Es curioso como cambian las cosas. Si bien en 2021 salía un documento, presuntamente del FBI, poniendo a #Telegram por encima de #Signal y #Threema en cuestión de privacidad porque la compañía siempre se niega a colaborar con las autoridades y porque por mucho que se teorice sobre sus debilidades no han llegado a hackearlo, lo que sí hackearon los rusos fueron smartphones específicos, probablemente con algun malware como Pegasus (o infiltrándose en chats grupales), para acceder a conversaciones.
En conclusión, sí. Cosas como #Whatsapp, #Avast, e #EasyAntiCheat son menos seguras que muchas de sus alternativas, pero también hay que cuidar otros factores.
No podemos quejarnos de nuestro sistema de seguridad cuando somos nosotros quienes dejamos la puerta abierta.
La mejor seguridad y privacidad provienen de educarse sobre el tema y mantener una disciplina al respecto. Y aun así siempre habrán riesgos que se deben saber reconocer y mitigar.
Avast prometteva di proteggere la #privacy degli utenti con i suoi prodotti, ma in realtà ha fatto l’esatto opposto. Tra il 2014 e il 2020, la software house ha raccolto numerose informazioni sensibili.
Edit: just to be clear: most anti-malware products deployed major security issues like open backdoors on many Millions of computers in the past. It's a #snakeoil business where users pay for a false feeling of security and tend to take higher risks. Almost all companies that got #ransomware had anti-malware in place.
New, by me: The U.S. Federal Trade Commission said it will ban the antivirus giant Avast from selling consumers’ web browsing data to advertisers.
Avast will pay $16.5 million to settle the FTC's allegations that it sold the sensitive browsing data of millions of its customers collected from its browser extensions (ostensibly to provide privacy) to more than a hundred other companies.
Avast One brings together antivirus, VPN, and a collection of other security, privacy, and performance features for all your devices, but you get more for your money from other cross-platform suites.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #44/2023 is out! It includes the following and much more:
➝ 🔓 #Okta hit by another #breach, this one stealing employee data from 3rd-party vendor
➝ 🔓 💸 #LastPass breach linked to theft of $4.4 million in crypto
➝ 🇮🇳 #India's Biggest Data Leak So Far? Covid-19 Test Info of 81.5Cr Citizens With ICMR Up for Sale
➝ 🔓 ✈️ #Lockbit ransomware group claims to have hacked #Boeing
➝ 🇳🇱 ⚖️ Dutch hacker jailed for extortion, selling stolen data on RaidForums
➝ 🇷🇺 🇺🇸 Russian Reshipping Service ‘SWAT USA Drop’ Exposed
➝ 🇮🇷 🦠 Iranian Cyber Spies Use ‘#LionTail’ Malware in Latest Attacks
➝ 📉 Security researchers observed ‘deliberate’ takedown of notorious #Mozi#botnet
➝ 🇮🇳 📱 Apple warns Indian opposition leaders of state-sponsored #iPhone attacks
➝ 🌍 Four dozen countries declare they won’t pay #ransomware ransoms
➝ 🇷🇺 How #Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate #Cybercrime
➝ 🇪🇺 EU digital ID reforms should be ‘actively resisted’, say experts
➝ 🇷🇺 🇺🇦 #FSB arrests Russian hackers working for Ukrainian cyber forces
➝ 🇺🇸 FTC orders non-bank financial firms to report breaches in 30 days
➝ 🇨🇦 📱 #Canada Bans #WeChat and #Kaspersky Apps On Government Devices
➝ 🇺🇸 #SEC Charges #SolarWinds and Its #CISO With Fraud and Cybersecurity Failures
➝ 🇺🇸 🤖 #Biden Wants to Move Fast on AI Safeguards and Will Sign an Executive Order to Address His Concerns
➝ 🦠 📱 #Avast confirms it tagged Google app as #malware on Android phones
➝ 🦠 🇰🇵 North Korean Hackers Targeting Crypto Experts with #KANDYKORN#macOS Malware
➝ 👥 💸 EleKtra-Leak #Cryptojacking Attacks Exploit #AWS IAM Credentials Exposed on #GitHub
➝ 🦠 🐍 Trojanized #PyCharm Software Version Delivered via #Google Search Ads
➝ ✅ 🤖 #GooglePlay adds security audit badges for Android #VPN apps
➝ 🔐 Microsoft pledges to bolster security as part of ‘Secure Future’ initiative
➝ 🆕 FIRST Releases #CVSS 4.0 Vuln Scoring Standard
➝ 🆕 #MITRE Releases ATT&CK v14 With Improvements to Detections, ICS, Mobile
➝ ⛔️ 🦠 #Samsung Galaxy gets new Auto Blocker anti-malware feature
➝ 🍏 🔐 #Apple Improves #iMessage Security With Contact Key Verification
➝ 🔓 Researchers Find 34 #Windows Drivers Vulnerable to Full Device Takeover
➝ 🔓 🪶 3,000 #Apache#ActiveMQ servers vulnerable to RCE attacks exposed online
➝ 🗣️ #Atlassian CISO Urges Quick Action to Protect #Confluence Instances From Critical #Vulnerability
➝ 🔓 🩸 “This vulnerability is now under mass exploitation.” #CitrixBleed bug bites hard
➝ 🐛 💰 HackerOne paid ethical hackers over $300 million in #bugbounties
📚 This week's recommended reading is: "Permanent Record" by Edward Snowden
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
Question for you tech peoples, about VPN. I've been offered 12-months free Avast SecureLine VPN. Is it any good, is there a better/more trustworthy one I should consider? I will use it on mobile and laptops for the family #VPN#Avast
Security company Avast has released a decryptor for the Akira ransomware, which helps victims to get their files back. To have a high success rate, users are asked to provide both the encrypted and original file, and use files with large file sizes. If you are a victim of Akira ransomware, assess the tool along with your IT, security teams and vendors and see how it can help you recover your files.