Category : Security

Secure your Dropbox in a few easy steps

dropbox

Many of us use Dropbox for it’s ease of use and accessibility, which is all the more reason to make it extra safe. One-factor authentication is no longer enough to protect against hacking due to incredibly weak passwords, (we are all guilty of this one). Two-step verification requires you to enter both your password and a security code sent to your mobile phone. This is by far one of the easiest ways to beef up your Dropbox security. To enable two-step verification, simply log into your Dropbox account and click your username in the upper-right corner of your Dropbox window. From here you should be able to find Settings from the menu. Click the Security tab, then click Enable under two-step verification.

Another way to ensure security is to unlink old devices. Dropbox has the wonderful ability to span across multiple devices, which can also create a security vulnerability if not cleaned up every so often. You’d be surprised how many old devices end up linked to your account after a few years. Find the Security tab as you did when accessing two-step verification, and scroll down the menu to “Devices“. This will show you a list of all the devices that have access to your Dropbox, complete with the date of their most recent Dropbox activity. Go through the list and unlink the devices you no longer use or need by clicking the X to the right of the device name.

Managing application access aids in narrowing the amount of third-party applications that require full access to your account. An app will retain the full access you originally gave it even if you barely use the app anymore. This is also true for applications that the developer has stopped supporting. This creates a very easy window of opportunity for hackers, with a very easy solution. Prevent future security flaws by revoking access of applications you no longer use. Return to the Security tab, and find Apps Linked in the drop-down menu. A list will appear with all of the applications you have authorized to access your Dropbox account. Same as with devices, click the X to the right of the application to remove the app from having access to your account.


If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcworld.com

Webcam Malware aimed at company employees

aaaaayaaaaa

Attacks face many working employees as the newest form of malware has been aimed at webcams in the workplace. The new malware is used to record employee’s private moment sin order to extort information out of them later. Sounds like everyone’s worst nightmare. The malware is called Delilah, a sweet sounding name for something so morally compromising. Delilah is the world’s first insider threat Trojan. It allows operators to capture sensitive and compromising footage of victims, which is then used to pressure victims into leaking important company secrets. The malware is being delivered via multiple popular adult and gaming sites. Thus far it is not clear if any engineering or software vulnerabilities are the source of the installed malware. The bot comes with a social engineering plug in that connects to the webcam operations so you never know you are being filmed. The attackers are using encrypted channels to communicate with victims. The bot itself needs a high level of management from a human to know who to recruit, choosing who to scam effectively. The bot, once installed, seeks to gather as much personal information about the candidate as possible, in order to bully the victim into complying with attacker requests. This can span to family and friend information as well. At the moment, not much has been accomplished as to checking for the malware. All that is known is that the bot is still buggy, and that because of the number of screenshots it is taking, often makes the screen freeze momentarily.

As security researchers look into this type of malware, more preventative information should follow.

 


 

If you would like to learn more about the information presented in this blog post please visit : www.zdnet.com

D-Link Security Flaw Leaves 414, 949 Devices Totally Exposed

dlink-DIR-615-vpn-router-front-panel

A security vulnerability has come to light in D-link networked products. This vulnerability allows someone with hacking knowledge to easily overwrite administrator passwords in home Wi-Fi cameras. The remote execution flaw makes it easy to access devices and add new users with admin access to the interface as well as download malicious firmware or reconfigure products. Basically losing all control without ever knowing it.

The Senrio research team reported the vulnerability lies within the latest firmware update issued to the D-Link DCS-930L Network Cloud Camera. The flaw is by a stack overflow problem located in DCP service which listens to commands on Port 5978.

“The vulnerable function copies data from an incoming string to a stack buffer, overwriting the return address of the function,” Senrio says.

“This vulnerability can be exploited with a single command which contains custom assembly code and a string crafted to exercise the overflow. The function first copies the assembly code to a hard-set, executable, address. Next, the command triggers the stack overflow and sets the value of the function’s return address to the address of the attacker’s assembly code.”

At the moment 5 of the cameras in the D-Link product line are vulnerable to this flaw. Using the Internet of Things search engine it is estimated that 414,949 devices are open to attack. Over 120 products are recorded as open, which includes routers, modems, access points, and storage products.  According to Senrio, the vulnerability points toward a larger issue of poorly written firmware components used in cheap Systems on Chips (SoCs).

Senrio goes on to say.. “Adoption [of IoT devices] is driven by business rationale but the security exposure is often overlooked. The techniques used to find the WiFi Camera vulnerability are also used to identify vulnerabilities in medical and industrial devices used in hospitals, nuclear power plants, and factories. And often those devices receive just as little security scrutiny as this webcam.”

D-Link said it will be coming up with a patch soon, and that older D-Link models will need to be pulled from the Internet altogether or the owners of said devices will need to accept the risk..


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.zdnet.com

Have a secure summer with these security suites

status_protected

A security suite is a collection of software utilities that protect a machine from viruses and malware. Within each there are usually three levels of protection, being a standalone antivirus utility, an entry-level security suite, and a suite with additional features of protection including firewall, anti-spam, parental controls etc. Antivirus is the core of a security suite, which is why we only advise security suites with a highly effective antivirus software. Why do I need this junk? A firewall offered protection by monitoring all network traffic and keeps a watchful eye on running applications to make sure there is no misuse of your network. Anti-spam software blocks fraudulent emails so they never make it into your inbox, saving you from being the victim of malware or other encryption that is embedded in email attachments. A security suite is the easiest way to get all the benefits of multiple software applications, all in one. Check out our recommendations and rest assured your machine and your information are protected.

Symantec Norton Security Premium – $50 – Firewall, Anti-spam, Parental Controls,  Tune-Up

-Award-winning parental control. 25GB online backup. Protects up to 10 Windows, Mac OS, Android, and iOS devices. Excellent malicious URL blocking and antiphishing test scores. Smart firewall. Spam filtering. Password management. Performance optimization.

Bitfender Internet Security 2016 – $45 Firewall, Anti-spam, Parental Controls, Backup, Tune-Up

-Highly accurate spam filter, tough firewall, revamped parental controls, ransomware protection. Top performing, manages all features well.

McAfee Internet Security 2016 – $40 – Firewall, Anti-spam, Parental Controls

-Protects all your Windows, Mac OS, Android, and iOS devices.  Accurate anti-phishing and anti-spam, along with multi-factor authentication.

McAfee LiveSafe 2016 – $60 – Firewall, Anti-spam, Parental Controls

-Protects all your Windows, Mac OS, Android, and iOS devices. Antivirus rates high in lab tests and our tests. Accurate antiphishing and antispam. Five licenses for Intel True Key password manager. Impressive Personal Locker encrypted storage uses voice and facial recognition for authentication.

Kaspersky Total Security 2016 – $90 – Firewall, Anti-spam, Parental Controls, Backup, Tune-Up

-Top ratings from labs. Very good scores in PCMag’s hands-on tests. Accurate spam filter. Intelligent, no-hassle firewall. Comprehensive parental control. Remote monitoring and management. Many bonus features. Small performance impact in testing.

 


 

If you would like to learn more about the information presented in this blog post please visit : www.pcmag.com

 

Millions of stolen health records up for sale….

healthcare_record

The seller of these ten million health records goes by ‘thedarkoverlord’ and began listing the data last weekend. The seller claims the data to reveal over 9.2 million health insurance records from US patients and is on sale for 750 bitcoins. A rate of $486,000 when released Monday. The data also supposedly entails addresses, names, emails, phone numbers, date of birth, and most unnerving, social security numbers.

A little bit of research by ZDNet reports that the seller’s ad could not be authenticated because the seller did not have any points assigned to his name on the site in which he is selling the $486,000 worth of data. This means that this seller has just popped on the scene, most certainly new to the website. Another site, Motherboard, has contacted some of the users who were able to confirm that the data in a received sample was in fact theirs. The hacker revealed how the data was uncovered, attributing exploitation of a disclosed zero-day flaw in the remote desktop protocol (RDP) as the means for stealing the information. This flaw allows a user to remotely view another user’s desktop, which opens a host of security problems, as you can see, most likely due to poor configuration of remote desktop software. The hacker even said in one of his listings that the data was stored on an “accessible internal network”, in plaintext, which if this is true, would be a direct violation of federal healthcare privacy rules. Healthcare providers and hospitals have been repeatedly the target of attack this year, so it is no surprise that the influx of data up for sale by hackers is patient data.

 


 

If you would like to learn more about the information presented in this post, please visit : www.zdnet.com

 

 

Can entering a password be as easy as taking a selfie?

Most of us have heard of two-factor authentication, but photo login? This is an entirely new concept. Cloud-based security solution, LogMeOnce, has released PasswordLess PhotoLogin which allows users to sign into any website, just like one would expect from any password manager, but with a photo!

Two-factor authentication is a preferred extra layer of security that uses a password and username in combination with something that only the user has on them such as a a piece of information only the user knows or a physical token. With PhotoLogin, this second piece of information is a photo, taken on the desktop and then approved or denied via a trusted mobile device to gain access. So rather than a code being sent to your mobile device, the photo serves as the code.

When you click the PhotoLogin icon on the LogMeOnce home screen, you are prompted to snap a picture of yourself, or really anything you would like, even a stapler or your dog. The photo is then automatically sent to your linked mobile device where you can verify the image. The true protectors can swipe left and see data such as IP address, GPS location, and time stamp. Photos expire in 60 seconds and will self destruct after the first use, which ensures that you photo password is always unique. The LogMeOnce PhotoLogin update is free and available on Chrome, Firefox, Safari, as well as iOS and Android.

507574-logmeonce-photologin

 


 

If you would like to learn more about the material presented in this blog post, please visit: LogMeOnce Password Manager Adds Photo Login

 

 

7 most common IT security mistakes made by startups

1. Personal and professional borders.

Convenience often compromises security. A recent trend is having employees bring their own devices rather than providing company laptops and phones. However easy this may sound, it creates a large window of opportunity for company data to get in the wrong hands. Furthermore, when an employee leaves the organization it makes it increasingly hard to ensure that no sensitive corporate data has been stored on the device.

2. Ignoring two-step authentication.

Two-step authentication is a sure fire way to add an extra layer of security and its easy too. Some are as simple as having a code sent to your iphone while others allow you to confirm your identity with the tap of a finger. Password breaching is becoming more and more common, it is wise to beef up password security up front rather than pay the consequences later on.

3. Insufficient exit protocols.

Companies that depend on part time and freelance employees are often less established in their exit procedures once an employee has left the organization. It is important to have a set of protocols in line so a uniform method is in order. When sensitive data is left on personal employee devices, data loss, account access and information sharing is most certainly in the future. Don’t let this be you! It may not even be the malicious intent of the employee, perhaps they aren’t the data has left with them. Either way, data loss has occurred and sensitive data is out there unprotected, and unmanaged. Make policies known, and if you don’t have data policies and security guidelines in place consider adding this to your organization.

4. Forgoing SSL from the beginning.

SSL (Secure Sockets Layer) is easily implementable from day one.  It should be enabled by default in every website. It reassures your users, while upgrading the security level of your communications.

5. Failing to prioritize security.

Security is often something that startups think can be left untouched until a later date or when the company has reached success. Security should be implemented from day one not only to protect your organization but to protect client information. Security is not a gray area, it should be just as important as payroll, HR, financing, etc. Don’t ignore security best practices, and make sure to stay current on the latest security software and updates to protect your organization from attack.

6. No internal policies and infrastructure.

If you think about it, startups have a great position regarding data security because they have the opportunity to apply the most current and best industry practices from the start. No outdated systems or struggle to get employees on board with new internal policies. One mistake often made by startups is not giving enough attention to internal policies. Invest adequate resources in the infrastructure of your organization, what equipment for you need? How will you manage IT security? Software? Think about proactive responses rather than ignoring the obvious.

7. No suspicious activity notifications.

What will you do if your organization is attacked and all your data is either encrypted or lost entirely? How will this affect you financially? One breach can take you from quick stardom to barely making it by. Don’t let this be you! Stay on top of information security.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: 10 Data Security Mistakes Startups Can’t Afford to Make

best practices of the most secure companies

Companies are threatened by malware, human adversaries, corporate hackers, hacktivists, and can be hacked in the most unsuspecting ways such as over copper wire. Because of this, we have complied a list of best practices used by highly secure companies. Tailor these to fit the needs of your organization and keep your data safe!

Know what you have: Most companies have no idea what they really have going on in the security department. To ensure the security of your organization, establish an accurate inventory of your organization’s systems, software, data, and devices. To be secure you have to know what to protect. The most secure companies have strict control over what runs where, because each platform is another opportunity for vulnerability.

Remove, then secure: Unneeded programs present unneeded risks. The most secure companies look over IT inventory and remove what they don’t need. More often than not, companies have large numbers of patches and other unnecessary junk piled up that no one really knows about…if your company isn’t IT savy…bring in an establish IT company to handle this task for you. They know what needs to be fixed, patched, updated, deleted, etc.

Run the latest versions: Updates have purpose. The latest software and hardware will have the latest built-ins and security features. It is the responsibility of the owner of the product licenses to keep updates current. Older versions look like a big fat glass of water on a hot day for hackers. Don’t give them the opportunity!

Patch with speed: Patch all critical vulnerabilities within a week of the vendor’s patch release. If your company takes longer than a week to patch, the risk of compromise is increasingly high. Basically, if you think about it most of your competitors will patch on time because they are smart or they have a great IT team in their hear. So if they are all secure and your organization is unpatched, hows that going to look to hackers? Like an invitation that’s how. Now, that being said people will still tell me they like to wait to patch in case of glitches that could lead to operational issues. The most secure companies more often than not, experience little to no disturbance because of patch glitches. The odds are more in the favor of being hacked, so patch away!

Education: As with anything that requires a team effort, it is best to educate all users about the threats the company is currently facing or most likely will face. Education that is led by professionals, and involves the entire team, is the most effective. Not everyone will be on the same page when it comes to the inner workings of the IT world, but at least inform employees on the best practices, how to identify suspicious activity, what to do in the event of a security crisis. Yes it is extremely crippling when the vulnerability comes from the mistake of an employee, but the worst thing that can be done in this event is not informing the right people to fix the problem.

2015-12-08-1449558163-8356450-cybers

 

 

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit:Effective IT security habits of highly secure companies

5 Ways to Spy a Hacker in Your Network

download

1. Search for the telltale signs of a breach. 

Port Scans? Excessive failed log-ins? When a hacker infiltrates an unfamiliar network they need to learn the topology of the network, looking for vulnerable points of access in servers. From this point they can pinpoint administrative users and data stores.

2. Look for a “normal” user performing administrative tasks. 

By using native tools on computers and servers, hackers can stay under the radar for much longer than if they were to use known attack tools. Anti-virus software should pick up on malware and attack tools, but not normal administrative tools. Determining who the admins with the organization are can significantly lessen the worry. Active Directory aids in establishing user roles and privileges with which you can then use to see the applications and devices used by administrators or that are managed by administrators. Awareness about what the administrators within the organization are using, should make it easier to spot when an attacker is looming in the background.  If a hacker takes control of a administrator machine and begins performing tasks, you’ll be able to identify if this is normal or suspect activity.

3. Look for a device using multiple accounts and credentials to access network resources. 

Hackers, both internally and externally, generally steal user account information or generate fake accounts in order to gain access to the network. In order to spy indicative markers of of attack activity, analyze credential usage. Make sure to monitor network traffic and analyze log from the authentication and authorization infrastructure in your network. Extract data and look carefully to see how many systems each user interacts with, and monitor abnormalities.

4. Look for an attacker trying to find valuable data in file servers. 

By figuring out what Windows file shares are accessible, attackers hunt for important data such as intellectual property and banking information, or once they find important data they will encrypt it and the rest is history. A valuable signal would be to spot abnormalities in file share access. This is a preventative measure for spotting both hackers and employees considering insider theft.

5. Look for the command and control activity or persistent access mechanisms. 

Keep an eye on outbound communication. Attackers need to be able to communicate between the Internet and endpoints they control within your network. There could be malware and Remote Access Trojans in your network, so be mindful of indications of malicious software phoning home.

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit:Five signs an attacker is already in your network

DDoS Attacks Increase by 137.5 Percent

b66b95478fThe content delivery network,  Akamai, recently released it’s  Q1 2016 State of the Internet – Security Report, where the company found somewhat terrifying increases in DDoS attacks. There has been a 125 percent increase in distributed denial of service, aka DDoS attacks year over year but there has been a 35 percent increase in the average attack duration. But why is this? Comparing this years first quarter to that of 2015, in 2015 the average attack lasted around 15 hours, now that has increased to 16 hours. In addition, the type of attack has changed. Massive DDoS attacks that are 100 Gigabits per second are now increasingly common, with 19 of these attacks in the first quarter of 2016. This is nearly triple the number of massive attacks in 2015. An 137.5 percent increase to be exact.

In total, Akamai witnessed 4,523 DDoS attacks in 2016’s first quarter. Major Ugh. Furthermore in the first quarter of 2015, there was an average of 15 attack events per targeted customer, now that average has jumped to 29 attacks per targeted customer. By repeating attacks on the same customers rather than going after more targets, the amount of attacks per target dramatically increased.

In previous years, we saw hackers shying away from protected networks. Now hackers continue to try to infiltrate networks no matter if they are protected or not, hoping that eventually one of the defenses in place will fail. In addition to this, repeat attacks have increased due to the DDoS platforms becoming less expensive and easier to use. No hacking or networking skills are required anymore for DDoS attacks. Furthermore, DDoS for hire sites are now in place that enable anyone with Bitcoin to launch multiple simultaneous attacks from an easy-to-use interface with a menu of attacks.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: DDoS attacks increase over 125 percent year over year