Cybersecurity

You are here

Google Really Wants You to Use Different Passwords

Apparently "Guest123!" isn't the most secure password on the Internet. Who knew? If you are guilty of using common passwords, or the same password for various websites, you should consider enhancing your online security. Google's Security Checkup function now alerts users to when websites for which it stores a password have been compromised. The alert not only urges users to change the password for that particular site, but also might nudge people to not use the same password across multiple websites.

Watch Out for Deepfake Videos and Images

Here is another vocabulary term you need to add to your lexicon – deepfakes. Deepfakes are images and audio pulled from social media accounts to create convincing videos – sometimes of people who never existed - for extortion, misinformation and disinformation. Deepfake technology enables anyone with a computer and an Internet connection to create realistic-looking photos and videos of people saying and doing things that they did not actually say or do. Cybercriminals are increasingly interested in the potential use of deepfake videos to pressure people into paying ransom or divulging sensitive information or to spread misinformation, Trend Micro reports, making the vetting of any information online or in media even more important.

Coronavirus Tracking Apps Could Threaten Personal Privacy

The coronavirus tracking apps coming onto the market, initially hailed as an important tool for containment of the virus, have quickly encountered fears about privacy, cybersecurity and effectiveness. Tracking apps are already in use in Australia, India, China, Singapore and South Korea, and under development in France and Germany. In the United States, tech giants Google and Apple are teaming up to develop “exposure notification” software for use in iOS and Android apps. The technology uses Bluetooth signals to determine the distance between phones. A person with a confirmed case of coronavirus can automatically send notifications to other phones with the contact tracing app, alerting users that they may have been exposed to the virus. The software, which is in beta testing, will be shared with local health departments. Apple and Google say location services will not be used and any personal data would be anonymized and stay on the user’s phone, rather than going to a centralized database. However, researchers say that anonymized data can be reverse-engineered and mined for valuable particulars including gender, age and marital status.

Connected Cameras in Your Home: How to Stay Safe

There are a myriad of stories floating around online about laptop cameras, security cameras, and baby monitor cameras being hacked, allowing hackers to both spy on or communicate with unsuspecting adults and children. While these attacks do happen, they are preventable. Here are a few tips if you have these devices in your home:

  • If you haven’t already, you probably should cover the camera lens on your desktop or laptop, even if you just fold a piece of paper or put a sticky note. For most of us, chances of being spied on this way will never happen, but it is easy to eliminate all risk.
  • Secure your wireless router so that you can disable remote access to your router. This will prevent it from being configured from anywhere but inside your house and connected to your network. This is especially important id you have Internet protocol (IP) cameras in your household, including your baby monitor. These devices use the Internet and your local area network to communicate with your smart phone.
  • Next you need to add layers of protection – one is not enough. First and foremost, all cameras in your household should have a strong password. It is important to treat your cameras with the same attention to security that you do with your laptop, tablet and phone. You will also want to make sure your network itself is protected by enabling encryption and disabling remote access. Another good tip is to change the name of your home network – leaving it as default can tip off a cybercriminal onto what type of router you have. If they know the manufacturer of your router, they will know the vulnerabilities that model has and can try to exploit them, according to Ioana Rijnetu from the Heimdal Security blog.
  • Stay vigilant and make sure your keep the firmware – the pre-installed software that runs your camera – updated. Since the steps for doing that vary from manufacturer to manufacturer, make sure you know the name and model of your camera if you need to consult with the manufacturer.
  • Beyond that, follow this Video Baby Monitor Security checklist that works for most any kind of camera in your home.

 

Expert Calls on Schools To Address Digital Threats

In a recent opinion piece in The Dallas Morning News, Doug Levin, president and founder of the K-12 Cybersecurity Resource Center, challenges school leaders to take measures to protect both their schools and communities from digital threats amid growing reliance on technology in school operations, teaching and learning. He urges them to collaborate on security challenges and share information on cyber threats with other school districts that face similar issues. School cybersecurity failures across the country have resulted in the theft of millions of taxpayer dollars, outages of school IT systems, and large-scale identity theft.

School Districts are Dealing with Social Media Impersonators

Did you receive an update or post from your children’s school on social media that seems a little off? Fake accounts for schools and school districts, and even school administrators, have popped up all over the country. Most of the claims on the sites  - like a feral skunk being loose in a school building that has to be closed and burned down – are so outrageous that most parents spot them or figure out they aren’t coming from the school’s regular communication channels, but these kinds of accounts do pose all kinds of dangers, especially in emergency situations.

Schools are fighting back by sending out clarifying messages on their actual Twitter and Facebook pages and immediately forwarding the fake message to school, school board leaders, and local media to inform them of the issue so they don’t accidently share the false information.

The Sequel to “Predator the Thief” Gets Unwelcome Update

Malware known as “Predator the Thief”, which is capable of stealing usernames and passwords, has received updates that could make attacks more effective. The malware has added phishing documents, such as fake invoices from companies you may do business with (while a previous campaign used a fake court summons as a lure), to attract victims and has become better able to avoid detection and analysis. Remember to never open an attachment in an email or text unless you know who it is from and what it might be about.

Should Schools Use Facial Recognition Technology?

The use of facial recognition technology continues to grow in K-12 schools despite research suggesting the software may be inaccurate as much as 35% of the time when scanning female faces with darker skin. School leaders say the technology improves security by alerting officials to potential threats more quickly, but these findings raise definite concerns about inequality and social stigmatization.

Watch Out For “Juice Jacking”

Travelers who need to charge their smartphones while on the go might want to avoid public USB charging stations, due to the security risk known as "juice jacking." California law enforcement is warning that USB charging outlets in airports and coffee shops could be loaded with malware. The malware could lock your smartphone or forward personal information such as passwords to hackers.

Fake Microsoft Update email Contains Ransomware

PC users who are updating to the Windows 10 operating system are being warned about fake update emails coming from an address that looks like it is Microsoft. The emails have an attachment that contains ransomware and will encrypt the user's files or lock up a computer, demanding $500 in bitcoin to unlock data. "Windows users should understand that Microsoft will never send patches via email, but rather use their internal update utility embedded in every current Windows operating system," writes Karl Sigler, threat intelligence manager at Trustwave SpiderLabs.

Pages