Five Internet of Things Security Tips You Need to Know

Internet of things, IOT, IoT Attacks, Ophtek, Security, , ,
20
Apr 2021

The Internet of Things (IoT) has redefined our concept of connectivity and what IT can achieve. But with these advances comes the need for unique security.

Thanks to the IoT it is now possible for organizations to simplify their connectivity solutions. Traditionally, multiple devices in a business meant one thing: cables, cables and more cables. But the beauty of the IoT is that it is completely cable free. As long as there is an internet connection, you can connect a multitude of devices that communicate in real-time.. However, we all know the potential dangers of transmitting data over the internet. So, what do you do?

Protecting Yourself and the IoT

As the IoT is a relatively new phenomenon, it is important that you know the best ways in which to protect your connections and data. And here are five of the best IoT security tips you need to know:

  • Know What’s Connected: It is crucial that you list everything that is authorized to connect to your IoT network. This allows you to monitor each device for any unauthorized activity and any potential maintenance issues. Once you have established your list of authorized devices, it is recommended that you detail the areas of your network they have access to. It may be that you need to restrict access to non-essential areas of your network to minimize the impact of any breaches.
  • Change Default Passwords: The IoT has received negative press thanks to the number of default passwords that come built into IoT devices. This scenario allows hackers quick and easy access into your devices and networks. Therefore, any new IoT device which is installed within your organization needs to have any default passwords changed immediately. With unique passwords protecting your IoT devices, you can rest assured your network is much safer.
  • Check Device Settings: It is important that you always check each IoT’s device settings before letting them go live on your network. In particular, you need to focus on the privacy settings. Many devices will be set up to automatically record data that you may not want logging e.g. voice recordings.  Accordingly, it pays to evaluate each device to establish what it can and can’t have access to.
  • Two-Factor Authentication: Where possible, always take advantage of two-factor authentication. Many IoT devices are adopting this security measure in order to make their hardware more attractive to consumers. And security sells in the 21st century. Two-factor authentication is, essentially, an extra line of defense. It is an additional login procedure which requires unique credentials sent to a secure device such as a cellphone.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Windows Defender Needs Defending

Cyber Security, Data Security, Defender, Ophtek, PC Security, Security, Windows Defender, , ,
26
Jan 2021

You would like to think that your security software keeps you secure and, on the whole, it will. But there is the chance it could be turned against you.

One of the most trusted anti-malware tools is Microsoft’s Windows Defender app. Originally launched in 2005 – as Microsoft AntiSpyware – Windows Defender is a free tool which offers real-time protection against infected files and websites. It’s a highly effective piece of software and one that all Windows users should ensure is running. But, in an ironic twist, Windows Defender has fallen victim to a vulnerability. And, as you would expect, hackers have been keen to capitalize on it.

The Windows Defender Vulnerability

The basic process of Windows Defender is that it scans files and activity on a PC for any malicious potential. If these files are considered suspicious then they will be quarantined by Windows Defender; the user then has the option to either restore or delete the file. However, a problem has been discovered in Windows Defender in the form of CVE-2021-1647. This code, allocated by Microsoft, indicates that it’s a vulnerability in Windows Defender which allows remote access to the app.

By allowing remote access to Windows Defender, this vulnerability grants hackers the chance to turn the app against its user. Instead of scanning malicious files and quarantining them, remote users will program Windows Defender to execute these files. Therefore, a hacker could send infected files to a user safe in the knowledge that Windows Defender will do the hard work for them. It’s a serious threat and one which could cause major problems for your network in a matter of seconds. The exploit has been recorded as active in the digital wild, so this demonstrates that hackers have been aware of it for some time.

Defending Windows Defender

It may sound a tall order to defend a piece of software there to defend you, but this is the world we live in. Thankfully, putting safety measures in place is relatively simple. The vulnerability in question has been fixed thanks to a patch swiftly released by Microsoft. This will be installed automatically and requires no work on the user’s part. Naturally, this does not mean that Windows Defender is 100% secure, the threat of further exploits being discovered remains a possibility. But, by ensuring that automatic updates are in place, your system will be safer than before.

Final Thoughts

Vulnerabilities in PCs are all too common and even Microsoft are not immune from these flaws in their products. The Windows Defender vulnerability – and others such as Zerologon – underline the importance of installing updates. The simplest way to secure your PC is by making sure it has the best chance to defend itself. Accordingly, updates need to be installed as soon as possible. When it comes to Microsoft updates, these can be set to install automatically. This gives you the best chance of staying ahead of exploits and any hackers using them.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Online COVID-19 Scams to Be Aware of

Covid Scams, Hacking, malware, Ophtek, Security, Security Threats, , , ,
19
Jan 2021

 

COVID-19 has changed the way we live our lives and, not surprisingly, hackers are trying to take advantage of the fear factor behind the virus.

No aspect of life is off-limits to a hacker; if they can turn a situation to their advantage then they will. And this means that all sense of morals and ethics go out of the window. COVID-19, of course, has caused great fear and panic since it emerged, so it’s a subject people take very seriously. And it’s this investment in fear that hackers are looking to exploit. As with most online scams, if it sounds too good to be true then it usually is. But some people are willing to take a risk when COVID-19 is mentioned.

COVID-19 Scams to Look Out For

You should be aware of the usual online threats to look out for, but here are the specific COVID-19 scams you should be aware of at the moment:

  • COVID-19 Vaccine on the Dark Web: Now that vaccines have been approved in the fight against COVID-19, hackers have decided to exploit this demand. And that’s why it’s now possible to find listings for the vaccine on the dark web. Naturally, you should never buy medicine online unless this has been approved by your healthcare professional and the site is genuine. Very little on the Dark Web – an encrypted form of the internet – is genuine, so any marketplace listings that promise a COVID-19 vaccine should be dismissed. 
  • Fake COVID-19 Mapper: Everyone has been intrigued as to the behavior of COVID-19 and its spread, so the opportunity to monitor its spread is appealing. However, hackers have used this curiosity to help spread their malware. Researchers have discovered a PHP malware dropper which disguises itself as a piece of COVID-19 mapping software. Using a compromised website, hackers encourage visitors to download and install the mapping software. But all that is installed is software which downloads further malware. 

How to Combat COVID-19 Scams

The urge to click on sensational news and promises regarding COVID-19 is strong, but it’s crucial that you think long and hard before clicking. There are numerous COVID-19 scams in the digital wild and they are only going to get more sophisticated. As with all online scams and malware, make sure you practice the following:

  • Install all Updates: Malware often takes advantage of outdated software, so make sure that all your software is up to date. All you need to do is install all updates and upgrades as soon as they become available – your PC should automatically prompt you to install these when available.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Beware of Online Tax Scams

Hacking, Ophtek, Phishing, Phishing Email, Security, Security Threats, Tax Scams, , , ,
05
Jan 2021

Many of us will have started preparing our tax returns and hackers are well aware of this. Therefore, it pays to be aware of the numerous online tax scams.

Nobody likes completing tax returns due to the vast amount of data involved. However, they’re essential for organizations to remain operating. And that’s why we spend hours and hours collecting receipts and details for transactions; this is where all the data builds up. Hackers, of course, like nothing more than getting their hands on huge amounts of data. This data can be used for both financial gain and damaging an organization. Accordingly, tax season is their hunting season.

Tax Scams to Look Out For

Countless tax scams are currently circulating in the digital wild, but these are the most common ones you will encounter:

  • Automatic Tax Payment Deduction: A number of emails have been discovered which claim to originate from the Income Tax Department. These emails falsely claim, in order to generate anxiety, that a tax payment has automatically been deducted from their bank account. An attachment is included which masquerades as a receipt for this transaction. Hackers hope that the recipient’s anxiety and confusion will cause them to open this receipt. Unfortunately, contained within this ‘receipt’ is a slice of malware named W32.Golroted. 
  • Fake Government Websites: A popular method for scamming victims out of money is by designing Government websites which look authentic, but are fake. Using information which has usually been stolen through malicious files or social engineering, these fake websites inform victims that they have received a tax fine. The only way to pay this fine is by wiring payment or purchasing general purchase reloadable cards. However, there is no fine to pay and all the victim will be doing is bankrolling the hackers. 
  • IRS Tax Return is Locked: The last few years have seen the emergence of a phishing email which claims that access to the recipient’s tax return has been restricted. The email is designed to look as though it has been sent by the IRS or, sometimes, the manufactures of the popular TurboTax software. The truth is that the email is fake and has been sent by hackers. The email will urge recipients to click on a link which will take them to a malicious website where their personal information will be stolen.

Staying Safe During the Tax Season

Despite the number of online tax scams it’s easy to stay safe during the tax season. All you have to do is follow these best practices:

  • Remember that the IRS will never contact you by email to discuss the nature of your tax return or your personal details.
  • Verify the true identity of any suspicious links by hovering your mouse cursor over the link. A popup will then display where the link will send you.
  • Never send personal documents to unsolicited email requests as it is likely that a hacker is trying to harvest your details
  • Emails that claim to be from official organizations, but do not use your name are to be treated as highly suspicious and should be deleted.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Five Signs That You’ve Been Hacked

Hacking, malware, Ophtek, Security, Security Threats, , , ,
29
Dec 2020

Having your organization’s network breached is a major cyber disaster, so identifying a breach quickly is crucial. But how do you know you’ve been hacked?

Protecting your organizations networks and data is essential, but with the huge number of hacks taking place it’s not easy. And if a breach occurs this can cause multiple problems for your business such as data theft, ransomware demands and damaged networks. When it comes to these attacks then there’s one factor which is essential: speed. The sooner you realize you have been hacked, the sooner you can set about cleansing your system. Hackers may be evolving their methods to become even stealthier, but there are still certain tell-tale signs that you’ve been hacked.

You may not be aware of these indicators, so we’re going to share five signs that you’ve been hacked.

What Are the Signs of Being Hacked?

The most obvious indicators of your PC being hacked are the following:

  1. Password Not Working: One of the simplest signs of falling victim to a hack is when your password isn’t working. Sure, there’s a chance that you’ve mistyped it or simply forgotten it, but alarm bells should start ringing if you’re convinced you’ve got it right. And, if you have activated two-factor authentication and this is also not working, it’s likely your login credentials have been breached. 
  1. Your Browser Keeps Redirecting: If you discover that your internet browser is behaving strangely then this is a sign you have been hacked. Your browser should, for example, open up with either your company home page or Google, but a hacked browser is likely to take you straight to a malicious website. Such a website will prompt you to download files in an attempt to infect your PC with malware. If this happens then you need to close the browser as soon as possible and advise an IT professional. 
  1. Your Anti-malware is Disabled: It’s unlikely that you will ever need to disable your anti-malware software, so any indication of this being disabled could signal a hack. After all, hackers want to make their life as easy as possible. Therefore, if they take control of your PC, the simplest way to download malware undetected is to disable your defenses. Make a point of regularly checking the status of your anti-malware software to stay safe. 
  1. A Mouse Cursor With a Mind of Its Own: Your mouse cursor should, if you’re not moving the mouse, stay still. You may occasionally get a small amount of movement from hardware issues, but any significant movement indicates a hack. If your PCs defenses have been breached then hackers can easily take control of your PC. And this can be evident from unauthorized activity taking place on the screen. So, if you find that applications are being launched without your permission, power off your PC and immediately get it investigated. 
  1. Your PC is Slowing Down: A PC can slow down when it’s processing multiple tasks at once, but one which is slowing down for no particular reason is one to be suspicious of. It could be, for example, that your PC has fallen victim to a botnet and your PCs processing power is being harnessed for attacks elsewhere. If, after restarting your PC, it continues to lag then it’s critical that you take the necessary measures to isolate that PC before looking deeper.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 7 8 9 10 11 48