One of 1st-known Android DDoS malware infects phones in 100 countries
August 28, 2017
Last year, a series of record-setting attacks hitting sites including KrebsOnSecurity and a French Web host underscored a new threat that had previously gone overlooked: millions of Internet-connected digital video recorders and similar devices that could easily be wrangled into botnets that challenged the resources of even large security services.
Financial institutions & your personal data
July 7, 2017
If you think your personal data is safe when visiting financial institutions, think again.
According to the German company, eBlocker, which manufactures online privacy tools, there are more than 110 third party trackers snooping on visitors each time they visit 10 of the top financial institutions. Banks are likely to use this data (salary and other personal information entered into forms) in customer risk assessments. Since Congress killed a FCC regulation this year regulating internet providers to ask customers for permission before collecting and possibly selling information obtained from their web browsing habits, VPN's (virtual private network) have become increasingly popular. However, once logged into a site, the VPN may mask the IP address, but will still allow the company to track identifiable personal data.
Protect Yourself and Your Data
This is a fantastic infographic showing 8 ways to protect yourself from cybercrime (spam, hacking and ransomeware).
Ghostery Privacy Browser Extension
Browser plugins work to help circumvent identity and block trackers. Ghostery is a (free) plugin available for popular browsers including Safari, Firefox, Chrome, Internet Explorer, Opera, iOS and Android which identifies and can block over 2,000 online tracking services included in its' database. Ad blockers and privacy extensions are also recommended aids in blocking and restricting collection of data by ad networks which enables visitor targeting, tracking and reporting of impressions.
Choosing a Password Manager for your Data Security
July 7, 2017
We live in a fast moving digital world filled with a plethora of electronic devices which we have come to depend upon to record personal information, house our photos, compose and receive email, prepare work documents, create art and use online services to connect to our banks and favorite shopping sites. But this convenience comes with a downside: the risk of compromising our data. It makes sense to spend some time determining what kind of protection plan we need to put into place to keep our data secure.
Gone are the days when we can write a password or two on a Post-it Note for later retrieval. We are faced with securing a multitude of passwords which we use on a daily basis to log on to our devices as well as websites we visit and data we need to keep secure. The best solution for this task is a digital password manager which can generate strong random passwords and sync them securely across browsers and devices, making them easily accessible and automatically filling in forms and logging onto websites when needed. These digital password managers are able to manage bank account information, calling cards, credit card credentials, insurance policy information (medical, auto, etc.), email accounts, emergency numbers, combination locks, Internet settings, website login, prescriptions, and software serial numbers, to name a few. Many managers support notes and attachments including images and PDF's. One important feature of the password manager you choose is the capability to generate passwords which are encrypted and accessible solely by you, which makes the master password for your manager an important aspect of your security system.
There are many good password managers available for mobile devices, desktop and laptop computers, some providing an accompanying browser extension, which makes logging on to secure websites easy.
July 8, 2017
LastPass is probably one of the best password managers for most people since it has all the essential features including usernames and passwords, nurse contact information, software licenses, credit cards, secure notes and supports image and PDF attachments.
LastPass uses AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes to ensure security in the cloud, works with most browsers on any device (Chrome, Firefox, Safari, Opera and Internet Explorer), has desktop and mobile applications available for Mac OS, mobile iOS and Windows and offers a premium version for $12 a year with advanced security features, shared folders (with friends and family) and additional tools. LastPass also offers a Cloud Manager for Business, Teams & Enterprise.
One of the unique features of LastPass is that it can create passwords on the fly and can capture credentials you enter on a form, save it to a new file and then auto fill those credentials when you revisit that site at a later date. This password manager can also fill in credit card credentials. LastPass does offer two-factor authentication, but this must be enabled in LastPass settings when you log into your account and you will need to download the LastPass Authenticator application in order to use this feature. Please note that the LastPass Authenticator application is separate from the LastPass Password Manager application, so you might want to consider the two-factor authenticator, Authy, which I will discuss at another time. And last but not least, with a click of your mouse you can use a feature called Auto Change Password to change your password on both the site and in LastPass.
LastPass for the Apple Watch is full featured, allowing you quick access to your passwords without having to take your iPhone out of your purse or pocket and is one of the best Apple Watch applications I've used.
1Password is another very good password manager particularly for the Mac and iOS. It is available for Windows but does not work on all Chrome books. 1Password costs $36 per year for individuals, $60 per year for families up to five and additionally, you can make a one time purchase of $65 that will work on any number of devices or platforms for one user. Family and business subscriptions have sharing capabilities with more options.
As with most password managers, your data is protected behind one master password using strong AES-256 encryption. Choose to unlock 1Password on your mobile device with a fingerprint or a PIN code. There is a variety of syncing options, some that bypass the cloud entirely; available options include iCloud, Dropbox, WLAN server and Local folder.
1Password has the ability to store two-factor authentication codes (substituting for Google Authentication, LastPass Authentication and Authy), view attachments (photos, PDF's and receipts), setup custom fields, tags, multiple fields and URL's, multiple vaults and categories, as well as an Apple Watch application (to look up credit cards, garage door codes, etc.). There are 1Password browser extensions for Safari, Chrome, Firefox and Internet Explorer.
If you have used another password manager previous to moving to 1Password, you have the ability to move your data from other applications using 1Password's built-in import options or by using community-created 1Password utilities.
eWallet password manager was available for several years before smart phones as we know them now. I remember using eWallet on my Palm Pilot and later on my Pocket PC, and in fact, it is still one of the password managers in my digital protection toolkit. eWallet supports Windows, Mac OS, iOS mobile devices (iPhone, iPod touch and iPad), Android, some Blackberry's and Amazon Kindle Fire devices and uses strong 256-bit AES encryption and a master password to protect your data. Mac and Windows PC versions include SyncPro to synchronize to mobile devices via local WIFI or the cloud. eWallet grants access to your data with Touch ID or your master password.
eWallet provides a plethora of categories and cards for your stored data including credit and debit card information, bank accounts, insurance cards, membership cards, website passwords, software serial numbers, prescriptions, and you can add notes for each to include verification questions. eWallet uses a feature called AutoPass which enables you to automatically connect and log on to websites by clicking the URL link within the eWallet application.
eWallet has a built-in PassBuilder generates secure, complex passwords with a choice of advanced options and a choice of a memory aid if desired, and saves the password to your card.
This digital wallet cannot be used to tap and pay at retail locations.
eWallet mobile platforms (iOS, Android, Blackberry 10) is priced at $9.99. If you purchase eWallet for you iPhone or iPod touch, you can also use the license on your iPad. The Mac OS X and Windows PC version is $19.99.
In conclusion it is estimated over 2 million people still use "123456" for their password. Did you know that? Pixel Privacy has put together a huge guide that rounds up everything you can imagine on account security and put it all into one comprehensive guide, packed full of sources and actionable information.