Category Archives: Security Vulnerabilities

I don’t know who you are: Neither should they – Privacy & Security

Encryption-digital_full-1Secure Communication

With so much going on lately from the NSA’s wholesale captures to the Celebrity iPhone leaks, there really is no reason to allow this to affect you.  There are ways you can protect your privacy online in today’s digital age:

Get a new cell phone every month 🙂

Prepaid cell phones really are about the same cost as the normal phones now.  If you need anonymity and your privacy, changing your number/device every month might be one way to keep you off the grid.

Encrypt your communications

There are a few programs now that support end-end voice & SMS encryption from smart phones to help deter people from listening in. There are also two industry standard methods for encrypting email from end-end: S/MIME & PGP.  (iPhones actually support S/MIME natively 🙂

Secure your credentials

Don’t use obvious addresses/usernames/passwords.  Consider using a security token as well.  That way even is someone obtains your username/password, they can’t login without your token.

Picture-of-the-Day-2-The-perfect-storm-coolfeed.co_.Secure your Data

Plan for the perfect storm (the worst case scenario).  If everything went wrong, how would that affect you?  Don’t upload those photos to the cloud. Make sure all your digital devices utilize encryption that has not been broken or susceptible to attack.  “The cloud is not your friend.  Passwords are not secure.” Write that down in the sand 1000 times tomorrow at the beach 🙂 Balance the risks verses what you need, and understand your solution.

Read those popups BEFORE clicking through them

Make sure you understand them.  They may tell you that your data is not safe.  If you don’t understand them, don’t click through them. Someone may be trying to steal your data or credentials.

Microsoft releases Security Advisory 2963983

Good news!  If you are reading this blog, odds are this does not affect you!  Based on stats, most of my readers use MACs 🙂 Only 13.9% of my readers use Internet Explorer.

Screen Shot 2014-04-28 at 5.17.55 AM

[From Microsoft:]

Today, we released Security Advisory 2963983 regarding an issue that impacts Internet Explorer. At this time, we are only aware of limited, targeted attacks. This issue allows remote code execution if users visit a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an email or instant message.

Our initial investigation has revealed that Enhanced Protected Mode, on by default for the modern browsing experience in Internet Explorer 10 and Internet Explorer 11, as well as Enhanced Mitigation Experience Toolkit (EMET) 4.1 and EMET 5.0 Technical Preview, will help protect against this potential risk. We also encourage you to follow the “Protect Your Computer” guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. Additionally, we encourage everyone to exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders. Additional information can be found at www.microsoft.com/protect.

We are monitoring the threat landscape very closely and will continue to take appropriate action to help protect customers.

Thank you,

Dustin Childs

Group Manager, Response Communications

Trustworthy Computing

Source article: Microsoft releases Security Advisory 2963983 – MSRC – Site Home – TechNet Blogs.