THERE ARE HACKABLE security flaws in software. And then there are those that don’t even require hacking at all—just a knock on the door, and asking to be let in. Apple’s macOS High Sierra has the second kind.
Kaspersky Lab advised those who do not use anti-virus products to restrict execution of certain files (C:\Windows\infpub.dat, C:\Windows\cscc.dat) and shut down the Windows Management Instrumentation (WMI) service. My note: let the wolf in the shed with sheep.
The source of the attack remained undetermined, but earlier this month the head of Microsoft, Brad Smith, pinned the blame for it on North Korea, which allegedly used cyber tools or weapons that were stolen from the National Security Agency in the United States. The top executive, however, did not provide evidence to back his claims.
New ransomware attack hits Russia and spreads around globe
Based on my experience in Tallinn, we will see companies become more transparent in how they deal with cyber attacks. After a massive cyber attack in 2007, for example, the Estonian government reacted in the right way.
3. Use parental controls. Check the safety controls on all of the Android and Apple devices that your family uses. On the iPhone, you can tap SETTINGS > GENERAL> RESTRICTIONS and you can create a password that allows you enable/disable apps and phone functions. On Android devices, you can turn on Google Play Parental Controls by going into the Google Play Store settings
4. Friend and follow your children on social media. Whether it’s musical.ly, Instagram or Twitter, chances are that your children use some form of social media. If you have not already, then create an account and get on their friends list.
5. Explore, share and celebrate.
6. Be a good digital role model.
7. Set ground rules and apply sanctions. Just like chore charts or family job lists, consider using a family social media or internet safety contract. These contracts establish ground rules for when devices are to be used; what they should and should not be doing on them; and to establish sanctions based on breaches of the family contract. A simple internet search for “family internet contract” or “family technology contract” will produce a wealth of available ideas and resources to help you implement rules and sanctions revolving around your family’s technology use. A good example of a social media contract for children can be found at imom.com/printable/social-media-contract-for-kids/.
Managing Your Digital Footprint
Your digital footprint, according to dictionary.com, is “one’s unique set of digital activities, actions, and communications that leave a data trace on the internet or on a computer or other digital device and can identify the particular user or device.” Digital footprints can be either passive or active. The passive digital footprint is created without your consent and is driven by the sites and apps that you visit. The data from a passive digital footprint could reveal one’s internet history, IP address, location and is all stored in files on your device without you knowing it. An active digital footprint is more easily managed by the user. Data from an active digital footprint shows social media postings, information sharing, online purchases and activity usage.
Search for yourself online
Check privacy settings.
Use strong passwords
Maintain your device.
Think before you post
Keep These Apps on Your Radar
Afterschool (minimum age 17) – The Afterschool App was rejected twice from the major app stores due to complaints from parents and educators. It is a well-known app that promotes cyberbullying, sexting, pornography and is filled with references to drugs and alcohol.
Blue Whale (minimum age 10) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. It is a suicide challenge app that attempts to prod children into killing themselves.
BurnBook (minimum age 18) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. It is a completely anonymous app for posting text, photos, and audio that promote rumors about other people. It is a notorious for cyberbullying
Calculator% (minimum age 4) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. This is one of hundreds of “secret” calculator apps. This app is designed to help students hide photos and videos that they do not want their parents to see. This app looks and functions like a calculator, but students enter a “.”, a 4-digit passcode, and then a “.” again.
KIK (minimum age 17) – This is a communications app that allows anyone to be contacted by anyone and it 100 percent bypasses the device’s contacts list.
Yik Yak (minimum age 18) – This app is a location-based (most commonly schools) bulletin board app. It works anonymously with anyone pretending to be anyone they want. Many schools across the country have encountered cyberbullying and cyberthreats originating from this app.
StreetChat (minimum age 14) – StreetChat is a photo-sharing board for middle school, high school and college-age students. Members do not need to be a student in the actual school and can impersonate students in schools across the country. It promotes cyberbullying through anonymous posts and private messaging.
ooVoo (minimum age 13) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. ooVoo is one of the largest video and messages app. Parents should be aware that ooVoo is used by predators to contact underage children. The app can allow users to video chat with up to twelve people at one time.
Wishbone (girls) & Slingshot (boys) (minimum age 13) – Both are comparison apps that allow users to create polls, including ones that are not appropriate for children. Many of the users create polls to shame and cyberbully other children, plus there are inappropriate apps and videos that users are forced to watch via the app’s advertising engine.
Texas Teen May Be Victim in ‘Blue Whale Challenge’ That Encourages Suicide
Isaiah Gonzalez, 15, found hanging from his closet after an apparent suicide, as allegedly instructed by macabre online game
Nationally, the Associated Press reports that educators, law enforcement officers and parents have raised concerns about the challenge, though these two back-to-back deaths mark the first allegations in the United States about deaths directly linked to the online game. Internationally, suicides in Russia, Brazil, and half a dozen other countries have already been linked to the challenge.
card has a tiny RFID sensor chip. These chips are supposed to make life easier by emitting radio signals for fast identification. The technology helps keep track of livestock and inventory. It makes automatic payment on toll roads and faster scanning of passports possible, and, starting around 2004, brought us contactless payment with certain credit cards.
REI and other companies sell a range of RFID-blocking products and say the number of customers looking for travel bags and credit card sleeves has been growing. That’s despite the fact that the percentage of credit cards with RFID chips in the U.S. is extremely small.
Eva Velasquez, president of the Identity Theft Resource Center, says from a consumer perspective, deciding whether to invest in RFID-blocking technology is all about evaluating risk. In the next few years, there will undoubtedly be millions more of these cards on the market.
if you’re worried about e-pickpocketing but don’t want to spend much money, you can make your own blocking wallet or wrap your cards or passport in a thick piece of aluminum foil. According to Consumer Reports, that works as well as most RFID protectors on the market.
more on cybersecurity in this IMS blog
The education program, which aims to reach as many as 1.8 million Girl Scouts in kindergarten through sixth grade, is being developed in a partnership between the Girl Scouts and Palo Alto Networks, a security company, the organization said in a press release.
Here’s an easy way to explain IoT hacks to students:
A hacker accesses a device, like a webcam, through its internet connection. Devices with weak security or easy-to-guess passwords make easy targets.
The hacker can then infect the device with malware, a type of computer virus that takes control of a device.
The hacker now has a number of options. He or she can use the device to spy, infect other devices or attack a target like the servers (centralized computers that store network data) targeted in the October 2016 attack.
Research the manufacturer. Are they reputable? Have they previously been hacked? Big, established companies based in developed countries are usually the safest.
Read up on security features. Is the device password-protected? Can you set your own password? If so, make it a strong password that uses numbers, letters and symbols — avoid common words or phrases.
Regularly check for updates. Good companies will regularly update the software on their devices to protect against vulnerabilities.
Ask yourself — do you need it? Make sure internet-connectivity is something you really need on the device you’re using. In many cases, internet-connectivity is not necessary for the device to function properly.
a few tips that students can use to protect their privacy while using smartphones:
Research apps before signing up for them. Is it from a reputable developer? Has it had security issues in the past? Use the same approach as when researching IoT devices.
Look over the terms of service. What information does it require? Does it track or store your data? Can the developer sell your information? All of these questions are important to consider.
Be careful when linking apps to your social media accounts. Giving apps access to your social media accounts makes them vulnerable to hacking. Is there a good reason for the accounts to be linked? Can you sign up without linking to a social media account?
Use two-factor authentication. Two-factor authentication requires authorization beyond a password when using unrecognized devices such as entering a code sent to your cellphone. As apps allow, be sure to use two-factor authentication which will make it more difficult for hackers to access the information stored in your apps.
The 27-unit course will use 2U’s online learning platform for live, weekly meetings. Between sessions, students will have access to interactive content designed by MICS faculty. Students will also have the opportunity to visit campus to meet faculty and classmates and attend lectures and workshops curated specifically for students in the program.
Researchers at Carnegie Mellon University‘s CyLab Security and Privacy Institute have developed a new tool for analyzing network traffic and identifying cyber attacks. The tool uses data visualization to make it easier for network analysts to see key changes and patterns generated by distributed denial of service attacks, malware distribution networks and other malicious network traffic.
Mr. Fomenko was recently identified by an American cybersecurity company, ThreatConnect, as the manager of an “information nexus” that was used by hackers suspected of working for Russian state security in cyberattacks on democratic processes in several countries, including Germany, Turkey and Ukraine, as well as the United States.
Rather than issuing blanket denials, Mr. Fomenko is apparently eager to discuss his case, lending another, if still cryptic, dimension to the intrigue, restricted before now to digital codes and online fingerprints.