tag:blogger.com,1999:blog-57010136752470168862024-03-14T08:58:21.907+11:00Shoaib Yousuf"A Good Hacker Is A Well Known Hacker, A Great Hacker Is A Mystery..."Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.comBlogger990125tag:blogger.com,1999:blog-5701013675247016886.post-79074622919724635632016-02-02T12:25:00.002+11:002016-02-02T12:25:53.677+11:00What's More Valuable Than Money?<div dir="ltr" style="text-align: left;" trbidi="on">
<b><span style="color: blue; font-family: Trebuchet MS, sans-serif;">Data. However, the value placed on different types of data is shifting</span></b><br />
<br />
<span style="font-family: Trebuchet MS, sans-serif;">While cybercriminals were once clamoring for your payment data, today they are much more interested in other types of information. And of course, it's all about the money.</span><br />
<br />
<span style="font-family: Trebuchet MS, sans-serif;">Stolen credit-card accounts available on the "deep Web" are selling for 22 cents per record. Netflix account information, on the other hand, averages 76 cents per account. But the real deal is Facebook. A cybercriminal with stolen Facebook account information averages $3.02 for each one he sells. Uber accounts are even more valuable, <a href="http://www.cnbc.com/2016/01/19/stolen-uber-accounts-worth-more-than-stolen-credit-cards.html" target="_blank">bringing in $3.78 per account</a>!</span><br />
<br />
<span style="font-family: Trebuchet MS, sans-serif;">Change your passwords often, use strong ones and never use the same password more than once. If that's not realistic for you, use different passwords for your social and financial accounts. </span></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-9587523800100694142015-06-22T00:50:00.001+10:002015-06-22T00:50:58.831+10:00Mobile Apps Snoop On Your Location Way More Than You Think!<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Trebuchet MS, sans-serif;"><b>Lots of people have "no idea," that their location is being tracked!</b></span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">A Carnegie Mellon University computer scientist <a href="http://www.wired.com/2015/03/apps-snoop-location-way-think/" target="_blank">recently studied</a> how much the average mobile app user really knows about the rampant sharing of personal data. The study also looked at the impact this knowledge would have on behavior - in other words, how many people would chose to change app settings on their smartphones after learning how much data that app is collecting?</span><br />
<br />
<span style="font-family: Trebuchet MS, sans-serif;">Twenty-four Android users were shown which apps were accessing their data and how often. One user, for instance, found his location data had been shared 5,398 times by 10 apps within 14 days. Just one of these apps, Groupon, checked in on the user's whereabouts 1,600 times over that 2-week window.</span><br />
<br />
<span style="font-family: Trebuchet MS, sans-serif;">Fifty-eight percent of the study participants took action, specifically changing their app settings, upon learning of this rampant sharing of personal details. The other 40 percent, likely representative of the rest of the world, did nothing. That's probably because apps don't often allow users to pick and choose the data they are willing to share. </span><br />
<br />
<span style="font-family: Trebuchet MS, sans-serif;">As John Zorabedian wrote on <a href="https://nakedsecurity.sophos.com/2015/04/02/your-location-has-been-shared-5398-times-do-we-need-a-privacy-assistant-on-our-smartphones/" target="_blank">Sophos' Naked Security</a>, "...without the ability to change app permissions on a granular level, users are left with little choice - you can either use the app or not."</span><br />
<br />
<span style="font-family: Trebuchet MS, sans-serif;">The next time you are tempted to download an app, pay careful attention to the permissions screen. Are you willing... really... to share the information they want with potentially hundreds or thousands of others, to use as they want? Is the reward that app promises worth the risk?</span></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-44041426218227545192015-04-27T21:02:00.000+10:002015-04-27T21:02:14.671+10:00A "Gentle Reminder" for everyone to be extra vigilant with their Privacy!<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Verdana, sans-serif;">Many of us actually turn a blind eye to the fact our private information is being, <a href="https://www.youtube.com/watch?v=6thwf7ryRMA" target="_blank">as this Australian reporter puts it</a>, furiously scooped up by corporations, governments and others.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Why? Because we see it as a harmless tradeoff for whatever convenience or bit of entertainment we get in return.
However, <a href="https://www.youtube.com/watch?v=6thwf7ryRMA" target="_blank">as this video details</a>, more consumers are becoming aware of exactly what that tradeoff entails. And they're coming to it through social experiments like the one conducted in Australia.
A reporter arranged for baristas to behave like an online app. After taking the java order, the baristas asked their customers to give them details like their home addresses or their last four text messages. The coffee buyers were super uncomfortable.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">As we see in the <a href="https://www.youtube.com/watch?v=6thwf7ryRMA" target="_blank">video</a>, the sharing of private information is no longer viewed as a harmless tradeoff when put in the faces of consumers. It's viewed with skepticism and dismay, just as some may argue, it always should be. The other day, a friend told me the fast-food restaurant chain app she downloaded asked for access to her camera and all the photos and videos stored on it!</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">The takeaway? Pay closer attention to the information your new apps are asking to access. If something throws up a red flag, investigate. Or simply don't install the app. </span></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-32364633595641878682015-01-14T13:04:00.000+11:002015-01-14T13:04:10.473+11:00Three Fast 'Data Privacy Day' Tips <div dir="ltr" style="text-align: left;" trbidi="on">
In advance of the annual international Privacy Data Day, please share these three action tips to protect the privacy of consumers and businesses:<br />
<br />
<ul style="text-align: left;">
<li>Nothing is truly free, including mobile apps. Be aware of the personal information you give mobile app providers. Many free apps sell your information to a wide range of companies, some of which may have malicious intents. Studies have shown most apps do not have many, or even any, security controls built in. Check privacygrade.org to see if the app you want respects your privacy and has security built in.<br /> </li>
<li>Be cautious with new "smart" devices. A wide range of new and unique gadgets -- from socks to smart cars -- connects you directly to other entities (and even to the Internet) to automatically share information about your activities, location and personal characteristics. Before using such devices, make sure you know which data they are collecting, how it will be used and with whom it will be shared.<br /> </li>
<li>Only share personal information with trusted sources. Be extra careful not to share sensitive personal information, such as social security numbers, credit card numbers and driver's license numbers. Don't do business with an entity that does not have a posted privacy notice.</li>
</ul>
</div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com1tag:blogger.com,1999:blog-5701013675247016886.post-17992072998169023702014-10-08T16:43:00.000+11:002014-10-08T16:43:44.290+11:00Be Mindful - Does Mobile Apps Respect Your Privacy?<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>'Stickybeak' Apps Threaten User Privacy </b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Not surprisingly, a new report has found mobile apps are <a href="http://blogs.wsj.com/digits/2014/09/11/do-your-apps-respect-your-privacy-probably-not-a-new-report-says/" target="_blank">failing to provide users with basic privacy protections</a>.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;">The report's authors put the failures they detected into three basic categories. Sixty percent of the apps they studied either:</span><br />
<br />
<ul style="text-align: left;">
<li><span style="font-family: Verdana, sans-serif;">Did not disclose how they used personal information</span></li>
<li><span style="font-family: Verdana, sans-serif;">Required the user to give up an excessive amount of personal data</span></li>
<li><span style="font-family: Verdana, sans-serif;">Communicated privacy policies in type too small to be read on a phone's screen</span></li>
</ul>
<br />
<span style="font-family: Verdana, sans-serif;">As the Wall Street Journal points out in <a href="http://blogs.wsj.com/digits/2014/09/11/do-your-apps-respect-your-privacy-probably-not-a-new-report-says/" target="_blank">this blog post</a>, it's not currently required for apps to have a privacy policy. However, we may soon see changes in this area of the law, especially <a href="http://www.healthcareitnews.com/news/mobile-devices-apps-open-attacks" target="_blank">where health apps are concerned</a>. Currently, there are more than <a href="http://www.bmj.com/content/347/bmj.f6009" target="_blank">100,000 health-related apps</a> just available via smartphones.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;">Be mindful of any app that does not include a privacy policy, and train yourself not to just hit "Accept" on those data-gathering permission requests that pop up after you download a new one.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">You should absolutely understand what you are being asked to give up to take advantage of the app. <b>Is it worth it?</b></span></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-22855300054533327722014-08-16T13:41:00.000+10:002014-08-16T13:41:00.138+10:00Facebook’s Browser-spying Campaign<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Facebook using the browsing data of its members to target the ads of its advertising partners</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">The Facebook used by billions is sharing its users' online behavior in ways it previously said we could opt out of. </span><br />
<br />
<span style="font-family: Verdana, sans-serif;"><a href="http://venturebeat.com/2014/06/12/heres-how-to-defend-yourself-from-facebooks-new-browser-spying-campaign/" target="_blank">As Venture Beat reports</a>, anytime a Facebook user visits a site with a "Like" button (any site, not just a Facebook page), that visit is stored by Facebook and used to better target the ads of its advertising partners. No need for the user to actually click the Like button. The page visit is enough to trigger the storage of user data.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">I actually tested this by visiting several types of websites I've never visited before. Low and behold, I started seeing ads for associated items on my Facebook page.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;">There are a few tools that allow you to block sites like Facebook from inserting tracking code into your browser. <a href="http://venturebeat.com/2014/06/12/heres-how-to-defend-yourself-from-facebooks-new-browser-spying-campaign/" target="_blank">Learn about them here</a>. </span></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-72022743842865072902014-08-12T13:33:00.000+10:002014-08-12T13:33:00.104+10:00Video Footages: ATM Skimming!<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Be on the lookout for these four tricks and traps</b></span><br />
<br />
<span style="font-family: Verdana, sans-serif;"><a href="http://krebsonsecurity.com/2012/09/a-handy-way-to-foil-atm-skimmer-scams/" target="_blank">A Handy Way to Foil ATM Skimmer Scams</a> - Thieves continue to place hidden cameras at ATMs to surreptitiously record customers entering their PINs. This previously reported way to stop from being a victim still works against the hidden cameras.</span><br />
<br /></div>
<iframe allowfullscreen="" frameborder="0" height="315" src="//www.youtube.com/embed/PtLPGeB3C1o" width="420"></iframe></div>
<iframe allowfullscreen="" frameborder="0" height="315" src="//www.youtube.com/embed/Ko1_y_SASs0" width="420"></iframe>
<iframe allowfullscreen="" frameborder="0" height="315" src="//www.youtube.com/embed/JbDdsUh_sTg" width="420"></iframe></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-60831128310552485842014-08-08T13:25:00.000+10:002014-08-08T13:25:29.998+10:00Basic Security for Personal Cloud Storage <div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Avoid using Personal Cloud Storage for confidential/sensitive data</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Dropbox and other file-storage and sharing applications like it are incredibly helpful to business travelers. Not having to lug along a laptop or risk misplacing a thumb drive certainly add to the enjoyment of time away from the office.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;">However, these applications do come with some risks. This is especially true when users generate links to share information with others. Several basic flaws within Box and Dropbox specifically allow the shared documents to be viewed by third parties.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;">It comes down to this: Many people do not take basic security steps, even when communicating highly sensitive information. Worse, they may even mix their personal communications and information with confidential workplace data.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;">For its part, Dropbox disabled all access to public links and created a patch to keep shared links from becoming public. However, this is the third security breach for Dropbox in as many years, so diligence on the site and others like it has to be considered among users.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;">When considering a file-sharing service site, follow these rules of thumb:</span><br />
<br />
<ol style="text-align: left;">
<li><span style="font-family: Verdana, sans-serif;">Use a strong password.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Encrypt files in storage ("files at rest").</span></li>
<li><span style="font-family: Verdana, sans-serif;">Encrypt files sent to and obtained from the site ("files in motion").</span></li>
<li><span style="font-family: Verdana, sans-serif;">Look for a third-party security and privacy audit or some other validation that the site truly is secure.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Do an online search to see if the service has been breached in the past year or two.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Make sure that you can completely remove all files from the site when you stop using it.</span></li>
</ol>
</div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-41638440682430242572014-07-25T19:20:00.000+10:002014-07-25T19:20:02.590+10:00Havex Malware targeting SCADA/ICS<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Havex Summary Report - Threats & Mitigation</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">A previous spot report released by Cimation's ICS Threat Intelligence team provided a threat overview of Havex, the malware family being used for targeted attacks against specific industry sectors. What many reports fail to mention is that this malware code has been altered to specifically target ICS/SCADA systems.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">In this newly-released summary report, Cimation's ICS Threat Intelligence and Vulnerability Research Teams expose the operational-level impact and technical indicators of compromise from this attack.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Download the <a href="http://automation.cimation.com/havex-malware-spot-report-summary-2014" target="_blank">Report to access</a>:</span><br />
<br />
<ul style="text-align: left;">
<li><span style="font-family: Verdana, sans-serif;">A detailed Havex threat summary and overview.</span></li>
<li><span style="font-family: Verdana, sans-serif;">How Havex infects and affects your systems.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Technical analysis and breakdown of the Havex threat.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Tactical mitigation strategies for prevention, detection and removal of this threat.</span></li>
</ul>
</div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-23779226060954979562014-07-11T11:15:00.000+10:002014-07-11T11:15:39.029+10:00Infographic - 78% of Organizations Experienced a Data Breach in the Past 2 Years<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Cybercriminals steal $1 billion every year from small and medium-sized businesses in the U.S. and Europe</b></span><br />
<br />
<span style="font-family: Verdana, sans-serif;">The folks at Imprima have compiled this infographic, complete with facts about data loss and data breaches in the small business community.</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-0LuVjJUhwXs/U7851DFKMiI/AAAAAAAADZU/K1XqIS-u9pg/s1600/Imprima-Data-Loss-Infographic.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-0LuVjJUhwXs/U7851DFKMiI/AAAAAAAADZU/K1XqIS-u9pg/s1600/Imprima-Data-Loss-Infographic.jpg" /></a></div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-11489873988105362202014-06-22T13:39:00.001+10:002014-06-22T13:39:14.088+10:00What Becomes Of Your Online Accounts After You Die? <div dir="ltr" style="text-align: left;" trbidi="on">
<b><span style="color: blue;">...until death do us part</span></b><br />
<br />
Have you ever wondered what becomes of your online accounts after you die? The Washington Post recently <a href="http://www.washingtonpost.com/news/the-intersect/wp/2014/05/07/what-happens-to-your-facebook-when-you-die/?wpmk=MK0000203&clsrd" target="_blank">looked into the question</a>, and reports that "The immortality of one's digital accounts is one of the more morbid philosophical wrinkles of modern life."<br />
<br />
Here are a few of the take-aways from the article:
Family who want to access these accounts often can't.
Digital asset laws vary greatly by state and country.<br />
<br />
The spookiest take-away: Artificial intelligence-like technology may someday Tweet in a user's voice after he or she dies. </div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-9286233878789459102014-05-26T13:50:00.000+10:002014-05-26T13:50:02.443+10:00Pace and Volume of Regulatory Change are the Biggest Factors in Leading to Risk Evaluation Failures<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Results of Bank Director’s 2014 Risk Practices Survey</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">The <a href="http://www.bankdirector.com/board-issues/risk/bank-boards-making-progress-on-risk-governance-results-of-the-20/" target="_blank">Bank Director’s 2014 Risk Practices Survey</a> reveals some very interesting information about the risk management programs that bank boards have in place.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">It’s classically challenging for many banks to assess how risk management practices affect the institution. However, banks that have worked at measuring the impact of a risk management program report favorable outcomes on financial performance.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<b><span style="font-family: Verdana, sans-serif;">Survey Findings</span></b><br />
<br />
<ul style="text-align: left;">
<li><span style="font-family: Verdana, sans-serif;">97 percent of the respondents reported the bank has a chief risk officer in place or equivalent.</span></li>
<li><span style="font-family: Verdana, sans-serif;">63 percent said that a separate risk committee on the board oversaw risks.</span></li>
<li><span style="font-family: Verdana, sans-serif;">64 percent of banks that have the separate risk committee reported that the bank’s strategic plan plus risk mitigation strategies got reviewed; the other 36 percent weren't doing this.</span></li>
<li><span style="font-family: Verdana, sans-serif;">30 percent of the respondents believed that the bank’s risk appetite statement encompasses all potential risks.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Of this 30 percent, less than half actually use it to supply limits to the board and management.</span></li>
<li><span style="font-family: Verdana, sans-serif;">The survey found that the risk appetite statement, risk dashboard and the enterprise risk assessment tools aren't getting fully used.</span></li>
<li><span style="font-family: Verdana, sans-serif;">And only 30 percent analyze their bank’s risk appetite statement’s impact on financial execution.</span></li>
<li><span style="font-family: Verdana, sans-serif;">17 percent go over the bank’s risk profile monthly at the board and executive level, and about 50 percent review such only quarterly; 23 percent twice or once per year.</span></li>
<li><span style="font-family: Verdana, sans-serif;">57 percent of directors believe the board can benefit from more training in the area of new regulations’ impact and possible risk to the bank.</span></li>
<li><span style="font-family: Verdana, sans-serif;">53 percent want more understanding of newer risks like cyber security issues.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Senior execs want the board to have more training in overseeing the risk appetite and related issues.</span></li>
<li><span style="font-family: Verdana, sans-serif;">55 percent believe that the pace and volume of regulatory change are the biggest factors in leading to risk evaluation failures.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Maintenance of data infrastructure and technology to support risk decision making is a leading risk management challenge, say over 50 percent of responding bank officers, and 40 percent of survey participants overall.</span></li>
</ul>
</div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-61643090326245211802014-05-12T14:11:00.000+10:002014-05-12T14:11:09.546+10:00Quick Round-up of Some of the Latest Tricks and Traps<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Beware of new scams and privacy pitfalls</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">New ways to fool people out of their money, information and identities pop up nearly every day. Here's a quick round up of some of the latest tricks and traps:</span><br />
<br />
<span style="font-family: Verdana, sans-serif;"><a href="http://money.cnn.com/2014/02/26/pf/homeless-scam/index.html?iid=Lead" target="_blank">New Scam Targets Homeless</a>: Fraudsters pay homeless people to take out cell phone contracts in their names. The fraudsters keep the phones, rack up the bills and then sell the phones, ruining the homeless person's credit.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;"><a href="https://www.eff.org/deeplinks/2014/03/getty-images-allows-free-embedding-cost-privacy" target="_blank">Getty Images Allows Free Embedding, but at What Cost to Privacy?</a> People can embed images in their sites for free, so long as they use the provided embed code and iframe. Because of the scope of Gettys' reach, this may allow the company to correlate more information about a user's browsing history than any single site could. Just another reminder that nothing's truly free in this world!</span><br />
<br />
<span style="font-family: Verdana, sans-serif;"><a href="http://healthitsecurity.com/2014/03/12/human-error-tops-ponemon-patient-data-security-study-threats/" target="_blank">Human Error Tops Ponemon Patient Data Security Study Threats</a>: 75 percent of healthcare organizations view employee negligence as the greatest data breach threat. This result underscores the importance of good security and privacy controls (and excellent employee training!) in healthcare environments. This extends to medical device manufacturers, who often work off very old technology software and continue to insist that controls are too cost-prohibitive.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;"><a href="http://www.cbsnews.com/videos/the-data-brokers-selling-your-personal-information/" target="_blank">The Data Brokers - Selling Your Personal Information</a>: 60 Minutes' Steve Kroft recently reported on his investigation of the multibillion dollar industry that collects, analyzes and sells the personal information of millions of Americans with virtually no oversight.</span></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-80934358509182645832014-04-30T17:04:00.000+10:002014-04-30T17:04:00.046+10:00Facebook Users should enable Two-Factor Authentication<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Securing Your Facebook Account With 2-Factor Authentication</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;"><a href="http://facecrooks.com/Internet-Safety-Privacy/How-Secure-Your-Facebook-Account-With-Login-Approvals.html/">This</a> <a href="http://facecrooks.com/" target="_blank">Facecrooks</a> <a href="http://facecrooks.com/Internet-Safety-Privacy/How-Secure-Your-Facebook-Account-With-Login-Approvals.html/">article</a> discusses a very important topic - "Securing your Facebook profile" - and gives step-by-step instructions for <b>enabling two-factor authentication</b>. The idea is to keep out anyone attempting to access your profile from a device Facebook doesn't recognize.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;">Astoundingly, two years ago at least <a href="http://www.huffingtonpost.com/2012/05/03/facebook-privacy-consumer-reports_n_1473920.html" target="_blank">13 million U.S. Facebook users</a> didn't use or weren't aware of the social network's privacy control settings. Based on various news reports covering Facebook privacy, it is anticipated that this number has not gotten smaller, but more likely has increased (perhaps by a significant amount now that there are more than a <a href="http://www.gbooza.com/forum/topics/facebook-claims-to-have-surpassed-1-billion-monthly-active-mobile?xg_source=activity#axzz2x6eWwTBA" target="_blank">billion active mobile Facebook users</a>). </span><br />
<br />
<span style="font-family: Verdana, sans-serif;">How many of these millions are within your employee, patient or customer communities? How does this impact you personally, or put your own information at risk? Remember, your privacy can be impacted simply by being associated with "friends" who don't activate their privacy control settings. </span><br />
<br />
<span style="color: red; font-family: Verdana, sans-serif;"><b>Understanding how your stakeholders use Facebook and other social networks is a critical component to protecting yourself, your organization and the people it serves. </b></span></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-87372161453339396152014-04-21T16:05:00.000+10:002014-04-21T16:05:17.106+10:00WARNING! Your Flash Player may be out of date.<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Adobe Flash Malware driven by infected "Router" The Moon Malware</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Few days ago, I started to receive a pop-message "WARNING! Your Flash Player may be out of date". Please update to Continue., when I was trying to access websites like Facebook, YouTube, Google, etc.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">If you're receiving a similar message then continue to read but make sure you don't click on anything nor try to update the flash player from the pop-window. You may check your current version of the "Adobe Flash Player" by visiting <a href="http://get.adobe.com/flashplayer/?promoid=JZEFT">"Adobe" official website</a>. If you're using Google Chrome browser, it already includes Adobe Flash Player built-in. Google Chrome will automatically update when new versions of Flash Player are available.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span><span style="font-family: Verdana, sans-serif;">You will also notice that the same message is poping-up on all the devices which are connected to the same router (mobile phones, laptops etc.).</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Verdana, sans-serif; margin-left: 1em; margin-right: 1em;"><a href="http://3.bp.blogspot.com/-1-K1wfwbO3g/U1SNUNsQmHI/AAAAAAAAA0A/dYRcA8vy1Do/s1600/pix1-620x350.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-1-K1wfwbO3g/U1SNUNsQmHI/AAAAAAAAA0A/dYRcA8vy1Do/s1600/pix1-620x350.png" height="181" width="320" /></a></span></div>
<span style="font-family: Verdana, sans-serif;"><br /></span><span style="font-family: Verdana, sans-serif;">Now even the dumbest person should know it is not coming from computer but from the network which means your router is infected. It's commonly happening with Linksys, Asus and few other manufacturers.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<b><span style="font-family: Verdana, sans-serif;">How to fix this?</span></b><br />
<br />
<ul style="text-align: left;">
<li><span style="font-family: Verdana, sans-serif;">Reset your router (by holding down the reset button under the router for 6 seconds).
Note after restart all your ISP settings will be lost.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Configure your router again with the ISP settings (username and password also required).</span></li>
<li><span style="font-family: Verdana, sans-serif;">Clear your browsers cache and pop-up message will not appear again.</span></li>
</ul>
<div>
<span style="font-family: Verdana, sans-serif;">Refer <a href="http://kb.linksys.com/Linksys/ukp.aspx?pid=80&app=vw&vw=1&login=1&json=1&docid=56b6de2449fd497bb8d1354860f50b76_How_to_prevent_getting_The_Moon_malware.xml">here</a> for some basic tips on hardening your router to avoid such things happening again.</span></div>
</div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-43338661773492860202014-04-10T13:08:00.000+10:002014-04-10T13:08:00.054+10:00Why You Need Security Strategy and How to Develop one?<div dir="ltr" style="text-align: left;" trbidi="on">
<b><span style="color: blue; font-family: Verdana, sans-serif;">Some questions we need to address before we embark on Information Security Improvement journey!</span></b><br />
<br />
<span style="font-family: Verdana, sans-serif;"><a href="http://en.wikipedia.org/wiki/Edward_Snowden">Edward Snowden</a>’s l<a href="http://topics.wsj.com/person/S/edward-snowden/7461">eaks to the press</a>, we now know that there has been systematic, broad and deep surveillance of online activity at a scale that could not have been previously imagined. Beyond simply snooping, the revelations pointed to infiltration of the hardware and software we rely on to secure our communications.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">When it comes to policies and strategies, it’s hard to go past the tried and tested ways of the past. The best way to make a start is by doing SWOT analysis: Strengths, Weaknesses, Opportunities and Threats. </span><br />
<b><span style="font-family: Verdana, sans-serif;"><br /></span></b>
<b><span style="font-family: Verdana, sans-serif;">Strengths</span></b><br />
<span style="font-family: Verdana, sans-serif;">Look within your organisation. There are bound to be some really good things happening when it comes to Information Security. For example, you might have a very well-educated workforce that never open unexpected attachments. Or your IT team is very conscious of the potential threats to your business and have solid systems and processes in place to deal with them.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<b><span style="font-family: Verdana, sans-serif;">Weaknesses</span></b><br />
<span style="font-family: Verdana, sans-serif;">Over the last 15 years, the focus of security in enterprises has been on vulnerability tracking and making sure that your systems are protected from external attacks. While that’s still important, it should only be one facet of your total security strategy. Have you considered what happens once someone gets past your firewalls and other blocking mechanisms? Or if the attack starts from within?</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Give some consideration in your strategy to dealing with attacks once they are in action. Are your people ready to react once there is a breach? Are they across the latest threats and attack vectors?</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Perhaps the most often seen security weakness (in our observation) is that managing compliance with the security policy is seen as an annual project that’s executed in order to keep auditors happy.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">If that’s the case in your business, look for ways to alter that culture.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<b><span style="font-family: Verdana, sans-serif;">Opportunities</span></b><br />
<span style="font-family: Verdana, sans-serif;">Aside from using security as a way to get lots of shiny new gear into your server racks or to justify new services, getting your Information Security right can be a great chance to re-engage IT with the business. Look for ways to turn the security conversation into an opportunity to change service delivery. It’s also a great way to further the professional development of your staff.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">If you have some strong skills in data analytics in the business, you might find you can give them a new challenge by engaging them in threat intelligence.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Employing red/blue team exercises regularly doesn’t just improve your security response but can be a great way to add some excitement to how you manage security.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Review existing systems and processes to find the security issues. You might find it becomes an opportunity to ditch an old legacy system that’s costing lots of time and resources to maintain.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<b><span style="font-family: Verdana, sans-serif;">Threats</span></b><br />
<span style="font-family: Verdana, sans-serif;">Over the last year, it’s become apparent that the threats of last decade are really just background noise today. Sure, we need to keep our firewalls locked down and end-point protection up to date but what can you do when your hardware is compromised or a nation-state can break through your encryption?</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">These are real threats today. Stuxnet, back in 2010, compromised a nuclear power plant. It is believed by many that it was part of an attack by one government against another. Today, Snowden’s documents tell us that the NSA can intercept a massive array of data. And not just from enemies but from within friendly states.</span><br />
<br />
<ul style="text-align: left;">
<li><b><span style="font-family: Verdana, sans-serif;">So, when was the last time you reviewed your security policy?</span></b></li>
<li><b><span style="font-family: Verdana, sans-serif;">Does it take into account new security mitigation techniques?</span></b></li>
<li><b><span style="font-family: Verdana, sans-serif;">Have you adjusted the skills in your business to manage changing attack methods?</span></b></li>
<li><b><span style="font-family: Verdana, sans-serif;">Is security a once-a-year audit activity?</span></b></li>
</ul>
</div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-58088256096501648762014-04-07T12:34:00.000+10:002014-04-07T12:34:11.540+10:00USB Attacks Need Physical Access Right? Not Any More<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Exploiting USB Driver vulnerabilities</b></span><br />
<br />
<span style="font-family: Verdana, sans-serif;"><a href="https://www.nccgroup.com/en/">NCC Group Research</a> Director Andy Davis presented '<a href="https://www.nccgroup.com/media/481258/usb_physical_access_andy_davis_ncc_group_slides_updated.pdf">USB Attacks Need Physical Access Right? Not Any More...</a>' at this year's BlackHat Asia in Singapore.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Due to recent advances in a number of remote technologies, USB attacks can now be launched over a network. The talk went into detail about how these technologies work, the resulting impact on the world of USB bugs and included a live demo remotely triggering a USB kernel bug in Windows 2012 server.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">It's an interesting research, refer <a href="https://www.nccgroup.com/media/481258/usb_physical_access_andy_davis_ncc_group_slides_updated.pdf">here</a> to download the paper and learn more about USB Bugs.</span></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-75038611953603695632014-03-24T14:39:00.000+11:002014-03-24T14:39:04.185+11:00Three of the Biggest Threats to Company’s Cyber Security<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Phishing, Malicious Political Attacks & Monetary Fraud</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Every business needs to address the ever-changing cyber threats that now make their way the Internet. It is not enough to merely install anti-virus software and believe that this will solve all of a business’ problems. Here are three of the biggest threats to company’s cyber security that you should know.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;"><b>Phishing<br /></b></span><br />
<span style="font-family: Verdana, sans-serif;">Phishing is a practice in which hackers gain access to private consumer data. Frequently, a hacker creates an email to look like it was issued by your company. A customer may then respond to the email and provide his or her personal information. The hacker then preys upon this disclosure and uses it to open credit cards, make unauthorized charges and take advantage of the consumer’s identity. The essence of a phishing crime is that the hacker gains the trust of the customer. They may use sophisticated tactics to learn information about your customers, such as the names of relatives. The hacker then may pretend to be one’s distant relative to ask for financial assistance from the consumer.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Businesses have a duty to protect their customers from phishing attacks. Businesses should realize that information even like consumer names can be private information. If a hacker gains access to consumer names, then he or she may use social networks like Facebook to learn more information about the customer. Businesses need to be aware of these practices and work with cyber security firms to prevent information disclosures.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;"><b>Malicious Political Attacks</b><br /></span><br />
<span style="font-family: Verdana, sans-serif;">Businesses should also be aware that not every hacker is motivated by profits. Some hackers are residents of foreign nations and discontented with the notion of capitalism in general. These hackers are very sophisticated and using numerous methods to target specific businesses. One example of a recent attack included an attack on a satirical news company by the Syrian Electronic Army. The Syrian Electronic Army was able to hack into the servers for the news company and then make its own postings on the site. One mistake that businesses make is underestimating the abilities and sophistication of enemy nations or politically-motivated hackers.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">The best way for businesses to handle attacks from politically-motivated data hackers is to be proactive in preventing attacks. Businesses should not use a reactive method of dealing with politically-motivated data hackers. A reactive method does not solve the actual issues that lead to the hacking of business accounts. A reactive method also does not provide security to a business, because a business may still be attacked by army hackers in the future.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;"><b>Monetary Fraud Hackers</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Unlike the Syrian Electronic Army, some hackers are only motivated by financial gain. These hackers only seek to gain access to checking accounts, savings accounts, trust funds, Social Security information and credit card information. These hackers attempt to gain access to the internal data systems of highly-profitable companies. They are very sophisticated in the tactics that they use to hack corporate accounts.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Businesses need to take preventative measures in protecting internal corporate data systems. Many businesses are realizing this and are now working with sophisticated firms to protect their internal data systems. A company can also be very selective in the access that it provides to internal information systems. If many employees have access to internal data systems, then a company may be jeopardizing the information of its customers.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">More than ever, companies need to be proactive in addressing cyber security threats. Cyber threats can cause serious legal issues for companies in the event of a hack or leak. Taking time to improve a company’s data system security is an investment in the future of the company. Cyber threats are only likely to increase in the future years, and businesses must be ready to prevent these attacks.</span></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-88208186351753416082014-03-07T21:27:00.000+11:002014-03-07T21:27:30.718+11:00Internet of Things is Creeping into the Average Lives of Consumers<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Internet of Things Gone Wild</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Thanks to rapid innovation, our lives are getting easier. But there is a price to be paid. The Internet of Things is creeping into the average lives of consumers in unexpected ways, creating new vulnerabilities even in what was once the safety of our own homes.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">There’s the <a href="http://www.marketwatch.com/story/proofpoint-uncovers-internet-of-things-iot-cyberattack-2014-01-16?reflink=MW_news_stmp">report</a> late last week from California-based security firm Proofpoint uncovering the first proven Internet of Things-based attack that hijacked such smart household equipment as home routers, smart TVs, and even one unsuspecting and apparently innocent refrigerator to generate spam. The attack, which took place between December 23 and January 6, generated over 750,000 “malicious email communications” and involved over 100,000 “everyday consumer gadgets.”</span><br />
<br />
<span style="font-family: Verdana, sans-serif;">Each of the below developments has been built to automatically collect data about users and send that data to others. The developers insist this data is being used to enhance the consumer experience in some way; but what they don't often reveal is all the ways that data is being used to help them make money or achieve some other objective.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;">Take a look at these examples and think twice before you volunteer your personal information by purchasing one of these "smart" products.</span><br />
<br />
<ul style="text-align: left;">
<li><span style="font-family: Verdana, sans-serif;">LG markets a fridge that sends a text when the milk runs out, and <a href="http://metro.co.uk/2014/01/20/a-fridge-full-of-spam-hacked-domestic-appliances-send-a-torrent-of-junk-email-4270908/">this article</a> says experts have long warned such a gadget is an attractive "soft target" for hackers. In fact, in one recent attack on 100,000 smart gadgets, 750,000 spam emails were sent to their owners.<br /></span></li>
<li><span style="font-family: Verdana, sans-serif;">Google's smart contact lenses check in and <a href="http://business.financialpost.com/2014/01/17/google-inc-smart-contact-lenses/?__lsa=23c3-43f7">report on your health</a>, monitoring things like gluclose levels in your tears. One commenter's question was intended to be sarcastic, but in every joke there is a grain of truth. He asked: Will it send the wearer's glucose levels directly to the NSA or does that only happen after the contact lens syncs with Google's cloud? The fact is, if the lenses can report glucose levels, it is also technically possible to program them to report on many other types of activities, as well as more of your body contents and characteristics.<br /></span></li>
<li><span style="font-family: Verdana, sans-serif;">Wearables devices monitor physical activity and connect wirelessly to online services charged with collecting data on the wearer. If insurance companies were able to collect and use this data for their underwriting purposes (which now <a href="http://www.afr.com/p/technology/wearable_tech_privacy_on_collision_1uDsKFvA5cacLwe6vTKIBN">let employers charge employees different health insurance rates</a> based on whether they exercise, eat right or make healthy choices), these devices could spell disaster for insurance costs... not to mention the potential impacts if employers, potential employers, family members, etc. obtain the data. <br /></span></li>
<li><span style="font-family: Verdana, sans-serif;">Video baby monitors send signals far and wide. To test the vulnerability of these smart gadgets, a Miami TV reporter attached one of these baby-monitor receivers to the dashboard of his car. In just a few minutes, he <a href="http://abcnews.go.com/Technology/baby-video-monitors-invite-burglars/story?id=11992731">was able to pick up images</a> of babies and bedrooms. Traditional audio montiors are vulnerable, as well. During the summer of 2013, ABC News reported on a <a href="http://venturebeat.com/2014/01/20/here-comes-the-internet-of-things-gone-wild/">Houston couple who heard cursing</a> and lewd remarks coming from their 2-year-old's baby monitor. It had been hacked.<br /></span></li>
<li><span style="font-family: Verdana, sans-serif;">A clip-on camera <a href="http://www.npr.org/blogs/alltechconsidered/2014/02/24/280733721/cool-or-creepy-a-clip-on-camera-can-capture-every-moment">takes a still image every 30 seconds</a> in an effort to "record your life." How often have you come across a photo of yourself that if taken out of context could cause others to jump to the wrong conclusion (college days, anyone)? Worse, what happens when someone with a clip-on camera enters a public restroom or locker room and takes pictures of people (or children) in various stages of undress?</span></li>
</ul>
</div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com3tag:blogger.com,1999:blog-5701013675247016886.post-21667494456382942672014-02-20T19:40:00.002+11:002014-02-20T19:40:50.296+11:00Verizon Infographic: Why PCI Compliance has to be a Business-Wife Priority?<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>In 2013, only 11.1% of companies were PCI compliant on their initial assessment!</b></span><br />
<span style="color: blue; font-family: Verdana, sans-serif;"><b><br /></b></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-UPHH_MoIiuw/UwW-18buJdI/AAAAAAAAAyA/iO9BZJJ3PdA/s1600/InfoGraphic+-+PCI+Compliance.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-UPHH_MoIiuw/UwW-18buJdI/AAAAAAAAAyA/iO9BZJJ3PdA/s1600/InfoGraphic+-+PCI+Compliance.PNG" height="412" width="640" /></a></div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com1tag:blogger.com,1999:blog-5701013675247016886.post-76053415351411572582014-02-16T10:38:00.000+11:002014-02-16T10:38:41.513+11:00How secure is "Dropbox"?<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Basic Overview and Awareness to Secure Your DropBox Account!</b></span><br />
<span style="font-family: Verdana, sans-serif;"><b><br /></b></span>
<span style="font-family: Verdana, sans-serif;"><b>What's Dropbox?</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Dropbox is a free and extremely easy-to-use tool for sharing files, photos, and videos, and syncing them among your devices. You can also use Dropbox to back up files and access them from other computers and devices (including smartphones and tablets), with dedicated apps for each device you own running Android, Mac Linux, Blackberry or iOS platform.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Dropbox is especially good for backing up your files online, although the biggest barriers to this are the size of your backups. You get 2GB free with Dropbox, or you can choose 100GB, 200GB, or 500GB with a monthly fee. There are also business plans that start at 1TB for five users. You’ll just have to make sure that the files you want backed up live in the Dropbox folder.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Dropbox also has the ability to share files with others. And, if your computer melts down, you can restore all your files from the Dropbox website.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<b><span style="font-family: Verdana, sans-serif;">Is Dropbox "Safe" to use?</span></b><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">The move on hosted services like Dropbox storage site raises questions about what cloud users can and should do to keep their information and data secure and compliant.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Cloud security drew attention in 2012 with <a href="https://blog.dropbox.com/index.php/security-update-new-features/http://">Dropbox’s admission that usernames and passwords stolen from other websites had been used to sign into a small number of its accounts</a>.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">A Dropbox employee had used the same password for all his accounts, including his work account with access to sensitive data. When that password was stolen elsewhere, the attacker discovered that it could be used against Dropbox.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">This was a powerful reminder that users should rely on different passwords for each secure site and service.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Also, <a href="http://venturebeat.com/2012/08/01/dropbox-has-become-problem-child-of-cloud-security/">VentureBeat reported</a> that the Dropbox iOS app was storing user login credentials in unencrypted text files—where they would be visible to anyone who had physical access to the phone.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">What Encryption does Dropbox use?</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Dropbox claims:</span><br />
<blockquote class="tr_bq">
<span style="font-family: Verdana, sans-serif;">At Dropbox, the security of your data is our highest priority. We have a dedicated security team using the best tools and engineering practices available to build and maintain Dropbox, and you can rest assured that we’ve implemented multiple levels of security to protect and back up your files. You can also take advantage of two-step verification, a login authentication feature which you can enable to add another layer of security to your account.</span></blockquote>
<b><span style="font-family: Verdana, sans-serif;">When it comes to encryption methods Dropbox use, they state that:</span></b><br />
<br />
<ul style="text-align: left;">
<li><span style="font-family: Verdana, sans-serif;">Dropbox uses modern encryption methods to both transfer and store your data.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Secure Sockets Layer (SSL) and AES-256 bit encryption.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Dropbox website and client software are constantly being hardened to enhance security and protect against attacks.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Two-step verification is available for an extra layer of security at login. You can choose to receive security codes by text message or via any Time-Based One-Time Password (TOTP) apps, such as those listed here.</span></li>
<li><span style="font-family: Verdana, sans-serif;">Public files are only viewable by people who have a link to the file(s).</span></li>
</ul>
<span style="font-family: Verdana, sans-serif;">Dropbox uses Amazon’s Simple Storage Service (S3) for storage, which has a robust security policy of its own. You can find more information on Amazon’s data security from the S3 site or, read more about how Dropbox and Amazon securely stores data.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<b><span style="font-family: Verdana, sans-serif;">How to Secure your Dropbox account?</span></b><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Popular cloud storage service Dropbox, had a history of security problems, ranging from compromised accounts to allowing access to every Dropbox account without requiring password.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">When and if you decide to use cloud services like Dropbox, the following three basic steps can help you protect your data:</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<br />
<ul style="text-align: left;">
<li><span style="font-family: Verdana, sans-serif;">Apply web-based policies using URL filtering, controlling access to public cloud storage websites and preventing users from browsing to sites you’ve declared off-limits.<br /></span></li>
<li><span style="font-family: Verdana, sans-serif;">Use application controls to block or allow particular applications, either for the entire company or for specific group.<br /></span></li>
<li><span style="font-family: Verdana, sans-serif;">Automatically encrypt files before they are uploaded to the cloud from any managed endpoint. An encryption solution allows users to choose their preferred cloud storage services, because the files are always encrypted and the keys are always your own. And because encryption takes place on the client before any data is synchronised, you have full control of the safety of your data.You won’t have to worry if the security of your cloud storage provider is breached. Central keys give authorized users or groups access to files and keep these files encrypted for everyone else . Should your web key go missing for some reason—maybe the user simply forgot the password—the security officer inside the enterprise would have access to the keys in order to make sure the correct people have access to that file.</span></li>
</ul>
<div>
<span style="font-family: Verdana, sans-serif;"><b>How to secure your Dropbox account?</b></span></div>
<div>
<ul style="text-align: left;">
<li><span style="font-family: Verdana, sans-serif;"><b>Enable Two-Step Verification</b> - With two-step verification enabled, you’ll have to enter both your password and a security code from your mobile phone whenever you sign into the Dropbox website or add a new device to your account. Even if someone else knows your Dropbox password, they won’t be able to log In without the time-sensitive code from your phone.<br /></span></li>
<li><span style="font-family: Verdana, sans-serif;"><b>Unlink devices</b> you don’t use and view web sessions.<br /></span></li>
<li><span style="font-family: Verdana, sans-serif;"><b>Get email notifications </b>- Ensure email notifications are enabled so you’ll receive emails when new devices and apps connect to your account.<br /></span></li>
<li><span style="font-family: Verdana, sans-serif;"><b>Manage linked Applications</b> – Third-party apps often require full access to your Dropbox account, and the app retains access even if you stop using it. If the app itself is compromised or starts behaving maliciously in the future, it will be able to do damage.<br /></span></li>
<li><span style="font-family: Verdana, sans-serif;"><b>Don’t reuse your passwords </b>– You should use a unique password for your Dropbox account, one that you haven’t used for any other services.<br /></span></li>
<li><span style="font-family: Verdana, sans-serif;">Encrypt your Dropbox files – To protect yourself and ensure your sensitive files remain secure, you can encrypt the files you store in your Dropbox account. To access the encrypted files, you’ll need to know the encryption password – anyone without the encryption key will only see random, jumbled nonsense data.</span></li>
</ul>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com1tag:blogger.com,1999:blog-5701013675247016886.post-76388278602668795622014-02-15T03:39:00.001+11:002014-02-15T03:51:59.727+11:00Four "Basic" Ways To Protect Company Data<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="background-color: white;">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Breach at Target appears to have started with a <a href="http://krebsonsecurity.com/2014/02/email-attack-on-vendor-set-up-breach-at-target/">malware-infected email!</a></b></span><br />
<div>
<span style="color: black;"><span style="font-family: Verdana, sans-serif;"><br /></span></span></div>
<div>
<span style="color: black;"><span style="font-family: Verdana, sans-serif;">Target Corp. and other large retailers have made the news due to data breaches, but businesses of all sizes need to make sure they have up-to-date policies and procedures to protect private data.</span></span></div>
</div>
<div style="background-color: white;">
<br />
<span style="font-family: Verdana, sans-serif;">The <a href="http://www.cbsnews.com/news/target-breach-may-have-started-with-email-phishing/">breaches at Target</a> highlight how important it is for organizations to know how secure their networks are?</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Here are four measures businesses should take to ensure their data stays private.</span><br />
<ul>
<li style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: Verdana, sans-serif;">One obvious way is to make sure your business' security software is up to date and working "to make sure you don't leave holes in your technology.</span></li>
</ul>
<ul>
<li style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: Verdana, sans-serif;">Do you have policies and procedures in place for how employees interact with the business' server and network? Such measures include making sure employees have strong passwords for their computers and other devices, keeping their machines updated with the latest anti-virus protection and providing them with general awareness on things to watch out for, such as phishing messages (scams that ask people to give out personal information or prompt a person to click on a link that will infect their computer with malware).</span></li>
</ul>
<ul>
<li style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: Verdana, sans-serif;">Make sure that employees have safeguards on the personal devices they use to connect to the company's network.</span></li>
</ul>
<ul>
<li style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: Verdana, sans-serif;">Don't forget security measures for paper records.</span></li>
</ul>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com1tag:blogger.com,1999:blog-5701013675247016886.post-58950969334596139252014-02-08T23:27:00.000+11:002014-02-15T03:47:34.143+11:00The Internet of Things<div dir="ltr" style="text-align: left;" trbidi="on">
<div align="left" style="background-color: white;">
<b><span style="color: blue; font-family: Verdana, sans-serif;">"The Internet of Things" is now finding its way into mainstream conversation!</span></b></div>
<div align="left" style="background-color: white; color: #a20000;">
<span style="color: black; font-family: Verdana, sans-serif;"><br /></span></div>
<div align="left" style="background-color: white; color: #a20000;">
<span style="color: black; font-family: Verdana, sans-serif;">Once a term used mostly by MIT professors and those steeped in the privacy and security field, "The Internet of Things" is now finding its way into mainstream conversation. Loosely defined as the practice of equipping all objects and people in the world with wirelessly connected, identifying, computing devices, the term represents what could be a hugely transformational way of life. </span></div>
<div align="left" style="background-color: white; color: #a20000;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="font-family: Verdana, sans-serif;">At one time, "The Internet of Things" probably sounded like science fiction; but today, it's becoming very real. Here are a few examples of where you can literally see, hear and almost feel this phenomenon occurring in some very ordinary places:</span></div>
<ul style="background-color: white;">
<li style="margin-left: 15px;"><span style="font-family: Verdana, sans-serif;">TRENDnet marketed its SecurView video cameras as "secure." In fact, the <a href="http://r20.rs6.net/tn.jsp?f=001xywEu4hwFT-bWx6ojwkjR3-bjwVp3J0ztOdg9y0Ar31h9nmoOL55DslT0my5fky53TiZoo6m7GTrQJq_yp5IKW0xJge8f3V5ZmNWc5Ho18pjpUMyN-j456kE-dv-mzq5A2btiOG6UElmRD_koMj3XtQPqnOdFVhKkifRgK4vv2HB-FsZzjFr3CsiRjUchYOMUXtpzGr-38l-kqqq2zKAY5V_oB9DmJYO5C_N1fPyOZZW91v6Mg5SnqWrU3ccb0TFJu0KLFd5wWe6n_37wOH1qDgFInT2erRzXCX2pg7oCxJSMf4xZ9hZKQ==&c=60PxkNPHGI3UcAYH01ol95xUCe3IEA2bwQUhBEHh8_Deu1p6wPyLYA==&ch=RCumqVQRS9R9bFkYfOVsVSkZDr14Qe-0G92-pOKYo_6rSkw_d5WpDw==" shape="rect" style="color: #a20000;" target="_blank">cameras had faulty software</a> that allowed anyone with the cameras' Internet addresses to hear and see what the cameras were capturing. In fact, more than 700 were hacked, creating live-streams of private locations and private moments online for the world to hear and see. </span></li>
<li style="margin-left: 15px;"><span style="font-family: Verdana, sans-serif;">Google possesses possibly more data about consumers' online activities than any other organization (Facebook, Microsoft, IBM would probably be close behind.). Now it seems, the Internet giant is on track to know as much about your offline behavior. <a href="http://r20.rs6.net/tn.jsp?f=001xywEu4hwFT-bWx6ojwkjR3-bjwVp3J0ztOdg9y0Ar31h9nmoOL55DslT0my5fky5ZDoURb70I6nWBQiRa6-XV6QXGPjtTDY_Xo56jX7PcnAi1gnYmmzezvAXHly6hXFwfi7I0f6SCdTOH78ix8TWe5tgtjH4kJxjchXAp8PHJCpn_gCHwSE4nfBlRkzy86MuuUY6WelwZG53v0DN12fdYihTE3FTdB_UkmFC-uEVoPypqRft7XfnJdY6rNF5hSm5P3rvclh5n7oQezgQDkCVHozpLq_tqM1W&c=60PxkNPHGI3UcAYH01ol95xUCe3IEA2bwQUhBEHh8_Deu1p6wPyLYA==&ch=RCumqVQRS9R9bFkYfOVsVSkZDr14Qe-0G92-pOKYo_6rSkw_d5WpDw==" shape="rect" style="color: #a20000;" target="_blank">The company recently purchased Nest</a>, which makes "smart" thermostats and smoke/fire alarms that track indoor-activity data. They have stated they plan to create many more of these types of smart gadgets. How much personal information will Nest share with Google, and how will that information be used?</span></li>
<li style="margin-left: 15px;"><span style="font-family: Verdana, sans-serif;">A range of smart-home and smart-car technology allows consumers the ability to control access and features of their houses and vehicles. But <a href="http://r20.rs6.net/tn.jsp?f=001xywEu4hwFT-bWx6ojwkjR3-bjwVp3J0ztOdg9y0Ar31h9nmoOL55DslT0my5fky5sB_3HKJBh2b0uQk9R_ephno0r4LJm76Ma-MYah9h6nP0njap8ryJy2QuC3L0o1WrnQQfRGRNHJdusYhw1qBCha7nV0LaeoAPmKbcDqOtm-J3mMVeto5jz1p8FzCs4Ub2lz6cvEQ1wPn4jpumcoCoY0v5ors2mbu_35g6NKF0xR13QDn4pmcEADfXsnkQoaRfvsBq_dTeUG8i5qPDwhPNzE-jwMAO-PC888zJb15XGtcoD2SY9hjzw5rDrjHoJzp5&c=60PxkNPHGI3UcAYH01ol95xUCe3IEA2bwQUhBEHh8_Deu1p6wPyLYA==&ch=RCumqVQRS9R9bFkYfOVsVSkZDr14Qe-0G92-pOKYo_6rSkw_d5WpDw==" shape="rect" style="color: #a20000;" target="_blank">who else might gain the same level of control</a>? And what will happen when "smart" cars and appliances can function on their own without human intervention? As <a href="http://r20.rs6.net/tn.jsp?f=001xywEu4hwFT-bWx6ojwkjR3-bjwVp3J0ztOdg9y0Ar31h9nmoOL55DslT0my5fky5hiIOLX1j3KIqwPBPajFrhPrdIapCZvy-76HwGqoq2jGvcwFt59bgMsy-e0HTL_UXLmQmcIHObcoGWGCX8F0LgPcsgvJdAlO_gMgrVThqt5OPoSx_6hvDv8TxD-uS2usTdsESelqtwjk7lLTqTeCAq6gje21X4b0cgEmTFxKNszgZXosMksjZvIWgDM5lVhU2KCUqKBX2EL9o8OiFsWx_XuDTk_ySRBFwJqoJPlGOxh0=&c=60PxkNPHGI3UcAYH01ol95xUCe3IEA2bwQUhBEHh8_Deu1p6wPyLYA==&ch=RCumqVQRS9R9bFkYfOVsVSkZDr14Qe-0G92-pOKYo_6rSkw_d5WpDw==" shape="rect" style="color: #a20000;" target="_blank">this Guardian article</a> contends, they will certainly be tempting to hackers.</span></li>
</ul>
</div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com1tag:blogger.com,1999:blog-5701013675247016886.post-15167757161385800312014-02-02T23:54:00.000+11:002014-02-02T23:54:33.796+11:00Cybersecurity in the age of "Surveillance"<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Verdana, sans-serif;"><b><span style="color: blue;">How to assure that your network and its data are being guarded by a trusted partner?</span></b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">The collection of information generated from the online activities of citizens, by both private and public interests, has become so widespread and pervasive that it has prompted several social commentators to label today’s digital-defined culture as “The Surveillance Age.”</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">The fact that nearly every sovereign state with the means is conducting high-tech surveillance programs, a practice that is considered by most to be integral to national security and ensuring the safety of the state and its citizens.
For many observers, the most disconcerting component of the recently exposed data-collection activities of the National Security Agency was tied to multiple U.S. companies may have cooperated in the surveillance activities.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">The possibility that trusted businesses could be leaving digital backdoors through which sensitive information could slip has cast a chill across both consumer and professional market sectors.
This issue is not for us to speculate here; however, given the interest it has attracted, it would be valuable to share some fundamental information about mobile security, as well as some guidance to assure that your network and its data are being guarded by a trusted partner.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">A key element of security is encryption technology, which is critical to protecting the confidentiality and integrity of a digital transaction between two endpoints, such as a mobile device and a corporate server located behind a firewall. Providing an integrated approach to mobile security, in which data is encrypted while at rest (stored on a digital device) or in transit, is the best protection against the loss of data or a security breach that could impact the profitability, competitiveness, or reputation of an organization.
Strong encryption guards against data integrity compromises in these environments, which are typically treated by network engineers or mobile security experts as hostile and untrustworthy</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">It’s important to note that encryption technologies differ significantly in the degrees of protection they offer. To gain a deeper understanding of encryption requires an introduction to a few esoteric cryptography terms. One of those terms is entropy, which plays a significant role in determining the effectiveness of a modern encryption system. At a very high level, entropy is a measure of how much randomness you have. Simply put, the more entropy you have the more effective your encryption can be. Consider the differences between seeking a needle in a haystack and looking for one hidden in an acre’s worth of haystacks. The procedures are essentially the same; it’s the level of difficulty and complexity that differs substantially between the two scenarios. </span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Any discussion related to digital intrusion or surveillance has to include spyware, which is a form of malware. Businesses or organizations using mobile devices that have open development platforms are especially susceptible to attempts to exploit users through spyware. It is also a favorite tool of cyber criminals, who are increasingly targeting mobile devices as access points into the confidential data of organizations for purposes that range from nuisance to nefarious. </span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Disguised within a consumer application, malware can be used to gain access to personal information, for anything from marketing to identity theft to compromising corporate data. This real and growing threat requires security solutions that properly safeguard the privacy of governments, enterprise workers, and individual users.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">The fact that the number and utility of mobile devices will only increase means that the boundaries of the modern organization are being stretched to include hundreds or even thousands of mobile end points possessing access to the most precious assets, such as intellectual property and other sensitive information.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<b><span style="font-family: Verdana, sans-serif;">Security in this environment cannot be an afterthought. It must be built in at every layer -- hardware, software, and network infrastructure -- to ensure end-to-end protection. With the stakes so high in “The Surveillance Age,” it’s imperative that you demand "confidentiality & integrity" commitment from every partner you trust with your information.</span></b></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0tag:blogger.com,1999:blog-5701013675247016886.post-32252177616172890842014-01-22T12:14:00.000+11:002014-01-22T12:14:21.051+11:00Did you get an email from Target?<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: blue; font-family: Verdana, sans-serif;"><b>Are you one of the roughly 70 million people who got an email from Target last week about the store's mega security breach? If so, be careful.</b></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Target did indeed do a blast to customers to offer one year of free credit monitoring. The problem is scammers are also on the prowl and are sending out similar emails.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Target even says it has identified and stopped at least 12 scams preying on consumers via email, Facebook and other outlets.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">The Target emails went to customers whose personal information was in the Target database. Cyber thieves penetrated the records <a href="http://money.cnn.com/2014/01/13/news/target-neiman-marcus-hack/index.html?source=yahoo_hosted">during the holiday shopping season</a> breach discovered last month and stole info like names, phone numbers and email addresses. The full extent of the hacking is still under investigation.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">In the meantime, here's what to do if you see an email from Target pop up in your inbox.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">If you've already opened the email: Target has posted a copy of the email it sent out online. <a href="https://corporate.target.com/_media/TargetCorp/global/PDF/GreggEmailToGuests-1-15-14.pdf">So go here</a> to make sure the email you opened, the address it came from, and the link you clicked all matches up.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">If it doesn't match, and especially if you clicked a link to an external website and entered personal information, you need to take action quickly.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">First, get a copy of your credit report, check your bank and credit card activity on a daily basis and call the credit reporting agencies to tell them what happened. You can ask to have a fraud alert placed on your account, meaning it will be flagged to lenders if someone attempts to open credit in your name.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">If you're really worried, you can request a credit freeze, which prohibits any credit from being extended under your name. But that's a big step because you will have to go through the process of undoing this whenever you need credit again.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">If you entered a credit card or debit card number, reach out to those institutions to warn them of potential fraud as well.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">If you haven't opened the email: To avoid any chance of a virus or of falling prey to a potential scam, it is recommended to go directly to <a href="https://corporate.target.com/_media/TargetCorp/global/PDF/GreggEmailToGuests-1-15-14.pdf">Target's website to view the letter</a> you believe has landed in your inbox -- since even opening a fraudulent email could lead malware to be installed on your computer. And if you do open the email, don't click on any links.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">All other correspondence from Target can be <a href="https://corporate.target.com/about/payment-card-issue.aspx">found here</a>. The retailer emphasizes that it will never email a consumer and ask for personal information like a Social Security number or credit card information.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">But it's not just emails claiming to be from Target that customers need to worry about.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">If your personal information was compromised in the breach, that means scammers could contact you pretending to be anyone -- like another retailer.</span></div>
Anonymoushttp://www.blogger.com/profile/01273024510614936807noreply@blogger.com0