phishing

09
May
2022

Apple, Google, and Microsoft – passwords and phishing

How Apple, Google, and Microsoft will kill passwords and phishing in one stroke

https://arstechnica.com/information-technology/2022/05/how-apple-google-and-microsoft-will-kill-passwords-and-phishing-in-1-stroke/

01
Dec
2017

Malware, Phishing, Hacking, Ransomware

categories: Cybersecurity, digital citizenship, digital identity, Digital literacy, educational technology, hacker, information technology, instructional technology, technology

Keeping Safe in a Digital World

How Not to be Hacked

Malware, Phishing, Hacking, Ransomware – oh my! Learn about the threats to you, your users and your library. During this session, we will explore the threats to online security and discuss solutions that can be implemented at any level. Most importantly, we will look at how we can educate our users on current threats and safety

Date: December 5th, 10AM

Presenter: Diana Silveira

Register: https://netforum.avectra.com/eweb/DynamicPage.aspx?Site=SEFLIN&WebCode=EventDetail&evt_key=bec597af-02dd-41a4-9b3a-afc42dc155e4

Webinar December 5, 2017 10 AM

create policies. e.g. changing psw routinely
USB blockers for public computers (public libraries). like skimmers on gas stations
do not use admin passwords
software and firmware updates.
policy for leaving employees
HTTP vs HTTPS
Cybersecurity KNowledge Quiz Pew research Center
http://www.pewinternet.org/quiz/cybersecurity-knowledge/

diana@novarelibrary.com

slideshare.net/dee987

facebook.com/novarelibrary

twitter @Novarelibrary

+++++++++++
more on hacking in this IMS blog
https://blog.stcloudstate.edu/ims?s=hacker

20
Apr
2017

categories: Digital literacy, educational technology, information technology

Sneaky Exploit Allows Phishing Attacks From Sites That Look Secure

Lily Hay Newman Date of Publication: 04.18.17. 04.18.17

https://www.wired.com/2017/04/sneaky-exploit-allows-phishing-attacks-sites-look-secure/?mbid=synd_digg

You know by now to check your browser while visiting a site to be sure it sports the little green padlock indicating TLS encryption. https://en.wikipedia.org/wiki/Transport_Layer_Security

+++++++++++++
more on phishing in this IMS blog
https://blog.stcloudstate.edu/ims?s=phishing

09
May
2021

4 Types of Artificial Intelligence

categories: educational technology, information technology, instructional technology

Understanding the 4 Types of Artificial Intelligence (AI)

https://www.linkedin.com/pulse/understanding-4-types-artificial-intelligence-ai-bernard-marr/

Understanding the 4 Types of Artificial intelligence from Bernard Marr

Reactive AI

Examples of reactive AI include:

Deep Blue, the chess-playing IBM supercomputer that bested world champion Garry Kasparov
Spam filters for our email that keep promotions and phishing attempts out of our inboxes
The Netflix recommendation engine

Limited Memory AI

For example, autonomous vehicles use limited memory AI to observe other cars’ speed and direction, helping them “read the road” and adjust as needed. This process for understanding and interpreting incoming data makes them safer on the roads.

Theory of Mind AI

The Kismet robot head, developed by Professor Cynthia Breazeal, could recognize emotional signals on human faces and replicate those emotions on its own face. Humanoid robot Sophia, developed by Hanson Robotics in Hong Kong, can recognize faces and respond to interactions with her own facial expressions.

Self-aware AI

The most advanced type of artificial intelligence is self-aware AI. When machines can be aware of their own emotions, as well as the emotions of others around them, they will have a level of consciousness and intelligence similar to human beings. This type of AI will have desires, needs, and emotions as well.

+++++++++++++++++++++
more on AI in this IMS blog
https://blog.stcloudstate.edu/ims?s=artificial+intelligence

17
Feb
2021

blocking scam calls

categories: Digital literacy, technology literacy

Australian Tech Giant Telstra Now Automatically Blocking 500,000 Scam Calls A Day With New DNS Filtering System from r/Futurology

https://www.zdnet.com/article/automating-scam-call-blocking-sees-telstra-prevent-up-to-500000-calls-a-day/

In May, the company kicked off with DNS filtering to fight against botnets, trojans, and other types of malware, and extended to blocking phishing text messages purporting to be from myGov or Centrelink before they hit the phones of customers.

++++++++++++
more on scams in this IMS blog
https://blog.stcloudstate.edu/ims?s=scam

31
Aug
2019

second-factor authentication

categories: Digital literacy, information technology

This is why security keys, not SMS, is the proper second-factor authentication. (App authenticators are better than SMS but still prone to phishing). Some young one may well have walked into a store saying “hi, I’m Jack Dorsey” with a fake-crap ID and got away with his account. https://t.co/PR0VPT4y63

— zeynep tufekci (@zeynep) August 31, 2019

30
Jan
2019

Protect Student Data

categories: cracker, Cybersecurity, hacker

Six Ways to Protect Student Data and Prevent Cyberattacks

By Ricky Doyle Dec 10, 2018

https://www.edsurge.com/news/2018-12-10-six-ways-to-protect-student-data-and-prevent-cyberattacks

School administrators and IT staff can be super-vigilant, but the hackers are getting better and better at sneaking through security.

the most common cybersecurity threats, and how can school staff avoid them?

Eavesdropping / Man-in-the-Middle (MiTM) Attacks

What they are: It’s likely that you sometimes use a school laptop or mobile device to gain internet access via Wi-Fi networks in public places like coffee shops or airports. If so, be aware that there may be hackers eavesdropping to try and gain entry to any two-party exchange you make so they can filter and steal data.

How to avoid them: Always use a school-verified SIM card, dongle or VPN(virtual private network) to access the internet in public places.

Social Engineering Attacks

According to Verizon’s 2018 Breach Investigations report, 92 percent of malware is delivered via email, often referred to as social engineering attacks. The aim is to interact with the user and influence and manipulate their actions to gain access to systems and install harmful software. Malware uses various guises. Here are some of the most common:

1. Phishing emails

2. Baiting attacks

3. Quid pro quo requests

4. Pretexting attacks

5. Contact with a ‘compromised’ website

31
Jan
2018

Putin’s game

categories: information technology, privacy, technology literacy

What Putin Really Wants

Russia’s strongman president has many Americans convinced of his manipulative genius. He’s really just a gambler who won big.

JULIA IOFFE JANUARY/FEBRUARY 2018 ISSUE

https://www.theatlantic.com/magazine/archive/2018/01/putins-game/546548/

(translated in Bulgarian http://librev.com/index.php/2013-03-30-08-56-39/prospects/europe/3371-igrata-na-putin-1

“They do plan,” said a senior Obama-administration official. “They’re not stupid at all. But the idea that they have this all perfectly planned and that Putin is an amazing chess player—that’s not quite it. He knows where he wants to end up, he plans the first few moves, and then he figures out the rest later. People ask if he plays chess or checkers. It’s neither: He plays blackjack. He has a higher acceptance of risk. Think about it. The election interference—that was pretty risky, what he did. If Hillary Clinton had won, there would’ve been hell to pay.”

Even the manner of the Russian attack was risky. The fact that the Russians didn’t really bother hiding their fingerprints is a testament to the change in Russia’s intent toward the U.S., Robert Hannigan, a former head of the Government Communications Headquarters, the British analogue to the National Security Agency, said at the Aspen Forum. “The brazen recklessness of it … the fact that they don’t seem to care that it’s attributed to them very publicly, is the biggest change.”

also: https://blog.stcloudstate.edu/ims/2016/11/13/hacking-voting/

in German: http://www.sueddeutsche.de/medien/phishing-attacken-der-feind-liest-mit-1.3378411

+++++++++++
more on cybersecurity in this IMS blog
https://blog.stcloudstate.edu/ims?s=cybersecurity

07
Jan
2018

cybersecurity threats for schools

categories: Cybersecurity, educational technology, information technology

The top 5 cybersecurity threats for schools

BY EARL D. LAING November 29th, 2017

https://www.eschoolnews.com/2017/11/29/cybersecurity-threats-schools/

1. Link Security

From ransomware to phishing and other types of security breaches, direct contact is the number one way that you can create a vulnerability in your system. Those who commit these online crimes are finding smarter and sneakier ways to infiltrate your data every day. Sometimes the attack can even come as an email from a legitimate sender, or appear to be a perfectly normal message on social media. The goal is usually to get you to click on a link.

Solution: Make sure the security preferences for your email account(s) are set up to filter spamming, phishing and executable files that aren’t recognized.

2. Unknown Devices

Solution: Your IT system should include a solution that tracks all devices, including those not owned by your school, that enter the network.

3. Out of Date Technology

Contrary to popular misconception, user interaction isn’t always required for a cyber attack to be launched. The WannaCry attack targeted hundreds of computers all with the same security vulnerability on their Windows operating systems.

Solution: Again, an IT solution that tracks all devices is important, but one that can also check on software upgrades and block access to certain apps is ideal.

4. User Error

A data breach in Florida is just one example of the chaos user error can provoke. This issue didn’t begin with hackers at all. It began with carelessness that caused sensitive information to become public.

User error occurs regularly, and a common root of this is failing to restrict access to files or certain sites that may be compromised.

Solution: Restrict user access to sensitive documents only to those who absolutely need them, and make sure that your site architecture is set up to require a secure login for access. You may also want to create a white list of safe sites and applications and block the rest.

5. No Backup

As disheartening as it sounds, even when you take all the necessary precautions to protect your vital information, data breaches can still occur. When an attack happens, it’s often a major blow to productivity to try and get all the information back into a secure place. Worse, vital work can be lost for good.

Solution: Install a backup system on each school device that sends data to a remote server throughout the day (not just at night) to help make sure nothing is lost.

+++++++++++++++
more on cybersecurrity in this IMS blog
https://blog.stcloudstate.edu/ims?s=cybersecurity

01
Aug
2017

fake emails

categories: Cybersecurity, digital citizenship, digital identity, Digital literacy, information technology, privacy

Why everyone still falls for fake emails

By Richard Matthews Jul 31, 2017

https://gcn.com/articles/2017/07/31/why-fake-emails-still-work.aspx

Phishing is likely to get only more sophisticated.

Based on my experience in Tallinn, we will see companies become more transparent in how they deal with cyber attacks. After a massive cyber attack in 2007, for example, the Estonian government reacted in the right way.

free anti-phishing software

+++++++++++++++++++++
more on phishing in this IMS blog
https://blog.stcloudstate.edu/ims?s=phishing+

Searching for "phishing "