Well, you squeeze them, and they squeeze you back. Typical. Like, the US is not expecting that.
Besides the chips, there are still the OS. It’ll take a while yet, if ever, for Huawei phones to gain traction again outside of China. What would you buy: Qualcomm/MediaTek/Huawei(SMIC) chip? What would you buy: Android/Huawei OS?
Concentrate just at the tip of your nose where the breath touches the tip leaving the body, when your breath in, think “in”, when you breath out, think “out”. Determine to keep you mind at that, but be relaxed while doing it. Works well when you are already tired, i.e. at the time that you usually go to sleep.
This is like, thought replacement. It’s a “Buddhist” technique.
Despite the Capitol’s riot, a survey showed 1/3 of Americans thought Biden’s presidency was illegitimate. The conservatives see the lawsuits as political prosecutions.
I’d say unless the non-trump voters come out to vote in a historical number like the last election, he stands a good chance of becoming a president again. And a number of states have passed laws that would make it harder for some subsets of voters to vote.
If your account is that sensitive, generally no. Fastmail wouldn’t escape the court order to turn over some email account’ IPs either. Plus, for accounts that are not e2e encrypted, the law may just demand the contents of the account.
If you have the state actors as enemies, you have to dial up your securities to a different category altogether.
In an article discussing secure email services, the need for data protection online is emphasized due to personal details in emails being vulnerable to hackers. Encrypted secure email is recommended for its ability to turn emails into code readable only with a special key, ensuring data privacy and trust-building. The article then lists 10 secure email services:
1) **ProtonMail**: Swiss-based, zero-access encryption, open-source.
2) **Tutanota**: German, open-source, comprehensive encryption.
3) **Hushmail**: Canadian, end-to-end encryption, user-friendly.
4) **Mailfence**: Belgian, OpenPGP encryption, no third-party cloud use.
5) **Posteo**: German, emphasis on privacy and green energy.
6) **Runbox**: Norwegian, security, and environmental sustainability.
7) **Zoho Mail**: Versatile, encrypted communication, integration.
8) **CounterMail**: Swedish, end-to-end encryption, focus on privacy.
9) **Kolab Now**: Swiss-based, end-to-end encryption, collaboration.
10) **Thexyz**: Canadian, security filters, customizable features.
The article also mentions the advantages of temporary mail over full email accounts, like anonymity, spam/phishing protection, and quick setup. It highlights top temporary mail services:
11) **Temp Mail**: Short-term email, automatic message deletion.
12) **MyTemp.email**: Short-lived email with user control, free.
13) **Maildrop**: Temporary email without registration, spam filter.
14) **Fake Mail Generator**: Temporary addresses with various domains.
15) **Guerilla Mail**: Disposable mailbox, one-hour email access.
16) **ThrowAwayMail**: Disposable email for short-term tasks.
17) **Mailinator**: Spontaneous email addresses for single-use.
18) **YOPmail**: Temporary email for 8 days, no registration.
19) **10 Minute Mail**: Auto-deleted temporary email in 10 minutes.
These services provide solutions for safeguarding privacy and managing emails effectively.
**Takeaways**
Seasoned cybercriminals hack legitimate websites as a way of setting phishing traps. Both long-neglected and actively maintained websites may be targeted this way. In particular, hackers tend to compromise smaller websites whose owners cannot immediately recognize their presence.
Websites powered by WordPress often suffer from vulnerabilities that allow scammers to easily gain access to the control panel using a special script and publish malicious content. Alternatively, hackers can brute-force the administrator’s credentials or use a stolen password. Website admins should use strong, unique passwords and multi-factor authentication to protect their accounts from hijacking, update the server software on a regular basis, and deactivate plugins that are not in use.
**Signs of phishing on a hacked website**
1) The page URL contains folders like /wp-Config/, /wp-content/, /wp-admin/, /wp-includes/ or similar, and the destination directory contains a PHP file. Web pages with the extension .php may be seen on legitimate websites, but they are a sure sign of phishing when combined with the above directory names.
2) The URL contains the correct (or modified) name of the service the scammers are trying to imitate, but the name has nothing to do with the name of the website itself.
3) The content on the home page is apparently unrelated to the phishing page.
**Short Summary**
The WoofLocker tech support scam campaign, initially discovered in January 2020, employs an intricate traffic redirection system, with a significant upgrade in infrastructure over the years to counter takedown efforts. Despite limited knowledge about its origin, the scheme uses a highly obfuscated code, steganography, and advanced fingerprinting techniques to redirect victims to fake support centers. The campaign's stability and complex infrastructure set it apart, and **it primarily targets limited compromised websites using Javascript for distribution.**
**Long Summary**
***Introduction:***
The blog post discusses the WoofLocker tech support scam campaign, initially reported in January 2020, which utilizes an intricate traffic redirection system. It details how the campaign has evolved over time and its tactics, along with insights into its infrastructure.
***Campaign Evolution:***
* WoofLocker campaign was first identified in January 2020, featuring a highly complex traffic redirection scheme.
* The threat actor began deploying infrastructure as early as 2017, becoming increasingly robust to counter takedown efforts.
* As of 2023, the campaign remains active with similar tactics and techniques, potentially adapting in response to security efforts.
***Redirection Mechanism and Challenges:***
* Reproducing and studying the redirection mechanism remains challenging due to its complexity and the addition of new fingerprinting checks.
***Possible Threat Actor Diversity:***
* The campaign's origin remains uncertain, suggesting involvement of different threat actors specializing in various areas.
* WoofLocker might function as a professional toolkit designed for advanced web traffic filtering, possibly catering to a single customer.
* Scam victims are redirected to call centers, likely located in South Asian countries, after falling for the scheme.
***Overview of Distribution and Techniques:***
* WoofLocker is distinct from other tech support scams as it's distributed via compromised websites, rather than relying on malvertising.
* The threat actor targets two types of traffic: non-adult and adult, distinguished by unique redirection URLs.
* Malicious JavaScript is embedded in compromised sites, using obfuscation and steganography (data in images) for code delivery.
***Fingerprinting and Redirection:***
* Victims visiting compromised sites undergo fingerprinting to validate their legitimacy.
* Fingerprinting checks include identifying virtual machines, certain browser extensions, and security tools.
* WoofLocker sends victim data back to the server as a hidden PNG image, leading to potential redirection, or no further action.
***URL Redirection and Web Traffic:***
* The redirection URL is generated on the fly, with a unique ID only valid for this specific session.
* The browser reads the response, executing JavaScript code hidden in images.
* Traffic capture reveals the sequential steps: fingerprinting checks, validation of user data, and creation of a unique ID (uid) for redirection.
***Infrastructure Changes:***
* WoofLocker's infrastructure evolved significantly since the initial discovery.
* The threat actors shifted to hosting providers that offer better protection against takedowns.
* ASNs (Autonomous System Numbers) are located in Bulgaria and Ukraine.
***Conclusion and Detection:***
* WoofLocker most likely serves as an advanced toolkit, primarily designed for a single customer.
* The campaign has operated as a stable and low-maintenance business for six years.
* Unlike other campaigns, WoofLocker leverages compromised sites and robust infrastructure to maintain its operations.
Summary:
* Encryption is a way of converting data into a form that cannot be read by unauthorized people. This can be used to protect sensitive information, such as financial data and medical records.
* There are many different encryption tools available for Windows, each with its own strengths and weaknesses.
* Some of the best encryption tools for Windows include:
1) **7-Zip**: A free and open-source file archiver that can also be used to encrypt files. 256-bit AES cipher encryption. GNU LGPL license.
2) **VeraCrypt**: A free and open-source disk encryption tool that can be used to encrypt entire drives or partitions. Cross-compatible with Windows, macOS, and Linux. Whole-drive, USB, file-container, plausible deniability encryption. Independently audited.
3) **Age**: A modern file encryption format and tool that uses a strong encryption algorithm. Command line interface. XChaCha20-Poly1305 encryption.
4) **Gpg4win**: A free and open-source encryption tool that supports a variety of encryption standards. Files and emails. File encryption and digital signatures.
5) **BitLocker**: A disk encryption feature that is built into (and only free on) Windows 10 Pro+ and 11 Pro+.
6) **Cryptomator**: A free and open-source cloud encryption tool that allows you to encrypt your data before it is uploaded to the cloud. Periodic independent security audits.
* When choosing an encryption tool, it is important to consider your specific needs and requirements. Some factors to consider include the type of data you need to protect, the level of security you need, and your budget.
* It is also important to use a strong password and to keep your encryption keys safe.
The article also recommends that you go through the homepage of each app to learn more about it before you choose one. This will help you find the best tool for your needs.
**Entire comment**:
**UK Electoral Commission Hacked**
The UK Electoral Commission discovered last year that it was hacked the year before. That’s fourteen months between the hack and the discovery. It doesn’t know who was behind the hack.
> We worked with external security experts and the National Cyber Security Centre to investigate and secure our systems.
If the hack was by a major government, the odds are really low that it has resecured its systems—unless it burned the network to the ground and rebuilt it from scratch (which seems unlikely).
**Summary on Bruce Schneier**
Bruce Schneier is a renowned security technologist, acclaimed for his books, articles, and influential newsletter "Crypto-Gram" and blog "Schneier on Security." He's affiliated with Harvard University's Berkman Klein Center and Kennedy School, and holds roles with organizations like the Electronic Frontier Foundation and AccessNow. Currently, he serves as the Chief of Security Architecture at Inrupt, Inc.
**Summary**
The article discusses 6 personality traits that make people more vulnerable to phishing scams. These traits are:
* **Extroverted**: Extroverts tend to be more trusting and less suspicious of others, which makes them more likely to fall for phishing scams.
* **Agreeable**: Agreeable people are more likely to be empathetic and want to help others, which can make them more vulnerable to phishing scams that appeal to their emotions.
* **People-pleasing**: People-pleasers are more likely to go out of their way to help others, even if it means putting themselves at risk. This can make them more susceptible to phishing scams that demand urgent action.
* **Quick to trust**: People who are quick to trust others are more likely to fall for phishing scams, even if the message seems suspicious.
* **Fear of or respect for authority**: People who have a strong fear of or respect for authority figures are more likely to be fooled by phishing scams that pose as authority figures.
* **Poor self-control**: People with poor self-control are more likely to act impulsively, which can make them more vulnerable to phishing scams that demand immediate action.
The article also provides tips for staying safe from phishing scams, such as:
* **Pause** before responding to any suspicious message. Don't click on any links or open any attachments in a message unless you are sure it is from a legitimate source.
* **Investigate the source of the message.** Look for misspellings or grammatical errors in the message, which can be a sign of a scam.
* **Think carefully before reacting to the message.** Don't feel pressured to act immediately. Take some time to research the company or organization that the message claims to be from.
No kidding. The email itself is smooth. But now, I bet you would have caught it by the sender, though, the paper mentions using gmail addresses for the from field.
When I was a student, if someone gave me free stuffs, I wouldn’t have thought too much about it. People nowadays have to have 0-trust policy for their online comm; this is pretty dystopian.
I don’t think it does, having a flair in a particular sub lends more weight for that sub. I believe some individuals with high karma points tend to be more obnoxious because they don’t care that people will downvote them, but I personally experienced only one (which could be just that specific individual.) There are other who wish for tools that’ll screen out both low-karma users (spams, etc) and really-high-karma (100K+) users, presumably because of reasons along this line.
Humans often behave differently when they have coveted labels associated with them. Think celebrity, blue-birds, royalties, etc.
**Summary**
* Zscaler discovered a new information stealer called Statc Stealer.
* Statc Stealer is a sophisticated malware targeting Windows devices to steal sensitive information.
* The malware disguises itself as authentic Google ads (and .mp4 file) to infect systems.
* Stealing capabilities include data from web browsers, crypto wallets, credentials, and messaging apps including Telegram.
* Statc Stealer uses C++ code, evasion techniques, and encryption to hide its actions.
* The attack chain involves malvertising, dropper, downloader files, and PowerShell scripts.
* Stolen data is encrypted and sent to a command-and-control (C&C) server.
* Popular Windows browsers like Chrome, Edge, Brave, and others are targeted.
**Paper Title**
Devising and Detecting Phishing: large language models (GPT3, GPT4) vs. Smaller Human Models (V-Triad, generic emails)
**Corp Blog Article**
https://blog.knowbe4.com/ais-role-in-cybersecurity-black-hat-usa-2023-reveals-how-large-language-models-are-shaping-the-future-of-phishing-attacks-and-defense
**Paper Abstract Summary**
***Phishing Attacks***
* AI programs utilize large language models to automatically generate phishing emails with minimal user data. This is unlike manual phishing email design based on hackers' experiences.
* The V-Triad rules allow manually crafting phishing emails based on cognitive biases.
* Study compared participant responses to GPT-4 auto-generated emails, V-triad manual emails, and their combination. A control group received generic phishing emails for comparison.
* Phishing emails were sent to 112 participants (Harvard students) offering Starbuck gift cards.
* **Control group** clicks: ~20% (19-28%)
* **GPT-generated emails** clicks: ~30% (30-44%)
* **V-Triad-generated emails** clicks: ~70% (69-79%)
* **GPT-V-triad emails** clicks: ~45% (43-81%)
*Example GPT-V-triad Email*
***Phishing Defense***
* Four popular large language models (GPT, Claude, PaLM, LLaMA) used to detect phishing email intent. AI detection was then compared to human detection.
* AI excelled in identifying malicious intent, even for non-obvious phishing emails.
* AI sometimes outperformed humans, though often with slightly lower accuracy.
* Claude's results were highlighted for not only achieving high results in detection tests but also providing sound advice for users.
**Paper Abstract**
AI programs, built using large language models, make it possible to automatically create phishing emails based on a few data points about a user. They stand in contrast to traditional phishing emails that hackers manually design using general rules gleaned from experience. The V-Triad is an advanced set of rules for manually designing phishing emails that exploit our cognitive heuristics and biases. In this study, we compared how many participants pressed a link in emails created automatically by GPT-4 and created manually using the V-triad. We also combine GPT-4 with the V-triad to assess their combined potential. A fourth group, exposed to generic phishing emails, was our control group. We utilized a factorial approach, sending emails to 112 randomly selected participants recruited for the study. The control group emails received a click-through rate between 19-28%, the GPT-generated emails 30-44%, emails generated by the V-Triad 69-79%, and emails generated by GPT and the V-triad 43-81 %. Next, we used four of the most popular large language models (GPT, Claude, PaLM, LLaMA) to detect the intention of phishing emails and compared the results to human detection. In some cases, the AI programs are surprisingly good at detecting malicious intent, even for non-obvious phishing emails, sometimes surpassing human detection, although often being slightly less accurate than humans.
The U.K. Parliament is close to passing the Online Safety Bill, which threatens global privacy by allowing backdoors into messaging services, compromising end-to-end encryption. Despite objections, no amendments were accepted. The bill also includes content filtering and surveillance measures. There's still a chance for lawmakers to protect privacy with an amendment preserving encryption. A recent survey shows the majority of U.K. citizens want strong privacy on messaging apps.
Microsoft has released security updates for 130 vulnerabilities, including four that are known to be actively exploited.
**The four actively exploited vulnerabilities are:**
- CVE-2023-32049: A Windows SmartScreen Security Feature Bypass vulnerability.
- CVE-2023-35311: A Microsoft Outlook Security Feature Bypass vulnerability.
- CVE-2023-32046: A Windows MSHTML Platform Elevation of Privilege (EoP) vulnerability.
- CVE-2023-36874: A Windows Error Reporting Service Elevation of Privilege vulnerability.
Other vendors have also released security updates, including Adobe, Apple, Cisco, Fortinet, Google, MOVEit, Mozilla, SAP, and VMware. These updates are important to install as soon as possible to protect your systems from attack.
**Other details:**
- The CVE-2023-32049 vulnerability can be exploited by tricking users into clicking on a malicious link. Once clicked, the link will bypass the Windows SmartScreen security warning and allow the attacker to execute arbitrary code on the victim's computer.
- The CVE-2023-35311 vulnerability can be exploited by tricking users into opening a malicious Microsoft Outlook email. Once opened, the email will bypass the Microsoft Outlook security warning and allow the attacker to execute arbitrary code on the victim's computer.
- The CVE-2023-32046 vulnerability can be exploited by tricking users into opening a malicious file. Once opened, the file will exploit the vulnerability and allow the attacker to gain elevated privileges on the victim's computer.
- The CVE-2023-36874 vulnerability can be exploited by attackers who have local access to a victim's computer. Once exploited, the vulnerability will allow the attacker to gain administrator privileges on the victim's computer.
You are right. The EMUI outside of China is still based on Android with its own eco-system, although the other EMUI is also based on HarmonyOS which may/may not be compatible with Android, especially in the future. It seems, the phone has disappeared from some international markets altogether, the countries being friendly to China or not, probably because consumers are worried that their phones wouldn’t be supported by critical apps.