Uncategorized

posts displayed by category

How to Deal with Ransomed Files (WannaCry)

Posted on May 16, 2017 in Uncategorized - 0 comments - 0

That sinking stomach feeling when you see your computer has been hacked and your files (precious memories – first baby pictures, unpublished novels, or simply an entire day’s work) are “lost” unless you pay a ransom. While we layout many preventative activities, there are but a few courses of action after the fact. Here are some options to consider:

  • nomoreransom.org, a site backed by security firms and cybersecurity organizations in 22 countries
  • Pay the man, unfortunately in the end … you may just need to spend $300-$600 per computer to unlock the files
    • prior to paying, be sure others who have paid received the unlock codes. Also as some of these ransomware events happen security professionals can take it over, and then issue a free unlock.

This specifically deals with the WanaCrypt ransomware strain that infected tens of thousands of Windows computers (unpatched and out of date Microsoft systems, in May of 2017) is a type of malicious software that infects a computer and blocks access to data until a ransom is paid, displaying a message demanding payment to unlock it at the risk of losing all files.

Read more

When should you change the password on your iWatch, FitBit, Nest, new Cable modem?

Posted on January 22, 2017 in Uncategorized - 0 comments - 0

Change the password to a password YOU MAKE UP.

Adding a new internet-connected device (i.e., phone, digital streaming TV/radio, health-fitness tracker) is a perfect time to set up your accounts securely and manage settings on your new device.

To learn more .. you can check out the book, How Not To Be Hacked available on Amazon.

This is, in fact, covered on page 13, it is that important and goes into detail on why, but the simple answer is never.

Read more

How Not to Be Hacked—Take the Advantage Q&A at World’s Largest Security Conference

Posted on February 26, 2016 in Uncategorized - 0 comments - 0

Screen Shot 2016-02-26 at 8.57.37 AMThe author of How Not To Be Hacked was accepted to speak among 1,000s of researchers at the largest information security conference in San Francisco. In the Atlanta area, James, has shared insights at conferences and chapter meetings including InfraGuard, ISACA, the Technology Association of Georgia, and Fulton County schools. Over the last two years I have been building the content and sharing the insights from the book, and now I am excited to gain fresh tips for all of our community. I’ll be sharing them as I receive them via the newsletter.

Curious about the session … here are some great Q&A about my upcoming session.  If able, please join me at the session or grab me for coffee during the event in San Fran!

1. How Not to Be Hacked—Take the Advantage (P2P2-R08)

Who are the attendees who will most benefit from—and contribute to—this Peer2Peer session? Do you have a specific role or job title in mind? Or even the kind of skills and mindset you are looking for?

  • Seeking Attendees who are: Trendsetters, change agents, visionaries, and passionates seeking to make a difference one life at a time
  • Proper titles of those who will contribute to the session: Product Security Leaders, Parents, and Directors of Security

Why do you believe that your topic is important for the information security industry—and your attendees—to be thinking about?

  • Important to industry: Today 3.1 billion people are online and not empowered or informed making it impossible to secure every App and Device.
  • Important to you: Empowering people to protect themselves prevents human trafficking, enhances quality of life, and limits digital negative events

Challenge: Are YOUR family members, parents, children, and friends safe and secure online today because of your profession?

Can you describe one or two things you would like the attendees to think about prior to the session, as a way to prepare themselves for the discussion? 

  • What do you do habitually when navigating to a new website? What do you check? Do you type in URL? Do you Google it?
  • How do you protect your children on social media sites? Do you use manual reviews, monitoring software, account management, denial?

What kind of outcome are you hoping for at the end of the session? What will attendees walk away with afterwards?

Desired outcome: A fresh look and optimism on how to transfer habits of highly knowledgeable security professionals to regular people.

Takeaways:  Specific simple and highly potent techniques and tips to make the digital world safer and happier for our friends, family, and colleagues.

See the book on Amazon here (best anti-hacking investment you’ll ever make for your parents): How Not To Be Hacked

Source, RSA Conference Official Site: Make Sure You Don’t Miss These Peer2Peer Sessions at RSAC 2016 | RSA Conference

Read more

Fraudsters stole $16B from consumers last year – Identity-Theft Victims Pay Lifetime Price

Posted on July 30, 2015 in Uncategorized - 0 comments - 0

your-datas-black-market-valueThe impact of identity theft is a serious event, not from the simple letter in the mail in the first months. The impact is a lifetime of monitoring, reaction, prevention, and caution. The use of the stolen data will only evolve and so must consumers.

Interesting detail on the theft, and article below:

According to a recent study from Javelin Strategy & Research, fraudsters stole $16 billion from 12.7 million U.S. consumers in 2014, with a new identity fraud victim popping up about every two seconds.

via Identity-Theft Victims Pay High Price When Their Data Get Stolen | Bankrate.com.

Don’t forget the tips in chapter 13 in How Not To Be Hacked that address the key lifetime habits to address these criminal events.

James

Read more

Is your Chrysler hackable? See below if you are part of recall.. How Not To Be Hacked: Car Edition

Posted on July 27, 2015 in Uncategorized - 0 comments - 0

Jeep_sign

 

 

Over the past week news of security researchers remotely taking over a Chrysler Jeep hit the news. This was written up and demonstrated nicely in the Wired Magazine article. I received many emails about how to prevent yourself from being harmed, and there is good news!

Fiat Chrysler has issued a voluntary safety recall affecting 1.4M vehicles in the US – call your dealership if you are on one of the listed models of cars below.

 

See if your vehicle needs a safety update:

  • 2013-2015 MY Dodge Viper specialty vehicles
  • 2013-2015 Ram 1500, 2500 and 3500 pickups
  • 2013-2015 Ram 3500, 4500, 5500 Chassis Cabs
  • 2014-2015 Jeep Grand Cherokee and Cherokee SUVs
  • 2014-2015 Dodge Durango SUVs
  • 2015 MY Chrysler 200, Chrysler 300 and Dodge Charger sedans
  • 2015 Dodge Challenger sports coupes

– Source: BBC

More details to follow as other manufacturers and models will certainly need attention as ‘connected’ motorized vehicles catch up to network security research scrutiny.

Title is a play on the research for How Not To Be Hacked. A giveaway for books is also underway at Amazon – free to everyone!

James DeLuccia

Photo credit: ANDY GREENBERG/WIRED

Read more

18+ states report fake electronic tax returns…

Posted on February 9, 2015 in Uncategorized - 0 comments - 0

As tax season begins many are being hit by startling news about their tax returns being already submitted. Meaning someone voluntarily submitted their taxes, and took the liberty of cashing those refund checks. Please …

Follow these tips to begin defending yourself and our book, How not to be hacked to timely tips:

  1. Use two-factor authentication with your tax software
  2. Print out (yes on paper) and store each year’s tax return in a safe-deposit box in case you need to use it with a tax examiner to correct fraudulent filings
  3. Monitor your records, submissions, and returns carefully for errors
  4. Speed, snail mail (U.S. Postal service), and paper filings will not prevent these frauds

Here is a snapshot of today’s Google listings on the topic … startling and scary stuff:

  • Citing fraud concerns, Minn. won’t accept TurboTax returns

    www.cnbc.com/id/102404465 – 2 days ago – Intuit has halted the transmission of all state e-filing tax returns on …. Then those got hacked and someone filed fake returns under those folks …
  • Citing Tax Fraud Spike, TurboTax Suspends State E-Filings …

    https://krebsonsecurity.com/…/citing-tax-fraud-spike-turbota… –Brian Krebs – Customers who have already filed their state tax returns using Intuit … A seller of hacked accounts on the Dark Web community Evolution …
  • TurboTax account hacked and someone has filed 2014 Tax …

    https://ttlc.intuit.com/…/2662218-turbotax-account-hacked-and-so… – TurboTax account hacked and someone has filed 2014 Tax Return with my secured information. Bank account … Shocking to see that the tax return is alreadyfiled for 2014. … 1) Go to https://support.turbotax.intuit.com/contact/
  • Utah flags 8,000 tax returns as possible fraud. TurboTax …

    www.dailykos.com/…/-Utah-flags-8-000-taxreturns-as-possibl… Daily Kos – “Utah taxpayers who filed state-income tax returns electronically prior to 2014 through … Intuit also makes Quickbooks which would have a LOT of highly useful … If this a part of the same group that has hacked other big name …
  • TurboTax Temporarily Suspends E-Filings on Fraud Concerns

    www.wsj.com/…/turbotax-suspends-e-filings-on-fra…The Wall Street Journal – 2 days ago – Online Tax-Software Company Temporarily Halts Electronic Filing of State Returns … Intuit hasn’t said how many 2014 state tax returns have already been filed… At Anthem, hackers broke into a database containing personal …
  • Fake Tax Returns In 19 States Linked To Apparent …

    crooksandliars.com/…/fraudulent-taxreturnsfiled-utah-… Crooks and Liars – Electronic filing has opened a whole new enterprise for hackers and … and TurboTax are both Intuit products that link to one another for tax …
Read more

Myth: Checking your credit score will harm you!

Posted on January 2, 2015 in Uncategorized - 0 comments - 0

A bit of advice I give in the Sony Breach survival (zombie!!) guide; on this site, and in the new book for Everyone is to Check and know your credit score. This is not just for the number, which is nice to track and manage, but to know what accounts are associated with your name and where inquiries occurred.

You will not be harmed if YOU check your score and pull a credit report, but if you constantly have retailers/businesses pull your credit you will be harmed in the end.  A nice article in December highlighted described it in this manner:

Myth No. 4: You’re penalized when you check your credit score. This mistake is easy to make because many people don’t understand the difference between a hard inquiry about your credit report and a soft inquiry.

When you check your credit score and credit report with one of the three major credit bureaus, that’s a soft inquiry and doesn’t affect your score. However, whenever an outside party checks your credit score — typically when you apply for a new line of credit — that’s a hard inquiry. In this case, you do receive a small nick to your credit score because you have the temporary appearance of not being able to meet your financial obligations.

Visit Huffington Post here to see the full article and all the myths about credit scores and best practices for having a high credit score.

Stay vigilant,

James

@hntbh

Read more

FREE 3 chapters online now! Sony data breach survival guide

Posted on December 29, 2014 in Uncategorized - 0 comments - 0

I think it is so important to get this content out that I wanted to share the first 3 chapters of the survival guide. The full Kindle version is available here! A few folks that have suffered breaches will find one or two very familiar, but the third I think will be pretty insightful for those part of this complete gutting of data. Please use the table to see what areas apply to you, and share any thoughts with me.

How not to be hacked: Sony data breach survival guide

Read more
1 / 2