Tag: hacked

Yes, Your Home Wi-Fi Network Can Be Hacked: These 10 Tips Can Prevent It

Floo

This story is part of Home Tips, CNET’s collection of practical advice for getting the most out of your home, inside and out.

Your home Wi-Fi network might not be as safe as you think. In 2021, internet crime cost Americans more than $6.9 billion. While phishing and scams contributed to the losses, personal data breaches were also significant. In many cases, those personal data breaches could have been prevented by just a little home network security.

CNET Home Tips logo

The average US household has more than 10 devices connected to its home Wi-Fi network. From laptops and tablets to phones, smartwatches and streaming devices, the number can ramp up quickly, and each is potentially vulnerable to hacking. With so much data stored on those devices — credit card numbers, bank records, login credentials and other personal and private information — you want to ensure you’re protecting yourself from hackers if your network is ever compromised.

Shopping for a faster internet speed?

We’ll send you the fastest internet options, so you don’t have to find them.

A secure home network will help reduce the risk of getting hacked and having someone access your sensitive information. Not only that, it will keep away unwanted or unauthorized users and devices that would slow down your connection or freeload on the internet service you pay for.

It’s fairly simple to create and maintain a secure home Wi-Fi network. Below, you’ll find 10 tips for securing your network. Some are more effective than others at keeping hackers and freeloaders at bay, but all are useful in their own way. Keep in mind that nothing can guarantee absolute security from hacking attempts, but these tips will make it harder for anyone to compromise your network and data.

How to secure your home Wi-Fi network

Here are the basics for protecting your home Wi-Fi network. Keep reading for more information on each below.

1. Place your router in a central location.

2. Create a strong Wi-Fi password and change it often.

3. Change the default router login credentials.

4. Turn on firewall and Wi-Fi encryption.

5. Create a guest network.

6. Use a VPN.

7. Keep your router and devices up to date.

8. Disable remote router access.

9. Verify connected devices.

10. Upgrade to a WPA3 router.

Place your router in a central location

Strong network security starts with a smart setup. If possible, place your router at the center of your home. Routers send wireless signals in all directions, so strategically placing your router in a central location will help keep your connection to the confines of your home. As a bonus, it will likely also make for the best connection quality.

For example, if you have internet in an apartment where neighbors are immediately to the left and right of you, placing your router next to a shared wall could send a strong, and tempting, signal their way. Even if you

Read More... Read More

FBI system hacked to email ‘urgent’ warning about fake cyberattacks

Floo

The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email impersonating FBI warnings that the recipients’ network was breached and data was stolen.

The emails pretended to warn about a “sophisticated chain attack” from an advanced threat actor known, who they identify as Vinny Troia. Troia is the head of security research of the dark web intelligence companies NightLion and Shadowbyte

The spam-tracking nonprofit SpamHaus noticed that tens of thousands of these messages were delivered in two waves early this morning. They believe this is just a small part of the campaign.

Legitimate address delivers fake content

Researchers at the Spamhaus Project, an international nonprofit that tracks spam and associated cyber threats (phishing, botnets, malware), observed two waves of this campaign, one at 5 AM (UTC) and a second one two hours later.

The messages came from a legitimate email address – [email protected] – which is from FBI’s Law Enforcement Enterprise Portal (LEEP), and carried the subject “Urgent: Threat actor in systems.”

All emails came from the FBI’s IP address 153.31.119.142 (mx-east-ic.fbi.gov), Spamhaus told us.

Fake cyber attack alert from legit FBI email address

The message warns that a threat actor has been detected in the recipients’ network and has stolen data from devices.

Our intelligence monitoring indicates exfiltration of several of your virtualized clusters in a sophisticated chain attack. We tried to blackhole the transit nodes used by this advanced persistent threat actor, however there is a huge chance he will modify his attack with fastflux technologies, which he proxies trough multiple global accelerators. We identified the threat actor to be Vinny Troia, whom is believed to be affiliated with the extortion gang TheDarkOverlord, We highly recommend you to check your systems and IDS monitoring. Beware this threat actor is currently working under inspection of the NCCIC, as we are dependent on some of his intelligence research we can not interfere physically within 4 hours, which could be enough time to cause severe damage to your infrastructure.


Stay safe,

U.S. Department of Homeland Security | Cyber Threat Detection and Analysis | Network Analysis Group

Spamhaus Project told BleepingComputer that the fake emails reached at least 100,000 mailboxes. The number is a very conservative estimate, though, as the researchers believe “the campaign was potentially much, much larger.”

In a tweet today, the nonprofit said that the recipients were scraped from the American Registry for Internet Numbers (ARIN) database.

While this looks like a prank, there is no doubt that the emails originate from the FBI’s servers as the headers of the message show that its origin is verified by the DomainKeys Identified Mail (DKIM) mechanism.

Received: from mx-east-ic.fbi.gov ([153.31.119.142]:33505 helo=mx-east.fbi.gov)
envelope-from 
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=fbi.gov; s=cjis; t=1636779463; x=1668315463;
  h=date:from:to:message-id:subject:mime-version;
  bh=UlyBPHe3aElw3Vfnk/pqYLsBAoJGDFR1NyZFcSfpl5g=;
  b=N3YzXzJEbQCTJGh8qqjkYu/A5DTE7yoloPgO0r84N+Bm2ae6f+SxzsEq
   nbjnF2hC0WtiVIMMUVGzxWSiZjq1flEygQGI/JVjjk/tgVVPO5BcX4Os4
   vIeg2pT+r/TLTgq4XZDIfGXa0wLKRAi8+e/Qtcc0qYNuTINJDuVxkGNUD
   62DNKYw5uq/YHyxw+nl4XQwUNmQCcT5SIhebDEODaZq2oVHJeO5shrN42
   urRJ40Pt9EGcRuzNoimtUtDYfiz3Ddf6vkFF8YTBZr5pWDJ6v22oy4mNK
   F8HINSI9+7LPX/5Td1y7uErbGvgAya5MId02w9r/p3GsHJgSFalgIn+uY
   Q==;
   X-IronPort-AV: E=McAfee;i="6200,9189,10166"; a="4964109"
   X-IronPort-AV: E=Sophos;i="5.87,231,1631577600"; 
   d="scan'208";a="4964109"
Received: from dap00025.str0.eims.cjis ([10.67.35.50])
  by wvadc-dmz-pmo003-fbi.enet.cjis with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Nov 2021 04:57:41 
+0000
Received: from dap00040.str0.eims.cjis (dap00040.str0.eims.cjis [10.66.2.72])
	by dap00025.str0.eims.cjis (8.14.4/8.13.8) with ESMTP id 1AD4vf5M029322
	for ; Fri,
Read More... Read More