What is phishing and spear phishing?

One of the most basic practices every cybersecurity guide will recommend is not to click on links and attachments contained in emails coming from unknown sources, and to think twice even if they come from seemingly trustworthy sources.

You think it’s unnecessary caution? Ask John Podesta, chairman of Hillary Clinton’s presidential elections campaign. This is exactly how he (or the operator of his email account) gave away his accounts credentials to hackers. The breach led to a series of damaging and embarrassing leaks which might have cost his boss her chance of becoming president. Continue reading

Advertisements

How to boost the range and security of your home WiFi network

By Muhammad Asfand Yar, List Enthusiast

Everybody seems to love WiFi. So do I. After all, who doesn’t want to have seamless internet access, across different devices, while roaming around their house. But this apparent ease of installation and usefulness can make your WiFi network slow sometimes and vulnerable to attacks. To help you out, here is an infographic by List Enthusiast which discusses how we can improve the overall state of our home WiFi networks.

Here are some of the main takeaways from that infographic about how to boost signal range and WiFi security. Continue reading

What is encryption?

The main takeaway from the buildup of developments in the cybersecurity landscape is that privacy is becoming a commodity. The CIA is spying on your phone. Hackers are breaking into your home. Your documents, emails, messages, can be intercepted. And Congress is empowering ISPs to pry into your communications.

Long story short, nothing remains secret.

Under such circumstances, encryption becomes your best friend, your last line of defense in protecting your information. Continue reading

Evolving your security operations strategy to fit the cloud

By Oliver Pinson-Roxburgh, Alert Logic

The decision to move to the cloud may seem an obvious one. It’s faster, more scalable, and more agile. However, security remains a concern, and rightly so. The foundational infrastructure delivered by cloud providers is secure, but guaranteeing the protection of the applications, workloads, and data you run on top of it is your responsibility—and it isn’t one to be taken lightly.

A traditional on-premises security operations strategy simply won’t cut it anymore. In its place, you need a cloud-specific security strategy to protect your critical data from an ever-growing variety of advanced threats. Outlined in this article are four elements for any security official to consider when making the jump to a cloud system. Continue reading

After the CIA leaks, cybersecurity should be everyone’s business

Last week, WikiLeaks dropped a bombshell on intelligence agencies by publishing a trove of classified documents dubbed “Vault 7.” The revelations gave a damning account of government surveillance powers and hacking capabilities.

It was also a testament to how vulnerable the increasing number of Internet-connected devices we own can make us. And if you think you shouldn’t worry about what hacking capabilities the feds have, think again. Three-letter-agencies aren’t the only ones who are looking for security holes in hardware and software.

As with every hack that makes noise, the Vault 7 leak is associated with new facts, old misunderstandings and some very important lessons. Here’s what you need to know about the latest batch of information that WikiLeaks has spilled into cyberspace. Continue reading

Why are public WiFi networks insecure?

Public WiFi network

If you follow tech and cybersecurity news, this is something that you see a lot: Public WiFi networks, the free wireless networks found at hotels, airports and cafes, are unsafe and can cut you some major cyberslack.

As is the case with most threats, when something is publicized a lot, people tend to become less sensible and ignore it. It becomes common belief that the danger will mostly apply to other people and not me. (This is one of the weirdest aspects of human nature, finding one’s security in the insecurity of others.) Continue reading

Dealing with social engineering at times of uncertainty

Protest

Human failure is the single biggest contributing factor to security incidents, hacks and data breaches. Social engineers, cybercriminals that invest in human errors rather than technical vulnerabilities, are always on the lookout for exclusive opportunities to incite strong feelings in their targets and prod them to make a fatal mistake.

The anxiety and uncertainty surrounding the immigration ban in the U.S. provides the perfect climate for social engineering attacks, a fact that is largely ignored while the political aspects of the ban are being highlighted and fanned with ample frequency by the media. Continue reading