Cyber ​​Espionage On Our Cell Phone

Many times we sin naive against the permissions we grant to some applications, or to the information we deliver. The goes far beyond what we imagine, it is everywhere, by all means, because technology makes it easy for their work.

That is, social engineering is cyber espionage since it involves the manipulation of people influencing them to execute a certain action. That way, confidential information is delivered to third parties, without realizing that we are victims of a cyber attack.

Cyber ​​Espionage Methods

Generally, applications ask for permission to access the microphone, but there is an alternative method in which user permission is not required. This happens on Android, as applications do not need permission to access the phone’s accelerometer. Therefore, the researchers used it as a listening device, through the vibrations emitted by the phone. They are useful for fitness applications.

This type of attack “uses a combination of signal processing and machine learning to convert vibration samples into voice. The technique works whether the phone is on a table or in the user’s hand, as long as the phone plays the sound through the speaker and not through a headset. ”

In order for this type of attack to be carried out, a cybercriminal would have to install the malicious software on the phone, which is possible if the user was currently browsing a fake or malicious page.

Obviously, one way to prevent this type of attack is to activate the controls that have to do with the permits for the accelerometer as Google has done well in GPS sensors.

Another form of cyber espionage is Vishing (a combination of the words Voice and Phishing); they are phishing scams that are made over the phone. The objective of this attack is to obtain confidential and personal information of the attacked user, especially the bank.

How does the Vishing technique work?

The scammer must be very skilled to be as credible as possible through the phone, prepare a whole plan of what to say, a very credible scheme. The technique he uses is as follows:

  • Correct information: they have all the personal information of the person they are going to cheat. Therefore they are credible.
  • Urgency: they make the victim believe that their money is at risk. Therefore, the person acts out of fear and without thinking.
  • Telephone skills: they make believe that the telephone comes from another site.
  • Business atmosphere: a lot of background noise is heard, so it seems to be a call-center

Vishing attacks are very difficult to track because they use a technology called VoIP (voice over IP), which means that the call starts and ends on a computer, which can be anywhere in the world.

How to protect yourself from this attack called Vishing?

Never call the number you have been given or the one that was registered in the caller ID. Check if the number corresponds to the real one, for example, of a bank if they were impersonated by a banking entity.

  • Never give personal information to anybody.
  • If you receive a suspicious call, it is better to hang up.

There are many forms of cyberattacks, increasingly sophisticated, according to the advancement of technology. If we spend many hours connected to the different devices, we must be cautious and continually inform ourselves of the possible threats to which we are exposed. Take preventive measures, and if you are victims of a cyberattack, be prepared to act. It is always better to be defensive than very confident, especially when it comes to technology since its progress is vertiginous.…

The Dangers Of Cybersecurity By 2020

As technology advances, vertiginously, cybercrime advances. Cybersecurity professionals must be very well prepared for everything that comes to them, if this year was complicated with computer attacks, by 2020 it is expected even more difficult. When one thinks that he has already seen everything about cyber attacks, we are surprised that there is always something new up his sleeve, and cyber-attack trends progressively progress.

It is inevitable that technology advances, but perhaps, it is avoidable that the cybercriminal takes the lead in this technological career. According to cybersecurity experts, the threats for next year, that is within 20 days, would be the following, according to Trend Micro in its report for 2020:

Incomplete and hasty patches: attackers will overcome this type of vulnerability.

  • Open Banking and Malware for ATMs: banking systems will be more vulnerable, as mobile online payments thrive.
  • The deepfakes: the use of counterfeit images, videos, or audios generated by IA, will be used to manipulate businesses.
  • Malware distribution and attacks on the supply chain: Managed service providers (MSP) will be compromised.
  • It will increase espionage and extortion: Machine Learning (ML) and Artificial Intelligence (AI) will be used to spy on personal and business conversations.
  • 5G technology: increasing the implementation of 5G will pose new challenges, due to the novelty of such technology and the lack of preparation of suppliers.
  • Critical Infrastructures: they will be affected by more attacks and production stops, and Ransomware will be the favorite weapon.

Code injection attacks on Cloud platforms: through third-party libraries.

In reality, most public and private companies will be affected in one way or another by cybercriminal threats and attacks. It is essential here, the role played by Cybersecurity, implementing new security strategies every day to protect the information of the company and workers.

At the user level, there are also many threats and attacks on the operating systems, this happens many times due to the lack of information of some users and to the very confident attitude towards threats, therefore, the attitude of any technology user You must be cautious and defensive. Updating operating systems and being aware of the new threats and attacks will always be beneficial.

According to CyberArk specialists, the Drone is an instrument that will be relevant in 2020, so far its use has been questioned for the physical damage it causes to third parties if it is handled by inexperienced or for being used in a military form to attack the enemy. Everything has its positive and negative side.

In this advancement of technology, it seems that the Drone is more useful in regards to the information it collects and how to exploit that information. In unscrupulous hands, obviously that such information will be used to spy, since they collect, steal and manipulate confidential information.

More control is needed with respect to the use of drones and with greater reason more control with the information that this device collects and stores. It must be treated as one more device and have the same precautions against cyberattacks, therefore, it must have protection.

CyberArk emphasizes the butterfly effect of Ransomware, as it will continue to increase next year. As the objective of these attacks is set in the disruption and destabilization of the systems, cities must focus on cyber resistance.…

Fake News In Politics

The Fake News relates “to misinformation and lack of information, or simply a manipulation of information and even wealth of information, intoxication”, according to Paul A Mazurier, professional expert in hybrid threats and Director of the Observatory on Threats HYBRID INISEG.

With the Spanish elections just around the corner, the influence that fake news can have is very worrying. Spaniards fear that fake news interferes with the elections, and a total of 70% of people believe so.

The Spanish company S2 Grupo has warned that Cybersecurity will be key on election day and throughout the previous process. The main risks are cyber attacks and fake news for the 28A (April 28).

We have already learned of several cases where fake news has influenced, such as the Donald Trump campaign, the Brexit referendum, and in Brazil with Bolsonaro.

Social networks have become true political weapons, since they can generate opinions for or against political parties, before the elections. The users of social networks when they read a news do not worry about looking for the source of that news, about finding out who wrote it, they only trust that it is true and share it, that way it reaches thousands and thousands of users and on the way, No one thought it could be a fake news.

The political parties now have a new tool that benefits, social networks. If there were previously door-to-door campaigns, in newspapers, radio and television, now with social networks, the fake news is camouflaged, to the end of influencing users and their political tendencies. Finally, they can alter the outcome of an election.

Cybersecurity In Action

It is necessary, more than ever, to take precautions and security measures in the systems, to avoid the possible access of cybercriminals to the information and to alter or manipulate it.

Cybersecurity is vital in this regard, in order to prevent, detect, and avoid cyber attacks as much as possible.

One of the social networks has taken action on the matter; Facebook “has already announced the creation of a team to combat misinformation.” It will also supervise the advertisements of political content. This happened after meeting with senior international managers of technology and with the heads of the strategy of PSOE, PP, Podemos, Ciudadanos, and Vox.

Facebook is preparing in advance of the Spanish elections, as it will force political parties that want to advertise to register first, the same on Instagram. The ads and data on the page will be stored in a public file. And those who have not registered will be blocked.

The Vulnerability Of Social Networks

The vulnerability of social networks goes beyond fake news; behind this, there are powerful networks that are responsible for spreading false information, especially in election times. It is not possible to know exactly how many people saw political advertising and changed their vote since people are faithful to their political beliefs, as well as their soccer preferences; they do not change their tendencies from one moment to another.

What must be taken into account, in order to evaluate the assertions made about an immense persuasive effect of doubtful online content, is the following:

How many people actually saw the questionable material: statistics can be alarming, but they can also be inflated or exaggerated.

If the exposed people are easy to convince: it is very likely that fake news will reach people who already have strong opinions, which are not exactly who will change their vote.

The proportion of false news seen by people: perhaps the worry is the amount of “likes” or the times in which false news was shared and that bots attract, maybe it can sound huge until it is considered how much That information circulates online.…

Are We Prepared For A Cyberattack?

We are never 100% prepared, no matter how cautious we are, as system vulnerabilities will always exist, and cybercriminals will always be on the lookout, hoping to detect that security breach. We are in a constant state of cyber threats.

The more sophisticated the technology, the more challenging it is for the cybercriminal, who is always prepared to attack, so let’s not make the road easy. There are some measures that can be taken to prevent or attempt to prevent a cyber attack.

Some Measures To Protect Our Equipment

The first thing we must do is protect our equipment, and this is done through the update. Always keep all the equipment updated, although we think that doing so often is not necessary; on the contrary, in each update, there are improvements in security.

Very important is to have a good Antivirus and Antimalware, which are supported by the community when it comes to detecting malicious files.

Something relevant to the security of our data is passwords; they must be safe and strong. Never put our names, or our pet’s or phone numbers or dates of birth, it seems obvious to recommend, but sometimes we think so quickly in choosing a password, that we go by the easiest. Sometimes we use a password for everything so as not to have to memorize many, and that puts our information at risk, especially if we link bank cards. It is recommended to mix numbers and letters, upper and lower case and symbols.

Using security protocols is an essential step; otherwise, file transfers to a server can become completely vulnerable. One way to facilitate the attack is to send data through unknown sources or untrustworthy sites.

Always check the authenticity of links and profiles. Something common today is the attack through “phishing,” which attempts to acquire confidential information fraudulently, usually through email. In social networks, fake profiles are created with the purpose of capturing personal data or confidential information of the user, in order to deceive.

Avoid delivering personal data, especially on social networks and non-trustworthy websites. And if it is imperative that you do so, take all the precautions of the case.

Do not download pirated content, and this is very easy to do since there are numerous options to download software or multimedia files on the network, with the best music or movies. They are a favorite source to try to place malicious programs in the system and thus carry out an attack. It is always necessary to verify that the website is not suspicious.

It is essential to make a backup, to recover the lost information in case of a cyber attack. In the long run, it will be appreciated to have that support.

Something very important is to report any suspicious page or any content that is not appropriate to the relevant authorities. Thus we help prevent them from continuing to commit cybercrime.…

Some Tips You Should Take Into Account If You Are A Beginner In Linux

If something characterizes the Linux user community, it is memory loss. For those of us who have a lot of time installing distros with almost the same frequency with which we change our underwear, most of the questions that a novice user asks may seem completely silly, and many have a pretty good habit of pointing it out. It seems that nobody remembers his first days, days that in an enormous amount were spent next to Ubuntu, a more than emblematic distribution that some enjoy destroying with their comments to put on the Linux hipster shirt, which defends their current distro layer and sword and he denies all the others as if that made minimal sense.

Fortunately, the community is large, and not all users behave in that despicable way. The most important part of acquiring knowledge is the need to share it. Share it with the one who doesn’t know, and the one who asks for help, not only go around strutting so everyone knows you know, but nobody knows anything thanks to you.

The Terminal Is Your Friend

Rookies don’t like the terminal, and many veterans don’t either. Some spend years using Linux, and not even two or three basic commands are learned. The terminal can help you solve many problems, and it is much more efficient to install and uninstall packages, if you use it frequently, you can get to understand it and take care of it.

Anyway, you don’t have to learn commands, in many places they explain how to install things or solve problems and all you have to do is a nice copy-paste in your terminal. In distros like Ubuntu, you can spend your life without ever using the terminal, if you don’t want to. But my recommendation is that you don’t dislike her, because it can help you more than you can imagine. Having a reference at hand for certain commands and reviewing it can be useful if you don’t want or have trouble learning this kind of thing. No one will scold you for copying you.

Be Patient

If Murphy’s laws have taught us something, it is that everything that is right can go wrong, and what is wrong can go worse. If something is almost completely certain, you are going to encounter problems along the way. It may be easy to solve nonsense, and complex problems that make you want to throw in the towel, so patience is essential. If asking and reading doesn’t help you, I don’t blame you if you decide to leave Linux, but you are likely to come back.

Evaluate Your Relationship With Windows

The vast majority of users who come to Linux come to spend their entire lives using Windows is a fact. Trying to convince someone to go to Linux talking badly about Windows is the practice of those who don’t know anything about Linux … or about life. First, it is a fallacy to highlight the flaws of something when you try to sell me something else. The right thing is to highlight the advantages of what you promote, not to litter the other alternatives, and we leave that to politicians.