Dismiss this notice
ExpressVPN Valentines 2021 Giveaway - https://www.geeks.fyi/showthread.php?tid=14246

Dismiss this notice
Internet Download Manager Giveaway - https://www.geeks.fyi/showthread.php?tid=14245

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Avast_Security_News: Hackers possibly “testing” pro-Trump websites
[Image: TVDumYE.png]

Plus, more news bytes of the week, including a stingy Slack and the hidden “dark patterns” on social media

As the United States presidential election draws nearer, cybersecurity firm Cloudflare has noticed an increasing number of attacks on Donald Trump’s campaign and business websites. Reuters reported that Trump hired Cloudflare to defend his websites throughout the campaign, which has been steeped in suspicions about disinformation and foreign interference. In their security assessment, Cloudflare suggested that the attacks – growing not just in number but also in sophistication – could indicate a larger assault on the horizon. Cloudflare believes the previous minor attacks served the hackers as “test” attacks to get a sense of how to truly disrupt the sites.

A spokesperson for Cloudflare told Reuters that the company is providing security services to both the Trump and the Biden campaigns, and that it will instigate more “security hardening” to better protect all campaign websites. “It is good to see that both campaigns are concerned about online security and investing in that area to protect themselves,” commented Avast Security Evangelist Luis Corrons. “It is going to be a bumpy race for both candidates, and a growing number of attacks is expected. Elections in the United States are probably one of the most desirable targets, from state-sponsored attackers to hacktivists. On top of that, the COVID-19 pandemic has people spending more time online than ever, which means that the repercussions of these attacks could be even greater.”

Google Play removes 56 ad fraud apps

Google removed 56 malicious apps from the Google Play Store after researchers alerted the company about a sophisticated botnet called “Terracotta” which had been uploading malicious Android apps to the store. Security firm White Ops had been tracking Terracotta since 2019. The apps uploaded to the Google Play store by the botnet usually offered users free merchandise or services such as shoes and dental treatments. The apps informed users that in order to receive the free bonuses, they must leave the app installed on their phone for two weeks. During that time, however, the malicious apps would use the device’s battery power and internet connection to surreptitiously execute ad fraud in the background. More on this story at ZDNet

Slack criticized for cheap payout to researcher

The security community is criticizing popular communication platform Slack for fixing serious vulnerabilities discovered and reported by a researcher, but then rewarding that researcher with a paltry amount. The $20 billion company paid security engineer Oskars Vegeris $1,750 for information that explained how bad actors could completely hijack Slack accounts. Many from the security community are discussing the issue on Twitter, where the general consensus is that Vegeris could have made much more money selling the info on the dark web. More at Silicon Angle

FBI acknowledges the good and bad of doorbell cams

Leaked FBI documents revealed by The Intercept divulge that federal authorities are aware that doorbell cameras are a two-sided coin when it comes to law enforcement. In recent years, the sale of doorbell cams has surged, and neighborhoods have been quick to create hyper-local social media sites where residents can share footage of suspicious activity in their area. Local police have partnered with residents in some areas to use the shared footage to solve crimes. Yet while doorbell cams do tend to discourage burglars, they can also foil law enforcement by sensing and giving away police activity on the premises. For a deep dive into the pluses and minuses of sharing one’s security camera footage with local police, read more at Safety.com

Facebook and other sites use “dark patterns” to manipulate users

While social media sites may seem to put privacy controls in the users’ hands, some security experts point out that there are “dark patterns” afoot whereby the various websites try to force users’ hands or otherwise convince them to make certain choices. A researcher at Purdue University identified 5 basic types of dark patterns – nagging, obstruction, sneaking, interface interference, and force action. All 5 types show up in privacy controls, such as when Instagram nags users to turn on notifications, or when LinkedIn shows users only part of a message, forcing them to log in to see the rest. Learn more about dark patterns at Wired
Continue Reading

Forum Jump:

Users browsing this thread: 1 Guest(s)
You have to register before you can post on our site.



Recent Posts
Telegram Platform Abused in ‘ToxicEye’ M...
Hackers are levera...silversurfer — 14:19
QR Codes Offer Easy Cyberattack Avenues ...
The use of mobile ...silversurfer — 14:17
Pulse Secure Critical Zero-Day Security ...
A critical zero-da...silversurfer — 14:13
Microsoft introduces support for Linux G...
Microsoft relea...harlan4096 — 07:59
Hello! MR4 is here!...harlan4096 — 07:54

Today's Birthdays
avatar (38)bycoPaist
avatar (44)pieloKat
avatar (38)ilyagNeexy
avatar (46)donitascene
Upcoming Birthdays
avatar (46)steakelask
avatar (40)Termoplenka
avatar (46)Toligo

Online Staff
There are no staff members currently online.