Mediaboss Marketing

The Marshall Liberal Government today launched a national first campaign Quit your way in May that will encourage South Australian smokers to join in and find their way to be smoke free for the month of May, or even part of the month.

Smokers have told us that they want to quit smoking their own way and that is why we are launching the Quit your way in May campaign, Minister for Health and Wellbeing Stephen Wade said.

We are encouraging smokers to think about what quitting approach might work for them, and to make plans to have a go at quitting this May.

It usually takes more than ten attempts to successfully quit smoking so setting a short-term goal gives smokers an opportunity to experience success and celebrate stopping smoking, even for a short amount of time. Hopefully that initial success will give them the skills and confidence to quit long term.

Smokers who register for Quit your way in May can choose to receive regular emails to assist them with preparing to quit smoking and to provide support and advice throughout their quit attempt. And because we know smokers benefit from quitting with others, a Facebook support group has been established.

We also want to remind smokers that the Quitline is always there if they need some additional assistance.

Drug and Alcohol Services South Australia Tobacco Control Unit Manager, Dr Clinton Cenko, said that quitting is a really good way to reduce stress and anxiety in the longer term.

Although people generally think that smoking relieves cravings and stress, smoking can actually increase your stress hormones in the longer term, Dr Cenko said.

But by about six weeks after quitting smoking, research indicates that most people feel less stressed and in a better mood than when they smoked.

Quitting for a month means that participants will be well on the way to improving both their physical and mental health.

Successful quitter, Esther Nimmo, said smoking was part of her lifestyle for a long time but it was making her sick and she knew she needed to take action for her overall health.

I hated the control smoking had over me and it gave me a heightened sense of anxiety because I knew it was not good for me, Ms Nimmo said.

It took ten attempts before I was successful in quitting smoking, but I feel fitter, healthier and happier since I quit. My self-esteem and my mental health are better as a result of quitting smoking.

Id like smokers to know that while it can be challenging to quit, they arent alone on this journey and the benefits for quitting for your physical health and mental health are truly worth it.

To register and get helpful tips and support, visit http://www.quityourwayinmay.com.au

More:
Quit Your Way in May - Premier of South Australia

The malware can grab login credentials for more than 450 apps and bypass SMS-based two-factor authentication

Cybercriminals are attempting to take advantage of the popularity of Clubhouse to deliver malware that aims to steal users login information for a variety of online services, ESET malware researcher Lukas Stefanko has found.

Disguised as the (as yet non-existent) Android version of the invitation-only audio chat app, the malicious package is served from a website that has the look and feel of the genuine Clubhouse website. The trojan nicknamed BlackRock by ThreatFabric and detected by ESET products as Android/TrojanDropper.Agent.HLR can steal victims login data for no fewer than 458 online services.

The target list includes well-known financial and shopping apps, cryptocurrency exchanges, as well as social media and messaging platforms. For starters, Twitter, WhatsApp, Facebook, Amazon, Netflix, Outlook, eBay, Coinbase, Plus500, Cash App, BBVA and Lloyds Bank are all on the list.

The website looks like the real deal. To be frank, it is a well-executed copy of the legitimate Clubhouse website. However, once the user clicks on Get it on Google Play, the app will be automatically downloaded onto the users device. By contrast, legitimate websites would always redirect the user to Google Play, rather than directly download an Android Package Kit, or APK for short, said Stefanko.

Even before tapping the button there are signs that something is amiss, such as the connection not being secure (HTTP instead of HTTPS) or that the site uses the .mobi top-level domain (TLD), rather than .com used by the legitimate app (see Figure 1). Another red flag should be that even though Clubhouse is indeed planning to launch the Android version of its app soon, the platform is at present still available only for iPhones.

Figure 1. Notice the difference in the URLs between the fraudulent (left) and legitimate (right) website

Once the victim is hoodwinked into downloading and installing BlackRock, the trojan tries to purloin their credentials using an overlay attack. In other words, whenever the user launches one of the targeted applications, the malware will create a data-stealing overlay of the application and request the user to log in. Instead of logging in, the user unwittingly hands over their credentials to the cybercriminals.

Using SMS-based two-factor authentication (2FA) to help prevent anyone from infiltrating your accounts wouldnt necessarily help in this case, since the malware can also intercept text messages. The malicious app also asks the victim to enable accessibility services, effectively allowing the criminals to take control of the device.

To be sure, there are other ways to spot the malicious decoy besides those shown in Figure 1. Stefanko points out that the name of the downloaded app Install, instead of Clubhouse should be an instant red flag. While this demonstrates that the malware creator was probably too lazy to disguise the downloaded app properly, it could also mean that we may discover even more sophisticated copycats in the future, he warned.

Figure 2. The installation prompt

This is perhaps also a good opportunity to brush up on mobile security best practices:

For a more thorough take on how to protect yourself against mobile security threats, head over to this article.

Read more from the original source:
Beware Android trojan posing as Clubhouse app - We Live Security

How do these perpetrators of crime in most cases manage to silence or intimidate victims and their families is a question that remains unanswered; as does the question why police fail protect victims and their family members.

According to the NCRB's "Crime in India" 2019 report, Uttar Pradesh reported the highest number of crimes against women (59,853), accounting for 14.7 percent of such cases across the country. UP also had the highest number of crimes against girl children under the POCSO Act and ranked second in terms of rapes committed.

The Yogi Government however claims that crime has come down in UP in the last four years. Government says that there is almost 66 % decline in cases of loot, 19 % in murders and more than 45 % in the incidents of rape and molestation.

It says in 1535 police thanas, women help desks have been set up. Besides, 135 criminals have been killed in the last four years in 7791 encounters.

Take your pick on what you want to believe in Yogis Ram Rajya.

More:
What the publicity blitz to observe four years of Yogi as CM will not tell - National Herald

Todays columnist, Mark Kerrison of New Net Technologies, invokes David Bowie to get the point across that the vast majority of security issues are tied to changes. luvhermit CreativeCommons Credit: CC PDM 1.0

Despite his one-time appearance in the film The Prestige as Nikola Tesla, its unlikely David Bowie spent much of his time studying up on the challenges of technology. Still, he seemed to know what he was talking about when the glam rock and fashion icon encouraged us to Turn and Face the Strange, Ch-Ch-Changes. Bowie would fully understand that all data breaches or malware vectors are tied to changes. Facing those changes with a proper change control implementation has become so crucial for that very reason: Any change that slips by the team could introduce a malware disaster.

Gartner reports that 85 percent of all problems faced by IT teams, whether theyre operational or security, are often tracked to some form of change. They likewise predict that 90 percent of security breaches could have been detected with an effective change and configuration management process. Given that the average Mean Time to Detect (MTTD) a data breach runs about 190 days after infiltration, the longer a firm goes without a fully-implemented change control process, the more likely they are to suffer a devastating breach or even a ransomware attack. To properly implement change control, companies must start by understanding it.

This technology lets security teams identify changes in any environment so that any changes that represent a threat or open software up to a vulnerability are correctly identified as such. Unlike change management, which focuses on a given companys process in introducing change, in change control security teams understand what those changes are and their effect on the software environment.

Consider a zero-day attack, which by its nature can bypass whitelists and firewalls. The malware may go undetected, but the underlying changes to existing functions which enable that malware must occur. Change management helps firms avoid unexpected changes, but its in the realm of change control that they can determine those unexpected changes and deal with them.

We can identify these changes in four essential types:

Effective change control analyzes all changes, discerning between those that were harmless and ideally approved and those that were neither approved nor harmless. There are a few critical integrations an effective solution should leverage. Security teams should integrate data from change management into the change control solution. They need to empower that solution with analysis and Threat Intelligence to learn the patterns and behaviors of good changes, so that the team can reduce change noise and they can assess unexpected changes and assigned risk context.

Once detecting those risk-associated changes, an effective technology should offer remediation, using that risk context to help operations teams prioritize in the remediation process. Leveraging intelligent change control products and processes will better protect organizations from a breach, and also help spot potential breaches and contribute to enhanced IT operations.

Mark Kerrison, chief executive officer, New Net Technologies

Here is the original post:
Turn to face the 'ch-ch-changes' of change control | SC Media - SC Magazine

We all know the internet is required for full participation in our society and economy. Every business, device or government agency seems to require or highly encourage consumers to engage with them online.

Consumers are in a tough spot. Whether someone has access to the internet is the modern-day version of the haves and have-nots. Consumers must also Click to Accept to rules and policies not typically in their best interests. And if they say No to these rules and policies, these internet users are banished to the have-nots.

Consumers need a public policy to establish and exercise their digital rights. We deserve a digital Bill of Rights making possible a fair, transparent and empowering internet.

Consumers need awareness, trust and control, none of which they have at this time. In fact, all internet consumers operate as a marginalized set of users who lack the rights and privileges in the digital world that would be demanded and protected in our physical world.

Awareness is the first step. Consumers deserve transparency and notification describing the collection and sharing of their personal data, and a return on its value.

In other words, when consumers give up personal data, what do they get in return? Organizations use a consumers personal data, and how they do so is basically unknowable studies show that privacy policies now require a postgraduate degree to decipher, and only 1% of us even make the effort.

In 85% of the more than 600 policies studied by the Center for Identity at The University of Texas, organizations declare their right to change their policies, and your continued use of their products are considered your consent to those changes even if you had no idea of the changes. So, as a real matter, we have no awareness and no control.

Our current binary choice to simply accept the status quo or disengage is not a real or fair one.

We need laws that require organizations to fully disclose their use of and rate of return on a consumers personal data asset. Consumers also need control. Although awareness and trust may help consumers decide which websites to visit, which apps to download and which social media sources to follow, consumers still arent able to exercise control in the digital world.

Imagine a day when consumers could control their personal data asset like they control their money: If the product is you (and the product is definitely the consumer), shouldnt consumers be able to control that which directly affects every aspect of their lives? Shouldnt consumers have the ability to control the collection, use and misuse of their personal data assets?

Laws must establish the requirements for this utility the internet giving consumers awareness, trust and control as their most foundational rights. We need federal and state laws that construe personal data as the asset it is (analogous to currency), to define the value proposition for all parties involved in personal data transactions with the appropriate rights and redress. The first step will be laws that clearly address the issue of personal data ownership and halt the exploitation of people and their data.

These policies and protections are long overdue. For too long, consumers have not fully understood what they are sharing or how this information is used, i.e. the value proposition that underpins this transaction. In fact, plenty of diverse interests exist on the internet, and the personal data industry benefits from a lack of transparency and opaque ownership. The reach and intrusiveness of the personal data collector and aggregator have grown significantly, while consumer ownership and control remains undefined.

Consumers deserve better. We all deserve an internet that is fair, transparent and empowering.

Suzanne Barber is the director of the Center for Identity and the AT&T Foundation Endowed Professor in Engineering at The University of Texas at Austin.

Susan Combs is a former comptroller for the State of Texas; former assistant secretary for policy, management and budget at the Department of the Interior; and a fellow in the Center for Identity at The University of Texas at Austin.

A version of this op-ed appeared in The Hill.

Read more from the original source:
We Need to Give More Credence to Personal Data as the Asset That It Is - UT News - UT News | The University of Texas at Austin