Category: Security

Several online retailers have weak password security!

Paul

Retailers makes it easy for hackers!

Dashlane releases their top 100 online Retailers and “The Illusion of Personal Data Security in E-Commerce” this makes it easier for the hackers to know the common passwords for sites.   Some of the retailers that are mentioned are:
  • Cafepress (affiliate link) — Although I have been a huge supporter for those really cool shirts and other personable merchandise.   They only require a 3 character password.  If your using a 3 character password, then you are just yelling to the hackers come get my credit card information and personal information!
  • Scholastic Inc — This one seem likes they allow this for kids, I just hope they don’t give out all that valuable information.   They two also only require a 3 character password for an account!
  • 1-800-flowers (1800flowers.com) — Only requrie a 1 character password, which means that you could use Q for your password and you’d be all set for someone to take your credit card information really quickly.

Those are only the few that I found that were really interesting.   I am calling out these retailers to make changes to their password lengths.  You can see the complete list of the 100 retailers with passwords length and various other data.   This link is thanks to Steve Gibson to see all the important stuff!

Password Length

I’ve talked about Lastpass in the past so I will not talk about it anymore.  I do recommend people use the maximum length you can have on sites that are really important to you.   This will prevent hackers from guessing real simple passwords.   Although you should have Higher, Lower, Numbers, and Special characters in your password to make password guessing even harder.  It is up to you to prevent your account from getting hacked or taken over.   No one can help you but yourself!

 

Those really BAD passwords you shouldn’t use! The list is out for 2013!

Paul

Who uses these?

It isn’t everyday that I come across some really interesting passwords.   Among the list of the 25 that Spashdata has released!  The Ones that really stand out for me are: “trustno1” (Gives a new meaning to TNO), Adobe123 and my favorite “photoshop” are on the list of those the top 25 passwords you should NEVER USE.  I don’t know if people are just trying to come up with something no one would think of or if they really want there Facebook Account to be hacked in the first place!

Randomness is everything!

I keep telling people to go check out Lastpass to be safe but it some people will never learn.   I believe in Lastpass so much I pay for the mobile version for a year.   Only 12$ a year but it is for a good cause, and I am really happy with their service!  Lastpass is truely the Last password you will ever have to remember.  

I don’t know about you but I think it is time to go change some passwords! 

What I have learned from Person of Interest Show!

Paul

Person on Interest!

When I first started watching this show, I thought it was unique but then last year we had the revelation of the Snowden contraversy and how the government was collecting all sorts of information.  Then this became so relevant to the government and how they are collecting my information.   You will see in this show so much talk about how they are collecting it.   It is scary and I am sure the Government has put this out to help have a plausible deniability factor to it.   I know I am going to have conspiracy theories tell me all sorts of stories, and frankly I am not interested.  This is my take on the show and here it is!

Bluetooth Force Pairing

To some this is impossible, and to some like me it is possible but highly unlikely.   I however tend to be more paranoid than most and think this is probably happening more than most would care to admit.   People have shown how to pair without confirmation in many situations and thus that I why I believe this is happening in today’s society without your knowledge.   Again this go back to the Plausibility factor, so who really knows this is after all I good reason to keep your cellphone secure as you can by turning off Bluetooth when not in use!

There will Always be a FINCH!

This is self evident in the series, he can hack and do all sorts of things that makes your head spin.   We have hackers and crackers who do this sort of stuff all the time but in much less detail and much less exposure.   I am sure they do not do all this stuff but they do some of it without your knowledge and without much publicity.   They probably have gotten into people’s Facebook accounts without your knowledge also!

Only the Paranoid Survive!

This is a quote from FINCH also, the geek humor of it is what struck me as funny.  Those who are paranoid have good reasons to worry and be cautious of what everything we do online.   It is good to be asking questions about what is going on and trying to keep our personal information safe.  It is sometimes hard to fight for your rights.   That was one reason I tell people to use a VPN service like VPN4ALL and that way you can keep your bank information and your identity from those who could do the most damage! 

As you can see I have been watching this show for the past few weeks going back and starting from Season 1 of Person of Interest and it is quite interesting and somewhat scarey what they do on the show.   It keeps me wondering just how much of this is true and how much of it is made up.   Only time can tell what really is true but you have to wonder and ask questions.   Could this be true?

How Cryptolocker (Ransomware) gets installed and how to remove it!

Paul

Cryptolocker Virus!

I have been watching what has been going on in the past few days and thought it was high time I tell you about this nasty little worm or virus! It has been many months since I have talked about this and I wanted to help you understand how you might of been infected. If you have been infected and want to remove it, you can easily remove it by using Malwarebytes Pro, Which is a sponsor of my blog. The Malwarebytes Blog has some interesting stuff about what this bug really does to your files and what it encrypts!

Drive by download

Some would say it is coming from emails but I suspect it will get much worse before it gets better. If they are making money they will probably start advertising that you have a virus and when you click on the image you will be taken over to actually have the virus or worm as some would call it. It all started when scammers started infecting systems and doing the defederpageblock and others like that. They found they could actually make money by scaring people into paying. I even tried to help people by offering some great Antivirus And Antimalware tools to help fight off this types of infections.

So how are some ways to get infected? The basic ways are simple opening email links if you don’t know the sender. This is the most common approach by any scammer or spammer because you can’t really see where that link is going or even if they are trying to use a script.

Social Media is the next biggest way that you might get infected by clicking links in Twitter, Facebook, LinkedIn, and sites like that. You have to be careful but most of the time you can expand the URL by using a service like LongURL. I sometimes use this to find out where a shortened bitly link or twitter link is going to take me.

Googling or Searching is the next way an attacker would install this type of software on your system. They would just use scripts, known vulnerabilities, to force install or silent install this type of software in your system and if you were using something like NoScript you would be much safer than if you didn’t!

Installing untrusted software can lead to you getting infected by this virus and others if you think you have to have a piece of software for something then please do not use your Windows Admin account to install this on. You should try to see what others are saying about a particular software or application. It isn’t always going to be fool proof but it will at least slow it down.

Now these are a few ways you could get infected if you were trying to get infected with this nasty virus. Which case you would be paying 300 US dollars or 2 bitcoins which is how they want to keep getting paid. So if you don’t want to find your pictures, and important data encrypted, please put them on a recordable dvd and put them up! This would be one step to help fight this little problem.

I havent’ heard if it has infected any Apple, Android, or Linux Operating systems it looks to be primarily Windows Systems. I can assure you it will happen to these other OS in the coming months so don’t think you aren’t immune to this and other malwares or viruses. With Android having exploits in the wild you can bet they will targeted soon to encrypted your contact list and your pictures. This would be my next bet!

Secure Browser Alternatives for browsing safely on the web!

Paul

Zero day vulnerabilites target Internet Explorer

Cyber Security Awareness Month

If you didn’t know October is Cyber Security Awareness Month and I wanted to give out some ways to keep you safe on the internet.   I know I am not the only to suggest some of this but if you didn’t know please don’t use Internet Explorer to web browse.   If should only be used for updating Windows and that is the extent of what it should be used for it.

Is Chrome more secure than Safari?

Safari, to my knowledge as a few vulnerabilities and thus you should be keep away from using it.   I won’t say much about this because we never really know who is actually going to use these but you can bet hackers know of ways to get into your system.

Which Browser is best?

Any browser you think is safe is probably going to be wrong.   I am going to tell you which browsers are safer but none of them are a 100 percent safe.   Each one of them has good and bad but I am going to at least guide you in the right direction.  

Chrome Browser

Chrome is one of the ones, I do recommend but it shouldn’t just be used by itself.   You should add a few extensions to better protect yourself:

  • Adblock Plus — Good to protect yourself from those annoying advertising.   (Please be aware that I use advertising on my site and that is how I pay for my hosting and other things like that.   Please consider white listing my website to allow advertising.)
  • Lastpass — This is one of those that I recommend on a constant basis because it makes sure you create a strong password that you don’t have to remember.   It helps make sure no account password is ever the same!
  • ScriptSafe — Keep unwanted scripts from playing when you visit a website!  Certain web sites should be allowed and white listed, like mine. 
  • Dolphin Connect — I use the Dolphin browser on my Android Device and this is one of those ways to keep track of all your bookmarks.   Not really security related but it is very useful!

These are just a few that I recommend when you use the Chrome Browser.

FireFox Browser

FireFox is another one that I recommend when you are looking to browse the web securely.  Although it isn’t 100% secure because none are.   Some of the Add On’s you should add to your FireFox Browser are:

  • NoScript Security Suite — It is another No Script app that lets you prevent unwanted scripts from running! 
  • Lastpass — Just like Chrome, it helps keep your passwords safe and helps you keep all passwords unique!
  • Adblock Plus — Just like Chrome this can help keep those annoying advertisements from showing but please remember to white list sites that do need to advertise and do not use annoying advertisements!
  • Web Of Trust — This is a good add on for Firefox to know which web sites you can trust more with and which ones that are not trustworthy!  (if you like my site could you review it and let people know what you think about this site!)

As you can see these are the two that I always tell my family to install, I usually don’t tell them to install both but one of these two but it is up to you if you want to have both web browsers installed on your system.   It just varies from person to person which one is better for your use!   I am sure there are more addon’s or extensions that you should add but these are the ones I tell my friends and family to install first.  Which one of these two browsers are you favorite?  Leave a comment and tell others!