I wish some white hats made "fake malwares". Like you open some random ".exe" / random mail like the BBC mail you showed, but instead of hacking you, it opens a scary message saying "You could have been hacked" and explains how it would have done it and how to proctect yourself from this.
that would be considered grey hat hacking. attacking websites and larger systems in order to try to help their security used to be more common before bug bounties became a thing. good thing too, because generally the people who got hacked are not grateful for the lesson 😂
One variation of this that I've seen is security teams in companies sending out fake scam emails and if you click on any of the links you are redirected to their security training course.
The best protection. Trust no random shit being sent to you which you do not expect to recieve. If a company or a person you know seems to have messaged or mailed you. Call them and verify the email sender address and content etc. If you dont know the company / person it is shit you dont need in your life = delete, block and ignore.
Yeah Ive had this very discussion with my boomer parents a few times. Getting them schooled about the computer world was a monumental task. It almost broke me a few times, but if it didnt kill me it made me stronger. Right? ;)
This is literally the same advice that we were giving in the 90s. Even through the IE/activeX days, it was always easier to spam email netbus to people who thought they'd just won some prize.
The spoofed email, in my limited experience with them, isn't foolproof. If you look at the message header information you can usually see that it wasn't actually sent from whatever is in the From address. I have yet to encounter one with the header information spoofed, that I know of. I did have one suspicious email, which came from what appeared to be and actual companies email server. I forwarded email to the companies support email address and told them it looked like their email server may have been hacked. They said the email wasn't legit. I don't know if they were hacked or if someone may have actually spoofed the email header info.
I once got email from myself. Gmail flagged it as a spam and warned that sender is most likely spoofed, something wrong with signing certificate, it wasn't Google's one.
I think so. I've read articles about Temu or IG and Facebook having access to your files, location, mic etc. Has anyone done a video breaking down how they do it, what they collect and how it Should be illegal? Accepting terms and conditions that are intentionally long and confusing shouldn't be enough to absolve them from responsibility.
Company I'm working at, sends us phishing emails and if you click it, you'll have to do a 1 hour online training. I must day it's working and now I have PTSD
This is quite common. But the funny thing is even though the employees know that these phishing tests are routinely used, they still click on the content rather than report the suspect message.
They probably assume its better to report if if there's nothing there for them (if it "is" phishing) whilst maybe they get paid whilst doing the test still, so less work for them each time it happens.
How about when the phishing awareness emails are all "YoU"ve WoN a PrI$E" But then the CTO and HR actually send "Click this link" emails regularly. Lol.
My friend got one of those files that require email and password. So what he did is he made a script that submits random data to bloat the hacker's database. Good shit.
Thanks for the information. If there is anyone who really deserves to get some recognition and appreciation for all the work and time spent on informing it's followers it's you. Congratulations on the 500K!
@@petyrbaelish007 not all of us boomers are stupid . The only reason I'm not a hacker is because I know even the best of them get caught unless they are in a foreign country . Plus it is kind of tedious and boring . More suitable for 11 yr olds
I've seen a malware that injects js code encrypted as base64 through emails, but the catch is: you just need to open the email, the encrypted JS does the rest. No link, no response, nothing, just opening the email will inject the code.
Wow. Where do you find such things and how do I understand it? I really just need to know the method of attack and not the code cos I wouldn't understand it anyway
@@dinom3106 If you want to create a malware similar to what I've said, you need to learn base64 encoding/encrypting. So you will create the code/malware and then encrypt on base64. The code will "run disguised" as base64, and the email protection and security won't check the code for malicious methods, but you need to make the code to avoid certain security measures.
Crazy, as I watch this I get a message saying my package wasn't delivered because there was no address on it and had a link at the bottom of the message . Blocked
It's probably just a fake message, nothing got hacked and it's just a phishing web page that tries to scare you and trick you into thinking you got hacked from clicking the link.
Great video as always. Would you maybe be willing to make one about alternatives now that Kaspersky gets banned in different places. I always used it and in my opinion (and seeing your tests) its the best throughout, especially among the free ones.
@@npc.ouffa- bc if youre just browsing the web and interacting with safe stuff you can just use windows defender like you think youre getting protected while sitting around though your not gonna get infected anyway as if you trying to get better at detecting viruses yourself you can actually prevent getting infected when downloading stuff
DMARC configurations helps but it isn't the silver bullet. When you get into it, one quickly finds out the practical setting is "soft fail" which means someone spoofing your domain will be sent to recipients junk box instead of the trash. This gives employees the opportunity to see the email and from that they make the decision on what happens next.
I know you've touched on Windows Security couple of times, but what do you think; does a casual user who only browses UA-cam and check email need a paid AV? Or is the built-in security enough.
eh probably fine, just be wary of potential phishing emails and DMs really. some free AVs like norton and avast are actually more hurtful than anything
For me I stick with just defender. As long as you're not doing anything out of the ordinary (running files from unknown sites, or submitting details to sites you haven't checked are real, etc) you should be fine.
1 question, how to protect against these? Dirty electricity can be corrected using AC to DC to DC to AC. Water can be purified. So, there is surely a way how to protect ourselves online.
I run my browser in a sandbox (Sandboxie) ... I tested it years ago against hundreds of malware and it kept my PC from being infected 100% of the time. The Sandbox was infected but not my PC. If I go to a banking website or if I visit a wesite like Amazon, I delete the sandbox and restart my PC, then create a new sandbox. Also...If a hacker gets my authentication tokens, don't the tokens disappear when I shut down the PC and then regenerate new ones when I log back in? I can that if you are the type who never shuts down their PC this could be a problem.
As far as login tokens, deleting the sandbox would delete the tokens but it wouldn't make them inactive/useless. You'd want to log out from the site itself and hope it actually makes them no longer valid rather than just removing them from your browser.
Bearer tokens (like OAuth2.0 access tokens in the form of JWTs) do not "die" until the timestamp expires and so (depending on the website in question) could be used to access a backend API even if you have logged out of the front-end application. For example, if the API consuming the access token is just validating the timestamp and signature (and does not send the token back to the issuer to confirm it is still valid), then the attacker might have a small window of usefulness before the token expires.
Hey leo i saw your testing of windows defender while using defender Ui. I was wondering if you could do a video testing with defender ui again while not connected to the internet so we can see if it boosts protection when not connected to the internet. Thanks leo!
We had an issue where the hackers set up fake accounts impersonating top level managers in our university and was ask to check over the attached reports etc. literally swapped a letter in the email address so it was hard to spot
On a phone, i think it's even worse! I have on my phone a collection of viruses. Until two months ago, i didn't realised it, never thought that Chrome or Google Drive, nor other trusted platforms like Facebook or UA-cam could contain viruses. I was so wrong! What i find outrageous, is that there are no lows to forbid malware advertising. The laws are too acceptable and don't really try to combat black hackers.
@@koreyb Few examples, starting with the begining: after factory reset, i was putting back the back up for Whatsapp and few other apps, without knowing how actualy a back-up must be done. Moreover, gmail adress on active Chrome. Therefore, phone memory was reaching 90% usage, in one or two weeks. I had looong time using my phone at 1% free space, wondering what is ocupying so much memory. One day i was lucky to clean itself quite alot of space(2 GB) and it was the moment that opened my eyes and attention to my phone. While i was deleting files, memory was increasing, not decreasing. I still have some weird files that are being sended from my phone. It is recording what i am setting, what i am speaking, what i am writing, what photos i am taking and send reports through Whatsapp. Is that virus related directly or inditectly to Whatsapp, i don't know yet. When i was using my emails, my phone agenda was free to use... And i was receiving phone calls from countries i have nothing to do with. My mom received a foreign call too, this is how i realised that she had it from my hacked phone. I noticed that is upgrading some things, in accordance with my actions or settings. Safe mode is not working on my phone anymore, therefore i consider it a trash. In the next future, i will use it only to exercise my own custom made Android. I believe i have a spyware, a worm and a physhing kind on my phone, my gmail adress and Google Drive.
are apple pcs safe from these phishing emails ? I'm new to all this and was under the assumption that when a mass email attack is created it can only be executable on a single type of OS
Depends on what type of attack was done. If it’s in the browser it doesnt really matter the OS. Those browser attacks are increasingly common due to it. If it’s an executable that runs on a PC then the program needs to be designed for either Windows or Mac.
If you install random cracked software and games you might as well use a VM where you store no passwords or data for it and keep your main system clean
i was on a sketch site and it was opening new tabs every time i clicked. then one time i missed the x and it opened like 20 tabs at once and made em move. then they all went away. i left the site and cleared my history could i possibly have a virus? I'm very paranoid.
Could you please do a video like this but extend it so it would incorporate the whole context that include consumer-grade user security? So we can learn not only how we are hacked but also how and what our lines of defenses act and can do for us, so that we can learn to defend ourselves and set up a healthy security hygiene on our systems and network, and be able to recognize a healthy secure network and pc environment, because I honestly don’t even know if everything I’ve done to achieve this is even effective or not, and have no idea how to determine this in any way. Could it please incorporate password/account security also. There is not a single guide or explanation that covers the topic as a whole and I believe many people would want to see something like this and that is an increasingly necessity in this time.
Our company got outlook mail scanner on a server itself and for 3 years i only got a few of those mails. All of the links were wrapped in MS ones so they stopped working after a minute or so. Usually system is just annoying, because it's quite slow in checking attachments. There were even advisement to just attach Onedrive documents to speed up the process.
Honestly that's kind of the better idea. Disallow receiving attachments entirely (sending only for outside network emails, for customers) and just make the company use a private file share. Unless someone gets into the file share, no risk of being impersonated. Just send a "Okay I left it in [dir] of fileshare"
@@Aura_Mancer it's actually way more seamless. You just attach files from OneDrive and they appear as attachments. I don't usually send files and if i do i use Teams. Overall, it's a nice idea, maybe there are some similar policies exist. On another note, Google drive is blocked and i know it used in malware attacks a lot. Paired with dummy files, virus could escape AV scans.
Hii The Pc Security I just bought a used computer, from a random guy, who helped me set it up, and everything in my apartment. But suddenly after 1-2 weeks, it start to crash many times with a blue screen telling “some thing could not be proceded” the guy suddenly stopped answering my messages, I was out of hope, and then choose to reset my pc to factory new, and now i am afraid if i am hacked, what should i do?
Hi,my collegues lately are saying that you can get virus by just simply watching videos(autoplay on hover,previews,shorts,videos) on youtube even without clicking on anything. I know question might be stupid but i am still wondering
I legit ignore 90% of the emails at work. If something is super important it will be brought up on a meeting or a teams chat. I have most things filtered out except for emails from the boss and grandboss along with IT all of which gets filtered a bolded so it becomes obvious who it is coming from. There have legit been internal PEN testing where I completely missed the email that was sent to me to because again I skip most of what comes into my inbox.
Great video as a reminder of how you can be attacked. Suggestion: Do a movie review of "Blackhat" with Chris Hemsworth!! Maybe a few other cyber movies would be fun as well. It would be interesting to hear from you what is real and not and why! Thanks
Could you please do a video on the kaspersky ban in the US? Also, i saw somewhere if you have the product installed you will stop recieving updates at the end of september. However i saw somewhere else claiming you would still be allowed to update until the products expiration. Also if possible, could you do a video on how to completely uninstall kaspersky? I have had to uninstall and reinstall Antivirus software before and it was not as simple as selecting uninstall in add/remove programs. It was kinda complicated you also had to download another program to completely uninstall it.
Hello friends, I did a fool and I installed a plugin with crack 2 days ago, but although there was no virus, my instagram went away today (I got it back) and I changed the passwords of my computer formats and main e-mails in the morning, but when I opened the exe, they sold the items from steam now because they accessed all the cookies or tokens and sent a message to everyone from discord. What do you recommend as a solution, if I change the password of all my accounts one by one, will the problem be solved? Or did a virus that didn't even go with the format entered my computer?
This cookie thing howver it works I think its a specific format of file that the stealer well steals Couldn't one write some code to inject or append their cookies for a specific session to include their own malware that identities the ip address it was sent to? Kinda like hey i found your cookie jar.. Sorry i have zero actual hacking skills but my thinking has had our security team laughing at me 60% of the time and the rest checking if such tools or methods exist or could work. Any actual ppl with IT skills would be appreciated for my next great idea 💡❤
Cookies nowadays are encrypted in transit (HTTPS). Even if an attacker finds your cookies through a packet sniffer, they can't actually decrypt the plaintext within them (or modify the contents within the cookie aka cookie poisoning). Something similar to the attack you're referring to does exist though. CSRF (Cross-Site Request Forgery) attacks exploit the trust that a user has with a web application. With a little bit of social engineering, an attacker could trick the user into executing malicious actions on a web application in which they're already authenticated.
Help 4/6 of my precious hard drives are self replicating viruses everywhere I managed to unbrick my zenfone 3 the other day by flashing like 50 different zip file combinations till I got it but I had to take everything off my computer i plug in for it to transfer on a new temp os and i can't lose any more data I have terabytes of precious files I'm too scared to unmount another drive and even run anti-virus against it any advice help
Simplest way to prevent your computer from getting hacked (Windows only) Just run any Video Game in the background that has Kernel Level Anticheat. 10/10 never get hacked. Because the hacker's access is immediately detected by Anticheat as malicious.
@@armanis1234 based on my own experience in the past 6 years, real I'd say. Because anticheat can prevent anything that Hackers usually attempt to do on victim's Computer. Again, this is only applicable to Windows, and, Kernel Level Anticheat. Yes I go to shady websites all the time. Nothing bad happened so far
@@ClayWheeler Um, hate to break it to you but the anticheat would just ban you from the game (even if it did detect anything), its not gonna stop you from being hacked. The anticheat will be looking for processes that try and interfere with the game itself and does not give two shits about what else happens on your machine. Just going to a website cant get you hacked if you use a modern browser with a modern operating system (EDIT: Also you have windows defender).
@@sylussquared9724 who's gonna tell this person there are plenty of video games with Kernel Level anticheat that allows the game to run without the user being Logged in.
A hacker could put you on their network and hack you. They can register your home to their domain and hack everything in your house that has wifi. They can install wifi cameras in your house and watch you.
Osint really got involved and got attention, bad for the PUPs, the PUPs are like puppies, you love them, you make them monster. Sometimes you have to be drama queen for the pups :(
I'm 100% safe with McAfee.
Hope your joking
macoffee
@@Picachumaster6no. McAfee is the best AV system. Everyone who follows this channel known that!
His spirit is trapped in my PC. He protects me 24/7 from the technoheretics. Praise McAfee 🤖🙏.
💀
Don't forget kids, the real Goku won't ask for your parents credit card information.
No? Fuck, too late. Already send 2k to send back goku from Namek.
hmm why not?
"Hey, it's me, Goku, what's your login info?"
@@danielbaker1248😂
Debatable
[Switches off computer and goes to live in the woods...]
The further you get into cyber sec the more you realise this is the only way
Malware and official software aren't so different in most cases.
The tree's have eyes
So you want to be infected by a real virus.
No where is safe.
Becomes Amish
I wish some white hats made "fake malwares". Like you open some random ".exe" / random mail like the BBC mail you showed, but instead of hacking you, it opens a scary message saying "You could have been hacked" and explains how it would have done it and how to proctect yourself from this.
Liability issues, most likely :(
thats an interesting idea
that would be considered grey hat hacking. attacking websites and larger systems in order to try to help their security used to be more common before bug bounties became a thing. good thing too, because generally the people who got hacked are not grateful for the lesson 😂
@@xenostimI'd be grateful as long as it got removed lol
One variation of this that I've seen is security teams in companies sending out fake scam emails and if you click on any of the links you are redirected to their security training course.
The best protection. Trust no random shit being sent to you which you do not expect to recieve.
If a company or a person you know seems to have messaged or mailed you. Call them and verify the email sender address and content etc.
If you dont know the company / person it is shit you dont need in your life = delete, block and ignore.
Yeah Ive had this very discussion with my boomer parents a few times. Getting them schooled about the computer world was a monumental task. It almost broke me a few times, but if it didnt kill me it made me stronger. Right? ;)
@@petyrbaelish007 nietzsche never had to teach his grandma how to use facebook
@@petyrbaelish007
This is literally the same advice that we were giving in the 90s.
Even through the IE/activeX days, it was always easier to spam email netbus to people who thought they'd just won some prize.
I, ignore
I swear that "System hacked" page design was taken from a video game but I can't remember which.
It's from Star Trek films actually.
@@adalwolf8328 Oh, I didn't know
It's Putin's homepage.
Advanced Warfare
It's Pac-Man
the fact that the ad blocker got installed by an ad made me lose it
The spoofed email, in my limited experience with them, isn't foolproof. If you look at the message header information you can usually see that it wasn't actually sent from whatever is in the From address. I have yet to encounter one with the header information spoofed, that I know of. I did have one suspicious email, which came from what appeared to be and actual companies email server. I forwarded email to the companies support email address and told them it looked like their email server may have been hacked. They said the email wasn't legit. I don't know if they were hacked or if someone may have actually spoofed the email header info.
I believe one of the anti India scammer or cyber security youtube channels has it happened to them.
I once got email from myself. Gmail flagged it as a spam and warned that sender is most likely spoofed, something wrong with signing certificate, it wasn't Google's one.
We an employee that refused to report entering her credentials in that file and 3 weeks later it was too late we got hit by ransomware
L
2:40 correction: the social media platforms ARE the malware THEMSELVES
Kind of like the old Bonzi Buddy...they're just so much fun that we willingly use that malware!
I think so. I've read articles about Temu or IG and Facebook having access to your files, location, mic etc.
Has anyone done a video breaking down how they do it, what they collect and how it Should be illegal?
Accepting terms and conditions that are intentionally long and confusing shouldn't be enough to absolve them from responsibility.
Company I'm working at, sends us phishing emails and if you click it, you'll have to do a 1 hour online training.
I must day it's working and now I have PTSD
This is quite common. But the funny thing is even though the employees know that these phishing tests are routinely used, they still click on the content rather than report the suspect message.
They probably assume its better to report if if there's nothing there for them (if it "is" phishing) whilst maybe they get paid whilst doing the test still, so less work for them each time it happens.
Sounds like a smart idea.
How about when the phishing awareness emails are all "YoU"ve WoN a PrI$E" But then the CTO and HR actually send "Click this link" emails regularly. Lol.
Very informative. Thank you for posting 😊
Are you going to talk about Kaspersky getting banned?
Yup, it is next on my list.
@@pcsecuritychannel don't know what to do as I bought a year of licence from kaspersky 😢. They do a fantastic antivirus
I use Kaspersky but if it’s getting banned, I’ll have to find another to use. Windows Defender would probably be good enough for my purposes
Its just politics
@@tpd1864blake I'm trying to make up my mind between Bitdefender or Mywarebytes.
My friend got one of those files that require email and password. So what he did is he made a script that submits random data to bloat the hacker's database. Good shit.
Your friend thinks like me but With actual coding skills 😂
Thanks for the information. If there is anyone who really deserves to get some recognition and appreciation for all the work and time spent on informing it's followers it's you.
Congratulations on the 500K!
I showed this to my 11 year old.
My 71 year old is the one that truly has trouble getting this stuff.
@@petyrbaelish007 you mean the 71 yr old son of the guy that invented the internet ? ya right
@@edwardmacnab354 No I mean my boomer dad.
@@petyrbaelish007 not all of us boomers are stupid . The only reason I'm not a hacker is because I know even the best of them get caught unless they are in a foreign country . Plus it is kind of tedious and boring . More suitable for 11 yr olds
@@edwardmacnab354 I never said anyone was dumb.
I've seen a malware that injects js code encrypted as base64 through emails, but the catch is: you just need to open the email, the encrypted JS does the rest. No link, no response, nothing, just opening the email will inject the code.
Wow. Where do you find such things and how do I understand it? I really just need to know the method of attack and not the code cos I wouldn't understand it anyway
@@dinom3106 If you want to create a malware similar to what I've said, you need to learn base64 encoding/encrypting. So you will create the code/malware and then encrypt on base64. The code will "run disguised" as base64, and the email protection and security won't check the code for malicious methods, but you need to make the code to avoid certain security measures.
But Gmail doesn’t support JavaScript so surely that’s not a problem nowadays?
Crazy, as I watch this I get a message saying my package wasn't delivered because there was no address on it and had a link at the bottom of the message .
Blocked
I ain't clicking no link in a YT description! Mama Leo didn't raise no fool!
What happens when the timer runs out on that system hacked message?
The computer self-destructs with a full nuclear detonation wiping out everything in a 500 mile radius.
@@pcsecuritychannel dont let the CIA know that, they will use it
It's probably just a fake message, nothing got hacked and it's just a phishing web page that tries to scare you and trick you into thinking you got hacked from clicking the link.
🤣 lmao @@pcsecuritychannel
@@pcsecuritychannel ok kid. u dont need to overreact
Great video as always. Would you maybe be willing to make one about alternatives now that Kaspersky gets banned in different places. I always used it and in my opinion (and seeing your tests) its the best throughout, especially among the free ones.
Honestly its also a good idea to contact customer service of what ever program ur using. To double check if they've sent an email to you.
can u make a vid about anti-virus and firewalls tier list
Yes plz
Common Sense and Intelligence are S tier for sure
They are not gonna protect you
@@p0worejtih why?
@@npc.ouffa- bc if youre just browsing the web and interacting with safe stuff you can just use windows defender
like you think youre getting protected while sitting around though your not gonna get infected anyway
as if you trying to get better at detecting viruses yourself you can actually prevent getting infected when downloading stuff
DMARC configurations helps but it isn't the silver bullet. When you get into it, one quickly finds out the practical setting is "soft fail" which means someone spoofing your domain will be sent to recipients junk box instead of the trash. This gives employees the opportunity to see the email and from that they make the decision on what happens next.
Depends how you configure it using spam is best option as fail usually fails when your email is actually legitimate
I know you've touched on Windows Security couple of times, but what do you think; does a casual user who only browses UA-cam and check email need a paid AV? Or is the built-in security enough.
Not unless your network is somehow insecure
eh probably fine, just be wary of potential phishing emails and DMs really. some free AVs like norton and avast are actually more hurtful than anything
For me I stick with just defender. As long as you're not doing anything out of the ordinary (running files from unknown sites, or submitting details to sites you haven't checked are real, etc) you should be fine.
@@koreyb
@adalwolf8328 If you have any common sense with computers, yeah windows defender will do the job.
Tell us about dynamic/behavior monitoring in open source world please.
I would like to know as well, he brought it up and didn’t provide examples.
"Wow, malware, this is great I mean... this is... great"
^installs everything that pops up
You have such a soothing voice man!
1 question, how to protect against these?
Dirty electricity can be corrected using AC to DC to DC to AC.
Water can be purified.
So, there is surely a way how to protect ourselves online.
I run my browser in a sandbox (Sandboxie) ... I tested it years ago against hundreds of malware and it kept my PC from being infected 100% of the time.
The Sandbox was infected but not my PC.
If I go to a banking website or if I visit a wesite like Amazon, I delete the sandbox and restart my PC, then create a new sandbox.
Also...If a hacker gets my authentication tokens, don't the tokens disappear when I shut down the PC and then regenerate new ones when I log back in?
I can that if you are the type who never shuts down their PC this could be a problem.
As far as login tokens, deleting the sandbox would delete the tokens but it wouldn't make them inactive/useless. You'd want to log out from the site itself and hope it actually makes them no longer valid rather than just removing them from your browser.
Bearer tokens (like OAuth2.0 access tokens in the form of JWTs) do not "die" until the timestamp expires and so (depending on the website in question) could be used to access a backend API even if you have logged out of the front-end application. For example, if the API consuming the access token is just validating the timestamp and signature (and does not send the token back to the issuer to confirm it is still valid), then the attacker might have a small window of usefulness before the token expires.
This is the information I was scrolling to find thank you 🎉 what about Microsoft Windows 11 sandbox app? Good enough?
As long as you don't log into anything you care about (so information stealers aren't an issue) that should be fine.
I live when videos start straight to the point
did you hear about the Kaspersky ban in the US? Opinions?
Hey leo i saw your testing of windows defender while using defender Ui. I was wondering if you could do a video testing with defender ui again while not connected to the internet so we can see if it boosts protection when not connected to the internet. Thanks leo!
We had an issue where the hackers set up fake accounts impersonating top level managers in our university and was ask to check over the attached reports etc. literally swapped a letter in the email address so it was hard to spot
I'm getting in to cybersecurity this is getting out of control
Don’t forget the MS Defender warning plastered on your screen that leads to download of Connectwise.
Will you make a video on Kaspersky getting banned from the US?
On a phone, i think it's even worse! I have on my phone a collection of viruses. Until two months ago, i didn't realised it, never thought that Chrome or Google Drive, nor other trusted platforms like Facebook or UA-cam could contain viruses. I was so wrong! What i find outrageous, is that there are no lows to forbid malware advertising. The laws are too acceptable and don't really try to combat black hackers.
@@koreyb maybe battery draining really fast and overheating
@@koreyb Few examples, starting with the begining: after factory reset, i was putting back the back up for Whatsapp and few other apps, without knowing how actualy a back-up must be done. Moreover, gmail adress on active Chrome. Therefore, phone memory was reaching 90% usage, in one or two weeks. I had looong time using my phone at 1% free space, wondering what is ocupying so much memory. One day i was lucky to clean itself quite alot of space(2 GB) and it was the moment that opened my eyes and attention to my phone.
While i was deleting files, memory was increasing, not decreasing. I still have some weird files that are being sended from my phone. It is recording what i am setting, what i am speaking, what i am writing, what photos i am taking and send reports through Whatsapp. Is that virus related directly or inditectly to Whatsapp, i don't know yet.
When i was using my emails, my phone agenda was free to use... And i was receiving phone calls from countries i have nothing to do with.
My mom received a foreign call too, this is how i realised that she had it from my hacked phone.
I noticed that is upgrading some things, in accordance with my actions or settings.
Safe mode is not working on my phone anymore, therefore i consider it a trash. In the next future, i will use it only to exercise my own custom made Android.
I believe i have a spyware, a worm and a physhing kind on my phone, my gmail adress and Google Drive.
Chrome on phone is useless. Use Brave
are apple pcs safe from these phishing emails ? I'm new to all this and was under the assumption that when a mass email attack is created it can only be executable on a single type of OS
Depends on what type of attack was done. If it’s in the browser it doesnt really matter the OS. Those browser attacks are increasingly common due to it. If it’s an executable that runs on a PC then the program needs to be designed for either Windows or Mac.
If you install random cracked software and games you might as well use a VM where you store no passwords or data for it and keep your main system clean
Broski it doesn't even have any sort of performance
i was on a sketch site and it was opening new tabs every time i clicked. then one time i missed the x and it opened like 20 tabs at once and made em move. then they all went away. i left the site and cleared my history could i possibly have a virus? I'm very paranoid.
Can you look into the copy fix malware that's been plaguing some wordpress-made websites?
Could you please do a video like this but extend it so it would incorporate the whole context that include consumer-grade user security? So we can learn not only how we are hacked but also how and what our lines of defenses act and can do for us, so that we can learn to defend ourselves and set up a healthy security hygiene on our systems and network, and be able to recognize a healthy secure network and pc environment, because I honestly don’t even know if everything I’ve done to achieve this is even effective or not, and have no idea how to determine this in any way. Could it please incorporate password/account security also. There is not a single guide or explanation that covers the topic as a whole and I believe many people would want to see something like this and that is an increasingly necessity in this time.
If I do a full reinstall of windows will it remove viruses?
monitor the network traffic in the upcoming vids
Additionally, the bbc URL is sus, because BBC doesn't use that domain.
Our company got outlook mail scanner on a server itself and for 3 years i only got a few of those mails. All of the links were wrapped in MS ones so they stopped working after a minute or so.
Usually system is just annoying, because it's quite slow in checking attachments. There were even advisement to just attach Onedrive documents to speed up the process.
Honestly that's kind of the better idea. Disallow receiving attachments entirely (sending only for outside network emails, for customers) and just make the company use a private file share. Unless someone gets into the file share, no risk of being impersonated. Just send a "Okay I left it in [dir] of fileshare"
@@Aura_Mancer it's actually way more seamless. You just attach files from OneDrive and they appear as attachments. I don't usually send files and if i do i use Teams.
Overall, it's a nice idea, maybe there are some similar policies exist.
On another note, Google drive is blocked and i know it used in malware attacks a lot. Paired with dummy files, virus could escape AV scans.
Hii The Pc Security
I just bought a used computer, from a random guy, who helped me set it up, and everything in my apartment. But suddenly after 1-2 weeks, it start to crash many times with a blue screen telling “some thing could not be proceded” the guy suddenly stopped answering my messages, I was out of hope, and then choose to reset my pc to factory new, and now i am afraid if i am hacked, what should i do?
I absolutely loved this video, I was wondering the steps that we should take BEFORE we get hacked, to fully proof ourselves
Got to love that Star Trek style Red Alert System Hacked screen.
I've read recently, in USA they have banned Kaspersky
simple solution: only use pigeons and ravens for communication
Hi,my collegues lately are saying that you can get virus by just simply watching videos(autoplay on hover,previews,shorts,videos) on youtube even without clicking on anything.
I know question might be stupid but i am still wondering
I legit ignore 90% of the emails at work. If something is super important it will be brought up on a meeting or a teams chat. I have most things filtered out except for emails from the boss and grandboss along with IT all of which gets filtered a bolded so it becomes obvious who it is coming from. There have legit been internal PEN testing where I completely missed the email that was sent to me to because again I skip most of what comes into my inbox.
Great video as a reminder of how you can be attacked. Suggestion: Do a movie review of "Blackhat" with Chris Hemsworth!! Maybe a few other cyber movies would be fun as well. It would be interesting to hear from you what is real and not and why! Thanks
He great channel, good content! Curious what do you use as a main machine from an OS perspective? Are you a windows user?
you should focus on methods of verifying true message sender when message is suspicious.
Thought someone was banging on my door in the beginning lol
Could you please do a video on the kaspersky ban in the US? Also, i saw somewhere if you have the product installed you will stop recieving updates at the end of september. However i saw somewhere else claiming you would still be allowed to update until the products expiration.
Also if possible, could you do a video on how to completely uninstall kaspersky? I have had to uninstall and reinstall Antivirus software before and it was not as simple as selecting uninstall in add/remove programs. It was kinda complicated you also had to download another program to completely uninstall it.
Just clicking into a malicious link in the email will get you hacked?
Now that Kaspersky's is being banned here in the US, which would be a better option? Bitdefender or Mywarebytes?
Neither, Eset is a better option than both
@@nutellaguyau Thx.
What about these games ads that says that if u download u get 100 dollar sent to your PayPal are they phishing tools
And the internet provider in cahoots with malicious hackers to send malicious windows updates.
Hello friends, I did a fool and I installed a plugin with crack 2 days ago, but although there was no virus, my instagram went away today (I got it back) and I changed the passwords of my computer formats and main e-mails in the morning, but when I opened the exe, they sold the items from steam now because they accessed all the cookies or tokens and sent a message to everyone from discord.
What do you recommend as a solution, if I change the password of all my accounts one by one, will the problem be solved? Or did a virus that didn't even go with the format entered my computer?
This cookie thing howver it works
I think its a specific format of file that the stealer well steals
Couldn't one write some code to inject or append their cookies for a specific session to include their own malware that identities the ip address it was sent to? Kinda like hey i found your cookie jar..
Sorry i have zero actual hacking skills but my thinking has had our security team laughing at me 60% of the time and the rest checking if such tools or methods exist or could work. Any actual ppl with IT skills would be appreciated for my next great idea 💡❤
Cookies nowadays are encrypted in transit (HTTPS). Even if an attacker finds your cookies through a packet sniffer, they can't actually decrypt the plaintext within them (or modify the contents within the cookie aka cookie poisoning). Something similar to the attack you're referring to does exist though. CSRF (Cross-Site Request Forgery) attacks exploit the trust that a user has with a web application. With a little bit of social engineering, an attacker could trick the user into executing malicious actions on a web application in which they're already authenticated.
Can you do a video comparison of kaspersky free vs bitdefender free vs windows defender?
Kaspersky has been banned in the US as of a few days ago, doesn't apply to all people but still a decent chunk of the English speaking language.
make a video about Kaspersky antivirus getting banned in the US
What's your take on the US banning Kaspersky?
Education is the best security.
I don’t like when strangers grab my cookies !!! 😂
Help 4/6 of my precious hard drives are self replicating viruses everywhere I managed to unbrick my zenfone 3 the other day by flashing like 50 different zip file combinations till I got it but I had to take everything off my computer i plug in for it to transfer on a new temp os and i can't lose any more data I have terabytes of precious files I'm too scared to unmount another drive and even run anti-virus against it any advice help
Pls make a video about kaspersky ban
Simplest way to prevent your computer from getting hacked (Windows only)
Just run any Video Game in the background that has Kernel Level Anticheat. 10/10 never get hacked. Because the hacker's access is immediately detected by Anticheat as malicious.
Real or joke?
@@armanis1234 based on my own experience in the past 6 years, real I'd say.
Because anticheat can prevent anything that Hackers usually attempt to do on victim's Computer. Again, this is only applicable to Windows, and, Kernel Level Anticheat.
Yes I go to shady websites all the time. Nothing bad happened so far
@@ClayWheeler Um, hate to break it to you but the anticheat would just ban you from the game (even if it did detect anything), its not gonna stop you from being hacked.
The anticheat will be looking for processes that try and interfere with the game itself and does not give two shits about what else happens on your machine.
Just going to a website cant get you hacked if you use a modern browser with a modern operating system (EDIT: Also you have windows defender).
You dropped your tinfoil hat, Sir.
@@sylussquared9724 who's gonna tell this person there are plenty of video games with Kernel Level anticheat that allows the game to run without the user being Logged in.
U should do a vid on the kaspersky ban and alternatives for those who have it
Can you please tell the method of spoofing the email
I'm sorry, but none of these apply to my laptop which has OpenBSD, neither to my gaming machine which runs Alpine Linux.
Did BBC seriously have a poor DMARC config?
Keep in mind malware doesn't come just in .exe formats. DLLs can be as dangerous.
can you make a video about which os is most secure? LINUX, MAC, WINDOWS and aslo mobile OS - IOS and ANDROID
1:11 Sir/Madam 💀
How to tell someone is a bot, lmao.
A hacker could put you on their network and hack you. They can register your home to their domain and hack everything in your house that has wifi. They can install wifi cameras in your house and watch you.
Nothing about Kaspersky?
Tip: just send all your email to the junk folder first
So basically, it's just Human Error.
Sure, but pretty much anything can be boiled down to that in regards to technology, even flaws in code that lead to vulnerabilities
Maybe you could do a video or a live stream of the proverbial fool. Where you just go click on random shit until the virtual machine shuts down.😂
Could you do something on android vunerabilities.
Which is best anti virus,i use Kaspersky is it safe ?
Osint really got involved and got attention, bad for the PUPs, the PUPs are like puppies, you love them, you make them monster. Sometimes you have to be drama queen for the pups :(
How about rootkits? How to uninstall them?
damn that star trek virus popup is so rad
What is the solution.
Thank you!!!
I miss ZERO sleep knowing Norton has me
It won't help you with phishing
what is vars total?
2:55, really @UA-cam? "Meet Ukrainian Women"?
They always use stupidity.
He goes through it a little too fast to help beginners, though it contains useful information.
man only people that fall for this stuff is like kids, and old people.
You build a r7 7800x3D AM5 System with dominator RAM and a 850W psu = you are hacked.
Even though? I think they want to play hackerman