Tag : Internet

What/Why/How – you should always use a VPN

vpn

What is a VPN? A virtual private network creates a secure tunnel between two sites via the Internet to protect your privacy. This is usually a paid service to ensure web browsing is secure and private while using public wifi or less secure wifi networks.

What happens? Your PC connects to a VPN server, and then your web traffic passes back and forth through that server. This VPN server can be located anywhere in the world whether it be the United States or Thailand. Therefore when you are surfing the web, those websites you are visiting see you as browsing from that VPN server’s geographical location, not where your laptop is really located.

Why is that important? When you are hanging out on your laptop in a public space such as a coffee shop, perusing Amazon for some deals, hackers are far less likely to be able to steal your login credentials, your credit card information, email address, or direct you to a fake banking site or other spoof. Even your internet service provider will have a hard time trying to snoop on what websites you are visiting.

Free services are offered, but they are slow with considerably less bandwidth, so pay the $5 a month and get a service of quality. Ask questions such as what kind of logging does the VPN provider do? How long do they keep information about your VPN sessions? Are they going to be recording the IP addresses you use? Answers to these questions should be taken into consideration based on how much privacy you want and need.

 


If you would like to educate yourself in more detail about the information presented in this blog post please visit: www.networkworld.com

 

Take Back Privacy with Windows 10

maxresdefault-4Windows 10 offers an option to help protect third parties from tracking your movements based on your connections to Wi-Fi networks. Under Settings > Network & Internet > Wi-Fi, turn on the Use random hardware addresses setting. This will keep third parties from matching your Wi-Fi adapter’s hardware address with your personal information, and therefore much more difficult to track your location.

The internet is full of third party ad networks and analytics companies that use cookies and tracking technology to record web movements. This information is usually used to correlate online actions and movements to the things you do away from the internet. Sometimes this can be as harmless as the ads on the bottom of a webpage being that of the product you just googled, or the implications can be be used to discover your offline identity. Regardless, one should be cautious of where all these internet movements lead. Third-party anti-tracking software such as Abine’s Blur will limit the amount of information that such ads can gather. Ad-blocking software can limit such information as well in addition to its purpose of blocking unnecessary ads. Although many advise against leaning on ad-blocking alone, due to the usual close ties between some ad-blocking third-parties and the ads they block. Employ an ad-in to limit your digital footprint however is better than running free range around the internet. Even if it is just a chrome plug in.

Windows 10 Operating System houses information that can be easily used to discover your location. Within Settings > Privacy > Location you will find access to preferences concerning location information. You can use the master toggle at the top of the screen to turn off all location features for all users of the machine. I personally would clear the location history that is saved within this window, if nothing else.

Windows 10 will log a small amount of your information to provide Cortana with a solid knowledge of your preferences so that she may generate suggestions. If you rather take care of yourself without Cortana studying you, you can easily turn her off completely. or navigate her settings.

Under Settings > Privacy > General, click Info about how I write and turn it off so that your typos aren’t used to improve things like the built-in spell checker.

Under Settings > Privacy > Speech, inking, & typing, under the Getting to know you heading, click Stop getting to know me to turn off personalization.

Lastly, Settings > Privacy > General. Advertising ID controls whether Microsoft serves personalized ads to ad-supported apps. If you turn this option off, you still get ads, but they’re not personalized. In any case, your information is not shared with advertisers.

A few tricks to give you more of your privacy back.


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.zdnet.com

Security Alert – Hide your IP Address

ipaddress

IP address is the identifier that allows information to be sent between devices on a network. It contains location information and makes devices accessible for communication. IP addresses are mathematically assigned by the Internet Assigned Names Authority (bet you didn’t know that!). This might be fine and dandy news for the non-technical, but odds are you still have no idea why hiding your IP address is advised. Since your IP has location information, it can be used to discern your physical location. The accuracy of determining your location via IP address information is actually extremely accurate. Another reason to hide your IP is the increase in cyberattacks as of late. IP addresses can often be used to target attacks.

You can also hide your IP with the goal of watching blocked content in your region.

Changing your IP can be done, but this is a more detailed process. Hiding it is a much easier option.

A Virtual Private Network creates an encrypted tunnel between your device and the service’s server rather than connecting to a website directly, adding a layer of protection. The VPN allows you to connect to the internet as normal and retrieve the information but through the tunnel created. This ensures that your web traffic cannot be intercepted, and furthermore anyone looking at the IP will only see the IP address of the VPN.

What you can also do is use a series of computers that are distributed across the globe. Rather than a request made between two points, your computer will send out layered requests that are each encrypted. You will be relayed from Tor node to Tor node before exiting the network and reaching the desired destination. Each node only knows the previous jump and the last jump. This method of Tor will make your movements much harder to track, making you much less susceptible to attack. In order to complete this method, download the Tor Browser, or talk to your IT professionals.

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcmag.com

DDoS Attacks are Making Cybercriminals Very, Very, Rich

Actually, $100,000 richer to be exact.

By sending just an email, the group called Armada Collective is easily shaking down companies and pulling in the cash. Distributed denial-of-service, better know as DDoS attacks, consist of little technical experience other than causing a website to crash by flooding it with traffic. Usually the threatening email alone is enough to get companies to pay up in Bitcoin.

This is not the first time we have heard of the Armada Collective group. Back in 2015 they became nonactive, and in 2016 alleged members were arrested. It is believed that a separate group has decided to use the Armada name in order to capitalize on previous DDoS presence.

The email looks something like this:

Capture

Over 100 businesses have received the email threats according to CloudFlare CEO Matthew Price. However, not one case of Armada actually launching a DDoS attack has been reported. Price weighs in by saying, ” In fact, because the extortion emails reuse Bitcoin addresses, there’s no way the Armada Collective can tell who has paid and who has not. In spite of that, the cybercrooks have collected hundred of thousands of dollars in extortion payments. ”

The Bitcoin fee ranges between 10-50 Bitcoin which is about $4,600-$23,000. There seems to be no rhyme or reason to how the collective determines Bitcoin amounts per company.


If you would like to educate yourself in more detail about the information presented in this blog post please visit: How cybercriminals earned $100,000 just by sending a DDoS threat email

 

Software Defined Networking – 5 best practices

software-defined-networking_sdn

Software Defined Networking, (SDN) provides cost-effective, easily adaptable management of network control and forwarding functions. In simple terms, SDN is the physical separation of the network control plane from the forwarding plane, where a control plane controls multiple devices. Software Defined Networking is an emerging technology and therefore lacks long term examples to be used as a guideline for success. Greg Stemberger, Principal Solutions Architect, has laid out what he has seen in his experience with SDN, creating a five step process for best practices of implementation.

The first step, as it most often it with any new technology employment it to define usage. Bringing in a new technology for your company is only helpful if the technology fits the needs of your organization. Determine the problems your company is facing and proceed to evaluate whether the desired technology will be able to handle and alleviate such problems accordingly. No one technology will be able to solve all your problems. Identify specific problems you believe SDN can fix, specifically just one problem at a time. As Stemberger suggests, “A single use case with tangible, positive results, offers more reliable, measurable outcomes than implementing SDN across your entire network.”

It is crucial to assemble a cross functional team with SDN. Utilizing SDN in the correct manner means having a skilled team with a united approach. A team of well versed members is the best way to manage SDN. You need people who can combine skill sets to work together. Increasing efficiency lets you IT staff spend more of their time on you IT infrastructure rather than operational overhead. Get everyone on the same page, toward a universal goal.

Remember to test in a less critical network area. This is common sense for most. Find a less critical network that you can play with first before moving to your network. This way you avoid uprooting your entire network and facing the wrath of angry coworkers. A small-scale SDN test allows the flexibility to learn and make mistakes.

After testing for a while, make sure to go over the data you gather and review your test case. Did it solve your current problem? Is it a wise investment to expand SDN to the entire network? Do you have the infrastructure ready on both a personnel and technical level?

As a gentle reminder that it’s okay to stay on the cautious side, it is suggested that you gain maturity before expanding deployment.  Rather than diving head first, proceed slowly and make the implementation gradual. Even if the SDN went better than expected in one area of the network, this is not a gurantee that the entire network will function at the same caliber. How will SDN performance change across higher trafficked areas of the network?

These steps are meant to evaluate risks, gain perspective and ensure efficiency. In order to get the most out of Software Defined Networking, it’s best to get all your ducks in a row.


If you would like to educate yourself in more detail about the information presented in this blog post please visit: 5 steps to launching Software Defined Networking

ATM’s – The Next Target For Hackers

Use of outdated operating systems like Windows XP and lack of security means it’s still possible to crack ATM security, warn researchers.

As one of the millions of people who frequent their banks ATM at least once a week, the last thing on my mind is usually the security of the operating system. But when you think about the foundation of the machine taking your card and spitting back cash, you’ll realize this machine is just a PC running on old software. Easily susceptible to malware. Not comforting.

There was a 15 percent jump in ATM fraud activity between 2014 and 2015 and researchers believe statistics will only increase. Within this time cyber criminals were able to get their hands on more than $150 million. Researchers credit security vulnerabilities to the use of outdated platforms that no longer receive patches and fixes such as Windows XP.

“If we think of a modern ATM as a MS Windows PC with a money box attached to it that’s controlled through software, it is easy to see how it becomes an attractive target for any malware writer,” Sancho and Huq said.

Trend Micro and Europol’s European Cybercrime Center (EC3) discovered two main malware threats that either provide hackers with the card details of the user, or give the hacker privileges to dispensed cash. Most worrisome is the lack of extreme measures hackers have to employ in order to infect ATMS. Simply put all hackers have to do is install malware onto the machines via a USB or the CD- drive.

At the moment, malware ATM fraud has only been reported in international cases, Eastern Europe and South America. Despite little activity in the United States, authorities are aware of increasing malware ATM concerns and are monitoring cyber criminal forums for activity.1447059385670243


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: A Windows PC with a money box attached: Why hacking ATMs is big business for criminals

VPN, you need one

tunnelA Virtual Private Network, or VPN, is used to connect a private network, such as a company’s internal network, using public wires. In other words you can use an other IP other than your own to appear you are something other than where you actually are. Pretty nifty.

The use of VPNs started as a way for work at home users to access their workplace network just like if they were working in the office. Benefits reach farther now than just work from home capabilities. It is difficult for advanced malware to self install through open ports because the computer will always appear to be another system someplace else. This other machine is often a server that is more heavily protected and harder to attack. Not a sure fire way to avoid attack, but most certainly a viable preventative option.

This presents an extra method of protection, basically playing a little hid and go seek with potential malware. Increased mobile internet usage will eventual open a new vulnerability for hackers to infiltrate, and VPNs could be the eventual answer to avoiding attacks on mobile devices as well. Need for mobile phone VPNs could be the next big thing for data protection.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: You Need a VPN, or You’re Screwed

Who’s in Charge of Your Cybersecurity?

 

The first step in successful cyber-security is getting every employee on board. It is pretty obvious that some hardware goes into creating a security shield around important data. As an Information Technology company ourselves, we already know the value Firewall, and anti virus software have on making your network more secure. However, in order to adopt a more proactive protection policy, the groundwork needs to be laid, starting with company culture and communication. It is increasingly important to enforce awareness and education in order to save a lot of headache later down the line.

The CEO of the company needs to take interest in cyber-security before any of the employees can get on board. Simple risk analysis is a great start. Buying products online is not sufficient. A knowledgeable IT professional should be on hand. You need someone who is going to leverage the right equipment as well as set security measures that fit your establishment.

“The cyber threat cannot be solved by buying products” says Tim Holman, president of the Information Systems Security Association in the UK. Holman has the right idea, if your company is not equipped with the right skills to manage these products they are basically junk. It is important to attack cyber-security the way a hacker does. Common sense leads us to find that reducing the amount of sensitive data stored will always be a great measure. Restricting access to information and getting cyber liability cover is another way to lessen the probability of attack.

As information continues to flow in and out of your business remember that with any exchange over the internet comes a great deal of risk. Ensure your company professionals understand how to practice good security efforts. Never open an attachment that is unfamiliar, back up data in two separate places, and utilize solid Firewall and anti-virus software. Keep all platforms up to date with the latest patches and security fixes. Top to bottom, cyber-security is the responsibility of all.bva_withninja_teal-centered

 


 

 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: The CISO, the CIO, the CEO, or you: Who is really responsible for cybersecurity?

New on our radar…ads spreading crypto ransomware

Crypto Ransomware disguised within ads on big time sites

Ads featured on sites such as The New York Times, the BBC, MSN and AOL have exposed thousands of users to crypto ransomware. Angler, a toolkit that sells exploits for Adobe Flash, started the wave of encrypted ads last week pushing laced ads through a compromised network, according to researchers at Ars Technica.

 

The ads contained a JSON-based file with more than 12,000 lines of obscure codes. Angler attacks unsuspecting users with Bedep Trojan and the TeslaCrypt ransomware, a nasty combination. The three suspicious domains to be aware of are trackmytraffic[c],biz, talk915[.]pw and brentsmedia[.]com. The hacking has spread to answers.com, zerohedge.com, as well as infolinks.com. In addition, affected networks consist of those owned by big names such as Google, AppNexis, AOL, and Rubicon.

 

The best thing users can do at this point is enforce safe browsing. Decreasing the probability of attacks means decreasing the attack surface. Uninstall third-party extensions such as Adobe Flash and Microsoft Silverlight unless necessary. In addition to this, keep installations up to date by following updates as soon as they are made available. Using the 64-bit version of Chrome for browsing is one of the safer ways to browse. Microsoft users should work with Windows 10 and Microsoft’s Enhanced Mitigation Experience Toolkit.

Two-Factor Authentication Evaluation Guide

Two-factor Authentication is a type of multi-factor authentication that provides identification of users using a combination of two different components. These components are often something the user knows, possesses, or something that is inseparable from the user. This Guide has been adapted from Duo Security, and illustrates what to consider when deciding upon a vendor for Two-factor Authentication for your company.WP17

Security

 

In order to enforce this extra layer of protection it is important to consider the factors involved. Security and ease of implementation should be of first priority. The vendor in which provides your two-factor authentication should be secure by design. The cloud based service should use multiple, independent PCI DSS Level 1 and ISO 27001-certified, SAS 70 Type II-audited service providers and is split across multiple geographic regions, service providers and power grids for seamless failover. This ensures that you have a reliable vendor that has an infrastructure that is fully scalable and elastic enough to be able to accommodate any number of users. You should be able to add users as you need them without issue. The vendor should also be backed by a strong service level agreement and the service should offer 24/7 operational coverage.

Cloud-based authentication services are easy to use and tend not to require installation of hardware. Selecting a vendor with drop-in integrations for all major VPNs, Unix, and MS remote access points. Something to look for is deployment. The two-factor authentication process is best implemented when it leverages a platform users already have, such as cell phones. Make sure the service you employ works with landlines and tokens to save your IT administrator from having to manage tokens.

Usability

Usability and convenience are a major part of making two-factor authentication a productive solution. A vendor that keeps a lot of “clutter” such as extra steps gets in the way of the login path and makes for a large and unneeded distraction. Allowing users to easily enroll themselves and set their preferred devices to use for authentication makes the login process easier. This should be met by a vendor that supports a wide range of authentication methods including push to mobiles app, passcode and phone call back.

Administration

When choosing the ideal vendor, make sure the administrative needs are met. For instance, consider if the solution allows for visibility insight into user access of your network. Authentication logs should be provided for auditing and reporting. Systems that provide a centralized admin interface give a consolidated view of how the two-factor authentication is working, and allows for better maintenance. It would be best if the system managed the physical tokens rather than forcing you to manage such items. In addition if you are looking for a cost effective solution, cloud hosted vendors have the lowest costs and least amount of hassle because the infrastructure, upgrades and maintenance are all managed by the vendor.

 

 

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://hosteddocs.emediausa.com/duo-security-twofactor-evaluation-guide.pdf