Your next Phishing email may come straight from PayPal

paypal-fake-phishing-invoice

Malicious actors have started to exploit a loophole in the defenses of many home users, organizations, email and security services, to send out phishing emails from legitimate services. image credit: Avanan Threat actors have found a way to send phishing emails using the tools and services provided by legitimate companies such as PayPal or QuickBooks. Most phishing emails come from unrelated domains; experienced users may spot these right away, and so do many antivirus solutions. Using a domain that is on an allow list, on the other hand, adds trust to the email. Phishing emails that come directly from PayPal have a greater chance of slipping through defenses because of … Read more

Another phishing attack that bypasses multi-factor authentication targets Microsoft email users

aitm-phishing-campaign

Cybersecurity research analysts at Zscaler have uncovered a new large-scale phishing campaign targeting Microsoft email users. The main targets of the campaign are corporate users, specifically end users in Enterprise environments that use Microsoft email services. image credit: Zscaler The attackers use so-called Adversary-in-The-Middle (AiTM) techniques to bypass multi-factor authentication (MFA) protections. Microsoft published information about a similar attack in early July. The attack that Microsoft described targeted more than 10,000 organizations, and used AiTM techniques to bypass MFA protections. Zscaler describes the new attack as highly sophisticated. It “uses an adversary-in-the-middle (AiTM) attack technique capable of bypassing multi-factor authentication” and “multiple evasion techniques used in various stages of the … Read more

Hola brings the device setup ‘hello’ screen to every unlock, and with extra customization

Hola-Featured-Image

Whenever you set up a brand new device or begin to set one up following a factory restore, you’re greeted with a beautiful ‘hello’ screen that walks you through the setup process.   Recognizing that you don’t really get the pleasure of viewing this pleasant interface more than once or a couple of times throughout the duration that you own a device, Hyperixa thought it would be cool to make a jailbreak tweak called Hola that lets you see it more often. As shown in the video example and screenshot depictions provided above, you can see that Hola simply displays thw hello setup screen every time you use your device, … Read more

Disney+ and Hulu are getting more expensive in 2022

Disney-Plus-Hulu-banner

Apple TV+ debuted at $4.99 per month, and, for what it’s worth, the company hasn’t changed the price for the video streaming service. But, that doesn’t mean the price points remain the same for the primary competitors out there in the wild, unfortunately. And, sure enough, another price hike is in the works for a pair of popular options. As reported by The Verge, the price for both Disney+ and Hulu are going up. First, Disney+, which will see its price rise from $7.99 per month to $10.99 per month. That’s quite the hike, to say the least. This will go into effect beginning December 8, 2022, in the United … Read more

Facebook and Instagram use a custom in-app browser to track users, according to analysis

FAcebook-DarK-Mode-hero-001

While Apple continues to make moves when it comes to general user privacy and security, especially with iOS, there are still some areas where third-party companies can take advantage of the tools Apple has in place. For instance, a built-in web browser in apps like Facebook or Instagram, for instance, is still based on Apple’s WebKit. But it sounds like Meta has still found a way to track users that use that third-party web browser instead of Safari. That’s according to a new analysis put together by Felix Krause. A wide range of apps still rely on Safari for web browsing, but there are others that use a third-party option … Read more

How to remove the Search button from your iPhone Home Screen in iOS 16

Disable-search-iOS-16

iOS 16 has added a Search button on the iPhone Home Screen, just above the Dock. If you aren’t a fan of this, we show you how to hide it and get back the dots that signify the number of visible Home Screen pages. Hide the Search button on iOS 16 When you swipe down on the iPhone Home Screen or iOS 15 and later Lock Screen, you get to Search, which is also called Spotlight Search or just Spotlight. It lets you find almost anything on your device, be it apps, files, contacts, email, or in-app data. The swipe-down gesture is effortless, but it isn’t obvious to a new … Read more

FBI: Zeppelin ransomware may encrypt devices multiple times in attacks

Zeppelin__headpic

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned US organizations today that attackers deploying Zeppelin ransomware might encrypt their files multiple times. The two federal agencies also shared tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help security professionals detect and block attacks using this ransomware strain. “The FBI has observed instances where Zeppelin actors executed their malware multiple times within a victim’s network, resulting in the creation of different IDs or file extensions, for each instance of an attack; this results in the victim needing several unique decryption keys,” a joint advisory published today revealed. Detected by the FBI … Read more

Chinese hackers backdoor chat app with new Linux, macOS malware

Panda

Versions of a cross-platform instant messenger application focused on the Chinese market known as ‘MiMi’ have been trojanized to deliver a new backdoor (dubbed rshell) that can be used to steal data from Linux and macOS systems. SEKOIA’s Threat & Detection Research Team says that the app’s macOS 2.3.0 version has been backdoored for almost four months, since May 26, 2022. They discovered this after noticing unusual connections to this app while analyzing command-and-control (C2) infrastructure for the HyperBro remote access trojan (RAT) malware linked to the APT27 Chinese-backed threat group. TrendMicro also reported detecting the same campaign and said it found old trojanized versions of MiMi targeting Linux (with … Read more

Palo Alto Networks: New PAN-OS DDoS flaw exploited in attacks

Palo_Alto_Networks

Palo Alto Networks has issued a security advisory warning of an actively exploited high-severity vulnerability impacting PAN-OS, the operating system used by the company’s networking hardware products. The issue, tracked as CVE-2022-0028 (CVSS v3 – 8.6), is an URL filtering policy misconfiguration that could allow an unauthenticated, remote attacker to carry out amplified TCP denial-of-service (DoS) attacks. The PAN-OS versions vulnerable to this vulnerability are the following: PAN-OS prior to 10.2.2-h2 (patch ETA: next week) PAN-OS prior to 10.1.6-h6 (patch available) PAN-OS prior to 10.0.11-h1 (patch ETA: next week) PAN-OS prior to 9.1.14-h4 (patch ETA: next week) PAN-OS prior to 9.0.16-h3 (patch ETA: next week) PAN-OS prior to 8.1.23-h1 (patch … Read more

How to scan a document with your phone

161985-phones-news-feature-how-to-scan-a-document-with-your-phone-image1-dejh7bkh6w

If you have a printed document and need a digital copy then not to worry as you can easily scan paper documents with your phone. You might not know but you can capture a digital scan with your phone in a matter of seconds then turn it into a PDF and save it to the cloud. We’re here to show you how. We’ve written before about how you can scan and sign a document with your Apple iPhone, iPad and even iPod Touch. Now we’re going to show you have to do it with an Android phone. Good lighting is key As with taking any sort of photos with your … Read more

WorkinTool Watermark Eraser Review: An Easy Watermark Remover

  Watermarks help when individuals and organizations want to copyright their creations and win more brand popularity. As the most efficient way to prevent images, videos, or other types of files from being tampered with, watermarks are automatically added when downloading something from social media platforms like TikTok. However, suppose you want to stamp a logo on something and show it to viewers. In that case, it is better to use a watermark maker, and you need to download a watermark remover when you want to erase logos, dates, names, and other patterns from images and videos. That’s why we will introduce an easy-to-use watermark tool—WorkinTool Watermark Eraser, learning its … Read more

OnePlus 10T Review: Amazing performance and battery in an otherwise conventional phone

OnePlus-10T-Moonstone_Black_1-2

OnePlus has a pretty consistent flagship launch strategy at this point: a flagship launch earlier in the year, followed by another refresh later on in the year. Recently, “T” variants of the company’s phones have downgraded a little bit from their earlier flagship counterparts but bring to the table some interesting improvements, too. The OnePlus 10T follows that pattern, as while it downgrades on some things like the screen and the build, it introduces 150W charging and the Snapdragon 8 Plus Gen 1. Is the OnePlus 10T worth your money? In my mind, it’s a great device that I love a whole lot more than I thought I would. A … Read more