Connect with us

Featured

Facebook fakes behind most phishing attempts

In the first quarter of 2018, Kaspersky Lab’s anti-phishing technologies prevented more than 3.7 million attempts to visit fraudulent social network pages of which 60% were fake Facebook pages.

Published

on

The results, according to the Kaspersky Lab report, ‘Spam and phishing in Q1 2018’, demonstrates that cybercriminals are still doing what they can to get their hands on personal data.

Social network phishing is a form of cybercrime that involves the theft of personal data from a victim’s social network account. The fraudster creates a copy of a social networking website (such as a fake Facebook page), and tries to lure unsuspecting victims to it, forcing them to give up their personal data – such as their name, password, credit card number, PIN code, and more – in the process.

At the beginning of the year, Facebook was the most popular social networking brand for fraudsters to abuse, and Facebook pages were frequently faked by cybercriminals to try and steal personal data via phishing attacks. This is part of a long-term trend: in 2017, Facebook became one of the top three targets for phishing overall, at nearly 8%, followed by Microsoft Corporation (6%) and PayPal (5%). In Q1 2018, Facebook also led the social network phishing category, followed by VK – a Russian online social networking service and LinkedIn. The reason for this is likely to be the worldwide 2.13 billion active monthly Facebook users, including those who log in to unknown apps using their Facebook credentials, thereby granting access to their accounts. This makes unwary Facebook users a profitable target for cybercriminal phishing attacks.

This all reinforces the fact that personal data is valuable in the world of information technology –both for legitimate organisations and attackers. Cybercriminals are constantly searching for new methods to hit users, so it’s important to be aware of fraudster techniques to avoid becoming the next target. For example, the latest trend is spam emails related to GDPR (Europe’s General Data Protection Regulation).  Examples include offers of paid webinars to clarify the new legislation, or invitations to install special software that will provide access to online resources to ensure compliance with the new rules.

“The continuous increase in phishing attacks – targeting both social networks and financial organisations – shows us that users need to pay more serious attention to their online activities. Despite the recent global scandals, people continue to click on unsafe links and allow unknown apps access to their personal data. Due to this lack of user vigilance, the data on a huge number of accounts gets lost or extorted from users. This can then lead to destructive attacks and a constant flow of money for the cybercriminals,” said Nadezhda Demidova, lead web content analyst at Kaspersky Lab.

Kaspersky Lab experts advise users to take the following measures to protect themselves from phishing:

  • Always check the link address and the sender’s email before clicking anything – even better, don’t click the link, but type it into your browser’s address line instead.
  • Before clicking any link, check if the link address shown, is the same as the actual hyperlink (the real address the link will take you to) – this can be checked by hovering your mouse over the link.
  • Only use a secure connection, especially when you visit sensitive websites. As a minimum precaution, do not use unknown or public Wi-Fi without a password protection. For maximum protection, use VPN solutions that encrypt your traffic. And remember: if you are using an insecure connection, cybercriminals can invisibly redirect you to phishing pages.
  • Check the HTTPS connection and domain name when you open a webpage. This is especially important when you are using websites which contain sensitive data – such as sites for online banking, online shops, email, social media sites etc.
  • Never share your sensitive data, such as logins and passwords, bank card data etc., with a third party. Official companies will never ask for data like this via email.
  • Use a reliable security solution with behaviour-based anti-phishing technologies, such as Kaspersky Total Security, to detect and block spam and phishing attacks.

Other key findings in the report include:

Phishing:

  • The main targets of phishing attacks have remained the same since the end of last year. They are primarily global Internet portals and the financial sector, including banks, payment services and online stores.
  • About $35,000 USD was stolen through one phishing site that appeared to offer the opportunity to invest in the rumoured Telegram ICO. Approximately $84,000 USD was stolen following a single phishing email mailshot related to the launch of ‘The Bee Token’ ICO.
  • Financial phishing continues to account for almost half of all phishing attacks (43.9%), which is 4.4% more compared to the end of last year. Attacks against banks, e-shops, and payment systems remain the top three, demonstrating cybercriminals’ desire to access users’ money.
  • Brazil was the country with the largest share of users attacked by phishers in the first quarter of 2018 (19%). It was followed by Argentina (13%), Venezuela (13%), Albania (13%), and Bolivia (12%).

Spam:

  • In the first quarter of 2018, the amount of spam peaked in January (55%). The average share of spam in the world’s email traffic was 52%, which is 4.6% lower than the average figure of the last quarter of 2017.
  • Vietnam became the most popular source of spam, overtaking the U.S. and China. Others in the top 10 included India, Germany, France, Brazil, Russia, Spain, and the Islamic Republic of Iran.
  • The country most targeted by malicious mailshots was Germany. Russia came second, followed by United Kingdom, Italy, and the UAE.

Featured

The hacker, the scrapheap, and the first Apollo computer

Three years ago, a Tshwane computer engineer tracked down the “lost” first Apollo space flight guidance computer. ARTHUR GOLDSTUCK retells the story on Apollo 11’s 50th anniversary.

Published

on

It’s not often that a YouTube video on a technical topic gives one goosebumps. And it’s not often that someone unpacking a computer makes history.

Francois Rautenbach, a computer hardware and software engineer from Tshwane, achieved both with a series of videos he quietly posted on YouTube in 2016, and shared by Gadget.

AS-202 launch (2)
Flight AS-202 lifts off on 25 August 1966.

It showed the “unboxing” of a batch of computer modules that had been found in a pile of scrap metal 40 years ago and kept in storage ever since. Painstaking gathering of a wide range of evidence, from documents to archived films, had convinced Rautenbach he had tracked down the very first Guidance and Navigation Control computer, used on a test flight of the Saturn 1B rocket and the Apollo Command and Service Modules.

SAMSUNG CSC
The Rope Memory Modules from Flight AS-202’s Guidance Computer.

Apollo-Saturn 202, or Flight AS-202, as it was officially called, was the first to use an onboard computer – the same model that would eventually take Apollo 11 to the moon. Rautenbach argued that the computer on AS-202 was also the world’s first microcomputer. That title had been claimed for several computers made in later years, from the Datapoint 2200 built by CTC in 1970 to the Altair 8800 designed in 1974. The AS-202 flight computer goes back to the middle of the previous decade.

500004792-03-01
The Apollo lunar module, flown to the moon using the same Guidance Computer model that had been successfully tested on Flight AS-202.

His video succinctly introduced the story: “On 25th August 1966,  a very special computer was launched into space onboard Apollo flight AS-202. This was the first computer to use integrated circuits and the first release of the computer that took the astronauts to the moon. Until recently, the software for the Block 1 ACG (Apollo Guidance Computer) was thought to be lost…”

One can be forgiven for being sceptical, then, when he appeared on screen for the first time to say, “I’ve got here with me the software for the first microcomputer.”

Then he unwrapped the first package and says: “Guys, these modules contain the software for the first microcomputer that was ever built, that was ever used.”

The goosebumps moment came when he revealed the NASA serial number on a device called a Rope Memory Module, and declared: “These modules are the authentic flight AS-202 software modules. These were found on a rubbish dump, on a scrap metal heap, about 40 years ago … and we are going to extract the software from this module.”

In a series of three videos, he extracted the software, showed how the computer was constructed, and used a hospital X-Ray machine to inspect its insides. The third video started with the kind of phrase that often sets off the hoax-detectors in social media: “Okay, so you guys won’t believe what I’ve been doing today.” But, in this case, it was almost unbelievable as Rautenbach took the viewer through a physical inspection of the first Apollo guidance computer.

How did an engineer from Tshwane stumble upon one of the great treasures of the computer age? He tended to avoid the limelight, and described himself as “a hardware/software engineer who loves working on high-velocity projects and leading small teams of motivated individuals”.

In an interview with Gadget, he said: “I am the perpetual hacker always looking for a new challenge or problem to solve. I have experience in designing digital hardware and writing everything from embedded firmware to high-level security systems. Much of the work I did over the last five years revolved around building new and creative payment solutions.”

The breadth of his work gave him the expertise to investigate, verify, and extract the magic contained in the AS-202 computer. A global network of contacts led him to the forgotten hardware,  and that is when the quest began in earnest.

“I got interested in the Apollo Guidance Computer after reading a book by Frank O’Brien (The Apollo Guidance Computer: Architecture and Operation). Most of us grew up with the fallacy that the AGC was less powerful than a basic programmable calculator. I discovered that this was far from the truth and that the AGC was in fact a very powerful and capable computer.

“I started communicating with experts in the field and soon realised that there was a wealth of information available on the AGC and the Apollo space program in general.

“One day I received some photos of AGC Rope Memory modules from a friend in Houston marked ‘Flight 202’. After a little googling, I realised that these modules contained the software from Flight AS-202. As I learned more about AS-202, I discovered that this was the first time the AGC was used in an actual flight.”

Rautenbach eventually tracked down the source of the photos: a man who had picked up the entire computer, with memory modules, at an auction, as part of a three-ton lot of scrap metal.

“At one point he opened up to me and said he had other modules. He admitted he had a full Apollo guidance computer, and my theory was that it was used to develop the Apollo 11 guidance computer.  He sent me more information, and I thought he had THE computer.

“He’s got all this junk in his backyard. He started selling stuff on eBay and one day got a visit from the FBI wanting to know where he got it. He was able to find the original invoice and showed it to them and they went away. But it scared him and he didn’t want to tell anyone else in the USA what he had. Not being from America was an advantage.”

Rautenbach flew to Houston last year, opened the sealed packages and filmed the process.

“This was the first microcomputer. I opened it and played with it.  I realised this was the first computer that actually flew. I also found Rope Memory modules that said Flight 202, and he didn’t know what that was. I found it was from AS-202, and I said we can extract stuff from this.”

Rautenbach paid a deposit to borrow the units and have them sent to South Africa, so that he could extract and rebuild the software. He also made contact with Eldon Hall, leader of the team that developed the Apollo guidance computer and author of the 1966 book, Journey to the Moon: The History of the Apollo Guidance Computer.

The correspondence helped him verify the nature of the “scrap”. The Apollo command module from flight AS-202 was restored and is now on permanent display on the USS Hornet, the legendary aircraft carrier used to recover many Apollo command modules and now a museum. However, the computer parts were sold as scrap in 1976. And NASA never preserved a single copy of the software that had been used on its first guidance computer.

Fortunately, a sharp-eyed speculator realised the lot may contain something special. He sold off some of the scrap over the years, until that visit by the FBI. He still preferred to remain nameless.

In August 2016, on the 50th anniversary of the launch of AS-202, Rautenbach quietly began posting the evidence online. He also announced that the raw data he had extracted would be made available to anyone who wished to analyse it.

His videos on the unboxing of the AS-202 computer and the extraction of the software can be viewed on YouTube at http://bit.ly/as202, where he also planned to post instructions for accessing the software.

  • Arthur Goldstuck is founder of World Wide Worx and editor-in-chief of Gadget.co.za. Follow him on Twitter and Instagram on @art2gee

NASA’s description of flight AS-202 can be found at: http://nssdc.gsfc.nasa.gov/nmc/spacecraftDisplay.do?id=APST202

Technical specifications of the Apollo Guidance Computer can be found at: https://en.wikipedia.org/wiki/Apollo_Guidance_Computer

Apollo comes back to Pretoria

Francois Rautenbach pointed out that South Africa played a prominent role during the 93 minutes of flight AS-202: “Pretoria is mentioned no less than three times in the post-flight report. The AS-202 flight actually reached it’s highest point above South Africa. The telemetry data from the flight were recorded on computer tape at Hartebeesthoek and later shipped back to NASA.”

Continue Reading

Featured

Homemation creates comfort through smart homes

Home automation is more than just turning the lights on and off, Homemation’s Gedaliah Tobias tells BRYAN TURNER

Published

on

The world is taking interior design notes from the Danish, in a style of living called hygge (pronounced hoo-gah). Its meaning varies from person to person: some see hygge as a warm fire on a cold winter’s night, others see it as a cup of hot coffee in the morning. The amount of “good feelings” one gets from these relaxing activities depends on what one values as indulgent.

But how does technology fit into this “art of feeling good”?

We asked Homemation marketing manager Gedaliah Tobias to take us through a fully automated home of the future and show us how automation creates comfort and good feelings.

“The house is powered by Control4, which you can think of as the brain of the smart home,” says Tobias. “It controls everything from the aircon to smart vacuum cleaners.”

The home of the future is secured by a connected lock. It acts like other locks with keypads and includes a key in the event of a power interruption. The keypad is especially useful to those who want to provide temporary access to visitors, staff, or simply kids who might lose their parents’ house keys.

“The keypad is especially useful for temporary access,” says Tobias. “For example, if you have a garden service that needs to use the home for the day, they can be given a code that only turns off the perimeter alarm beams in the garden for the day and time. If that code is used outside of the day and time range, users can set up alerts for their armed response to be alerted. This type of smart access boosts security.”

Once inside, one is greeted with a “scene” – a type of recipe for electronic success. The scene starts by turning on the lights, then by alerting the user to disarm the alarm. After the alarm is disarmed, the user can start another more complicated scene.

“Users can request customised scene buttons,” says Tobias. “For example, if I press the ‘Dinner call’ scene, the lights start to flash in the bedroom, there’s an announcement from the smart speakers, the blinds start to come down, the lighting is shifted to the dinner table. Shifting focus with lighting creates a mood to bring the house together for dinner.”

Homemation creates these customised scene buttons to enable users to control their homes without having to use another device. In addition to scene buttons, there are several ways to control the smart home.

 “Everything in the smart home is controllable from your phone, the touchscreens around the house, the TV, and the dedicated remote control. Everyone is different, so having multiple ways to control the house is a huge value add.”

We ask Tobias where Homemation recommends non-smart home users should start on their smart home journey.

“Before anything, the Control4 infrastructure needs to be set up. This involves a lot of communications and electrical cabling to be run to different areas of the home to enable connectivity throughout the home. After the infrastructure is set up, the system is ready for smart home devices, like lighting and sound.”

“For new smart home users, the best bang for their buck would be to start with lighting once the infrastructure is set up. Taking it one step at a time is wise.”

•    For more information, visit https://www.homemation.co.za/

Continue Reading

Trending

Copyright © 2019 World Wide Worx