{"id":4361,"date":"2014-12-05T10:00:17","date_gmt":"2014-12-05T15:00:17","guid":{"rendered":"http:\/\/me-en.kaspersky.com\/blog\/?p=4361"},"modified":"2020-02-26T18:59:22","modified_gmt":"2020-02-26T14:59:22","slug":"november-roundup-2014","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/november-roundup-2014\/4361\/","title":{"rendered":"November Monthly Roundup"},"content":{"rendered":"<p>This November, Kaspersky Lab brought you a number of insightful industry reads and breaking security news stories. From the Darkhotel APT attacks, to how to increase the battery life of your iPhone, we kept you in the know. Did you miss any of our November posts? Don\u2019t panic, we\u2019ve got the highlights for you right here!<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2014\/12\/05111751\/Best-posts-1024x767-1.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-6932 size-large\" src=\"https:\/\/me-en.kaspersky.com\/blog\/files\/2014\/12\/Best-posts-1024x767-1-1024x767.png\" alt=\"Best-posts\" width=\"1024\" height=\"767\"><\/a><\/p>\n<p><strong><a href=\"https:\/\/www.kaspersky.com\/blog\/darkhotel-apt\/\" target=\"_blank\" rel=\"noopener nofollow\">Darkhotel: A Spy Campaign in Luxury Asian Hotels<\/a><\/strong><\/p>\n<p>This November, Kaspersky Lab detailed the discovery of a spy network, dubbed \u2018Darkhotel\u2019, which has been active for seven years in a number of luxury Asian hotels. The attacks work something like this: the Darkhotel threat actor compromises certain hotels that attract high-level, traveling business execs. After checking into the hotel, the executive tries to connect to Wi-Fi (which requires a surname and room number). The attackers will offer an update for legitimate software, which will also install a backdoor. Finally, once the attackers are in, they can use a set of tools to collect data, find passwords and steal login credentials.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Read highlights from our most popular #security news posts from November.<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FXe6F&amp;text=Read+highlights+from+our+most+popular+%23security+news+posts+from+November.\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Kurt Baumgartner, Principal Security Researcher at Kaspersky Lab, perhaps explained it best when he said, \u201cFor the past few years, a strong actor named Darkhotel has performed a number of successful attacks against high-profile individuals, employing methods and techniques that go well beyond typical cybercriminal behavior. This threat actor has operational competence, mathematical and crypto-analytical offensive capabilities, and other resources that are sufficient to abuse trusted commercial networks and target specific victim categories with strategic precision.\u201d<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/Darkhotel?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Darkhotel<\/a>: a spy campaign in luxury Asian hotels \u2013  <a href=\"https:\/\/t.co\/RVxkUg1B2K\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/RVxkUg1B2K<\/a> via <a href=\"https:\/\/twitter.com\/kaspersky?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@kaspersky<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/security?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#security<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/532295498116657152?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 11, 2014<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Did he just pique your interest? We suggest you read the rest of the article to learn more about the threat and how <a href=\"https:\/\/www.kaspersky.com\/advert\/free-trials\/multi-device-security?redef=1&amp;THRU&amp;reseller=blog_en-global\" target=\"_blank\" rel=\"noopener nofollow\">Kaspersky Lab\u2019s products<\/a> detect and neutralize the malicious programs and their variants used by the Darkhotel toolkit.<strong>\u00a0<\/strong><\/p>\n<p><strong><a href=\"https:\/\/www.kaspersky.com\/blog\/5-lessons-i-learned-from-my-credit-card-hack\/\" target=\"_blank\" rel=\"noopener nofollow\">Five Lessons I\u2019ve Learned from Having my Credit Card Hacked<\/a><\/strong><\/p>\n<div class=\"pullquote\">Scammers are particularly good at bypassing the security measures we put in place and can even compromise ATMs and large retailers\u2019 systems.<\/div>\n<p>Have you ever received a notification from your bank or credit card company about a purchase that you clearly did not make? It can certainly be a scary moment but you do not have to feel powerless. Below are the five lessons learned through personal experience:<\/p>\n<ol>\n<li><strong>Promptness is essential<\/strong>. The faster you can react, the more likely you are to get your money back. SMS notifications are great for this.<\/li>\n<li><strong>All types of insurance will do<\/strong>. Each and every level of extra protection that you use will make the scammer\u2019s job that much harder.<\/li>\n<li><strong>Precaution is not a cure-all<\/strong>. Scammers are particularly good at bypassing the security measures we put in place and can even compromise ATMs and large retailers\u2019 systems.<\/li>\n<li><strong>The use of credit card scams is an organized crime precedent<\/strong>. While perhaps only one person stole your card, there is a chance that they then resold it to other various criminals.<\/li>\n<li><strong>Always have a back-up plan<\/strong>. Have a number of different cards available for your use, use different payment systems and distribute your budget evenly.<\/li>\n<\/ol>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">\"Five lessons I\u2019ve learned from having my credit card hacked\" <a href=\"https:\/\/t.co\/TQHBbK0Oqw\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/TQHBbK0Oqw<\/a><\/p>\n<p>\u2014 Eugene Kaspersky (@e_kaspersky) <a href=\"https:\/\/twitter.com\/e_kaspersky\/status\/532820878699278336?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 13, 2014<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><strong><a href=\"https:\/\/www.kaspersky.com\/blog\/11_unsecure_messengers\/\" target=\"_blank\" rel=\"noopener nofollow\">11 Unsecure Mobile and Internet Messaging Apps<\/a>\u00a0<\/strong><\/p>\n<p>You may want to read this before you send that message you\u2019re typing. We took a look at <a href=\"https:\/\/www.eff.org\/secure-messaging-scorecard\" target=\"_blank\" rel=\"noopener nofollow\">the Electronic Frontier Foundation\u2019s secure messaging scorecard<\/a> and made a list of 9 apps that scored well on privacy and 11 that scored poorly. Unfortunately, the apps that scored the worst are also the apps that are the most well known to the general public.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">11 Unsecure Mobile and Internet Messaging Apps <a href=\"https:\/\/t.co\/ijXhbsZEp3\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/ijXhbsZEp3<\/a>  <a href=\"https:\/\/twitter.com\/hashtag\/security?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#security<\/a> <a href=\"http:\/\/t.co\/0BEAH3cFAV\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/0BEAH3cFAV<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/535772296154476544?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 21, 2014<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><strong><a href=\"https:\/\/www.kaspersky.com\/blog\/nine-secure-messengers\/\" target=\"_blank\" rel=\"noopener nofollow\">The Nine Most Secure and Private Internet and Mobile Messaging Services<\/a><\/strong><\/p>\n<p>As opposed to the previous list, most of these applications are not well known, though perhaps they should be. For this reason, it may be worth your while to read this article in full and learn more about these secure messaging services.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">9 Most Secure and Private Internet and Mobile Messaging Services <a href=\"https:\/\/t.co\/30xBpa0kSb\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/30xBpa0kSb<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/mobileprivacy?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#mobileprivacy<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/security?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#security<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/533299586245611523?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 14, 2014<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><strong><a href=\"https:\/\/www.kaspersky.com\/blog\/iphone-battery-tips\/\" target=\"_blank\" rel=\"noopener nofollow\">10 Steps to Boost Your iPhone\u2019s Battery Life<\/a><\/strong><\/p>\n<p>It happens to us all: one minute your smartphone\u2019s battery is fully charged and the next it is near that \u2018red line of doom.\u2019 The reason why is simple. By default, your phone is set to give you the best performance while disregarding energy efficiency. For this reason, we want to share with you 10 important tips that can help extend the life of your iPhone\u2019s battery.<\/p>\n<ol>\n<li>Adjust the brightness of your screen to approximately 30-40% of the maximum.<\/li>\n<li>Turn off Bluetooth when it is not necessary.<\/li>\n<li>Turn on \u201cflight mode\u201d in areas where you know there is no cellular coverage.<\/li>\n<li>Do not let every app track your GPS location.<\/li>\n<li>Use Wi-Fi networks whenever possible or stick to using 3G as opposed to LTE.<\/li>\n<li>Do not have your phone set to fetch new data in real-time, stick to push or manual options instead.<\/li>\n<li>Close out any apps that may be running in the background.<\/li>\n<li>Switch off automatic downloads.<\/li>\n<li>Limit your list of apps that are allowed to \u2018background refresh.\u2019<\/li>\n<li>Lastly, get rid of any push notifications for apps that are not in charge of communication, related to security or critical for consistency.<strong>\u00a0<\/strong><\/li>\n<\/ol>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">10 steps to boost your <a href=\"https:\/\/twitter.com\/hashtag\/iPhone?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#iPhone<\/a>\u2019s battery life <a href=\"https:\/\/t.co\/BrqC7ub2FX\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/BrqC7ub2FX<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/Apple?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Apple<\/a> <a href=\"http:\/\/t.co\/byYy1pDwL1\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/byYy1pDwL1<\/a><\/p>\n<p>\u2014 Eugene Kaspersky (@e_kaspersky) <a href=\"https:\/\/twitter.com\/e_kaspersky\/status\/535396937189449730?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 20, 2014<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><strong><a href=\"https:\/\/www.kaspersky.com\/blog\/android-maximum-security-tips\/\" target=\"_blank\" rel=\"noopener nofollow\">Protect Your Android: 10 Tips for Maximum Security<\/a><\/strong><\/p>\n<p>The open and flexible nature of the Android mobile OS is what made it a leader in the mobile market, but it is also the basis for the notorious fragmentation issue that is often mentioned. While Android versions may differ, we have aggregated some general tips to ensure that your Android device is ultimately more secure.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">10 tips for maximum <a href=\"https:\/\/twitter.com\/hashtag\/Android?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Android<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/security?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#security<\/a> \u2013 <a href=\"https:\/\/t.co\/bIqSGMj05q\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/bIqSGMj05q<\/a> <a href=\"http:\/\/t.co\/j0quFlYNnw\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/j0quFlYNnw<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/530759328224256000?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 7, 2014<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<ol>\n<li>Only download applications from the Google Play store.<\/li>\n<li>Check the permissions that an application is seeking to use to make sure that they are appropriate for that app.<\/li>\n<li>Use strong passwords!<\/li>\n<li>Encrypt all of the data on your phone so even if it is lost or stolen, the data cannot be accessed.<\/li>\n<li>Try to avoid public Wi-Fi hotspots and run a regular audit of your remembered Wi-Fi networks list.<\/li>\n<li>Always use VPN, especially when using a public hotspot or an untrusted network connection.<\/li>\n<li>Disable notifications that are likely to pop up even when your screen is locked.<\/li>\n<li>Apply settings to Google services that will limit the information at risk should there be a data leak.<\/li>\n<li>Rid yourself of unnecessary apps. More apps mean more risk.<\/li>\n<li>And finally, use two-factor authentication for Google and other apps to ensure maximum user account security.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Catch up on our most popular posts from November.<\/p>\n","protected":false},"author":40,"featured_media":4362,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,9],"tags":[105,477,282,854,261,26,36,218,445],"class_list":{"0":"post-4361","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-tips","9":"tag-android","10":"tag-apt","11":"tag-cybersecurity","12":"tag-darkhotel","13":"tag-encryption","14":"tag-iphone","15":"tag-malware-2","16":"tag-mobile-security","17":"tag-security-news"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/november-roundup-2014\/4361\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/november-roundup-2014\/4427\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/november-roundup-2014\/4897\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/november-roundup-2014\/5175\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/november-roundup-2014\/6341\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/november-roundup-2014\/6931\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/november-roundup-2014\/5718\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/november-roundup-2014\/6341\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/november-roundup-2014\/6931\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/november-roundup-2014\/6931\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/android\/","name":"Android"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/4361","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=4361"}],"version-history":[{"count":2,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/4361\/revisions"}],"predecessor-version":[{"id":15957,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/4361\/revisions\/15957"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/4362"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=4361"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=4361"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=4361"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}