You Really Need a Password Manager.

Here’s How to Get Started

source: cnet.com  |  image: pixabay.com

 

Using a password manager is easy, and it’s one of the best ways to stay secure online.

It may seem like more trouble than it’s worth, but you really need to create a unique password for each of your online accounts. Each password should ideally be at least eight characters in length and consist of capital and lowercase letters, numbers and symbols. (Yes, using “password123” for everything isn’t going to cut it.) It may be tempting, but using one easy-to-remember code across all of your accounts can jeopardize your online security — and you definitely don’t want to make yourself an easy target for cybercriminals. In fact, recent research by cybersecurity firm Hive Systems has suggested that a weak password can be cracked instantly by a hacker.

Password managers are vital tools that can help you stay safe online and be more digitally secure by simplifying the process of using strong passwords. And they’re easier to use than you may think. Even so, 4 out of 5 American adults don’t use a password manager, according to a study from Security.org. 

Here’s why you need a password manager and how to set one up.

What is a password manager, and why do I need one?

A password manager is an online service that stores your passwords as well as other data like credit card numbers, bank account information and identification documents in a secure, encrypted environment. It takes one of the biggest potential vulnerabilities — weak or recycled passwords — and does the hard work for you.

Continue reading “You Really Need a Password Manager. Here’s How to Get Started”

The 3 Worst Spots to Put a Home Security Camera

source: cnet.com (contributed by FAN, Steve Page)  |  image: pixabay.com

 

Don’t compromise your home security: Put your home security cameras in the right places.

Security cameras are one of the simplest ways to deter would-be burglars and protect your home. With the help of a few well-placed cameras, you can easily keep a remote eye on most of your home and property. And with more affordable options on the market and improvements in wireless technology, it’s now possible for just about anyone to set up a wired or wireless security camera system that fits your home’s needs and budget. 

But it’s also possible to set up a home camera security systemthe wrong way. The last thing that you want to do is place a camera in a spot where it is rendered ineffective and find out too late that its footage is useless. This guide will steer you away from camera placements to avoid and help you establish a more effective home security camera system. For more on home security, check out the best security camera deals and how to keep your security cameras from being hacked

Ineffective spots

You might be tempted to point cameras at the spots around your home that are difficult to see. There is an intuitive reason for this: If you can’t see a location from your windows or doors, it feels possible that someone might be lurking there. You might think these hidden areas are a burglar’s preferred place to break and enter. 

Continue reading “The 3 Worst Spots to Put a Home Security Camera”

Airline Travel Hacks To Avoid Holiday Excursion Headaches

source: technewsworld.com  |  image:pixabay.com

 

For those of you who haven’t traveled lately, things have changed over the last couple of years. For example, most airlines don’t take cash anymore, and an increasing number don’t accept credit cards.

Airlines are almost all short-staffed, and at this time of year, there are a lot of mechanical delays and weather events. Depending on the airport, the ability to rebook a flight at the gate may no longer exist. Spending the night in an airport is no fun, and neither is missing a flight because you didn’t make it through security in time.

This week, I’ll share some tips on how to survive traveling over the holidays. We’ll close with my product of the week: my favorite suitcase, which is like a rolling dresser.

Plan for Extend Connection Times

Over the past two months, most of the flights I’ve been on have had a mechanical or airline delay. Generally, the delays have been just short of an hour, suggesting you want at least one hour between connecting flights if you don’t want to be stranded.

If you are taking a cruise and you have to fly to the port of departure, you might want to fly the day before so that any delay doesn’t keep you from meeting the boat. We had first-class tickets on our last flight on United to meet up for a cruise. Still, we were delayed at the departing airport for 30 minutes, then again at the arrival airport (San Francisco) for 30 minutes, which had us arriving at the gate three minutes after they closed it. They wouldn’t let us on the plane, arguing that we should have run faster.

As a result, we lost our direct flight to Florida, lost our first-class seats, and had to route through Chicago, which got us there late at night rather than mid-day. Fortunately, our cruise was the next day, or we’d have missed our departure and had to try to catch the ship at the next port, a very expensive workaround.

The more critical it is that you get to your destination on time, the more extra time you should schedule for transport. You should plan to arrive the day before for a wedding, funeral, family event, business meeting, or tour with a firm start time instead of cutting it close. Otherwise, there’s a good chance you’ll miss that critical event.

Take Advantage of Airline Apps

Download the airline app before you leave, and if it has the option to pre-load a credit card, do it. On my last trip, a couple from Australia in front of me couldn’t buy drinks or food because United no longer takes cash or credit cards on the plane. Instead, they pull the card data from the app.

Continue reading “Airline Travel Hacks To Avoid Holiday Excursion Headaches”

A Chinese Spy Wanted GE’s Secrets,

But the US Got China’s Instead

 

source: bloomberg.com  |  Image by Image by Arek Socha from Pixabay
How the arrest of a burned-out intelligence officer exposed an economic-espionage machine.

 

In January 2014, Arthur Gau, an aerospace engineer who was nearing retirement age, received an unexpected email from a long-lost acquaintance in China. Years before, Gau had made a series of trips from his home in Phoenix to speak at the Nanjing University of Aeronautics and Astronautics, or NUAA, one of China’s most prestigious research institutions. The original invitation had come from the head of a lab there studying helicopter design. Increasingly, however, Gau had heard from someone else, a man who worked at the university in a vague administrative capacity. Little Zha, as the man called himself, was the one who made sure Gau never had to pay his own airfare when he came to give talks. When Gau brought his mother on a 2003 visit, Zha arranged and paid for them to take a Yangtze cruise to see the river’s dramatically sculpted middle reaches before they were flooded by the Three Gorges Dam.

The relationship had ended awkwardly, though, when Zha offered Gau money to come back to China with information about specific aviation projects from his employer, the industrial and defense giant Honeywell International Inc. Gau ignored the request, and the invitations stopped.

Now, in 2014, Little Zha was reaching out again. The two started corresponding. In early 2016, Gau, whose interests extended far beyond avionics, said he’d planned a trip to China to visit some friends in the musical theater world. Zha was there that spring to meet him at the airport in Beijing. Waiting with him was a colleague Zha was eager for Gau to meet.

Xu Yanjun was on the tall side, at 5 feet 10 inches, with closely cropped hair, glasses, and a tendency toward bluntness. The three had dinner and met up again before Gau flew back to the US. Over pastries in Gau’s hotel room, they discussed Taiwanese politics—Gau grew up there—as well as the engineer’s evolving responsibilities at Honeywell. Late in the evening, Xu handed Gau $3,000 in cash. Gau would later testify that he tried to hand it back, but Xu was insistent. “And then, you know, back and forth, but I took it eventually.”The next year, Gau came back to China to give another lecture—this time a private one in a hotel room to several engineers and officials, including Xu. In preparation, Gau had emailed over PowerPoint slides containing technical information, including algorithms and other sensitive design data for the aircraft auxiliary power units Honeywell makes. “Because of the payment, I felt obligated,” he would later tell a judge.

Xu paid him $6,200 more, and two of his associates accompanied the visiting engineer on a two-day sightseeing trip to West Lake, famed for its picturesque gardens, islands, and temples. Gau was planning his next visit when, in the fall of 2018, agents from the FBI appeared at his home in Arizona to execute a search warrant. There would not be another trip. Xu, the agents explained, was not in Nanjing anymore. He wasn’t even in China. He was in Ohio, in a county jail awaiting trial.

Continue reading “A Chinese Spy Wanted GE’s Secrets…”

FBI investigation determined Chinese-made Huawei equipment could disrupt US nuclear arsenal communications

 

source: cnn.com  |  image: pexels.com

 

Washington (CNN)On paper, it looked like a fantastic deal. In 2017, the Chinese government was offering to spend $100 million to build an ornate Chinese garden at the National Arboretum in Washington DC. Complete with temples, pavilions and a 70-foot white pagoda, the project thrilled local officials, who hoped it would attract thousands of tourists every year.

But when US counterintelligence officials began digging into the details, they found numerous red flags. The pagoda, they noted, would have been strategically placed on one of the highest points in Washington DC, just two miles from the US Capitol, a perfect spot for signals intelligence collection, multiple sources familiar with the episode told CNN.
Also alarming was that Chinese officials wanted to build the pagoda with materials shipped to the US in diplomatic pouches, which US Customs officials are barred from examining, the sources said.

Federal officials quietly killed the project before construction was underway.    The Wall Street Journal first

reported about the security concerns in 2018.      The canceled garden is part of a frenzy of counterintelligence activity by the FBI and other federal agencies focused on what career US security officials say has been a dramatic escalation of Chinese espionage on US soil over the past decade.        Since at least 2017, federal officials have investigated Chinese land purchases near critical infrastructure, shut down a high-profile regional consulate believed by the US government to be a hotbed of Chinese spies and stonewalled what they saw as clear efforts to plant listening devices near sensitive military and government facilities.

Continue reading “FBI investigation:Huawei equipment could disrupt US nuclear comms”

Text scams surge as robocalls decline, report finds

source: usatoday.com  |  image: unsplash.com

 

You may have noticed receiving fewer robocalls over the past year, but a new report finds scammers are increasingly using a new way to reach consumers: text messages.

A report from the Consumer Watchdog office of the nonprofit U.S. PIRG is urging the Federal Communications Commission to pass new rules against robotexts, including requiring phone companies to block illegal text scams.

“Illegal robocalls and robotexts likely will never go away,” an excerpt from the report reads. “But they’ll continue to plague us as long as enforcement is lax, phone companies don’t try harder and enough consumers fall for scams to make it worthwhile for thieves.”

Spam texts have surged over the past year, jumping from 1 billion sent per month in July 2021, to more than 12 billion as of June, according to RoboKiller, a service specializing in blocking unwanted calls and texts.

Last year, acting FCC Chairwoman Jessica Rosenworcel proposed new rules requiring wireless carriers to block illegal texts.

In a statement released last October, the agency said complaints about unwanted text messages in 2020 more than doubled from the year before. 

“We’ve seen a rise in scammers trying to take advantage of our trust of text messages by sending bogus robotexts that try to trick consumers to share sensitive information or click on malicious links,” Rosenworcel said in last year’s statement.

The top scam texts of last year involved bogus delivery messages claiming to represent Amazon, the U.S. Postal Service or other companies. The messages say an order can’t be delivered or will arrive tomorrow, with a malicious link consumers click, the watchdog report said.

Others included fake messages from banks and texts related to the COVID-19 pandemic.

Meanwhile, the number of robocalls has declined over the past year, in part because of FCC rules requiring the use of technology to better identify robocalls and efforts by the agency and states to go after robocallers. 

 

Heads of FBI and MI5 issue strong warning about threat to the West from China

source: nbcnews.com  |  image:  pexels.com

Also, U.S. intelligence officials issued a report about Chinese attempts to influence local and state elections.

Speaking alongside his British counterpart in London, FBI Director Christopher Wray issued his starkest warning yet about the national security threat to the West from China, even as intelligence officials in Washington released a report about Beijing’s efforts to influence state and local politics in the U.S.

In a first-ever joint appearance Wednesday with the director of Britain’s MI5, the U.K.’s domestic intelligence agency, Wray raised the possibility that China might be inching closer to invading Taiwan, noting that Beijing has been taking steps to shield its economy from sanctions that would come after such a move.

“In our world, we call that kind of behavior a clue,” he said, adding that were an invasion to happen, “it would represent one of the most horrific business disruptions the world has ever seen.”

The Chinese Embassy in Washington did not respond to a request for comment. The Chinese Foreign Ministry said Wednesday, “In order to mislead the public, the U.S. has worked hand in glove with NATO to hype up competition with China and stoke group confrontation.”

Continue reading “Heads of FBI and MI5 issue strong warning about threat to the West from China”

Bad news: The cybersecurity skills crisis is about to get even worse

 

source: zdnet.com  |  image:  pixabay.com

 

New research suggests nearly a third of cybersecurity professionals are planning to quit the industry, at a time when companies are struggling to protect their networks from attacks.

 

Nearly a third of the cybersecurity workforce is planning to leave the industry in the near futurenew research suggests, leaving organizations in a troubling position as the threat landscape evolves “at an alarming rate”.

Cybersecurity firm Trellix commissioned a survey of 1,000 cybersecurity professionals globally and found that 30% are planning to change professions within two or more yearsOrganizations are already facing cybersecurity skills shortages, with not enough people having the skills and qualifications required to keep IT systems secure from breaches and other security threats.

Adding more fuel to the fire, organizations face a growing threat from cyber criminals and nation-state hackers, whose attacks are growing “in volume and sophistication”.

Trellix’s survey found that 85% of organizations report that a workforce shortage is impacting their ability to secure their IT systems and networks.

MIT Researchers Discover New Flaw in Apple M1 CPUs That Can’t Be Patched

source: thehackernews.com  |  image: pexels.com

A novel hardware attack dubbed PACMAN has been demonstrated against Apple’s M1 processor chipsets, potentially arming a malicious actor with the capability to gain arbitrary code execution on macOS systems.

It leverages “speculative execution attacks to bypass an important memory protection mechanism, ARM Pointer Authentication, a security feature that is used to enforce pointer integrity,” MIT researchers Joseph Ravichandran, Weon Taek Na, Jay Lang, and Mengjia Yan said in a new paper.

What’s more concerning is that “while the hardware mechanisms used by PACMAN cannot be patched with software features, memory corruption bugs can be,” the researchers added.

The vulnerability is rooted in pointer authentication codes (PACs), a line of defense introduced in arm64e architecture that aims to detect and secure against unexpected changes to pointers — objects that reference an address location in memory.

PACs aim to solve a common problem in software security, such as memory corruption vulnerabilities, which are often exploited by overwriting control data in memory (i.e., pointers) to redirect code execution to an arbitrary location controlled by the attacker.

Continue reading “MIT Researchers Discover New Flaw in Apple M1 CPUs That Can’t Be Patched”

Self-driving cars could be potential crime witnesses

source: axios.com, contributed by FAN Bill Amshey  |  image:  pixabay.com

 

The police in San Francisco see camera-laden autonomous vehicles as potential witnesses in their criminal investigations, setting off alarm bells for privacy advocates, VICE reports.

Why it matters: As Axios has reported, self-driving cars capture and store huge databases of images so that they can train their algorithms and become better drivers. What that means is that bystanders are often captured in the footage, raising privacy concerns.

Continue reading “Self-driving cars could be potential crime witnesses”