Friday, October 18, 2019

Phishing emails harder to detect, now come with proper return email addresses

Spoofed e-mail messages just go harder to spot in your incoming mailbox. 

Normally you can spot a phishing email by the return address, which is usually fake. The dead giveaway is that it not the same as spoofing company they are trying fake. 

But there new technique just made this harder to spot. 



So if reply to this email, it will appear that it's going to dhlexpress@shipping.com as well. 

Solution

You have to now check individual links in the email or document (open online) to check if they are rogue URLs. 


Source: https://isc.sans.edu/diary/rss/25426



Thursday, October 17, 2019

.WAVs Audio files can have embedded Malware - Here's a work around

Well there goes another format down the drain, don't ever play .wav files again.




BlackBerry Cylance Threat Researchers recently discovered obfuscated malicious code embedded within WAV audio files. Each WAV file was coupled with a loader component for decoding and executing malicious content secretly woven throughout the file’s audio data. When played, some of the WAV files produced music that had no discernible quality issues or glitches. Others simply generated static (white noise).

"Each WAV file was coupled with a loader component for decoding and executing malicious content secretly woven throughout the file’s audio data," says the report. "When played, some of the WAV files produced music that had no discernible quality issues or glitches. Others simply generated static (white noise)."

Full details
https://threatvector.cylance.com/en_us/home/malicious-payloads-hiding-beneath-the-wav.html


Solution

Use an online convert for best safety
https://www.onlinevideoconverter.com/convert-wav-to-mp3

Or you can do it on your own, download the following

Convert your Wav files to AC3
https://github.com/wieslawsoltes/wavtoac3encoder

Wednesday, October 16, 2019

On Iphones with iOS13 Safari browser now sending data to Chinese Tencent Company, use Microsoft Edge instead

Another blow in trust with Apple. 


Most may not be aware of it, but Apple's web browser has been sending data to Google Safe Browsing for years. This is done to protect users against phishing scams, by using an interstitial screen that prevents you from visiting a known fraudulent website from Google's list.

Now it appears that for everyone running the latest version of iOS, Apple is sending some of your web browsing history to Chinese Internet giant Tencent. This has sent critics up in flames about the potential privacy implications, especially since the feature is enabled by default and requires some digging to find it.

Apple says that it may send some user IP addresses to Tencent in the “About Safari & Privacy” section of its Safari settings which can be accessed on an iOS device by opening the Settings app and then selecting “Safari > About Privacy & Security.” Under the title “Fraudulent Website Warning,” Apple says:

“Before visiting a website, Safari may send information calculated from the website address to Google Safe Browsing and Tencent Safe Browsing to check if the website is fraudulent. These safe browsing providers may also log your IP address.”

Tencent works closely with the Chinese Communist Party. It facilitates government censorship in China through its multi-functional utility app WeChat. The company also released a game pro-Chinese Communist Party game called Clap for Xi Jinping: An Awesome Speech in 2017 which, as the title suggests, encourages users to virtually clap for the Chinese president Xi Jinping. In addition to this, Tencent is reportedly collaborating with the Chinese Communist Party to develop “patriotic” video games.


Solution



Use Microsoft Edge as your browser on your iPhone
https://apps.apple.com/us/app/microsoft-edge/id1288723196


Of course you cannot set it a default browser on iOS, unlike Microsoft who settle a $731 million EU lawsuit for the identical issue. Why the double standard ? 




Source: https://reclaimthenet.org/apple-safari-ip-addresses-tencent/