now browsing by tag


#deepweb | Instagram now supports dark mode on iOS 13 — here’s how to enable it

Source: National Cyber Security – Produced By Gregory Evans

Welcome to TNW Basics, a collection of tips, guides, and advice on how to easily get the most out of your gadgets, apps, and other stuff.

Instagram has joined the dark side. Well, not really, sort of. The Facebook-owned social media platform has updated its app for iOS 13 with support for dark mode.

The setting is an extension of iOS‘ system-wide dark mode, and Instagram has basically revamped its UI to match the theme.

In case you haven’t already caught a glimpse, here’s what it looks like:

No surprises there, it’s the standard combo of black and grey, mixed with white text and icon layouts.

How to turn on dark mode

To get the dark look, you’ll need to enable iOS 13‘s own dark mode. That seems to be the only way for now, since Instagram has yet to include a native switch in its app.

Anyways, here are the steps you need to follow:

  • Pull the control center on your iPhone
  • Long-press on the brightness indicator
  • Select dark mode from the toggle options below to enable it
  • Boom! You’re done

Alternatively, you can ask Siri to enable dark mode by uttering the magic phrase “Hey Siri, turn on/off the dark mode.”

A third way to do it is by going to Settings > Display & Brightness, and then tapping on the “Dark” theme option. As easy as that.

Once you’ve used any of these three approaches, Instagram will automatically switch to dark mode too.

Unfortunately, Instagram‘s dark mode is currently exclusively available on iOS. Don’t fret, though: it seems that the Facebook subsidiary is testing the feature on Android, so chances are it’ll make its way to Google’s operating system soon.

Read next:

Satoshi Nakaboto: ‘Bitcoin volume hits all-time high in Hong Kong’

Source link

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference

The post #deepweb | Instagram now supports dark mode on iOS 13 — here’s how to enable it appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Ethical Hacking is Evolving – Here’s How Your Company Can Keep Up

Source: National Cyber Security – Produced By Gregory Evans

With the global cost of cybercrime expected to surpass $2 trillion by the end of 2019, it’s no surprise that organizations have sought out unconventional cybersecurity strategies. For years, businesses have encouraged — and even hired on — hackers to unearth their digital vulnerabilities.

To be clear, these hackers aren’t bad guys turned good. Ethical, or white hat, hackers use their computer security expertise to hack into organizations’ digital infrastructure and identify cybersecurity weaknesses, rather than exploit them. The profession isn’t necessarily new, but the ethics surrounding it have begun to evolve.

While 75% of white hat hackers say that no amount of money could turn them into black hat hackers, that leaves 1 in 4 ethical hackers who would switch their hats for the right price — or more recently, the right cause.

While that isn’t to say that all ethical hackers are easily swayed, the promise of a hefty payout or even “hacktivist” glory can be attractive. With this knowledge in mind and sensitive data on the line, businesses must reassess their ethical hacking practices. Before communicating with outside ethical hackers or bringing an ethical hacker onto your team, consider how you can best ensure this practice isn’t endangering your organizations’ data.

Before you continue reading, how about a follow on LinkedIn?

How to hire an ethical hacker

Companies have offered bug bounties to outside hackers for years, but it’s different to invite a white hat into the office — and behind your security perimeter. When hiring an ethical hacker, organizations should reinforce all of the precautions usually taken during the onboarding process to ensure their data and their customers’ is protected.

Remember, ethical hacking is an increasingly accepted and legitimate profession. Therefore, be careful not to treat an ethical hacker like a former (or current) criminal. While the nature of their duties is historically “bad,” that doesn’t warrant a set of guidelines separate from their coworkers. Doing so makes an already traditionally solitary role even more isolating and could make them feel like they are doing something wrong when they are actually helping your business.

Just as you would for any employee that handles or has access to sensitive company data, be sure to make it clear in the ethical hacker’s contract that legal action or other serious consequences are possible should they misuse company data and information. Be sure to thoroughly check their references and obtain a comprehensive history of their career to cover your bases.

Companies should indicate in ethical #hacker’s contract that legal action or other serious consequences are possible should they misuse company data. #respectdata Click to Tweet

It’s also critical that you make an effort to ensure that other employees do not perceive their new coworker as dangerous or untrustworthy because of the nature of their work. Encourage trust and familiarity with team-building exercises throughout the company and education initiatives that help everyone understand the projects the ethical hacker is working on. When there is visibility into what the ethical hacker actually does, the employee feels supported and accepted — and leadership has extra reassurance that the hacking remains ethical.

Approach outside ethical hackers with a set protocol

While you’re rethinking your organization’s policies toward hiring ethical hackers, it’s worth considering how you deal with outside white hats too. Some organizations offer “bug bounties” to those who can find previously unnoticed vulnerabilities in their digital infrastructure. It could be dangerous to overlook these independently operating hackers — over 70% of cyber attacks are financially motivated, so having some sort of compensation is a best practice.

Organizations must be open to all security opportunities

In an environment where cyberattacks are only set to increase, being open to the latest cybersecurity strategies is essential to protecting the digital infrastructure of your organization. While there are some risks that come with ethical hacking, having someone who thinks like and is equipped with the same skills as the bad guys might be the best way to keep your information safe from them.


Source link

The post #hacking | Ethical Hacking is Evolving – Here’s How Your Company Can Keep Up appeared first on National Cyber Security.

View full post on National Cyber Security

#linuxsecurity | Is Linux Really Immune to Viruses and Malware? Here’s the Truth

Source: National Cyber Security – Produced By Gregory Evans


One reason people switch to Linux is to have better security. Once you switch to Linux, the thinking goes, you no longer have to worry about viruses and other types of malware. But while this is largely true in practice, desktop Linux isn’t actually all that secure.

If a virus wants to wreck shop on your free and open source desktop, there’s a good chance that it can.

Why Malware Is Less Common on Linux Desktops

Image Credit: Kevin Horvat/Unsplash

Malware is unwanted code that somehow made its way onto your computer in order to perform functions designed with malicious intent. Sometimes these programs slow down a machine or cause it to crash entirely. The creators may then demand a ransom in order to fix the machine.

Sometimes malware uploads information to remote servers, giving someone access to your saved data or vital credentials that you type, such as passwords and credit card numbers.

People tend to create malware for Windows because that’s the operating system found on the most PCs. This increases the odds that a virus will spread from one computer to another.

Virus makers tend to target less technical users that are easier to fool with bogus web banners and phishing scams. Viruses also spread among people who know how to pirate music and TV shows but don’t understand how these files may be infected.

There are antivirus programs for Linux

The 6 Best Free Linux Antivirus Programs

The 6 Best Free Linux Antivirus Programs

Think Linux doesn’t need antivirus? Think again. These free antivirus tools can ensure your Linux box remains virus-free.
Read More

, but even their purpose is often to help protect Windows users.

Linux Desktop Malware Exists, But It’s Rare

One piece of malware has recently made news for targeting the Linux desktop. EvilGNOME runs on the GNOME desktop environment by pretending to be an extension.

GNOME is the most common Linux desktop environment

GNOME Explained: A Look at One of Linux’s Most Popular Desktops

GNOME Explained: A Look at One of Linux’s Most Popular Desktops

You’re interested in Linux, and you’ve come across “GNOME”, an acronym for GNU Network Object Model Environment. GNOME is one of the most popular open source interfaces, but what does that mean?
Read More

, found as the default interface on two of the most popular Linux distros, Ubuntu and Fedora, and on computers that ship directly from Linux manufacturers such as System76 and Purism. Legitimate extensions allow you to alter many aspects of the GNOME desktop.

The malware known as EvilGNOME is able to take screenshots and record audio from your PC’s microphone. It can also upload your personal files. A more detailed breakdown is available in a report by Intezer Labs, who gave EvilGNOME its name.

This malware didn’t attract attention for being particularly likely to impact large numbers of people. It was considered newsworthy because it existed at all.

Most Linux Malware Targets Servers

A datacenter room with server racks
Image Credit: Taylor Vick/Unsplash

Linux is relatively rare on desktops, but it’s the most prominent operating system found on servers powering the web and managing much of the world’s digital infrastructure.

Many attacks target websites rather than PCs. Hackers often look for vulnerabilities in network daemons that they can use to gain access to Linux-powered servers. Some will install a malicious script on a server that then targets visitors rather than the system itself.

Hacking Linux-powered machines, whether they are servers or IoT devices, is one way to go about infecting the web or creating botnets.

Linux’s Design Is Not Inherently Secure

Desktop Linux in its current form is hardly a fortress. Compared to Windows XP, where malicious software could gain administrator access without prompting for a password, Linux offered much better security. These days, Microsoft has made changes to close that gap. Since Vista, Windows has issued a prompt.

Yet fretting about the security of system files almost misses the point. Most of the data we care about isn’t saved in our root system folders. It’s the personal data in our home directory that’s irreplaceable and most revealing. Software on Linux, malicious or otherwise, doesn’t need your password to access this data and share it with others.

User accounts can also run scripts that activate your microphone, turn on your webcam, log key presses, and record what happens onscreen.

In other words, it almost doesn’t matter how secure the Linux kernel is, or the safeguards surrounding various system components, if it’s the vulnerabilities in apps and the desktop environment that can put the data you care most about at risk.

EvilGNOME doesn’t install itself among your system files. It lurks in a hidden folder in your home directory. On the positive side, that makes it easier to remove. But you have to first know it’s there.

4 Reasons Why Linux Relatively Safe to Use

While Linux isn’t immune to exploits, in day-to-day use, it still provides a much safer environment than Windows. Here are a few reasons why.

1. Multiple Distros, Environments, and System Components

App developers have a hard time developing for Linux because there are so many versions to support. The same challenge faces malware creators. What’s the best way to infiltrate someone’s computer? Do you sneak code in the DEB or RPM format?

You may try to exploit a vulnerability in the Xorg display server or in a particular window compositor, only to find that users have something else installed.

2. App Stores and Package Managers Shield Linux Users

Traditional Linux package management systems put app maintainers and reviewers between users and their software source. As long as you get all of your software from these trusted sources, you’re very unlikely to run into anything malicious.

Avoid copying and pasting command line instructions to install software, especially when you don’t know exactly what the command is doing and you’re unsure of the source.

3. Newer Technologies Actively Consider Security

New app formats like Flatpak and Snap introduce permissions and sandboxing, limiting what apps can access. The new Wayland display server can prevents apps from taking screenshots or recording happens onscreen, making it harder to exploit.

4. The Source Code Is Open for Anyone to Read

The primary advantage of Linux comes from being able to view the code. Since Linux is open source rather than proprietary, you don’t have to worry about the desktop itself working against you, acting as spyware itself or suffering from exploits that haven’t been disclosed for commercial reasons.

Even if you can’t make sense of the code, you can read the blog posts or reports by someone that does.

Should You Be Afraid of Linux Malware?

It’s a myth that Linux users don’t have to worry about viruses, but if you stick to your distro’s app stores or other trusted sources such as Flathub, you’re unlikely to stumble across anything dangerous.

No matter which operating system you use, it’s important that you adopt safe digital habits. Don’t make the mistake of believing that switching to Linux means you can download from sketchy sites without concern.

Yet for most of us, the biggest risk probably isn’t malware. If you’ve created a large number of online accounts or depend on cloud services, phishing scams are a much larger threat

How to Spot a Phishing Email

How to Spot a Phishing Email

Catching a phishing email is tough! Scammers pose as PayPal or Amazon, trying to steal your password and credit card information, are their deception is almost perfect. We show you how to spot the fraud.
Read More

to your data, whether or not you use Linux.

Source link

The post #linuxsecurity | Is Linux Really Immune to Viruses and Malware? Here’s the Truth appeared first on National Cyber Security.

View full post on National Cyber Security

Singapore #passes new #Cybersecurity Bill: Here’s what you #need to #know before it comes into #force

Source: National Cyber Security News

The Singapore Parliament passed the much discussed Cybersecurity Bill (the Bill) on 5 February 2018 and it is anticipated that the new law will come into force soon.  The new law creates a regulatory framework for the monitoring and reporting of cybersecurity threats to essential services in Singapore through the appointment of the Commissioner of Cybersecurity.  It also creates a licensing regime that will require certain data security service providers in Singapore to be registered.

We set out below four key points that you should know about this new Bill.

1. Creation of a cybersecurity regulator

The Bill provides for the appointment of a Cybersecurity Commissioner (the “Commissioner”) as a regulator for the sector.

The Bill confers on the Commissioner significant powers to respond to, and prevent, cybersecurity incidents affecting Singapore. These powers include the powers of investigation such as the power to examine persons, require the production of evidence and to seize evidence. In addition, where satisfied that a cybersecurity threat meets a certain specified severity threshold, the Commissioner may require a person to carry out remedial measures or to cease certain activities.  These powers apply to all computer or computer systems in Singapore and are not limited to only Critical Information Infrastructure (CII) which is described in further detail below.

Read More….


View full post on National Cyber Security Ventures

It’s #apparently #insanely easy to #hack #Apple #MacOS High #Sierra, and here’s how you can #protect yourself

Source: National Cyber Security – Produced By Gregory Evans

Most of us sleep better at night knowing that the data on our computers is safe from prying eyes. That’s why we have our trusty usernames and passwords. Well, turns out…not so much. Some tech-minded people found a super easy way to hack Apple MacOS High Sierra, and anyone can do it.

Usually, when you hear “hack” you think of some crazy complicated computing code that only the really dedicated can figure out, like Huck on Scandal or something. But to get into a computer that has the High Sierra operating system, all you have to do is type “root” as the username and leave the password field blank. Once you hit enter, you’re in.

We told you it was insanely easy.

The main user of a computer is called the “root user” and has “root access,” hence the name of the bug. The best way to protect yourself for now, according to Apple, is by setting a password for your main user account if you don’t already have one. Security experts and researchers have had varying experiences in replicating the bug, so it’s still being figured out. According to Wired, Apple is aware of the issue and working out a long- term fix, so hold tight for their update if you’re worried about your security.

Oh, and to make this even scarier, apparently the software can be hacked via malware too, meaning a hacker can get into your computer remotely.

So make sure you set your admin password and keep your eye out for anything out of the ordinary on your Mac or MacBook if you have Sierra. Hopefully, Apple will fix the bug ASAP.

The post It’s #apparently #insanely easy to #hack #Apple #MacOS High #Sierra, and here’s how you can #protect yourself appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Here’s a #list of massive #hacking #scandals

Here’s a #list of massive #hacking #scandalsSource: National Cyber Security – Produced By Gregory Evans The hacking in 2016 of data on 57 million Uber riders and drivers, unveiled on Tuesday, is among the biggest ever thefts of online users’ personal information. The hacking in 2016 of data on 57 million Uber riders and drivers, unveiled on Tuesday, is among the biggest ever […] View full post on | Can You Be Hacked?

Here’s How #Taking #Cybersecurity Very #Seriously Enhances Your #Brand

Source: National Cyber Security – Produced By Gregory Evans

It is a scary time to do business. Phishing, hacking, identity theft, ransomware, payment fraud: the list of ways that cyber criminals are attacking individuals, companies and governments seems endless. The U.S. Securities and Exchange Commission (SEC) recently referred to cyber threats as “the greatest threat to our markets right now” and for good reason. While recent global attacks like Wannacry and Petya/GoldenEye dominated headlines due to the sheer size of its reach and impact, thousands more acts of cybercrime are committed every single day — almost 50 percent of which target businesses.

But, don’t be fooled into thinking that you have to be a Fortune 500 corporation to be a target. Cybercrime is an equal opportunity menace. Larger mature companies are hit most often, but smaller scale-ups are hit the hardest, and it takes longer for them to recover. Only 14 percent of small businesses rate their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective. In today’s digital economy, winning and maintaining the trust of your customers is central to business growth, and nothing erodes trust quite like a cyber breach.

Scaling customer trust is a very different animal to scaling customer numbers. In fact, it can work in inverse proportion. When there is rapid customer base growth, it puts more strain on the company’s Trust and Safety resources, which in turn, results in an increase in security breaches and a decrease in customer trust. Don’t allow this to happen. Safely and successfully scale the trust of your customers by adopting these three key measures:

1. Take full control of updating your company’s software.

Imagine that your company is a castle. The walls of the castle can break and crumble in places, allowing intruders easy access. So these walls need to be constantly maintained and patched up. If you give everyone working in the castle responsibility for this maintenance, something is going to go wrong somewhere, sometime. One of your team will fill a hole with sand instead of cement, so you need to take full control of it.

It’s the same in a company. A recent survey conducted by research firm Voke Media found that 27 percent of companies reported a failed audit in the prior 18 months. Eighty one percent of those failures could have been prevented with a patch or configuration change. Twenty six percent of companies reported a breach, of which 79 percent could have been prevented with those two measures. In fact, if more individuals and companies kept their software up to date, the devastation caused by the recent Petya attacks would have been minimal.

By using an enterprise network, this critical function will be managed centrally by one expert rather than by many novices. 

2. Put human error in the firing line.

Even though the walls of your castle may be fully maintained and secure, a worker may unwittingly open a window or door, giving intruders full access.

Ninety five percent of all security incidents involve human error, according to the 2017 IBM Cyber Security Intelligence Index. Examples include staff clicking links to phishing scams or visiting corruptive websites, and network administrators making small errors with big consequences. For example, it was reported recently that North Korean hackers stole U.S.-South Korea war plans. A contractor working at the data center left a cable in place that connected the military intranet (which had compromised antivirus software installed) to the internet, allowing the North Korean hackers to access sensitive information.

Employees can be helped to recognize scams through prevention training and awareness programs. Make it easy for your employees to report fraudulent emails quickly, and keep testing internally to prove the training is working. Your front line must always be cyber-ready.

3. A.B.C. — Always Be Communicating with your customers.

Tell them what you are doing to keep them safe. Customers value transparency, and the more companies are open with both its customers and employees, the further trust will be established. Take Zappos, for example, who promotes transparency in its Zappos Family Core Values by being completely open with its vendors when it comes to internal information. Instead of trying to hide secrets or use private information to establish leverage, Zappos believes in giving vendors complete visibility. The result is more trusting relationships that strengthen the organization at very foundational levels.

The expertise and time required to successfully introduce all or any of these security measures can be immense, and often difficult to provide in-house. As a result, many fast-growing companies are outsourcing Trust and Safety (TnS) Operations to a partner company, allowing them to focus on core competencies. If this is a route you choose to take, be sure to demand the same level of trustworthiness from them, as your customers do from you. And here’s how to do it:

Find a partner who has a proven track record of delivering top quality TnS services.
A premium BPO will routinely outperform its partner’s Net Promoter Scores (NPS) scores and will have the data to prove it. Providing value added, high touch customer experiences results in high customer satisfaction. So not only will you have a high NPS score, you’ll also be able to turn those satisfied customers into your champions. A raw, positive customer referral is infinitely more powerful than any advertising copy.

Many companies are publicly private about its outsourcing practices, so go deeper than a few Google searches when carrying out your research. Conversations with peers and BPO reps will bear more fruit. Ask for examples and personal accounts so you can understand how the agents would react in any situation.

Ask a lot of questions about the training the contact agents receive.

Contact agents will be your front line so it’s important they are prepared for any scenario. Whether it’s risk, user safety or fraud prevention, proper training is critical. Last year, one of my TnS agents saved one of our major partners over $20,000 by foiling an attempted money laundering scam before it even got started. Our in-depth agent training programs were central to this big win.

Ask what training programs are available, and if they can be tailored to suit your needs. Empathy training for emergency situations and crises help equip agents with the skills needed in case they find themselves in a sensitive or stressful situation. The key to success is the people so choose an organization that invests in recruitment, training and quality.

Be clear about the security measures that you want in place.

By having the security discussion up front, you can find a partner that is flexible enough to provide what you need. Inform yourself about the company’s network security and how they intend to keep your data safe. Ask: Does their security philosophy match yours? Do they have the right tools already in place? What else is needed to keep yours and your customers’ data safe?

Ask about their data recovery and business continuity plans in the case of a breach. With data breaches looming around the corner every day, it’s imperative to know there’s a backup plan should a breach occur.

Make sure your partner can support your growth.

When companies experience rapid growth, it will throw up a lot of challenges on your journey to success, and many of them will be way outside of the sphere of your core competencies. You’ll need to hire in functional expertise, set up complex new systems and processes, and create management structures. In a world where companies grow faster than at any other time in history, most are outsourcing at least some of their core functions, so that they scale up successfully.

Take Airbnb for example, who over the past ten years has seen phenomenal growth. What started as a small company in San Francisco that allowed people to turn their spare bedrooms into vacation rentals, now operates in more than 190 countries worldwide. When Airbnb contracted Voxpro to carry out its TnS operations, it started with six agents. Three years later, the number has grown to 106 given the rapid growth of the business. A great BPO will grow with you.

It’s a scary time to do business, but in the 20 years I have been running companies, I have never experienced a more exciting time to do business. The digital nature of today’s global economy has opened up amazing opportunities to scale your company bigger and faster than at any other point in history. Yes, it also opens up opportunities for cyber criminal opportunists too, but never forget that you are the one in control, not them. By taking a proactive approach to your trust and safety operations you will shut them down, lock them out, and successfully scale the size and the trust of your customer base.


The post Here’s How #Taking #Cybersecurity Very #Seriously Enhances Your #Brand appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Here’s another #cyber #scam that could cost you #thousands

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans In this year of horrendous cyberheists — Equifax the most prominent — you’ve probably taken at least a few precautions: changed passwords, stopped opening files and links from unknown senders, upgraded your computer security measures, maybe put a freeze on your credit reports. But if you’re […] View full post on | Can You Be Hacked?

Your computer could be infected without you knowing it: Here’s how to find out

Source: National Cyber Security – Produced By Gregory Evans

Until you become the target of data theft, a malware attack is only what you read about in the news. Yet there is a big possibility that malware keeps hiding in your system for a long time without you being aware of it. Theft of data or money is not…

The post Your computer could be infected without you knowing it: Here’s how to find out appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers are locking people out of their MacBooks – here’s how to stay safe

Source: National Cyber Security – Produced By Gregory Evans

Hackers using stolen iCloud credentials have been able to use Apple’ Find My Device features to remotely lock down computers and demand Bitcoin ransoms from affected users. However, that doesn’t mean Apple’s iCloud was hacked. Instead, hackers are likely trying their luck with some of the many available username and…

The post Hackers are locking people out of their MacBooks – here’s how to stay safe appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures