Microsoft Changed the Taxonomy of Naming the Hacker groups

andreasc
-
0
Microsoft Changed the Taxonomy of Naming the Hacker groups
[ad_1]
Microsoft Taxonomy

Microsoft has initiated the naming taxonomy for threat actor groups. Over the years, threat actors have evolved massively, leading to confusion about which threat actor was responsible for which threat activity.

To solve this, Microsoft has introduced this naming taxonomy and categorized them based on their origin and activity.

Though threat intelligence has emerged massively, it must still be an organized data resource that can help protect and prioritize based on the hacking groups confronted.

Weather-based Hacking group name taxonomy

Microsoft has relied on weather condition names for naming these hacking groups as this can be easy to remember and spread the word.

EHA

Categorization

Microsoft has categorized threat actors into five main groups based on their operations.

  1. Nation-state – These threat actors work on behalf of or are directly supported by a nation/state. They specifically target government agencies, intergovernmental organizations, espionage, financial gain, or as an act of retribution.
  2. Financially Motivated – These threat actors target an organization or an individual as a part of a financial motive. These threat actors/ groups did not seem to be linked with nation-state actors. The best examples of these threat actors are ransomware operators, phishing groups, or other groups with purely money-minded activities.
  3. Private Sector Offensive actors (PSOAs): These are threat actors who were once known as legal organizations but later seemed to have been involved in activities like creating malware, selling weapons and surveillance software to cyber criminals who use them for illegal purposes, or targeting any white-collar individuals. The best example of this kind of threat actor was the QuaDream company which was shut down recently for its malicious activities.
  4. Influence Operations: These are the threat actors that spread misinformation among people to disrupt or manipulate people’s interests. This kind of threat actor is also involved in political manipulations for malicious purposes.
  5. Groups in Development: This category set by Microsoft includes threat actors whose origin and way of operations are yet to be confirmed. In other words, these include threat actors still in developmental phases and involved in small-scale malicious attacks.

Microsoft has also released complete information on their new weather name taxonomy, including the family name, their origin or country of operation, and their category.

Building Your Malware Defense Strategy – Download Free E-Book


[ad_2]
Source link

A week in security (April 17

andreasc
-
0
A week in security (April 17
[ad_1]

The most interesting security related news from the week of April 17 – 23.

Last week on Malwarebytes Labs:

Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

You’re stuck with Snapchat My AI if you don’t pay up

andreasc
-
0
You’re stuck with Snapchat My AI if you don’t pay up
[ad_1]

Snapchat recently made its AI chatbot, My AI, available to the public, and people are definitely using it. However, if you want to unpin My AI, then you’ll need to pay for it.

If you’re unfamiliar with My AI, this is the AI chatbot powered by ChatGPT, and it’s integrated right into the app. You’ll know you have it if you see a new chat conversation in your feed. If you see it, then you can start talking to it immediately.

It’s a chatbot, so you’re able to talk to it about just about anything and get a human-like response. Since it’s powered by ChatGPT, you can also use it to generate written content. There’s a lot that you can do with My AI.

You can’t unpin My AI unless you pay

This is rather ironic considering that My AI started as a Snapchat+ exclusive feature. This exclusivity netted the subscription service a million more users over the past 11 weeks.

Now that it’s available, non-paying users can use it, but the conversation is automatically pinned to the top of your chat feed. There are people who don’t like that. Some don’t want an extra chat cluttering up the feed, and others just don’t want anything to do with AI.

Well, we have bad news for those people. According to 9to5mac, if you want to unpin My AI, you need to be a Snapchat+ user. That’s right, the subscription that exclusively offered My AI is required to get rid of it.

This might not seem like the biggest issue for the company, but it means some trouble for the app itself. The report states that this prompted users to flood the Snapchat app in the Apple App Store with 1-star reviews.

It seems that Snapchat is aggressive about pushing AI on its users. AI is the next major frontier in tech, and many companies are making a pivot toward it. It’s just unfortunate that people are forced to see My AI when they don’t want to.


[ad_2]
Source link

According to some Google employees, Bard AI chatbot is just a charade

andreasc
-
0
According to some Google employees, Bard AI chatbot is just a charade
[ad_1]

The artificial intelligence battle led to the birth of Google’s Bard AI chatbot, a rival to the Bing ChatGPT chatbot. But some employees at Google don’t think much of Bard like their employers want you to, it seems. What exactly can be the reason behind the rejection Bard is getting from its people?

Well, many might argue that the reports only cite a trifling sum of Google workers. Some people making up this list of those kicking against Bard are ex-Google staff. But regardless of the size of the opposition, it is a wise course to take into account the reason for their aversion.

It boils down to the abilities of the Bard AI chatbot when put to use by people. The outlined issues are also the case with Bard’s greatest rival, the Bing AI chatbot. Funny enough, the staff at Google have labelled this AI platform as “worse than useless”. This sounds a bit too harsh coming from Googlers, hence drawing more attention to Bard’s performance.

The misleading responses of Google’s Bard AI chatbot put it under intense scrutiny from its makers

Over the past few months, Microsoft has made the headlines as a result of its integration of ChatGPT into its browser. This brought the AI chatbot into Bing and Skype, but users have been able to spot some flaws. These flaws come as a result of the Bing AI chatbot not knowing the limits of a conversation, threatening users, and falsifying information.

Shortly after Microsoft announced the integration of ChatGPT into Bing, Google was already preparing to announce the Bard AI chatbot. Well, it seems like Google employees are pointing out noticeable flaws in the AI chatbot, following its arrival.

These flaws are quite similar to those that came to the spotlight with the ChatGPT chatbot. Bard now provides false information to users and gives dangerous advice, hence threatening user safety. Google’s rush might be the main cause of these issues that their employees are pointing out in Bard’s usage.

Reports have it that the internal safety team had advised that the chatbot not be launched. Instead, these flaws be fixed to foster the launch of a more stable and user-friendly product. Now, Google will have to focus on fixing these issues to ensure that those making use of this product will be able to get safe and accurate responses for their searches.

Just like Microsoft’s Bing AI chatbot, Bard comes with some flaws. Many might argue that it is normal for any new AI product, but such issues are pushing certain countries to ban AI chatbots. The AI chatbot industry needs to undergo refining before it can sit with the majority as being safe for usage.


[ad_2]
Source link

Appeals court affirms lower court rulings in favor of Apple’s App Store against Epic Games

andreasc
-
0
Appeals court affirms lower court rulings in favor of Apple’s App Store against Epic Games
[ad_1]
Monday saw Apple chalk up a big legal victory against Fortnite developer Epic Games. As you probably recall, back in 2020 Apple removed Fortnite from the App Store after Epic Games included a link to its own in-app payment platform in the game. The link bypassed Apple’s in-app payment platform which takes up to 30% of in-app purchases. Epic took Apple to court seeking to force Apple to allow Epic’s app store to be available on the iPhone and to force Apple to make changes to its in-app payment platform policies.

The Ninth Circuit Court of Appeals upholds most of the rulings made by the lower court in Apple’s favor

Bloomberg reported on Monday that the U.S. Ninth Circuit Court of Appeals affirmed most of the rulings made by Judge Yvonne Gonzalez Rogers thus rejecting the majority of Epic’s claims. The appeals court upheld Judge Rogers’ rulings in favor of Epic regarding claims made regarding California state law.
The link to Epic's in-app payment platform that led to the removal of Fortnite from the App Store - Appeals court affirms lower court rulings in favor of Apple's App Store against Epic Games

The link to Epic’s in-app payment platform that led to the removal of Fortnite from the App Store

While one judge felt that the case should have been sent back to Judge Rogers with some new guidance, the majority opinion agreed with the argument made by Apple that it needs to closely watch the apps that are installed on its devices like the iPhone and iPad to prevent users from downloading malware, spyware, adware, and other potentially dangerous software. The panel wrote, “Apple makes clear that by improving security and privacy features, it is tapping into consumer demand and differentiating its products from those of its competitors — goals that are plainly procompetitive rationales.”

The panel did agree with the lower court ruling that Epic was “injured” by Apple’s resistance to have developers lead users to third-party payment platforms. It also told Judge Rogers to reexamine her ruling that Epic didn’t owe Apple for attorney fees.

Apple has already made a big change to App Store policies by allowing “Reader apps,” which include apps and subscription services such as digital newspapers and magazines, books, and audio and video streaming, to direct users to third-party payment platforms. Games are not covered by this policy. While Fortnite remains out of the App Store, Epic CEO Tim Sweeney has suggested that the title could return to iOS this year.

The EU’s Digital Markets App is forcing Apple to allow sideloading of apps in its 27 member countries

Apple issued a statement via email that said, “The App Store continues to promote competition, drive innovation, and expand opportunity, and we’re proud of its profound contributions to both users and developers around the world. We respectfully disagree with the court’s ruling on the one remaining claim under state law and are considering further review.” The company also characterized the ruling as a “resounding victory” noting that it had nine out of 10 claims decided in its favor.

Epic’s Sweeney tweeted, “Fortunately, the court’s positive decision rejecting Apple’s anti-steering provisions frees iOS developers to send consumers to the web to do business with them directly there. We’re working on next steps.”

Apple is being forced to make changes to its “walled garden” policies in Europe where the EU has passed the Digital Markets Act (DMA). The DMA is forcing Apple to allow third-party apps to be installed on the iPhone via sideloading with the release of iOS 17. This past week, Bloomberg’s Mark Gurman said that Apple will only allow sideloading in the 27 member countries that make up the EU. In the U.S., sideloading will remain blocked by Apple.


[ad_2]
Source link

Proton Launches Proton Pass Password Manager With E2EE

andreasc
-
0
Proton Launches Proton Pass Password Manager With E2EE
[ad_1]

The parent firm behind the popular ProtonVPN and ProtonMail has now come up with another privacy venture. As announced recently, Proton has now launched a dedicated password manager – the Proton Pass with end-to-end encryption.

Proton Pass Password Manager Arrives

As announced via a recent blog post, Proton (formerly ProtonMail) has now introduced a secure password manager – Proton Pass – for its subscribers.

Elaborating on the details, Proton stated that it decided to take this step after receiving numerous requests from its users.

The post explained that the firm had previously partnered with SimpleLogin to provide users with “Hide-my-email” aliases. And now, the same team has worked on to develop the password manager with enhanced security and privacy features.

Specifically, the core strength of Proton Pass lies in its default end-to-end encryption (E2EE) implementation. Though, numerous other password managers also apply E2EE, Proton Pass looks different in that it encrypts all web fields unlike other that only encrypt the password field. That includes encrypting usernames, web addresses and other details. With such encryption, Proton Pass strives to prevent user profiling from web tracking elements.

Moreover, it also supports two-factor authentication by default and even allows 2FA autofill. In this way, it even aims to ditch potential keylogging attempts.

Regarding the encryption technology, the tool implements bcrypt password hashing and a hardened Secure Remote Password (SRP) for authentication and preventing MiTM attacks.

To Be Available For The Public In A Year

At the time of announcement, Proton Pass is available in beta for Lifetime and Visionary users. Also, the firm will typically invite users to test the tool, planning to roll out the invitation in a few days. Nonetheless, the firm has pledged to release the tool for the public later this year.

Currently, Proton Pass supports iOS, Android, and desktop systems with Brave and Google Chrome browsers. Mozilla Firefox users need to wait for some time as the service couldn’t approve the add-on before the official release.

Let us know your thoughts in the comments.


[ad_2]
Source link

Adult content malvertising scheme leads to clickjacking

andreasc
-
0
Adult content malvertising scheme leads to clickjacking
[ad_1]

Malwarebytes’ researchers have discovered a malvertising scheme that uses adult lures for clickjacking purposes.

Malwarebytes’ researchers have found a malvertising scheme that leads to clickjacking.

Clickjacking is a form of ad fraud which is also referred to as click fraud or click spam. It is a practice performed by certain dubious advertising networks, where they sometimes use automated programs—from simple to sophisticated bots and botnets—to interact with advertisements online. But it can also be done by tricking legitimate users into clicking ads, visiting pages, and (in some cases) creating fake form submissions.

Ad fraud means that the advertiser pays the referrer or the advertising network to show their ads to interested visitors. In reality, the criminal doesn’t care who actually clicks or whether they are interested, as long as the money keeps coming their way.

The campaign

To start things up, visitors are lured to several fake blogs about topics they might find interesting.

the actual blogThis is how the actual blog looks

The original blog however is hidden by an overlay showing blurred explicit content and a button asking the visitor to confirm they are 18+ and asking if they want to enter the website. We have seen a few different overlays on the same website, so there could some fingerprinting involved. Below are a few examples:

example of overlay 1

overlay button version 2

Whichever one the visitor sees, clicking the button does nothing other than registering a click on an advertisement. However, that does help the cybercriminals set up this clickjacking scheme. 

advertisement targeting Dutch audience

Above is an example of an advertisement shown to a Dutch IP and, below, a screenshot of the Google ad that was presented to a Canadian IP address.

full link to the advertisement shown to a Canadian visitor

This is the link behind the version you can see here:

overlay version 3Dragging the button allows the visitor to see where the click will take them

The code behind these attacks is obfuscated.

obfuscated javascript

In this case there is no imminent danger for the website visitor. It is just wasted money for the advertiser. So, if you run into one of these, don’t make them any richer by clicking that 18+ button.

If you are spending money on advertising it is worth looking at what you get for the money your are spending. According to research carried out by BusinessOfApps the total cost of ad fraud in 2022 was around $81 billion, and is predicted to increase to $100 billion by 2023.

If the spending and return on investment are non-transparent, advertisers can also look at solutions that can significantly reduce their advertising costs. You can try some for free for up to 5,000 paid clicks per month on the Google Ads platform.

Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

Android 13 QPR3 Beta 3 brings new design to 3-button navigation

andreasc
-
0
Android 13 QPR3 Beta 3 brings new design to 3-button navigation
[ad_1]

Coming with the Android 13 QPR3 Beta 3 upgrade is a new design for the 3-button navigation system. This change is more noticeable when the user activates the home button assistant activation system. Beta testers have taken note of this feature and brought the changes it features to the spotlight.

The size of the keys in the 3-navigation system with this new Beta testing upgrade sees some design changes. Also, its animation responses when users activate the Google Assistant feature gets a facelift. Users also note that these changes were not available in the previous Beta upgrade version.

In this article, we will take a look at these changes that might make their way to the update’s stable release. According to reliable sources, the stable release should be available by June. But before this release, it’s important to note what features will roll out to the public with this update.

The 3-button navigation gets some design improvements with the Android 13 QPR3 Beta 3 upgrade

If you use 3-button navigation on your Android 13 device, prepare yourself to welcome a new design. This design change or improvement affects all three buttons, but one stands out. The minimize, home, and back buttons are now slightly larger with the Android 13 QPR3 Beta 3 upgrade.

The increase in the size of the three navigation buttons is not so conspicuous. Also, the back key, shaped as a triangle, now has more rounded edges which will make it a bit more appealing to the eyes. But the home button (the circle shape) comes with the most noticeable change among all three keys.

With the QPR3 Beta 3 upgrade, the home button drops off the surrounding ring. Now the home button is just a relatively large circle and still packs its Google Assistant shortcut feature. Holding down this button will pull up the Google Assistant like it already does with the existing Android 13 stable version.

Beta testers note that the home button on the Android 13 QPR3 Beta 3 version gets larger when the assistant feature is disabled. But with the feature turned on from the user’s settings, the home button takes an average size. The pop-up when a user pulls up the Google Assistant stays unchanged.

This change to the 3-button navigation with the Android 13 QPR3 Beta 3 upgrade might also carry into Android 14. But before that, it will first become available for Android 13 devices in a few months. Once the stable update is ready, users will get it via a system update with many features.

Android 13 QPR3 Beta 3 Navigation Buttons


[ad_2]
Source link

Apple to allow sideloading apps only in markets it’s forced to do so

andreasc
-
0
Apple to allow sideloading apps only in markets it’s forced to do so
[ad_1]

According to a new report, Apple won’t allow sideloading apps everywhere, only in markets it’s forced to. In other words, sideloading apps may arrive with iOS 17, but only in Europe, not the US, or any other markets.

Apple may allow sideloading apps, but only in markets in which it’s forced to do so

Why is that? Well, the EU laws are kind of forcing Apple’s hand when it comes to features. The EU law forced Apple to include a Type-C port on the iPhone 15 series. Apple was not planning to do so, but the EU forced the change.

Now, Apple won’t manufacture iPhone 15 units with different ports, of course, so all iPhone 15 units will include Type-C ports, regardless of where they’re being sold. Sideloading apps may be a different story.

This info was shared by Mark Gurman, from Bloomberg, who shared a comment during a MacRumors podcast. Apple seemingly plans to open iPhone up to third-party stores and sideloading, to comply with the EU’s Digital Markets Act.

Only the EU countries will get this change, you still won’t be able to sideload in the US

This will happen only in countries where the DMA is applicable, so only in the EU countries. Gurman suggested that Apple may downplay this feature so much, that it won’t even announce it at the upcoming WWDC.

“They’re not gonna do anything extraneous that would further hurt their grip on the App Store”, said Gurman. He did claim that this was a “major undertaking” on Apple’s part, however. He also added that “there’ll be some sort of review process, even though these apps would be installed outside the App Store”.

So, iOS 17 in Europe and the rest of the world may differentiate a bit, due to this sideloading feature. It remains to be seen how exactly will Apple implement this. WWDC is set to take place in early June, and we’ll see if Apple will mention the change at all. It’s possible it’s going to ignore it altogether, as Gurman suggested.


[ad_2]
Source link
1...1,2701,2711,272...1,452Page 1,271 of 1,452