KIDS BACK AT SCHOOL. CHECK. DEVICES PROTECTED. CHECK.
For many, a new school year symbolizes a new beginning. For kids it’s as much a celebration as New Year’s Eve for adults. New beginnings, a clean slate and starting over. No wonder we want to prepare for it as best we can, to set ourselves, and our children, up for success.
The preparation should not only include the purchase of school supplies and books, today a very important part is, digital security and privacy. We may omit this at times, but unfortunately the back-to-school season offers a great opening for phishing, ransomware and other scams to deceive both us and our children.
For many, a new school year symbolizes a new beginning. For kids it’s as much a celebration as New Year’s Eve for adults. New beginnings, a clean slate and starting over. No wonder we want to prepare for it as best we can, to set ourselves, and our children, up for success.
The preparation should not only include the purchase of school supplies and books, today a very important part is, digital security and privacy. We may omit this at times, but unfortunately the back-to-school season offers a great opening for phishing, ransomware and other scams to deceive both us and our children.
Set yourself up for success
There are several threats to look out for, for example the aforementioned phishing scams or ransomware attacks. Make sure you watch out for the most common back to school scams, such as scholarship scams, tech support scams and other. However, using these tips you can prevent them from happening and have a cybersafe start of the new school year.
What to do?
- Do not click unknown links or open suspicious emails
- Avoid sharing personal information
- Keep your operating system (OS) up to date
- Never use unknown portable devices: USB sticks, other people’s smartphones
- Watch out for bad grammar/generic openings
- Use a strong password and don´t leave your device unlocked or unattended
- Back up your data regularly
- Ask your school or university about their privacy and security policy
- If you are a parent, invest in efficient Parental Control
Secure your mobile device
Whether you are a parent, a teacher or a child, your phone is a powerful tool. It is certainly a great tool to keep in contact, stay on top of assignments and other school activities. But it is also a tool for malicious actors to invade your privacy and security. Keeping it safe is therefore one of the key things in ensuring a smooth and safe back to school transition.
A great way to start is with ESET Mobile Security on your Android mobile devices. It is a solution that ensures security against a multitude of mobile threats while securing users’ data.
ESET Mobile Security aims to provide a safe environment by leveraging its Anti-Phishing feature. The feature integrates with the most common web browsers (Chrome and many others) available on Android devices to provide protection to any and all online activities you want to carry out.
We recommend you keep Anti-Phishing enabled at all times. All malicious websites, listed in the ESET malware and phishing database, will be blocked and a warning notification will be displayed informing you of the attempted attack.
Other features of ESET Mobile Security include:
- Anti-Smishing – protects you from SMS and App notifications containing malicious links
- Antivirus – protection against malware: intercepts threats and cleans them from your device
- Payment protection – lets you shop and bank safely online
- App lock – requires extra authentication to access sensitive apps; protects content when you’re sharing a device
- Anti-Theft – a powerful feature to help protect your phone and find it if it goes missing
- Network inspector – scans your network and all connected devices to identify security gaps
- Call filter – blocks calls from specified numbers, contacts and unknown numbers
- Adware detector – identifies and removes apps that display ads unexpectedly
- Real-time scanning – scans all files and apps for malware
- Scheduled scans – checks your device every time you charge it, or whenever you want
- Security audit – checks an app’s permissions
- Security report – provides an overview of how secure your device is
- USB on-the-go scanner – checks any connected USB device for threats
- Up to 5 devices – pay once, protect 5 devices associated with the same Google account
ESET Mobile Security makes your Android phones and devices easy to find and harder to steal, and it helps to protect your valuable data.
If you want to protect your phone with ESET Mobile Security, you’re in luck! From August 25 to September 7, the premium version of ESET Mobile Security will be 50% off. No need for a promotional code; the discount will automatically be added to your checkout! It couldn’t be easier.
The most powerful tool
Your most powerful tool when trying to keep your children safe in the digital world is educating yourself, talking to them about healthy use of digital and the threats they may encounter. Have regular conversations with your children about privacy, security and proper online behavior. Make sure they feel safe to talk to you about anything that might make them feel uncomfortable in the digital world.
To better educate yourself and your children, visit saferkidsonline.eset.com.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.
ESET Research discovers new threat to Mac users: CloudMensis spies on them in targeted operation
- ESET researchers discovered a previously unknown macOS backdoor that spies on users of compromised Macs.
- ESET has named the malware CloudMensis because it uses cloud storage services to communicate with the operators and uses the names of months as directory names.
- This macOS malware uses cloud storage as its Command and Control channel, supporting three different providers: pCloud, Yandex Disk, and Dropbox.
- CloudMensis can issue 39 commands, including exfiltrating documents, keystrokes, and screen captures, from compromised Macs.
- Metadata from the cloud storage services used reveal that the first Mac compromised by this recent campaign was on February 4, 2022.
- The very limited distribution of CloudMensis suggests that it is used as part of a targeted operation.
BRATISLAVA, MONTREAL — JULY 19, 2022 — ESET researchers discovered a previously unknown macOS backdoor that spies on users of compromised Macs and exclusively uses public cloud storage services to communicate back and forth with its operators. Named CloudMensis by ESET, its capabilities clearly show that the intent of the operators is to gather information from the victims’ Macs by exfiltrating documents and keystrokes, listing email messages and attachments, listing files from removable storage, and screen captures.
CloudMensis is a threat to Mac users, but its very limited distribution suggests that it is used as part of a targeted operation. From what ESET Research has seen, operators of this malware family deploy CloudMensis to specific targets that are of interest to them. The use of vulnerabilities to work around macOS mitigations shows that the malware operators are actively trying to maximize the success of their spying operations. At the same time, no undisclosed vulnerabilities (zero days) were found to be used by this group during our research. Thus, running an up-to-date Mac is recommended to avoid, at least, the mitigation bypasses.
“We still do not know how CloudMensis is initially distributed and who the targets are. The general quality of the code and lack of obfuscation shows the authors may not be very familiar with Mac development and are not so advanced. Nonetheless, a lot of resources were put into making CloudMensis a powerful spying tool and a menace to potential targets,” explains ESET researcher Marc-Etienne Léveillé, who analyzed CloudMensis.
Once CloudMensis gains code execution and administrative privileges, it runs a first-stage malware that retrieves a more featureful second stage from a cloud storage service.
This second stage is a much larger component, packed with a number of features to collect information from the compromised Mac. The intention of the attackers here is clearly to exfiltrate documents, screenshots, email attachments, and other sensitive data. Altogether, there are 39 commands currently available.
CloudMensis uses cloud storage both for receiving commands from its operators and for exfiltrating files. It supports three different providers: pCloud, Yandex Disk, and Dropbox. The configuration included in the analyzed sample contains authentication tokens for pCloud and Yandex Disk.
Metadata from the cloud storage services used reveal interesting details about the operation, for example that it started to transmit commands to the bots as of February 4, 2022.
Apple has recently acknowledged the presence of spyware targeting users of its products and is previewing Lockdown Mode on iOS, iPadOS, and macOS, which disables features frequently exploited to gain code execution and deploy malware.
For more technical information about CloudMensis, check out the blogpost “I see what you did there: a look at the CloudMensis macOS spyware” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.
Outline of how CloudMensis uses cloud storage services
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.
SafeDNS Recognized as the Must-Have IT Tools for IT Professionals
GetApp, an established software review, and recommendation engine, featured SafeDNS in its “10 Must-Have IT Tools for IT Professionals” report. With an overall rating of 4.7,SafeDNS was mentioned as one of the Must-Have IT Tools for IT Professionals with an overall positive rating of 97%.
Not only this, SafeDNS is a winner of not 1 but 2 GetApp Category Leaders reports in the first half of this year! Check out our incredible win:
SafeDNS has been a top-rated product on GetApp. Our users have made it possible! Check out our performance on GetApp –
Here’s what our users have to say about us:
“SafeDNS is a really great product, we have been using it for over 5 years now and it’s really robust. We deploy for all our customers internal networks and this includes our Azure infrastructure and it just works.”
“We have been using this software for years and are very happy with the results. School and Parents are grateful for the safety this software brings to us. When I check our stats and can see the protection that is being provided. Makes us very happy.”
Want to review SafeDNS? Click here.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.
Ethics and Morally Ambiguous Security Pursuits
Most cybersecurity professionals understand moral ambiguity. Just ask Marcus Hutchins, the “accidental hero” who stopped the WannaCry ransomware attack in its tracks.
Hutchins was working as a security researcher when he discovered a critical flaw in the malware — its kill switch. Not long after, he was indicted on federal charges related to his previous work as a malware developer on HackForums – a bustling collective of young hackers.
Thankfully, Hutchins was eventually cleared of all charges. But his story highlights the murky ethical landscape that many security researchers operate in.
On one hand, companies and individuals are better off when security researchers find and disclose vulnerabilities. On the other hand, some researchers find – or develop – exploits to sell on the dark web. For budding cybersecurity researchers, it’s not always clear where the line is.
After reading Hutchins’ story, I thought a lot about the nature of communities. Communities in the Internet age, specifically, and how they can lead us to the best things the Internet has to offer, or to the worst corners of others’ minds.
Take YouTube, for instance – its algorithm is designed to serve content that pushes users deeper into a specific topic, often toward morally questionable content. The same is true of TikTok, Facebook, and a slew of others. This subconscious manipulation is one of many reasons why it’s so difficult to find a like-minded community where you can collaborate and learn.
Hutchins didn’t need an algorithm to push him into the dark side. He found it while poking around a young hacking forum. Pretty soon, he would go from admiring malware to building his own, with increasingly dark results. Eventually, Hutchins built his own community, amassed followers on the order of tens of thousands, and attracted the attention of Kryptos Logic. And thus began his white-hat path toward neutering WannaCry.
“There’s [a] misconception that to be a security expert you must dabble in the dark side,” said Hutchins. “It’s not true. You can learn everything you need to know legally. Stick to the good side.”
I can only wonder how much more good Hutchins could have done had he found the “good side” long ago. Or, how much good current black-hat hackers could accomplish with encouragement from the right community.
The Modern Security Researcher’s Tribe
In the early days of hacking, only a handful of people could exploit vulnerabilities and gain unauthorized access to systems. These individuals were self-taught, like Hutchins, and their skills were not widely known or understood. As the Internet grew, more and more people became interested in hacking culture, sharing their knowledge and developing new techniques.
It’s a constantly evolving field.
Researchers used to be seen as “lone wolf” operators, working in isolation to scratch an intellectual itch. But the cybersecurity profession has undergone a dramatic transformation in recent years. Today’s security researcher is less likely to be a lone wolf and more likely to be part of a team, working together to uncover critical vulnerabilities and exploits (CVEs) and develop solutions. They are also more likely to use sophisticated tools and techniques to find vulnerabilities in systems. And thanks to the power of the Internet, they can reach a global audience with their findings.
This shift has been driven by the increasing complexity of attacks, which require greater levels of expertise to defend against. Security research is now an essential part of the modern IT landscape, and it is only going to become more important in the years to come.
One thing is certain, though: The work of security researchers has a profound impact on society. They are the ones who find the vulnerabilities that can be exploited to cause massive damage – like WannaCry. But the vulnerabilities they find could just as easily end up in the hands of bad actors who are intent on ripping off people and/or harming critical infrastructure.
The job is a delicate balancing act, one that requires a great deal of responsibility.
It’s important to remember that security researchers are not immune to the same biases and motivations that affect everyone else. They need support, and people to hold them accountable when they come across that ethically dubious line.
There’s no question that security research is a vital part of keeping our online world safe. But where do these researchers thrive? In what types of environments do they do their best work?
For many security researchers, it’s all about the community. It’s here where groups of like-minded individuals share information and ideas. And there are numerous online forums and newsletters where they can share ideas, debate techniques, and collaborate. In addition, there are conferences and in-person meetups to discuss the latest trends and challenges.
By working together, they can pool their knowledge and resources, making it easier to identify and neutralize threats. In addition, the security research community provides a supportive environment for new researchers, helping them to develop the skills and knowledge that they need to be successful.
Today, the security research community is vast and diverse. It includes individuals from all walks of life, with varying levels of expertise. Some security researchers are full-time professionals, while others are hobbyists or students. But regardless of their background or experience, they all share one common goal: to find and report CVEs. That’s why we developed vsociety – for security researchers to share CVEs and gain communal support.
Of course, not all security researchers need or want to be part of a community. Some prefer to work independently, researching new vulnerabilities and developing innovative new solutions to exploits. For these researchers, the lack of community involvement can actually be a benefit, as it allows them to focus entirely on their work as they see fit. And, for that matter, not every community offers consistent, genuine support.
Take Twitter, where many security researchers gravitate due to a lack of good online communities. Twitter can be a great source of support, but it can also be a breeding ground for new threats. In recent years, we’ve seen several cases of hackers on Twitter developing and releasing malware that caused real-world damage.
Yes, social media intelligence can be a valuable asset for gathering insights on threats or contextualizing current research. But the information found on Twitter needs a thorough scrubbing for veracity and reliability.
Why? Because Twitter is rife with fake news and content disguised to harm organizations or people. The proliferation of misinformation requires security researchers on Twitter to always use keen judgment. But some activities on social media can fall in a gray area; meaning they may be illegal in certain jurisdictions but do not violate Twitter’s terms of service. If a security researcher runs with such information, they could be compromised..
Indeed, it’s more important than ever to find a cybersecurity community that nurtures “good faith” vulnerability hunting. After all, we’re on the verge of the new age in security research…
A New Catalyst for Good Emerges
Security researchers work tirelessly to find vulnerabilities in software and systems, and they report these bugs to the appropriate parties so they can be patched. Many of these researchers also participate in bug bounty programs, which offer rewards for finding and reporting security vulnerabilities. In other words, they get paid to hack systems and find weaknesses. Without security researchers, we would be living in a much less safe and secure world.
While bug bounties can be a great way to crowdsource security testing and build goodwill with the bug-hunting community, it can also be great for adding a misdemeanor (or worse) to your record. The good news is that the U.S. Justice Department recently directed prosecutors not to go after hackers under the Computer Fraud and Abuse Act (CFAA). But only if their reasons for hacking are ethical. Ethical reasons include bug hunting, disclosing CVEs responsibly, and above-board penetration testing.
This is huge news.
While some believe the new policy doesn’t go far enough to protect individual bug hunters, it does provide more freedom for security researchers to find and report CVEs without the fear of legal repercussions. Still, individual security researchers must mind the ethical gap. If they unwittingly cross a muddled line (made even more indecipherable by the policy’s bureaucratic speak), they could be met with legal consequences—making it all the more important for security researchers to learn how to apply caution and ethics in their bug hunting.
A Tribe Called Home
“In my career I’ve found few people are truly evil, most are just too far disconnected from the effects of their actions,” wrote Marcus Hutchins. “Until someone reconnects them.”
A good community – if it does its job well – can reconnect even the most ethically disconnected individuals. But it’s essential for everyone – from individuals to companies to government agencies – to do their part to improve cybersecurity. Whether it’s investing in better security tools or simply being more careful about what information is shared online, we all have a role to play. Our role is in building a community that security researchers may turn to for education, collaboration, and thought leadership.
As technology advances, so must the methods used to protect our data. Cybersecurity professionals are constantly working to stay ahead of hackers by developing new security measures and techniques. At the same time, security researchers are working just as hard to identify potential vulnerabilities in these systems so that they can be addressed before they can be exploited. As security professionals, we are constantly trying to stay ahead of the latest threats and vulnerabilities. We need to be able to quickly identify attacks, respond to them, and prevent them from happening again. To do this, we rely on security researchers who help us understand how attackers operate and what new techniques they are using. It is a never-ending race, but it is one that is essential to the safety of our digital world. And in today’s digital landscape, community plays a pivotal role in driving security researchers toward “good faith” vulnerability hunting.
There will be plenty more people like Marcus Hutchins. Some of whom discover the “dark side” and transition over to the “good side.” And others who discover the “dark side” and remain. With positive support from the right community, we can better steer the Marcus Hutchins’ of this world over to the good side of security research.
#security #community #ethics #hacking #hackers
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About VRX
VRX is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.
