Internet Privacy
Despite the high profile given to Internet privacy on mainstream media, there still appears to be naivety among certain Internet users about keeping their personal information safe. Thousands of data breaches affecting millions of individuals are reported each year, yet one still hears the same stories about Internet users having the same passwords for multiple sites.
Whether a password is used for a social media account, an online shopping portal or an online banking website, it should be a) unique, b) difficult to guess, and c) changed frequently. To maintain your Internet privacy, only ever provide the minimum amount of information necessary and only if you have complete confidence in the website you are providing it to.
by G Hunt |
January 26, 2022 |
Cybersecurity Advice, Internet Privacy, Internet Security News, Web Filtering
Cybercriminals are constantly developing new tactics to trick individuals into divulging sensitive information or installing malware. One of the latest tactics to be observed is the use of QR codes to direct people to malicious websites where sensitive information is harvested or to sites hosting malware. A QR code is a machine-readable matrix barcode that is often used for tracking products in a supply chain, but in recent years has been adopted as a convenient way to direct people to web resources without them having to enter a URL or click a link. QR codes have been widely adopted during the COVID-19 pandemic for carrying out contactless operations, such as registering attendance at a venue and for viewing menus in restaurants to help prevent the spread of COVID-19. Many smartphones have in-built QR code readers and apps can be downloaded for free to allow QR codes to be read. When a smartphone camera picks up a QR code, the user will be directed to whatever web resource has been programmed into the code. While QR codes have many important uses, QR codes can be easily tampered with to direct individuals to malicious websites. Phishing emails often contain links to malicious websites that have been masked by changing the text in the hyperlink. Hovering a mouse arrow over the hyperlink on a computer will display the URL to which the user will be directed; however, with a QR code the user may be instantly directed to the website and could be prompted to enter their banking credentials, Microsoft 365 credentials, or other sensitive information. Since QR codes are often used to direct individuals to hosted files, such as PDF restaurant menus, it would be easy to trick people into downloading malicious files through QR codes. The malware could provide a cybercriminal with access to the victim’s mobile device, allowing them to steal sensitive information such as passwords or bank account information. Many businesses use QR codes to direct customers to websites where payments can be processed, and the use of QR codes for this purpose has increased significantly during the pandemic to avoid contact with Point-of-Sale card readers. QR codes could be abused to direct...
by G Hunt |
August 31, 2020 |
Internet Privacy, Network Security
Cloud web filtering software is now an important cybersecurity measure used by businesses of all sizes, but what exactly is it and why is it important? In this post we will explain exactly what cloud web filtering is, what it is used for, and why most businesses need to use it. What is Cloud Web Filtering? Cloud web filtering is a software-as-a-service (SaaS) solution that acts as a semi-permeable barrier between an individual and the Internet. For much of the time, users will not know this solution is in place, as there is no noticeable delay when browsing the Internet. Websites can be accessed as if the solution was not in place. Cloud web filtering software is only noticed by a user when they attempt to visit a website that violates their organization’s acceptable internet use policy. When a request is made to access a website that falls into a category that an employer does not permit – pornography for example – rather than connect to the website, the user will be directed to a local block page and will discover that particular website cannot be accessed due to a content policy violation. Cloud web filtering software acts as a form of internet content control which is used to reduce productivity losses due to personal Internet use, prevent HR issues, and reduce legal liability, but a cloud web filter it is not just used for restricting access to NSFW websites. It also has an important security function. Why is Cloud Web Filtering Important? The Internet can be a dangerous place. There are many threats lurking online that could compromise a business’s systems and lead to a costly data breach or catastrophic data loss. Malware and ransomware are often downloaded from websites, even from legitimate sites that hackers have been able to compromise. A visit to one of those malicious sites by an employee could easily result in a malware infection, and once installed on one device it could easily spread across the network. Phishing is also a major risk for businesses. Phishing forms are loaded onto websites to harvest sensitive data such as login credentials to Office 365. Links to these sites are often sent to business email accounts. A web filter acts as...
by G Hunt |
December 31, 2018 |
Cybersecurity Advice, Internet Privacy
If you subscribe to a Cisco Umbrella DNS filtering and Internet security service, it may be worth your while considering a change from Cisco Umbrella to WebTitan Cloud. In this post we explain some of the main benefits of changing from Cisco Umbrella to WebTitan and illustrate this with an example from the education sector. Cisco Umbrella has evolved from the former OpenDNS Enterprise service to a four-tiered DNS filtering and Internet security service. At the entry-level tier, businesses get a less-than-ideal service with basic web filtering capabilities that lack SSL decryption and inspection; while, at the top tier, businesses can find themselves paying for services they may never use or that are already present in other security solutions. Selecting the right tier of service to best protect the business from web-borne threats and control Internet activity is not the only challenge. One of the reasons businesses change from Cisco Umbrella to WebTitan is a lack of transparency about the cost of Cisco Umbrella – notwithstanding that businesses not only have to pay the licensing fee, but also the cost of mandatory and optional add-ons to maximize the effectiveness of the service. Cisco Umbrella Licensing Like most software services, Cisco Umbrella licensing is via a subscription service. Terms are for one year or three years, and in most cases must be paid all upfront. The licensing cost does not include mandatory onboarding and technical support, while there is a further “optional add-on” for premium support if a business wants its calls to support to be prioritized. Basically, businesses have to pay twice to get a decent level of support from Cisco. Other optional add-ons vary according to which tier is subscribed to – and some are not available in all tiers. For example, if you want to identify which internal IP address was responsible for a malware download, you have to subscribe to a secondary Cisco service. However, this option is not available to subscribers of the DNS Essentials tier. Other optional add-ons and limitations by tier are illustrated in the table below. Cisco Umbrella Pricing Cisco Umbrella pricing is variable depending on the number of...
by G Hunt |
November 30, 2018 |
Cybersecurity Advice, Internet Privacy
There are many reasons why businesses should implement a WiFi filtering solution, but one of the most important aspects of WiFi filtering is protecting your brand. The Importance of Brand Protection It takes a lot of hard work to create a strong brand that customers trust, but trust can easily be lost if a company’s reputation is damaged. If that happens, rebuilding the reputation of your company can be a major challenge. Brand reputation can be damaged in many ways and it is even easier now thanks to the Internet and the popularity of social media sites. Bad feedback about a company can spread like wildfire and negative reviews are wont to go viral. Smart business owners are proactive and take steps to protect their digital image. They are quick to detect and enforce online copyright infringements and other forms of brand abuse. They monitor social media websites and online forums to discover what people are saying about their company and how customers feel about their products and services. They also actively manage their online reputation and take steps to reinforce their brand image at every opportunity. Cyberattacks Can Seriously Damage a Company’s Reputation One aspect of brand protection that should not be underestimated is cybersecurity. There are few things that can have such a devastating impact on the reputation of a company as a cyberattack and data breach. A company that fails to secure its POS systems, websites, and network and experiences a breach that results in the theft of sensitive customer data can see their reputation seriously tarnished. When that happens, customers can be driven to competitors. How likely are customers to abandon a previously trusted brand following a data breach? A lot more than you may think! In late 2017, the specialist insurance services provider Beazley conducted a survey to find out more about the impact of a data breach on customer behavior. The survey was conducted on 10,000 consumers and 70% said that if a company experienced a data breach that exposed their sensitive information they would no longer do business with the brand. WiFi Filtering and Protecting Your Brand The use of Wi-Fi filtering for protecting...
by G Hunt |
October 24, 2018 |
Cybersecurity Advice, Internet Privacy
Many businesses want to block websites at work and exercise greater control over employee internet access. Acceptable internet usage policies can be developed and employees told what content they are allowed to access at work, but there are always some employees that will ignore the rules. In some cases, policy violations may warrant instant dismissal or other disciplinary action, which takes HR staff away from other important duties. If staff are fired, replacements must be found, trained, and brought up to speed, and the productivity losses that result can be considerable. The Dangers of Unfettered Internet Access Before explaining how to block websites at work, it is worthwhile explaining the problems that can arise from the failure to exert control over the content that can be accessed through wired and wireless networks. While extreme cases of internet abuse need to be tackled through HR, low level internet abuse can also be a problem. Any time an employee accesses a website for personal reasons, it is time that is not being spent on work duties. Checking emails or quickly visiting a social media website is unlikely to have a major impact on productivity, but when cyber-slacking increases its effect can certainly be felt. If all employees spent 30 minutes a day on personal internet use, the productivity losses would be be considerable – A business with 100 workers would lose 50 hours of working time a day, or 1,100 hours a month! In addition to lost opportunities, internet use carries a risk. Casual surfing of the internet by employees increases the probability of users encountering malware. The accessing of personal webmail at work could easily result in a malware infection on a work device, as personal mail accounts are not protected by the filtering controls of an organization’s email security gateway. If illegal activities are taking place at work, the legal ramifications can be considerable. It will be the business that is liable in many cases, rather than the individual employee. The easiest solution is for businesses to enforce their acceptable internet usage policies and simply block websites at work that are not required for normal working...
by G Hunt |
June 29, 2018 |
Cybersecurity Advice, Internet Privacy
Why should businesses use a web filtering solution? Listed below are three key benefits of web filtering for businesses. Protection Against Exploit Kits Email spam is the most common attack vector used to deliver malware, and while the threat from exploit kits is nowhere near the level in 2015 and 2016, they still pose a problem for businesses. Exploit kits are web-based apps that are loaded onto websites controlled by cybercriminals – either their own sites or sites that have been hijacked. Exploit kits contain code that exploits vulnerabilities in web browsers, plugins and browser extensions. When a user with a vulnerable browser visits a malicious URL containing an exploit kit, the vulnerability is exploited and malware is downloaded. With browsers becoming more secure, and Flash being phased out, it has become much harder to infect computers with malware via exploit kits and many threat actors have moved on to other methods of attack. However, some exploit kits remain active and still pose a threat. The exploit kits currently in use – RIG for example – contain multiple exploits for known vulnerabilities. Most of the vulnerabilities are old and patches have been available for months or years, although zero-day vulnerabilities are occasionally uploaded. Exploit kits are also updated with recently disclosed proof-of-concept code. Exploit code for two recently discovered vulnerabilities: one in Internet Explorer (CVE-2018-8174) and one in Adobe Flash (CVE-2018-4878) have been added to EKs already. Keeping browsers and plugins up to date and using a top antivirus solution will provide a good level of protection, although businesses can further enhance security by using a web filter. Web filtering for businesses ensures that any attempt to access a website known to host an exploit kit will be blocked. Blocking Phishing Attacks Phishing is one of the biggest threats faced by businesses. Phishing is a method of obtaining sensitive information by deception, such as impersonating a company in an attempt to obtain login credentials or to fool employees into making wire transfers to bank accounts controlled by criminals. A spam filter can prevent the majority of...
by G Hunt |
September 8, 2017 |
Cybersecurity News, Internet Privacy
A massive Equifax data breach was announced yesterday, which ranks as one of the largest data breaches of 2017. Approximately 143 million consumers have been impacted and had their sensitive data exposed and potentially stolen. A data breach at any company can cause considerable fallout, although this incident is particularly bad news for a credit reporting agency. Equifax aggregates and stores vast quantities of highly sensitive consumer data that are used by financial firms to make decisions about the creditworthiness of consumers. The data breach is sure to damage trust in the company. Ironically, Equifax offers credit monitoring and identity theft protection services to companies that experience data breaches to help them protect breach victims. Naturally, all Americans affected by the Equifax data breach will be offered those services free of charge. In fact, Equifax has gone further by agreeing to offer those services free of charge to all U.S. consumers for a period of one year, even if they were not directed affected by the breach. Chairman and Chief Executive Officer, Richard F. Smith, said “This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes.” The Equifax data breach may not be the largest data breach of 2017, but the nature of the datya exposed make it one of the most serious. Highly sensitive data were exposed, including personal information, Social Security numbers, birthdates, driver’s license numbers, and 209,000 consumers had their credit card numbers exposed. These are the exact types of information used by cybercriminals to commit identity theft and fraud. Dispute documents were also stored on the compromised system. Those documents contained a range of personal information of 182,000 consumers. The bulk of the data related to U.S citizens, although some consumers in Canada and the United Kingdom have also been affected by the Equifax data breach. The hacker(s) responsible for the attack had access to Equifax’s systems for a considerable period of time before the breach was...
by G Hunt |
July 21, 2017 |
Internet Privacy, Internet Security News
UK porn filtering controls are expected to be introduced next year to make it harder for minors to access – accidentally or deliberately – pornographic material over the Internet. The government has proposed a new requirement that will make it mandatory for all sites hosting adult or pornographic content to conduct age verification checks before adult content is displayed. From April next year, a yet to be decided regulator – most likely the British Board of Film Classification – will be able to block websites hosting pornography if they do not conduct checks to ensure visitors are over the age of 18. Blocks are likely to be applied at the ISP level and the sites could be barred from taking credit card payments from the UK if they do not comply. The change to UK porn filtering controls would mean minors would be prevented from accessing pornographic material. Digital minister, Matt Hancock, explained the move would mean “UK will have the most robust internet child protection measures of any country in the world.” While many adult websites ask the user if they are over 18 before content is displayed to prevent accidental access, further controls would be required to verify age. One of the easiest ways to do that is by forcing the visitor to submit their credit card details. In the UK, it is not possible for individuals under the age of 18 to be issued with a credit card. The new UK porn filtering controls have been welcomed by some groups – the National Society for the Prevention of Cruelty to Children (NSPCC) for example – but the move has raised many concerns. Age verification checks are likely to result in the operators of the websites maintaining a database of site users, even individuals who do not pay for access. The database is likely not only to include details supplied in the verification checks, but include profiling and viewing histories. It is possible that large volumes of highly sensitive data could be collected on millions of users. Any website that collects sensitive consumer data is a target for hackers. The databases that could be built by adult content providers would be an even bigger target. Not only could information be used for...
by G Hunt |
May 16, 2017 |
Cybersecurity News, Internet Privacy
Browsing the Internet can result in malware and spyware downloads, malicious software can arrive via spam email, but a fresh-out-of-the-box laptop computer should be totally malware free. But not always. A pre-installed keylogger on HP laptops has recently been identified by Swedish security firm Modzero. Potentially unwanted programs can be found on many new devices. Some serve a purpose but pose a security threat. For instance, in 2014, Lenovo laptop computers were shipped with ‘malware’ already installed that made the devices vulnerable to man-in-the-middle attacks. The program was Superfish. The pre-installed keylogger on HP laptops does not appear to be used for any malicious purposes, although there is considerable potential for the program to be abused. The spyware records all keystrokes on the laptops after a user logs in and stores that information in a local drive. In some situations, the keystrokes will be passed to an API on the laptop. The keylogger was discovered in an audio driver package – Conexant HD Audio Driver Package 1.0.0.46 and earlier versions. The offending file is MicTray64.exe, located in the C:windowssystem32 folder. Each time a user logs in, the program is scheduled to run. The file monitors all keystrokes on the device in order to monitor for special keystrokes. The program was developed by, Conexant, the audio chip manufacturer. The program has been included on HP laptops since December 2015. While the software itself does not exactly pose a threat, the way the program logs the keystrokes allows the recorded keystrokes to be easily accessed. The log file created by the software is stored in the public folder (C:userspublicMicTray.log) and can therefore be accessed by anyone. The file is overwritten each time a user logs in, but any keystrokes recorded during that session could be accessed by anyone with access to the device. Additionally, if the registry key with the filepath is missing or corrupted, the keystrokes will be passed to a local API called OutputDebugString API. Malware installed on the device could potentially allow the log file to be copied, and along with it, all keystrokes from the session. It would also be...
by G Hunt |
April 28, 2017 |
Cybersecurity News, Internet Privacy
Security researcher Chris Vickery has discovered a Schoolzilla AWS misconfiguration that resulted in the records of 1.3 million students being accidentally left unprotected. Schoolzilla is a student warehouse platform used by K12 schools to track and analyze student data. While data on the platform were protected and access by unauthorized individuals was not possible, that was not the case for a backup file on the platform. Vickery had been conducting scans to identify unprotected Amazon Web Services installations when he noticed a number of unsecured buckets on the Tableau data visualization platform. Further investigation revealed an unprotected ‘sz tableau’ bucket named sz-backups, which was a data repository for backups of the Schoolzilla database. The Amazon S3 bucket had been accidentally configured to allow public access, leaving 1.3 million student records exposed. The records contained sensitive information such as the names and addresses of students, along with test scores, grades, birthdates and some Social Security numbers. Vickery notified Schoolzilla of the error and the company worked quickly to secure the backups. Schoolzilla has now implemented a number of additional technical safeguards to ensure all student data is protected and all affected schools have been contacted and notified of the data exposure. It is unclear exactly how many schools were affected. The Schoolzilla AWS misconfiguration shows just how easy it is for sensitive data to be exposed online. This time it was a security researcher that discovered the exposed data, but cybercriminals are also performing scans for unprotected data. In this case, Schoolzilla was able to confirm that no unauthorized individuals had accessed the file except Vickery. Other companies may not be so fortunate. Schools and other educational institutions are increasingly using AWS and other cloud storage platforms to house student data. Data can be securely stored in the cloud; however, human error can all too easily result in sensitive data being exposed. The incident highlights just how important it is for organizations to conduct security scans and perform penetration tests to ensure that...
by G Hunt |
February 28, 2017 |
Cybersecurity News, Internet Privacy
Opposition to pornography filtering in libraries has seen the American Library Association placed on the National Center for Sexual Exploitation (NCOSE) naughty list. Each year, NCOSE publishes a list of the top twelve companies and organizations that it believes are either profiting from pornography or facilitating access. The aim of the list, referred to as the Dirty Dozen, is to name and shame the companies and organizations that are failing to do enough to tackle the growing problem of online pornography. Pornography is only the tip of the iceberg. Hidden underneath is a world of sexual exploitation, prostitution, and sex trafficking. NCOSE sees companies and organizations that fail to take action as being part of the problem, inadvertently – or in some cases deliberately – contributing to the considerable harm that is caused by pornography. This year’s list includes technology and telecoms companies (Amazon, Comcast, Roku) the American Library Association (ALA) and EBSCO, a provider of library resources to schools, colleges, higher education establishments and libraries). Four websites make the list (YouTube, Twitter, Snapchat, and Backpage.com), along with Cosmopolitan Magazine, HBO, and Amnesty International. The ALA is almost a permanent fixture on the NCOSE Dirty Dozen list, having been present for the past five years. It is the ALA’s opposition to the use of pornography filtering in libraries that sees it included year after year. NCOSE says “the ALA zealously encourages public libraries not to install internet filters on public access computers.” By taking such a stance, the ALA is providing patrons – including children – with the means to access sexually explicit and obscene material. ALA told CBN news that “Librarians encourage parents and children to talk with one another. Families have a right to set their own boundaries and values. They do not have the right to impose them on others.” NCOSE doesn’t hold back, saying the ALA stance on pornography filtering in libraries “has turned the once safe community setting of the public library into a XXX space that fosters child sexual abuse, sexual assault, exhibitionism, stalking,...
by G Hunt |
June 2, 2016 |
Cybersecurity News, Internet Privacy
On May 12, the microblogging website Tumblr notified users of a data breach that occurred in 2013. The company had kept quiet about the number of site users that were affected, although it has since emerged that 65 million account credentials were stolen in the Tumblr data breach. Stolen email addresses and passwords were recently offered for sale on a Darknet marketplace called TheRealDeal. Tumblr Data Breach Ranks as One of the 5 Biggest Data Breaches of All Time The massive Tumblr data breach may not be the largest ever discovered, but it certainly ranks as one of the biggest, behind the breach of 360 million MySpace account details, the theft of 164-million LinkedIn account credentials, and the 152 million-record Adobe breach. All of these huge data breaches occurred in 2013 with the exception of the LinkedIn breach, which happened a year earlier. These breaches have something else in common. They were all discovered recently and the stolen data from all four data breaches have been listed for sale on illegal Darknet marketplaces by the same individual: A Russian hacker with the account “peace_of_mind” – more commonly known as “Peace”. It is not clear whether this individual is responsible for all four of these data breaches, but he/she appears to have now obtained all of the data. The person responsible for the theft appears to have been sitting on the data for some time as according to Tumblr, as the login credentials do not appear to have been used. Fortunately, the passwords were salted and hashed. Unfortunately, it would appear that the SHA1 hashing algorithm was used, which is not as secure as the latest algorithms. This means that hackers could potentially crack the passwords. The passwords were also salted so this offers more protection for individuals affected by the Tumblr data breach. However, as a precaution, site users who joined the website in 2013 or earlier should login and change their passwords. Do You Reuse Passwords on Multiple Sites? Even if victims of the Tumblr data breach have changed their password on the site before 2013, they may still be at risk of having their online accounts compromised if their password has been used for...
by G Hunt |
May 27, 2016 |
Cybersecurity News, Internet Privacy
A new phishing activity report published by the Anti-Phishing Working Group (APWG) shows that the threat from phishing websites is greater than any other time in the history of the Internet. The latest phishing activity report shows that in the past six months, the number of phishing websites has increased by a staggering 250%. Most of the new websites were detected in March 2016. The Rising Threat from Phishing Websites Should Not Be Ignored APWG was founded in 2003 in response to the rise in cybercrime and the use of phishing to attack consumers. The purpose of the organization is to unify the global response to cybercriminal activity, monitor the latest threats, and share data to better protect businesses and consumers. In 2004, APWG started tracking phishing and reporting on the growing threat from phishing websites. During the past 12 years, the number of phishing websites being created by cybercriminals has grown steadily; however, the past six months has seen a massive rise in new websites that trick users into revealing sensitive data. APWG reports that there is an increase in new malicious websites around the holiday season. In the run up to the holiday period when online shopping increases and Internet traffic spikes, there are more opportunities to relieve online shoppers of their credit card details, login credentials, and other sensitive data. In late 2015, cybercriminals increased their efforts and there was the usual spike in the number of new phishing websites. However, after the holiday period ended APWG expected activity to reduce. That didn’t happen. New sites were still being created at elevated levels. In the first quarter of 2016, APWG detected 289,371 new phishing websites were created. However, almost half of the new websites – 123,555 of them – were detected in March 2016. Aside from a slight dip in February, the number of new websites created has increased each month. March saw almost twice the number of new sites than were created in December. The figures for Q1 and for March were the highest ever seen. Retail and Financial Sectors Most Frequently Targeted by Phishers Phishers tend to favor well-known brands. The phishing activity...
by G Hunt |
March 11, 2016 |
Internet Privacy
Five ISP trade groups have put pen to paper questioning the need for the recently proposed FCC rules for broadband providers, saying they are against regulations specifically aimed at ISPs. They believe that consumer information should be protected based on the sensitivity of the data collected, rather than introducing new regulations specifically for the businesses that collect, store, or use those data. Extensive Set of FCC Rules for ISPs Proposed An extensive set of rules for ISPs have been proposed following the reclassification of broadband as a regulated, common carrier service. The FCC wants to give broadband customers greater choice and control over how their personal data are used. If the proposed FCC rules for broadband providers are passed they would severely limit how ISPs could use consumer data without first obtaining permission from their customers. FCC Chairman Tom Wheeler has proposed that consumers should opt-in to the use of their personal data by their ISPs. Currently, ISPs are not required to obtain permission from their customers before they use or share their personal data. The proposed FCC rules for broadband providers would change this, and require consumers to opt-in before ISPs would be permitted to use or share their data for certain purposes. Under the proposed regulations, data could still be used by ISPs to help them deliver a broadband service that consumers signed up for, for billing purposes, to market improvements to their services, or for other internal reasons on an opt-out basis. However, the new rules would require an opt-in from customers for data use for all other purposes. Proposed FCC Rules for Broadband Providers Would Require Data Breach Notifications to be Sent to Customers The proposed FCC rules for broadband providers would also require ISPs to notify consumers about breaches of their personal data. Wheeler has proposed that broadband providers notify consumers of a breach of personal data within 10 days of the discovery of a breach, far faster than is required by laws in the 40 states that have introduced legislation covering breaches of personal information. Telecoms companies are extensively regulated and...
