishing Scams NOV-2018

https://www.pcmag.com/article/364947/how-to-avoid-phishing-scams

The key to running a phishing scam is creating a replica of a secure website that’s good enough to fool most people. With the classiest fakes, every link goes to the real site. Well, every link except the one that submits your username and password to the perpetrators. As icing on the cake, the fraudsters may try to create a URL that looks at least a little bit legitimate. Instead of paypal.com, perhaps pyapal.com, or paypal.security.reset.com.

Some techniques detailed in article include:

1. Always avoid obvious fake sites
2. Verify website address in browser address bar
3. Ensure SSL lock is present
4. Be careful with source links from email & web searches
5. Implement Phishing tools & safeguards

Microsoft Security – Helps shut down fake Tech-Support Centers

https://www.pcmag.com/news/365198/microsoft-helps-police-shut-down-fake-tech-support-centers-i

The fake tech-support centers swept up in the raids made thousands of dollars by sending out pop-up ads over the internet that claimed users’ computers had been infected with a virus. Victims were fooled into buying repair services to fix the phony issue.

Microsoft has been working with police in India to shut down fake tech-support centers in the country that are scamming victims in the US and Canada. On Tuesday and Wednesday, police in the Indian capital of New Delhi raided 16 fake tech-support centers, which were located with the help of Microsoft, according to The New York Times. Three dozen people were arrested in the raids.

The fake tech-support centers swept up in the raids made thousands of dollars by sending out pop-up ads over the internet that claimed users’ computers had been infected with a virus. Victims who fell for the scheme would phone the fake Microsoft tech support centers, which would then offer repair services ranging in price from $99 to $1,000.

The raids come a month after Microsoft published a survey that found more than 3 in 5 consumers have encountered the tech-support scams. In addition to pop-up warnings, the fraudsters have been using phone calls, emails, and website redirects to trick users into thinking their computers are infected with a virus or spyware.

Data Breach – Marriott Starwood guest reservation database

https://www.cnbc.com/2018/11/30/marriott-says-its-starwood-database-was-breached-onapproximately-500-million-guests-.html

Marriott says its Starwood database was hacked for approximately 500 million guests

  • Marriott said the Starwood guest reservation database was breached, potentially exposing information on about 500 million guests.
  • Among the information stolen on many of the guests includes a combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.
  • Payment information may also have been accessed on some guests.

Cisco study – Internet traffic will triple by 2022

This Cisco research study describes explosive growth in Internet traffic, where it is projected to triple by 2022

http://www.eweek.com/networking/global-ip-traffic-to-more-than-triple-by-2022-cisco-predicts

Cisco is predicting more IP traffic from 2017 to 2022 than in the history of the internet, and AWS and Lockheed Martin partnering to bring satellites down to Earth. In its latest Visual Networking Index, Cisco Systems said that within four years, more IP traffic will cross global networks than in all prior years combined, and that more traffic will be created in 2022 than in the 32 years since the internet started.

Cisco predicts that by 2022, 60 percent of the global population will be internet users, more than 28 billion devices and connections will be online, and video will make up 82 percent of all IP traffic. Cisco’s Visual Networking Index also predicts that within the five-year period from 2017 to 2022, global IP traffic will more than triple and global broadband, WiFi and mobile speeds will double or more. IP video traffic will quadruple by 2022, and gaming traffic is expected to grow nine-fold, representing 4 percent of overall IP traffic in 2022.

Security – US CERT shares identity theft prevention NOV-2018

https://www.us-cert.gov/ncas/current-activity/2018/11/29/Protecting-Against-Identity-Theft

As the holidays draw near, many consumers turn to the internet to shop for goods and services. Although online shopping can offer convenience and save time, shoppers should be cautious online and protect personal information against identity theft. Identity thieves steal personal information, such as a credit card, and run up bills in the victim’s name.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review the following tips to help reduce the risk of falling prey to identity theft:

If you believe you are a victim of identity theft, visit the FTC’s identity theft website to file a report and create a personal recovery plan.

Windows 10 – Defender Security Center Fall 2018 release

Microsoft Windows Defender Security Center gets new features with the Fall 2018 Creators Update, but the best third-party antivirus tools still provide better protection

https://www.pcmag.com/article/356835/does-windows-10s-security-boost-make-antivirus-obsolete

Not so long ago, the venerable Windows Defender got a new name—Microsoft Windows Defender Security Center—and a leap in functionality. In addition to antivirus, it manages Windows Firewall, SmartScreen Filter, and Microsoft’s parental controlsystem, and also helps with PC health and performance issues.

That doesn’t mean it’s now a security suite, by any means. In fact, while its lab test scores have improved, it still doesn’t come close to challenging the best third-party solutions—even the free ones.  Microsoft has put a simple kind of ransomware protection right into Windows Defender. It’s not turned on by default, however, and it’s hard to find. Dig into the antivirus settings, find the setting called Controlled Folder access, and turn it on.

Windows Defender’s antivirus lab test scores are improving, but they’re coming up from dismal. All four test labs that I follow include it, as well as Avast, our Editors’ Choice product for free antivirus. Microsoft’s aggregate lab score is 8.8 out of 10 possible points, a marked improvement. However, Avast and AVG earned 9.6 and 9.5 points, respectively. Kaspersky and Bitdefender routinely float at the top, with 9.9 or 10 points. When you’re defending against malware that can destroy your data, invade your privacy, and empty your bank accounts, you want the best.

Windows 10 – Defender Security Center in-depth review
https://www.pcmag.com/article2/0,2817,1926596,00.asp

Security – New EternalBlue attack compromises 45,000 routers

A new EternalBlue attack has compromised 45,000 routers to expose possibly up to 2M devices.  It uses a UPnP vulnerability being used to open up & expose ports 139 and 445 allowing potential for unauthorized access, as documented below:

https://arstechnica.com/information-technology/2018/11/mass-router-hack-exposes-millions-of-devices-to-potent-nsa-exploit/

More than 45,000 Internet routers have been compromised by a newly discovered campaign that’s designed to open networks to attacks by EternalBlue, the potent exploit that was developed by, and then stolen from, the National Security Agency and leaked to the Internet at large, researchers said Wednesday.

The new attack exploits routers with vulnerable implementations of Universal Plug and Play to force connected devices to open ports 139 and 445, content delivery network Akamai said in a blog post. As a result, almost 2 million computers, phones, and other network devices connected to the routers are reachable to the Internet on those ports. While Internet scans don’t reveal precisely what happens to the connected devices once they’re exposed, Akamai said the ports—which are instrumental for the spread of EternalBlue and its Linux cousin EternalRed—provide a strong hint of the attackers’ intentions.

Apple iOS 12 – Exploit to unlock devices possibly discovered

DriveSavers is a  data recovery company.  They have possibly discovered a new exploit that will unlock Applie iOS12 devices as noted below.  They charge an expensive fee to recover & are keeping exploit secret at this point 

https://www.forbes.com/sites/gordonkelly/2018/11/29/apple-iphone-xs-max-xr-problem-ipad-expensive-cost-upgrade/

https://drivesaversdatarecovery.com/data-recovery-services/devices-supported/smartphones-and-tablets/passcode-lockout-data-recovery/

In short: the data on all iPhones and iPads running iOS 12 is not safe. This comes after an announcement from popular data recovery company DriveSavers that files on these devices can be accessed with “a 100% success rate”. Furthermore, unlike most security holes which are disclosed to Apple, this one is being kept secret.

DriveSavers said it is building a service around the exploit and charging users up to $3,900 if they want to access locked devices. That said, the company stresses it is using strict identification protocols from customers to ensure they are not hacking an iPhone or iPad which doesn’t belong to them.

With DriveSavers keeping the flaw a secret to protect its new service, Apple has a major job on its hands to find and fix it. And until then, the race is on for more nefarious hackers to discover and exploit it …if they aren’t already.

Data Breach – Dunkin Donuts Perks accounts

Dunkin Donuts has alerted their “Perks” members of a need to reset their account passwords

http://www.darkreading.com/threat-intelligence/dunkin-donuts-serves-up-data-breach-alert/d/d-id/1333367

Dunkin’ Donuts has alerted DD Perks account holders to a security incident after learning an unauthorized party accessed some of their usernames and passwords, NBC News reports. DD Perks is a rewards program that lets Dunkin’ customers purchase food and beverages for pickup and receive free drinks via rewards points and on their birthdays. On Oct. 31, a security vendor detected a third party accessing users’ accounts. It believes these actors stole usernames and passwords from other companies and used them to attempt DD Perks logins.

Information exposed varies from user to user, depending on what was in their accounts. Dunkin’ reports third parties may have been able to access first and last names, email addresses (which are used as usernames), the 16-digit DD Perks account numbers, and DD Perks QR codes.