Red Securium

Google announced a new security update to block users sign-in using Embedded browser frameworks in order to improve the protection against Phishing and MitM attacks. Jonathan Skelker, Product Manager and Account Security at Google said, “Form of phishing, known as “ man in the middle ” (MITM), is hard to detect when an embedded browser framework (e.g.,  Chromium Embedded Framework  – CEF) or another automation platform is being used for authentication. “ Cybercriminals abusing this technology to perform Man-in-the-Middle attacks and steal the user’s credentials by intercepting the web traffic when Embedded browsers frameworks help users for the automated login process. Embedded Browser Frameworks Lets Hackers Intercept the Traffic If any users enter the Google account credentials on the phishing page that using Embedded browser frameworks will automate the login process by interacting with the original Google server. Meanwhile,  MITM  attacker intercepts the commun

Top 12 Information Security Analyst Interview Questions & Answers 1) Explain what is the role of information security analyst? From small to large companies role of information security analyst includes Implementing security measures to protect computer systems, data and networks Keep himself up-to-date with on the latest intelligence which includes hackers techniques as well Preventing data loss and service interruptions Testing of data processing system and performing risk assessments Installing various security software like firewalls, data encryption and other security measures Recommending security enhancements and purchases Planning, testing and implementing network disaster plans Staff training on information and network security procedures 2) Mention what is data leakage? What are the factors that can cause data leakage? The separation or departing of IP from its intended place of storage is known as data leakage.  The factors that are responsible

Every app installed on your smartphone with permission to access location service "can" continually collect your real-time location secretly, even in the background when you do not use them. Do you know? — Installing the Facebook app on your Android and iOS smartphones automatically gives the social media company your rightful consent to collect the history of your precise location. If you are not aware, there is a setting called "Location History" in your Facebook app that comes enabled by default, allowing the company to track your every movement even when you are not using the social media app. So, every time you turn ON location service/GPS setting on your smartphone, let's say for using Uber app or Google Maps, Facebook starts tracking your location. Users can manually turn Facebook's Location History option OFF from the app settings to completely prevent Facebook from collecting your location data, even when the app is in use. However, unfortunatel

Before smartphones were popular, people didn’t take mobile security much seriously. After all, we used to have a few contacts, some classic games,  and  some blurred wallpapers, what was actually stored on our old mobile phones? However, now that everything has changed, a lot of people are using Smartphone’s to perform a lot of tasks from logging into their bank account to company dashboard for their job purpose, mobile security has become more and more important than ever. However, the statistics show that  only 22% of mobile users  take regular security measures, while most just do when it’s convenient. But, as Smartphone users we need to make Smartphone security as our primary priority to keep our mobile safe as possible to avoid any nasty situation later. Once your mobile gets hacked, you are in major financial trouble and as well as your private information. We store everything on our phones which is very handy at the same time it is a concern. Nowadays, hacker

How do you check if a website asking for your credentials is fake or legit to log in? By checking if the URL is correct? By checking if the website address is not a homograph? By checking if the site is using HTTPS? Or using software or browser extensions that detect phishing domains? Well, if you, like most Internet users, are also relying on above basic security practices to spot if that " Facebook.com " or " Google.com " you have been served with is fake or not, you may still fall victim to a newly discovered creative phishing attack and end up in giving away your passwords to hackers. Antoine Vincent Jebara , co-founder and CEO of password managing software  Myki , told The Hacker News that his team recently  spotted  a new phishing attack campaign "that even the most vigilant users could fall for." Vincent found that cybercriminals are distributing links to blogs and services that prompt visitors to first " login using Facebook account "