As I write this blog post, I’m digitally exposed, and I know it. For the past week, I’ve had to log on to a hospital’s public Wi-Fi each day to work while a loved one recuperates.
What seems like a routine, casual connection to the hospital’s Wi-Fi isn’t. Using public Wi-Fi is a daily choice loaded with risk. Sure, I’m conducting business and knocking out my to-do list like a rock star but at what cost to my security?
By using public Wi-Fi, I’ve opened my online activity and personal data (via my laptop) up to a variety of threats including eavesdropping, malware distribution, and bitcoin mining. There’s even a chance I could have logged on to a malicious hotspot that looked like the hospital network.
Like many public Wi-Fi spots, the hospital’s network could lack encryption, which is a security measure that scrambles the information sent from my computer to the hospital’s router so other people can’t read it. Minus encryption, whatever I send over the hospital’s network could potentially be intercepted and used maliciously by cybercriminals.
Because logging on to public Wi-Fi is often a necessity — like my situation this week — security isn’t always the first thing on our minds. But over the past year, a new normal is emerging. A lot of us are thinking twice. With data breaches, privacy concerns, the increase in the market for stolen credentials, and increasingly sophisticated online scams making the headlines every day, the risks of using public Wi-Fi are front and center.
The solution to risky public Wi-Fi? A Virtual Private Network (VPN). A VPN allows users to securely access a private network and share data remotely through public networks. Much like a firewall protects the data on your computer, a VPN protects your online activity by encrypting your data when you connect to the internet from a remote or public location. A VPN also conceals your location, IP address, and online activity.
Using a VPN helps protect you from potential hackers using public Wi-Fi, which is one of their favorite easy-to-access security loopholes.
If you (or your family members) travel and love to shop online, access your bank account, watch movies, and do everyday business via your phone or laptop, a VPN would allow you to connect safely and encrypt your data no matter where you are.
A VPN can mask, or scramble, your physical location, banking account credentials, and credit card information.
Also, if you have a family data plan you’ve likely encouraged your kids to save data by connecting to public Wi-Fi whenever possible. Using a VPN, this habit would be secured from criminal sniffers and snoopers.
A VPN allows you to connect to a proxy server that will access online sites on your behalf and enables a secure connection most anywhere you go. A VPN also allows hides your IP address and allows you to browse anonymously from any location.
To use a VPN you subscribe to VPN service, download the app onto your desktop or phone, set up your account, and then log onto a VPN server to conduct your online activity privately.
If you are still logging on to public Wi-Fi, here are a few tips to keep you safe until VPNs become as popular as Wi-Fi.
Verify your connection. Fake networks that mine your data abound. If you are logging on to Wi-Fi in a coffee shop, hotel, airport, or library, verify the exact name of the network with an employee. Also, only use Wi-Fi that requires a password to log on.
Don’t get distracted. For adults, as well as kids, it’s easy to get distracted and absorbed with our screens — this is risky when on public Wi-Fi, according to Diana Graber, author of Raising Humans in a Digital World. “Knowing how to guard their personal information online is one of the most important skills parents need to equip their young kids with today,” says Graber. “Lots of young people visit public spaces, like a local coffee shop or library, and use public Wi-Fi to do homework, for example. It’s not uncommon for them to get distracted by something else online or even tempted to buy something, without realizing their personal information (or yours!) might be at risk.”
Disable auto Wi-Fi connect. If your phone automatically joins surrounding networks, you can disable this function in your settings. Avoid linking to unknown or unrecognized networks.
Turn off Wi-Fi when done. Your computer or phone can still transmit data even when you are not using it. Be sure to disable your Wi-Fi from the network when you are finished using it.
Avoid financial transactions. If you must use public Wi-Fi, don’t conduct a sensitive transaction such as banking, shopping, or any kind of activity that requires your social security or credit card numbers or password use. Wait until you get to a secured home network to conduct personal business.
Look for the HTTPS. Fake or unsecured websites will not have the HTTPS in their address. Also, look for the little lock icon in the address bar to confirm a secure connection.
Secure your devices. Use a personal VPN as an extra layer of security against hackers and malware.
The post The Risks of Public Wi-Fi and How to Close the Security Gap appeared first on McAfee Blogs.
This week, we welcome Harry Sverdlove, Chief Technology Officer of Edgewise for an interview, to talk about The Future of Firewalls! In the Technical Segment, we discuss some Enterprise-ish Network Security hardware and software that we've incorporated here in our Security Weekly Studio! In the Security News, why it's way too easy to sell counterfeit goods on Amazon, how to defend against the runC container vulnerability, creating a dream team for the new age of cyber security, how you can get a Windows 95 emulator for Windows 10, Linux, or MAC, DEF CON goes to Washington, and InfoSec institutes top podcasts that take your computer skills to the next level!
Full Show Notes: https://wiki.securityweekly.com/Episode594
To learn more about Edgewise, visit: https://www.edgewise.net/security-weekly
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Another week, another conference. This time it was Microsoft Ignite in Sydney and as tends to happen at these events, many casual meetups, chats, beers, selfies, delivery of HIBP stickers and an all-round good time, albeit an exhausting one. That's why I'm a day late this week having finally arrived home late last night.
Moving on though, I've got a bunch of other events coming up particularly in conjunctions with the folks at NDC. Brisbane in a couple of weeks, Gold Coast in April then Minnesota in May. Oh - plus Oslo in June and stretching out beyond that, Sydney in October. The link in the references below about how conferences can help keep speakers happy (or piss them off, as it may be), explains why I keep doing these events. All that plus more data breach news and my thoughts on the subsequent lists of credential stuffing data.
BBC "sister" medical drama shows Holby City and the venerable Casualty from which it sprang have announced that they are teaming up for a two-part "cyberattack special". NHS techies, stop sniggering at the back!…
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about this year’s current uses and emerging risks of the cloud. Also, find out what new vulnerability was found in containers.
This week a new vulnerability was published that highlights the biggest security weakness of containers: they are loosely isolated sharing the same host operating system.
A security vulnerability has been disclosed for a flaw in RunC, Docker and Kubernetes’ container runtime, which can be used to attack any host system running containers.
While the power of the cloud and benefits like flexibility and productivity are continuing to grow, there are some risks to be aware of.
Cybersecurity risks to utilities’ systems increased in 2018, with more intrusions into those networks and malware that infected those systems, according to a new report from a threat assessment firm released Thursday.
80 percent of IT business leaders anticipate a critical breach or successful cyberattack over the coming year, according to Trend Micro’s Cyber Risk Index (CRI).
While conducting a routine log check, Trend Micro noticed an interesting script from one of our honeypots downloading a binary connected to a domain.
In a credential stuffing data breach, hackers automatically feed thousands or millions of username and password combinations obtained from other breaches into a website in order to fraudulently gain access to user accounts.
Dating app Coffee Meets Bagel announced that an unauthorized party gained access to an undisclosed amount of user data, but didn’t make off with any sensitive information like credit card numbers or passwords.
Trend Micro found EXE files in the wild delivering a malicious payload that overrides Mac’s built-in protection mechanisms such as Gatekeeper.
Two weeks out from the longest government shutdown in United States history, government employees are still scrambling to mitigate impacts on federal cybersecurity defenses.
Trend Micro dives into the cybercriminal underground to see how the tactics and techniques used to attack financial organizations have changed over the years.
The location of data that disappeared during the Equifax breach in 2017 has remained a mystery, and the prevailing theory today is that the data was stolen by a nation-state for spying purposes, not by criminals looking to cash in on stolen identities.
Are you surprised that a nation-state is theorized responsible for the Equifax breach? Why or why not? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Cloud Risks and Container Vulnerability appeared first on .
McAfee was founded in 1987, and at 32 years old, we’re moving faster than ever before with more precision, agility, and innovation. With McAfee’s expected growth in 2019 as the device-to-cloud cybersecurity company, we recognize the need to ensure that the Americas Channel Team is sharply focused. As I’ve met with members of my team, both individually and in planning sessions, we are already hitting the ground running. This year, the stage is set for our PACE—our pace within the company, and our People, Alignment, Culture, and Execution.
The first focus area, Our People, not only encompasses our team, but also our partners and customers. I truly believe if you take care of the people, the people will take care of you. As a Channel Organization, we ensure that both our partners’ and customers’ needs are met. Through tightly aligned cross-functional organizations internally, we are creating powerful unity as we serve customers together.
Our Alignment concentrates on making sure we’re moving in the same direction at the same time.
Within Our Culture, we have a primary and secondary culture. Our primary culture is centered around our pledge that each McAfee employee signs, declaring dedication to keeping the world safe from cyberthreats. However, the Channel Organization has also cultivated a secondary culture, which is supported by our corporate value surrounding candor and transparency. We aim for both cultures to be evident in everything we do.
With Our Execution, we believe that if we commit to something, we must execute it. Accountability is a priority for our team. Our Execution is currently centered around our MVISION portfolio family, which includes MVISION Endpoint, ePO, Cloud, Mobile, and EDR (coming soon). Designed to encompass our overall brand through a simple approach, MVISION is an integrated, open system from device to cloud that offers consolidated visibility, comprehension, and control across a digital landscape. If you’re not up to speed on MVISION, please take some time to research and get familiar. Our mutual customers are going to love it.
This year, we are excited to be working on our PACE. We are committed to maintaining a healthy PACE for the betterment of our customers, partners, and team. We hope the PACE we set this year will serve all who interact with McAfee.
Bank of Valetta, which went dark for a day after the fraudulent transfers of €13 million, is now looking to get the money back
The post Malta’s leading bank resumes operations after cyberheist-induced shutdown appeared first on WeLiveSecurity
When building a threat Intelligence team you will face a range of challenges and problems. One of the most significant ones is about how to best take on the ever-growing amount of Threat Intel. It might sound like a luxurious problem to have: The more intel the better! But if you take a closer look at what the available Threat Intelligence supply looks like, or rather, the way it is packaged, the problem becomes apparent. Ideally, you would want to take this ever-growing field of Threat Intelligence supply and work to converge on a central data model – specifically, STIX (Structured Threat Information eXpression). STIX is an open standard language supported by the OASIS open standards body, designed to represent structured information about cyber threats
This isn’t a solo effort, so first the intelligence team needs to align properly with the open standards bodies. I was thrilled to deliver our theories around STIX data modeling to the OASIS and FIRST communities at the Borderless Cyber Conference in Prague in 2017. (The slides from this are available for download here.) Our team took this to the next level as we started to include not just standard data structures in our work, but standardized libraries, including MITRE’s ATT&CK (Adversarial Tactics, Techniques & Common Knowledge) framework that now forms a core part of our TTP (and, to some extent, Threat Actor) mapping across our knowledge base. We couldn’t have done it without the awesome folk at OASIS and MITRE. Those communities are still our cultural home.
So far, so good… but largely academic. The one thing I always say to teams who start planning their CTI journeys is: “Deploy your theory to practice ASAP – because it will change.” CTI suppliers know this all too well. In the ensuing months of our threat intel team, we faced the challenge of merging these supplier sources in to a centralized knowledge base. We’re currently up to 38 unique source organizations (with 50+ unique feeds across those suppliers), around a third of those being top-flight commercial suppliers. And, of course, even in this age of STIX, and MISP, we still see the full spectrum of implementations from those suppliers. Don’t get me wrong – universal STIX adoption is a utopia (this is my version of ‘memento mori’ that I should get my team to say to me every time I go on my evangelism sprees). And we should not expect all suppliers to ‘conform’ in some totalitarian way. But here is my question to you: Who designs your data model? I would love to meet them.
Now here’s the thing: If you’re anything like my boss, you probably don’t care how the data model is implemented – so long as the customer can get the data fields they need from your feed, what does it matter? REST + JSON everywhere, right? But the future doesn’t look like that. The one thing that the STIX standard is teaching people better than most other structured languages is the importance of decentralization. I should be able to use the STIX model to build intelligence in one location and have it be semantically equivalent (though not necessarily the same) as the equivalent built by a different analyst in another location. The two outputs should be logically similar – recognizably so, by some form of automated interpretation that doesn’t require polymorphism or a cryptomining rig to calculate – but different enough to capture the unique artistry of the analysts who created them. Those automatically discernible differences are the pinnacle of a shared, structured-intelligence knowledge base that will keep our data relevant, allow for automated cross-referencing and take the industry to the next level.
There is a downside, of course. The cost of implementation is the first hurdle – it may mean reengineering a data model and maybe even complete rebuilds of knowledge repositories. With any luck, it can just be a semantic modelling (similar to what I presented at Borderless Cyber, but instead of STIX 1.2 à STIX 2.1, just à STIX 2.1) that you can describe with some simple mapping and retain your retcon. But perhaps the biggest elephant in the room is that aligning all suppliers to a common data model means leaving people open to de-duplication and cross-referencing. As we start to unify our data models, that “super-secret source” that was actually just a re-package of some low-profile, open source feed is going to get doxed. We think this is a good thing – data quality, uniqueness and provenance will speak for themselves, and those suppliers who vend noise will lose business. This should be an opportunity rather than a threat, and hopefully it will reinforce supplier business models to provide truly valuable intelligence to customers.
About the author: Chris O'Brien is the Director Intelligence Operations at EclecticIQ. Prior to his current role, Chris held the post of Deputy Technical Director at NCSC UK specialising in technical knowledge management to support rapid response to cyber incidents.Copyright 2010 Respective Author at Infosec Island
On this episode of the CyberSpeak with InfoSec Institute podcast, Kathleen Hyde, chair of cybersecurity programs at Champlain College online, discusses a topic that’s a big part of InfoSec Institute’s initiative for the coming years — finding new and innovative ways of closing the cyber skills gap. In the podcast, Hyde and host Chris Sienko […]
ESET malware researcher Lukáš Štefanko sits down with us to discuss Android banking malware, the topic of his latest white paper. An attack on an email provider wipes out almost two decades' worth of data. Plus an interesting article from Jake Moore on the possible dangers that may come from providing your name at your local coffee shop.
An interview with ESET malware researcher Lukáš Štefanko about Android banking malware, the topic of his latest white paper
The post Navigating the murky waters of Android banking malware appeared first on WeLiveSecurity