It is widely understood that Google as a company holds masses of information on the majority of us. If you have ever wanted to know just how much information Google knows about you this is now possible. Google tracks the majority of what you
do on the Internet, including your searches, music you listen to,
videos you watch, and even the places you travel to, and it does this
for targeting relevant ads to its users and better improve its service. Now the technology giant has a plan to make it easier to control all the
data the company collects throughout all your different devices.
So how are Google going to make this information easier for you to access and control? The answer to this is through the roll out of there new "My Activity" page that shows a searchable history of
pretty much everything you do online, including previously visited
websites, voice searches, searched things and places, watched Netflix
programs, and all activities you did on each of its products. These activities are sorted by most recent and broken down into individual items some items may be part of groups that bundle similar activities together. You can log into this page here.
The feature along with been terrifying is beneficial for those who
want more granular control over how ads work across all their devices
linked with Google account and gives them the ability to block some ads
they don't want to see.
However, thankfully the feature also offers you an option to delete items as well —
everything in a particular date range or by specific topics.
If you are privacy conscious, you can adjust your settings in the Privacy Checkup. You can change your settings for ultimate privacy, depending on how much of your online activity you allow Google to track. I would recommend that you do this but if you like targeted adds and a super computer giant knowing everything you do online, well then don't change a thing.
If you are a user of Citrix's GoToMyPC unfortunately you will have to reset your passwords (use something long varied and strong, don't reuse an old password!).
The service, which lets users remotely access PCs over the internet, was hit by a "very sophisticated password attack," Citrix said Sunday in a blog post. The company is requiring users to reset their passwords using the "forgot password" link. This is just another hack in a long line that have been disclosed in the past few weeks as hackers seem to be targeting website with huge user databases in an attempt to reap the rewards of cybercrime.
"Citrix takes the safety and
security of its customers very seriously, and is aware of the password
attack on GoToMyPC," said John Bennett, product line director at Citrix,
in a statement. "Once Citrix learned about the attack, it took
immediate action to protect customers. Citrix can confirm the recent
incident was a password re-use attack, where attackers used usernames
and passwords leaked from other websites to access the accounts of
GoToMyPC users. Further, there is no indication of compromise to any
other Citrix product line."
To reset your GoToMyPC password, go to the site and click on the Log In link.
I would recommend along with resetting your password that you enable two-step verification, a process that sends a
code to your phone each time you want to sign in. If you've used the
same password for GoToMyPC at other websites or for other accounts, you
should change it at those places as well and don't make up a new password and use it on your other sites to, not that you would do such a thing.
For those who are not familiar with the service TeamViewer allows computer professionals and consumers
to log into their computers from remote locations. For just over month, a growing number of users have reported their accounts were accessed by cyber criminals who used their highly privileged access and drain PayPal and bank accounts. On Sunday, TeamViewer spokesman Axel Schmidt acknowledged to Ars that
the number of takeovers was "significant," but he continued to maintain
that the compromises are the result of user passwords that were
compromised through a cluster of recently exposed megabreaches involving more than 642 million passwords belonging to users of LinkedIn, MySpace, and other services.
So if you have a TeamViewer account the hackers news have put together the steps that you should take to make sure that you are secure, see below.
Here's What you should do:
TeamViewer users are strongly recommended to change their account passwords and use a strong one, and of course, NOT to use the same credentials across multiple sites.
I know, remembering different passwords for different accounts is a real
pain, but you can use a good password manager to solve this issue.
Meanwhile, users should also ensure their TeamViewer accounts are
protected with a randomly generated password that is at least 10
characters long, contains numbers, symbols, and uppercase and lowercase
letters, and is unique.
It is always a good idea to run the TeamViewer software only when it's
truly needed, instead of allowing it to auto-start each time your PC is
turned on.
If you are a windows user and have the popular quick time application installed on your machine the time has come to part ways and you should uninstall it. The reason for this is the recent disclosure of two zero-day vulnerabilities that have been discovered in the application. The fact that the application contains a zero-day exploits isn't as bad as the fact that apple won't be releasing a patch to fix the vulnerability. This disclosure means that hackers will be actively targeting windows users looking for the quick time application and if you haven't it uninstalled well then you are vulnerable to an attack. Quick Time for Windows follows other software such as Microsoft Windows
XP and Oracle Java 6, which are no longer being updated to fix
vulnerabilities. That makes them subject to ever-increasing risk as more
and more unpatched vulnerabilities are found and cybercriminals attempt to exploit them. The call for users and companies to uninstall Quick Time has been echoed across the security industry so get yourself over to the control panel > add remove programs > Quick Time> Uninstall.
As many people are well aware ransomware has spread through the internet like a wild bush fire encrypting millions of machines across the world. The good news if any is that researchers have broken the petya strain of this plague. This mean that if your machine has been encrypted by this particular strain then you are in luck, don't pay any money over to these criminals get a tech savvy friend and do the following. Download this tool
created by Leostone that exploits a mistake made by Petya's author in the way that the
ransomware encrypts a file on a Windows machine, opening opportunities
for the decryption key to be determined. To use the decryption tool you will need to attach the Petya
affected drive to another computer and extract specific data from it hence why I said get a tech savvy friend.
The data that needs to be extracted is 512-bytes starting at sector 55
(0x37h) with an offset of 0 and the 8 byte nonce from sector 54
(0x36) offset: 33 (0x21). This data then needs to be converted to Base64
encoding and used on
the petya pay no ransom site to generate the key.
As luck would have it security researcher Fabian Wosar has developed a "Petya Sector Extractor
that can collect the specific data needed to use Leostone's tool. All a
user needs to do is load up their hard drive on an uninfected Windows
computer and run Wosar's solution.
After copying and pasting the information generated by the Petya
Sector Extractor, victims can then use Leostone's tool to generate a
decryption key. That key will decrypt the victim's infected files once
the hard drive has been once again loaded into the infected computer. If you have been infected by other strains of ransomware check out some of my past posts to check if there is a crack available that you can utilize. Until next time all I can say is "think before you click".
If you have been reading my posts you will notice that a number of points keep popping up. The reason for this is of course that these particular points are vital to keeping yourself safe online. For the few out there who want to do the minimum in order to stay safe I am laying out 5 golden rules to follow.
1) Keep your software updated
Updating software, whether it be on your phone, laptop, or television, is extremely important. When hackers discover new ways to steal your data, gadget and software companies usually work quickly to release fixes for those vulnerabilities. Once a fix is in place an update becomes available and you should download this update, I try to set as many applications as possible to do automatic updates or in the case of my phone I set it running at night time when its not been used.
2) STOP using the same password everywhere
You are living in an age of big hacks and data breaches if you use the same password everywhere once your details are stolen once all your accounts are compromised. And you can be guaranteed that there is a high possibility your details have already been stolen from somewhere.
3) Don't fall for phishing scams
These scams are getting more and more frequent and the attacks been used are becoming more professional. I recently received an email claiming to be a free password security tester, the email asked me to enter my password to test how strong it is and of course I deleted it as its purpose was of course to steal my password. Be smart when you receive phone calls and emails that you are not expecting and never open an application you receive in an email with the file extension .exe.
4) Add recovery contact information to your accounts
This is important you should always have two different contact methods on your accounts. The reason for this is if you forget your password and lose your phone well then your snookered and you may be locked out of that account forever, leaving your information hanging in cyber space. The second reason for this is If your account is compromised, companies will probably try to let you know. But that’s only possible if they have some means of getting in touch with you on file.
5) Enable two factor authentication
Two-factor authentication adds an extra layer of security to your accounts by requiring another code in addition to your memorized password. That code can be sent to your smartphone via a text or generated by an app. With two-factor authentication, even if a hacker has your username and password, he or she won’t be able to access your account unless they also have your smartphone — not a likely scenario. I ask if you don't do any of the above at least do this one and give yourself some chance of staying protected.
This is the second post I have done on this topic and the reason for this is the increasing amount of questioning that I have been getting from parents around this area. I think in the past year the message is starting to sink in that real threats do occur online and you need to be aware of how to mitigate against them. First of all can I say that educating your child on how to use a computer can be very beneficial but use this time wisely educate your child how to master IT skills through the likes of your local coder dojo or local computer classes for children, I would not however suggest letting your child have unlimited access to your ipad or family computer. In many cases, kids are more technologically advanced than adults, so some parents may feel intimidated and refrain from enforcing rules that are imperative to protect their children as they surf and socialize online. This is a very real fact there are however ways for parents to educate themselves so they can take a more interactive role in how they deal with there children's use of online forums. Security software is one way to restrict what kids see and do on the web, taking a lot of pressure off parents to stay current with every new risk. But it’s still important that parents get involved with their kids’ online lives, and make sure that their children know how to act and how to react to what they see on the web. Communicating the dangers of the web to your child and staying involved in what they can and cannot do online helps build up an understanding of what is safe and acceptable.
In order to communicate these dangers parents firstly need to understand what the potential threats may be. The number one threat to children today be meeting a predator online, but there are many other online experiences that can result in inappropriate or illegal activity. Kids need to be told that not everything they read online is true, and that there is a lot of material on the web that is not meant for them. This material can include fascist sites, pornography sites, drug sites, and other explicit content that an unprotected child can easily view. To help mitigate these risks there are many new software options available such as filtering technologies, child-safe browsers and search engines that restrict where your child can surf.
Loss of privacy is a another big risk. Kids must be shown how important it is to protect their personal information and the information of their family and friends. Many child-oriented web sites solicit information from kids in surveys and forms in exchange for prizes, and get them to register online for fan clubs. In chat rooms, sharing their gender, age, and favorite hangout could seem harmless, but predators can easily use this information to track down the child. Parents need to be aware that digital predators often pose as children in order to gather information and ultimately meet their unsuspecting victims. But kids also flirt and pretend to be older than they actually are, not thinking about the potential results of such actions. It is also common for kids to get into online fights or become the target of bullying via email, chat, and instant messaging, this type of behavior can sometime consume the victim so much that they become withdrawn and with no physical marks to show from such behavior it can become hard for parents to figure out whats going on. With the introduction of such apps like snapchat where the messages disappear from the victims phone within seconds it can be very hard for a child to prove that the bullying exists. I would strongly recommend that parents are very aware of what messaging apps your child is using and carefully monitor there activity especially if the child's behavior starts to change.
Blogs such as this one and Social networking sites such as Facebook are places where kids can share too much information—not only names and addresses but also personal photos that sometimes show illegal acts, such as underage drinking or drug use. Ask your kids to share their blogs or online profiles with you so you can check the content. If you are spicious that your kids are hiding content from you then use Google, along with the search tools on social networking sites, to search for profiles your child may have posted. Use your child’s full name, phone number, and other identifying information. You can also use Google images to upload a picture they may use on social media sites and this will trawl the web for that pictures or ones that may be similar.
The next threat vector parents need to be aware of is Peer-to-peer (P2P) file sharing this alone creates new issues and privacy problems. These programs allow people to browse and download files from Internet-connected personal computers of anyone else who uses the same program. This makes it easy for cyber criminals to spread viruses, Trojan horses, and spyware. Kids can also accidentally download pornography that is labeled misleadingly. I would strongly suggest that you don't allow your children to use such services unless you are able to closely monitor the content. Setting up a virtual machine will help mitigate the threat of malware and virus's to your main machine if you run your p2p service off the virtual machine but it will not prevent your child accidentally downloading porn.
So how do parents go about becoming proactive about the above? I have complied a list of ten things that you should sit down with your children and go through. The below list will set out clear boundaries for your child and let them know that you care and are taking a proactive role about there online security.
1) Monitor your child's online activity this is by far the most important step to take. Limit the chance that they are looking up inappropriate material by putting the computer in a high-traffic family area and limit there usage. There are loads of child monitoring software packages out there so do your own research to find a software that meets your needs and budget.
2) Fortify your computer with strong security software and make sure to keep it up to date I have wrote about the importance of this in past blogs so take a look through my posts if you need help with this. Using software such as The McAfee® Internet Security Suite guarantees protection from viruses, hackers, and spyware. It filters offensive content, pictures, and web sites. The anti-virus software will also protect your computer from viruses and spyware by automatically scanning email attachments and files downloaded from P2P file-sharing sites. For the most complete way to keep your children safe online, use McAfee Family Protection. It keeps children of all ages safe from exposure to inappropriate content, social networking risks, strangers, and other online threats. With McAfee, kids are free to safely explore, learn, and enjoy their online interests.
3) Make sure kids understand basic rules for using social networking sites such as Facebook and blogs. They should guard their passwords, and never post personally identifying information or inappropriate photos. Blogs and social networking sites offer privacy tools that can be turned on to restrict potentially dangerous users. The sites automatically provide these protective tools to kids under 15. Kids should share information only with people they know from the real world. Make sure that your kids understand that there are bad people online to and they may not be who they claims its very easy make up a fake social media account.
4) Never ever let your child arrange in-person meetings with people they meet online. If however for some reason you think that this is acceptable you should confirm the person’s identity, and you should accompany your child to the meeting in a public place.
5) When using P2P file-sharing programs, kids should not download files from users whom they don’t know. They could be downloading infected files, pictures, games, and music that are inappropriate, or media files protected by copyright law. As I said above using a virtual machine for this activity will save your computer if they do download a virus. Also its important to note that kids should not allow users to upload their music files unless they’re certain that they have permission to share them. You can disable the upload feature so that your kids don't inadvertently share files without permission.
6) Don’t allow kids to fill out online forms or surveys. If there is a legitimate site where they want to register, such as Nickelodeon or Disney, have them come to you first so you can check the site’s privacy policy and rules of conduct. You should take the time to read there privacy statement but I suggest use a throw away email address for such sign ups and limit the amount of factual information you need to share.
7) Only allow your children to use monitored chat rooms, and have them use a screen name that doesn’t hint at their true identity. As with blogs and MySpace, kids should never reveal personal information or share photos. Make sure they understand that people can lie about who they are and that online friends are still strangers.
8) Teach your kids to ignore emails and instant messages from people they don’t know. They should never open attachments they are not expecting nor click on links in messages. As with blogs and Facebook, they should not send out personal information.
9) Use browsers for kids and kid-oriented search engines. Children’s browsers such as Google safe search for kids do not display inappropriate words or images. It comes pre-loaded with kid-safe web sites and pre-set word filters.
10) Set you kids goals to research online safety be themselves as them to write you a little report on what they think the dangers online might be. Fact Monster is an excellent reference site, packed with information and homework help. For Ireland you should check out the office for internet safety.
2016 has been named the year that the internet of things (iot) takes hold, with a reported 50 million plus devices sold worldwide to date with everything from smart fridges to smart plugs iot is here to stay. It must be noted however with all of this extra connectivity comes a juicy threat surface for cyber criminals to prey on. The main thing consumers need to remember that if you bough a devices that connects to the internet then you can be guaranteed that it needs to be secured. In this post I am going to outline a number of steps you can take to help protect yourself and your family from becoming victims of a cyber attack.
1) Keep your devices up to date
This goes for all devices that connect to the internet but I would especially recommend it for iot devices as new exploits are exposed manufactures may push down patches to solve the vulnerability and therefor you should regularly check to make sure your device is running the latest software.
2) Change the default password on your device
This is a very important step to take as the majority of iot devices are mass produced with a default login and not changing this on day one will leave yourself vulnerable to attack. May I suggest using a password that is at least 10 character long with special characters and capitals and numbers i.e don't use your last name and type 123 after it. 3) Be familiar with your devices privacy section
What kind of information are you saving or sharing through this device and what guarantees are put in place that this information is been protected. Don't assume just because the manufacturer says its a secure device to use that it is and make sure your information isn't been shared with third parties. 4) Be carefully buying a second hand device or selling your own device
Buying a second hand device on line may come pre-installed with malware or a backdoor only buy second hand devices from a reputable dealer. On the flip side think long and hard about selling your device, resetting a device may look like all your data has been cleared but with a little know how a lot of this information may be retrieved. There are a number of programs out there that ensure proper data erasure and this may be something you should look into first.
For parents the risks of the internet to your child can be over looked. Coming up to Christmas you may be tempted to buy the next great gadget for your child however with the Vtech cyber attack this week as one example, how safe is the data your children are inputting into these devices? I would always advise parents if they are giving their children access to tablets and smart phones at a young age they should always consider a number of factors.
1) Don't put your child's personal data into any device when setting it up! Use your own details if you have to otherwise create throw away credentials to enter in any applications that don't require factual information.
2) Set boundaries! balance is key, create times of use around their devices avoid your children becoming addicted to their devices.
3) Educate your children to the dangers of the internet and the fact that everything they do online is there for life! Snapchat is a popular example to use and I suggest you give this article a quick read.
4) Put safe guards in place to monitor your child's online activity, this will give your child the device they want and you can have the piece of mind that they are not putting themselves at danger online.
5) Keep you kids off social media until they are an appropriate age, most sites don't allow children until they are 13 years of age but this can be easily overcome by entering a fake date of birth.
6) Make sure you need to enter a password to download apps and games don't leave your credit card information signed in on the device they use. This will allow you greater control over what applications they are using, it may also stop a nasty credit card bill from unseen app charges.
The internet is a great place but the dangers it poses are very real, take a few minutes to watch the video below before disregarding this post.
Below are some tools for monitoring or limiting the amount of time your child's device is in use.
For Window's users:
When you create an account designated as a child’s account, you get the option to enable Family Safety settings. Family Safety allows you to monitor and /or time the usage from your child’s account, block certain applications or sites, and get weekly reports reviewing the activity on the account.
For Mac users:
Log on as Administrator on your child’s Mac, go to the Sharing preferences and choose Screen Sharing. Continue to “Allow Access For” and choose Administrators. When you are on your Mac, go to the Finder and choose Go: Network to see your child’s Mac. Click on Share Screen to see the activity.
For Smartphones:
Backing up your child's phone’s content to your own PC or Mac is a good way of keeping tabs on things. This will allow you to see which apps are being used on the phone, and you’ll be able to see what calls and text messages your child is making. Be sure to activate the basic security features, as well as any further limitations on usage you want, I have already done a blog on securing iPhone's.
There are also many products on the market that will allow you to use GPS tracking and more in-depth monitoring of all your kids devices. One free option that allows some of this functionality is Norton Family Online. The free version lets you monitor every site your kids visit, examine a list of everything they search for, and track their activity across social media via any Internet connection. You can tell Norton to always allow (whitelist) or block (blacklist) certain sites, customize the settings for each child, and set time limits so you can boot them offline when it’s time for bed. A premier version lets you monitor their instant messages, video consumption and mobile devices. This is just one product that I am aware of but their are many similar software type packages out there.
I hope that you have found this post of some help and if you need advice on anything just pop a comment below and I will do my best to give you a constructive answer,
