Hacker returns and puts 26Mil new user records for sale on the Dark Web

A hacker who has previously put up for sale over 840 million user records in the past month, has returned with a fourth round of hacked data that he’s selling on a dark web marketplace. … This time, the hacker has put up for sale the data of six companies, totaling 26.42 million user records, for which he’s asking 1.2431 bitcoin ($4,940).

ZDNet.com click the link to read the rest of the story.

How are you protecting your passwords?

Join the conversation on our Facebook Page!

Reviewing Everykey – No More Passwords No More Keys

John McAfee has a solution for those that hate passwords and know they need more secure ones.  McAfee’s solution?  It’s called Everykey and it promises to eliminate the need of passwords on your computer, websites but also your car, front-door, etc.  Everykey was launched in 2014 and it received mixed reviews at the time.  But now 5 years later they have released a new version of the firmware and Ingenious Geeks have begun to  test it here for you.  So far, it is impressive!  We have hit a few bumps in the road but it can do some amazing things.

Have you tried the updated version of the Everykey? If so, please let us know your experience.  Ours has been very positive, thus far.  Check back, we will be releasing a full review.


Everykey.com click the link to read the rest of the story.

Do you have a unique password for all of your internet accounts?

Join the conversation on our Facebook Page!

Phishing attacks: Half of organisations have fallen victim in last two years

Almost half of all organisations have fallen victim to phishing attacks in the last two years, with larger businesses the most likely to been compromised, despite also being most likely to conduct cyber security training for staff.

ZDNet.com click the link to read the rest of the story.

How are you dealing with phishing attacks in your business?

Join the conversation on our Facebook Page!

Windows 10 Intel warning: Patch 19 severe driver flaws now!

Intel is warning Windows 10 users that old graphics drivers are riddled with security flaws that need to be updated with new updates that the company has released over the past year.

Update Intel Windows graphics drivers, and stop using Intel Matrix Storage Manager and USB 3.0 Creator Utility.

ZDNet.com click the link to read the rest of the story.

Do you install quickly these patches when warnings are released?Join the conversation on our Facebook Page!

The Most Common Vulnerability Of All

It’s important to learn a bit about how malicious hackers gain access to your credentials.

Three of the most common methods include:

  • Man in the Middle (or MITM) attacks
  • Using key logger software.
  • Employing old-fashioned social engineering.

MITM attacks, as the name suggests, a third party getting between you and your desired target without your knowledge.

DatadrivenInvestor.com click the link to read the rest of the story.

How do you protect yourself from these attacks?Join the conversation on our Facebook Page!

Google Alert! Update Chrome Browser Immediately

Google has issued an urgent warning for Chrome users to update their browser… a security flaw is being actively exploited.

The flaw in question is referred to as a “zero-day exploit.”

Infopackets.com click the link to read the rest of the story.

Do you update your software immediately when updates are released?Join the conversation on our Facebook Page!

Why it’s so dangerous to use public Wifi

Most smartphones, laptops, and tablets automatically search and connect to WiFi networks. They usually prefer a network with a previously established connection. If you have ever logged on to the T-Mobile network on the train, for example, your device will search for a T-Mobile network in the area. … My phone automatically connects itself to one of these networks, which  [can] belong to [a hackers] device. [Hackers] can also broadcast a fictitious network name, making users believe they are actually connecting to the network of the place they’re visiting

Everything, with very few exceptions, can be cracked. The idea that public WiFi networks are not secure is not exactly news

Medium.com click the link to read the rest of the story.

Do you still use public wifi?Join the conversation on our Facebook Page!

Latest Ransomware Being Offered “as-a-service” to Wannabe Hackers

The gang behind a family of ransomware that has been active for well over a year now have tweaked their tactics in order to ensure the file-locking malware campaign is as effective as possible. GandCrab first emerged in January 2018 and has remained one of the most successful forms of ransomware ever

GandCrab operates an affiliate model, with its authors providing the ransomware “as-a-service” to wannabe hackers in exchange for a 30 to 40 percent cut of the profits.  But now researchers have observed adverts for GandCrab being posted on underground forums, specifically targeted at crooks with skills around operating remote desktop protocols, virtual network computing and experience of infiltrating corporate networks. …  There’s currently no free means of decrypting files locked with (the latest versions of ) GandCrab…

ZDNet.com click the link to read the rest of the story.

How many layers of security do you have in place to protect you?Join the conversation on our Facebook Page!

All Intel chips open to new Spoiler attack: There is no quick fix

Researchers have discovered a new flaw affecting all Intel chips due to the way they carry out speculative execution for CPU performance gains.   Like the Spectre and Meltdown attacks revealed in January 2018, Spoiler also abuses speculative execution in Intel chips to leak secrets. …Daniel (Ahmad) Moghimi, one of the paper’s authors, told The Register he doubts Intel will be able to patch the issue in the memory subsystem within the next five years.

ZDNet.com click the link to read the rest of the story.

Do you use Intel chips?Join the conversation on our Facebook Page!

Here are the data brokers quietly buying and selling your personal information

You’ve probably never heard of many of the data firms registered under a new law, but they’ve heard a lot about you. A list, and tips for opting out.

FastCompany.com click the link to read the rest of the story.

Will you use this list to opt out?Join the conversation on our Facebook Page!

Phishing alert: One in 61 emails in your inbox now contains a malicious link

The number of phishing attacks is on the rise, more than doubling in recent months, with one in 61 emails delivered to corporate inboxes found to contain a malicious URL. …

The emails are often designed to look like they come from legitimate senders – like a companyor a colleague – in order to gain the trust of the victim, before duping them into clicking the malicious link. …The purpose of the malicious URL could be to deploy malware onto the PC or it could encourage the victim to enter sensitive information into a fake version of a real service…

ZDNet.com click the link to read the rest of the story.

Have many do you think you get every day?Join the conversation on our Facebook Page!

Chinese Digital Surveillance Secrets Revealed In Database Leak

Earlier this month, security researcher Victor Gevers found and disclosed an exposed database live-tracking the locations of about 2.6 million residents of Xinjiang, China, offering a window into what a digital surveillance state looks like in the 21st century. …

EFF.org click the link to read the rest of the story.

What can we do?Join the conversation on our Facebook Page!

Hackers using stolen passwords to access TurboTax returns

Let this be a lesson: Don’t reuse your passwords.

Hackers accessed tax return information stored with TurboTax using a stolen password from a third party, an Intuit spokesman said Monday.

The attack, earlier reported in Dark Reading, didn’t breach the internal systems at Intuit, which owns TurboTax. Instead, attackers took lists of passwords stolen from other services and used them to try to log in to TurboTax accounts, the spokesman said. There, valuable personal information, such as Social Security numbers, names and addresses, is stored in tax returns.

CNet.com click the link to read the rest of the story.

Do you still use the same passwords over and over?Join the conversation on our Facebook Page!

Use a Cisco router? Patch it now ! It’s a 9.8/10 Security hole

Cisco is warning businesses that use its wireless VPN and firewall routers to install updates immediately due to a critical flaw that remote attackers can exploit to break into a network.  The vulnerability allows any attacker with any browser to execute code of their choice via the web interface used for managing Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router.

ZDNet.com click the link to read the rest of the story.

Have you made sure yours is patched?Join the conversation on our Facebook Page!

Trojan malware: The hidden cyber threat to your PC

A recent report from security company Malwarebytes reveals how trojans and backdoor attacks have rocketed in the past year. … “We’re seeing a new generation of stealers make an impact recently,” says Jérôme Segura, head of threat intelligence at Malwarebytes. … Gaining persistent remote access — be it to a single user’s computer, or a whole network — is key to many cyber attacks: if they’re stealthy enough, hackers can remain undetected for a long time, as they work towards their long-term goals.

ZDNet.com click the link to read the rest of the story.

Do you ignore these threats?Join the conversation on our Facebook Page!

 

There is no single solution to computer security

Anyone who regularly attends the Blackhat or Defcon conferences should understand that short of unplugging a computer system from its power source, it is not possible to rule out serious system and data compromise. There will never be any “silver bullets” to slay the security vulnerability werewolf.

Medium.com click the link to read the rest of the story.

How many layers of security do you have? Join the conversation on our Facebook Page!

Severe vulnerabilities uncovered in popular password managers

Passwords stored in RAM could lead to theft, but the report has to be considered in a risk-based context. …

Independent Security Evaluators (ISE) published an assessment on Tuesday which documented the results of tests involving 1Password, Dashlane, KeePass and LastPass, all of which are popular password managers available today.

ZDNet.com click the link to read the rest of the story.

Do you use a password manager?  Are you concerned?Join the conversation on our Facebook Page!

You have around 20 minutes to contain a APT attack

Governments and private organizations have around 20 minutes to detect and contain a hack…

New statistics published today by US cyber-security firm Crowdstrike ranked threat groups based on their “breakout time.”  “Breakout time” refers to the time a hacker group takes from gaining initial access to a victim’s computer to moving laterally through its network. This includes the time the attacker spends scanning the local network and deploying exploits in order to escalate his access to other nearby computers.

According to data gathered from 2018 hack investigations, CrowdStrike says Russian hackers (which the company calls internally “Bears”) have been the most prolific and efficient hacker groups last year, with an average breakout time of 18 minutes and 49 seconds.

ZDNet.com click the link to read the rest of the story.

How quickly can your business respond to an attack?Join the conversation on our Facebook Page!

Why Online Privacy Matters and 5 Ways to Reclaim It

It’s the most common argument against privacy: “If you’ve got nothing to hide, you’ve got nothing to fear.” It’s also the silliest argument against privacy.

Privacy expert and author Daniel Solove has torn down this fallacy in his paper on the subject. But Solove’s essay is a complex take on a nuanced subject. Instead, the simple rhetoric of the “nothing to hide” argument is easier to repeat.

But no matter how little you have to hide, the implications of online privacy breaches are major. These few resources explain the pitfalls clearly and concisely.

MakeUseOf.com click the link to read the rest of the story.

What steps have you take to regain your online privacy?Join the conversation on our Facebook Page!

Microsoft security chief: IE is not a browser, so stop using it

Is Internet Explorer (IE) a browser? According to Microsoft, no. Today, it’s a ‘compatibility solution’ for enterprise customers to deal with legacy sites that should be updated for modern browsers.  … Chris Jackson, Microsoft’s worldwide lead for cyber-security, … that habit needs to stop … ‘The perils of using Internet Explorer as your default browser’.

ZDNet.com click the link to read the rest of the story.

Are you still using IE because it’s cheaper?Join the conversation on our Facebook Page!

I like Windows 7: Why should I pay to move to Windows 10?

Actually, you don’t have to pay.  Read the article to find out why. But you really should move to Windows 10!

There’s one key feature that makes Windows 10 a must-do upgrade: Security. Windows 10 has far better intrinsic security features than Windows 7. This makes sense, because when Microsoft introduced Windows 10, it had six years more experience fighting off cyberattacks than it had when Windows 7 was introduced.

ZDnet.com click the link to read the rest of the story.

If you haven’t migrated to Windows 10 yet, why not?Join the conversation on our Facebook Page!

New Google Chrome Add-On Warns When Your Password Isn’t Private

If someone else has used the same password as you and it’s listed in a dump, guess what? Your own account is also at risk. It doesn’t even matter if you used that password on a different website. Once it’s exposed, it’s just not safe to use any more.

With leaks and hacks happening more or less non-stop it’s a difficult task to keep your accounts secure.

Forbes.com click the link to read the rest of the story.

Did you know how easy it was to have a risky password?Join the conversation on our Facebook Page!

Billions of Hacked Passwords and Usernames now Free: on the Dark Web

More than 600 gigabytes of hacked accounts from years ago have been compiled and are free to download.

You can check if you were affected by the massive data set with the HPI’s search tool.

Cnet.com click the link to read the rest of the story.

Have you checked to see if your accounts have been hacked?Join the conversation on our Facebook Page!

Microsoft: its time for Internet Explorer 10 Rest In Peace

Microsoft is giving commercial customers until January 2020 to transition to IE 11.  “After this, we will not release any security or non-security updates, free or paid assisted support options, or online technical content changes for IE10,” Microsoft says.

ZDNet.com click the link to read the rest of the story.

Is your office still using Internet Explorer?Join the conversation on our Facebook Page!

Simple changes that Minimize Risk While Surfing the Web on Your Phone

Here are a total of 10 simple and mostly free solutions to help you take better control of your mobile security. Take it slow, but by all means: Do take it. It’s worth the effort.

Medium.com click the link to read the rest of the story.

Have you taken the time to secure your phone?Join the conversation on our Facebook Page!

12 Free Tools to Scan Your Website’s Security

If you or your business has a website website you really should take a few minutes and check to make sure it is malware free.  People visiting sites with malware remember to avoid them in the future.  Here is a list out free tools to scan your site for security vulnerabilities, malware.

geekflare.com click the link to read the rest of the story.

Have you been alerted of malware when visiting a local business website?Join the conversation on our Facebook Page!

Fake meeting request from the boss steals passwords

Called to a meeting with the CEO? Don’t be so sure.

A widespread phishing campaign is targeting executives across a number of industries with messages asking to reschedule a board meeting in an effort to steal logins and passwords.

ZDNet.com click the link to read the rest of the story.

Has your office received on of these yet?Join the conversation on our Facebook Page!