Tag Archives: Privacy

AVG

Physical safety is becoming digital security

Leave a comment

Imagine rows of people hunched over soldering irons, carefully crafting systems designed to hack wireless devices and networks. Welcome to Defcon 23, a mash-up of talks, small vendor displays and hands-on hacking challenges/competitions dedicated to all things security—and how to break through it.

While browsing through booths of physical hacking paraphernalia, I ran across lock-picking tools from Toool. Scattered across the table were lock-picking sets as well as heaps of sample locks, so you could refine your technique.

lockpick

Picking analog locks is a lot of fun, but I would have expected to see more digital hacking tools, for electronic door locks for example. At AVG we’ve been studying how physical security systems are evolving to become more digital and the security challenges that emerge from this evolution.

Your home door lock will become digital soon (here are some examples), and those skilled with wireless hacking will replace those with lock-picking expertise. Your digital lock will have more functionality than your old analog one. For example, it will probably have a camera, and allow you to let the plumber in even though you are at the office.  It is easy to imagine the incremental security concerns that this opens up. While it may take years for this to occur, but it’s not too speculative to imagine that houses with high-value contents will become digital faster than others and provide an attractive target for theft.

Digitizing old technologies, like the door-lock, is just another part of the IoT trend. Next year at Defcon we might see an analog+digital hacking kit, combining lock picks and hacker hardware to open your door. This is something we’re keeping a close eye on as we also develop tools that help monitor and manage your security.

AVG

Vote for Todd Simpson’s upcoming talk at SXSW

Leave a comment

 

Vote for my proposed session at the SXSW (South by Southwest) 2016 Interactive Festival.  If you care about privacy, here are sme important questions that I aim to answer:

  • How are physical tracking mechanisms and traditional online mechanisms converging?
  • What does that mean for your privacy?
  • Why is privacy an important fundamental human right that we should all be protecting?

 

Click here now to vote for Todd

 

If you vote for my session, I’ll also introduce a breakthrough technology that can help tell the world when you’re not willing to be tracked called ‘Do Not Snap’.

Thank you for voting for me, and I to hope to see you at SXSW 2016.

Avast

How to keep your Facebook business page secure

Leave a comment

Managing the security of your Facebook business page is important to maintain a good reputation.

Nowadays we can hardly imagine a successful business functioning without digital marketing. When we say digital marketing Facebook comes to mind immediately. The most popular social platform with more than one billion users all over the world is a massive communication platform not only for the individuals, but also for brands and their consumers.

Community managers update Facebook for their company

Everyone working with your company Facebook page should know how to keep it protected.

Freelancers, owners of small local businesses, and large corporations; all of them use Facebook to promote their products and talk with their customers. In this blog post we will show you how to keep your Facebook page safe from the bad guys.

Manage the managers

Even if you are a small business, managing all your social media efforts by yourself can be difficult. Don’t try to control everything, it’s impossible and you will end up with micromanagement overload with unnecessary work. Instead, control the roles of your co-workers and educate them!

Follow our tips to avoid basic security mistakes:

  1. 1. Make sure that you have always more than one admin. In case you are the admin and your Facebook account has been blocked, you can lose control over your page.
  2. 2. Control the level of rights. For example, your support person doesn’t need publishing rights and colleague from the Business Intelligence department will be perfectly fine with only Analytical rights. Check out what kind of levels are available and manage your managers accordingly!
  3. 3. Update section Page roles regularly. You might forget that you once gave page access  to a graphic designer to upload a new cover image, or that your community manager who has left the company six months ago still has access to your page. Make sure that your Facebook page managers are always up-to-date.
  4. 4. Educate your staff members about secured login into their personal accounts. At the end of the day they use their profile to access your Facebook page.
  5. 5. If you cooperate with an agency or freelancers, use third party applications to moderate Facebook conversations. In this way no one will have direct access to your Facebook page and you can better control what kind of content is being published on your behalf.

Manage the apps

As Facebook grows in popularity, competition among brands grows. Everyone wants to attract more fans and engage with more potential consumers. One of the ways is to offer different kinds of contests. You can also connect your social media profiles, such as Twitter, Instagram, Pinterest or others using a special app. All those apps require access to your Facebook page. Make sure you use only well known, secure applications. Regularly go to your page Settings – Apps and check which one should still have access to your page. Learn more about apps security directly on Facebook.

Content is a king

Producing and distributing good content is a key to success. You want to avoid the unpleasant surprise of discovering posts on your Facebook page that should not appear there. Consider using one of many publishing platforms that allows you to control and filter outgoing content. If you can’t afford a third party social media management tool, then regularly monitor your page. Pay attention to who is posting on your page behalf (Facebook shows the author of the post to the admins) and use pre-scheduling options. If you plan your communication ahead, not only you will save some time, but you can control it better.

Secure your mobile social apps

If, like millions of other Facebook users, you and your team access your page via mobile, you should consider installing an application that will block access to Facebook. This is handy in case your mobile is lost or for simply preventing your friends from joking around and posting something on your behalf, while you leave your smartphone unattended. Avast Mobile Security protects your Facebook for free with a security code.

Stay tuned for more social media security and privacy tips!

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

AVG

#ShredFest helping protect against Identity Theft

Leave a comment

It’s no secret that personal data and private information left lying about, either in physical or digital form, can be used by thieves to steal your identity.  The problem is that securely destroying old documents, especially if you have boxes and boxes of them, can be time-consuming and frustrating.

And if you don’t destroy your data securely the consequences of being a victim to identity theft can range from outright theft of money, to unexplained debts, leaving you feeling like somebody else has taken over your life.

But thanks to a growing movement called #ShredFest originally from New York, things might get a little easier. It’s a subsidised program designed to provide secure document destruction free-of-charge. You might already have something similar in your local area, sometimes run by local banks and communities once or twice a year – or perhaps this is your opportunity to make-it-happen!

The statistics on Identity theft are nothing short of shocking. In the United States the Federal Trade Commission reports that in 2014 it received 332,646 complaints making ID theft the number one reported crime for the 15th year in a row. 

Stolen identities used in the United States in 2014 were used mostly for Government and benefits related fraud (30%) followed by Credit Card fraud (26%), Phone/Utilities fraud (16%) and Bank fraud (10%).

With the ability for criminals to collude easily on a global scale, it’s not inconceivable that we will see ID theft attempts in the future combine information obtained from the litany of online data breaches (for example, Ashley Madison), along with tidbits obtained through “dumpster diving” right at your own back door.

Fortunately, with a few simple precautions and some dedication to properly destroying the remnants of your online correspondence, and other important paperwork (that you’re no longer required to keep by law), you should be able to reduce the risk of ID theft happening to you.

Destroying Physical Documents

Got boxes of documents that you should be securely destroying? Despite #ShredFest only being available in a small number of locations at the moment, a quick search online reveals many companies that provide shredding services for a small fee.

But weighed up against the risk of ID theft against you at any time, it may well be worth it at any cost; and think of how a quick trip to your local shredding depot with a car-load of documents is not only going to put your mind at ease – but all that storage space you’ll get back at home!

Another alternative is to purchase your own document shredder – something that I have owned for many years and highly recommend – however, those boxes of tax paperwork may still be inescapable, so an annual trip to #ShredFest is likely still needed.

If you do purchase your own shredder, however, consider one that has a “cross-cut” feature (that cuts the paper into smaller pieces) which is considered a little more secure, and also there are models that can shred old CD-ROMS and DVDs which can come in handy.

Shredding Computer Files

Did you know that selecting a file and pressing delete, or simply moving the file to the trash (even after you empty it) isn’t enough to securely remove it?  It’s important to understand how to securely delete digital files on all your devices – not just your PCs, but also Mobile devices.

We’ve covered in the past how easy it is to use features like AVG’s File Shredder which can overwrite your private and personal files multiple times to ensure they cannot be recovered again.

Also if you’re recycling your old PC’s or Mobile devices, including disposing of them permanently, ensure you have taken all reasonable steps to correctly erase the data on them – this sometimes isn’t as easy as a simple factory-reset, particularly with older Android mobile devices.

Lastly, if you have an online email account (such as Gmail, Yahoo or Outlook.com) you’re likely holding on to years worth of old email that could prove to be extremely valuable to an ID thief.  As I suggest in these tips about securing your online email account, make sure you purge all your old and unwanted email too.

Until next time, stay safe out there.

AVG

Thomson data breach exposes passenger details

Leave a comment

Thomson, a UK based holiday company, apologized to their customers this weekend about a small but rather significant data breach. This comes on the back of much larger breaches such Ashley Madison in the US within the last few weeks.

My attention was grabbed by the depth of what data was breached and also the method in which it was distributed, rather than the quantity of what was mistakenly disclosed. Just 458 people have been effected, all of them UK based.

In a statement, Thomson apologized and said “We are aware of an email that was sent in error, which shared a small number of customers’ information. The error was identified very quickly and the email was recalled, which was successful in a significant number of cases”.

The interesting element to this story is that regardless of the perimeter security that Thomson has in place to avert hackers and cybercriminals, a simple human error of attaching data to an email has caused concern for a number of customers.

The data included in the breach includes: name, home address, telephone number, flight dates, email address and the outstanding balance due. The data was shared with all the people on the list itself, so 458 people have the data.

There are technologies available that allow companies to limit the data that is sent out in emails or other communications. These are termed ‘data leakage prevention’ technologies and I am sure that the Thomson IT team will be evaluating a solution of this type.

In the BBC article that covered this breach the people effected are talking about cancelling holidays and are of course worried about being burgled.

What advice can be offered in this instance? An obvious one is to change the dates of your holiday and insist that Thomson cover the costs. In reality though many people have probably scheduled time off work, and its not easy to change plans. I think if this happened to me, the option I would take is to have someone house sit for me while I am away.

Follow me on Twitter @TonyatAVG