Norton LifeLock recently reported that nearly one million active and inactive accounts were targeted in a credential stuffing attack. Credential stuffing is a type of cyberattack where hackers use automated attempts to guess passwords from stolen or leaked data. This means that anyone who has reused their password on multiple accounts may be at risk for having their information compromised. Warnings of Password Manager Account Breach: NortonLifeLock Urges Customers to Change PasswordsNortonLifeLock recently issued a warning that attackers may have gained access to customer data stored in the Password Manager feature. This could include first and last names, phone numbers, and potentially other private information stored in the vaults. Depending on what data users have saved, this breach could lead to the theft of digital assets, compromise of other accounts, exposure of secrets, and more. NortonLifeLock is especially concerned about those customers who use similar passwords for their Norton account and Password Manager master key. This allows attackers to easily pivot from one account to another. In response to the attack, NortonLifeLock has reset passwords on impacted accounts and implemented additional security measures to prevent further malicious activity. To protect yourself against potential security threats, make sure you are using strong passwords and enabling two-factor authentication whenever possible. It’s important to take steps to protect your passwords and other sensitive information from falling into the wrong hands. Here are some tips for keeping your data secure:
By taking these simple steps, you can help protect yourself against credential stuffing attacks and other cyber threats targeting Norton LifeLock customers. Remember: Your security is only as strong as your weakest link – so make sure you’re taking the necessary precautions to keep your data safe! Read Get Hitch for all your cyber security news and information Sources
Via https://www.gethitch.com/hackers-breached-norton-password-manager/
0 Comments
The world of cyber security is constantly changing, and it’s important to stay up to date on the latest news. Recently, Ukraine’s cybersecurity agency reported that cyber-attacks have tripled in the past year. This is a stark reminder of the need for vigilance when it comes to protecting our data and systems from malicious actors. At the same time, there has been some good news in this area as well. According to a recent BBC report, earnings for cyber-crime gangs have decreased due to victims refusing to pay ransoms. This shows that people are becoming more aware of the risks associated with these attacks and are taking steps to protect themselves from them. Unfortunately, not all news in this space is positive. In January 2021, T-Mobile was breached again, exposing 37 million customer accounts. This highlights the need for organizations to be vigilant about their security measures and make sure they are doing everything they can to protect their customers’ data. Overall, it’s clear that cyber security is an ever-evolving field and one that requires constant attention if we want to keep our data safe from malicious actors. It’s important for individuals and organizations alike to stay informed about the latest developments in this area so they can take steps to protect themselves from potential threats. Ukraine’s Cybersecurity Agency Reports Cyber-attacks TripledUkraine’s cybersecurity agency recently reported that cyber-attacks have tripled in the past year. This is a concerning development, as it indicates that malicious actors are becoming increasingly sophisticated and determined to target Ukraine’s digital infrastructure. The increase in cyber-attacks is likely due to the ongoing conflict between Ukraine and Russia, which has been ongoing since 2014. The majority of these attacks have been attributed to Russian hackers, who have used a variety of techniques to gain access to Ukrainian networks and systems. These include phishing campaigns, malware infections, and distributed denial-of-service (DDoS) attacks. In addition, there have been reports of ransomware being used against Ukrainian organizations in an effort to extort money from them. In response to this growing threat, the Ukrainian government has implemented a number of measures designed to improve its cybersecurity posture. These include the adoption of a National Cybersecurity Strategy in 2016 and increased cooperation with international partners such as Estonia on cyber defense initiatives. Additionally, Ukraine has taken steps to strengthen its own internal security measures by introducing new technologies such as artificial intelligence (AI) and machine learning (ML). Despite these efforts, however, it is clear that more needs to be done if Ukraine is going to effectively protect itself from cyber threats. To this end, it is essential for both public and private sector organizations in Ukraine to invest in robust cybersecurity solutions that can detect and mitigate potential threats before they become serious problems. Additionally, it is important for organizations within Ukraine to ensure that their staff are properly trained on how to identify potential threats and respond appropriately when they arise. Overall, the recent rise in cyber-attacks against Ukraine highlights the need for increased vigilance when it comes to protecting digital infrastructure from malicious actors. It also serves as a reminder that no country or organization can afford to be complacent when it comes to cybersecurity – even those located far away from the conflict zone between Russia and Ukraine must remain vigilant if they wish to remain safe from attack. Decreased Earnings For Cyber-crime GangsAccording to a recent BBC report, cyber-crime gangs have seen a 40% drop in earnings due to victims refusing to pay ransoms. The report found that victims of cyber-crime are increasingly refusing to give into the demands of hackers, leading to a decrease in profits for the criminals. Norsk Hydro, one of the companies affected by ransomware, refused to pay the ransom and instead opted for an alternative solution. The company was able to restore their systems without paying any money, but it cost them £45 million. This serves as an example of how costly it can be not to pay the ransom and shows why many people are choosing this route. The National Crime Agency has warned about malicious software such as ransomware and distributed denial of service (DDOS) attacks which can hijack files and hold them for ransom. They advise people to be vigilant when online and ensure they have adequate security measures in place on their devices. Ransomware is a type of malware from cryptovirology that threatens to publish personal data or permanently block access unless a ransom is paid. It is becoming increasingly common with criminals using it as a way of extorting money from unsuspecting victims. It is encouraging that more people are refusing to pay ransoms as this will hopefully lead to fewer cyber-crimes being committed in future. T-Mobile Data BreachOn January 19th, 2023, T-Mobile announced that they had been the victim of a data breach, exposing the personal information of 37 million customers. The breach was discovered on November 26th, and included customer names, phone numbers, email addresses, account numbers and billing information. The breach is being investigated by both T-Mobile and law enforcement authorities. It is believed that no passwords, payment card information, social security numbers or other financial account information were compromised. However, customers are encouraged to remain vigilant for any suspicious activity on their accounts. T-Mobile has responded to the breach by launching an extensive security plan which includes increased monitoring of their systems and additional layers of authentication for customers logging in to their accounts. They have also set up a website dedicated to providing updates about the incident as well as resources for affected customers. This isn’t the first time T-Mobile has suffered a data breach; they have experienced at least five since 2018. Despite spending a fortune shoring up their systems, it appears that it hasn’t been enough to prevent further breaches from occurring. In response to this latest incident, T-Mobile has proposed a $350 million settlement which would be the second-largest data breach payout in US history if approved. Affected customers have until January 24th to submit claims for compensation related to the incident. It’s important for all consumers to be aware of how vulnerable their personal data can be when companies fail to take adequate measures against cyber attacks. As technology continues to evolve so do the methods used by hackers and it’s essential that businesses keep up with these changes in order to protect customer data from falling into malicious hands. Read Get Hitch for all your cyber security news and information Sources
Via https://www.gethitch.com/a-look-at-cyber-security-news-2023-01-21/
If you’re interested in entering the exciting world of cybersecurity, but don’t know where to start, acquiring a vocabulary base is essential. To help get you up to speed, here is a brief overview of ten key terms related to the field. Starting with ‘malware’ – short for malicious software which is designed to cause damage and even steal data. Then there’s a ‘phishing attack’ or when someone attempts to acquire personal information via online deception and impersonation methods. Keep an eye out for ‘spyware’ too; a type of malware that records information from users without their knowledge. Additionally, be aware of ‘brute force attacks’ – when hackers use powerful computers to decrypt codes or access sensitive data. Finally, don’t forget about ‘DoS’ (denial of service) attacks which disrupt normal activity by flooding target systems with superfluous requests. While these terms may seem complex at first, understanding them can give your cybersecurity career a huge boost! 00:00 Intro *** Ten Cyber Security Terms You Need To KnowBecoming a cybersecurity expert can be intimidating, but it doesn’t have to be! A good way to break into this career is to start with learning the terminology. Knowing which words and phrases are important in the cyber security space is one of the most basic skills needed to understand and communicate effectively. Words like “Phishing”, “Firewall”, “Malware” and “Encryption” may appear overwhelming at first, but with some dedication and familiarity, you’ll have them down in no time. With practice, mastery of these terms can help set a solid foundation for your journey towards becoming an expert in the field. Want to become an expert in cybersecurity but aren’t sure where to begin? Vocabulary is essential, just like when learning a new language. So here are eleven terminologies that any cyber security fan ought to be familiar with! DNS queryA DNS query is a request sent from a user seeking to resolve a domain name to its corresponding IP address. The request is sent from the user’s computer or other device, to a DNS server which looks up and responds with the IP address. Dark WebThe dark web is a collection of websites that are not indexed by search engines and can only be accessed using specialized software such as The Onion Router (TOR). It is used to host illegal activities, such as trafficking, drug dealing, money laundering, and even terrorism. People can also buy and sell all kinds of goods without leaving a trace. Despite its name, the majority of content on the dark web is actually legal. What Else Can You Find On the Dark Web?The dark web is home to a wide variety of content, including legitimate discussions on political topics, information, and services that are difficult to find elsewhere. It also hosts online marketplaces where people can buy goods such as drugs, firearms, and counterfeit goods with virtual currencies like Bitcoin. Another popular activity on the dark web is online gambling. This can be especially dangerous since these sites are unregulated and could potentially be used to launder money. Furthermore, the dark web is host to many forums discussing hacking tools and techniques as well as malware sharing websites. Lastly, it’s important to note that some people use the dark web for illegal activities such as cybercrime or terrorism-related activities. While it’s technically possible to access this type of content on the dark web, it is highly discouraged as it can lead to serious legal consequences if caught by law enforcement agencies. Ethical HackingEthical hacking is the process of using legal, professional and responsible methods to identify weaknesses in a computer system or network and then fix those weaknesses. It involves testing a system’s security measures and seeking out vulnerabilities in the system’s design before malicious hackers can exploit them. Ethical hackers use the same tools and techniques that malicious hackers do, but their intentions are different; instead of exploiting vulnerabilities for their own gain, they look to find and patch any problems they find. This helps ensure that business networks are secure, private data remains confidential and users are free from online threats. How is Ethical Hacking Done?Ethical hacking typically involves four steps: reconnaissance, scanning, exploiting, and reporting. Reconnaissance involves researching the target system’s architecture, looking for publicly available information that can be used to gain access to the system. This includes information on the system’s owners or administrators and their security policies. Scanning involves using automated tools to search for vulnerable entry points in the system. These tools look for known security vulnerabilities such as open ports and weak passwords and can help an ethical hacker determine where they may need to focus their efforts. Exploiting involves attempting to gain access to a system by exploiting its vulnerabilities. Depending on the level of access gained, an ethical hacker may be able to view sensitive data, modify settings or even create new users with administrative privileges. Finally, reporting consists of informing the people responsible for maintaining the system about any security holes that have been found and providing recommendations for how those holes can be closed. It is important that these reports are professional and factual, as malicious hackers may use exaggerated or false claims in order to get into systems. FirewallA firewall is a network security system, either hardware- or software-based, that creates a barrier between your internal network and the internet. Firewalls are designed to block unauthorized access, while allowing authorized communications through it. They provide an important layer of protection to keep malicious traffic from entering your private networks and can be used to monitor outgoing and incoming traffic. Firewalls can also be configured to limit access based on certain criteria such as source IP address, protocol type, or port number. This helps ensure that only authorized users are able to connect to the network, while malicious traffic is blocked or redirected elsewhere. In addition, firewalls protect against various types of attacks such as DDoS (Distributed Denial of Service) attacks, SQL injection attacks and XSS (Cross-Site Scripting) attacks. By being configured properly, firewalls can play an important role in protecting your data and keeping your systems secure. Email SpoofingEmail spoofing is a type of scam where the sender of an email purposely changes pieces of the message to appear as though it was sent from an individual or company other than who actually sent it. The goal of this practice is usually to gain access to sensitive information, such as passwords or financial data, by tricking people into clicking on malicious links or downloading attachments in the email. The most common form of email spoofing involves changing the “From” field in the header. This field contains another user’s name and email address, making it seem like the message came from them instead of you. It also includes other vital information such as the IP address that was used to send the message, which can be used to trace the true originator. Email spoofing can be prevented by implementing measures such as strict authentication protocols, using encryption for messages in transit and enforcing anti-spoofing policies at your domain level. RFID BlockingRFID blocking is a security measure used to protect your personal information, such as credit card numbers and other sensitive data, stored on RFID chips embedded in items such as passports and credit cards. These chips are designed to emit a radio frequency which can be intercepted by an unauthorized reader. A RFID blocker acts like a shield, stopping the transmitter from sending its signal out and preventing anyone from accessing your private information without permission. It usually takes the form of material that has metal incorporated into it, although there are also devices that you can purchase separately in order to block the transmission of signals from RFID chips. Using a RFID blocker offers you peace of mind when travelling or using contactless payments, making sure that your private data remains secure at all times. TrojanA Trojan is a type of malicious software (malware) that is disguised as legitimate software to deceive users and gain access to their system. It can be used to remotely control the user’s computer or steal sensitive information, such as usernames, passwords and banking details. Trojans are typically distributed by downloading files or clicking on links in emails or websites that have been infected with malware. Once installed, they can conceal themselves within the operating system and remain undetected while they collect information or allow an attacker to take complete control of the machine. Some Trojans can also be used to install ransomware, which encrypts the victim’s data and then demands a payment before the encryption key is released. Therefore, it is important to ensure you have up-to-date anti-virus software installed on your device in order to protect against Trojans and other forms of malware. WarchalkingWarchalking is a form of public communication used by wireless computer users to indicate the presence and location of an open wireless LAN (local area network). It uses symbols or codes that are drawn with chalk on sidewalks, buildings, or other surfaces to mark the location of an available wireless access point. The practice of warchalking was popularised in 2002 as a way for mobile computer users to easily locate and connect to free, public Wi-Fi networks that were not otherwise visible on their laptops or other devices. Although there are now easier ways to find these networks, it can still be helpful for those travelling in urban areas where public access points may not be readily available. SmishingSmishing is a type of phishing attack that uses SMS (short message service) text messages as the primary method of communication. The attacker creates a message that appears to be from a legitimate source, such as a bank or credit card provider, and attempts to lure victims into clicking on malicious links or providing personal information. Unlike email-based phishing attacks, smishing messages usually contain fewer spelling and grammar errors and appear more urgent or important in order to increase the likelihood of being clicked on or acted upon. Additionally, many smishing attacks are also designed to spoof the sender’s address so that it looks like it originated from a trusted source. Therefore, it is important for users to be vigilant when receiving unexpected text messages requesting sensitive information or containing suspicious links. If in doubt, contact the alleged sender directly via an official website or telephone number before taking any action. AdwareAdware is a type of malicious software that automatically displays or downloads advertisements on users’ computers. It is usually bundled with free or trial software, or installed as part of a deceptive advertisement or website. Adware can be used for legitimate purposes such as displaying contextual ads or delivering marketing content to users. However, it can also be used for malicious activities, such as collecting personal information without consent, flooding the user with unwanted pop-ups and banners, redirecting browser traffic to malicious websites, slowing down system performance, and more. In order to protect yourself from adware infections, it’s important to keep your computer and software up-to-date, use an anti-virus program, avoid clicking on suspicious links or download files from untrusted sources, and be aware of the signs of an infection (such as increased pop-ups). *** About NordVPNNordVPN is the world’s top choice for online security and privacy. As the flagship service of Nord Security, we are committed to providing internet users with the best tools and services to protect their connection from unwanted attacks, snoopers, and cyber criminals. A Virtual Private Network (VPN) is a secure connection service that allows users to protect their online activity by encrypting traffic and masking IP address and virtual location. By connecting to a VPN server, users can safely access public Wi-Fi networks without worry about snoopers or malicious actors intercepting their data. Additionally, it also allows them to bypass geo-restrictions or censorship imposed by certain countries on certain websites or services. *** Read Get Hitch for all your cybersecurity news and information Via https://www.gethitch.com/cybersecurity-for-beginners-10-terms-you-should-know/
This week, we brings a critical yet enthralling topic to the limelight – hackers using ChatGPT. What is it, you might ask? It is the OpenAI tool that has the potential to generate texts based on human requests. What could be more promising and perhaps even scary than artificial intelligence? Unsurprisingly, cybercriminals have seized this opportunity to craft new malicious threats with the help of ChatGPT software. So what does it all mean for us? This state-of-the-art AI technology poses great dangers by assisting criminals in building malware and escalating their operations. It is high time we educate ourselves about AI so that we can stay ahead of these bad actors. To get started, watch the video from cybernews today and gain insightful information about automated text generation tools such as ChatGPT and its future in terms of security risk that looms over us. Contents of the video: 00:00 Intro *** A fantastic invention is ChatGPT. Unfortunately, hackers also believe that. How do criminals employ OpenAI in their wicked schemes? According to cybersecurity researchers, hackers have begun utilising ChatGPT, an artificially intelligent chatbot, to create a variety of hacking tools. Basic harmful software or chatbots created to imitate others fall under this category. This AI tool, introduced in November 2022, has a relatively straightforward user interface. ChatGPT responds to your request when you write it in. Sadly, OpenAI turns into a weapon when the request has malicious intent. Israeli security firm Check Point claims that on dark web message boards, hackers discuss their “victories” from using ChatGPT. Just a few of the nefarious accomplishments include developing spyware, infostealers, and interfaces that resemble dark web markets. Forbes claims that dating con artists are also learning about the benefits of OpenAI technology. Hold Security’s founder, Alex Holden, asserts that they seek to develop chatbots that will mostly imitate women in order to advance conversations with their targets. What is in store for the future? Do we need to worry? For the time being, ChatGPT-based malware is rather simple. However, according to Checkpoint, it is just a matter of time until more knowledgeable threat actors improve the way they exploit AI-based technologies for evil. Regulations appear to be the only workable approach. This suggests that ChatGPT’s accessibility might be restricted. That pricing is not excessive. Always put cybersafety first. *** NordVPNNordVPN, part of Nord Security online security company, is recognized as the world’s leading VPN provider, making sure millions of internet users are kept safe every day. Its advanced solutions allow it to claim the title of world’s fastest VPN provider. Through its proprietary Wireguard-based tunneling solution, NordLynx offers high-level encryption which ensures that users can enjoy internet privacy with peace of mind and at high speed. Speed tests have confirmed this fact, and NordVPN remains dedicated to constantly innovating and upgrading its services to provide better internet protection for all. *** Get NordVPN now and enjoy privacy and safety *** Remember to get all your Cyber security news here at Get Hitch Via https://www.gethitch.com/chatgpt-unleashed-hackers-use-openai-to-create-malware/ The TRB143 industrial gateway was designed with a range of applications in mind. Boasting integrated M-Bus interface and cellular or wired connectivity options, it is a versatile device for utility and telemetry monitoring. Its Gigabit Ethernet port and digital Inputs/Outputs make this an ideal solution for environmental parameter monitoring. Setting up remote monitoring and configuration is also easier than ever, thanks to software security features like preconfigured Firewall and Open VPN as well as compatibility with FOTA, SMS control and Teltonika Networks’ very own Remote Management System – keeping your meter readings safe and secure at all times. See also TRB143 Quick Start Guide
Via https://www.gethitch.com/trb143-m-bus-cellular-gateway-webinar/ NordVPN, a cybersecurity company, has recently announced its third contract for no-log policy assurance. The methods and setups of regular VPN, obfuscated, Double VPN, Onion Over VPN, and P2P servers, as well as a server configuration and central infrastructure inspection, were thoroughly analysed by practitioners. They discovered that the VPN service offered to NordVPN’s customers complies with its no-logs policy. Independant AuditDeloitte, one of the top Big Four auditing firms in the sector, undertook the assurance engagement and objectively evaluated NordVPN’s services and put its no-logs guarantee to the test. The first impartial no-log audit of NordVPN was finished in 2018, and its second evaluation was finished in 2020, demonstrating the firm’s ongoing dedication to privacy. The company wants to reassure its customers that NordVPN will always uphold a strict no-logs policy by working with a reputable and impartial Big Four firm. As part of their ongoing efforts to guarantee openness to their customers, NordVPN is proud to be examined for the third time, according to product strategist Vykintas Maknickas. The Deloitte seal of approval shows that the company takes privacy seriously and the company is thrilled to have it. The company spokesperson added that customers of NordVPN need to be confident in the company’s reliability. People should be aware that a VPN provider won’t monitor their data before using one. They must have faith in the safety and efficiency of its infrastructure and features. That is the main goal of the auditing procedure. Here are some of the key take-aways from the audit:
The full no-logs assurance engagement report is available on NordVPN’s website. A Bit About NordVPNMillions of internet users utilise NordVPN, the most cutting-edge VPN service provider in the world. In addition to offering Onion Over VPN and double VPN encryption, NordVPN ensures anonymity with no tracking. Threat Protection, which filters harmful websites, malware, trackers, and advertisements, is one of the product’s primary features. Over 5,000 servers are located in 60 different locations around the world, and NordVPN has one of the best pricing on the market. Read more VPN and cybersecurity here at Get Hitch Via https://www.gethitch.com/nordvpn-confirms-its-no-log-policy-for-the-third-time/
Looking for a secure way to keep your online activities private? With so many VPN options out there, how do you know which one is right for you? Find the answer by watching our video about dedicated IP VPNs! Learn why hiding your IP address can be beneficial and discover if getting a shared or dedicated option best fits your needs. *** 00:00 Intro *** Connecting with friends, family and colleagues on the internet is a great source of joy for many. But did you know that sharing your IP address can also be beneficial? When multiple people share an IP address it obfuscates activities online, making it difficult to link back to any one individual – granting increased security and privacy. If this sounds like something you’re interested in then consider investing in a dedicated IP! With its encryption technology no matter where or what information passes through such an exclusive connection there’s nothing linking back to just you; protecting both yourself and your data traffic from potential prying eyes. *** About NordVPNNordVPN offers fast and secure internet browsing, allowing you to access private networks from any location. With a VPN tool in your pocket, all of your online activities remain hidden as its encryption scrambles transmissions and masks IP address for ultimate privacy. Surf the web without restrictions – choose NordVPN! How The VPN works?Connecting to a VPN creates an encrypted and secure tunnel for your internet traffic. Through this tunnel, data packets are wrapped in encryption protocols that ensure their safety during transit. To reinforce security further, the outer layer of each packet is decrypted once it reaches its intended destination on the server-side. In short, with a VPN you can securely transfer confidential information over any network or connection – ensuring total privacy along the way! NordVPN has made using a VPN easy with its straightforward app, so you don’t need to be an IT expert. Just open the NordVPN application and click Quick Connect – it’s that simple! Protecting your data has never been easier.You can use NordVPN on 6 devices at the same time on every major platform: Android, Windows, macOS, iOS, and Linux. Choose from 5000 servers in 59 countries and enjoy online safety! You can also block ads with NordVPN *** Grab NordVPN here Read more VPN and cybersecurity here at Get Hitch Via https://www.gethitch.com/why-you-need-a-dedicated-ip/ This week, the gaming world is abuzz with a major scandal involving Epic Games and their smash hit Fortnite. According to reports it looks like Epic will have to pay $520 million in fines due to charges brought forth by the Federal Trade Commission for allegedly deceiving players – but just how did they manage it? Dive into this news story now for all of your burning questions about FTC’s accusation against one of the biggest game developers around! Contents of the video: 00:00 Intro The Federal Trade Commission, or the FTC, charged Epic Games with improperly gathering the personal information of children and employing deceptive methods to encourage unintended in-game purchases. First off, Epic Games was gathering private data on Fortnite gamers under the age of 13 without their knowledge or permission. Second, the game automatically enabled live voice and text chats while pairing kids and teenagers with adult strangers to play Fortnite. Children were subjected to harassment as a result. Third, the FTC claims that players may be charged when attempting to wake the game from sleep mode, while the game was in a loading screen, or by clicking a nearby button when merely attempting to preview an item. Unauthorized charges of millions of dollars resulted from this. What kind of response did Epic Games give? Epic Games reportedly said in a statement to The Washington Post that no developer designs a game with the purpose of ending up here. We agreed to this agreement because we want Epic to lead the way in consumer protection and give our gamers the finest possible experience. Epic Games will cover the cost. Additionally, it pledged to treat players’ privacy carefully. We can only hope that the business won’t ever again tamper with consumer protection regulations. Read more tech and cybersercrity news at www.gethitch.com
Via https://www.gethitch.com/another-fortnite-scandal-epic-games-to-pay-520-million-for-tricking-kids/ TSW101 is Teltonika Networks’ first automotive-dedicated unmanaged switch. Via https://www.gethitch.com/tsw101-automotive-poe-switch-quick-start-guide/ TSW304 is Teltonika Networks’ first automotive-dedicated unmanaged switch. Via https://www.gethitch.com/tsw304-automotive-poe-switch-quick-start-guide/ |
About Us
We’re a blog that writes solely on technology and all the things related to it! We write about new trends, news, views, reviews & more. Our writers are always up-to-date with what’s going on in the world of technology and ensure we give you nothing but original content and quality posts. Follow Us
|