( MUST READ) Common Sense Security Strategies in the Digital World

You’ve been Hacked! Pwned! Account Compromised. Bank account emptied. Credit cards were stolen and sold on the dark web. Facebook account hacked, now inappropriate messages or videos sent to your friends and family members. New accounts and credit cards opened in your name. Or worse, you’re on a vacation and suddenly your credit card is declined or you’re in the airport and your flight is canceled. Maybe you’re traveling through an airport and someone skims your credit card and starts making transactions while you’re in the air. What would you do? How long would it take you to respond? How many times have you received a phone call that says you have to pay some portion of a bitcoin (BTC), or a webcam video of you doing something inappropriate is going to be sent to all your contacts. 

These are just a few of the scenarios that can and do happen in our increasingly connected world. With the Samsung Pay and Apple Pay, mobile payments that can be performed with your cell phone, Apple Watch, or Android Wear watch and the increasing number of Mobile devices and Internet of Things (IoT) devices security is paramount for everyone no matter what your career field or socioeconomic status. The purpose of this article is to give you some common sense tips to protect yourself and also give you the ability to help your friends and family stay safe online as well.

Part 1: Facebook:

As of the time of writing this article, Facebook has approximately 2.23 Billion users worldwide and that means that even if you are not on Facebook, many of your friends might be. So you don’t have a Facebook account you say so you’re not at risk? Well, that’s not exactly true because of a trend called cybersquatting…That means that someone can claim your Facebook name and effectively pose as you simply by creating an account in your name even if you don’t have a Facebook account. Or maybe you don’t check Facebook that often. It’s also plausible that someone might make a Facebook account that is similar to yours and people in your network or friends of your friends might send you a friend request thinking that it’s you. Additionally, you absolutely should go into your Facebook account and view your profile as someone else sees it to make sure you’re not sharing information with people you don’t want to. If you’ve seen the news recently, hackers were able to exploit a vulnerability in the supposedly secure tokens that allow you to view your profile as one of your friends.

Part 2: Passwords and Password vaults

There are three kinds of users in this world: 1. Those that use the same password for everything 2. Those that write their passwords down so they won’t forget, and 3. Those that use password vaults/generators. Passwords are the last line of defense when it comes to security and often the first thing that bad guys go after. Commonly referred to as creds, the usernames and passwords are what hackers seek to exfiltrate from the networks and systems they go after. Passwords should be changed at a minimum every 90 days and should be a complex pattern of letters, numbers, and special characters that are not easily guessed or cracked. No dictionary words allowed or any of the potential answers to your secret questions.

It doesn’t matter really the password service you use, just use one. Whether it’s LastPass, Dashlane, KeePass, or Apple’s built-in password manager. Every password in the wild is another chance for a bad guy to exploit.

Part 3: App downloads

Third party app stores are the primary way that ransomware and crypto miners are spread in the wild. Even Amazon’s own app store requires you to allow apps from unknown sources if you don’t have an Amazon-branded device. Bottom line, don’t use app stores you don’t know and us security software if possible (though that doesn’t provide much protection). Mobile apps are special in that each app runs code on a mobile device and can be reverse engineered/exploited by anyone with enough time and effort. Mobile apps are usually digitally signed by Apple and Google, but that is easily faked. Mobile apps live in an operating environment that is full of security vulnerabilities and exploits and many of them cannot be fixed because they are controlled by the carriers or equipment manufacturers. Carriers like T-Mobile, Verizon, AT&T and Sprint, many of which don’t have an interest in fixing the vulnerabilities because they are more interested in getting you to buy a new phone every year or every other year. Because data plans are at a premium, carriers can charge ridiculous amounts of money for data and wireless hotspot plans. With the introduction of 5G service, this will only amplify the speed at which attackers can serve up exploits to mobile users. Apple is notorious for convincing users to upgrade to new devices because of some new feature or operating system version and eventually, devices will no longer run the latest and greatest Operating System (anyone still remember the iPod touch?)

Comments

Post a Comment

Popular posts from this blog

Dedsec All Courses Free Download

Dedsec All Courses BlackHat Hacking Course By DedSec Antivirus Evasion Course By DedSec Complete Course Of Android Hacking By DedSec Complete Course Of Kali Linux By DedSec Complete Course Of WiFi Hacking By DedSec ERC Course By DedSec Facebook And Instagram Hacking Course By DedSec Online Account cracking Course By DedSec Reverse Engineering Course By DedSec Dedsec Latest Fud Ransomware Spamming Course  DOWNLOAD LINK:-  https://drive.google.com/drive/u/0/mobile/folders/1k_GdJtXMC-xyG-Rk-H0qEnqxZwX1R1p3
Read more

HOW TO BYPASS SOFTWARE REGISTRATIONS

Image
  HOW TO BYPASS SOFTWARE REGISTRATIONS  ( I mean bypass softwares which ask keys to register or premium upgrade) ➖➖➖➖➖➖➖➖➖➖➖ REQUIREMENTS Windows (for examples only, debuggers exist across platforms)  A debugger installed: IDA, ollydbg, etc. STEPS Step 1 Test the Program First, run the program that you are attempting to reverse engineer and try to activate it with a random key to verify that you need a valid software key to proceed. This is to verify that we can come up with the keys.  Step 2 Run the Program in a Debugger Run ollydbg. Open up the program you wish to bypass with ollydbg. Click the play button to run the program with the debugger attached. Right click the CPU window, and click Search For > All intermodular calls. Search for high interest DLLs. GETDLGITEMTEXT, will be for dialog boxes, which get called when you try to enter a software key. By stepping into the function with the debugger, we can examine the registration specifically.  SENDDLGITEM could be us
Read more

How to stress/boot/DDoS for free in 2020! [UNLIMITED ATTACKS

Image
 How to stress/boot/DDoS for free in 2020! [UNLIMITED ATTACKS ]  This is a very quick and simple tutorial on how to stress/boot/DDoS for free in 2020 without using your own connection! No rocket science really and I don't encourage anyone to use it against other people since it's just very annoying, but it can be used for stress-testing your own server for example!  Educational Purpose STRICTLY  Go and register :  https://www.stressthem.to/ Go to booter panel by clicking on circular icon  Once you're there all you have to do is fill in the IP and method you want, and the time in seconds, max time you can use on the free plan is 5 minutes (so 300 seconds)
Read more