Watch Android Malware Automatically Steal 1,000 Euros From a PayPal Account in Seconds

”There’s no telling that that innocuous-looking app that promises to improve your Android’s phone faulty battery won’t steal your money.”

A new piece of malware for Android devices is programmed to send 1,000 euros to cyberthieves via PayPal in around 5 seconds—all without the user being able to stop it.

Once installed, the malware asks the user for permission to “Enable Statistics.” This innocent sounding function actually allows the malware, and its creators, to receive notifications when the user is interacting with certain apps, and inspect the content of the window they’re interacting with. In other words, this allows the cybercriminals to take control of the phone remotely when the user opens certain apps. In this case: PayPal, Google Play, WhatsApp, Skype, Viber, Gmail, and some banking apps. Läs mer

Skydda datorn mot nätfiskeförsök och andra former av onlinebedrägerier

https://support.office.com/sv-se/article/skydda-datorn-mot-n%C3%A4tfiskef%C3%B6rs%C3%B6k-och-andra-former-av-onlinebedr%C3%A4gerier-be0de46a-29cd-4c59-aaaf-136cf177d593

https är inte lika med säker domän

https kan misstolkas som Säker

Det betyder egentligen endast att trafiken är krypterad, och det är i sig bra! Men det betyder inte att du har fått en krypterad förbindelse med den du tänkt dig.

Domännamn = omkring sista punkten före snedstreck

Det registreras tusentals med certifikat som krypterar kommunikationen med sajter som ser exakt likadana ut som den du tänkt besöka men adressen är inte exakt utan endast snarlik.
Du går till den domän som står före och efter den sista punkten och innan ett eventuellt snedstreck.

Exempel på falska domäner;

  1. servicesonline-americanexpress.com
    Det är inte en punkt innan americanexpress.com.
    Hela adressen är domänen men man kan tro att det är servicesonline hos American Express
  2. dropbox.com.login.verify.danaharperandfriends.com
    Det är inget snedstreck efter dropbox.com.
    Domänen är danaharperandfriends.com
  3. login-appleid.com-direct-apple.com
    Det är inte en punkt innan appleid.com och det är inte heller något snedstreck efter appleid.com.
    Domänen är com-direct-apple.com

Vissa internet-program visar i svart det som är själva domännamnet. Alla program ger också möjlighet att se vem certifikatet är utställt till, vanligen genom att klicka på hängläset.

Mer om falska certifikat hos Netcraft, https://toolbar.netcraft.com/stats/certificate_authorities.

Google Chrome skriver inte längre att en sajt är säker bara för att den har https. https://blogg.loopia.se/tag/google-chrome/.

Amazon, Apple Servers Completely Compromised by Chinese Hardware Backdoors

For years, security researchers have warned that unscrupulous hardware manufacturers or foreign governments could hijack the manufacturing process, installing backdoors into equipment that would be difficult to detect or stop. Now, we’ve caught the Chinese red-handed, and the fallout could be ugly.

An extensive report from Bloomberg details how Amazon’s investigation into deploying servers manufactured by Elemental Technologies led to the discovery of hardware backdoors smaller than a grain of rice. The chips had been hidden on Supermicro motherboards.

After discovering the chips in 2015, the government spent three years investigating the situation. They’ve determined that the hardware creates “a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China.”

Amazon, Apple Servers Completely Compromised by Chinese Hardware Backdoors

Amazons reply:
https://aws.amazon.com/blogs/security/setting-the-record-straight-on-bloomberg-businessweeks-erroneous-article/

What if the Bloomberg story is true?

Hard(ware) questions about government hacking: what if the Bloomberg story is true?

AI-powered IT security seems cool – until you clock miscreants wielding it too

A survey of 5,000 IT professionals released late last month (sep 2018) revealed three major threats techies believe they will face over the next five years:

  • malicious AI attacks in the form of social engineering,
  • computer-manipulated media content, and
  • data poisoning.

Just four in 10 pro quizzed believed their organizations understood how to accurately assess the security of artificially intelligent systems.

https://www.theregister.co.uk/2018/10/01/can_ai_be_trusted_on_security/

Google wants to get rid of URLs but doesn’t know what to use instead

Their complexity makes them a security hazard; their ubiquity makes replacement nigh impossible.

Sometimes URLs are explicitly typed by users; other times they’re opaque and hidden behind hyperlinks. Some URLs are good for sharing, others aren’t. Sometimes they’re shown on devices with abundant screen space, other times they’re so cramped that only a fragment of the URL can ever be seen.

https://arstechnica.com/gadgets/2018/09/google-wants-to-get-rid-of-urls-but-doesnt-know-what-to-use-instead/

IDN homograph attack

An example of an IDN homograph attack; the Latin letters ”e” and ”a” are replaced with the Cyrillic letters ”е” and ”а”.

The internationalized domain name (IDN) homograph attack is a way a malicious party may deceive computer users about what remote system they are communicating with, by exploiting the fact that many different characters look alike (i.e., they are homographs, hence the term for the attack, although technically homoglyph is the more accurate term for different characters that look alike). For example, a regular user of example.com may be lured to click a link where the Latin character ”a” is replaced with the Cyrillic character ”а”.

This kind of spoofing attack is also known as script spoofingUnicode incorporates numerous writing systems, and, for a number of reasons, similar-looking characters such as Greek Ο, Latin O, and Cyrillic О were not assigned the same code. Their incorrect or malicious usage is a possibility for security attacks.

https://en.wikipedia.org/wiki/IDN_homograph_attack

Krav på skriftlighet

Om ett företag kontaktar dig via telefon i syfte att ingå ett avtal krävs det att du skriftligen bekräftar erbjudandet för att avtalet ska vara giltigt. Det är alltså inte möjligt att ingå avtal muntligen vid telefonförsäljning.

För det första ska företaget skriftligt bekräfta det anbud de har gett dig på telefon. För det andra ska du skriftligen acceptera företagets anbud. Du är endast betalningsskyldig för produkter om du har gjort en skriftlig bekräftelse. (exempelvis ett kryss i en kryssruta eller svar på mejl räcker!)

Kravet gäller endast samtal som sker på företagets initiativ. Om samtalet på något sätt sker på ditt initiativ faller det utanför tillämpningsområdet.

https://www.hallakonsument.se/tips-for-olika-kop/olika-kopsituationer/telefonforsaljning/krav-pa-skriftlighet/

Dark Patterns: When Companies Use Design to Manipulate You

“Dark patterns” are designs that deliberately trick you into doing what a company wants. This can take all kinds of forms, from MoviePass not canceling people’s accounts to installers putting crapware on your machine.

-/-

at one point even closing the window offering the update would prompt the installation. A lot of people ended up accidentally installing Windows 10 because of this one, which makes sense: it was almost impossible to tell how to opt out.

https://www.howtogeek.com/363484/dark-patterns-when-companies-use-design-to-manipulate-you/