3 Lessons Learned from the LifeLock Bug

3 Lessons Learned from the LifeLock Bug A lot of people (4.5 million) depend on LifeLock, a subsidiary of security giant Symantec, to help them protect their online identity. Ironically, the company recently admitted that a vulnerability on the LifeLock website (LifeLock Bug) had potentially exposed millions of customer email addresses to hackers. This all sounds familiar. Remember the Equifax security breach fiasco? Or, more recently, a website breach at Panera Bread? In each case, unauthorized persons were able to access millions of customer records through the company website. These incidents and dozens more serve as cautionary tales for organizations and…

READ MORE

New Smart Devices Still Vulnerable to Age-Old DNS Rebinding Attack

As technology becomes more advanced, so do cyber security attacks. It seems hackers are always coming up with new, sneakier ways to infiltrate networks and steal information. But some attacks have stood the test of time—and one of these is a trick called DNS rebinding. Hackers have been using this devious tactic since 2007—practically ancient history in tech-time—but it’s recently resurfaced. Earlier this year, a number of big-brand smart devices were listed as especially vulnerable to this type of attack—Google Home, Roku, and Chromecast among them. Unfortunately, millions of smart devices could still be at risk of a DNS rebinding…

READ MORE

Encrypt or Die: Why Google Chrome Listing Your HTTP Site as Unsecure Is a Disaster

If you’re still using an unencrypted HTTP site rather than an HTTPS, we’ve got some bad news. Google Chrome will now alert visitors via the URL bar that your site is “not secure.” In other words, if you don’t want to lose visitors, you might want to think about encrypting. Here’s what you need to know. HTTP vs. HTTPS: what’s the big deal? HTTP and HTTPS are essentially the same, with one important difference: HTTPS is encrypted. The “S” stands for “secure.” HTTPS sites encrypt all the communication between a visitor and a site, which means the visitor’s information and…

READ MORE

Technology Partners Enable GDPR Compliance

The European Parliament adopted the General Data Protection Regulation (GDPR) in April 2016. GDPR provisions require businesses to protect the personal data and privacy of EU citizens. The regulation applies to every company that processes personal data of EU residents, regardless of where the company is located, hence many U.S. companies must achieve GDPR compliance. Beginning in May 2018, the EU gave regulatory agencies greater powers to act against non-compliant organizations. Penalties include stiff fines of up to four percent of annual global revenue or 20 million euros, whichever is greater. Implementing a plan for GDPR compliance can prove to…

READ MORE

How to Stop Google from Tracking You—Even If Your Location History Is Off

On the surface, it seems like turning off your location history should stop Google from tracking your location. Unfortunately, it’s not that simple. As a recent AP study uncovered, Google keeps tracking you any time you open Google Maps, receive a weather update, or even do a browser search. So if you’re an Android or iOS user, you can expect that Google is tracking your location almost constantly—unless you can figure out how to turn off location tracking completely. The good news is, it is possible—but only by finding the Web & App Activity setting in your Google account. This…

READ MORE

eMazzanti Technologies Advances Almi Dumi to Lead Dedicated Cyber Security Team

New eMazzanti CISO heads focused cyber security practice to thwart cyber-criminals and meet increased demand for cyber security services Hoboken, NJ ­- (Cision) August 2, 2018 – eMazzanti Technologies, a New York City area IT consultant and managed services provider, today announced the creation of a dedicated IT security practice. In an internal reorganization, the company has assembled a highly skilled cyber security team of experienced professionals. The firm also promoted Almi Dumi to the position of Chief Information Security Officer (CISO) to lead the cyber security practice and direct the team. According to sources within the company, the creation…

READ MORE

Encrypt or Die: Why Google Chrome Listing Your HTTP Site as Insecure Is a Disaster

If you’re still using an unencrypted HTTP site rather than an HTTPS, we’ve got some bad news. Google Chrome will now alert visitors via the URL bar that your site is “not secure.” In other words, if you don’t want to lose visitors, you might want to think about encrypting. Here’s what you need to know. HTTP vs. HTTPS: what’s the big deal? HTTP and HTTPS are essentially the same, with one important difference: HTTPS is encrypted. The “S” stands for “secure.” HTTPS sites encrypt all the communication between a visitor and a site, which means the visitor’s information and…

READ MORE

3 Ways to Protect Your Wallet from Cryptojacking

In his 1811 Dictionary in the Vulgar Tongue, Francis Grose defines pickpocketing as, “The newest and most dexterous way [to steal], which is, to thrust the fingers straight, stiff, open, and very quick, into the pocket, and so closing them, hook what can be held between them.” Since many of Grose’s readers were new to city life, the idea that thieves could be so crafty was surprising. Today, we’re well aware of that fact, prompting thieves to find new ways to catch us off guard—and take off with our hard-earned cash. To help you protect yourself, here’s the scoop on…

READ MORE

Zacinlo: The Cyber Menace Slipping Through Windows

If social media has taught us anything, it’s that the best pictures are candid (or at least, give the impression of being candid; see “plandid”). While candid beauty shots are great for Instagram, candid screenshots of your desktop taken by hackers are definitely no fun. Unfortunately, this could have been happening to you for years—without your knowledge or consent. This is the frightening reality of Windows users who have fallen victim to Zacinlo, a malware so sophisticated it has evaded cyber security experts since 2012. Here’s what we know so far about this sneaky cyber threat—and how you can protect…

READ MORE

What the Microsoft Edge Vulnerability Can Teach Us About Cyber Security

End users continue to reap the benefits of stiff competition in Silicon Valley. A vulnerability in the Microsoft Edge web browser was recently uncovered by none other than Google employee, Jake Archibald. As he recounts in a June 20th blog post, Archibald uncovered a bug in Microsoft Edge that allows malicious websites to retrieve data from other websites. So what does this mean for Edge users? Peering over the Edge “It means you could visit my [proof-of-concept] site in Edge, and I could read your emails, I could read your Facebook feed, all without you knowing,” Archibald explains. Archibald attributes…

READ MORE