In a statement given by Tom Bossert, the homeland security adviser to the White House, blame for the WannaCry attacks leveraged from May 12th to the 15th in 2017 was attributed to the Democratic People’s Republic of Korea. This assertion is in line with the conclusions that New Zealand, Australia, Canada, and Japan have come to, according to Bossert.
QuestingHound Technology Partners Blog
While many might see having a credit card stolen as identity theft, this is an oversimplification that can prove dangerous. While credit card theft can be an element of identity theft, equating the two means that other forms of identity theft are overlooked. In today’s blog, we’ll go over why identity theft and credit card theft aren’t exactly the same thing, and what you can do to help keep your business safe from damage.
Google is taking steps to protect the data of a small group of its users who run the highest risk of experiencing a data breach or hack. This new service, the Advance Protection Program, shows promise in protecting the information that these select few can access.
There are many organizations in the world that simply can’t have cybercriminals and hackers interfering with their data. One of these organizations, CERN (whose acronym translates to the European Laboratory for Particle Physics) has far too powerful of a computer grid to allow hackers to access it. To keep it safe, CERN has deployed what may be the future of cybersecurity: artificial intelligence.
In the last few months, there have been several high-profile data security breaches that resulted in the theft of millions upon millions of non-public information records. Though much of the focus in the aftermath of the breaches was on personal identity theft and prevention, it’s important to keep in mind that not all the stolen data records target individuals. Business entities are also at risk. Vendors and partners that you do business with regularly will probably have record of your company’s non-public information, payment information, or tax ID number.
ATMs are, surprisingly enough, not the most secure pieces of technology out there, though there are efforts to improve security by taking advantage of mobile devices. Granted, this won’t be enough to protect against the considerable vulnerabilities in ATMs. In order to maximize security and minimize the amount of damage done by vulnerabilities, the user needs to understand how to protect themselves while using ATMs.
One of the major password managers out there, LastPass, has become the victim of a major vulnerability. Google researchers from the Zero Day Project discovered this, along with other flaws within LastPass.
With Google Chrome’s Incognito mode, you can privately browse the web, but you may have noticed that Incognito mode also disables your extensions by default. This isn’t a big deal, but it can be an annoyance that you’d prefer not to deal with. Thankfully, there’s a good way to make sure that specific extensions stay enabled, even in Incognito mode.
Before we dive into this week’s tip, it has to be said: if you have a choice, you should probably avoid using a public computer. As a rule, these machines feature minimal security precautions, along with maximum risk to any data accessed by the PC. Although, if a situation ever arises in which you have no choice but to use a public computer, be sure to follow these security best practices.
What you watch on TV says a lot about you; so much so, that you might be creeped out if we told you there are others who know exactly what you watched, without your consent. Sound too invasive to be true? Well, for the 11 million owners of Vizio televisions, this practice has been going on for some time now.
If we told you that automated teller machines, or ATMs, were susceptible to hacking attacks, would you believe us? You should; there are a plethora of ways for hackers to infiltrate and steal money from ATMs, with the latest being so dangerous that even the Secret Service has issued warnings about it.
In response to the increasing danger of cyber attacks against computerized cars that are currently in production, Volkswagen has partnered up with three Israeli experts in cybersecurity to form a brand new cybersecurity company dedicated to designing solutions intended to protect such advanced cars and their passengers.
You’ve heard it said that it’s a best security practice to routinely change your passwords. The idea here is that, if a password were stolen, then it would lose its value when the user goes to change it. While this sounds like solid logic, new research shows that it may actually be better NOT to change your passwords.
This may be a hard pill to swallow for IT administrators who have always required users to change their passwords every few months or so. However, seeing as this practice could make accounts less secure, it’s worth considering.
The idea behind this theory is that, whenever a user goes to change their password, they’re often rushed or annoyed and end up creating a new password that’s less secure. The Washington Post puts it like this: “Forcing people to keep changing their passwords can result in workers coming up with, well, bad passwords.”
Think about it, how often have you changed your password, only to change it from a complex password to one that’s easier to remember? Or, have you ever kept the same password and just added a number at the end of your new password? This covert move will do little to deter a hacker. Carnegie Mellon University researched this topic and found that users who felt annoyed by having to change their password created new passwords that were 46 percent less secure.
Plus, let’s consider the hypothetical situation of a hacker actually stealing your password. Truth be told, once they’ve gotten a hold of your login credentials, they’ll try to exploit the password as soon as they can. If they’re successful, they’ll pose as you and change the account’s password, thus locking you out of it. In an all-too-common situation like this, the fact that you’re scheduled to change your password at the end of the month won’t change anything.
Additionally, ZDNet points out yet another way that regularly changing passwords can make matters worse: “Regularly changed passwords are more likely to be written down or forgotten.” Basically, having a password written down on a scrap piece of paper is a bad security move because it adds another way for the credentials to be lost or stolen.
Whether you do or don’t ask employees to change their passwords is your prerogative. However, moving forward it would be in everybody’s best interest to focus on additional ways to secure your network, instead of relying solely on passwords. This can be done by implementing multi-factor authentication, which can include SMS messaging, phone calls, emails, and even biometrics with passwords. With additional security measures like these in place, it won’t matter much if a hacker stole your password because they would need additional forms of identification to make it work.
To maximize your company’s network security efforts, contact QuestingHound Technology Partners at 954-727-2200.
Verizon has taken to publishing a compilation report analyzing data breach statistics with the help of industry partners, a report that is widely regarded as a must-read for the industry. A brief review of the latest edition’s executive summary revealed where information security vulnerabilities lie in industries worldwide and, even more helpfully, what shape those vulnerabilities took. The Data Breach Investigations Report, or DBIR, pulled no punches in outlining what kind of attacks happened in the past year, and how.
Email is (and has been) a prime method of communication for businesses of all sizes. With email comes a whole slew of issues that are essentially synonymous with the technology; spam, information overload, phishing, and information privacy. Even South Florida small businesses that only do business locally are at risk of these issues. Personal email accounts are equally at risk. Employing proper precautions and practices whenever communicating via email is very important to prevent the risk of security compromises, monetary loss, and even legality issues.