Cultivate Self-Defense

Cyber crime is not a new word for most of us. However, netizens continue to risk their identities and become vulnerable to cyber crimes. This includes children as young as one or two. Despite these issues are becoming an urgent problem in the cyber world, there are many who overlook these bad signs and incidents that occur around them. Unknowingly, there are threats lurking behind every face of some Facebook account and are difficult to track even with enough resources.

A number of activists and internet experts have surveyed and have stated that these issues are increasing over the years. It is a pressing situation where even as security is being dispatched; the cyber criminals are also improving their skills at hacking and other trickery. To top it all, the consumers are not very cautious about their online safety and are being subjected to sexual, emotional, physical, and financial abuse. To ensure that the users take up their safety as a responsibility, here are some tips that might help to keep such threats at bay.

 

# 1 Password safety

Passwords are usually the most personal prerogative that a person can have. Set passwords that are strong and unique, but not the obvious. Crete one with a combination of lower and uppercase letters, numbers, symbols and special characters. Do not keep the same passwords for multiple accounts. Change them regularly and do not share any of them with anyone not concerned with you in any way. Use the help of a Password Manager to help you with it. There are many such tools available.

 

# 2 Protect your Devices while Online

While online (or offline), ensure that whatever devices you use, are protected with a trustworthy security software. Update yourself with the latest threats and software that appears in the market.

 

# 3 Manage Network-related Devices

Since most devices are connected with each other, there are high chances that confidential and personal data can be transferred or passed on. So while installing a new network, ensure that the default passwords are changed immediately. Disable any unused devices and set a strong Wi-Fi encryption to prevent anyone else from accessing your devices and network.

 

# 4 Guard yourself against Phishing Activities

No matter how good you are at tracking fake e-mails or websites, there seems to always be someone smarter than you are. Be cautious and double-check your e-mails and links that you receive before clicking on them (especially when you do not know the sender). Many of these emails or links come from sources that are illegal or fake. They appear to be legitimate but may easily gain access to your system or act

# 5 Beware of public Wi-Fi Networks

Be careful while logging in or passing on your personal information to make some expenses through an outside source, like unprotected public Wi-Fi networks. Sharing your personal details and transferring data through unknown devices or unknown networks may make you more vulnerable.

 

Now that you know these simple tips that can be used in your everyday life, make it a point that you will protect yourself from unknown network sources and devices. Refrain from sharing your personal details with unauthorized organizations or individuals. Enjoy your online experiences with a little caution.

Protect your Outlook Data File with a Password

Passwords have become the sole solution to maintain your privacy, at least from those prying users who share your system. Privacy is in everything, including work. Emails from clients and important confidential details relating to your team art some of the data that you want to protect. Your Outlook account makes work-life convenient, but if you want to keep your details under cover, read on. Here is a set of simple steps to ensure your Outlook files are not leaked out.

A word of caution: If you forget the password you set to protect your Outlook data file or account, it cannot be traced again. Microsoft does not promise to retrieve your lost password once set. Therefore, it is recommended that you store it elsewhere for a rainy day.

 

How to Password Protect my Outlook Data File?

  • In your Outlook Account window, click on File option, located at the top-left corner of the page
  • Select Account Settings. From the drop-down menu, select Account Settings
  • .A window will appear that contains a line of tabs placed at the top. Select the Data Files option
  • Choose Settings. Select Change Password.
  • If you have a password already set, type it in the Old Password blank space
  • If not, proceed and type in your new password in the New Password and Verify Password blank spaces. Make sure that your password is only 15 or less in characters
  • Click on OK. Your Outlook Data File is now password-protected.

 

Now that you have password-protected your Outlook Data File, you can be assured that your work details are safe from unwanted visitors to your system.

Fb says no to “bogus” news

Freedom of Speech has many netizens to “share” news on their Facebook timelines in succession. However, it is unfortunate that a major portion of the Fb users is spreading news and rumors without verifying them. This is quite an issue, as people seem to be abusing this right to speech. In addition, many are being offended by this irresponsible expression. Nevertheless, before discussing that, let us see what Facebook CEO Mark Zuckerberg has initiated on the social site in response to this.

Zuckerberg had declared in the month of December 2016 that the social site would allow users to report to the authorities if they suspect any untrue news on the social site. This reported information would then be checked for authenticity by third-party fact-checking organizations like Snopes and Politifact. They look for any presence of inaccuracy in the content. If the posts were found to be fabricated or bogus, they would be labeled as “disputed”. A link navigating to the fact-checking sites will also be provided so the users can explore the reasons behind that label.

After being reported, it takes time for the post to undergo scrutiny thereby, delaying the entire process of labeling the post as disputed. In addition, this requires at least two fact-checking organizations to authorize before the post is labeled as disputed. Those posts that are labeled as “disputed” do not seem to be deleted or removed from the website. In addition, the post may be authentic losing out the purpose of being circulated.

However, who validates these fact-checking sites’ research? The sites should be committed to the Code of Principles laid down by the well-known journalism non-profit Poynter. Although this is progress, some are not very convinced by this initiative as being effective.

How do I Disable “Remember Password” option in my Browser?

The “Remember Password” is a very common option that appears in most browsers, when you have to provide personal information in websites. It was introduced to ease the user’s access into frequently visited sites and accounts. When the user wants to log in into a website or account, the browser asks if they want to “remember password” so they do not have to repeat the process. It saves time too. This option is often used at workplaces and home computers.

But today, this option has assisted the occurrences of many cybercrimes. Entering into accounts with the already saved passwords is now a piece of cake for intruders and other users. This has done more harm than help and many prefer to log in or sign in without having to save the passwords.

However, how do you clear out already saved passwords? If your passwords are already saved and you want to delete them from the browser’s memory, follow these steps. Steps to disable that option is also given here. These steps are only with respect to two major browsers; Mozilla Firefox and Google Chrome.

 

How do I disable “Remember Password” option in Chrome?

  • Click on the vertical “three dots” located at the top, right-hand corner of the browser
  • From the drop-down menu, select Settings
  • Scroll down and click on Show Advanced Settings
  • Scroll down to Passwords and Forms and uncheck Offer to Save your web Passwords
  • To delete already saved passwords, click on the Manage Passwords on the left of the previous option
  • From the list that appears, hover over across the website, whose password you want to delete and click on the X mark you find on the right end
  • If you want to delete all of them, just press Ctrl + A and then Delete on your keyboard
  • When you are done, click on Done and the list of all the saved passwords is cleared

How do I Disable “Remember Password” option in Firefox?

  • Click on the horizontal “three dots” located at the top, right-hand corner of the browser
  • From the drop-down menu, select Settings
  • Scroll down to Advanced Settings and click on View Advanced Settings
  • Scroll down to Privacy and Services and uncheck Offer to Save Passwords
  • To delete already saved passwords, click on Manage my saved passwords
  • From the list that appears, hover across the website, whose password you want to delete and click on the X mark you find at the right end
  • If you want to delete all of them, just press Ctrl + A and then Delete on your keyboard

These simple steps are easy to follow and takes a fraction of a second to process. Now that you have disabled the “remember passwords” option and deleted previously saved passwords, you can relax and be assured that your privacy is taken care of. However, if you want to change your mind and save the passwords, you just have to enable the “remember passwords” option.

How to sign out of Gmail safely?

One of the nightmares of the online world is to leave your account susceptible to cybercrime. Sometimes, in a hurry or absent-mindedly, you may leave your Gmail account without logging out. It could be because of either sharing your system with another user, in a cyber café or just plain forgetfulness. Whatever it is, your privacy is at stake and sometimes it might be too late to secure it.

Keeping in mind the hassles the user might get into, Gmail provides a tiny option located at the corner of your mailbox to log out and save you from potential danger. Using this feature, you can close down all your active sessions in a single click. Here is how you can enable it:

 

  • Login to the desired Gmail account from any web browser
  • At the bottom of your inbox, you will find a section called the Last Account Activity with the option Details
  • Click on Details which will open a new window
  • In the window, you will find a list of all the recent activities displayed with a button to close all sessions
  • Select it and your recent activity will terminate

 

Once you have the list of the recent sessions, you can read through to find any specific session or app you want to close. This way, you are logged out in a single click. The first column that says Access Type will display all the details of the recent sessions that include device, application and the mail server through which you accessed into Gmail. If a particular session is not in the list, chances are that your account has been visited by a stranger. It is recommended that you change your password immediately to prevent further intrusions.

If you Authorized Applications in the list, click on Show Details, followed by Manage Account Access. A complete list of all the applications that you have provided access to Gmail for will be displayed. Details regarding the date of access and the which app will also be provided. A button to invalidate the authorization, present on the page can be used.

This option is exclusive to Gmail accounts. If there are any further security issues, a third-party software’s interruption may be required. But this method can guarantee safety of your personal details if used before it is too late.

Block out political posts on facebook in just a few clicks

Surfing through Facebook is an enjoyable experience. One can endlessly scroll through new posts to read news feeds and posts that are written on your timeline. But not everything that appears on the ‘News Feed’ is pleasant. People’s tastes are different especially when it comes to politics. So, there might be those ugly attitudes and comments someone throws on political issues that you might not agree with. Then, how do you get rid of them?

Most of the established web browsers provide add-ons or plugins that can be used in blocking unwanted posts and matters preferred by the users. But these are very minimal in their performance. Here are some well-known filters that will help you tweak your settings so that you can regularly experience irk-free browsing on Facebook

Hide or Unfollow a post or profile –  If there are any posts that you dislike coming across on your Facebook account, you can simply use the Hide option to “hide” those similar posts that keep appearing on your news feed. When you “hide” a particular type of post, a notification is sent to Facebook that says that you do not want similar posts pop up in your news feed.

Unfollow a profile or friend will keep your account free of that friend’s posts and shares. This option is used when you do not want to see a particular friend’s posts. However, you are still “friends” with that person. A disadvantage is that once you unfollow your friend, you may not receive almost any of their posts.

Remove all Politics from Facebook – This is a simple Chrome add-on that by default avoids posts with the use of keywords that are picked from the user’s recent activity. This option, however, is present and the user cannot choose the settings.

Leech Block – blocks certain unwanted sites by barring your access to them. There are up to 6 domains that can be chosen for the same. The sites can be blocked for a time span accordingly so you are not disturbed often. This keeps you away from wasting your time and gives accessibility to the site only when you want.

Social Fixer –  This is a customized option that helps you manage what you want to filter. You can find this option on the Facebook toolbar. It also helps in eliminating sponsored advertisements and spoilers. Chrome, Firefox, Opera, Edge, and Safari are a few of the browsers that support this option. You can “create a new filter” and select particular posts, political party, persons or issue that you want to hide.

News Feed Eradicator for Facebook – Some filters cannot block certain memes and some tricky posters’ way of expressing their thoughts. This add-on will remove the user’s live ticker and news feeds. A feature of this add-on that you can’t find in the others is that it replaces those removed matters with interesting quotes. You can also add in your own quotes and messages.

How to Setup Two Step Verification In WhatsApp

WhatsApp has introduced new and more fortified security feature to its users. With this new security feature, your account is secure more than ever. This is very helpful for securing the users information and integrity of accounts.

The previous verification process required a phone number to receive OTP. And using this OTP you can setup your account in the new device. But it seems there were loopholes in the verification system of WhatsApp. This was noticed after a few incidences with applications like yahoo and telegram. New verification system is more fortified than preciously.

With the OTP only system of Account Setup, a hijacking can be carried on easily. Even a person with little knowledge of hacking can hijack your account. This loophole is in the account setup procedure itself. Any hacker can redirect your SMS to his system or if your phone gets stolen, your sim card can be used for the purpose. As the hacker gets OTP, your account is theirs. This is a huge threat to all the users, but not anymore.

Introducing Two Step Verification In WhatsApp

In order to face this grave situation that makes the user information most vulnerable, WhatsApp introduced this two-step verification for setting up of your account. This asks for your email id to send a verification link. This changes the way you enter into your account, now you know if someone wants to use your account without permission.

How to Enable Two Step Verification

1 – Launch WhatApp

2 – Go to Settings > Account

set up two step verification img 1

 

3 – Tap Two-Step Verification

set up two step verification img 2

 

4 – Tap Enable > Enter 6-digit code and re-enter to confirm it

set up two step verification img 5

 

5 – Enter Email ID and confirm it on the next screen

set up two step verification img 4

 

6 – Tap on Done

set up two step verification img 6

 

This will make your account secure with the new two-step verification feature. Now you can get a notification on your mail whenever someone tries to alter with your account.

The email id is an optional for the two-step verification process. It is recommended that you enter your email id so that you can recover your password in case you forget. WhatsApp also recommends the same, stating that you would need your email id to recover your password.

So next time when you want to add a new phone number to your WhatsApp account or want to setup in a new device, you will need your 6-digit passcode. WhatsApp requests users to use a valid email id and it does not perform email verification. So if you want your passcode to be sent to your email id, you will be able to get it.

This is one of the best security features for its users as they don’t have to perform extensive settings. This is also useful as there is an additional email id involved in securing your account.

New Cry Ransomware Attacks Computers via Google Maps API

Heard about the recent ransomware threat “Cry”?

Well, it was discovered on last week by security researchers “MalwareHunterTeam”.  Like many of the similar ransomware programs, this appears to come from a government agency called “Central Security Treatment Organization”.  If infected a computer, this ransomware will encrypt the victim’s files to .cry extension. Then, it will then demand approximately 1.1 bitcoins or $625 USD to provide the decryption key.
This ransomware, has already begun to known by a number of names including Cry, CSTO ransomware, etc. Lawrence Abrams, owner of BleepingComputer.com along with MalwareHunterTeam, and Daniel Gallagher, have analyzed some of the characteristics shown in this ransomware. For them, this ransomware can send information about the victim to the Command & Control server using UDP (User Datagram Protocol). It will also websites such as Imgur.com and Pastee.org to put victim’s information. And, to your surprise, it will choose Google Maps API to find the victim’s location with the help of nearby wireless SSIDs.

Abram explains how this ransomware deals with Imgur:

“Once the file has successfully been uploaded Imgur will respond with a unique name for the filename. This filename can be broadcasted over UDP to the 4096 IP addresses to notify the Command & Control server that a new victim has been infected”

Many details about this ransomware is still has to be unveiled. But one thing is sure – within two weeks, this ransomware have infected around 8000 computers!

How Cry Ransomware attacks your Computer?

Mostly, spam email attachments are the main delivery method of Cry ransomware. Those mails will have elements to convince the victim that the attachment is a reliable invoice, bank statement, ticket or any other harmless file. If the user download that file, the ransomware infects user’s computer and it searches for file types that are important for the user. Such important files become encrypted leaving all other parts of computer to remain functional so that it can demand payment of the ransom.

If a computer is infected with CRY ransomware, it may leave some ransom notes “Recovery_[random_chars].html” and “!Recovery_[random_chars].txtencrypts” on a user’s desktop. These notes inform that the user’s files have encrypted with .cry extension. And to decrypt those files, it demands 1.1 bitcoin ($625).

5 Biometric Authentication Techniques That May Reach You Soon

Certainly, we have witnessed the growth of biometric authentication methods over these years. Some of these methods like Face recognition, fingerprint identification, retina scan, voice scan, etc. will be familiar to you. Here, let’s find out some techniques that can make a changeover on tomorrow’s biometric authentication discussions.

1. Cognitive Biometrics

It’s an authentication technique relies on a user’s reaction when brought in touch with a familiar photo, video, etc. for example. There would be equipment like Electroencephalogram, Electrocardiogram to receive these nervous responses. The stored responses will be validated with new responses created by making the same stimulus again on that person.

2. SkullConduct

This technique was actually formulated by few German scientists to provide users a more secure access to their devices. As the name SkullConduct says, it involves the use of a human skull. A head-mounted device will emit an ultrasonic sound that passes through one’s head creating waves of unique frequency bounce around their heads – so as to create noticeable patterns that unique for each person. This technology has somehow managed to enter the mainstream of biometric by its partial implementation in Google Glass.

3. Breathprint

Recently, some swiss scientist figured out an authentication technique using a breathalyzer and assigned a name for this technique – Breathprint. “Whatever we exhale is unique to us”- This is the core idea and the reason behind the development of this technique.

4. DNA Profiling

None of us would be unaware of the current DNA profiling techniques that are more commonly known by the names DNA fingerprinting, DNA testing, etc. The most acknowledged factor of this molecular level authentication is that the chance of two people having the same DNA profile is less than one in a million. Astounding developments are supposed to occur in this field in the upcoming years.  And, DNA profiling hasn’t grown much beyond forensic applications till now. However, as per the recent studies, DNA profiling can even use to predict the appearance of a person in the near future.

5. Even a Cough Can!

What more? Even the voice coming out from our throat would be used for authentication purposes in future! All types of audible emissions from your throat like a cough, gulp, etc. whichever having a particular frequency can be analyzed and use as a valid authentication method.

As the cyber world expands to new horizons, there would be more and more personal data involved around it. The current user authentication techniques are supposed to become obsolete soon. So, the less intrusive technologies with enhanced security characteristics are bound to find their places.

Should Android Users Really Care about Quadrooter Security Flaw?

Last week, the leading discussion among cyber security circles was about Quadrooter, a security bug reportedly targeting Android devices. There were rumors like – already 900 million Android devices are on threat because of this security bug. We, Safe with Tech team is trying to disclose what’s the actual reality behind these rumors.

Where it started?

It was security researcher Adam Donenfeld from Check Point Software presented four security vulnerabilities of Android devices based on Qualcomm chipsets. Qualcomm reviewed these reports and instantly released patches for security flaws.

Collectively, these vulnerabilities became known by “QuadRooter”, as it provides attackers the root privileges. And individually, these flaws got names “CVE-2016-2059”, “CVE-2016-2503” , “CVE-2016-2504” and “CVE-2016-5340”. These flaws were reported in Qualcomm drivers that’s been given to device manufacturers.

Google Says it has released three patches for the first three flaws through its security bulletin for nexus devices. Anyhow, it has flagged CVE-2016-2059 as low severity and according to them, it can be mitigated through SELinux(a kernel extension to reduce exploitation of some flaws by implementing certain access controls)

What is Check Point’s explanation on this?

Check Point explains the threat will not affect users through web browsing, emails, chats but rogue applications could be a reason. Check Point says Google’s view on CVE-2016-2059 is not at all feasible. They’ve already released a free application on Google Play for users to check whether their devices are affected by any of these flaws.

A different Stand Point

Check Point, the one initially figured this vulnerability says about the mobile threat detection that’s already present on Android phones. It’s called “Verify Apps” that’s practically available all of those 900 million devices since 2012.

This “Verify Apps” scans your Android device whenever you install new apps and features into your phone. It’ll resist you if you try to install any dangerous app to your device and verify if any of your installed app starts doing anything suspicious.

From Gingerbread, this feature is available on Android. So, almost 99% of Today’s Android devices are powered with Verify Apps. And from Google’s point of view Verify Apps can watch out any Quadrooter related security threat. They provide monthly security patches on a regular basis.

What’s up of the Users?

Since there’s no so serious threat reports from Google about this update till now, consumers don’t have to think too much. They just have to make sure that, the apps they’re installing should be verified. Moreover, the basic security measures are available on your phone itself, so be less worried on that.