Posts

5 smartphone security fixes to keep your data safe from hackers, scammers and advertisers

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Go anywhere online and it feels like someone is watching. That’s because, well, they are.

Tips to keep your laptop, tablet and smartphone safe while traveling this summer

UP NEXT

UP NEXT

Did you know there’s a secret mobile advertiser ID on your smartphone that knows where you live and what you’ve shopped for online recently? It can easily be traced directly to you and reveals things like your physical address and IP address.



a sign above a store: Public charging stations at places like airports and coffee shops are handy but they also put your data at risk.


© Wittayayut/Getty Images/iStockphoto
Public charging stations at places like airports and coffee shops are handy but they also put your data at risk.

And that’s just one of many trackers, IDs, maps, and settings collecting your info. More often than not, this data is packaged up and sold to the highest bidder. (Sorry, you don’t get a cut.)

Loading...

Load Error

Start the day smarter. Get all the news you need in your inbox each morning.

If you want to get serious about security, you’ll have to go beyond the usual steps.

1. Turn on USB restricted mode

Ever charge your Apple device in a public place, on a plane or at work? You need to turn on USB restricted mode. It helps to prevent hackers from “juice jacking” your device by installing malware or stealing information through the USB charging port.

How to do it: To turn on USB Restricted Mode, select Settings > Face ID & Passcode > type in your passcode. Scroll down to the section called “Allow Access When Locked,” and make sure the option called “USB Accessories” is toggled off.

Public charging stations at places like airports and coffee shops are handy but they also put your data at risk. If you’re going to be out long enough for your device to run out of power, consider getting your own external power bank and juicing it before leaving your home. If you must use a public charging station, think about picking up a USB data blocker that stops malware from entering your device or bring along your own external battery charger.

2. Auto-erase data

Source…

Security researcher: Criminals use Discord to distribute malware


According to security researchers, the content delivery network (CDN) of the voice and text chat platform Discord is increasingly being misused by criminals to spread malware. The security company Sophos writes that four percent of their malware downloads examined came from Discord in the second quarter of this year. Users can upload and exchange files via Discord. According to Sophos, this has a number of advantages for cyber criminals.

Overall, Sophos found 14,000 malicious files on the Discord CDN and sees an upward trend. So that criminals can place their malicious software there, all they need is a chat room that anyone can set up free of charge. As soon as a file is uploaded, it lands on cdn.discordapp.com. In this Google Cloud Storage, Trojans can then be reached all over the world via a fast CDN.

Discord uploads files to its CDN, but no longer deletes them.

(Image: screenshot)

The special thing about it: You do not need to log in to access the file. If you call up the URL of the uploaded file, the browser asks directly whether the file should be downloaded. If this URL is linked in an email, there is no warning or anything else that could distract from the download.

Even if the message with the file attachment is deleted on Discord, the file itself can still be accessed in the CDN, as heise online found out in a short test. And it gets even better: If you delete the so-called “server” (actually a created, administrative room) on Discord with all messages, channels and users, the file was still available to us in the CDN.

The problem is by no means new. According to Sophos, a lot of malicious software landed on Discords CDN last year. Discord has not changed the basic functionality, but relies on reports from users and scans itself for malicious code. However, malware cannot be easily distinguished from non-malicious software without fully analyzing its behavior.

Among the files found by Sophos were some malware families that intercept stored login data or ensure that the attacker can remotely control the affected computer. We therefore recommend that you be…

Source…

Cyber Daily: Security Chiefs See Bigger Paychecks Amid Rise in Hacking Threats

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Good morning. Corporate cyber chiefs’ salaries are growing amid an uptick in hacking threats and a dearth of experienced executives, WSJ Pro’s Catherine Stupp reports.

Also today: Biden’s new directive on cyber safeguards for critical infrastructure; more details on the TSA’s pipeline rules; a tool for shaming hackable websites; and cyber startups going gangbusters.

High Demand

Cha-ching: Demand for experienced cyber executives has pushed the average salary for chief information security officers to new heights.

CISOs in the U.S. earned a median salary of $509,000 this year, compared with $473,000 in 2020, according to a new survey of 354 CISOs, published Thursday by executive search firm

Heidrick & Struggles International Inc.

Total compensation, including equity grants and bonuses, rose to $936,000 from $784,000 in 2020.

High-profile ransomware attacks have caused corporate executives and boards to focus more on cybersecurity over the past year, said Omar Khawaja, CISO at Pittsburgh-based Highmark Health.

“There’s a very tangible and direct business disruption,” he said. “It’s hard to ignore.”

Read the full story.

More Cyber News

Biden urges critical infrastructure to beef up cyber safeguards. The White House directed federal agencies to develop voluntary security goals by September for companies that operate critical infrastructure, such as financial services or electric utilities. At least four successive administrations have pursued such a voluntary strategy for ensuring cyber readiness. But senior officials say the directive could be a precursor to the Biden administration issuing mandatory standards for such firms. (WSJ)

Read the full directive from the White House here.

TSA official details second pipeline security directive. The rules, which have not been publicly released, cover technical areas such as the separation of operational and information-technology systems, Administrator David Pekoske told the Senate Commerce Committee Tuesday. Mr. Pekoske said the directive would also require reviews of how…

Source…

Cyber security growing concern for local government | News

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Cities and counties all over Indiana are putting together budgets, but one topic that may get more attention than in past years is cyber security. Ransomware attacks hit the headlines earlier this year when hackers shut down an oil pipeline that runs up the east coast. That was followed with computer attacks that hit the nation’s largest meat supplier, JBS. But increasingly those attacks are impacting local governments. One of the biggest came in north Texas where a dozen communities lost the ability to use their computers to do police work, operate utilities and about anything else you do at town hall.

“This used to kind of be in the back of everyone’s mind,” said Washington City Clerk-Treasurer Beth McGookey. “Now it is moving to the front.”

For the city of Washington, keeping the computers safe is important.

“Cyber security is a big topic,” said Washington Mayor Dave Rhoads. “I would like to think we are secure, but you can never be 100% secure. We have an information technology director (Michael Folsom). I know he is always working on ways to make us more secure. We have firewalls and software that looks for malicious emails or other attacks. We also have a lot of off-site storage so that we can restore things in the event of an attack. I know we have done a lot to protect our network.”

For Washington, the protection is not just for the city, but also for the utilities. With electric, water, sewer and storm water utilities a hacker could, at the minimum, disrupt billing and at the worst impact operations.

“Mike is constantly watching our systems and working with department heads to try and keep everything secure,” said Rhoads.

While a larger community like Washington may be able to beef up computer operations to make them safer, some smaller communities may not have access to the same computer expertise.

“I don’t think we are any more exposed than the normal household, but I don’t know what we have in terms of security for our systems,” said Montgomery Town Board President Mike Healy. “Until a couple of years ago it really wasn’t anything to think about, now it is.”

Healy says at one time he was on a board…

Source…