Telegram incorporates chatbots into Telegram Business accounts
03/04/2024Telegram Business has announced the addition of chatbots among its features aimed at streamlining communication between companies and their clientele. The new automated assistants on this instant messaging application are designed to provide information automatically in response to predictable inquiries. This recent development was announced through the company's official blog, where Telegram also explained that the chatbots also have the option to provide links that direct customers to booking or order tracking. Additionally, these new automated assistants from Telegram Business are also capable of offering welcome messages and absence notifications, useful for informing customers, for example, about holiday closures. Telegram explains that thanks to this new feature of Telegram Business, user companies will be able to enhance their brand presence and foster lasting relationships with their customers by leveraging the power of automation along with personalized communication.
[ ... ]
Roku warns of unauthorized access to hundreds of its customers' accounts
19/03/2024A Roku investigation, the company that manufactures media streaming devices running Roku software to access all kinds of streaming content, has revealed unauthorized access to hundreds of its users' accounts, "likely due to compromised login credentials obtained from third-party sources unrelated to Roku," they said. According to the company itself, these credentials were used to access Roku accounts, where changes were made, including attempts to purchase streaming subscriptions. However, in an official statement, Roku said that any sensitive personal data such as full payment account numbers could not be accessed. The affected accounts were secured and required password resets, as well as the cancellation of unauthorized subscriptions. Roku has announced that it will refund its users for all unauthorized charges. "What can I do if I can't access Roku? Roku has reset all passwords for accounts affected by these unauthorized accesses, so if we are holders of one of them, we may not be able to access it in the usual way. To regain access, we should go to my.roku.com and use the "Forgot your password?" option. Additionally, the company recommends reviewing subscriptions and devices linked to the Roku account from the Roku account Dashboard."
[ ... ]
Mozilla allows the simultaneity of accounts in their VPN service
09/02/2022Mozilla has expanded the functionalities of the VPN function in Firefox, and from from now, will allow users to protect their browsing from different accounts. This function will prevent users from having to open new windows or applications to access their digital work tools and will not mix them with those for personal use. The new functionality allows is prepare to create containers with specific tabs that can be related to different environments, such as personal, work, shopping, banks and social networks, and even customize them with a different color and logo. Once this is done, the browsing histories and the 'cookies' of the pages, for example, will remain isolated from each other, offering an additional layer of privacy by protecting the browsing activity and allowing a different exit server to be set in a different location for each one of the containers. In addition, from now it will becomes possible for the same person to be register in two accounts in the same service. This new functionality of Mozilla VPN is first launched for the version for Android and iOS mobiles, and in September it will be available for desktop computers.
[ ... ]
A new FakeUpdates campaign targeting WordPress sites has been detected
20/03/2024Over the past few weeks, a new wave of the FakeUpdates malware, also known as SocGholish, has been detected, aimed at WordPress websites. The objective is to lure users into downloading remote access trojans, allowing attackers to take control of their systems. Since its emergence in 2017, FakeUpdates has been one of the most recurring malicious software in the cyber threat landscape. It has previously been associated with cybercriminal groups like Evil Corp, who monetize its use by selling access to infected systems. In this new campaign, cybercriminals are using JavaScript to target WordPress web pages, compromising compromised administrator accounts to introduce altered versions of WordPress plugins. These adulterated versions deceive users into downloading remote access trojans, granting attackers full control over infected devices. What is the most popular type of malware? In addition to the FakeUpdates attack, the threat index from Check Point Research, whose researchers have warned about this new attack, reveals around 200 suspicious content websites directed by ransomware groups. They utilize double extortion tactics to pressure victims into paying immediate ransoms. These attacks have impacted many companies, with the Lockbit3 ransomware being the most utilized by cybercriminals, followed by Play and 8base. The most exploited vulnerabilities by malicious actors include 'Web Servers Malicious URL Directory Traversal,' 'Command Injection Over HTTP,' and 'Zyxel ZyWALL Command Injection,' affecting numerous companies worldwide and allowing attackers to access and manipulate files or execute commands on compromised systems. In Spain, despite a 7% decrease in malware attacks in February, the most sought-after malware includes FakeUpdates, Qbot, and Pandora. In the case of FakeUpdates, it has affected 11.9% of companies in Spain. Mobile Malware In the realm of mobile devices, Anubis remains the most utilized malware in Spain, followed by AhMyth and Hiddad, all designed to compromise the security and privacy of Android device users by collecting confidential information and executing malicious actions.
[ ... ]
Google Business will display recent company posts on social media
18/03/2024Google has introduced a new feature in its Maps app and search engine that allows owners of Google Business profiles (GBP) to showcase the latest posts from their social media accounts. These business profiles are used by companies and organizations to manage their online presence and gather reviews of their services and products. Now, profile owners can add links to various social media platforms, including Facebook, Instagram, LinkedIn, Pinterest, TikTok, X (formerly Twitter), and YouTube to improve their online presence. How to add links to social networks in Google Business To add links to social networks in Google Business, you need to go to the profile editing menu and select the "Social Profiles" option within the Contact tab. Additionally, Google may automatically add social media links to business profiles that meet certain criteria, which can be edited or removed. This update, as explained by Google, aims to provide internet users with a more comprehensive view of company activities beyond the usual reviews and contact information.
[ ... ]
Meta warns about the vulnerability in password recovery linked to the recycling of phone numbers
22/02/2024Meta, a leader in social media, has announced that it will not assume responsibility for personal account theft on Instagram and Facebook related to password recovery through the use of recycled phone numbers. The company argues that it lacks control over telecommunications providers and users involved in this practice. Phone number recycling: an overlooked risk in a recent statement Meta revealed its inability to manage personal account thefts that occur when phone numbers are recycled by telecommunications carriers. This common practice among mobile phone companies involves reassigning discarded numbers to new customers, making them owners of a number previously used by another user. In countries like Spain, carriers wait for a period of 30 days before reassigning a number, but the risk persists if users do not unlink the number from digital services or associated platforms, such as social networks and emails. The danger of not unlinking phone numbers from digital accounts When users deactivate a phone number, whether due to a change of carrier or any other reason, carriers must wait before reassigning the number. However, failure to unlink this number from digital services can result in unauthorized access to personal accounts. In many services, linking the phone number is allowed for actions such as resetting passwords. Users, upon receiving a verification code on their number, can complete the login without the need for email validation or a password. This process, though accepted, can lead to unintentional unauthorized access. Meta warns users about the importance of unlinking phone numbers from digital accounts when deactivating them, insisting on the need to update associated information to prevent account theft.
[ ... ]
Detected a Trojan that emulates the WhatsApp account and fraudulently manages subscriptions to payment sites
17/10/2022Kaspersky researchers has reported that YoWhatsApp advertised on Snaptube and Vidmate, two of the most popular download platforms at the moment, is actually a Trojan capable to issuing paid subscriptions and stealing WhatsApp accounts. YoWhatsApp would act as a mod of the original messaging program, offering new functions that the official service does not allow, such as wallpapers, personalized fonts for chats and password-protected access to conversations, .... As Kaspersky researchers have explained, when a user installs YoWhatsApp on a device, it’s forced to log in to they real application account, and in this moment, Triada Trojan is activated, downloaded and executed on the terminal. Once this is done, the Trojan is capable of accessing the user's real WhatsApp account credentials, steal all the data, having already detected unauthorized subscriptions to paid subscriptions. Kaspersky recommends to install, only, Apps from official stores and reliable sources and they have insisted on the need to check always the permissions granted to each application. Installing an antivirus is another recommended measure.
[ ... ]
Less than half of Spaniards change their passwords when they separate from their partner
05/10/2022The email and social network accounts of one in five Spaniards (21%) have been subject to violation by a third party who has changed the passwords without the owner's knowledge or consent, attributing 37% of the victims this wrong use to their ex-partners. This data comes from the recent study carried out by Avast and Dynata on the degree of knowledge that Spaniards have of the passwords of their partners or relatives. In this study more than 2,000 Internet users have participated. Among the most striking results of this survey is that the collaborators who say they still know their ex's passwords, 56% of them has admit that they even know, also, their professional email passwords. 24% of those surveyed also claim that their location has been tracked without their consent due to knowing their password. This behavior, the authors of the study explain, can be considerated as technological abuse, which can be further aggravated by installing spyware or 'stalkwerware' on other people's devices or controlling or harassing someone through home technology.
[ ... ]
DuckDuckGo will offer their temporary or disposable mail service free
14/09/2022After launching the beta version of the new temporary or disposable mail service, 'Email Protection', DuckDuckGo has announced that once tested it is now available free for all users. 'Email Protection' is presented as a solution to be able to have a second 'e-mail' address to use in subscriptions and pages likely to send ‘spam'. Available from the DuckDuckGo mobile app and browsers, the service incorporates privacy protections against link tracking and smart encryption against unencrypted links, and features such as direct response. The accounts that are created through 'Email Protection' as a secondary email will contain the domain @duck.com and among the recommended uses proposed by DuckDuckGo are free trials or registration in services that usually send advertising or spam.
[ ... ]
Google ads a quick delete button to erase your recent search history
19/07/2021Google has just announced the addition of a quick delete browsing history feature in Chrome. This feature will save users from going to settings to delete the last visits done and with the intention of protection of personal data and privacy. The button is located in Chrome's main menu where you can access through the image of your Gmail account avatar. By clicking on the "Clear last 15 minutes" button, all searches performed in that period will disappear. In addition to this sort of "panic button" for quick deletion, Google also has an "auto-delete" feature, which we can configure to automatically and continuously delete our search history, along with other web and application activity, from our account after three, 18 or 36 months. By default, for new accounts the default automatic deletion option for web and app activity will be 18 months, but you can always choose to update your settings if you wish.
[ ... ]