Featured Post

Avira Antivirus Pro - Review 2020 - PCMag India

Image
Avira Antivirus Pro - Review 2020 - PCMag IndiaAvira Antivirus Pro - Review 2020 - PCMag IndiaPosted: 11 Jun 2020 12:00 AM PDTEvery computer needs antivirus protection, and one way companies can support that aim is to provide free antivirus to the masses. But these companies can't survive unless some users shell out their hard-earned cash for paid antivirus utilities. Piling on pro-only tools and components is one way companies encourage upgrading to a paid antivirus. Avira Antivirus Pro adds several components not available to users of Avira Free Security, but they don't really add much value. The biggest reason to pay for it is if you want to use Avira in a commercial setting, which isn't allowed with the free version.Avira's pricing is undeniably on the high side, with a list price of $59.88 per year for one license, $71.88 for three, and $95.88 for five. Admittedly, it seems to be perpetually on sale; just now, the one-license price is discounted to $44.99. That…

The Dance of the Pope virus hoax - Graham Cluley Security News

The Dance of the Pope virus hoax - Graham Cluley Security News


The Dance of the Pope virus hoax - Graham Cluley Security News

Posted: 22 Mar 2020 07:43 AM PDT

The Dance of the Pope virus hoax

The Dance of the Pope virus hoax

A virus hoax appears to have had something of a resurgence in recent days, with users sharing with their online friends via social media and messaging apps.

The bogus warning claims that there is a "very dangerous" virus being spread via a video entitled "Dance of the Pope", and that if you open the video file your mobile phone will be formatted and "nothing can fix it".

Pope hoax

A typical warning being spread between folks reads as follows:

If you know anyone using WhatsApp you might pass on this. An IT colleague has advised that a video comes out tomorrow from WhatsApp called martinelli do not open it, it hacks your phone and nothing will fix it. Spread the word.

If you receive a message to update the Whatsapp to Whatsapp Gold, do not click !!!!!
Please inform all contacts from your list not to open a video called the "Dance of the Pope". It is a virus that formats your mobile. Beware it is very dangerous. They announced it today on BBC radio. Fwd this msg to as many as you can!

There's no mention of what mobile operating system (Android? iOS?) the malware runs on. There's no link to the BBC News report which it is claimed warned about the virus.

Both of these clues should make you instantly suspicious about the warning's legitimacy. But you should really have alarm bells when you are encouraged to "forward this message to as many as you can!"

The virus warning is, of course, poppycock. Variations of the hoax, which mention WhatsApp Gold and "Martinelli", have been circulating since at least 2015 and yet you won't find any genuine warnings about any "Dance of the Pope" malware on any legitimate IT security websites.

All you will find are warnings not to share virus hoaxes with your friends.

Virus hoaxes like this have been spreading for decades, and don't seem to die out. People think they're being helpful mindlessly forwarding the warnings to their friends rather than spending five minutes checking their facts.

As this "Dance of the Pope" warning is clearly nonsense, you shouldn't forward it onto your chums.

Just delete it, and tell whoever sent it to you to get a clue.

Coronavirus: Should you be cleaning your smartphone? - T3

Posted: 22 Mar 2020 12:06 AM PDT

[unable to retrieve full-text content]Coronavirus: Should you be cleaning your smartphone?  T3

Watch out for Coronavirus (COVID-19) phishing and malware - Telstra Exchange

Posted: 16 Mar 2020 11:40 PM PDT

Cybercriminals are capitalising on Coronavirus (COVID-19) to send fake email and SMS phishing attacks that could infect computers or lead to the theft of logins and personal information.

An SMS-based phishing attack sent to Australians this week with the sender of "GOV" claimed the receiver had a "new message regarding the COVID-19 safetyline symptoms". The subsequent message advised the location of local testing facilities.

People who followed the included link were directed to a website that would encourage Android device users to install an application. Anyone who visited the site from a non-Android phone such as an iPhone were directed to a benign government website instead.

The Australian Cyber Security Centre has recently warned the SMS and subsequent Android application could be used to steal banking credentials.

"The link in these text messages is not legitimate, and if clicked on, may install malicious software on your device, designed to steal your banking details," it said.

Fake COVID-19 phishing message
Credit: Australian Cyber Security Centre

The steps to install the Android application required people to check a box to install apps from unknown sources in their device's settings. They could not be infected by merely visiting the site.

It is unclear if the malware was caught by Android's much-improved in-built security defences which are present on new devices, or those running supported versions of the mobile operating system.

Telstra has blocked the offending domain, protecting customers across mobile and broadband services from accessing the site. Google has also blocked the domain under its Google Safe Browsing Initiative.

However, the rapid nature of cybercrime means new copycat domains that potentially contain the same content are likely to surface.

We should all be vigilant and not respond to unexpected messages over any communications platform, especially those which request links be clicked on or attachments be opened.

Yet more phishing attacks are targeting COVID-19 remote workers around corporate Australia.

These phishing attacks – and dozens of others that promise information on COVID-19 –entice users to open malicious attachments (some containing dangerous malware) and follow links designed to steal logins.

The emails are part of a surge of COVID-19 themed phishing campaigns detected since January which include malicious messages purportedly sent on behalf of the Australian Medical Association (AMA) and global bodies including the World Health Organisation (WHO).

Cyber security vendor ProofPoint says criminals have written phishing emails that claim to be from organisations' human resource departments and executives. The fake messages encourage victims to open and sign attached malicious documents.

We advise anyone who is working from home to avoid opening unexpected email document attachments and to report suspected phishing emails in-line with their companies' cyber security policy or delete it.

Meanwhile, Check Point, a cyber security vendor, said 4,000 COVID-19 domains have been registered between January and 3 March of which it suspects 3%, or 120 domains, are suspicious.

"Coronavirus-related domains are 50% more likely to be malicious than other domains registered at the same period, and also higher than recent seasonal themes such as Valentine's Day," Check Point researchers said.

One of the first COVID-19 phishing emails sent in January targeted victims in Japan and contained purported advice about the virus outbreak.

At least one of the phishing documents claiming to contain COVID-19 advice unleashed the Trickbot malware when opened.

Trickbot is one of the worst cyber security threats facing organisations today. The malware can download additional malicious payloads including the Ryuk ransomware which has the capacity to down global businesses. It can also deploy capabilities that allow it to spread across networks and to new computers through hijacked user email accounts.

Other COVID-19 phishing emails have dropped the NanoCore remote access trojan which grants hackers control of infected systems.

Many more contain links that load malicious login pages that mimic the appearance of tech brands like Adobe and Microsoft Office 365.

We encourage everyone to be on alert for any unexpected emails that request users login to pages or download attachments. Looking for typos and poor grammar is a common but ultimately effective indicator of phishing.

Clive Reeves
By Clive Reeves

Deputy Chief Information Security Officer - Telstra

Clive is the Deputy Chief Information Security Officer and has over 20 years' experience in cyber security risk management, engineering and operations. Clive leads critical customer-facing security capabilities including the Telstra Security Operation Centres and the Defence Engagement Security Team. Clive was previously the CISO for Telstra's Defence Engagement Team and also managed a secure ops and incident response centre. Prior to joining Telstra, Clive worked for the Australian Government and served in the Royal Australian Air Force (RAAF). Clive is an engineering graduate of RMIT and holds an MBA in Technology Management.

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US