Archive

Archive for March, 2020

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

March 31, 2020 Leave a comment

A spear-phishing attack this week hooked a customer service employee at GoDaddy.com, the world’s largest domain name registrar, KrebsOnSecurity has learned. The incident gave the phisher the ability to view and modify key customer records, access that was used to change domain settings for a half-dozen GoDaddy customers, including transaction brokering site escrow.com.

Escrow.com helps people safely broker all sorts of transactions online (ironically enough, brokering domain sales is a big part of its business). For about two hours starting around 5 p.m. PT Monday evening, Escrow.com’s website looked radically different: Its homepage was replaced with a crude message in plain text:

The profanity-laced message left behind by whoever briefly hijacked the DNS records for escrow.com. Image: Escrow.com

DomainInvesting.com’s Elliot Silver picked up on the change and got a statement from Matt Barrie, the CEO of freelancer.com, which owns escrow.com.

“During the incident, the hackers changed the DNS records for Escrow.com to point to to a third party web server,” Barre wrote, noting that his security team managed to talk to the hacker responsible for the hijack via telephone.

Barrie said escrow.com would be sharing more details about the incident in the coming days, but he emphasized that no escrow.com systems were compromised, and no customer data, funds or domains were compromised.

KrebsOnSecurity reached out to Barrie and escrow.com with some follow-up questions, and immediately after that pinged Chris Ueland, CEO of SecurityTrails, a company that helps customers keep track of their digital assets.

Ueland said after hearing about the escrow.com hack Monday evening he pulled the domain name system (DNS) records for escrow.com and saw they were pointing to an Internet address in Malaysia — 111.90.149[.]49 (that domain is hobbled here because it is currently flagged as hosting a phishing site). The attacker also obtained free encryption certificates for escrow.com from Let’s Encrypt.

Running a reverse DNS lookup on this 111.90.149[.]49 address shows it is tied to fewer than a dozen domains, including a 12-day-old domain that invokes the name of escrow.com’s registrar — servicenow-godaddy[.]com. Sure enough, loading that domain in a browser reveals the same text that appeared Monday night on escrow.com, minus the redaction above.

The message at servicenow-godaddy[.]com was identical to the one displayed by escrow.com while the site’s DNS records were hacked.

It was starting to look like someone had gotten phished. Then I heard back from Matt Barrie, who said it wasn’t anyone at escrow.com that got phished. Barrie said the hacker was able to read messages and notes left on escrow.com’s account at GoDaddy that only GoDaddy employees should have been able to see.

Barrie said one of those notes stated that certain key changes for escrow.com could only be made after calling a specific phone number and receiving verbal authorization. As it happened, the attacker went ahead and called that number, evidently assuming he was calling someone at GoDaddy.

In fact, the name and number belonged to escrow.com’s general manager, who played along for more than an hour talking to the attacker while recording the call and coaxing information out of him.

“This guy had access to the notes, and knew the number to call,” to make changes to the account, Barrie said. “He was literally reading off the tickets to the notes of the admin panel inside GoDaddy.”

A WHOIS lookup on escrow.com Monday evening via the Windows PowerShell built into Windows 10. Image: SecurityTrails

In a statement shared with KrebsOnSecurity, GoDaddy acknowledged that on March 30 the company was alerted to a security incident involving a customer’s domain name. An investigation revealed a GoDaddy employee had fallen victim to a spear-phishing attack, and that five other customer accounts were “potentially” affected — although GoDaddy wouldn’t say which or how many domains those customer accounts may have with GoDaddy.

“Our team investigated and found an internal employee account triggered the change,” the statement reads. “We conducted a thorough audit on that employee account and confirmed there were five other customer accounts potentially impacted.”

The statement continues:

“We immediately locked down the impacted accounts involved in this incident to prevent further changes. Any actions done by the threat actor have been reverted and the impacted customers have been notified. The employee involved in this incident fell victim to a spear-fishing or social engineering attack. We have taken steps across our technology, processes and employee education, to help prevent these types of attacks in the future.”

There are many things domain owners can and should do to minimize the chances that domain thieves can wrest control over a business-critical domain, but much of that matters little if and when someone at your domain name registrar gets phished or hacked.

But increasingly, savvy attackers are focusing their attention on targeting people at domain registrars, and at their support personnel. In January, KrebsOnSecurity told the harrowing story of e-hawk.net, an online fraud prevention and scoring service that had its domain name fraudulently transferred to another provider after someone social engineered a customer service representative at e-hawk’s registrar.

Nation-state level attackers also are taking a similar approach. A massive cyber espionage campaign targeting a slew of domains for government agencies across the Middle East region between 2018 and 2019 was preceded by a series of targeted attacks on domain registrars and Internet infrastructure firms that served those countries.

While there is very little you can do to prevent your domain registrar from getting phished or tricked by scammers, there are several precautions that you can control. For maximum security on your domains, consider adopting some or all of the following best practices:

-Use 2-factor authentication, and require it to be used by all relevant users and subcontractors.

-In cases where passwords are used, pick unique passwords and consider password managers.

-Review the security of existing accounts with registrars and other providers, and make sure you have multiple notifications in place when and if a domain you own is about to expire.

-Use registration features like Registry Lock that can help protect domain name records from being changed. Note that this may increase the amount of time it takes going forward to make key changes to the locked domain (such as DNS changes).

-Use DNSSEC (both signing zones and validating responses).

-Use access control lists for applications, Internet traffic and monitoring.

-Monitor the issuance of new SSL certificates for your domains by monitoring, for example, Certificate Transparency Logs.

from Krebs on Security https://ift.tt/2QZmwun
via IFTTT

New York Attorney General Looks Into Zoom’s Privacy Practices by Danny Hakim and Natasha Singer

March 31, 2020 Leave a comment


By Danny Hakim and Natasha Singer

As the videoconferencing platform’s popularity has surged, Zoom has scrambled to address a series of data privacy and security problems.

Published: March 29, 2020 at 06:00PM

from NYT Technology https://ift.tt/2WUUBiY
via IFTTT

Categories: Internet Tags: ,

Moment Springtime Sale: Our Favorite Deals on Lenses and Gear

March 31, 2020 Leave a comment

You can score some great cases, bags, and other mobile gear today, at a discount.

from Gear Latest https://ift.tt/2R0hA8s
via IFTTT

Categories: Internet Tags: ,

Defense Evasion Dominated 2019 Attack Tactics

March 31, 2020 Leave a comment

Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.

from Dark Reading: https://ift.tt/2QYuWlw
via IFTTT

‘Hope You’re Well’: Emailing Through a Time of Pandemic

March 31, 2020 Leave a comment

“Think twice before you hit Send” has long been solid advice. Now, we need thoughtful emails more than ever.

from Gear Latest https://ift.tt/2Ju7Sa9
via IFTTT

Categories: Internet Tags: ,

Tras 8 años de historia, LG podría poner fin a la serie G para resucitar su mítica marca “Chocolate”

March 31, 2020 Leave a comment

No viven en LG los mejores momentos de su historia, no al menos su división de móviles que acumula pérdidas en los últimos trimestres, pero la fórmula para su vuelta al éxito la tienen bien clara en la cúpula del gigante surcoreano, que buscará el factor sorpresa para volver a la vanguardia conmóviles que nos dejen con la boca abierta. El primero de la clase en 2020 ha sido un

Entra en Andro4all para leer el artículo completo

Puedes unirte a nosotros en Twitter, Facebook o en Google+

¡Suscríbete a nuestro canal de YouTube!

Publicado recientemente en Andro4all

La entrada Tras 8 años de historia, LG podría poner fin a la serie G para resucitar su mítica marca “Chocolate” se publicó primero en Andro4all.

from Andro4all https://ift.tt/2WYzITO
via IFTTT

Categories: Internet Tags: , ,

Traducción asistida por computadora. Algunas herramientas de código abierto

March 31, 2020 Leave a comment

Traducción asistida por computadora
A la hora de transcribir un texto de un idioma a otro, los traductores profesionales o amateurs encuentran en la tecnología un aliado confiable. En el caso de los no profesionales, estos suelen recurrir a las tecnologías de traducción automática cuyo resultado no es del todo perfecto, pero que muchas veces alcanzan para entender el sentido de un texto o hacerse entender en una conversación. Hablamos de servicios como Deepl O los traductores de Bing y Google.

Los programas de traducción asistida por computadora, también conocido como programas TAC, son herramientas que ayudan a los traductores y lingüistas a trasladar el texto a otro idioma.
Esa es entonces la principal diferencia  con los servicios online de  traducción automática, los programas de traducción asistida por computadoras ayudan a los humanos a traducir el texto y mantienen uana base de datos reutilizable de términos, frases y sus equivalencias en otros idiomas.

Componentes de un programa para traducción asistida por computadora

  • Memoria de traducción: En ella se almacenan frases completas y sus equivalentes en otros idiomas.
  • Almacén de palabras: Se guardan palabras sueltas y su traducción a otros idiomas.
  • Diccionario: Guarda las palabras, su significado, la forma correcta de escribirlas y sus sinónimos.
  • Motor de traducción automático: Permite ahorrar el trabajo del profesional humano.

Funcionamiento de este tipo de programas

El software de traducción asistida por ordenador divide el contenido en pequeños segmentos de texto de acuerdo a las reglas establecidas por el profesional de la traducción.  Estos segmentos se comparan con los segmentos de texto gurdados previamente en la memoria de traducción.

Se buscan algunos de estos 4 tipos de consecuencias:

  1. De contexto.
  2. Exacta.
  3. Difusa.
  4. De fragmentos.

Cuando se obtiene la coincidencia, se inserta en el campo de traducción.

En caso de no encontrarla, el programa puede proporcionar algunas sugerencias o permitir al traductor profesional la búsqueda en base de datos en línea.

Cada vez que se genera un segmento traducido nuevo, este se almacena en la memoria de traducción.

Por último, el texto traducido podrá guardarse a diferentes formatos.

Algunas herramientas de código abierto

Omega T

Es una herramienta de traducción escrita en Java por lo que puede usarse en Windows, Linux o macOS. Su interfaz simple facilita la traducción de documentos complejos.

Algunas características

  • Trabaja con múltiples archivos en múltiples formatos.
  • Se puede consultar un número ilimitado de memorias de traducción, glosarios y diccionarios en forma simultánea.
  • Los usuarios pueden personalizar las extensiones y codificaciones de los archivos.
  • Segmentación basada en lenguaje, formato de archivos y expresiones regulares.
  • Se pueden acceder a servicios online de traducción automática.

Virtaal

Es una herraminta que permite concentrarse en la tarea de traducir. Se puede usar para convertir, contar, manipular, revisar y depurar textos. Incluye potentes funciones que ayudan a traducir con precisión y rapidez. Además, tiene una interfaz de usuario despejada, lo que hace que sea fácil de usar.

Algunas características

  • Diseño simple e intuitivo.
  • Visualización de comentarios de otros traductores.
  • Revisión de la ortografía tanto en el texto original como en el traducido.
  • Se puede utilizar en pantallas de tamaño reducido.
  • Soporte para mútliples formatos de archivo.
  • Navegación rápida y fácil dentro de un archivo.

Lokalize

Un software que hará las delicias de los fundamentalistas del software libre. Creada y mantenida por el proyecto KDE,  es un sistema de traducción asistido por computadora con el que puede traducir archivos OpenDocument (*.odt). El programa extrae el texto a traducir y lo convierte en el formato .xliff. Una vez traducido lo vuelve a guardar en formato .odt.

.Xliff (XML Localization Interchange File Format) es un formato basado en XML creado para ser el estándar en los trabajos de traducción de software. Su uso fue aprobado por la Organización para el Avance de Estándares de Información Estructurada. Un consorcio internacional sin fines de lucro que se orienta al desarrollo, la convergencia y la adopción de los estándares de comercio electrónico y servicios web.

Algunas características

  • Amplias funcionalidades de edición.
  • Flexibilidad en la navegación del os documentos.
  • Capacidad de comprobación de la sintaxis.
  • Función de recopilación de estadísticas.

from Linux Adictos https://ift.tt/2wRvenw
via IFTTT

Categories: Internet, Linux Tags: , ,