87 minutes | Jun 3, 2023
Preserving Innocence: A Parent's Guide to Protecting Children from Social Media Hazards
In today's digital age, our children face unprecedented risks on social media platforms. As parents, it's crucial to understand these threats and take proactive measures to ensure their safety. In a recent article, I delved into this pressing issue, highlighting key points that every parent should keep in mind. Join me as I discuss the alarming ease with which children can be exposed to inappropriate content and dangerous individuals online. We'll talk about vigilance, monitoring, and teaching our kids how to be safe online. Don't miss out on the essential tips and tools I've shared in the article to help shield our little ones from the dark side of the internet. Subscribe now to our podcast and gain valuable insights into protecting our children from the potential pitfalls of social media. To access the detailed article and embark on this journey of safeguarding our children, visit: Stopping Children From Becoming Victims Of Social Media Remember, our kids' safety is in our hands. Let's work together to create a secure digital environment for them. Subscribe today and be part of the solution! Note: This podcast episode is based on the insightful article by Craig Peterson. For further details and a comprehensive understanding, we encourage you to read the related article provided in the show notes. You can also catch Craig at the following stations and channels: With Jim Polito at 0836 Tuesdays WTAG AM 580 - FM 94.9 Talk 1200 News Radio 920 & 104.7 FM WHJJ NewsRadio 560 WHYN WXTK Craigs Show Airs 0600 Saturday and Sunday With Jeff Katz 1630 - Tuesdays WRVA 96.1 FM, 1140 AM WGAN Matt Gagnon 0730 Wednesdays Craigs Show Airs 1700 Saturday WGIR 610 & News Radio 96.7 Chris Ryan 0730 Mondays Craigs Show Airs 1130 Saturday On the Internet: Tune-In (WGAN) Radio.com (WRVA) iHeartRadio (WGIR, WTAG, and other stations)
108 minutes | May 26, 2023
The Truth Unveiled: Debunking the Top 10 Myths about Digital Data Security
In this eye-opening podcast episode, we dive into the world of online safety and debunk the top myths that surround it. Join us as we separate fact from fiction and provide practical tips to enhance digital security. Key Points Discussed: The Role of Antivirus Software: Separating Fact from Fiction Discover why antivirus software isn't always necessary, as we delve into the capabilities of Windows Defender and its ability to provide adequate protection. Moving Beyond Caution: Preventing Hacking and Breaches Understand why being cautious alone isn't enough to prevent hacking and learn practical steps you can take to enhance your overall online security. Secure Websites: Debunking the Myth of Invincibility Gain a deeper understanding of even seemingly secure websites' vulnerabilities and how cybercriminals can exploit them. Identity Theft: Taking Action to Safeguard Your Information Realize that it's never too late to protect yourself against identity theft, and explore strategies to stay informed and safeguard your valuable personal data. Fraud Reimbursement: Unveiling the Bank's Responsibility Learn about the potential limitations of reimbursement by banks in fraud cases, emphasizing the need for proactive measures to mitigate risks. Online Banking Apps: Vulnerabilities and Countermeasures Explore the truth behind the security of online banking apps, understand that they are not immune to cyberattacks, and discover effective ways to secure your mobile banking experience. Password Strength: Beyond the Basics Recognize the importance of strong passwords, but also be aware of the exploitable vulnerabilities present in websites and apps that can compromise your data. Empowering Yourself: The Importance of Staying Informed Emphasize the significance of staying informed about the latest security measures, emerging threats, and best practices to enhance your online safety. Join us as we dive deep into these topics and gain access to expert insights provided by renowned cybersecurity expert Craig Peterson. Subscribe to our podcast to stay updated on the latest trends, valuable tips, and practical advice to strengthen your digital defenses. Related Article: Debunking the Top 10 Myths about Digital Data Security Protect yourself, stay informed, and subscribe to our podcast today to unlock the secrets of online safety and security! Note: This podcast episode is based on the insightful article by Craig Peterson. For further details and a comprehensive understanding, we encourage you to read the related article provided in the show notes. You can also catch Craig at the following stations and channels: With Jim Polito at 0836 Tuesdays WTAG AM 580 - FM 94.9 Talk 1200 News Radio 920 & 104.7 FM WHJJ NewsRadio 560 WHYN WXTK Craigs Show Airs 0600 Saturday and Sunday With Jeff Katz 1630 - Tuesdays WRVA 96.1 FM, 1140 AM WGAN Matt Gagnon 0730 Wednesdays Craigs Show Airs 1700 Saturday WGIR 610 & News Radio 96.7 Chris Ryan 0730 Mondays Craigs Show Airs 1130 Saturday On the Internet: Tune-In (WGAN) Radio.com (WRVA) iHeartRadio (WGIR, WTAG, and other stations)
87 minutes | May 19, 2023
Defend Your Digital Kingdom: The Most Powerful PC Protection Tools
Are you tired of browsing through endless options for anti-virus software? We've got you covered! In this episode, we're diving into the world of PC protection and revealing our top recommendations to keep your system safe from malware and viruses. Our first choice, and top pick, is Windows Defender. Not only does it offer exceptional protection against threats, but it comes at an unbeatable price—free! Enable it effortlessly and enjoy the peace of mind you get from knowing your system is safeguarded. Plus, lifetime updates and support are included at no additional cost. It's a win-win! If Windows Defender doesn't quite meet your requirements or you're looking for additional options, we've got you covered. Tune in as we explore other noteworthy choices, such as Bitdefender, Malwarebytes, and Cisco AMP for Endpoints. Each one has its own strengths, so you can choose the one that is right for you. To delve deeper into the topic, be sure to check out our related article on our website. There, you'll find further insights, comparisons, and additional information that will guide you in making the best decision for your PC's security. Access the article below for free, and unlock a wealth of knowledge to enhance your PC protection journey: Discover the Top Antivirus and Anti-malware Solutions for Total PC Protection! You can also catch Craig at the following stations and channels: With Jim Polito at 0836 Tuesdays WTAG AM 580 - FM 94.9 Talk 1200 News Radio 920 & 104.7 FM WHJJ NewsRadio 560 WHYN WXTK Craigs Show Airs 0600 Saturday and Sunday With Jeff Katz 1630 - Tuesdays WRVA 96.1 FM, 1140 AM WGAN Matt Gagnon 0730 Wednesdays Craigs Show Airs 1700 Saturday WGIR 610 & News Radio 96.7 Chris Ryan 0730 Mondays Craigs Show Airs 1130 Saturday On the Internet: Tune-In (WGAN) Radio.com (WRVA) iHeartRadio (WGIR, WTAG, and other stations)
88 minutes | May 12, 2023
Social Engineering Attacks: Don't Let Cybercriminals Trick You into Revealing Sensitive Information
Are you aware of the invisible threat of social engineering that can compromise your personal and professional security? Cybercriminals are using cunning manipulations to exploit human vulnerabilities and gain access to sensitive information. But don't worry; there are practical ways to protect yourself from these attacks. We have published a must-read article that provides invaluable insights and guidance on how to avoid social engineering attacks. From phishing scams to physical impersonation, the article delves into the inner workings of these attacks and offers concrete strategies to fortify your defenses. In this article, you will learn the steps to recognize that you are a potential target, be cautious of unsolicited emails and phone calls, and use multifactor authentication as an extra layer of protection. Additionally, you'll learn how to prevent breaches by not clicking on links in emails. If you want to stay ahead of the curve and protect yourself from the ever-evolving tactics of cybercriminals, this informative article is a must-read. Don't wait till it's too late! Take charge of your personal and professional security. Click on the link and read the article now! The Hidden Dangers of Social Engineering: Tips to Outsmart Cybercriminals Craig is also heard on the following: With Jim Polito at 0836 Tuesdays WTAG AM 580 - FM 94.9 Talk 1200 News Radio 920 & 104.7 FM WHJJ NewsRadio 560 WHYN WXTK Craigs Show Airs 0600 Saturday and Sunday With Jeff Katz 1630 - Tuesdays WRVA 96.1 FM, 1140 AM WGAN Matt Gagnon 0730 Wednesdays Craigs Show Airs 1700 Saturday WGIR 610 & News Radio 96.7 Chris Ryan 0730 Mondays Craigs Show Airs 1130 Saturday On the Internet: Tune-In (WGAN) Radio.com (WRVA) iHeartRadio (WGIR, WTAG, and other stations)
87 minutes | May 8, 2023
The Hand That Protects: How Privacy-Focused Search Engines Are Revolutionizing the Way We Surf the Web
Do you ever feel like someone is watching you as you browse the internet? With so much personal data at stake, it's no wonder that online privacy has become a hot-button issue. Luckily, there's a new player in town: privacy-focused search engines. These search engines are prioritizing user privacy and security by shaking up the online landscape. No longer will your personal information be sold to the highest bidder or your browsing history used against you. With privacy-focused search engines, you can rest easy knowing that your online activities are shielded from prying eyes. But how do they work, you ask? It's simple. Rather than tracking your every move online, these search engines prioritize your privacy by avoiding invasive tracking techniques. Instead, they focus on providing you with accurate search results without compromising your personal data. And the benefits don't stop there. Privacy-focused search engines also offer powerful tools for businesses looking to keep their sensitive information under wraps. With features like end-to-end encryption and secure servers, you can trust that your company's data is safe and sound. So, what are you waiting for? Join the privacy revolution and take control of your online experience. With privacy-focused search engines, you can confidently surf the web, knowing that your personal information is in good hands. Click the link below to learn more and start your journey toward a safer, more secure digital future. https://craigpeterson.com/privacy/discover-the-top-privacy-focused-search-engines-protect-your-data-and-boost-your-online-security-today/38765/
87 minutes | Apr 21, 2023
How Software Makes Everything Vulnerable: Where to Start Protecting Your Network
In this episode, we will discuss zero-day vulnerabilities and how they can affect everyone. A zero-day vulnerability is an exploit that has been discovered but not yet fixed by a software vendor. It's essentially a security hole in software that hasn't been patched yet. These vulnerabilities can range from minor to critical, depending on how long the vendor can patch them. These are so dangerous because hackers can take advantage of them before they're patched. They can use these vulnerabilities to infect your computer with malware or ransomware, steal your data, or even take control of your entire system without you knowing it's happening! You need to do a few different things to protect yourself from these attacks, and we will discuss them all step-by-step.
86 minutes | Apr 15, 2023
Exposing the Dark Side of Windows Updates: What You Need to Know Now! 🔍💻🚨
In today's fast-paced, technology-driven world, it is crucial for computer users to stay informed about the latest updates and security measures for their systems. For Windows users, automatic updates are a common method of ensuring their devices remain up-to-date and protected against various threats. While these updates are essential for maintaining a secure and smoothly operating system, they can also introduce unexpected problems, such as data loss, system instability, and other unwelcome changes. This podcast aims to shed light on the hidden dangers of automatic Windows updates and provides a comprehensive guide to help users protect their valuable data and maintain a stable system. Automatic Windows updates are designed to provide users with the most recent security patches and feature improvements, keeping their systems running optimally. However, these updates can also introduce new bugs and incompatibilities, which can lead to system instability and crashes. In some cases, the new software components may not be compatible with existing hardware or peripheral devices, causing further issues. Furthermore, unexpected changes to settings or configurations can leave users frustrated and searching for a solution. One of the most alarming risks associated with automatic updates is the potential for data loss. During the update process, files can become corrupted, overwritten, or even deleted entirely. For users who have not backed up their data, this can result in the loss of important documents, photos, and other irreplaceable files. It is essential for users to be aware of this risk and take the necessary precautions to safeguard their data. To protect against data loss and maintain a stable system, users should follow a few key steps. First, make sure to create regular backups of important files and store them on external drives or cloud storage services. This ensures that even if something goes wrong during an update, users can quickly and easily recover their lost data. Second, users should consider adjusting their update settings to have more control over when and how updates occur. By disabling automatic updates and choosing to install them manually, users can determine if there are any known issues or incompatibilities with the new software before installation. This allows them to take a more proactive approach to managing their system and avoiding potential problems. Third, it is essential for users to stay informed about the latest updates and potential issues. By following technology news outlets and forums, users can learn about any problems associated with particular updates and take appropriate actions to protect their systems. Additionally, users should keep their software and drivers up-to-date, as these can help prevent conflicts and ensure compatibility with new updates. Finally, users should consider investing in antivirus and security software, which can provide additional protection against malicious software and other threats. These programs can help users identify and address potential security vulnerabilities, keeping their systems safe and secure. While automatic Windows updates offer essential security patches and improvements, they can also introduce hidden dangers and risks to users' systems. By taking a proactive approach to managing updates, staying informed about potential issues, and implementing a robust data backup and security strategy, users can minimize disruptions and ensure their valuable data remains protected. Don't wait to unlock the full potential of your PC—listen to this podcast to learn more about the secrets to managing your computer updates and maintaining a stable, secure system.
68 minutes | Apr 15, 2023
Patch to the Future: The Ultimate Guide to Firewall and IoT Device Security
Which patches are critical? When do they really need to be applied? That’s where our new PatchAware™ features come in. We’re monitoring the thousands of patches that are issued every week, and will tell you which patches are the most critical to install right now. This week’s tip, 9 years after it was discovered, is the “Heartbleed” bug. It is still one of the most significant threats to online security. It gives the bad guys access to sensitive information from affected systems. This article highlights the importance of upgrading software and keeping it up-to-date with regular security patches to protect against Heartbleed and other vulnerabilities. The Need for Upgrading Firewalls and IoT Devices The need for upgrading firewalls and IoT devices is a clear one. As the number of connected devices continues to grow, so do the risks associated with them. A lack of proper security can lead to a variety of problems: • Ransomware attacks on hospitals or other critical infrastructure • Hackers stealing sensitive information from companies and individuals alike • Cyber criminals compromising payment systems and draining bank accounts Understanding the Different Types of Patches There are three types of patches: • Critical Patches - These are security updates that address vulnerabilities that could allow an attacker to gain access to your system and steal sensitive data. They're important to install as soon as possible. • Non-Critical Patches - These usually fix minor bugs or add new features, but they don't affect your security. You can wait until you have time to install them later on in the day or week if you want! • Hotfixes - Hotfixes are temporary fixes for critical issues that arise after a patch has been released; they're only available while the issue is still occurring in the wild, so they may not be available for long periods of time Best Practices for Upgrading Firewalls and IoT Devices To ensure that your firewall and IoT devices are kept up-to-date, you should: • Keep track of patches. Use a patch management tool to monitor for updates, and deploy them as soon as they become available. • Ensure that all networked devices have an active subscription to the latest version of their operating system or firmware. This will ensure that you're protected against known vulnerabilities in these products' code base. If a vulnerability is discovered after an update has been released but before it has been applied, then users may be at risk until they apply the patch themselves (or their IT departments do so). The Benefits of Regularly Updating Firewalls and IoT Devices • Increased security: Updating a firewall's software is a great way to ensure that you're using the latest version of the software. This means that if there are any bugs or vulnerabilities in the old version, they'll be fixed and patched up before they can be exploited by hackers. • Improved performance: Another benefit of regularly updating your firewall is that it can improve its performance over time. This is because newer versions of firewalls often come with new features and functionality that weren't available in previous releases, so updating allows you access to these improvements without having to buy an entirely new device! • Reduced downtime: Finally, keeping up-to-date with all the latest patches will help reduce downtime due to hardware failure or other issues associated with older versions of software running on your network equipment (like routers). What to Do if You Encounter an Unpatched Vulnerability If you encounter an unpatched vulnerability, it's important to take action immediately. First, identify the affected devices and determine whether they are critical to your organization's operations. If so, consider shutting down those devices until they can be patched; otherwise, continue using them as usual but monitor their activity closely for signs of compromise. If you have any control over the patching process for these devices (for example if they belong to a third party), inform them about the problem and encourage them to prioritize fixing it as soon as possible. If there isn't anything else that can be done at this point besides waiting for patches from vendors or manufacturers before implementing them yourself--which may take weeks or even months--make sure all relevant parties understand how serious this issue is so that everyone knows what steps need taken next time something similar happens again in future!
87 minutes | Mar 24, 2023
Learn how to protect yourself online - featuring tips on haveibeenpwned, AI demos and 2FA/MFA authentication.
First up, I have some sobering news. Almost all of our personal information has likely been stolen at one point or another. This could include our names, addresses, phone numbers, email addresses, and even passwords. Cybercriminals are constantly searching for vulnerabilities in systems where this information is stored, and unfortunately, they often find them. However, there are steps we can take to protect ourselves. One tool that can help is called "haveibeenpwned." It's a website where you can check if your email address has been compromised in any data breaches. If it has been compromised, you'll want to change the password associated with that account immediately. Next, let's talk about something more futuristic: artificial intelligence (AI). AI refers to machines that are capable of performing tasks that would typically require human intelligence, such as learning from experience or recognizing speech patterns. To give you a live demonstration of AI in action - think about Siri on an iPhone - ask her anything, and she will respond using natural language processing powered by machine learning algorithms running behind the scenes. Finally, explain two-factor authentication (2FA) and multi-factor authentication (MFA). These methods add an extra layer of security when logging into accounts online. 2FA requires users to enter both their password and a unique code sent via text message or generated by an app on their phone before being allowed access into the system; MFA requires additional credentials beyond just the user's login-password pair – such as biometric identification through facial recognition or fingerprint scans – further reducing risk for unauthorized access attempts.
86 minutes | Mar 11, 2023
The Truth About ChatGPT and A.I. - Discover the Secrets of Internet Anonymity and Protect Your Privacy
Welcome to this week's episode of The AI Revolution! In this episode, join us as we explore the world of Artificial Intelligence and its potential to revolutionize business and life. We'll discuss how to use AI for free, what it can do well, and when and where you should never use it. We'll also talk about how to generate emails, blog posts, and content for Facebook, Twitter, LinkedIn, Instagram, and YouTube live! Tune in now to learn more about how AI is transforming the world. Discover the Secrets of Internet Anonymity and Protect Your Privacy https://craigpeterson.com/internet/privacy-internet/discover-the-secrets-of-internet-anonymity-and-protect-your-privacy/38677/ The best way to protect yourself from online theft is to stay anonymous and keep your online activities private. Taking the necessary steps to ensure anonymity can significantly reduce your risk of being targeted by malicious actors. I’ve put together an Action Guide showing 10 Steps you can take to increase your Anonymity and Protect Your Privacy Online: By following these 10 steps, you can increase your anonymity and protect your privacy online. Be sure to stay informed about the latest threats, and take the necessary steps to stay safe. https://craigpeterson.com/?p=38677
87 minutes | Feb 18, 2023
Protect Your Business and Home from the Most Dangerous Cyber Threats - Uncover the Risks and Steps You Can Take to Stay Secure
Cyber security is no longer an option for small business owners – it's a necessity. Cyber threats are rising, and small businesses must stay ahead of the curve to protect their data and networks from malicious actors. This show will uncover the most dangerous cyber threats to small businesses and what steps you can take to stay secure. Ransomware Attacks Ransomware attacks are one of the most dangerous cyber threats to small businesses. Ransomware is malicious software (malware) that's typically delivered via malicious links or email attachments. Once installed on a network, the ransomware will encrypt all of the data and demand a ransom from the victim before releasing the data. To stay safe from ransomware, all small businesses should educate their employees about the dangers of clicking on malicious links or opening unexpected email attachments. Additionally, businesses should back up their data frequently and ensure that all software is up-to-date. Phishing Scams Phishing is a type of attack designed to steal sensitive information, such as usernames, passwords, and credit card numbers. In phishing attacks, cybercriminals will send out emails pretending to be from a legitimate source, such as a bank or government agency, asking the recipient to click on a malicious link or provide confidential information. To stay safe from phishing attacks, small businesses should educate their employees about the dangers of clicking on suspicious links and ensure that all emails sent out to customers are legitimate. Advanced Persistent Threats (APTs) Advanced persistent threats (APTs) are malicious cyber attacks designed to steal data or sabotage systems. APTs are often targeted and can be challenging to detect and remove. To stay safe from APTs, small businesses should use strong passwords, regularly update their software, and perform regular security audits. Insider Threats Insider threats occur when employees or contractors deliberately or inadvertently exploit the data or resources of a company. To prevent insider threats, small business owners should ensure that all employees and contractors know the company's security policies and procedures. Additionally, businesses should have clear data access and security policies and implement security measures, such as two-factor authentication. Distributed Denial of Service (DDoS) Attacks Distributed denial of service (DDoS) attacks are designed to overwhelm a network with traffic, causing it to become unavailable to legitimate users. To stay safe from DDoS attacks, small businesses should ensure adequate network security measures, such as firewalls and intrusion detection systems. Additionally, companies should have the plan to respond to a DDoS attack, such as enlisting the help of a DDoS protection service. IoT Botnets are networks of Internet-connected devices, such as surveillance cameras and smart thermostats, that are used to send spam or launch denial-of-service attacks. To stay safe from IoT botnets, small business owners should ensure that all Internet-connected devices are up-to-date and properly configured with strong passwords. Additionally, businesses should take steps to monitor and secure their networks, such as using a virtual private network (VPN) or implementing network access control (NAC) systems. In conclusion, small businesses need to stay ahead of the curve regarding cyber security. By understanding the most dangerous cyber threats, companies can take the necessary steps to protect themselves from malicious actors. Additionally, businesses should ensure that their employees have educated on cybersecurity best practices, such as avoiding clicking on suspicious links or opening unexpected email attachments. By staying ahead of the curve, small businesses can protect themselves from cyber threats and ensure the safety of their data and networks.
87 minutes | Feb 11, 2023
Artificial Intelligence Search Engines You Can Use For Free Today - Robot Kicked Out of Court - CNET and BuzzFeed Using AI
Artificial Intelligence Search Engines You Can Use For Free Today Robot Kicked Out of Court CNET and BuzzFeed Using AI Biden Signs Go-Ahead to Use Child Labor to Make E-Car Batteries The Biden administration has issued a 20-year ban on new mining claims in the upper Midwest's famed Iron Range, and it is turning to foreign supply chains as it pushes green energy projects. The move comes as the U.S. continues to rely on foreign suppliers for critical minerals used in wind turbines and electric vehicles. The ban is part of a broader effort by the White House to reduce reliance on imported minerals, particularly from China, which is accused of dumping cheap products into the U.S., causing prices to plummet. The Trump administration has been working on curbing this practice through tariffs imposed on steel and aluminum imports from China and other countries. But critics say those efforts are misguided because they would raise costs for American companies that use those metals in their products — from cars and airplanes to solar panels and wind turbines — while doing little to curb Chinese overcapacity. In addition, they argue that such tariffs would exacerbate America's trade war with China by driving up prices American consumers and manufacturers paid. The Biden Administration recently announced a 20-year ban on mining, shifting its focus to foreign supply chains as part of its push for green energy. One significant project affected by this ban was the Twin Metals mining project, which was estimated to contain 88% of the country's cobalt reserves and large amounts of copper, nickel, and platinum-group elements. These critical minerals are crucial for various green energy technologies, including electric vehicle batteries, battery storage systems, solar panels, and wind turbines. For instance, producing an electric vehicle requires 500% more minerals than a conventional gas-powered car, while a single onshore wind turbine requires 800% more minerals than a typical fossil fuel plant. Interestingly, just a week before the mining ban, the Biden Administration signed a memorandum of understanding with Zambia and the Democratic Republic of the Congo, two countries that are well-known for their child labor practices in mining rare metals like cobalt and copper. This move raises questions about the administration's commitment to promoting ethical and sustainable practices in its green energy initiatives.
87 minutes | Feb 3, 2023
A Step-by-Step Guide to Clearing Your Browser History and Wipe Away Your Online Footprint - Generation Z is the least cyber secure - Security and the Electric Vehicle Charging Infrastructure Failing US
A Step-by-Step Guide to Clearing Your Browser History and Wipe Away Your Online Footprint The process for clearing your Internet browser history can vary depending on your browser. However, here are the general steps for removing your browser history on some popular browsers… https://craigpeterson.com/browsers/a-step-by-step-guide-to-clearing-your-browser-history-and-wipe-away-your-online-footprint/38583/ Generation Z is the least cyber secure because they are the most tech-savvy generation but also the least experienced in cyber security. They are likelier to take risks online, such as clicking on suspicious links or downloading unknown files and are less likely to use strong passwords or two-factor authentication. Additionally, they may not be aware of their actions' potential consequences, such as identity theft or data breaches. https://craigpeterson.com/cyber-breaches/small-business-owners-be-wary-of-relying-on-younger-family-members-or-employees-to-manage-their-cybersecurity/38585/ Electric Cars… Security and the Electric Vehicle Charging Infrastructure Failing US https://www.darkreading.com/attacks-breaches/security-and-the-electric-vehicle-charging-infrastructure The communications networks that connect chargers with their management system, the personal data that travels across those networks, the charge-point operators collecting payments, and the grid itself are increasingly vulnerable as the EV ecosystem grows and the attack surface expands. The risks include (but are not limited to): Disruption of operations for public charger networks, rendering large numbers of chargers unusable and interfering with transportation A takeover of charger networks to use the chargers as bots in massive distributed denial-of-service (DDoS) attacks Theft of customers’ personal identifiable information (PII), including payment card information Fraudulent payments for electricity used in EV charging Disruption to the power grid, leading to blackouts and equipment damage Damage to the EV charging provider's reputation Google… Google Pushes Privacy to the Limit in Updated Terms of Service https://www.darkreading.com/edge-articles/google-play-terms-of-service-push-privacy-to-the-limit Google has a long history of searching the Play Store, its app repository, for programs that contain malware. Less than a year ago, Google removed multiple apps from the Play Store that had the banking Trojan SharkBot hidden inside. However, while removing troublesome apps from the Play Store would seem prudent, Google takes this one step further into a legal gray area. Debbie Reynolds says that Google's ToS is ambiguous because it is unclear precisely what it might block or remove that is "known to be harmful to the device, data or users." The ToS also does not commit Google to tell users when it makes such a deletion. Ransomware… Ransomware Profits Decline as Victims Dig In, Refuse to Pay https://www.darkreading.com/attacks-breaches/ransomware-profits-decline-victims-refuse-pay In another sign that the tide may finally turn against ransomware actors, ransom payments declined substantially in 2022 as more victims refused to pay their attackers. "Our findings suggest that a combination of factors and best practices — such as security preparedness, sanctions, more stringent insurance policies, and the continued work of researchers — are effective in curbing payments." "The businesses that are most inclined not to pay are those that are well prepared for a ransomware attack." Privacy… Why your data is more valuable than you may realize https://www.welivesecurity.com/2023/01/26/data-more-valuable-you-realize/ The data trail you leave behind whenever you’re online is bigger – and more revealing – than you may think. Use a GPS map app to find a restaurant that specializes in a particular cuisine, and the search provider can ascertain that you eat out, what day of the week you eat out, possibly how frequently, how far you are prepared to travel, possible food preference, the time of day you eat, etc. In this case, the snippet of data was just the name of the restaurant, yet the resulting information that can be deduced from the action can be significant. Understanding how data is collected and the conclusions that can be drawn is complicated and likely a topic that is interesting when someone explains it but probably too complex for any actions to avoid collection. I would hazard a guess that even those in the know, so to speak, likely give away more information than they realize. Dark Web… Business Insiders Pose a Huge Threat – Hunting Insider Threats on the Dark Web https://www.darkreading.com/threat-intelligence/hunting-insider-threats-on-the-dark-web According to recent research, malicious employees contribute to 20% of incidents, and the attacks that insiders are involved in are, on average, ten times larger than those conducted by external actors. Further data has shown an increase in insider threat attacks over the past two years, as the risk has been exacerbated by remote working through the pandemic. To minimize insider threats, all organizations should monitor marketplaces, forums, and social media channels for chatter about their company. This helps them to spot the early warning signs of an imminent attack, such as cybercriminals looking for insider knowledge or disgruntled employees making unsavory comments.
86 minutes | Jan 28, 2023
ChatGPT's Technology Will Be Part of Everything This Year - How AI chatbot ChatGPT changes the phishing game - Microsoft Looking to Invest $10 billion More
ChatGPT's Technology Will Be Part of Everything This Year https://craigpeterson.com/artificial-intelligence-2/chatgpt/chatgpts-technol…ything-this-year/38570/ ChatGPT is a new text-generation tool trained on 40GB of Reddit's data. It can generate long passages of text virtually indistinguishable from human-written prose, which could have enormous implications for everything from customer service chatbots to fake social media accounts. The company behind ChatGPT is also working on ways to detect if the text was generated by ChatGPT or a human—though some experts worry about how bad actors could misuse this technology. The technology has generated random plot descriptions for video games to create plausible-sounding fan fiction about Harry Potter and the Avengers. The latest development in this field is ChatGPT's ability to generate paragraphs, full-length sentences, and even paragraphs. In addition, the system can produce coherent text up to a certain length (currently between 10 and 15 sentences) that humans can read without difficulty—far superior to previous attempts at doing so. ++++++++ How AI chatbot ChatGPT changes the phishing game https://craigpeterson.com/artificial-intelligence-2/chatgpt/how-ai-chatbot-c…he-phishing-game/38572/ ChatGPT could be used for more than just helping your business get more leads or customers; it could also be used as an effective tool by phishers seeking access to confidential information from unsuspecting victims who are fooled into thinking they're talking with an actual human being through email or SMS messaging apps like WhatsApp or Telegram Messenger (both popular messaging platforms). We are very excited about ChatGPT and its potential to disrupt the phishing game. If it becomes widespread, it could be a game-changer for cybercriminals. In addition, Microsoft has shown us they are serious about investing in AI technology, so we would not be surprised if they developed their version of this technology in-house or acquired the company behind ChatGPT to ensure their customers stay safe online. Microsoft Looking to Invest $10 billion More Microsoft, which is rumored to be weighing a $10 billion investment in OpenAI on top of an earlier $1 billion commitment, is betting that the company is worth a lot more—despite the fact neither ChatGPT nor other AI models made by OpenAI are yet raking in vast amounts of cash. ++++++++ LifeLock… Norton LifeLock Password Accounts Hacked https://www.bleepingcomputer.com/news/security/nortonlifelock-warns-that-hackers-breached-password-manager-accounts/ In accessing your account with your username and password, the unauthorized third party may have viewed your first name, last name, phone number, and mailing address — Norton LifeLock For customers utilizing the Norton Password Manager feature, the notice warns that the attackers might have obtained details stored in the private vaults. Cars… Millions of Vehicles at Risk: Vulnerabilities found in 16 Major Car Brands https://thehackernews.com/2023/01/millions-of-vehicles-at-risk-api.html The security vulnerabilities were found in the automotive APIs powering Acura, BMW, Ferrari, Ford, Genesis, Honda, Hyundai, Infiniti, Jaguar, Kia, Land Rover, Mercedes-Benz, Nissan, Porsche, Rolls Royce, Toyota, as well as in software from Reviver, SiriusXM, and Spireon. The flaws run a wide gamut, ranging from those that give access to internal company systems and user information to weaknesses that allow attackers to send commands to achieve code execution remotely. Microsoft… Microsoft Ended Windows 7 security updates https://www.bleepingcomputer.com/news/microsoft/microsoft-ends-windows-7-extended-security-updates-on-tuesday/ Windows 7 Professional and Enterprise editions will no longer receive extended security updates for critical vulnerabilities starting Tuesday, January 10, 2023. The Extended Security Update (ESU) program was the last resort option for customers who still needed to run legacy Microsoft products past their end of support on Windows 7 systems. All editions of Windows 8.1, launched nine years ago in November 2013, also reached EOS on the same day. T-Mobile… T-Mobile admits to 37,000,000 customer records stolen by "bad actor." https://nakedsecurity.sophos.com/2023/01/20/t-mobile-admits-to-37000000-customer-records-stolen-by-bad-actor/ In plain English: the crooks found a way in from outside, using simple web-based connections that allowed them to retrieve private customer information without needing a username or password. T-Mobile first states the sort of data it thinks attackers didn't get, which includes payment card details, social security numbers (SSNs), tax numbers, other personal identifiers such as driving licenses or government-issued IDs, passwords, and PINs, and financial information such as bank account details.
86 minutes | Jan 21, 2023
Google Ads Were Weaponized - Identifying Criminals Using Cell Phone Location Data - WhatsApp Was Hacked By an Israeli Company – US Supreme Court Allows WhatsApp to Sue NSO Group - Identity Thieves Bypassed Experian Security to View Credit Reports
Google Ads were weaponized in a way that made them appear like any other ad – Allowed hackers to infect computers with malware via a single click.https://www.bleepingcomputer.com/news/security/hackers-abuse-google-ads-to-spread-malware-in-legit-software/ Hackers have weaponized Google Ads to spread malware to unsuspecting users by disguising them as regular ads. They do this by cloning the official websites of popular software products, such as Grammarly, Audacity, μTorrent, and OBS, and distributing trojanized versions of the software when users click the download button. This tactic allows hackers to infect users' computers with malware through a single click. Google Ads, also known as Google AdWords, is a platform provided by Google that allows businesses and individuals to create and display online advertisements on various websites and platforms across the internet, including Google's own search engine results pages. Advertisers can create and target ads based on keywords, demographics, interests, and other factors to reach potential customers. The ads are typically displayed as text, images, or video and can be tailored to specific audiences. Advertisers pay for the ads on a pay-per-click or pay-per-impression basis, depending on the specific ad format chosen. ++++++++ Identifying People Using Cell Phone Location Data https://www.schneier.com/blog/archives/2023/01/identifying-people-using-cell-phone-location-data.html The use of cell phone location data is a powerful tool for identifying individuals, as demonstrated in the case of the recent power station attacks. Court documents reveal that investigators were able to quickly identify suspects Greenwood and Crahan by analyzing cell phone data that placed them near the scene of all four attacks. It is important to note that this type of surveillance can be highly effective, as even turning off one's cell phone would likely not be enough to evade detection in this instance. Given the widespread use of cell phones, it is likely that a small number of individuals in the Washington area were in the vicinity of the attacks and had their phones turned off during that time, making them easy to investigate. ++++++++ WhatsApp Was Hacked By an Israeli Company – US Supreme Court Allows WhatsApp to Sue NSO Group https://www.infosecurity-magazine.com/news/us-supreme-court-whatsapp-to-sue/ On Monday, the US Supreme Court cleared the way for WhatsApp to take legal action against NSO Group, an Israeli surveillance firm, for allegedly installing the Pegasus spyware on approximately 1400 devices where the messaging app was also installed. The court's ruling allows WhatsApp to seek damages for the harm caused by the unauthorized installation of the spyware. It is yet to be seen if this case will set a precedent for further litigation regarding "cyber weapons" and outsourced operations, but it raises concerns about private companies being used as a cover for governments that are not necessarily allied with the West, according to Barratt. ++++++++ Identity Thieves Bypassed Experian Security to View Credit Reports https://krebsonsecurity.com/2023/01/identity-thieves-bypassed-experian-security-to-view-credit-reports/ Identity thieves have been taking advantage of a significant vulnerability on the website of Experian, one of the major credit reporting bureaus. Typically, Experian requires individuals requesting a copy of their credit report to answer multiple-choice questions about their financial history. However, until the end of 2022, Experian's website had a vulnerability that allowed anyone to bypass these questions and directly access the consumer's credit report by simply providing their name, address, birthday and Social Security Number. The security weakness was discovered as the crooks figured out they could manipulate Experian's identity verification process by altering the address displayed in the browser's URL bar at a specific point in the process.
87 minutes | Jan 14, 2023
The Newest Artificial Intelligence Is About to Change Your Life! And It's Code Red for Google.
Artificial Intelligence is changing the world. Right Now! In just a few years, it's possible that you might be chatting with a support agent who doesn't have a human body. You'll be able to ask them anything you want and get an answer immediately. Not only that, but they'll be able to help you with things like scheduling appointments, making payments, and booking flights—without any human intervention necessary. This is just one of the many ways that Artificial Intelligence will change our lives this year. We will see more businesses using AI technology to make their processes more efficient and effective. And if you think this is just another boring news story about how artificial intelligence is taking over everything… well, sorry to tell you that most of these "news stories" are probably written by computers anyway! Cars… Touch Screens on Dashboards Found to be Dangerous Evidence suggests that touch screens in cars may be more distracting than traditional controls such as knobs or buttons. This is because touch screens require drivers to take their eyes off the road and focus on the screen to interact with them, which can increase the risk of a crash. In contrast, traditional controls such as knobs or buttons can often be operated by feel, allowing drivers to keep their eyes on the road while adjusting settings such as the radio or the climate control. https://futurism.com/the-byte/study-finds-that-buttons-in-cars-are-safer-and-quicker-to-use-than-touchscreens Study Finds That Buttons in Cars are Safer and Easier to Use Than Touchscreens. It turns Out That Slapping a Giant iPad Onto Your Dashboard Isn’t An Ideal Way To Control Your Car +++++++ BMW starts selling heated seat subscriptions for $18 a month https://www.theverge.com/2022/7/12/23204950/bmw-subscriptions-microtransactions-heated-seats-feature A monthly subscription to heat your BMW’s front seats costs roughly $18, with options to subscribe for a year ($180), three years ($300), or pay for “unlimited” access for $415. BMW has slowly been putting features behind subscriptions since 2020, and heated seat subscriptions are now available in BMW’s digital stores in countries including the UK, Germany, New Zealand, and South Africa. However, it doesn’t seem to be an option in the US. For some software features that might lead to ongoing expenses for the carmaker (like automated traffic camera alerts, for example), charging a subscription seems more reasonable. But that’s not an issue for heated seats. Tesla… I’ve driven more than 1,000 miles in Teslas — and I’ll never buy one https://www.tomsguide.com/opinion/ive-driven-more-than-1000-miles-in-teslas-and-ill-never-buy-one My biggest problem with the Tesla design is the extreme minimalism employed throughout the cabin. In the Model 3 and Model Y, this means virtually everything is condensed into a single central touchscreen. In fact, only a handful of features don’t employ the touchscreen in some way, and those are relegated to a few levers and dials around the steering column. The thing that always baffles me most is that Tesla’s two cheapest cars don’t have a dedicated driver display or gauge cluster behind the steering wheel. Instead, you must glance at the central display if you want something as simple and important as your current speed. The overreliance on the touchscreen is my biggest issue. Not only because of the lack of tactile feedback, ensuring you can’t use the smooth and glossy device without looking, but also because any fault in the screen will render your car completely useless. My Leaf’s infotainment display died recently, taking a bunch of useful car functions with it. But a functional driver display meant I could still drive around safely and know how fast I was going. Twitter… Hackers leak email addresses of 235 million Twitter users https://nypost.com/2023/01/06/hackers-leak-email-addresses-of-235-million-twitter-users-report/ Hackers obtained the email addresses of more than 235 million Twitter users and published them on an internet forum. The breach “will unfortunately lead to a lot of hacking, targeted phishing and doxxing,” Alon Gal, co-founder of Israeli cybersecurity-monitoring firm Hudson Rock. “This database is going to be used by hackers, political hacktivists and of course governments to harm our privacy even further.” Phishing is a tactic used by cybercriminals who send emails or text messages claiming to be from reputable companies. These messages ask their targets to send them personal information, including credit card numbers, passwords, and other sensitive data. Jobs… Amazon Layoffs to Hit Over 18,000 Workers, the Most in Recent Tech Wave https://www.wsj.com/articles/amazon-to-lay-off-over-17-000-workers-more-than-first-planned-11672874304 Cuts focused on the company’s corporate staff exceed earlier projections and represent about 5% of the company’s corporate workforce. Amazon.com Inc.’s layoffs will affect more than 18,000 employees, the highest reduction tally revealed in the past year at a major technology company as the industry pares back amid economic uncertainty.
87 minutes | Jan 6, 2023
Ring Cameras Hacked - LastPass finally admits crooks stole your info - How to use Password Managers - Which are the best for you?
Privacy… Ring Cameras Hacked in 'Swatting' Scheme https://www.entrepreneur.com/business-news/ring-cameras-hacked-in-swatting-scheme/441518 Critics and researchers say the Ring cameras are used to surveil gig economy drivers and delivery people and that they give law enforcement too much power to survey everyday life. The pair would hack people's Yahoo email accounts, then their Ring accounts, find their addresses, call law enforcement to the home with a bogus story, and then stream police's response to the call. Often, they would harass the first responders at the same time using Ring device capabilities. ++++++++ LastPass finally admits: Those crooks who got in? They did steal your password vaults, after all… https://nakedsecurity.sophos.com/2022/12/23/lastpass-finally-admits-they-did-steal-your-password-vaults-after-all/ …“customers’ information” turns out to include both customer data and password databases. Loosely speaking, the crooks now know who you are, where you live, which computers on the internet are yours, how to contact you electronically, and also have a detailed map of where you go when you’re online. It’s therefore reasonable to assume that only users who had chosen easy-to-guess or early-to-crack passwords are at serious risk, and that anyone who has taken the trouble to change their passwords since the initial breach announcement has probably kept ahead of the crooks. ++++++++ Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers https://thehackernews.com/2022/12/researcher-uncovers-potential.html A security researcher was awarded a bug bounty of $107,500 for identifying security issues in Google Home smart speakers that could be exploited to install backdoors and turn them into wiretapping devices. The flaws "allowed an attacker within wireless proximity to install a 'backdoor' account on the device, enabling them to send commands to it remotely over the internet, access its microphone feed, and make arbitrary HTTP requests within the victim's LAN," the researcher, who goes by the name Matt, disclosed in a technical write-up published this week. TikTok… TikTok’s Parent Company Admits Using the Platform’s Data to Track Journalists https://www.infosecurity-magazine.com/news/tiktoks-admits-using-its-data/ What was just a rumor has been confirmed: employees of ByteDance, the China-based company that owns TikTok and its Chinese counterpart Douyin, accessed data from TikTok to track a Financial Times reporter and a former BuzzFeed reporter in a bid to identify the source of leaks to the media. ByteDance condemned the "misguided initiative that seriously violated the company's code of conduct" and that none of the employees found to have been involved remained employed by the company. The Guardian reported that a person briefed on the matter said four ByteDance employees involved in the incident were fired, including two in China and two in the United States. Apple… EU forces Apple to Rip a Huge Hole in iPhone security https://www.cultofmac.com/800222/eu-forces-apple-to-rip-huge-hole-in-iphone-security/ Criminals around the world are surely celebrating news that Apple is being forced by the N. The move will allow hackers to release a fresh tidal wave of malware, hoping to slip it onto iOS handsets. iPhone users will be forced to fend off attempts to trick them into installing this malware virtually every day. Most iPhone users have never had to think much about malware. Because iOS devices get all their applications from the App Store, it’s nearly impossible for hackers to slip spyware or other nasty apps into iPhones. Expect to see fraudulent pop-up windows crafted to look as much like Apple notices to trick users into installing malware. Linux… Critical “10-out-of-10” Linux kernel SMB hole – should you worry? https://nakedsecurity.sophos.com/2022/12/27/critical-10-out-of-10-linux-kernel-smb-hole-should-you-worry/ SMB is short for server message block, and it’s the protocol that underpins Windows networking, so almost any Linux server that provides network services to Windows computers will be running software to support SMB. SMB support is also generally needed in home, and small-business NAS (network-attached storage) devices, which generally run Linux internally, and provide easy-to-use, plug-it-in-and-go file server features for small networks.
87 minutes | Dec 3, 2022
Can't Trust Amazon.com Any More
It's not your imagination: Shopping on Amazon has gotten worse https://www.washingtonpost.com/technology/interactive/2022/amazon-shopping-ads/ [Amazon founder Jeff Bezos owns The Washington Post] Sure, Google and Facebook are chock full of ads, too. But on Amazon, we're supposed to be the customers, not the eyeballs for sale. We're paying Amazon to buy a product and probably paying for a membership in its Prime two-day shipping product. When you search for a product on Amazon, you may not realize that most of what you see at first is advertising. Amazon is betraying your trust in its results to make an extra buck. I call it the "shill results" business. Even when they contain a tiny disclaimer label — as do Amazon's — these ads can be misleading because they fill up spaces people have every reason to expect to collect trustworthy, independent information. Privacy… Tor vs. VPN: Which should you choose? https://www.welivesecurity.com/2022/11/18/tor-vs-vpn-which-choose/ Tor and a VPN can significantly help you keep prying eyes away from your online life, but they're also two very different beasts. Which suits your needs better? Tor is focused on anonymity. It relies on a network of servers, known as Tor nodes, located worldwide. These servers are set up by volunteer individuals and organizations that allocate their resources, computer, and internet bandwidth to support the network operations. Tor connects you to a random network of at least three nodes. VPN providers rely on a network of dedicated servers. Once you connect to them, your IP address will be hidden from the websites you visit, and only the VPN you're using will know your real identity. Most reputable VPNs claim not to keep records of your online activity but do not provide anonymity. ++++++++ 5 Free Tools to Check If Your Browser Is Safe and Private https://www.makeuseof.com/free-tools-test-browser-security/ Privacy Analyzer conducts various tests to help you gauge your browser's safety. To launch it, press the START TEST button. In a few seconds, you will get five detailed reports explaining what the website you visit knows about you. Qualys BrowserCheck scans a browser for potential vulnerabilities and other security issues and notifies users if they need to remove a plugin, install an update, etc. Cover Your Tracks is a competent tool that tests if your browser protects you from tracking AmIUnique determines if your browser is leaving a unique fingerprint online, making it easier for advertisers to target you. In addition, it is more detailed (and technical) than Cover Your Tracks. Cloudflare's tool will check if you are using a DNS resolver, analyze if you can be attacked via your browser, check if threat actors can see the certificates of websites your browser connects to, and so on. Also included in the article is what to do if your browser fails, with recommendations on browsers and settings. ++++++++ Thinking about taking your computer to the repair shop? Be very afraid! https://arstechnica.com/information-technology/2022/11/half-of-computer-repairs-result-in-snooping-of-sensitive-data-study-finds/ If you've ever worried about the privacy of your sensitive data when seeking a computer or phone repair, a new study suggests you have a good reason. It found that privacy violations occurred at least 50 percent of the time, not surprisingly, with female customers bearing the brunt. Researchers recovered logs from laptops after receiving overnight repairs from 12 commercial shops. The records showed that technicians from six locations had accessed personal data and that two shops also copied data onto a personal device. In addition, devices belonging to females were more likely to be snooped on, and snooping tended to seek more sensitive data, including sexually revealing and non-sexual pictures, documents, and financial information. ++++++++ Google Changes Maps URL & Now Can Track You Everywhere - Even When You're Not Using Maps https://www.instapaper.com/read/1556652472 maps.google.com was the defacto domain for Google Maps. Also, for as long as I can remember, I allowed this domain to use the location services of my browser. Yesterday I was asked to allow the usage of location services for Google Maps seemingly out of nowhere. Of course, I accepted. After all, I just wanted to check a route to a local business and was in a hurry. Back home, I opened Google Maps again and noticed maps.google.com now redirects to google.com/maps. This implies that the permissions I give to Google Maps now apply to all of Google's services hosted under this domain. Spies… U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk https://thehackernews.com/2022/11/us-bans-chinese-telecom-equipment-and.html The U.S. Federal Communications Commission (FCC) formally announced it would no longer authorize electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua, deeming them an "unacceptable" national security threat. "The FCC is committed to protecting our national security by ensuring that untrustworthy communications equipment is not authorized for use within our borders, and we are continuing that work here," FCC Chairwoman Jessica Rosenworcel said in a Friday order. OpenSource… Misconfigurations, Vulnerabilities Found in 95% of Applications https://www.darkreading.com/application-security/misconfigurations-vulnerabilities-found-in-95-of-applications Nearly every application has at least one vulnerability or misconfiguration that affects security, and a quarter of application tests found a highly or critically severe vulnerability, a new study shows. With open-source software comprising nearly 80% of codebases, it's little surprise that 81% have at least one vulnerability, and another 85% have an open-source component that is four years out of date. Scams… New extortion scam threatens to damage sites' reputation, leak data https://www.bleepingcomputer.com/news/security/new-extortion-scam-threatens-to-damage-sites-reputation-leak-data/ An active extortion scam targets website owners and admins worldwide, claiming to have hacked their servers and demanding $2,500 not to leak data. The attackers are sending emails with "Your website, databases and emails has been hacked" subjects. The emails appear non-targeted, with ransom demand recipients from all verticals, including personal bloggers, government agencies, and large corporations. Even though these emails can be scary to those website owners who receive them, it is essential to remember that they are just scams.
86 minutes | Nov 19, 2022
Check If You've Been a Victim of "InfoStealer" Ukrainian Master Hacker Arrested - Police Used His Girlfriend's Instagram to Track Them
Malware… Authorities Arrest Developer of Malware Service - Was Your Credit Card or Other Personal Information Stolen? And How He Was Captured https://krebsonsecurity.com/2022/10/accused-raccoon-malware-developer-fled-ukraine-after-russian-invasion/ According to the U.S. Justice Department, FBI agents have identified more than 50 million unique credentials and forms of identification (email addresses, bank accounts, cryptocurrency addresses, credit card numbers, etc.) stolen. Raccoon was essentially a Web-based control Crime-as-a-Service panel, where — for $200 a month — customers could get the latest version of the Raccoon Infostealer malware and interact with infected systems in real-time. Security experts say the passwords and other data stolen by Raccoon malware were often resold to groups engaged in deploying ransomware. U.S. authorities zeroed in on a mistake that the Raccoon developer made early on in his posts to the crime forums, connecting a Gmail account for a cybercrime forum identity used by the Raccoon developer ("Photix") to an Apple iCloud account belonging to Sokolovsky. Authorities soon tracked Sokolovsky's phone through Germany and eventually to The Netherlands, with his female companion helpfully documenting every step of the trip on her Instagram account. Check If You Were Compromised: https://raccoon.ic3.gov/home ++++++++ Former Uber Chief Found Guilty of Hiding Hack From Authorities. https://www.nytimes.com/2022/10/05/technology/uber-security-chief-joe-sullivan-verdict.html Joe Sullivan, the former Uber security chief, was found guilty by a jury in federal court on charges that he did not disclose a breach of customer and driver records to government regulators. The case — believed to be the first time a company executive faced criminal prosecution over a hack — could change how security professionals handle data breaches. Airbnb… Throwing the spotlight on hidden cameras in Airbnb https://www.welivesecurity.com/2022/11/01/spy-who-rented-to-me-hidden-cameras-airbnbs/ In recent years, some travelers have had their dream vacations ruined by one particularly creepy privacy risk – covert cameras in rental properties, which are often booked via platforms such as Airbnb. Ours is also a time when all sorts of surveillance gadgets are increasingly affordable; what's more, these gadgets are often tiny and/or designed to look like everyday objects – they are intended to be challenging to spot. Airbnb's policy on the matter is pretty unequivocal. Security cameras and noise-monitoring devices are allowed "as long as they are clearly disclosed in the listing description and don't infringe on another person's privacy." How to Find a Hidden Security Camera: Physically check the room: Look for cameras hiding in plain sight, perhaps in clocks, smoke detectors, speakers, or even light bulbs Use a flashlight: Camera lenses are made of glass, meaning they're reflective. So turn the lights down and shine a flashlight around the property. Check for night vision lights: Turning the lights down or off will also help you spot the tell-tale red or green LEDs, which may illuminate night vision cameras. Use an app: Researchers have been working on a mobile application that uses phones' Time-of-Flight (ToF) sensor to find spy cams hidden in everyday objects. Detect RF signals: A final tell-tale sign of a hidden camera is to monitor for radio frequencies (RF) that the camera may use to connect to a secret network. In addition, a hidden camera may interfere with your phone signal, so stop and investigate. Baby Monitors… Hacking baby monitors can be child's play: Here's how to stay safe https://www.welivesecurity.com/2022/11/07/hacking-baby-monitors-childs-play-how-stay-safe/ We've probably all read horror stories online: a parent is woken in the middle of the night by strange noises coming from their child's bedroom. They open the door, only to find a stranger "talking" to their baby through the monitor. While rare, such cases do happen from time to time. How to Stay Safer: Research your options well, and aim to go with a well-regarded manufacturer with a strong emphasis on security and good reviews. Install any updates to the device's software (or firmware) If possible, choose a model that does not allow remote communication via an app. If it does, turn off remote access, especially when not in use. I am setting up a solid and unique password and enabling two-factor authentication if possible. Review monitor logs regularly to check for any suspicious activity, such as individuals accessing it from a unique IP or at strange times. Secure your wireless router with a strong, unique password. Also, disable remote access to it and port forwarding or UPnP. Finally, make sure the router is kept updated with any firmware patches. Apple… Apple Tracks You Even With Its Own Privacy Protections on, Study Says https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558 For all of Apple's talk about how private your iPhone is, the company vacuums up a lot of data about you. But, of course, iPhones have a privacy setting that is supposed to turn off that tracking. According to a new report by independent researchers, though, Apple collects highly detailed information on you with its apps even when you turn off tracking, an apparent direct contradiction of Apple's own description of how their privacy protection works. Security researchers at the software company Mysk looked at the data collected by several Apple iPhone apps—the App Store, Apple Music, Apple TV, Books, and Stocks. They found the analytics control and other privacy settings had no noticeable effect on Apple's data collection—the tracking remained the same whether iPhone Analytics was switched on or off. "The level of detail is shocking for a company like Apple," Mysk told Gizmodo. ++++++++ Apple clarifies security update policy: Only the latest OSes are fully patched. Despite providing security updates for multiple versions of macOS and iOS at any given time, Apple says that only devices running the most recent major operating system versions should expect to be fully protected. In other words, while Apple will provide security-related updates for older versions of its operating systems, only the most recent upgrades will receive updates for every security problem Apple knows about. For example, apple currently provides security updates to macOS 11 Big Sur and macOS 12 Monterey alongside the newly released macOS Ventura. In addition, in the past, it has released security updates for older iOS versions for devices that can't install the latest upgrades. Most Macs still receive six or seven years of upgrades, plus another two years of security updates.
85 minutes | Oct 29, 2022
The Semiconductor Industry Is Coming for Your Wallet - DuckDuckGo - Secure Messaging Signal v WhatsApp - Electric SUVs - Biden Goes Nuclear POWER! Amazon might own your doctor’s office
The Semiconductor Industry Is Coming for Your Wallet - DuckDuckGo Should Be Your Go-To Search Engine - Which Messaging Apps Are Secure: Signal vs. WhatsApp - The Upside-Down Logic of Electric SUVs - Biden Goes Nuclear POWER! Amazon might own your doctor's office after their latest acquisition. The Semiconductor Industry Is Coming for Your Wallet. As Usual, Congress Is Complicit https://fee.org/articles/the-semiconductor-industry-is-coming-for-your-wallet-as-usual-congress-is-complicit/ In recent months, the auto and tech sectors have faced unprecedented delays and rising prices. Some used cars are even selling for more than their new counterparts because of the delays, a sure sign that production has slowed dramatically. To address this, Congress is contemplating bipartisan legislation known as the Chips Act, which would provide $52 billion in grants and $24 billion in tax credits to the US semiconductor industry. Unfortunately, thanks to a last-minute bipartisan amendment, the bill will also put tens of billions of dollars toward various federal agencies, bringing the total price tag to $250 billion. ++++++++ DuckDuckGo Should Be Your Go-To Search Engine. Here's Why https://www.cnet.com/tech/services-and-software/duckduckgo-should-be-your-go-to-search-engine-heres-why/ Since Facebook's Cambridge Analytica scandal, people have become more aware of what information they give companies and advertisers, sometimes without their knowledge or consent. Unfortunately, the data breaches also rose to a record high of 1,862 in 2021. As a result, more people are taking steps to protect their information, and one way some folks do that is by using the search engine DuckDuckGo. DuckDuckGo has positioned itself as a privacy-focused alternative to search engines like Google. DuckDuckGo has rolled out Android and iOS mobile apps and browser extensions to help keep your information secure, no matter if you use it on your phone or computer. Stop online trackers from spying on you You'll see fewer ads Websites should load faster Your search history isn't stored Your browsing history won't influence your search results. ++++++++ Messaging Apps That Are Secure: Signal vs. WhatsApp https://www.thestreet.com/technology/messaging-apps-that-are-secure-signal-vs-whatsapp Two messaging apps, Signal and WhatsApp, have become commonplace for people to talk to each other instead of sending a text. The Signal is more secure since the app provides end-to-end encryption by default, and the company does not keep records of your communications. However, while messages on WhatsApp are specific, end-to-end encryption is not on by default, leaving the responsibility up to consumers. One advantage of Signal is that "all of your messages are stored locally on your device and not Signal's servers," the spokesperson said. "Signal doesn't have access to what you send or with whom you communicate with and does not hinfluencethe content anyone receives. EIn addition, every call and message sent through Signal is encrypted by default." A hiccup is that, based on the history of Meta, the company keeps data forever. ++++++++ The Upside-Down Logic of Electric SUVs https://www.wsj.com/articles/the-upside-down-logic-of-electric-suvs-vehicles-co2-emissions-ford-subsidies-climate-change-auto-sector-11658524738 The auto industry gambles its finances on big electric vehicles for the rich, like Ford's Mustang Mach-E and GM's Hummer EV, and second-rate cars for everybody else. If consumers and businesses cared about the CO2 they emit, the last cars they might buy are hot-selling EVs like Ford's Mustang Mach-E or GM's Hummer EV. These large-battery, long-range vehicles would have to be driven many tens of thousands of miles before they rack up enough mileage and save enough gasoline from compensating for the emissions created to produce their batteries. And that's according to their fans, whose calculations often smell of friendly assumptions about the source of the electricity consumed, whether gasoline driving is being displaced mile for mile, and a presumed lack of progress in reducing the carbon intensity of conventional motor fuels. The most problematic assumption is that EV use causes oil to stay in the ground. ++++++++ Biden goes nuclear https://www.americanthinker.com/blog/2022/07/biden_goes_nuclear.html Biden wants to turn to nuclear power in his zeal to end the burning of carbon-based fuels. As well, he should. Because nuclear is as carbon-friendly as windmills or solar parks and is a lot more reliable. President Biden has made several pro-nuclear statements within the past few weeks. ++++++++ Amazon might own your doctor's office after the latest acquisition https://arstechnica.com/tech-policy/2022/07/amazon-might-own-your-doctors-office-after-latest-acquisition/ When Amazon launched Amazon Care to its employees in 2019, the goal was to test the product before rolling it out nationwide. After that rollout happened earlier this year, Amazon CEO Andy Jassy told Insider that the expansion would "fundamentally" change the healthcare game by dramatically enhancing the medical-care process. He predicted that patients in the future would be so used to telehealth and other new conveniences that they'll think that things like long wait times and delays between in-person visits commonly experienced today are actually "insane." The Wall Street Journal reports that Amazon has gone one step closer to that future by agreeing to a $3.9 billion deal to purchase One Medical, a company that operates a network of health clinics. With this move, Amazon will expand the number of patients it serves by gaining access to "a practice that operates more than 180 medical offices in 25 US markets and works with more than 8,000 companies to provide health benefits to employees, including in-person and virtual care."