Do You Know What it Feels Like to Get Hacked?

Do You Know What It Feels Like To Get Hacked? | Social Media Today

Hopefully your answers is “no”, and the intention of this blog is to keep you cyber safe in 2017.

Remember the hack of the Ashley Madison site? The top 3 passwords used on that site were “123456”, “12345” and “password”.

While there are no guarantees that malicious actors won’t get to your information, the following tips will decrease the probability of having your personal information hacked.

Let’s do some cyber maintenance. In addition to changing your passwords, learn other ways to make your cyber presence safer.

1. Have Complicated, Unique, Difficult-To-Crack Passwords

Hate changing your passwords for your social media, online banking, Amazon.com and other online accounts? So do I. But having someone invade your privacy, social channels, or even financial information is a lot worse.

A good solution to create strong passwords (and track them at the same time) is to sign up for a password storage tool. 1Password carries a yearly fee, and I’ve also heard good things about a free tool called LastPass.

All you need to do, once you have such a tool, is to create one really complex password and remember it. Then you can let the tool auto-generate all your other long and tricky passwords, which you won’t need to remember.

2. Never Reuse a Password

Don’t use the same password or slightly modify it to use it on multiple accounts.

Make each password unique, with a mix of upper and lower case letters, numbers, special characters – at least 9 characters, ideally more.

3. Update Your Passwords Regularly

Change your passwords periodically (at least every 6-12 months). While having a really difficult password is the number one way to protect your accounts, changing your password can’t hurt.

4. Prevent “Dictionary Attacks”

Don’t use dictionary words, your pet’s name, your college or any other words that have an obvious correlation to you as a person. These are easy to find, even just via Google, and so-called “dictionary attacks” – which are extremely common and simple – can crack those passwords in no time.

NOTE: Personally, I also discourage publishing your birthday on LinkedIn or Facebook as this date is a crucial detail to cracking and taking over your (online) identity; especially in the USA where birth date and social security number ARE your identity.

5. Keep Your Security and Privacy Settings Current

Facebook, LinkedIn and other social media channels occasionally change their privacy options, which is easy to miss (or dismiss) as such updates are not particularly interesting.

For a safe 2017, visit your social channels and review your privacy and notification settings. While you’re there, disconnect access for apps you no longer use.

6. Enable Two-Factor-Authentication

Something often dismissed as too complicated is two-step-verification.

Most social platforms, banks and other accounts now provide this as an option – here’s how it works:

  • In addition to your password, every time you sign in, you get a text message or app notification with a code that you need to enter before you get access to your account.
  • You’ll be asked to specify your trusted device(s) to receive the code, e.g. your iPhone or iPad, so only you have access.

7. Don’t Store Passwords in Your Browser

I know, it seems convenient but hackers feel the same way.

Browser attacks are very common – here’s some more information on common threats by Kaspersky.

8. Have a Security Program Installed

You need a virus protection program at a minimum, and many of these now come with privacy packages to help you in case you do get hacked.

Here’s a suggestion for 10 virus protection programs. Also consider a service that alerts you to invasions into your personal information, like changes in your credit report. One option is Lifelock.

9. Install Software Updates

Don’t dally when it comes to installing updates to your applications, operating system or website. While I admit that I sometimes wait a few days when a new OS update comes out so that the main bugs can be fixed first, I never wait for more than a week.

10. Be Suspicious of URLs Before You Click

Phishing is generally an attempt to get users to click on a malicious URL that will upload a virus if you do.

Never click on a URL sent by your bank, PayPal or other account that requires you to sign in.

Often, malicious actors will steal your password that way, or upload a virus. Instead, go to the site directly and log-in from there to check on any message.

Also, be suspicious about the senders of any message you receive via email or social media. Sometimes when I see a shortened link, I ask the sender to give me the URL to look it up myself or I pass.

 

 

[Source:- Socialmediatoday]

Amazon Echo Is Finally Contextually Aware Like Google Home, Users Report

Amazon Echo Is Finally Contextually Aware Like Google Home, Users Report

Amazon’s Alexa-powered Echo smart home speakers have reportedly received the ability to have contextual conversations, with the latest update to the Alexa virtual assistant, seemingly on the lines of its rival Google Home speakers. Even though some users have said that the contextual conversation with Amazon’s voice-activated speakers are still a hit-and-a-miss, it can definitely be seen as a step in right direction by the company.

Some Echo users have said on Reddit forums that follow-up questions are now available and that Alexa now has context through an Alexa update pushed out over last few days, as spotted by 9to5Google. However, the contextual understanding seems to be in nascent stages as pointed out by some users. For example, one user on a Reddit forum said that Alexa works fine if you ask questions like “What’s the weather in Houston Texas” and then follow it up with a question like “What time is it there?”

However, he pointed out that it fails for some complicated line of questions, for example, he asked Alexa when Carrie Fisher died, after Alexa answered successfully, he followed up with the question “How old was she?” to which it remained silent.

Even though Google Home has a much more developed database for contextual understanding with its Google Assistant, Amazon’s Alexa-powered products offer some third-party services that might help it sustain while it continues to develop on the recent update. As Google is also trying to add more and more services to its offering, it will be interesting to see which product comes out on the top.

 

[Source:- Gadgets360]

 

Opinion: When Chrome, YouTube and Firefox drop it like it’s hot, Flash is a dead plugin walking

Opinion: When Chrome, YouTube and Firefox drop it like it's hot, Flash is a dead plugin walking

But we wanted more: interactivity, responsiveness, perhaps even a little bit of bling. Flash made this happen, and animators and designers could create all the interactivity they wanted and wrap it up in a file that was inserted into the web page and downloaded on request.

The web is a hostile place for browsers, however, and the more functionality exposed to the web, the larger the surface exposed to attack. Flash offers a large attack surface, and because animation is often computationally demanding, Flash needed deep access to many aspects of the computer to work well, making any flaw potentially serious.

Security isn’t the only problem with Flash. For example it wasn’t security but Flash’s demanding processor and battery consumption that caused Steve Jobs to banish Flash from the iPhone and iPad. On a device with such limited resources as a smartphone or tablet, Flash just doesn’t fit.

While these drawbacks could be tackled, Flash’s proprietor Adobe seems uninterested in doing so, having not released an update to Flash Player on mobile since 2012.

Flash forward to the future

Yet Flash endures, mainly on account of the last 20 years in which websites have been created using it and the plugin has been installed in billions of browsers. There have been attempts at alternatives: Microsoft’s Silverlight was Windows-specific and never caught on, and even the company itself urges people not to use it; Java applets have even worse problems than Flash, and have already been deprecated or removed from modern browsers.

The best hope for the elimination of Flash is HTML 5. The latest version of HTML, the markup language in which web pages are written, finally includes support for directly embedding video and audio in a web page. In combination with JavaScript, web pages can now offer all the interactivity and animated bling that anyone could want. Having previously been without a doubt the largest user of Flash, YouTube now uses an HTML 5-based player as default for its video content. Google’s Chrome browser dropped support for Adobe Flash some time ago, and uses only its own version.

HTML 5 has two major advantages over Flash. As a much more modern technology (2014 versus 1995) it delivers better results with fewer resources, making it better suited to mobile devices. But more importantly it requires no plugin, which means the surface open to attack by hackers doesn’t expand just because you want to watch a video, or because some site wants to display an animated advert.

Of course there are still sites that use Flash extensively, and these will have to be redesigned in HTML 5. While these sites still exist and people wish to use them, the Flash problem will not go away.

It’s more than just Flash

Flash’s problems make it an easy target, but it’s just one place where security failures occur. Of the zero-day exploits discovered so far in the Hacking Team leak, three relate to Flash, one to Java, one to a font processor for Windows (also made by Adobe), and one to Microsoft’s Internet Explorer 11 browser. But security is hard, no software is invulnerable, and breaches like this will continue to happen. Even if Flash is somehow secured – or disappears entirely – security flaws will still be found and exploited in other software. Security is an ongoing journey, not a destination.

The bigger problem is how the exploits originate. Hacking Team didn’t discover most of these exploits – they bought them from hackers who found them, keeping them secret for use in their products. Perhaps this is why a security firm such as Hacking Team becomes a tempting target for criminals, as a concentrated source of zero-day exploits.

As governments and intelligence agencies collect more information, they will also become more valuable targets. If Britain’s GCHQ is able to bypass all encryption, as prime minister David Cameron has suggested, then all our data could be vulnerable to anyone who can find the slightest crack in GCHQ’s armour.

 

After more than 20 years making the web a slightly more interesting and interactive place, albeit one that pandered to designers’ worst excesses and (in pre-broadband days) led to interminable download waiting times, the word on the net is that Adobe Flash Must Die.

The ironic hack of Hacking Team, the controversial security and surveillance software firm, exposed yet another brace of security flaws and vulnerabilities in Flash, the hugely popular multimedia animation plugin for web browsers. This may be the final straw: Mozilla has disabled Flash by default in its Firefox browser, and Facebook’s chief of security has called for Adobe to set a date when the program will be taken behind the shed and shot.

Why hate Flash?

The software and services that Hacking Team sells provide the means for its government and law enforcement clients to break into and even control computers remotely through the internet. The huge leak of the firm’s company data also revealed details of previously unknown vulnerabilities in software that could be exploited to provide ways of hacking computers – known as zero-day vulnerabilities because the software’s manufacturer has no time to fix the problem.

Zero-day vulnerabilities are great news for criminals. Three of these vulnerabilities were in Flash, and some of those revealed in the leaked documents appeared in attack kits available online within hours – faster than the developers of the affected programs could fix the holes, let alone distribute the updates to millions of users worldwide.

The Flash plugin is notorious for being riddled with security flaws and other shortcomings. Yet it’s also one of the most popular pieces of software on the planet. So what will it take to kill it?

It seemed like a good idea at the time

Back in the web’s dim and distant past (the 1990s), web pages were static, unyielding things with just text and images and occasionally a dumb animated GIF that everyone but the designer hated.

 

[Source: Phys.org]

Sleep like a pro with Fitbit’s new night-time-targeted application

For you to enhance its sleep and nighttime features, Fitbit has introduced a raft of recent tweaks and updates across its variety of wearables – consisting of the reachable new Sleep time table function.
The today’s addition to the Fitbit app, which fits in tandem along with your desire of fitness tracker, the Sleep time table application permits you to absolutely personalize your sheep counting hours so that you can get the most regular and useful length of downtime.

great of all, Sleep time table uses all the preceding information your Fitbit wearable has collected on you so it could assist manual you in the direction of a much smoother and uninterrupted night time‘s kip. The sleep-centric phase of the Fitbit app has lengthy been considered one of its weakest areas, so seeing those capabilitiestogether with being capable of set sleep dreams or reminders – feels lilke this segment is in the end falling in step with its first-rate health offerings.

Fitbit has also confirmed that the addition of Sleep time table is simplest the beginning of its middle of the night characteristic overhaul. it’s teamed up with researchers and sleep professionals from college of Arizona, Johns Hopkins college and Stanford university to create extra utilities that assist maximise sleep and efficiency.