Public

now browsing by tag

 
 

#school | #ransomware | Las Cruces Public Schools computers still offline a week after hacking attack

Source: National Cyber Security – Produced By Gregory Evans Education LAS CRUCES, New Mexico — The computer network for the Las Cruces Public Schools remained offline a week after a ransomware attack by hackers forced the shutdown of the entire system. After originally trying to get existing servers for dozens of schools back online late […] View full post on AmIHackerProof.com

#cyberfraud | #cybercriminals | Alpharetta Warning Public About Online Dating Scams, Threats

Source: National Cyber Security – Produced By Gregory Evans

ALPHARETTA, GA — The City of Alpharetta is warning the public to be cautious when using online dating websites after a citizen was recently blackmailed.

The Alpharetta Department of Public Safety recently took a report from a citizen who was using a dating app and made a decision to send intimate pictures to the person they connected with, the city said.

“The victim has now paid thousands of dollars to the person to keep those pictures off social media channels,” the city said. “The perpetrator, in this case, has not gone away and continues to threaten and demand more money from the victim.”

Cyber dating and the apps that make it possible attracts millions of people. Many in search of companionship, many seeking long-term relationships, and many seeking to steal identities or worse, the city said. The world of online dating is fraught with top-of-mind risks (Is that photo really the person I’m talking to? Could this person be a predator?), but there is also a growing list of concerns related to data privacy.

“The fact is, dating sites and apps have a history of being hacked,” Alpharetta said. “For example, in 2018 BeautifulPeople.com was hacked and the responsible cyber criminals sold the data of 1.1 million users, including personal habits, weight, height, eye color, job, education and more, online. In early 2019 detailed user records of more than 42 million dating app users were found on a Chinese database that was not even protected by a password. The user records found on the data base contained everything from IP addresses and geo-locations to ages and usernames, giving potential hackers plenty of information to take advantage of.”

But, there are also many stories of people who found each other via online dating apps and are in very happy relationships today, Alpharetta wrote. So, the city said it does not want to scare any adult away from using them. The city said it wants everyone to be safe with their online dating activities.

With that in mind, here are a few tips that the city encourages all online daters to use:

Account Security

As with all of your Internet accounts, use a strong, unique password and two-factor authentication, if it’s available.

Beware of anyone sending you links, and especially links using shortened URLs. Hackers will try to lure you away from the dating app to sites that can more easily harvest your data. This is one of the most common Tinder scams. Rest your cursor over any link before you click it to see the address.

Only ever access your dating app on a secure WiFi network. An even better option is to protect the Internet connection of your dating app with a trustworthy VPN. This will add an extra layer of security to the app’s encryption.

Privacy And Social Engineering

Never share your full name, address, or place of work in your profile. Tinder, Bumble and Happn all allow users to add information about their job and education. With just this information and a first name, Kaspersky researchers were able to match a dating app profile to a LinkedIn or Facebook account 60 percent of the time.

Do not link your account on a dating app to your Facebook account. This makes it easier for hackers to connect your social media profile to your online dating one. It also would expose your data if Facebook were to suffer a data breach.

Using the same logic, do not link your Instagram, Twitter, or WhatsApp accounts to your dating app or share them in your profile.

For accounts or relationships based on your email, don’t use your everyday email address. Instead, get a separate, anonymous email just for that specific app or relationship.

Always disable any location-sharing features in your accounts on dating apps.

If you are uncomfortable sharing your cell phone number with someone you just met online, there are services that allow you to create a separate phone number. These services give you temporary phone numbers that last a couple of weeks for free or for a small fee. Since they are temporary, it is hard to use such a phone number on your dating app account, but it could give you some time to meet your matches in real life before you trust them with your phone number.

If an account looks suspicious, try doing a reverse image search of the profile pictures. If your search finds the photo is from a modeling agency or a foreign celebrity, you are likely looking at a fake account.

Eventually, you will have to share information about yourself. You are trying to convince someone that you are interesting enough to meet. Try to talk more about your interests, ambitions, and preferences and avoid specific information that could identify you. More “I love pizza” than “My favorite pizza restaurant is on the corner of Main St. and 2nd Ave.” Never be afraid to say “no” if someone asks you for personal information that you’re not yet comfortable sharing.

Avoid sending digital photos to users you do not trust. Digital photos can contain metadata about when and where the photo was taken along with other information that could be used to identify you. If you must share a photo, be sure to remove its metadata first. Also, always keep in mind that any explicit pictures you send could be used for blackmail.

If you are chatting with someone and they are responding incredibly fast or if their responses seem stilted and full of non-sequitur questions, you should proceed carefully. While it is possible you have enchanted someone so thoroughly that they are struggling to respond coherently, it is more likely you are chatting with a bot. Online bots are getting harder and harder to detect, but one test you can try is to work gibberish into a phrase, like “I love a;lkjasdllkjf,” and see if the bot repeats the non-word or transitions into a non-sequitur question. (If it’s a human, you can always cover by saying your phone slipped.)

This may seem obvious, but if someone asks you over a dating app to send them money, your answer should always be “No.”

Do not immediately friend your matches on Facebook. Once someone has access to your Facebook account, they can see your friend and family network along with your past activity and location. Wait until you have been dating for a month or two before friending them.

Physical Safety

Have a mutual understanding of boundaries. No matter what kind of date you have planned, it is always safer to know exactly what you’ll be doing. By discussing a plan beforehand, you can both go into the situation knowing what you are and aren’t comfortable with.

Meet in a public place first. No matter what kind of date you’re going on, it is always safer to meet in an open and public place first. Avoid meetings that take place in remote areas, vehicles or anywhere that makes you feel uncomfortable.

Always let someone know where you are. Before meeting up with someone, let a friend or family member know where you’ll be. Some apps let you share your location with others so that someone can keep an eye on you during your date.

Source link

The post #cyberfraud | #cybercriminals | Alpharetta Warning Public About Online Dating Scams, Threats appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | Cyber security incident: Public message from Tū Ora Compass Health

Source: National Cyber Security – Produced By Gregory Evans

As a Primary Health Organisation, one of our roles is to collect and analyse data that comes from your medical centre. We do this to improve the care people receive. It helps to ensure people get proactive screening for diseases like cancer and get treatment for conditions like diabetes. This saves lives and helps keep people well.

On 5 August, our website was attacked as part of a global cyber incident. As soon as we became aware, our server was taken offline, we strengthened our I.T. security and started an in-depth investigation. The investigation has found previous cyber attacks dating from 2016 to early March 2019. We don’t know the motive behind the attacks. We have laid a formal complaint with Police and they are investigating.

We cannot say for certain whether or not the cyber attacks resulted in any patient information being accessed. Experts say it is likely we will never know. However, we have to assume the worst and that is why we are informing people.

Tū Ora holds data on individuals dating back to 2002, from the greater Wellington, Wairarapa and Manawatu regions. Anyone who was enrolled with a medical centre in that period could potentially be affected.

Tū Ora does not hold your GP notes, these are held by individual medical centres. This means the notes made on consultations you have had with your GP are not at risk of being illegally accessed through this cyber attack. We do not hold the data contained in your patient portal if you have one.

As stewards of people’s information, data security is of utmost importance to Tū Ora. While this was an illegal attack by cyber criminals, it was our responsibility to keep your data safe and I am very sorry we have failed to do that.

We are now focused on doing everything we can to support people and making sure it can’t happen again. We have set up a number (0800 499 500 or +64 6 9276930 if dialling from overseas) for people to call to obtain more information.

While we have no evidence that patient data was accessed, we encourage you to be vigilant to unusual online requests.

Cert NZ has more information about staying safe online on their website at www.cert.govt.nz . Please read our FAQs below for more information.

Again, I want to apologise for this situation and the distress it will cause.

Ngā mihi,

Martin Hefford

Chief Executive

Tū Ora Compass Health

Source link
____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

The post #cybersecurity | Cyber security incident: Public message from Tū Ora Compass Health appeared first on National Cyber Security.

View full post on National Cyber Security

New York offers free #cyber #security #tools to #public to deter #hackers

New York City will offer free cyber security tools to the public as part of a new effort to improve online safety, officials said on Thursday, a week after Atlanta was hit with a ransomware attack that knocked some municipal systems offline.

The program, dubbed NYC Secure, will launch a free smartphone protection app to warn users when suspicious activity is detected on their devices, New York Mayor Bill de Blasio announced at a news conference.

“New Yorkers aren’t safe online. We can’t wait around for other levels of government to do something about it or the private sector,” New York Mayor Bill de Blasio said.

The program will cost the city about $5 million per year, he said.

“It’s our job in government to make sure that people are safe online. It’s a new reality,” de Blasio said.

City agencies will also beef up security protection on public Wi-Fi networks by the end of the year to protect residents, workers and visitors.

Those networks will be secured with a tool, dubbed Quad9, that is available to anybody in New York City and beyond at quad9.net Quad9 routes a user’s web traffic through servers that identify and block malicious sites and email.

NYC Secure was unveiled as Atlanta officials worked alongside federal law enforcement and technicians from private security firms to investigate the cause of the attack that encrypted data on computers.

Atlanta City Council President Felicia Moore said she was waiting to hear more about how the hackers breached city networks, the scope of the attack and when city services would be fully operational.

“Everybody in the public wants to know. I want to know, too,” Moore said at a news conference. “But I do think that we need to give them an opportunity to get the information.”

Atlanta on Thursday reactivated a website that allows residents to make requests for trash pickup, report traffic signal outages and ask for other public works-related services.

Municipal court services remained offline on Thursday and City Hall employees told Reuters their work computers were still unusable a week after the hack was detected.

advertisement:

The post New York offers free #cyber #security #tools to #public to deter #hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Public #sector executive #pay should be #linked to #cybersecurity

Source: National Cyber Security News

Cybersecurity is constantly in the headlines for all the wrong reasons.

Earlier this month, we heard that all 200 UK NHS Trusts that have been assessed so far failed to meet the standards of the government-backed Cyber Essentials Plus scheme. Some of them even failed on patching, which was the vulnerability that led to the WannaCry ransomware attack. They clearly haven’t learned the lessons from an event which caused massive disruption across the health service, with operations postponed and appointments cancelled.

You would think that, if public sector organisations can’t even manage basic security hygiene such as patching, there would be consequences for those running them. However, while the forthcoming GDPR is bringing in new requirements for the protection of personal data, the large fines (€20m or 4% of global revenue) for a privacy breach will apply to the organisations concerned and will not affect their leaders.

After the TalkTalk cyberattack, its then chief executive Dido Harding may have had her cash bonus halved, from £432,000 to £220,000, but she was still paid a total of £2.81M in 2015, despite the personal and financial details of tens of thousands of customers disappearing into the ether.

Read More….

advertisement:

View full post on National Cyber Security Ventures

International Conference on Practice and Theory of Public Key Cryptography

Source: National Cyber Security News

Cryptography/ Crypto Event

 March 25 – 28, 2018 | Rio De Janeiro, Brazil

Cybersecurity Conference Description [Submitted by Organizer/ Or Written By Us]

PKC 2018 is the 21st edition of the International Conference on Practice and Theory of Public Key Cryptography, the main annual conference with an explicit focus on public-key cryptography, sponsored by IACR, the International Association for Cryptologic Research. Original research papers on all aspects of public-key cryptography, covering theory, implementations and applications, are solicited for submission to PKC 2018. Accepted papers will be published by Springer in their Lecture Notes in Computer Science series.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Stolen #identities and a #lack of #verification render #public comment #procedures #meaningless

Source: National Cyber Security News

Before implementing policy and regulatory changes, federal agencies are legally required to permit the public to comment directly to the agency. At the end of the comment period, it is customary for the agency review the comments received and, occasionally, include comments received concerning the policy change or regulation.

Prior to the Federal Communication Commission’s decision to repeal the 2015 net neutrality rules, the FCC received over 22 million comments. If that sounds like a lot, it is. So many, in fact, that it prompted a closer look by the agency. As a result of its investigation, it determined that millions of these comments were fake. According to multiple researchers, more than one million of the 22 million cumulative comments were bots that used natural language generation to artificially amplify the call to repeal net neutrality protections. On June 19, 2017, nearly 500,000 comments were submitted in a mere second and nearly all of them were identical. In fact, about 7,000 comments were submitted under the name, “The Internet” and over 400,000 of them came from Russian email addresses.

The FCC is not alone, as other agencies have received fake comments from living as well as dead Americans including the SEC, the Consumer Financial Protection Bureau, the Federal Energy Regulatory Commission and the Department of Labor (DOL).

Read More….

advertisement:

View full post on National Cyber Security Ventures

Restaurant-goer has #Bitcoins #stolen over #unsecured public #wireless #network

Source: National Cyber Security – Produced By Gregory Evans

AFTER logging on to the public Wi-Fi at a restaurant, a man unwittingly had $155,000 stolen from his digital wallet. This is the real problem with Bitcoin.

AN UNSUSPECTING diner has had $155,000 worth of the digital currency Bitcoin stolen from him while logged on to a restaurant’s unsecured public Wi-Fi network.

The incident reportedly took place in an Austrian restaurant this week with the cyber thieves moving the digital currency to an “unknown, non-traceable account,” police said in a statement.

The 36-year-old victim reportedly logged on to the unsecured network to check the value of his Bitcoin holdings. He later realised that $100,000 euros worth had been stolen.

It remains unclear whether the victim’s account was already hacked before he logged on to the unsecured network, police said.

The incident, while small in nature, highlights the issue of hackers targeting personal Bitcoin accounts as the digital currency has exploded in value in recent years.

While Bitcoin is arguably becoming mainstream, it has had to endure a string of controversies along the way.

In January 2014, a Japanese-based Bitcoin exchange known as Mt Gox was hacked. It was once the largest bitcoin intermediary and the world’s leading bitcoin exchange before thieves made off with 850,000 BTC. At today’s value, that’s worth a staggering $A 9,147,700,000.

In June this year, South Korea’s largest Ethereum (another popular cryptocurrency) and Bitcoin exchange was breached by hackers who stole customers’ data and targeted their accounts in an effort to drain their digital wallets. According to local media reports, one person claimed to have lost 1.2 billion won, or about $A1.4 million.

And this week, a cryptocurrency start-up specialising in Initial Coin Offerings (ICOs) called Confido raised about $500,000 before the company’s website and founders vanished, along with the cash.

These are just a few examples of the potential dangers posed by operating in the still emerging crypto market. That being said, the threat of hackers certainly isn’t a problem confined to cryptocurrencies as hackers have also targeted central banks, recently fleecing more than $US100 million from the Bangladesh central bank’s account at the US Federal Reserve.

But if you’re going to check how much your Bitcoin wallet is worth, maybe be careful about where you log on.

The post Restaurant-goer has #Bitcoins #stolen over #unsecured public #wireless #network appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Arrests in Spokane Public Schools are down, but racial disparities persist

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Spokane Public Schools has reduced the number of student arrests by 85 percent, with 99 students arrested in the 2016-17 school year compared to 806 students the year before, according to district data. But one thing…

The post Arrests in Spokane Public Schools are down, but racial disparities persist appeared first on Become007.com.

View full post on Become007.com

Public bodies are vulnerable to hacking – government needs to step up to protect them

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans Barely a month passes in 2017 without some kind of IT failure hitting the headlines, but the hacks, leaks and breaches that make the news may represent just the tip of the iceberg. An investigation by the i newspaper has revealed that public bodies such as […] View full post on AmIHackerProof.com | Can You Be Hacked?