WiFi breach makes devices vulnerable to hacks, but there is a solution

Much to everyone’s concern, there have been discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs), notes krackattacks.com.

The “Krack” attack works by exploiting the “handshake” that a WiFi network and a device give to each other when the latter wants to join. Usually, the two decide on an encryption key for all future traffic, meaning that each device will only be able to read data if it has that key.

“Note that if your device supports Wi-Fi, it is most likely affected,” wrote security researcher Mathy Vanhoef, whose work was noted by the US government.

Read More

CyberGhost was awarded the badge of Excellent Service

We, at CyberGhost, have just become prouder of our achievements, as we have just been awarded a badge of Excellent Service by vpnMentor. Pride is just a small part because we are also very grateful to have received this badge thanks to our countless positive customer reviews.

According to vpnMentor, CyberGhost has reached a 4.5 rating out of 5 in customer reviews, which means we have managed to satisfy plenty of users with our top-class privacy and data protection features. So, we want to thank all Ghosties worldwide for trusting our app and for using it to secure their digital lifestyle.

Read More

Why U.S. Justice Department’s call on responsible encryption is not an option

U.S. Justice Department official Rod Rosenstein held a speech on Tuesday at the U.S. Naval Academy in which he criticized technology companies for helping out criminals and terrorists accomplish their plans through encryption software.

Directly pointing to Silicon Valley companies, he supported the idea of responsible encryption after mentioning several terrorism cases from the past. Tech companies refused to collaborate with the FBI despite the fact that the organization presented proper warrants that would have allowed them to access company databases.

Sure, this would have meant collecting only the data concerning terrorist suspects, but the reaction of companies is by far understandable. Once “inside” the system, law enforcement officers could easily break in and collect other important information as well, not related to terrorist suspects.

Responsible encryption or forced monitoring?

Many people (security specialists or not) fear that Rosenstein’s call for responsible encryption, while presenting strong arguments, is rather just another attempt to create a back door and legally monitor peoples’ lives online.

Saying that encryption methods are bad because they don’t help governments catch terrorists is just like saying that bulletproof vests should be banned simply because some criminals wear them when they are trying to escape the police. Yet, bulletproof vests have been a lifesaver for police officers, detectives and other law enforcement professionals.

Read More

Qatar blocks VoIP apps such as WhatsApp and Skype; here’s how to access them

If you are traveling to Qatar these days or maybe are a resident who wishes to communicate more easily with his/her business partners or remote family, recent news points out to a new block on standard Voice over IP (VoIP) apps, such as Skype, Facetime, Duo, Viber, and WhatsApp.

Legally speaking, there are no laws or rules that prohibit VoIP services in Qatar, unlike in the UAE for example. However, it appears that according to the website of Qatar’s Communications Regulatory Authority (CRA), no person or business can sell VoIP calls or services without a license. And currently, only Ooredoo and Vodafone, Qatar’s sole two ISPs, are licensed to do this.

Read More

Remote malware – hackers’ newest trend in ATM attacks

Trend Micro (a top cyber security software solutions company) along with Europol’s European Cybercrime Centre (EC3) have recently released a whitepaper explaining how new types of ATM thefts have started to emerge. These are happening particularly because many ATM networks don’t use updated software, thus don’t receive the latest security updates, which makes them extremely vulnerable when faced with digital frauds.

Hackers initiate the attack from the ATM network

Apparently, the new scheme no longer relies on cyber criminals physically standing in front of an ATM and using skimming devices, but attacking the ATM from inside, through their network. One of the easiest ways to infiltrate the ATM network is by sending phishing e-mails to bank employees; once they introduce a malicious code into the e-mail system, they capture valuable information about the employees’ daily tasks and they can also trace vulnerabilities of the ATM network.

The next and final step is to install malware on the ATM server. Mainly, the hackers use a code that generates a secret-key for each session. When a bank customer uses the same key, the code allows the hacker to empty the ATM.

Read More

Remember you have human rights on the internet too

We are living in one of the most dangerous eras in human history: we see attackers killing innocent people for no reason yet what happens probably more often, but not so obvious for everyone to see, are cyber-attacks and other online misdemeanors.

Although there is no need to panic or to constantly feel threatened and drastically change your lifestyle due to all these concerning events, some things truly need to be changed. In terms of your online behavior, you need to re-think your communication strategies and the way you use and protect your information.

The need to overcome the next generation of cyber threats

Along with the evolution of technology, new methods of digital outbreaks and violations come into force. This doesn’t mean that classical online hacks such as phishing and identity theft will go away, but they will take it to the next level along with other new hacking methods that will occur.

Read More

Curious about your genealogy? Mind the privacy risks in DNA tests

Taking do-it-yourself DNA tests from providers found online is a growing trend nowadays, as, by the end of the decade, the direct-to-consumer lab testing market is expected to reach $350 million.

Some of the purposes for these DNA tests are finding out where one’s ancestors come from, what health dangers are hidden in our genes or even if a child is truly ours.

Why is this happening, though? Why are people, suddenly, looking for their origins? Perhaps they feel that in an increasingly globalized world, we, as individuals are losing our identities and need to belong to a group or maybe it’s quite the opposite: we want to stand out from an apparently homogenous society.

Regardless of our reasons for taking these tests, though, one thing is clear. As for anything that’s too good or simple to be true, there are risks involved.

We are not talking about the accuracy of these tests, because others, more qualified on the matter, have tackled this subject thoroughly.

We are however discussing something one should always be careful about: online privacy.

 

Why would anyone be interested in your genetic data?

Your genetic data reveals precious information about you, more precious than you think. Drug companies, insurers and sometimes police would love to have a sneak peek into those.

Thinking of taking a #DNAtest from #genealogy websites? Consider the #privacy risks | #CyberGhost #tips Click to Tweet

Once you put your cheek swab in the mailbox, you are willingly sending a valuable copy of your genetic data to a group of strangers who can do as they please with your information. You may have signed a privacy agreement, but since this is a commercial service and not an academic research project, things can change overnight, as companies get bought, and your data could get sold along with that transaction.

Read More

© 2017 CyberGhost