Keeping your hard drive in tip-top shape is key to a well-running computer. A crashed hard drive means smacking a big wet-one goodbye to all of your data.
Eliminate Unnecessary Data
De-clutter the drive to make its workload easier.
One way of de-cluttering is to uninstall programs you never use (go to the control panel).
Review your files and folders and rid the ones you’re done using.
Store the ones that you rarely use but don’t want to delete on a flash drive.
Also use your computer’s disk clean-up program (go into “Computer,” right-click the hard drive, hit “Properties” and click “disk cleanup”) to help get rid of junk.
Keep the Drive Hopping
There are many freeware utilities that can help your hard drive provide you feedback of its integrity. You should use one of these, as they will tell you how your hard drives are performing—kind of like going to a doctor to get your cholesterol numbers—you want to nip any potential problems in the bud.
Go into “Computer,” then right-click the drive, and then hit “Properties.” Once here, click the “Tools” tab. You will see an option for checking errors. It is important for Windows to perform recurring checkups of your drive. So hit “Optimize” to get this task done.
Next up, go to the control panel. Click “Hardware and Sound” and hit “Power Options.” This choice will keep the hard drive feeling young.
Don’t let physical clutter engulf the perimeter of your computer; it needs room to breathe.
Make sure your computer doesn’t get too hot. One way this can happen is if you use it while in bed. You also don’t want your computer to get cold, either, but chances are, you won’t be doing computer work outside in 40 degree weather.
Reinstall your operating system
Google “How to reinstall Windows.. (your OS)” or same with Mac. This is not all that hard to do. I do this every 2-3 years and I know others that do it every year. This is the single best way yo keep your hard drive tight.
If you’ve ever seen a movie where the bad guys are using ongoing, invasive hacking to spy on their “enemy,” you have some familiarity with an advanced persistent threat (APT).
This term usually refers to an attack carried out by a group that targets a specific entity using malware and other sophisticated techniques to exploit vulnerabilities in the target’s systems. It is often done for intelligence gathering with political, financial or business motives.
For example, an APT aimed at a corporation could take the form of Internet-based malware that is used to access company systems, or a physical infection, such as malicious code uploaded to the system via a USB drive. These kinds of attacks often leverage trusted connections, such as employee or business partners to gain access and can happen when hackers use spear phishing techniques to target specific users at a company.
Remaining undetected for as long as possible is a main objective with these attacks. It is their goal to surreptitiously collect as much sensitive data as they can. The “persistent” element implies that there is a central command monitoring the information coming in and the scope of the cyberattack.
Even though APTs are not usually aimed at individuals, you could be affected if your bank or another provider you use is the target of an attack. For example, if attackers secretly gather intelligence from your bank, they could get access to your personal and financial information.
Since you could potentially be affected by an APT attack on an entity or company that you do business with, it’s important that you employ strong security measures.
Install comprehensive security on all your devices, like McAfee LiveSafe™ service, since malware is a key component in successful APT attacks.
Don’t click on attachments or links you receive from people you don’t know.
Keep your personal information private. Be suspicious of anyone who asks for your home address, phone number, Social Security number, or other personal identifying information. And, remember that once you share personal information online it’s out of your control.
Check to see if the websites you share sensitive information with use two-factor authentication. This is a security technique that uses something that you know, such as your password, and something you possess, such as your phone, to verify your identity. For example, your bank may ask for your password online, as well as a code that it has sent via text message to your phone. This is a 2nd layer of protection and should be enabled for sensitive information.
https://safr.me/wp-content/uploads/2014/07/11D-300x228.jpg228300Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2014-07-07 09:43:562018-04-27 09:49:09What is an Advanced Persistent Threat?
If you have IE 6 through 11, watch out. There’s a glitch that enables hackers to exploit flaws in these systems. Microsoft is racing to fix this vulnerability bug. Unfortunately, news is not so good for those using Windows XP, because Microsoft has ceased support, period. This means no security updates. It’s estimated that almost 30 percent of all the personal computers across the world are using Windows XP. Business owners and other decision makers of organizations need to overestimate just how risky it is to cling onto an old favorite rather than promptly switch to a new system that has stronger support.
Security researchers came upon the bug, calling it a “zero day threat”: The initial attacks occurred before Microsoft knew of the problem. Researchers also say the flaw has been exploited by a savvy hacker group with a campaign called “Operation Clandestine Fox.”
Nobody seems to know what makes this hacking group tick. Maybe they just want to get their hands on some sensitive military and financial institution data. Microsoft says that the attacker means serious business and can potentially gain massive control of the flawed system.
Protect yourself:
Do not use IE. Use another browser like Chrome or Firefox.
If you have Adobe Flash update it now or disable it immediately. The attacks depend on Adobe Flash.
Microsoft urges XP users to upgrade to Windows 7 or 8. If your PC can’t support these, buy a new one. Or, consider getting the Windows Upgrade Assistant from Microsoft, which can be downloaded.
With hackers swarming in like killer bees, knowing that XP’s support is over, XP users must stay in heavyweight mode for any attacks. Thieves can even use new security updates for Windows Vista (and later) as a guide to hacking into systems running on XP.
Anti-malware solutions aren’t very effective on operating systems that lack support, and hackers know this. But more alarming is that fewer users, including business owners, are ready to accept this or even have a clue about it. Regardless, update your antivirus now.
Though it seems that for good measure, Microsoft should provide one last support run for XP users who are affected by the bug, the software behemoth won’t budge.
Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.
https://safr.me/wp-content/uploads/2014/04/IE-300x300.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2014-04-29 09:07:582018-04-27 09:50:32Huge IE Attack: Will Microsoft fix It in Time while XP Users are Left to the Dogs?
Here are nine ways you can add a lot of security to your laptop when traveling.
Bag it. Keep the laptop in a sturdy bag that’s specially designed for laptops. The sleeve should be well-padded and the bag TSA-compliant. The bag should be collapsible and expandable (depending on contents), and easy to wear near your body for extended periods.
Don’t part with it. Pretend your laptop is a baby. In public, you wouldn’t leave your baby unattended while you went to the restroom or moved around in your location. Likewise, take your laptop with you wherever you go in public, even if it’s just one aisle over.
Hang the “Do Not Disturb” sign. If you must leave your laptop in your hotel room when you’re out, put up the “Do Not Disturb” sign. The fewer people in your room, the less likely your laptop will be stolen. You can also put the laptop in the hotel’s safe, though that’s no guarantee of security, either.
Use a cable lock. Though a persistent thief won’t be deterred by this in a setting where nobody will notice him, it can indeed keep him at bay if the laptop is in a busy public place. Find out if your company provides cable locks. Otherwise, you can purchase them online.
Software leash. A stolen or misplaced laptop can be located with software. For best results in the event your laptop gets stolen or lost, register with one of these anti theft tracking services prior to your trip. MyLaptopGPS is good.
Don’t be nice. Yes, don’t be nice enough to let a stranger use your laptop.
Use a VPN. VPN stands for virtual private network, and it’s very effective at providing data security when you use a laptop in public (airport, coffee house, hotel) where the network is open season all season for hackers. You’ll be protected when you’re on any site. Ask if your company can give you a VPN when you travel. Use Hotspot Shield.
After Santa heads back to the North Pole, there will be many new devices in the hands of good girls and boys that will be targeted by criminals. With the enjoyment of these cool devices should come top-notch protection for them, as they can be vulnerable to a number of malicious threats.
Laptop or PC
What should your security software include?
A two-way firewall: monitors the activity on your devices making sure nothing bad is coming in (like unauthorized access) and nothing good is leaving (like your data).
Anti-virus software: protects your devices from malicious keyloggers and other badware.
Anti-phishing software: watches your browser and email for suspicious inbox activity.
Anti-spyware software: keep your PC spyware free.
Safe search capacities: McAfees SiteAdvisor plugs into your browser and tells you what websites are good and which are suspicious.
Go further with wireless network protection, anti-spam, anti-theft protection and parental controls.
Free software is not recommended, as it provides only basic protection and you’ll likely end up purchasing more anyways.
Make sure you have a subscription to software that’s automatically renewed every year so that you don’t forget. This is after you figure out whether or not your new device’s protection software is on a trial basis.
Smartphone or tablet
Be leery of third-party apps you install on your mobile phone, since malicious apps are the main threat.
Download apps only from reputable app stores.
Read reviews and make sure you know what information the app requests prior to download.
Use mobile security software that includes:
Anti-virus and malware protection
Anti-theft
App protection
Web protection
Call and text filtering
Turn off automatic connections to Bluetooth and Wi-Fi unless you’re using them.
Apply app and operating system updates.
Never store account numbers, passwords, etc., on your phone or tablet
Do not have your apps set to automatically.
Apple products are at highest threat; install security software that’s been designed just for the Mac.
Never leave your phone or tablet unattended.
Gaming or entertainment device
These devices are vulnerable to many of the same attacks that PCs are, since they’re connected to the Internet.
Create backups of your games.
Make sure you understand the built-in parental controls.
Never store personal information on this device.
Connect it only to a secure Wi-Fi network.
Use a secure, encrypted USB drive that will muddle up your information to make it unreadable to thieves.
Purchase security software to protect the portable hard drive; and set a password.
Employ technologies for protecting your information.
Never leave the USB drive unattended.
The most important thing to remember is “don’t worry about it” but definitely do something about it. Once you invest in your devices security go play, have fun and be smart about what you do online.
https://safr.me/wp-content/uploads/2014/01/5W1-245x300.jpg00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2014-01-03 12:00:422018-04-27 09:53:26Protection For Your Shiny New Devices
Yahoo reported the theft of some 400,000 user names and passwords to access its website, acknowledging hackers took advantage of a security vulnerability in its computer systems.
The Mountain View, California-based LinkedIn, an employment and professional networking site which has 160 million members, was hacked and suffered a data breach of 6 million of its clients and is now involved in a class-action lawsuit.
These sites did something wrong that allowed those passwords to get hacked. However passwords themselves are too hackable. If multi-factor authentication was used in these cases, then the hacks may be a moot point and the hacked data useless to the thief.
The biggest part of the password problem is in 2 parts: first, we are lazy with passwords, for example in regards to the Yahoo breach CNET pointed out that:
2,295: The number of times a sequential list of numbers was used, with “123456″ by far being the most popular password. There were several other instances where the numbers were reversed, or a few letters were added in a token effort to mix things up.
160: The number of times “111111″ is used as a password, which is only marginally better than a sequential list of numbers. The similarly creative “000000″ is used 71 times.
Second: spyware, malware and viruses on a user’s device can easily record passwords. Which means this username (which is often a publically known email address) and password is easy to obtain from an infected device.
The numerous scams which entice users to cough up sensitive data is a proven con that works enough to keep hackers hacking.
Multi-factor authentication, which your bank uses is far better and more secure and it requires a username, password and “something you have”—a personal security device separate from the PC
While additional authentication measures might be a burden to some, it’s a blessing to others who recognize the vulnerabilities of their online accounts otherwise.
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2012-07-26 13:00:312012-07-26 13:00:31Is A Password Enough? A Closer Look at Authentication
So maybe you used a public PC to log into your Facebook account and you hit a button that saved your login credentials. Or maybe you received an email from what you thought was Facebook and you plugged in your username and password and got phished. Now someone other than you has your account information and they are logging in to torture you or steak from your friends.
Wouldn’t it be nice to have a degree of control over that?
The feature doesn’t protect you from being stupid and giving your credentials away, but it does give you an opportunity to log into your account and change the password and thereby block the bad guy from getting back in. But the bad guy can change your log in information too. All they have to do is change your email address. Once they do they receive an email at the new address and hit a confirm link. At the same time you will also get an email to the original login email gving you the opportunity to dispute the new account number. So if this ever happens, act quickly.
To set up and enable notifications
1.go to “Account” upper right hand corner
2.in the drop down menu to “Account Settings”
3.in the main menu go to “Account Security”
4.click “Yes” next to “Would you like to receive notifications from new devices”
5.the same can be done with text messages if you have your mobile plugged into Facebook. But don’t have your mobile displayed on your page publically.
6.Log out then log back in and it will ask you to identify the computer.
I did this on 2 PCs and a phone. It didn’t ask me to identify the phone, but it did send me an email:
“Your Facebook account was accessed using Facebook (Today at 8:36am).
If this happened without your permission, please change your password immediately.
If this was an authorized login, please ignore this email.
To change your password:
1. Log in to your Facebook account. 2. Click the Account tab at the top of the screen and select “Account Settings” from the drop-down menu. 3. Scroll to the Password section of the Account Settings page. 4. Click the “change” link on the right and follow the instructions.
Thanks, The Facebook Team”
Hey Facebook, after 400 million users you are just getting around to this? It’s a start.
I’m particularly irate about this. There’s criminal hackers, then there’s complete lowlife scumbag criminal hackers that hack children. InternetNews reports hackers took over sections of the PBS.org Web site earlier this week, installing malicious JavaScript code on the site’s “Curious George” page that infects visitors with a slew of software exploits.
For the uninitiated Curious George is a little happy go lucky bumbling monkey that continually gets himself in a pickle. His curiosity almost kills the monkey in every episode. Thank heavens for “”The Man in the Yellow Hat” which is Georges keeper and occasional life saver. A 41 year old male knows this when he waits 38 years to spawn.
Security research firm Purewire found that when visitors tried to log onto a fake authentication page they were served with an error page that took them to a malicious domain where the malware attempted to compromise users’ desktop applications.
So here you are in your kitchen making a bunt cake. You continually glance over in amazement that a 3 year old, who cant color in the lines or spell or count above 20 or even tie her own shoes, but she can navigate through an inexhaustible gaming and learning website of PBSKids. She whacks away at the keyboard from morning till evening. So intensely she hacks that when it’s time to pull her away from the computer to maybe, ahh eat? She takes a fit because you caught her mid Sid The Science Kid.
Little do you know that while little miss Mitnick was tap tap tapping away, some frigging cheesebag was trying to rifle all your data via a Clifford The Big Red Dog JavaScript reliant puzzle. Is there no shame? Boundaries? Apparently not.
It is not immediately evident how hackers compromised the site. They may have taken advantage of a known flaw and exploited a SQL injection vulnerability.
Kids playing were met with a pop-up message requesting authentication to enter a username and password during a game. “But DaDa, I don’t know my words yet”. From here, no matter what was entered they were directed to an error page that had malicious code. The JavaScript then loaded malware targeting flaws in Adobe Acrobat Reader, AOL Radio AmpX and SuperBuddy and Apple QuickTime. If the affected computer was not up to date with all their critical security patches then they got the bug.
Lax security practices by consumers are giving scammers a base from which to launch attacks. USA Today reports IBM Internet Security Systems blocked 5000 SQL injections every day in the first two quarters of 2008. By midyear, the number had grown to 25,000 a day. By late fall, attacks climbed to 450,000 daily.
The key to identity theft protection and preventing your computer from becoming a zombie is to engage in every update for every browser, software and media player that you use, keeping your operating system updated and use anti-virus software such as McAfee Total Protection.
And if your 3 year old happens to engage a toothless criminal hacker from the Eastern Bloc and you haven’t been up to date, make sure you have a backup plan if your data is compromised.
1. Protecting yourself from new account fraud requires more effort. You can attempt to protect your own identity, by getting yourself a credit freeze, or setting up your own fraud alerts. There are pros and cons to each.
· Triple Bureau Credit monitoring – monitors changes in your credit profiles from Equifax, Experian and TransUnion-includes email alerts of any suspicious changes
· Social Security Number and Public Record Monitoring – monitors the internet and public sources for fraudulent social security number, aliases, addresses, and phone numbers
· Junk Mail Reduction – stop identity thieves from using personal information from your mailbox, trash or even phone calls by eliminating junk mail, credit card offers and telemarketing calls
· Neighborhood Watch – includes a sex offender report, list of neighbors and a neighbor report on each of your neighbors
· Identity Theft Specialists – if in the unlikely event you become a victim of identity theft our Identity Theft experts will work with you to restore your identity and good name
· Credit Report Dispute – if you find errors on your credit report we will help you resolve them quickly
· Protection Insurance and Specialists -Identity Protect has you covered with up to $25,000 in Identity Theft Recovery Insurance and access to Personal Identity Theft Resolution Specialists.
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2009-09-19 07:59:152009-09-19 07:59:15Criminal Hackers Get to Momma and DaDa Via Children
If there was ever a week to get high, totally drunk, on information security and identity theft scammers and hackers, then this is it! Media outlets everywhere have been pumping out story after story of data breaches, identity theft, criminal hackers and indictments! Yeah team! For a criminal hacker groupie, this is Woodstock!
Dark reading reports Eight defendants were arraigned in a Brooklyn court for allegedly using the stolen identities of AT&T, T-Mobile, and Asurion customers to steal some $22 million worth of wireless equipment and services. An indictment was unsealed in Brooklyn federal court yesterday morning charging Courtney Beckford and seven other defendants. When identity theft defendants named Courtney, Gabe, Marsha, Saul and Ron are involved in a $22 million identity theft scheme, then you know it’s just a matter of time until someone named Britney or Brad will get busted too! It’s the identity theft apocalypse!
ABC News reports that a former informant for the Secret Service was one of three men charged with stealing credit and debit card information from 170 million accounts in the largest data breach in history. The former informant, Albert Gonzalez of Florida, A.K.A “Segvec”, “SoupNazi,” and “j4guar17,” whose motto was ”Get Rich or Die Tryin’” was alleged to have been the ringleader of the criminal hacking operation of a prolific network that spans over five years of serious criminal activity.
Information week reports in the first half of 2009, the number of computer users affected by malware engineered to steal personal information has risen by 600% compared to the January through June period in 2008, according to PandaLabs. In quantitative terms, Panda reports identifying 391,406 computers infected with identity-theft malware in the first six months of the year. Identity thieves are also seeking sensitive information through a more diverse set of targets. Where previously financial data thieves focused on spoofing online bank sites to dupe users into entering login information, they have recently been targeting a variety of services where payment account information may be stored or entered, like PayPal, Amazon, eBay, or charity sites.
Cnet reports Rogue Facebook apps steal log-in data, send spam. Security firm Trend Micro warned on Wednesday that a handful of rogue Facebook apps are stealing log-in credentials and spamming victims’ friends. So far, six malicious applications have been identified: “Stream,” “Posts,” “Your Photos,” “Birthday Invitations,” “Inbox (1),” “Inbox (2)” according to a blog post by Trend Micro researcher Rik Ferguson. The activity started earlier in the week with a Facebook notification Ferguson says he got from an app called “sex sex sex and more sex!!!,” which has more than 287,000 fans. The notification said that someone had commented on one of his posts. That app doesn’t appear to be malicious and may have been compromised somehow to begin the distribution of the spam, he said.
USA Today reports Hackers harness Twitter to do their dirty work. A cyber gang has begun experimenting with setting up free Twitter accounts, then sending out Tweets from the popular micro-blogging service that are really coded instructions to botted PCs to carry out criminal activities. Anti-virus maker Symantec has isolated several samples of infected PCs carrying a unique new infection, dubbed “Sninfs.”
The PCs most likely got infected when their users unwittingly clicked to a tainted web page or on a corrupted link carried in an email or social network message, says Marc Fossi research and development manager at Symantec Security Response.
Protect yourself;
Don’t just sit back and get hacked. Arm yourself with anti-virus that runs automatically in the background and prevents “Courtney, Marsha and SoupNazi” from stealing your identity. Pick up McAfee’s Total Protection software and take control of your PC security.
Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
It wasn’t long ago that most phishing emails were from a supposed Nigerian General Matumbi Mabumboo Watumboo. And you and I were flattered that we were the chosen ones to help the general transfer 35 million out of the country, because the Nigerian government was a bunch of jerks and wouldn’t let him keep the inheritance his wife had inherited from her deceased uncle Bamboo.
Phishing continues to become more sophisticated, more effective, and more prevalent. According to a recent study, a 52% increase in phishing scams occurred in July alone. Computerworld reports that basic phishing emails successfully led to corporate bank accounts being completely drained. Criminal hackers waited until Pennsylvania schools administrators were on vacation, then used simple money transfers to liquidate over $440,000 between December 29 and January 2.
Much of the phishing that occurs today is “spear phishing,” in which the spammers concentrate on a localized target, generally an individual with control over a company’s checkbook. This insidious type of phishing occurs when a recipient clicks a link, either in the body of an email or on the spoofed website linked in the email, and a download begins. That download is almost always a virus with a remote control component , which gives the phisher full access to the user’s data, including user names and passwords, credit card and bank account details, and Social Security numbers. The malicious software can attach itself to the victim’s web browser, where it waits for the victim to log into a bank site before launching. When the victim does log into his or her bank account, the software sets up new payees and transfers money to the criminal hacker.
In the school hack, the software added 42 people to its payroll during Christmas break and quickly began paying them. The issuing bank received 74 transfer requests during the four day period.
When consumers’ bank accounts are emptied, federal regulations limit their liability to $50, as long as the victim reports the theft within a set time frame. But things are a lot more complicated for corporations and other entities. Whether or not the victim is responsible for the missing cash varies from bank to bank.
Protect your yourself.
This is an easy fix, rule #1 – don’t click on links in an email if you aren’t 100 percent sure of its legitimacy. Whenever I receive an electronic statement from a bank or credit card company I always go to my “favorites” menu or type in the address manually to get to the entities website to check my statement. I’m only 99.9% sure its legit, so I just take the extra step to go to my favorites.
1. Get a credit freeze. Go online now and search “credit freeze” or “security freeze” and go to consumersunion.org and follow the steps for the state you live in. This is an absolutely necessary tool to secure your credit. In most cases it prevents new accounts from being opened in your name. This makes the SSN useless to the thief.
2. Invest in Intelius Identity Theft Protection. While not all forms of identity theft can be prevented, you can effectively manage your personal identifying information by knowing what’s buzzing out there in regards to YOU.
3. Make sure your McAfee anti-virus is up to date and set to run automatically.
4. Update your web browser to the latest version. An out of date web browser is often riddled with holes worms can crawl through.
5. Check your bank statements often, online, at least once a week.
Robert Siciliano Identity Theft Speaker discusses phishing
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2009-08-19 06:04:122009-08-19 06:04:12Criminal Hackers Clean Out Bank Accounts Using Spear Phishing