Connect with us

Technology

Cybersecurity 101: Online Behaviors That You Should Stop Doing

Published

on

Protect your data by not doing these things online

An average person would share a significant amount of personal and identifiable data over the internet to different platforms every time they log in to their social media accounts, buy something online, sign up for a promotion, or just by browsing the internet out of boredom. These data include names, IP addresses, email addresses, location, credit card numbers, and in some cases, sensitive data like intimate messages, phone recordings, and social security numbers.

While many of the online companies right now are promising security to their users, many of these supposedly secured platforms still experience some sort of data leak and expose user data to the privy eyes of cybercriminals because when data are floating out there, there will always be someone who will fish for them.

Cyber attacks are everywhere, and this is the time that people become more vigilant in their cyber usage and data handling. Even huge corporations like Facebook have experienced it in the past.

Safe-keeping your data may be a responsibility of the company you entrusted them to, but you also have to be very careful with the data that you share. In most cases, recklessness of the data owner can lead to tremendous and dangerous data phishing, so prevention is better than cure.

But making sure that your data is protected is not hard. Besides, there’s just enough that you can do to prevent your data from falling in the hands of evil hackers. The first step to safe-keeping your data is by having good online behavior and following basic security protocols.

Nonetheless, we as people have taken for granted some of the basic internet don’ts, putting our data in serious security risk. Here are some of the behaviors that everyone should avoid to maximize the protection of your data.

USING ONE PASSWORD ON ALL YOUR ACCOUNTS

As an average person, it is understandable to have accounts in different social media platforms and websites and to use a single and having a universal password is beneficial in the short run. Memorizing different passwords is truly a tough task for everyone, but the thing about having a universal password is it maximizes the effect of a cyber attack.

When a hacker gets hold of your universal password, he can easily open all your accounts and download all data that is stored in them. Conversely, having a unique password for every account that you have isolates an attack to the site where the obtained password works.

If you’re bothered that having multiple passwords will result in you forgetting about them, there are apps that you can download to manage your passwords in one place. The downside of this, however, is that if the password manager is compromised, all of your passwords is also compromised. The trick in this is to use passwords that are strong but can be remembered easily or safe-keeping them in cold storage or any offline and secured storage in your house or your office.

NOT READING THE TERMS AND CONDITIONS

Terms and Conditions are long, and it’s most definitely understandable if you won’t sit and read all of what’s written there. But always remember that “Terms and Conditions” serve as a contract between you and the service that you are using. All the security and data handling are stipulated there. In most cases, T&C’s are where service would put what kind of data they are collecting from you and how they are going to use it. Without a knowledge of this information that was readily available to you before you signed up for the service, you maybe are giving them data that you don’t consent to or they are selling your data to a third party without you know. It always pays to read the T&Cs.

CONNECTING TO A PUBLIC NETWORK CONNECTION

Here’s the thing, the internet is readily accessible to anyone right now for a low price, so avoid connecting your devices and using public WiFi. By connecting to these networks, you allow other computing systems – computers, smartphones – to see what you are doing in your device. They can also have access to the files saved in your internal storage. This is dangerous especially if you are using public WiFi to submit sensitive information like credit card numbers and social security numbers. As much as possible, if the need is not that urgent, do not connect your device to public networks.

SUBMITTING DATA TO NON-SECURED WEBSITES

But wait, how do you know if the website is secured or not? Well, you have to check the URL. The simplest way to see the security of the site you are in is by looking if it uses HTTPS instead of HTTP. By being vigilant in that way, you can avoid sending data to websites that may potentially use your data in ways you don’t want your data to be used.

CLICKING SUSPICIOUS LINKS AND EMAILS

This is very self-explanatory. If you find a link suspicious, don’t click on it. The same goes with emails as well. If you were informed that you won $1 million for a contest you did not join, do not fall for the ruse. Chances are, these are phishing links, and they will extract your data without you realizing that you have been fooled.

IN CONCLUSION: Being able to protect yourself as much as you can from cyberattacks that may have dangerous consequences for you and your finances keeps your peace. Be vigilant and be cautious with the data that you share online. /apr

A consumer tech and cybersecurity journalist who does content marketing while daydreaming about having unlimited coffee for life and getting a pet llama.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

This Apple Patent Secures 360-Degree Rotatable Camera For Its Watch Series

Published

on

Photo by Luke Chesser on Unsplash

The U.S. Patent and Trademark Office granted a patent for Apple that allows it to include a rotatable camera on its Apple Watch products—a revolutionary innovation to the smartwatch market.

Other brands have teased about introducing a built-in camera on their smartwatches before. However, that entails maneuvering the user’s wrist in a challenging position — proving that the technology is far from ready for launch.

Apple secured a patent that would solve the problem. The Apple Watch patent comes along with 63 newly granted patents for Apple Inc.

Apple Watch Rotatable Camera
Source: 9to5mac

The new patent opens the possibility of future Apple Watches with the ability to capture images and video via a rotatable, pull-out camera.

The patent describes the invention as similar to an extension of the Apple Watch band, where the built-in camera can be pulled out to expose and use it. Primarily, this will enable the Apple Watch user to avoid the tricky wrist-maneuvering.

“Such functionality can replace or at least meaningfully augment a user’s existing camera-enabled iPhone.”

Notably, cameras on smartwatches were initially introduced with similarities to the conventional smartphones where it is stationary on the screen. The patent describes it to have a pull-out functionality where a user can point towards the desired direction.

Furthermore, the built-in camera can even be rotated at a 360-degree angle. Meaning, a single camera can function both as a front and back camera, allowing Apple to save more space, as it is compacted on a very small device.

As described, the camera is placed on the tip of an extendable band where “an optical sensor [is] attached to or integrated within the distal end portion of the camera watch band […] and a data connection between the optical sensor and the watch body.”

The band, where the camera will be placed, is told to be flexible enough that users can manipulate it into any form via twisting and bending. A combination of a “malleable metal core” with “magnetorheological fluid,” and “mechanical links” will comprise the band to help maintain its form. This combination may also help prop the camera end to a fixed position such as bending towards the user to make FaceTime calls.

Users can take photos or record videos by pinching the camera watch band, asking Siri to do it, or by clicking on the Apple Watch screen.

2 Apple Watch with camera in band
Apple Watch Rotatable Camera
Source: Patently Apple

The latest report comes along with Apple’s plans of marketing the Apple Watch Series, as a more independent device from the rest of the company’s products such as an iPhone.

“A smartwatch with the capability of capturing images or videos may enable a user to forego carrying a smartphone when doing some activities, especially activities or environments where it would be difficult to take a smartphone (e.g., hiking, running, swimming, surfing, snowboarding, and any number of other situations),” says in its patent report.

Furthermore, Apple recently announced in its Worldwide Developer Conference that the Apple Watch is getting its own App Store with its own set of dedicated applications mainly focused on its Health functionalities.

Notably, the recent release remains to be a patent. There is no guarantee when we’re exactly going to see the built-in camera function in the Apple Watch or if we are ever going to witness it (at all).

It could yield similar results to Apple’s infamous AirPower—a wireless charging pad that can simultaneously power three devices without the need to place it in specific areas to work. The product never went into production as it proved to be challenging after all.

The future still holds the answer whether or not Apple will be able to make the camera feature with up-to-par quality. Questions regarding the camera’s quality, its strength, and durability of the camera band remain as a mystery.

On the other hand, if Apple does decide to push through with the invention and follow Apple’s standard with product quality, it could easily win over the current market, which is already dominating.

As of 2018, Apple’s Apple Watch Series still takes first place on the market for smartwatches with a total of 51% global market share. It is selling like hot pancakes as Apple’s shipments increased by 1.4 million units compared to the same quarter in the previous year, for a total of 9.2 million units shipped in Q4 2018.

Continue Reading

Politics

‘Youtube’ Removes ‘Project Veritas’ Leak Exposing The Bias Of ‘Google’ Against Trump

Is Google the only one who can prevent a “next Trump situation?” A Google exec thinks so.

Published

on

Jen Gennai said that Google is the only one that can stop Trump victory. Photo: Carlos Luna | Flickr | CC BY 2.0

As the election season approaches, Google’s video-streaming service, Youtube, took down a video that exposed the California-based technological superpower of being politically biased against the President and his bid for the next election.

The video, which has since been removed from the platform by Youtube, shows a senior employee at the company appearing to admit that the company plans to interfere in the next presidential election to stop Donald Trump.

The video is part of the Project Veritas, that has exposed numerous scandals corruption, dishonesty, self-dealing, waste, fraud, and other misconduct by private individuals, corporations, politicians and government agencies. It was founded by James O’Keefe and claimed that it aims to “further the common good and general welfare of the citizens of the United States by conducting investigations into waste, fraud, abuse, corruption, dishonesty, self-dealing and other misconduct for the purpose of educating the public, stakeholders, policymakers, and communities in order to create a more ethical and transparent society.”

Only Google can prevent “next Trump situation”

The said video is still available in the Project Veritas website and featured undercover footage of a top Google employee, Jen Gennai, who preaches that the company, Google, should not be broken up because they still need to stop the reelection of the President and only they can prevent “next Trump situation.”

“Elizabeth Warren is saying we should break up Google. And like, I love her but she’s very misguided, like that will not make it better it will make it worse, because all these smaller companies who don’t have the same resources that we do will be charged with preventing the next Trump situation, it’s like a small company cannot do that,” the video revealed appearing to be said by Gennai.

In the same video, Gennai appears also to declare that Trump’s victory in the 2016 elections “screwed us (Google).”

“We all got screwed over in 2016; again it wasn’t just us, it was, the people got screwed over, the news media got screwed over, like, everybody got screwed over, so we’re rapidly like, happened there and how do we prevent it from happening again,” she added.

“We’re also training our algorithms, like, if 2016 happened again, would we have, would the outcome be different?”

They need to change the law to force Google to change

Gennai is also strong in its stance that government pressure and intervention could not force Google to change its ways. She said that if the lawmakers want to change how Google behaves, they have to change the law.

“We got called in front of Congress multiple times, so we’ve not shown up because we know that they’re just going to attack us. We’re not going to change our; we’re not going to change our mind. There’s no use sitting there being attacked over something we know we’re not going to change. They can pressure us, but we’re not changing. But we also have to be aware of what they’re doing and what they’re accusing us of,” she said in the video.

Gennai works on “responsible innovation” in the Global Affairs division of Google — the same division run by Kent Walker, the Google VP who has declared his intention to make the populist-nationalist movement represented by Donald Trump a “blip” or “hiccup” in history, which he said, “bends towards progress.”

This rhetoric coincides and corroborated earlier leaks that exposed other top managers and officials from Google to have made similar statements involving the same sentiments.

Similar sentiments from other Google execs

Earlier this year, a Google engineer, Mike Wacker, published an email showing an official from the tech superpower telling his subordinates that the Trump election victory motivated the company’s stand on fake news.

“Also, I posted a comment on a meme regarding fake news on Search, and someone reported it to [Human Resources]. I didn’t say I was in favor or against, just cautioned that we need to be car[e]ful. My manager brought it up in our 1:1 last week. Made me feel very uncomfortable for having an opposing view. He said we need to stop hate [speech] and fake news because that’s how Trump won the election,” Wacker wrote in his post.

“I obviously didn’t say anything and just wanted it to end. I [redacted] would like to see all managers be required to take political bias training.”

Continue Reading

Technology

‘Operation Soft Cell’ Linked To State-Sponsored Chinese Hacking Group

Operation Soft Cell has been operating since 2012.

Published

on

The operation is called Operation Soft Cell. Photo: The Preiser Project | Flickr | CC BY 2.0

A Chinese-linked operation has been found to be stealing sensitive call data, including identifiable information by breaching into telecommunication network in order to gain espionage intelligence on high-value targets, a report reveals.

The operation, called Operation Soft Cell, was discovered by the cybersecurity research firm Cybereason and was said to have been operating since 2012 – which makes a total of seven years of hacking into telecom systems and networks from different countries around the world. Furthermore, researchers have also found evidence that the operations have been attacking cell networks a few years before 2012.

A state-sponsored operation

Researchers have linked the operation to a China-based hacking group APT10 as the tools, and TTPs used in the attacks are commonly associated with the Chinese threat actor. They also believed that the said attacks are state-sponsored and highly coordinated.

“We’ve concluded with a high level of certainty that the threat actor is affiliated with China and is likely state-sponsored. The tools and techniques used throughout these attacks are consistent with several Chinese threat actors, specifically with APT10, a threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS),” the researchers said in the report.

The attacks, as per the tech experts, were aimed to obtain CDR records of a large telecommunications provider. The threat actor was attempting to steal all data stored in the active directory, compromising every single username and password in the organization, along with other personally identifiable information, billing data, call detail records, credentials, email servers, geo-location of users, and more.

Modifying attacks wave after wave to prevent being linked

And the attackers have been evolving, changing their techniques now and then to prevent the attacks from being linked to each other.

“During the persistent attack, the attackers worked in waves- abandoning one thread of attack when it was detected and stopped, only to return months later with new tools and techniques.”

The attack began with a web shell running on a vulnerable, publicly-facing server, from which the attackers gathered information about the network and propagated across the network. The hackers attempted to compromise critical assets, such as database servers, billing servers, and the active directory. As the malicious activity was detected and remediated against, the threat actor stopped the attack.

The threat actor changed activity every quarter. Photo: Cybereason

The second wave of the attack hit several months later with similar infiltration attempts, along with a modified version of the web shell and surveillance activities. This cycle is said to continue, with the attackers and white hats play a game of cat and mouse. Every time white hats corner the attackers, they stop and return with a modified attack a few more times in the next four months.

Espionage is the primary motivation

According to the researchers, they can pinpoint several motives behind this massive cyberspace intrusion. They said that as hacking operations become one of the newest frontiers of global power struggle, institutions that store a vast amount of data started to become the target. And telecommunication corporations became one of the most vulnerable sectors.

“Due to their wide availability and the fundamental service they bring, telecommunications providers have become critical infrastructure for the majority of world powers,” they wrote in the report.

“Threat actors, especially those at the level of nation state, are seeking opportunities to attack these organizations, conducting elaborate, advanced operations to gain leverage, seize strategic assets, and collect information. When successful, these attacks often have huge implications.”

Furthermore, the researchers said that when an attack as big as this and with state support, the motive is usually not financial but instead, they aim to collect data like intellectual property and sensitive information about their clients.

One of the most valuable pieces of data that telecommunications providers hold is Call Detail Records (CDRs). CDRs are a large subset of metadata that contains all details about calls, including Source, Destination, and Duration of a Call, Device Details, Physical Location, Device Vendor, and Version.

This information is invaluable for threat actors as they give them intimate knowledge of any individuals they wish to target on that network. Having this information becomes particularly valuable when nation-state threat actors are targeting foreign intelligence agents, politicians, opposition candidates in an election, or even law enforcement.

“Beyond targeting individual users, this attack is also alarming because of the threat posed by the control of a telecommunications provider. Telecommunications has become critical infrastructure for the majority of world powers. A threat actor with total access to a telecommunications provider, as is the case here, can attack however they want passively and also actively work to sabotage the network,” they added.

Continue Reading

Trending