Want to start making money as a white hat hacker? Jump-start your hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from cybersecurity professionals.
Cybersecurity experts are warning travelers about a cyber attack that utilizes these ports allowing hackers to access your device. It's called "juice jacking". If hackers have tampered with the port they can install malware on your device and if information is able to flow to and from the cable hackers can take all your personal information.
With this malware service, known as the Eternity Project, cyber criminals can target victims with a customized threat offering based on modules that range in price from $90 to $490. The modules provide access to a stealer, clipper, worm, miner and ransomware, depending on the interests of the attacker. Cyber criminal developers are also working to create a module that offers distributed denial of service (DDoS) bots.
According to cyber security researchers, Eternity demonstrates how cyber crime is proliferating via Telegram channels and cyber crime forums. This appears to be the case on account of the fact that criminals can sell their products in these spaces without any regulation.
Whether you're a tech support specialist who has access to key customer accounts, a software engineer tasked to work on a crucial company project, a server admin who updates and interacts with crucial company data, a Scrum Master, a project team leader, a cybersecurity professional or any other kind of worker who uses important company files every day, working remotely requires you to be on your game in ways that go beyond the typical data security demands at the office.
Apple fans keen to get their hands on the Apple Watch are advised to think before they click, after hackers exploited a wave of enthusiasm around the launch with a phishing scam linked to a fake giveaway.
Hackers can modify these ports to install malevolent software, aka malware, on your phone. Once installed, it can transfer your phone's data to hackers. The hacked USB ports can also directly suck up your phone's information. To avoid the risk, use your USB cord with your own charging block that can plug into a standard electrical outlet, or use an external battery pack.
Because phone numbers are often used as security keys, hackers may be able to get into many other accounts once they have access to your phone account. Make it harder to penetrate by avoiding common security questions, Davis says. "When you set up your security questions and answers, make sure you're using really challenging questions that are going to be hard to figure out."
If the client has a guest network with a weak password, a hacker could get into that network to access your files, he said. Be aware, too, that if the client has a guest network that doesn't have a password, it's possible for someone sitting outside the building to infiltrate the system and, by extension, your files, he said.
Create random passwords that are at LEAST 8 digits long, for every system you log into. If one of your accounts get compromised, hackers cannot gain access to the rest of your accounts. You need to use an encrypted password database system and use a long sentence with numbers and symbols as your master password for that system. You may also want to use a combination of double authentication and/or physical key, so you don't kick yourself in the behind when that hacker runs off with your tokens and the news reports that those tokens hit an all time high of $10,000!
If you don't have some sort of 2-factor authentication, you are leaving yourself up to be hacked. If any system you encounter allows for 2-factor authentication. Make sure to set it up, even if it uses SMS messages for verification. Make note though, that SMS authentications can be hacked if someone clones your phone or uses social engineering with your phone company to take control of your device. It's very easy to do. Make sure you call your mobile phone company and set a verbal password or pin on your account. Someone can still compromise this believe it or not.
Side note: Many systems allow you to use your mobile phone number as a back up and as a double authentication device. Try not to use your actual mobile phone number. Use another SMS enabled number. An easy way to do this, is creating a separate google account and setup Google voice number on that account. That way even if a hacker gains access to your phone the verification will be sent to another phone number.
And finally, UK telco EE was accused of leaving two million lines of internal source code, plus AWS account keys, out in the open with the username-password pair of admin-admin, allowing crims to skim the files for vulnerabilities to exploit. EE insisted no customer data was lost or stolen. ®
The pandemic has generated a host of new information security threats as remote work environments with potential vulnerabilities have proliferated, and hackers have seized on the crisis as an opportunity to create new and more convincing and sophisticated forms of cyber-attacks and scams. There are no cookie cutter solutions. If you have questions or need assistance, please contact our HB Cybergroup. 2b1af7f3a8