Posts Tagged ‘security’

Secure your Wireless Router

Tuesday, March 24th, 2015

When I started to read this article, my first thought was, “This is way too basic, most people already know this stuff.” But then I thought again and remembered all of the unsecured wireless routers I’ve run across in the past.

There is no such thing as perfect security. Given enough knowledge, resources, and time any system can be compromised. The best you can do is to make it as difficult for an attacker as possible. That said there are steps you can take to harden your network against the vast majority of attacks. The default configurations for what I call consumer-grade routers offer fairly basic security. To be honest, it doesn’t take much to compromise them. When I install a new router (or reset an existing), I rarely use the ‘setup wizards’. I go through and configure everything exactly how I want it. Unless there is a good reason, I usually don’t leave it as default.

(more…)

Public Key Pinning in Firefox 32 to Protect Against MITM Attacks

Wednesday, September 3rd, 2014

Both Firefox and Chrome seem to be taking very similar paths when it comes to protecting users against Man-in-the-Middle attacks …

Public Key Pinning (PKP) is an extension to the HTTP protocol that is in draft status currently over at the Internet Engineering Task Force (IETF). It allows web services to reduce the number of authorities that can authenticate the domain by instructing clients to only use a specific subset of authorities instead of accepting any root certificate that ships with the browser.

(more…)

Malwarebytes Anti-Exploit Free, Premium and Business Stable Released

Tuesday, June 17th, 2014

Most of us are already familiar with Malwarebytes’ anti-malware capabilities … and now they’ve released a stable version of their anti-exploit solution too.

Malwarebytes Anti-Exploit Beta has been available to anyone interested in the product for some time now. I have reviewed the security program back in 2013 when it was made available publicly for the first time and came to the conclusion that it could become a great addition to the security tools that you are running on your Windows PC. In fact, I’m running it along with EMET and have not noticed any issues doing so. Malwarebytes on the other hand advises users against this as it can create conflicts.

(more…)

Microsoft Extends Windows 8.1 Update Deadline to June 10th

Friday, May 23rd, 2014

Windows 8.1 users should take heed, and download the update (if they haven’t done so already)

When Microsoft released the first feature update for Windows 8.1, which it called Windows 8.1 Update, it announced that it would stop releasing updates for Windows 8.1 without that update shortly after release. This meant that Windows 8.1 users had to install the feature update on their system to receive future updates after that point in time. This makes it a mandatory update for all users of Windows 8.1 — but not Windows 8 — as it leaves the system vulnerable to security issues if not updated.

(more…)

Windows XP End-of-Support is not the End of the World

Wednesday, April 9th, 2014

Today is also the day when about one third of the world’s PC users will start shopping for an new operating system.

Today is the last day of extended support for Microsoft’s popular operating system Windows XP. What this means is that Microsoft won’t publish public security patches for the operating system after that day. Governments and businesses can pay the company to extend support further, but if your home PC is running XP, you are on your own.

(more…)

How to Secure Your Yahoo Mail Account Properly

Friday, January 31st, 2014

If you’ve got a Yahoo Mail account, you might want to take a look at this article. Apparently, Yahoo Mail has become a popular target for organized hackers …

Yahoo released a statement yesterday in which it notified users of its mail service Yahoo Mail that it noticed a coordinated “effort to gain unauthorized access to Yahoo Mail accounts”. According to Yahoo’s preliminary analysis, it does not appear as if the data was dumped from Yahoo servers directly. The company assumes that the data has been collected from third-party databases instead.

(more…)

How to Protect Your Windows XP System After April 2014

Tuesday, January 21st, 2014

Here are some useful tips for those of us who still have old Windows XP computers that we use from time to time …

You know by now — probably – that Microsoft will retire the Windows XP operating system for good come April 2014. It is also likely that you won’t notice lots of changes after that day, at least not initially. While new security patches won’t be released for Windows XP, everything else will work just like it did before. The core issue here is that new vulnerabilities that are detected after end of support won’t get fixed anymore, leaving the system vulnerable to these kind of attacks.

(more…)

Windows XP Users Will Still Get Some Security-Related Updates After April 8, 2014

Thursday, January 16th, 2014

It’s always surprising to see how many folks still use Windows XP. The last I read, about 30% of PC users still rely on XP … about three times as many users as Windows 8 has attracted!

While still a rumor, it is likely that Microsoft will release Windows 9 in April 2015 or at least around that month. The core reason for that is to move away from Windows 8 as many associate failure with it. I would not go as far, but it appears as if Microsoft bet big on touch and mobile, a unified platform, and Windows RT, but largely ignored the company’s core user base on the desktop.

(more…)

Who’s On My Wifi Notifies You About Freeloaders

Tuesday, January 14th, 2014

This sounds like a helpful idea … but wouldn’t it be easier to just do a better job of locking down your router in the first place, and then use the tools provided with most routers to double check for freeloaders?

If your router supports wireless Internet and if WiFi is enabled, then it is theoretically possible that others connect to your network to use your Internet connection. While you can make sure that it is harder for them, for instance by enabling the highest security mode or selecting a secure passphrase that needs to be entered to establish the connection, it can still happen that someone else may find a way to connect to your wireless network.

(more…)

Microsoft’s Telepathwords Guesses Passwords as You Type

Wednesday, December 11th, 2013

I can’t decide: Is this a helpful tool for helping users to build better passwords, or could it also be misused by hackers as a tool to help guess passwords?

If you have been using the Internet for some time, you know that password security is a serious issue nowadays.

It is not a single issue though, as multiple come into play here. Many users prefer easy to remember passwords, as it makes it easier for them to sign in to websites and services. To make matters worse, it is fairly common that the same password is used across all services and websites, as it is more convenient than having to remember multiple passwords.

(more…)