Everything you need to know

On Saturday, AT&T was hit by a cyber attack, resulting in 73 million accounts being leaked onto the dark web. The company confirmed the data to be from 2019 & earlier. So far no evidence has been found as to what led to the cyber attack.

Although the company has reassured its account holders calling the situation unaffected. “As of today, this incident has not had a material impact on AT&T’s operations,” the company wrote in a press release on Saturday.

The leaked information included data such as names, home addresses, phone numbers, date of birth, and Social Security Numbers. The company has advised users to set up fraud alerts and check their accounts and credit reports via email.

All the passcodes of the 7.6 million account holders have been reset. The event has caused a sudden panic in casual lives and reminded the importance of cybersecurity.

How Can We Prevent A Cyber Attack from Taking Place

In today’s world, cybersecurity is more important than ever. With ever-growing threats to businesses, having a strong security solution is essential. A simple hack into the system can lead to legal problems. There are far too many threats out there to ignore the risks.

Here are some ways to prevent cyber attacks :

• Keep your software and systems fully up-to-date
• Ensure Endpoint Protection
• Install a Firewall
• Backup your data
• Wifi Security
• Passwords

Conclusion

With the recent event of cyber attack taking place at AT&T, digital users and companies have become cautious. As for AT&T, further investigation is still in progress. The company has managed to take care of the situation professionally and keep up with its reputation.

Suggested Posts:
Know All About CyberSecurity And Its Importance.

Best Practices for Mobile Security and Data Privacy.

The post AT&T Faces A Cyber Attack, Millions Of Data Leaked On Dark Web appeared first on Tricky Enough.

Cybersecurity is in a perpetual metamorphosis, with an ever-evolving landscape of threats. Remaining abreast of the most current perils is an imperative duty to safeguard global businesses. A mere fleeting lapse can expose a company’s sensitive data, instigating operational disruptions and eroding the trust of clientele, as exemplified by several high-profile instances. Hack the Box takes on the vital task of bridging the cybersecurity skills gap.

This game provides a distinctive and constantly evolving online upskilling, training, and certification for cybersecurity. Hack the Box is the go-to choice for cybersecurity training with a community of over 1.5 million members. This community includes trusted brands like Toyota, Siemens, and EA Sports.

Trusted by Industry Leaders Choose Hack the Box for Cybersecurity Training

Why choose cybersecurity training with Hack the Box over traditional IT modules typically offered by businesses? Hack the Box founder Haris Pylarinos champions a platform that “connects cyber-ready individuals and organizations through immersive hacking experiences, fostering creative problem-solving.”

The training environment within the game encompasses a wide array of technologies and infrastructures, spanning conventional networks, endpoints, web applications, and cloud-based systems. This renders it an all-encompassing and versatile platform.

Communities offer a vast wellspring of knowledge

Headquartered in the Southeast, our company’s mission is to actively engage businesses and their employees in understanding the ever-evolving cybersecurity threat landscape. We offer more than mundane modules and checklists you breeze through during your morning tea break. Instead, we provide highly captivating learning content replicating real-world threat scenarios, incorporating the most current attack techniques and methods.

Haris Pylarinos, the founder, proudly states, “Hackers for hackers built Hack The Box.” Traditional training content must often be updated and reflect real-world challenges, creating a void in the cybersecurity training industry for a dynamic, adaptable, and cloud-based approach.

Recommended:

How to Create a Strong Cybersecurity Culture in Your Organization?

The Growing Role of Machine Learning in Cybersecurity.

The post Hack the Box – Community-Powered Cybersecurity Game appeared first on Tricky Enough.

If you’re an iPhone user, then you must be alert and careful before what you click on. There’s a new cyber threat found via Kaspersky Internet Security that targets iPhone devices and takes complete control of the device.

One of the biggest cybersecurity and antivirus software companies ‘Kaspersky Internet Security’ recently found a cybersecurity threat called ‘Triangulation’. This threat targets old versions of iPhones, such as iOS 15.7, and gains complete access via the iMessage app.

iMessage App at Risk kaspersky internet security

The iMessage app contains a malicious attachment that automatically installs spyware & takes complete control over the iPhone and its data.

As per the Kaspersky report, they just uncovered a cybersecurity threat. It is extremely complex & targets iPhone devices via the iMessage app by auto-installing spyware and taking complete control of it.

Operation Triangulation

Also, Kaspersky CEO Eugene Kaspersky tweeted about this iOS attack, and it is called Triangulation. He said, “Our investigation of this Triangulation continues, and we expect further details to be shared soon.”

In the Kaspersky report, they said that their team of iPhone users recognized this malware attack. This threat is quietly entered via the iMessage app and gets access to microphones, cameras, photos, messages, geolocation, and other sensitive data. 

He also said that this threat had been neutralized and complete vulnerability details had been sent to the Apple company.

Further investigation shows that dozens of iPhone devices were infected with this attack.

The Zero-Click Attack kaspersky internet security

Getting this threat inside the iPhone device is easier; the user will receive a message on the iMessage app with an attachment. When the user opens the message, a threat will automatically go inside the device and take complete control over the device. Once the hacker gets complete control, the message with the attachment will automatically be selected from the device.

On Friday, Kaspersky also released tools to identify if the device is infected. 

One of the clear indications or ideas to check this Triangulation attack on iPhone devices was that it turned off the iOS update and didn’t allow users to update their iOS version. 

The CEO of Kaspersky noticed that turning off the iMessage app can prevent iOS devices from being attacked. iOS 16 seems safe from this Triangulation threat, and there are low chances but not guaranteed.

Apple iOS 16.3 Updates

Furthermore, Apple released major updates that fixed vulnerabilities with iOS 16.3 and MacOS 13.2 supported iPhone, iPad, and Mac devices.

Suggested:

What Security features must have in Good Antivirus?

How To Remove Malware From Computer?

The post Kaspersky Finds Cybersecurity Threat that Targets iPhone Users via iMessage to Gain Access appeared first on Tricky Enough.

Here is the list of a few infected applications:

• L.POINT with L.PAY – 10 million downloads
• Pikicast – 5 million downloads
• Swipe Brick Breaker – 10 million downloads
• Money Manager Expense & Budget – 10 million downloads
• LIVE Score, Real-Time Score – 5 million downloads
• GOM Player – 5 million downloads
• Compass 9: Smart Compass – 1 million downloads
• and more

McFee’s research team discovered this malware, “Goldoson.” According to them, the malware collected data from different resources, including the user’s GPS location, WiFi-connected devices, Bluetooth devices, and installed apps.

Moreover, it could do ad fraud if a user clicks on any ad without taking consent from the user.

Android Malware Steals Data from Devices

If a user downloads and installs any application containing Goldoson, its library automatically logs the device and captures its configuration using a remote private server.

The configuration includes all the parameters Android malware can run on the device for ad clicking and data stealing.

Every two days, it collects data by activating the function of data collection. Then, it sends the C2 server the list of geographical locations, installed apps, and MAC addresses of the devices connected via WiFi, Bluetooth, etc.

The data amount collected by the malware depended on the permissions provided by the user. For example, Devices with Android 11 or above provide high-level protection for data. So, they might be less affected compared to the lower versions.

However, McAfee also found that in recent OS versions, users gave malware enough permission to collect sensitive data of their devices in 10% of apps. Along with that, The function of ad-clicking is activated using a customized HTML code, various URL visits, WebView, and generating ad revenues.

Goldoson libraries are removed from the Google Play app. But, MaAfee warned the users to always check twice before allowing permissions to any application because the risk is still there.

Suggested:

How To Remove Malware From Computer.

The post “Goldoson,” an Android Malware, Invade 60 Applications on Google Play appeared first on Tricky Enough.