Security Tips with Captain Security

05Nov

What if someone obtained your password and wiped out your accounts? Does this sound crazy? Well it happened to a writer at Wired magazine.  He had his Google account deleted  and his Apple ID was broken into. They then used that to remotely erase all data on his IPHONE, IPAD and MACBOOK. Make sure you always have more than one method of backup and recovery. Also, make sure you use different passwords for different services and change them every 90 days or so. This is an interesting read and the article can be found here http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/.

29Oct

Email is a useful tool but it can also be dangerous. The first thing is be careful what email you open. If you do not recognize the sender and it contains links I would suggest deleting the email. Also do not enable auto preview, this can trigger those links and possibly infect your computer. If you get an email from your bank or some other online service, never click the link to logon. That is an easy way for a cracker or hacker to obtain your information. Remember the saying “Trust but verify” — it applies here.

22Oct

Most people have some sort of wireless network either at home or at work. The question is: are you still running WEP? If you are still running WEP, you should think about changing it. WEP can be cracked in about 30 minutes or less on a busy network. It is very easy to crack. You should use WPA2 and have a preshared key. If you are an enterprise, you should integrate it with a directory service. Finally you should disable SSID broadcast. While someone can still find the SSID, it will keep the people who are curious out.

15Oct

The Apple Mac computer seems to be in vogue lately. The one item I here quite often is Apple Computers do not get viruses and do not get hacked. This is certainly not true. With it becoming a popular choice for executives and Hollywood types the hackers are starting to target it. Make sure you purchase a virus protection package along with keeping the machine patched.

08Oct

You should have some sort of Anti-Virus on your mobile device. Moblie devices are being targeted by scammers and hackers for exploit. With the wave of people using smart phones and the lack of understanding about security, the moblie device platform makes it an easy target.

There are numerous anti-virus platforms that exist, I would suggesting picking one you can trust.

01Oct

Have you ever been at a house where the baby monitor or the cordless phones pick up the neighbor’s conversations? This is sort of like that.

It’s also less about your actual Bluetooth itself and the fact that many people walk around with the Bluetooth enabled on their smartphone when they don’t use it which means it’s open for cybercreeps to Bluetooth their way in.

When you have Bluetooth turned on but not in use, you are basically broadcasting that your phone is on & available for other to Bluetooth to it!

HOW THEY DO IT:

A hacker can run a program on the computer that scans for Bluetooth connections. When they find one, bingo, they connect and they are in.

WHAT THEY TYPICALLY STEAL:

What do they take? Typically things like your address book, possibly your calendar, photos, using your phone to make long distance calls, or they may turn your phone into an impromptu speaker and listen to your conversations.

Three TIPS TO PROTECT YOURSELF:

  1. Turn your Bluetooth to “off” on devices such as your phone when not using the Bluetooth feature.
  2. You can also look at your manufacturer settings to see if there is a “hidden” or “private” mode.
  3. Refrain from sensitive and personal conversations using the Bluetooth device.

Find out more information at this page dedicated to Blue Tooth security: http://bluetooth.com/English/Technology/Works/Security/Pages/SecurityQA.aspx

24Sep

From time to time you need help and you rely on user forums. I want to caution you on what you put on those forums. Helpful people on are on those forums along with dangerous people. The dangerous people can use what you put on those forums for an attack against you. Operating system, switch types, backup types and details about your operation are a no no. If you do need to put this type of detail out their, use an email address that is not related to your company or create an email for using on these forums.

17Sep

Be careful with who you trust. One of the easiest ways to be compromised is to give away your password. Scammers are excellent at what they call social engineering. One of the big tips I have is if someone is asking for information over the phone, ask to call them back to verify the number. If they have problem doing that, then they are more than likely not legit. This goes for credit card numbers and social security numbers. Be careful what you give out.

10Sep

File sharing sites such as dropbox make it very easy to share files. They also make it very easy to be hacked also. My first suggestion is if you have data that is sensitive be careful before putting it on a file sharing site such as this. If you do put on this site, make sure you have a strong password and you change the password every 90 days.

Also, some are starting to consider offering 2 factor authenication. If you have data that needs to be secure, you should enable the 2 factor authenication.

03Sep

One of the items I have been telling my clients if you do not need to have access to a certain country like Russia or China and then you should block that country at your firewall. Why? A majority of viruses and Trojan horses have their origins from this part of the world.

Most firewall’s have a country object configured in them. If not you can always lookup the IP address range.