¦ vStaffers Facebook Blog  ¦  Digital Security Blog  ¦ 20k likes: Spiritual Minds ¦ 20k likes: Bitcoin Buro  ¦  Crypto Buro  ¦  M Markus Harrison

 


 

Digital Security Facebook Blog

 

This is an automated feed of our popular Digital Security FB Page.   Keep yourself and your business safe in today’s threat-filled online environment!   Don’t allow security errors like those that resulted in the US presidential election fiasco (confidential e-mail leaks) or the Panama Leaks scandal (outdated plugins) or the thousands of ransomware attacks that happen every single day.  At Digital Security we keep you abreast of everything you need to know to stay safe, from Android & iPhone security threats to email phishing to website hacking.

 

If we have a popular security blog, you KNOW that we take security seriously at vStaffers.   Any website, FB page or other content we build for YOU will have the latest in firewalls, security plugins & procedures and unhackable passwords.

 

 

To view the page on Facebook, just click the logotype below.

 

  • "2FA, also called multi-factor authentication or two-step verification, is a great way to dramatically improve the security of on online account — whether it’s at your bank, a file-sharing service, or your email. The idea is that even if thieves manage to snag your username and password — through phishing or via password-stealing malware — they still need access to that second factor to successfully impersonate you to the system."

    A recent, massive spike in sophisticated and successful phishing attacks is prompting many universities to speed up timetables for deploying mandatory two-factor authentication (2FA) — requiring a one-time code in addition to a password — for access to student and faculty services online. This is th...

    Read More...

    March 24

  • Should you be forbidden to hack your own property? According to the lawmakers who wrote the DMCA, that's a crime. Our take: if you want to jailbreak your iPhone, that's your business.

    Not only is proprietary software an issue with John Deere, it's a problem that could affect your car, as well.

    Read More...

    March 23

  • When you see https:// and the lock icon, your Internet data is encrypted enroute. However, your data can be intercepted by rootkits and keyloggers on your device. Good AV software will sweep for those.

    If the tech industry is drawing one lesson from the latest WikiLeaks disclosures, it's that data-scrambling encryption works, and the industry should use more of it.

    Read More...

    March 11

  • IoT is the Internet of Things like a Smart TV or fridge. This article discusses the security threats to IoT. Tip: turn off uPnP on your router if you don't need it.

    Is your refrigerator running… a targeted DDoS attack without your knowledge? If it’s connected to Wi-Fi, it very well might be. Many (too many) of the connected devices that make up the Internet of Things (IoT) are extremely easy to hack. New IoT devices are being designed and released every day — f...

    Read More...

    March 09

  • Think about this: your colleague emails you a routine email asking about some expenses but when you click on the expense file.. BAM! You just got hacked. Read on..

    Smaller institutions report an increase in sophisticated attempts to gain access to financial and personal information.

    Read More...

    March 08

  • The CIA can listen through your Smart TV even if it's off. I'm not too worried about them but other governments will or are doing it too.

    Maybe the CIA is spying on you through your television set after all.

    Read More...

    March 08

  • WARNING: If you are directed to a webpage marked "SECURE" (with the lock icon in the address bar), it does NOT mean the site is safe, it only means communication between you and that site is secure. The CA (certificate authority) known as "Let's Encrypt" hands out security certificates to known spammers.. they handed out over 988 certificates with PayPal in the name, and there's only one real PayPal. Disgraceful!

    Let's Encrypt has issued 988 SSL certificates to websites with the word "PayPal" in the domain. All but four appear to be malicious. There's an easy fix for this, and as Vincent Lynch argues: it can be accomplished without undermining the CA's larger mission.

    Read More...

    March 06

  • Very good review of TOP SECURITY TIPS for YOU! This info is simple, general and applies to everyone. It's in the form of 20 slides to scroll through, with very simple tips on the right-hand sidebar. Sample: Do NOT use real answers to "security questions" because these are discoverable, use your own fake answers and record them in a password manager like LASTPASS. Another sample: do NOT use your real birthday or real address when signing up for various sites and services that don't really need to know this info. (e.g. They ask your birthday to make sure you're not a minor.)

    We all have computers and laptops, but are we doing all we can to stop our personal information from being stolen? We spoke to a professional ethical hacker who give us his top tips on how to make sure you don’t fall victim to data theft.

    Read More...

    February 23

  • Microsoft blows exploit-fix. All it would have taken is an email saying we need more time. This is the problem with huge organizations.. "that's not my job."

    Mess in Windows graphics library can give bad hombres access to memory

    Read More...

    February 21

  • What you need to know: if someone wants to get you, they can build a fake online identity to infiltrate your organization and make it much easier for them to phish you. In Qatar, it was Amnesty International who was targeted because they're trying to help workers. The phishing works because you think you're dealing with someone you know.

    Attacker targeted groups in Qatar, Nepal using extensive fake social media profile.

    Read More...

    February 15

  • Bad news. As more info comes out and phishing keeps going up, Chrome is looking more and more unsafe. In this article, Data: URLs are explained. Suffice it to say they're a hackers delight and Microsoft’s Internet Explorer and Edge browsers already block all top-frame navigations to data: URLs. Why not Chrome??

    Google is considering restricting the Data:URL scheme to combat a spate of Data URL phishing that has underscored the dangers inherent with the URL scheme.

    Read More...

    February 07

  • Recovery drives are ESSENTIAL in case you run into problems with your PC. The tool that can make this happen in Windows 10 is called Recovery Media Creator. You will need a USB or external drive of 8gb or more and it will be reformatted. Here's how to create. It's easy. Do it now. You have been warned.

    Recovery drives are an essential weapon in case you run into problems with your PC. The tool that can make this happen in Windows 10 is called Recovery Media Creator and Microsoft has kept it almost the same as it was in its previous operating system: Windows 8.1. In this tutorial we will show you h...

    Read More...

    February 07

  • 2. Use the Shift + Restart combination A key computer skill you need to know is how to boot into Safe Mode to fix problems. Windows 10 is different from previous windows. On way of getting into Safe Mode in Windows 10 is to use the Shift + Restart combination. Open the Start menu and click or tap on the Power icon, then shift+Restart.

    If you've used Windows 10 for a while, you might have noticed that the "old ways" of booting into Safe Mode no longer work. By that, we mean trying things like pressing the F8 or Shift + F8 keys on your keyboard while booting. These methods stopped working in normal cases because the boot procedure…

    Read More...

    February 07

  • Google Chrome can now communicate with your Bluetooth devices. This could obviously be a security risk. Be aware. That's why our security blog exists!

    Trust us, says Google, we understand privacy

    Read More...

    February 06

  • FYI What Not to Do after a Hack: This luxury hotel had to pay such a low ransom, equivalent to a few days stay, that they should have considered themselves very lucky and fixed the security holes. Instead what do these fools do? Announce they're replacing the entire system with old technology. Moving back in time is never a solution to poor procedures. (Physical keys are easily copied and endanger their guests much more than this hack.)

    Read More...

    January 30

  • Darknet Scams using Wikipedia: "Clicking on a dark net link — which has a .onion address — requires the Tor browser. Although Wikipedia’s editors work to root out the false links, it’s a slow and never-ending fight. Here’s a phishing link from Tuesday directing users to a fake version of AlphaBay, the largest dark net market in existence." EDITOR: the scary part is that the phishing link looks almost exactly the same, including the .Onion extension. Normally we recommend typing in URLs directly but in this case it's not something you could remember so you'd need to bookmark the correct site.

    Phishing is a hacker’s most effective weapon — just ask the U.S. politicians whose world turned upside as a result of spearphishing during the 2016 campaign. But phishing has multiple faces, and the threat extends far beyond emails. Persistent and profit-driven dark net crooks have spent the last ha...

    Read More...

    January 29

  • US piracy crusade loses force.

    Read More...

    January 29

  • New topic: bad cables can fry your device. eg: Micro-usb cables used to charge Android phones. We like saving money by buying from eBay or dollarstores but now the risks are becoming clear. Even buying brand names may not work due to counterfeits. Even top-rated eBay sellers often supply false spec's; if anyone complains, they refund the item price but this won't get your fried device working again. Be careful.

    Benson Leung, an engineer on Google’s Pixel team, was doing God’s work by risking his Chromebook Pixel, which charges via USB-C, to test every single USB-C to USB-A cord available to general consumers. One crappy cord, and his $1500 computer would be fried.

    Read More...

    January 27

  • Quickbooks Phishing Scam What we would like to know is how this malware is actually inserted onto your PC. IE: does the user have to approve installing software or does it somehow do it automatically? This is the problem with tech articles in regular media: they're dumbed-down.

    Scammers are always looking for new twists on common scams, especially when it comes to phishing emails. These emails are meant to trick you into clicking a link and either providing personal information or downloading viruses or malware.

    Read More...

    January 25

  • VPNs are excellent for your security and privacy. Any country that prohibits them is a dictatorship.

    Amid uncertainty regarding cryptocurrency trading, China has announced a formal ban on the unapproved use of virtual private networks (VPNs) within its borders.

    Read More...

    January 25

  • FYI general background info about fake news.

    Nearly 200 publishers were kicked off its advertising network in November and December of last year — some, for violating Google's new policy on serving misleading content to users.

    Read More...

    January 25

  • Bad news: phone pattern passwords not as secure as we thought.

    Researchers are warning Android users off protecting their smartphones with a lock pattern, having found that the majority of them can be cracked within five attempts.  

    Read More...

    January 24

  • This is a security blog so we have to tell you that running XP is now too dangerous since major security holes and exploits are no longer being fixed. The other bad news, according to this article at PCadvisor, is that it's not possible to upgrade to Windows 10 and keep your XP programs and settings. With Windows 7 and 8, the upgrade is free and migration is possible. Good luck everyone.

    Windows XP is still running on many PCs around the world. If you're one of the people realising that it's probably time to upgrade, here's how you can get Windows 10 on your PC or laptop.

    Read More...

    January 24

  • New SMS scam to overcome 2FA. Don't fall for it.

    The next text message you receive could ruin your life. Increasingly, SMS messages are being used as a way of duping people into giving up their online accounts, and out of their identities and their money. Many of those messages arrive looking perfectly innocent, and even useful. But they could be…

    Read More...

    January 24

  • For once, a post about new features of Google Voice, a useful service, versus a nasty new scam.

    Surprise! Google Voice is alive and well. Here's what's new.

    Read More...

    January 23

  • We've already reported this but the article is well written so we're including it.

    Phishing attacks can be effective enough when sent from an email address that looks similar to one you've seen before. When it comes from the email address of an actual person you've communicated with even savvy users can be fooled.

    Read More...

    January 22

  • We take your privacy seriously.. do you??

    Facebook snooping is more widespread than you think and the main perpetrators aren't unknown hackers.

    Read More...

    January 20

  • INTERESTING F.Y.I. (We always specify whether a post is must-read or not.)

    Some days ago we reasoned that BLOCKCHAIN investments are the way to go. The US government agrees with us.

    Read More...

    January 20

  • Here at Digital Security we take your privacy seriously and keep you informed about what you need to know. We're sad to report that by providing backdoors, the Canadian company Blackberry has taken the ATT approach of favouring governments over you. Sad. My smartphone IS my life. We applaud Apple for putting customers first. Regarding the government's assertions that they need backdoors, etc. to fight crime and terrorism.. not true! Let's take the case of the Syrian "Islamic -murderer" who committed the Xmas truck attack in Berlin. He had been radicalized by an Imam in Berlin who should never have been allowed to operate in the first place. Plus the guy was a known criminal who should never have been walking free. Easily accessing the killer's phone after the attack wouldn't bring the dead back to life. In summary, security experts say that governments need to follow the Israeli model (find terrorists first) over the US model (wait, then try to search everyone at the airport, including 85-year old grandmothers.) REMINDER: Talking about airports, remember that customs officers can ask you to unlock your phone so they can look through it. And in many places like Singapore, porn is illegal. Not that we have any on our devices! Just sayin' Please LIKE and SHARE to keep these reports coming.

    Read More...

    January 19

  • Gmail Phishing Scam: The Canadian national news channel Global picked up this story long after we reported it here. It's very well explained so we're posting it again. What you need to know: Gmail is just too important to leave unsecured. Secure it with 2-FACTOR AUTHENTICATION and use a separate high-security account for password resets on other accounts. Comment if you need more info. Please LIKE if this info is useful.

    A newly discovered phishing scam is tricking even the most tech-savvy Gmail users into handing over their login information.

    Read More...

    January 17

  • This is an article for hackers but what we can learn is that malware delivers a payload to your device. In this case, the payload is cryptocurrency mining software which turns your computer into a slave. PS: Your computer running slowly lately?

    Security researchers from Trustwave and Malwarebytes have come across a new, poorly assembled exploit kit that appears to be the work of a one-man crew.

    Read More...

    January 15

  • Phishing via Google Accts. Do you have a Google account? Read this...

    A new phishing attack hops from one Gmail account to the next by searching through compromised users’ previous emails for messages with attachments, then replies them from the compromised acc…

    Read More...

    January 15

Please spread the word! :)

  • Follow by Email
  • Facebook
    Facebook
  • Google+
    http://www.vstaffers.com/digital-security-fb-blog/

Please spread the word! :)