I wish some white hats made "fake malwares". Like you open some random ".exe" / random mail like the BBC mail you showed, but instead of hacking you, it opens a scary message saying "You could have been hacked" and explains how it would have done it and how to proctect yourself from this.
that would be considered grey hat hacking. attacking websites and larger systems in order to try to help their security used to be more common before bug bounties became a thing. good thing too, because generally the people who got hacked are not grateful for the lesson 😂
One variation of this that I've seen is security teams in companies sending out fake scam emails and if you click on any of the links you are redirected to their security training course.
The best protection. Trust no random shit being sent to you which you do not expect to recieve. If a company or a person you know seems to have messaged or mailed you. Call them and verify the email sender address and content etc. If you dont know the company / person it is shit you dont need in your life = delete, block and ignore.
Yeah Ive had this very discussion with my boomer parents a few times. Getting them schooled about the computer world was a monumental task. It almost broke me a few times, but if it didnt kill me it made me stronger. Right? ;)
This is literally the same advice that we were giving in the 90s. Even through the IE/activeX days, it was always easier to spam email netbus to people who thought they'd just won some prize.
The spoofed email, in my limited experience with them, isn't foolproof. If you look at the message header information you can usually see that it wasn't actually sent from whatever is in the From address. I have yet to encounter one with the header information spoofed, that I know of. I did have one suspicious email, which came from what appeared to be and actual companies email server. I forwarded email to the companies support email address and told them it looked like their email server may have been hacked. They said the email wasn't legit. I don't know if they were hacked or if someone may have actually spoofed the email header info.
I once got email from myself. Gmail flagged it as a spam and warned that sender is most likely spoofed, something wrong with signing certificate, it wasn't Google's one.
My friend got one of those files that require email and password. So what he did is he made a script that submits random data to bloat the hacker's database. Good shit.
Company I'm working at, sends us phishing emails and if you click it, you'll have to do a 1 hour online training. I must day it's working and now I have PTSD
This is quite common. But the funny thing is even though the employees know that these phishing tests are routinely used, they still click on the content rather than report the suspect message.
They probably assume its better to report if if there's nothing there for them (if it "is" phishing) whilst maybe they get paid whilst doing the test still, so less work for them each time it happens.
How about when the phishing awareness emails are all "YoU"ve WoN a PrI$E" But then the CTO and HR actually send "Click this link" emails regularly. Lol.
@@petyrbaelish007 not all of us boomers are stupid . The only reason I'm not a hacker is because I know even the best of them get caught unless they are in a foreign country . Plus it is kind of tedious and boring . More suitable for 11 yr olds
Seeing a twitter DM made me remember that I dodged a bullet with someone who claimed they made a social website and DMed me for obvious reasons. The other thing is I report videos of cheats and cracks when spotted.
I think so. I've read articles about Temu or IG and Facebook having access to your files, location, mic etc. Has anyone done a video breaking down how they do it, what they collect and how it Should be illegal? Accepting terms and conditions that are intentionally long and confusing shouldn't be enough to absolve them from responsibility.
Thanks for the information. If there is anyone who really deserves to get some recognition and appreciation for all the work and time spent on informing it's followers it's you. Congratulations on the 500K!
Great video as always. Would you maybe be willing to make one about alternatives now that Kaspersky gets banned in different places. I always used it and in my opinion (and seeing your tests) its the best throughout, especially among the free ones.
@@npc.ouffa- bc if youre just browsing the web and interacting with safe stuff you can just use windows defender like you think youre getting protected while sitting around though your not gonna get infected anyway as if you trying to get better at detecting viruses yourself you can actually prevent getting infected when downloading stuff
Crazy, as I watch this I get a message saying my package wasn't delivered because there was no address on it and had a link at the bottom of the message . Blocked
DMARC configurations helps but it isn't the silver bullet. When you get into it, one quickly finds out the practical setting is "soft fail" which means someone spoofing your domain will be sent to recipients junk box instead of the trash. This gives employees the opportunity to see the email and from that they make the decision on what happens next.
I've seen a malware that injects js code encrypted as base64 through emails, but the catch is: you just need to open the email, the encrypted JS does the rest. No link, no response, nothing, just opening the email will inject the code.
Wow. Where do you find such things and how do I understand it? I really just need to know the method of attack and not the code cos I wouldn't understand it anyway
@@dinom3106 If you want to create a malware similar to what I've said, you need to learn base64 encoding/encrypting. So you will create the code/malware and then encrypt on base64. The code will "run disguised" as base64, and the email protection and security won't check the code for malicious methods, but you need to make the code to avoid certain security measures.
Great video as a reminder of how you can be attacked. Suggestion: Do a movie review of "Blackhat" with Chris Hemsworth!! Maybe a few other cyber movies would be fun as well. It would be interesting to hear from you what is real and not and why! Thanks
Could you please do a video like this but extend it so it would incorporate the whole context that include consumer-grade user security? So we can learn not only how we are hacked but also how and what our lines of defenses act and can do for us, so that we can learn to defend ourselves and set up a healthy security hygiene on our systems and network, and be able to recognize a healthy secure network and pc environment, because I honestly don’t even know if everything I’ve done to achieve this is even effective or not, and have no idea how to determine this in any way. Could it please incorporate password/account security also. There is not a single guide or explanation that covers the topic as a whole and I believe many people would want to see something like this and that is an increasingly necessity in this time.
Hey leo i saw your testing of windows defender while using defender Ui. I was wondering if you could do a video testing with defender ui again while not connected to the internet so we can see if it boosts protection when not connected to the internet. Thanks leo!
On a phone, i think it's even worse! I have on my phone a collection of viruses. Until two months ago, i didn't realised it, never thought that Chrome or Google Drive, nor other trusted platforms like Facebook or RUclips could contain viruses. I was so wrong! What i find outrageous, is that there are no lows to forbid malware advertising. The laws are too acceptable and don't really try to combat black hackers.
@@koreyb Few examples, starting with the begining: after factory reset, i was putting back the back up for Whatsapp and few other apps, without knowing how actualy a back-up must be done. Moreover, gmail adress on active Chrome. Therefore, phone memory was reaching 90% usage, in one or two weeks. I had looong time using my phone at 1% free space, wondering what is ocupying so much memory. One day i was lucky to clean itself quite alot of space(2 GB) and it was the moment that opened my eyes and attention to my phone. While i was deleting files, memory was increasing, not decreasing. I still have some weird files that are being sended from my phone. It is recording what i am setting, what i am speaking, what i am writing, what photos i am taking and send reports through Whatsapp. Is that virus related directly or inditectly to Whatsapp, i don't know yet. When i was using my emails, my phone agenda was free to use... And i was receiving phone calls from countries i have nothing to do with. My mom received a foreign call too, this is how i realised that she had it from my hacked phone. I noticed that is upgrading some things, in accordance with my actions or settings. Safe mode is not working on my phone anymore, therefore i consider it a trash. In the next future, i will use it only to exercise my own custom made Android. I believe i have a spyware, a worm and a physhing kind on my phone, my gmail adress and Google Drive.
It's probably just a fake message, nothing got hacked and it's just a phishing web page that tries to scare you and trick you into thinking you got hacked from clicking the link.
If you install random cracked software and games you might as well use a VM where you store no passwords or data for it and keep your main system clean
I know you've touched on Windows Security couple of times, but what do you think; does a casual user who only browses RUclips and check email need a paid AV? Or is the built-in security enough.
eh probably fine, just be wary of potential phishing emails and DMs really. some free AVs like norton and avast are actually more hurtful than anything
For me I stick with just defender. As long as you're not doing anything out of the ordinary (running files from unknown sites, or submitting details to sites you haven't checked are real, etc) you should be fine.
are apple pcs safe from these phishing emails ? I'm new to all this and was under the assumption that when a mass email attack is created it can only be executable on a single type of OS
Depends on what type of attack was done. If it’s in the browser it doesnt really matter the OS. Those browser attacks are increasingly common due to it. If it’s an executable that runs on a PC then the program needs to be designed for either Windows or Mac.
Hi,my collegues lately are saying that you can get virus by just simply watching videos(autoplay on hover,previews,shorts,videos) on youtube even without clicking on anything. I know question might be stupid but i am still wondering
Osint really got involved and got attention, bad for the PUPs, the PUPs are like puppies, you love them, you make them monster. Sometimes you have to be drama queen for the pups :(
Could you please do a video on the kaspersky ban in the US? Also, i saw somewhere if you have the product installed you will stop recieving updates at the end of september. However i saw somewhere else claiming you would still be allowed to update until the products expiration. Also if possible, could you do a video on how to completely uninstall kaspersky? I have had to uninstall and reinstall Antivirus software before and it was not as simple as selecting uninstall in add/remove programs. It was kinda complicated you also had to download another program to completely uninstall it.
Simplest way to prevent your computer from getting hacked (Windows only) Just run any Video Game in the background that has Kernel Level Anticheat. 10/10 never get hacked. Because the hacker's access is immediately detected by Anticheat as malicious.
@@armanis1234 based on my own experience in the past 6 years, real I'd say. Because anticheat can prevent anything that Hackers usually attempt to do on victim's Computer. Again, this is only applicable to Windows, and, Kernel Level Anticheat. Yes I go to shady websites all the time. Nothing bad happened so far
@@ClayWheeler Um, hate to break it to you but the anticheat would just ban you from the game (even if it did detect anything), its not gonna stop you from being hacked. The anticheat will be looking for processes that try and interfere with the game itself and does not give two shits about what else happens on your machine. Just going to a website cant get you hacked if you use a modern browser with a modern operating system (EDIT: Also you have windows defender).
@@sylussquared9724 who's gonna tell this person there are plenty of video games with Kernel Level anticheat that allows the game to run without the user being Logged in.
Hii The Pc Security I just bought a used computer, from a random guy, who helped me set it up, and everything in my apartment. But suddenly after 1-2 weeks, it start to crash many times with a blue screen telling “some thing could not be proceded” the guy suddenly stopped answering my messages, I was out of hope, and then choose to reset my pc to factory new, and now i am afraid if i am hacked, what should i do?
i was on a sketch site and it was opening new tabs every time i clicked. then one time i missed the x and it opened like 20 tabs at once and made em move. then they all went away. i left the site and cleared my history could i possibly have a virus? I'm very paranoid.
We had an issue where the hackers set up fake accounts impersonating top level managers in our university and was ask to check over the attached reports etc. literally swapped a letter in the email address so it was hard to spot
I run my browser in a sandbox (Sandboxie) ... I tested it years ago against hundreds of malware and it kept my PC from being infected 100% of the time. The Sandbox was infected but not my PC. If I go to a banking website or if I visit a wesite like Amazon, I delete the sandbox and restart my PC, then create a new sandbox. Also...If a hacker gets my authentication tokens, don't the tokens disappear when I shut down the PC and then regenerate new ones when I log back in? I can that if you are the type who never shuts down their PC this could be a problem.
As far as login tokens, deleting the sandbox would delete the tokens but it wouldn't make them inactive/useless. You'd want to log out from the site itself and hope it actually makes them no longer valid rather than just removing them from your browser.
Bearer tokens (like OAuth2.0 access tokens in the form of JWTs) do not "die" until the timestamp expires and so (depending on the website in question) could be used to access a backend API even if you have logged out of the front-end application. For example, if the API consuming the access token is just validating the timestamp and signature (and does not send the token back to the issuer to confirm it is still valid), then the attacker might have a small window of usefulness before the token expires.
Our company got outlook mail scanner on a server itself and for 3 years i only got a few of those mails. All of the links were wrapped in MS ones so they stopped working after a minute or so. Usually system is just annoying, because it's quite slow in checking attachments. There were even advisement to just attach Onedrive documents to speed up the process.
Honestly that's kind of the better idea. Disallow receiving attachments entirely (sending only for outside network emails, for customers) and just make the company use a private file share. Unless someone gets into the file share, no risk of being impersonated. Just send a "Okay I left it in [dir] of fileshare"
@@Aura_Mancer it's actually way more seamless. You just attach files from OneDrive and they appear as attachments. I don't usually send files and if i do i use Teams. Overall, it's a nice idea, maybe there are some similar policies exist. On another note, Google drive is blocked and i know it used in malware attacks a lot. Paired with dummy files, virus could escape AV scans.
1 question, how to protect against these? Dirty electricity can be corrected using AC to DC to DC to AC. Water can be purified. So, there is surely a way how to protect ourselves online.
This cookie thing howver it works I think its a specific format of file that the stealer well steals Couldn't one write some code to inject or append their cookies for a specific session to include their own malware that identities the ip address it was sent to? Kinda like hey i found your cookie jar.. Sorry i have zero actual hacking skills but my thinking has had our security team laughing at me 60% of the time and the rest checking if such tools or methods exist or could work. Any actual ppl with IT skills would be appreciated for my next great idea 💡❤
Cookies nowadays are encrypted in transit (HTTPS). Even if an attacker finds your cookies through a packet sniffer, they can't actually decrypt the plaintext within them (or modify the contents within the cookie aka cookie poisoning). Something similar to the attack you're referring to does exist though. CSRF (Cross-Site Request Forgery) attacks exploit the trust that a user has with a web application. With a little bit of social engineering, an attacker could trick the user into executing malicious actions on a web application in which they're already authenticated.
Hello friends, I did a fool and I installed a plugin with crack 2 days ago, but although there was no virus, my instagram went away today (I got it back) and I changed the passwords of my computer formats and main e-mails in the morning, but when I opened the exe, they sold the items from steam now because they accessed all the cookies or tokens and sent a message to everyone from discord. What do you recommend as a solution, if I change the password of all my accounts one by one, will the problem be solved? Or did a virus that didn't even go with the format entered my computer?
I legit ignore 90% of the emails at work. If something is super important it will be brought up on a meeting or a teams chat. I have most things filtered out except for emails from the boss and grandboss along with IT all of which gets filtered a bolded so it becomes obvious who it is coming from. There have legit been internal PEN testing where I completely missed the email that was sent to me to because again I skip most of what comes into my inbox.
Help 4/6 of my precious hard drives are self replicating viruses everywhere I managed to unbrick my zenfone 3 the other day by flashing like 50 different zip file combinations till I got it but I had to take everything off my computer i plug in for it to transfer on a new temp os and i can't lose any more data I have terabytes of precious files I'm too scared to unmount another drive and even run anti-virus against it any advice help
A hacker could put you on their network and hack you. They can register your home to their domain and hack everything in your house that has wifi. They can install wifi cameras in your house and watch you.
I'm 100% safe with McAfee.
Hope your joking
macoffee
@@Picachumaster6no. McAfee is the best AV system. Everyone who follows this channel known that!
His spirit is trapped in my PC. He protects me 24/7 from the technoheretics. Praise McAfee 🤖🙏.
💀
Don't forget kids, the real Goku won't ask for your parents credit card information.
No? Fuck, too late. Already send 2k to send back goku from Namek.
hmm why not?
"Hey, it's me, Goku, what's your login info?"
@@danielbaker1248😂
Debatable
[Switches off computer and goes to live in the woods...]
The further you get into cyber sec the more you realise this is the only way
Malware and official software aren't so different in most cases.
The tree's have eyes
So you want to be infected by a real virus.
No where is safe.
Becomes Amish
I wish some white hats made "fake malwares". Like you open some random ".exe" / random mail like the BBC mail you showed, but instead of hacking you, it opens a scary message saying "You could have been hacked" and explains how it would have done it and how to proctect yourself from this.
Liability issues, most likely :(
thats an interesting idea
that would be considered grey hat hacking. attacking websites and larger systems in order to try to help their security used to be more common before bug bounties became a thing. good thing too, because generally the people who got hacked are not grateful for the lesson 😂
@@xenostimI'd be grateful as long as it got removed lol
One variation of this that I've seen is security teams in companies sending out fake scam emails and if you click on any of the links you are redirected to their security training course.
The best protection. Trust no random shit being sent to you which you do not expect to recieve.
If a company or a person you know seems to have messaged or mailed you. Call them and verify the email sender address and content etc.
If you dont know the company / person it is shit you dont need in your life = delete, block and ignore.
Yeah Ive had this very discussion with my boomer parents a few times. Getting them schooled about the computer world was a monumental task. It almost broke me a few times, but if it didnt kill me it made me stronger. Right? ;)
@@petyrbaelish007 nietzsche never had to teach his grandma how to use facebook
@@petyrbaelish007
This is literally the same advice that we were giving in the 90s.
Even through the IE/activeX days, it was always easier to spam email netbus to people who thought they'd just won some prize.
I, ignore
the fact that the ad blocker got installed by an ad made me lose it
The spoofed email, in my limited experience with them, isn't foolproof. If you look at the message header information you can usually see that it wasn't actually sent from whatever is in the From address. I have yet to encounter one with the header information spoofed, that I know of. I did have one suspicious email, which came from what appeared to be and actual companies email server. I forwarded email to the companies support email address and told them it looked like their email server may have been hacked. They said the email wasn't legit. I don't know if they were hacked or if someone may have actually spoofed the email header info.
I believe one of the anti India scammer or cyber security youtube channels has it happened to them.
I once got email from myself. Gmail flagged it as a spam and warned that sender is most likely spoofed, something wrong with signing certificate, it wasn't Google's one.
I swear that "System hacked" page design was taken from a video game but I can't remember which.
It's from Star Trek films actually.
@@adalwolf8328 Oh, I didn't know
It's Putin's homepage.
Advanced Warfare
It's Pac-Man
We an employee that refused to report entering her credentials in that file and 3 weeks later it was too late we got hit by ransomware
L
My friend got one of those files that require email and password. So what he did is he made a script that submits random data to bloat the hacker's database. Good shit.
Your friend thinks like me but With actual coding skills 😂
Company I'm working at, sends us phishing emails and if you click it, you'll have to do a 1 hour online training.
I must day it's working and now I have PTSD
This is quite common. But the funny thing is even though the employees know that these phishing tests are routinely used, they still click on the content rather than report the suspect message.
They probably assume its better to report if if there's nothing there for them (if it "is" phishing) whilst maybe they get paid whilst doing the test still, so less work for them each time it happens.
Sounds like a smart idea.
How about when the phishing awareness emails are all "YoU"ve WoN a PrI$E" But then the CTO and HR actually send "Click this link" emails regularly. Lol.
Very informative. Thank you for posting 😊
I showed this to my 11 year old.
My 71 year old is the one that truly has trouble getting this stuff.
@@petyrbaelish007 you mean the 71 yr old son of the guy that invented the internet ? ya right
@@edwardmacnab354 No I mean my boomer dad.
@@petyrbaelish007 not all of us boomers are stupid . The only reason I'm not a hacker is because I know even the best of them get caught unless they are in a foreign country . Plus it is kind of tedious and boring . More suitable for 11 yr olds
@@edwardmacnab354 I never said anyone was dumb.
Seeing a twitter DM made me remember that I dodged a bullet with someone who claimed they made a social website and DMed me for obvious reasons.
The other thing is I report videos of cheats and cracks when spotted.
Are you going to talk about Kaspersky getting banned?
Yup, it is next on my list.
@@pcsecuritychannel don't know what to do as I bought a year of licence from kaspersky 😢. They do a fantastic antivirus
I use Kaspersky but if it’s getting banned, I’ll have to find another to use. Windows Defender would probably be good enough for my purposes
Its just politics
@@tpd1864blake I'm trying to make up my mind between Bitdefender or Mywarebytes.
2:40 correction: the social media platforms ARE the malware THEMSELVES
Kind of like the old Bonzi Buddy...they're just so much fun that we willingly use that malware!
I think so. I've read articles about Temu or IG and Facebook having access to your files, location, mic etc.
Has anyone done a video breaking down how they do it, what they collect and how it Should be illegal?
Accepting terms and conditions that are intentionally long and confusing shouldn't be enough to absolve them from responsibility.
Thanks for the information. If there is anyone who really deserves to get some recognition and appreciation for all the work and time spent on informing it's followers it's you.
Congratulations on the 500K!
I ain't clicking no link in a YT description! Mama Leo didn't raise no fool!
Got to love that Star Trek style Red Alert System Hacked screen.
I live when videos start straight to the point
Honestly its also a good idea to contact customer service of what ever program ur using. To double check if they've sent an email to you.
simple solution: only use pigeons and ravens for communication
Great video as always. Would you maybe be willing to make one about alternatives now that Kaspersky gets banned in different places. I always used it and in my opinion (and seeing your tests) its the best throughout, especially among the free ones.
You have such a soothing voice man!
Tell us about dynamic/behavior monitoring in open source world please.
I would like to know as well, he brought it up and didn’t provide examples.
can u make a vid about anti-virus and firewalls tier list
Yes plz
Common Sense and Intelligence are S tier for sure
They are not gonna protect you
@@PittGG why?
@@npc.ouffa- bc if youre just browsing the web and interacting with safe stuff you can just use windows defender
like you think youre getting protected while sitting around though your not gonna get infected anyway
as if you trying to get better at detecting viruses yourself you can actually prevent getting infected when downloading stuff
I absolutely loved this video, I was wondering the steps that we should take BEFORE we get hacked, to fully proof ourselves
Crazy, as I watch this I get a message saying my package wasn't delivered because there was no address on it and had a link at the bottom of the message .
Blocked
"Wow, malware, this is great I mean... this is... great"
^installs everything that pops up
I'm getting in to cybersecurity this is getting out of control
DMARC configurations helps but it isn't the silver bullet. When you get into it, one quickly finds out the practical setting is "soft fail" which means someone spoofing your domain will be sent to recipients junk box instead of the trash. This gives employees the opportunity to see the email and from that they make the decision on what happens next.
Depends how you configure it using spam is best option as fail usually fails when your email is actually legitimate
Don’t forget the MS Defender warning plastered on your screen that leads to download of Connectwise.
I've seen a malware that injects js code encrypted as base64 through emails, but the catch is: you just need to open the email, the encrypted JS does the rest. No link, no response, nothing, just opening the email will inject the code.
Wow. Where do you find such things and how do I understand it? I really just need to know the method of attack and not the code cos I wouldn't understand it anyway
@@dinom3106 If you want to create a malware similar to what I've said, you need to learn base64 encoding/encrypting. So you will create the code/malware and then encrypt on base64. The code will "run disguised" as base64, and the email protection and security won't check the code for malicious methods, but you need to make the code to avoid certain security measures.
But Gmail doesn’t support JavaScript so surely that’s not a problem nowadays?
So basically, it's just Human Error.
Sure, but pretty much anything can be boiled down to that in regards to technology, even flaws in code that lead to vulnerabilities
did you hear about the Kaspersky ban in the US? Opinions?
Great video as a reminder of how you can be attacked. Suggestion: Do a movie review of "Blackhat" with Chris Hemsworth!! Maybe a few other cyber movies would be fun as well. It would be interesting to hear from you what is real and not and why! Thanks
Thought someone was banging on my door in the beginning lol
Could you please do a video like this but extend it so it would incorporate the whole context that include consumer-grade user security? So we can learn not only how we are hacked but also how and what our lines of defenses act and can do for us, so that we can learn to defend ourselves and set up a healthy security hygiene on our systems and network, and be able to recognize a healthy secure network and pc environment, because I honestly don’t even know if everything I’ve done to achieve this is even effective or not, and have no idea how to determine this in any way. Could it please incorporate password/account security also. There is not a single guide or explanation that covers the topic as a whole and I believe many people would want to see something like this and that is an increasingly necessity in this time.
monitor the network traffic in the upcoming vids
1:11 Sir/Madam 💀
How to tell someone is a bot, lmao.
Hey leo i saw your testing of windows defender while using defender Ui. I was wondering if you could do a video testing with defender ui again while not connected to the internet so we can see if it boosts protection when not connected to the internet. Thanks leo!
Will you make a video on Kaspersky getting banned from the US?
On a phone, i think it's even worse! I have on my phone a collection of viruses. Until two months ago, i didn't realised it, never thought that Chrome or Google Drive, nor other trusted platforms like Facebook or RUclips could contain viruses. I was so wrong! What i find outrageous, is that there are no lows to forbid malware advertising. The laws are too acceptable and don't really try to combat black hackers.
@@koreyb maybe battery draining really fast and overheating
@@koreyb Few examples, starting with the begining: after factory reset, i was putting back the back up for Whatsapp and few other apps, without knowing how actualy a back-up must be done. Moreover, gmail adress on active Chrome. Therefore, phone memory was reaching 90% usage, in one or two weeks. I had looong time using my phone at 1% free space, wondering what is ocupying so much memory. One day i was lucky to clean itself quite alot of space(2 GB) and it was the moment that opened my eyes and attention to my phone.
While i was deleting files, memory was increasing, not decreasing. I still have some weird files that are being sended from my phone. It is recording what i am setting, what i am speaking, what i am writing, what photos i am taking and send reports through Whatsapp. Is that virus related directly or inditectly to Whatsapp, i don't know yet.
When i was using my emails, my phone agenda was free to use... And i was receiving phone calls from countries i have nothing to do with.
My mom received a foreign call too, this is how i realised that she had it from my hacked phone.
I noticed that is upgrading some things, in accordance with my actions or settings.
Safe mode is not working on my phone anymore, therefore i consider it a trash. In the next future, i will use it only to exercise my own custom made Android.
I believe i have a spyware, a worm and a physhing kind on my phone, my gmail adress and Google Drive.
Chrome on phone is useless. Use Brave
What happens when the timer runs out on that system hacked message?
The computer self-destructs with a full nuclear detonation wiping out everything in a 500 mile radius.
@@pcsecuritychannel dont let the CIA know that, they will use it
It's probably just a fake message, nothing got hacked and it's just a phishing web page that tries to scare you and trick you into thinking you got hacked from clicking the link.
🤣 lmao @@pcsecuritychannel
@@pcsecuritychannel ok kid. u dont need to overreact
If you install random cracked software and games you might as well use a VM where you store no passwords or data for it and keep your main system clean
Broski it doesn't even have any sort of performance
He great channel, good content! Curious what do you use as a main machine from an OS perspective? Are you a windows user?
Can you look into the copy fix malware that's been plaguing some wordpress-made websites?
If I do a full reinstall of windows will it remove viruses?
can you make a video about which os is most secure? LINUX, MAC, WINDOWS and aslo mobile OS - IOS and ANDROID
Additionally, the bbc URL is sus, because BBC doesn't use that domain.
Tip: just send all your email to the junk folder first
I know you've touched on Windows Security couple of times, but what do you think; does a casual user who only browses RUclips and check email need a paid AV? Or is the built-in security enough.
Not unless your network is somehow insecure
eh probably fine, just be wary of potential phishing emails and DMs really. some free AVs like norton and avast are actually more hurtful than anything
For me I stick with just defender. As long as you're not doing anything out of the ordinary (running files from unknown sites, or submitting details to sites you haven't checked are real, etc) you should be fine.
@@koreyb
@adalwolf8328 If you have any common sense with computers, yeah windows defender will do the job.
are apple pcs safe from these phishing emails ? I'm new to all this and was under the assumption that when a mass email attack is created it can only be executable on a single type of OS
Depends on what type of attack was done. If it’s in the browser it doesnt really matter the OS. Those browser attacks are increasingly common due to it. If it’s an executable that runs on a PC then the program needs to be designed for either Windows or Mac.
Hi,my collegues lately are saying that you can get virus by just simply watching videos(autoplay on hover,previews,shorts,videos) on youtube even without clicking on anything.
I know question might be stupid but i am still wondering
Osint really got involved and got attention, bad for the PUPs, the PUPs are like puppies, you love them, you make them monster. Sometimes you have to be drama queen for the pups :(
I don’t like when strangers grab my cookies !!! 😂
Could you please do a video on the kaspersky ban in the US? Also, i saw somewhere if you have the product installed you will stop recieving updates at the end of september. However i saw somewhere else claiming you would still be allowed to update until the products expiration.
Also if possible, could you do a video on how to completely uninstall kaspersky? I have had to uninstall and reinstall Antivirus software before and it was not as simple as selecting uninstall in add/remove programs. It was kinda complicated you also had to download another program to completely uninstall it.
Simplest way to prevent your computer from getting hacked (Windows only)
Just run any Video Game in the background that has Kernel Level Anticheat. 10/10 never get hacked. Because the hacker's access is immediately detected by Anticheat as malicious.
Real or joke?
@@armanis1234 based on my own experience in the past 6 years, real I'd say.
Because anticheat can prevent anything that Hackers usually attempt to do on victim's Computer. Again, this is only applicable to Windows, and, Kernel Level Anticheat.
Yes I go to shady websites all the time. Nothing bad happened so far
@@ClayWheeler Um, hate to break it to you but the anticheat would just ban you from the game (even if it did detect anything), its not gonna stop you from being hacked.
The anticheat will be looking for processes that try and interfere with the game itself and does not give two shits about what else happens on your machine.
Just going to a website cant get you hacked if you use a modern browser with a modern operating system (EDIT: Also you have windows defender).
You dropped your tinfoil hat, Sir.
@@sylussquared9724 who's gonna tell this person there are plenty of video games with Kernel Level anticheat that allows the game to run without the user being Logged in.
Education is the best security.
Hii The Pc Security
I just bought a used computer, from a random guy, who helped me set it up, and everything in my apartment. But suddenly after 1-2 weeks, it start to crash many times with a blue screen telling “some thing could not be proceded” the guy suddenly stopped answering my messages, I was out of hope, and then choose to reset my pc to factory new, and now i am afraid if i am hacked, what should i do?
Thank you!!!
i was on a sketch site and it was opening new tabs every time i clicked. then one time i missed the x and it opened like 20 tabs at once and made em move. then they all went away. i left the site and cleared my history could i possibly have a virus? I'm very paranoid.
We had an issue where the hackers set up fake accounts impersonating top level managers in our university and was ask to check over the attached reports etc. literally swapped a letter in the email address so it was hard to spot
I run my browser in a sandbox (Sandboxie) ... I tested it years ago against hundreds of malware and it kept my PC from being infected 100% of the time.
The Sandbox was infected but not my PC.
If I go to a banking website or if I visit a wesite like Amazon, I delete the sandbox and restart my PC, then create a new sandbox.
Also...If a hacker gets my authentication tokens, don't the tokens disappear when I shut down the PC and then regenerate new ones when I log back in?
I can that if you are the type who never shuts down their PC this could be a problem.
As far as login tokens, deleting the sandbox would delete the tokens but it wouldn't make them inactive/useless. You'd want to log out from the site itself and hope it actually makes them no longer valid rather than just removing them from your browser.
Bearer tokens (like OAuth2.0 access tokens in the form of JWTs) do not "die" until the timestamp expires and so (depending on the website in question) could be used to access a backend API even if you have logged out of the front-end application. For example, if the API consuming the access token is just validating the timestamp and signature (and does not send the token back to the issuer to confirm it is still valid), then the attacker might have a small window of usefulness before the token expires.
This is the information I was scrolling to find thank you 🎉 what about Microsoft Windows 11 sandbox app? Good enough?
As long as you don't log into anything you care about (so information stealers aren't an issue) that should be fine.
damn that star trek virus popup is so rad
Which is best anti virus,i use Kaspersky is it safe ?
you should focus on methods of verifying true message sender when message is suspicious.
I've read recently, in USA they have banned Kaspersky
Our company got outlook mail scanner on a server itself and for 3 years i only got a few of those mails. All of the links were wrapped in MS ones so they stopped working after a minute or so.
Usually system is just annoying, because it's quite slow in checking attachments. There were even advisement to just attach Onedrive documents to speed up the process.
Honestly that's kind of the better idea. Disallow receiving attachments entirely (sending only for outside network emails, for customers) and just make the company use a private file share. Unless someone gets into the file share, no risk of being impersonated. Just send a "Okay I left it in [dir] of fileshare"
@@Aura_Mancer it's actually way more seamless. You just attach files from OneDrive and they appear as attachments. I don't usually send files and if i do i use Teams.
Overall, it's a nice idea, maybe there are some similar policies exist.
On another note, Google drive is blocked and i know it used in malware attacks a lot. Paired with dummy files, virus could escape AV scans.
1 question, how to protect against these?
Dirty electricity can be corrected using AC to DC to DC to AC.
Water can be purified.
So, there is surely a way how to protect ourselves online.
U should do a vid on the kaspersky ban and alternatives for those who have it
Just clicking into a malicious link in the email will get you hacked?
Keep in mind malware doesn't come just in .exe formats. DLLs can be as dangerous.
What's your take on the US banning Kaspersky?
Pls make a video about kaspersky ban
Can you please tell the method of spoofing the email
Now that Kaspersky's is being banned here in the US, which would be a better option? Bitdefender or Mywarebytes?
Neither, Eset is a better option than both
@@nutellaguyau Thx.
My wife just won a company wide phishing derby. She got a $50 GC and 3D printed fish trophy. She even knocked the Senior IT guy out of 1st place 😂
This cookie thing howver it works
I think its a specific format of file that the stealer well steals
Couldn't one write some code to inject or append their cookies for a specific session to include their own malware that identities the ip address it was sent to? Kinda like hey i found your cookie jar..
Sorry i have zero actual hacking skills but my thinking has had our security team laughing at me 60% of the time and the rest checking if such tools or methods exist or could work. Any actual ppl with IT skills would be appreciated for my next great idea 💡❤
Cookies nowadays are encrypted in transit (HTTPS). Even if an attacker finds your cookies through a packet sniffer, they can't actually decrypt the plaintext within them (or modify the contents within the cookie aka cookie poisoning). Something similar to the attack you're referring to does exist though. CSRF (Cross-Site Request Forgery) attacks exploit the trust that a user has with a web application. With a little bit of social engineering, an attacker could trick the user into executing malicious actions on a web application in which they're already authenticated.
What about these games ads that says that if u download u get 100 dollar sent to your PayPal are they phishing tools
And the internet provider in cahoots with malicious hackers to send malicious windows updates.
Can you do a video comparison of kaspersky free vs bitdefender free vs windows defender?
Kaspersky has been banned in the US as of a few days ago, doesn't apply to all people but still a decent chunk of the English speaking language.
He goes through it a little too fast to help beginners, though it contains useful information.
What is the solution.
make a video about Kaspersky antivirus getting banned in the US
I'm sorry, but none of these apply to my laptop which has OpenBSD, neither to my gaming machine which runs Alpine Linux.
Hello friends, I did a fool and I installed a plugin with crack 2 days ago, but although there was no virus, my instagram went away today (I got it back) and I changed the passwords of my computer formats and main e-mails in the morning, but when I opened the exe, they sold the items from steam now because they accessed all the cookies or tokens and sent a message to everyone from discord.
What do you recommend as a solution, if I change the password of all my accounts one by one, will the problem be solved? Or did a virus that didn't even go with the format entered my computer?
Nothing about Kaspersky?
I legit ignore 90% of the emails at work. If something is super important it will be brought up on a meeting or a teams chat. I have most things filtered out except for emails from the boss and grandboss along with IT all of which gets filtered a bolded so it becomes obvious who it is coming from. There have legit been internal PEN testing where I completely missed the email that was sent to me to because again I skip most of what comes into my inbox.
I miss ZERO sleep knowing Norton has me
It won't help you with phishing
How about rootkits? How to uninstall them?
Help 4/6 of my precious hard drives are self replicating viruses everywhere I managed to unbrick my zenfone 3 the other day by flashing like 50 different zip file combinations till I got it but I had to take everything off my computer i plug in for it to transfer on a new temp os and i can't lose any more data I have terabytes of precious files I'm too scared to unmount another drive and even run anti-virus against it any advice help
great content
what is vars total?
man only people that fall for this stuff is like kids, and old people.
Could you do something on android vunerabilities.
Maybe you could do a video or a live stream of the proverbial fool. Where you just go click on random shit until the virtual machine shuts down.😂
You build a r7 7800x3D AM5 System with dominator RAM and a 850W psu = you are hacked.
A hacker could put you on their network and hack you. They can register your home to their domain and hack everything in your house that has wifi. They can install wifi cameras in your house and watch you.
Even though? I think they want to play hackerman