Categories
Cyber news Cyber Security

Safety tip of the day

How safe are you with your passwords with your internet browser?

Do you practice good password security?

Do you use your web browser to save passwords from websites?

To answers these questions, I’ll share with an experience I had. I won’t share the brand name of this web browser just to stay out of trouble. A friend of mine bought a new computer and asked me to help him with the initial setup. We went through all of the normal configuration of a new laptop and transferred his information from the old laptop to the new one.  After the setup he went through the new laptop to see if anything was missing from the old laptop. Turns out that he didn’t document some login and password information from some websites he uses. I did a little digging and found out that the web browser he was using would ask to save this information from websites. I found this in the settings of the web browser and plain as day, an unsecure folder with an entire list of websites he visited with the user I.D. and password associated with it. I’m no Cyber security expert, If I can locate this, then the criminals won’t have any problem at all. In this folder I found 41 unique websites with all the credentials needed to log in to that website including the ones he was missing.

The fix.

Don’t save any login information in your web browser. I would recommend using a password manager as there are a number of good ones out there and a lot of them will offer a basic account for free. Adding a password manager is adding an extra layer of protection from getting your information stolen, putting your login information behind password protection.

Categories
Cyber news Cyber Security Training

Home Cyber Security

Do you work from home? Do you have a small business that relies on using the internet? Do you have employees that work from home?

The subject has come up recently on working from home and using your home network for work purposes.

Some Security experts have asked the question how do we keep employees who work home more secure?

The easiest answer is to educate employees on home security and the importance of maintaining good home security, performing good cyber hygiene. Easier said than done. How do you keep them interested enough to learn and continue to practice good habits? Make it interesting, change it up.

Another tool that can be used to introduce employees to the risk of not maintaining a good security practice is to introduce them to a program called Bwapp. Bwapp is a program designed to educate people on what the cyber criminals can do by teaching them what they actually do. Bwapp doesn’t care what your knowledge level is in cyber security. The program is designed to start at entry level and slowly progresses in difficulty. Bwapp starts at the basics, walking an individual through the program step by step.

 WICTRA can help with this. What do we do? We help to provide education on cyber security. We have assembled various sizes of mobile ranges to provide training to groups of 2 people up to potentially 50 people at one given time. Bwapp is just one training aid that we offer. We have over fifty different challenges for people to try in our mobile range setup.

Once again, this only part of the solution. Another element that can be added in assisting people who work from home with their internet security is to provide them with an easy to follow checklist that gets them looking at all of the items within their home that connect to the internet, to see how secure they really are. Keep it simple, this is the easiest way to keep them interested and using it. If they don’t understand the terminology, how can they implement it? Speak with them, not at them.

Keep your employees engaged in what’s really happening in the world. There’s an overwhelming amount of news out there pertaining to cyber security, but which items would be helpful and important to the individual who works from home?

Below is a link to a checklist we’ve created. Feel free to download this and use it to start looking into the level of security within your home. This is a good tool start getting into a routine of monitoring your devices used in your home or small business.

Categories
Cyber news Cyber Security Training

Wisconsin Veterans Forward

Leading the Charge Against Cyber Threats (Part 1)

See how the Wisconsin Cyber Threat Response Alliance leverages veteran talent to lead the charge against cyber threats.

Leading the Charge Against Cyber Threats (Part 2)

Categories
Cyber news Cyber Security Technology

Is your router ready for an upgrade?

Categories
Cyber news Cyber Security Technology

Google has new tech to track your web browsing – here’s how to stop it

We’ve written on a number of occasions already this month that Google was launching a test of new technology in Google Chrome called FLoC, which stands for Federated Learning of Cohorts. It’s ostensibly meant to let Chrome improve the anonymity of users — which is something Google vowed to do a few weeks ago, via a movie to stop allowing advertisers to track users online with third-party cookies. However, Chrome will do this via FLoC while also still collecting some users’ browsing data for advertising purposes. What struck many people as particularly frustrating is that even though Google said it would test this as part of a limited pilot run before rolling it out fully, the search giant didn’t offer a straightforward way to opt out of the testing.

Categories
Cyber attack Cyber news Cyber Security Phishing Rasomware

As the filing date for tax returns in the United States approaches, IRS/tax scams are popping up

Each year many fall for these scams. The bad guy predate on the old, the young, anyone who may not have strong knowledge of the IRS and how it operates.

Here are just a few of the more popular scams/setups.

Any email from the IRS. The IRS does not email you.
Any phone call from the IRS. The IRS does not call you.
You are getting a refund / what is your tax refund status
False unemployment claims
Your SSN has been cancelled/suspended
You owe back taxes . Pay now or else.
Help by providing relief for this disaster
Please verify your information
Your Tax Transcript
You are a victim of Identity Theft.
Please verify your information.
You have committed a crime. Pay the fine.
Please verify your banking information
Etc. Hundreds more.

The National Cyber Warfare Foundation (https://cwr.dev) sees many alerts and notifications every year.

The IRS provides specific guidance on this issue. Read their web site post: https://lnkd.in/dSRY-Z3 the article also provides links on who to report scams/scammer to. #ncwf

Categories
Cyber attack Cyber news Cyber Security

What is a cyberattack?

If your employees don’t know how #cyberattacks occur, how will they be able to spot them? Here’s a great article that helps break down what happens during an attack, along with some of the most common threats to be aware of

A guide to the different methods cybercriminals use to harm computers and steal data

Cyberattacks are performed by malicious actors with various intentions, though the tools and methods they use are often the same.

  • A cyberattack is an assault on any computer or network, almost always launched from another computer or network.
  • There are a lot of ways malicious actors can launch a cyberattack, including malware, zero-day exploits, and denial-of-service attacks.
  • Here’s a brief overview of cyberattacks and what you need to know about their risk.
  • Visit Insider’s Tech Reference library for more stories.
Categories
Cyber news Cyber Security Technology

Dodge’s 2FA security update for muscle cars will slow thieves to a crawl

Putting a PIN on your Charger or Challenger limits anyone else to idle speed.

Autoblog points out the Security Mode update that the carmaker will soon make available to owners of 2015 or newer Charger and Challenger models equipped with large HEMI V-8 engines. It’s adding two-factor authentication, only instead of sending a push notification to your phone or generating a code, it’s a simple four-digit PIN. Combining something you know with something you have (your car key) is required to make the car unlock its full potential. With the security feature turned on, unless you input the code the engine won’t rev beyond idle speed (675 RPM) where it only has about 2.8 HP and 22 pound-feet of torque.

Categories
Cyber attack Cyber news Cyber Security

Differences Between a Vulnerability Assessment and a Penetration Test

Categories
Cyber news Cyber Security Technology

Use a privacy oriented search engine

Search engines are one of the primary resources used to spy on you. I personally know that search engines have been spying on people since the beginning.
There is a clear privacy leader for search engines: DuckDuckGo (https://duckduckgo.com)
This is a great search engine and they are privacy focused. This protects you online and greatly improves your privacy/cybersecurity posture.
You should switch all of your web browsers to use DuckDuckGo as your search engine. Including:

  • Your desktop
  • Your mobile devices

Switching is easy and it is never too late. You will start benefiting immediately.