A cybersecurity company has released its annual Voice Intelligence Report, and their numbers are quite shocking.
According to Pindrop's annual Voice Intelligence Report, voice fraud continues to be a major threat for people as the report finds that between 2014 and 2018 fraud rates have climbed by 350%. The report also mentions the fraud rate for 2018, and it says, "The 2018 fraud rate is 1 in 685, remaining at the top of a five-year peak".
So, what type of voice fraud is occurring? The report mentions that insurance voice fraud has been the main target with widespread increases by 248%. The industries facing the highest fraud risks include insurance with 1 in 7,500 fraudulent calls, retail with 1 in 325 fraudulent calls, banking with 1 in 755 fraudulent calls, card issuers with 1 in 740 fraudulent calls, brokerages with 1 in 1,742 fraudulent calls, and credit unions with 1 in 1,339 fraudulent calls.
Another day, another data breach. Or at least that's what it feels like when you keep up with cyber-security news. This time its not really that surprising though, as a porn website had its entire data base freely open.
Condition:Black, a cyber-security and internet freedom firm discovered that a network of camgirl websites had exposed databases. The sites run by Barcelona-based VTS Media, include amateur.tv, webcampornoxxx.net, and placercams.com. While most of the users were found to be based in Europe, some data logins were found to be in the Untied States and around the world.
What kind of data was exposed? According to Techcrunch, the database contained a month-worth of daily logs, those logs included: Usernames, IP addresses, viewing habits, private chats, failed login attempts and even some details of sex workers. It isn't clear if the data base had been hacked and the data stolen, but since its discovery it has been locked down.
As technology advances in cameras, motion sensors and every other form. Users are looking for better ways to protect themselves and their homes via security. Linksys could have the new best way to do it.
Just this pas Tuesday, Linksys announced a brand new service called "Linksys Aware" which allows users to monitor their home for potential intruders. Linksys will be able to this through the Velop mesh routers which can detect the motion of invaders in users' homes through Wi-Fi. Linksys Velop Tri-Band AC2200 router has the ability to be able to detect motion with its "Intelligent MeshTM" network, which could eliminate that use for camera setups in homes.
So how does it work? The service will send push notifications to the users phone via the Linksys Smart Wi-Fi app for both Android and iOS holders. I know what you are thinking, "I don't want to get spammed with notifications of the dog or cat moving around the house", Linksys has already thought of this issue and has equipped the service with a sensitivity setting that won't detect these kind of small movements. Linksys Aware comes in at a price of $24.99 per year, and at the moment the home security option is only available on the Velop routers. Linksys does plan on moving the service over to its other router variants, but no date has been announced for that yet.
Zynga, the creators of the immensely popular Farmville, Draw Something and Zynga Poker have admitted to a data breach that has exposed 200 million accounts personal information.
A statement has recently been issued out by Zynga addressing the cyber attacks and it says that cyber attacks are "one of the unfortunate realities of doing business today." The statement also says that the company recently became aware that a "certain player account information" was possibly "illegally" acquired by "outside hackers".
Zynga has also said that they have launched an immediate investigate to how this hack occured and to assist them in their investigation they have brought in an outside forensic team. It is believed that no financial information was stolen throughout this hack and just "account information" was exposed. If you play any of the apps that fall under Zynga's massive umbrella I would advise you to change your passwords as soon as possible.
HackerOne has announced that they have now rewarded six individuals with over one million dollars each for their bounty bug finding efforts.
The announcement has come via the official HackerOne Twitter account where they say that the ranks of 7-figure-earning hackers has now reached six people. First off, we have Santiago Lopez who is only 19-years old and was the first to cross the $1 million dollar mark.
Mark Litchfield from the UK was next, followed by Frans Rosen from Sweden, then Nathaniel Wakelam from Australia, Ron Chan from Hong Kong and finally Tommy DeVoss from the US. Each of these individuals have reached the 1 million dollar mark or above.
Scamming is becoming more and more prevalent in this day and age, and the new form of scamming that is hitting the internet in waves is 'business email compromise' or BEC for short.
What is a BEC scam? Well, its actually quite simple when you think about it. A BEC scam is when a criminal impersonates a third-party convinces someone at a business to wire them business funds. Usually the criminal will locate someone within the business that has access to the companies funds, once that person is located the criminal might compromise the email account holder or the companies supplier and request funds to be paid to them. Some cases of BEC scams have been based entirely on social engineering through spoofed email accounts.
In the case of Portland Public Schools, the scammer got two employee's at the schools to send him money as the scammer was posing as one of the institution's construction contractors. The employees unknowingly sent the scammer a staggering $2.9 million dollars, luckily Portland Schools moved extremely quickly and contacted the banks to freeze the transaction. The transaction was successfully frozen, and Portland Public School contacted the FBI for further investigation into the matter.
In this day and age with so many devices being adopted by users across the world, many users are worried about their safety with this ever-evolving technology, and they have every right to do so.
According to researcher lead Matt Wixey, for the PwC UK Cyber Security practice, a doctoral student discovered an exploit in speaker and volume controls through a range of different devices. This exploit allowed for researchers to hack into the devices and access the volume controls to produce sounds at volume levels that would be detrimental to human hearing. The researchers also found that these sounds that could be produced by the device could not only damage the victims hearing, but also the device itself.
Wixey has now taken his findings to a range of different device manufactures and some of these manufactures have updated their firmware so the attacks weren't possible. Unfortunately, Wixey mentions that despite the firmware changes, sound attacks such as these are still open on a plethora of different devices (which he didn't name for obvious reasesons). He also mentions that instead of hackers hacking into devices for data foraging, they could hack into devices with the intent of possible physical harm.
By now you would know that if it is on the internet then you should assume that it can basically be hacked. A new report has come out of Microsoft and even your printers aren't safe.
Microsoft announced on Monday that Russian hackers who go by the names; Strontium, Fancy Bear, and APT28 have been detected by Microsoft. These Russian hackers have also been linked to military intelligence agency GRU, and are known for their infiltration into the Democratic National Committee in 2016 and other well known hacks.
Since most PC's are using Windows at a corporate level, Microsoft has some of the best hacking detection software available and in April of 2019 Microsoft's Threat Intelligence Center detected an infiltration by Fancy Bear. According to Microsoft, Fancy Bear has used 'internet of things' devices such as phones, a connected office printer and a video decoder to access corporate networks.
A recent report has come out of the Wall Street Journal (WSJ) revealing that about 10,000 College students have had their personal information disclosed in a data breach.
The WSJ has said that the FBI notified education software company Pearson that there servers were recently hijacked, revealing college students' dates of birth and email addresses. The report also says that one Nevada school district told the WSJ that around 114,000 students that attend schools in that area between 2001 and 2016 have been effected.
According to the notes in WSJ, the leaked information doesn't contain sensitive information like "social Security numbers, credit-card data or other financial information." A spokesperson from Pearson told Mashable via email that the "Pearson Clinical Assessments notified affected customers of unauthorized access to approximately 13,000 school and university AIMSweb 1.0 accounts. The exposed data was isolated to first name, last name, and in some instances may include date of birth and/or email address. Protecting our customers' information is of critical importance to us. We have strict data protections in place and have reviewed this incident, found and fixed the vulnerability."
A recent announcement has come out from Capital One, who has admitted that there servers experienced a breach recently that has disclosed roughly 100 million American's personal information.
According to the announcement by Capital One, credit card information that they contained between the years of 2005 and 2019 has been disclosed. This potential of this information leak includes: "names, addresses, ZIP codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income, credit scores, credit limits, balances, payment history, contact information."
On top of that information leaking, the report also says that Capital One is also estimating that roughly 140,000 Social Security numbers were potentially compromised in the U.S, as well as 80,000 linked bank account numbers. The U.S Department of Justice has said that Seattle engineer, Paige A. Thompson has been arrested and indicted on accounts of having a connection to the breach.