On Monday Google made it a bit easier for people who crave more security over their Google accounts to achieve that goal.
Google launched a tool called My Account that allows users a single location for things like privacy and security settings across all Google products. The tool allows users to see if Google can collect information on devices used to log into users accounts, track a user's location, or search and browsing activity.
For a more secure login a user can turn on two-step verification. Also on the Sign-and-Security page you can see which apps are connected to your Google account. A user can also have an analysis on their current security settings and there is an FAQ page that answers questions like what is done with the information that is collected.
These new settings feature were always available, but not in a one-stop-shop type of situation. This will allow the user an easier birds eye view of their security settings across all types of Google accounts to make sure they are achieving the security they seek.
Thursday, June 4, 2015
Thursday, May 28, 2015
Google looks at security questions with alarming results
It seems like every account you have out on the internet requires some type of personal security question to answer if you don't remember your password or just an extra level security if you need to access an account. These are questions like "What highschool did you attend?", "What is your mother's maiden name?", or "What is the first pet you owned?". These are all good questions, right?
Google recently looked at millions of security questions to see how secure they actually were and realized that we are kidding ourselves when we think our account access is safe at least on this front. Some are easy answers. Some are so hard that even then user that they came from can't remember what they are. In most cases the hacker has 10 tries to get the answer right before they are locked out and in some questions they had up to a 21 percent chance of guessing the right answer based off the questions specificity.
Bottom line is that we can't feel too safe having our line of security defense based on a simple security answer that if not taken seriously can be an easy way in to our precious accounts. One suggestion would be to have a verification SMS text message sent to you for an extra verification level. One day there will be a better way to do this, but until then be sure to update your security questions and definitely make sure you yourself know the answer!
Google recently looked at millions of security questions to see how secure they actually were and realized that we are kidding ourselves when we think our account access is safe at least on this front. Some are easy answers. Some are so hard that even then user that they came from can't remember what they are. In most cases the hacker has 10 tries to get the answer right before they are locked out and in some questions they had up to a 21 percent chance of guessing the right answer based off the questions specificity.
Bottom line is that we can't feel too safe having our line of security defense based on a simple security answer that if not taken seriously can be an easy way in to our precious accounts. One suggestion would be to have a verification SMS text message sent to you for an extra verification level. One day there will be a better way to do this, but until then be sure to update your security questions and definitely make sure you yourself know the answer!
Wednesday, May 20, 2015
Idaho 17 year old DDoS school district web access
Recently a teen from Idaho thought, for some reason, it would be a great idea to pay a third party to organize multiple DDoS attacks upon the local school district causing major web issues for the school.
Not only did the staff have problems getting into their websites, but many students who were taking important yearly test either had their test erased or their scores erased so they needed to take the test again which is just cruel and unusual punishment. The teen was eventually tracked down through some investigation that lead to his IP address being found leading back to him.
It's a crazy time we live in where some kid who can't even live on his own has the know-how and wear-with-all to pull off something like this. He did get caught, but it's pretty brazen of him to pull a thing like this off. Most kids these days don't even need someone else to do this, they can do it themselves most of the time because they have grown up with computers and have somehow picked up programming along the way. Kids just need to get out more and play like we used to when times were more simple and school test were on Scantrons, can't erase those with a DDoS attack!
Not only did the staff have problems getting into their websites, but many students who were taking important yearly test either had their test erased or their scores erased so they needed to take the test again which is just cruel and unusual punishment. The teen was eventually tracked down through some investigation that lead to his IP address being found leading back to him.
It's a crazy time we live in where some kid who can't even live on his own has the know-how and wear-with-all to pull off something like this. He did get caught, but it's pretty brazen of him to pull a thing like this off. Most kids these days don't even need someone else to do this, they can do it themselves most of the time because they have grown up with computers and have somehow picked up programming along the way. Kids just need to get out more and play like we used to when times were more simple and school test were on Scantrons, can't erase those with a DDoS attack!
Saturday, May 16, 2015
Penn State cyberattack exposes nearly 18K usernames and passwords
Over the past 2 years Penn State University's College of Engineering has been the victim of at least 2 substantial cyber attacks. The most recent yielded the cyber attackers 18K usernames and passwords for various people affiliated with the college.
They hired an independent cyber security firm to investigate and they have confirmed that at least one of the attacks came from China. Most of these attacks are from highly organized, skilled, and well funded individuals. The college was first alerted of the attacks by the FBI in 2014.
The article also mentions that many colleges universities are targets of cyber attacks that expose many individuals vital information, sometimes social security numbers and credit card information. It's funny to me that these smart cyber attackers are focusing on college to find lucrative information due to most of the accounts are probably students who are broke from paying for college so they aren't going to receive my in the way of money from them. Other information though from professors may be useful so maybe they are guessing that out of 18K people at least they may yield a 1000+ that are useful. Just goes to show that cyber attacks can happen to anyone or any business at any time. No one is safe 100%.
They hired an independent cyber security firm to investigate and they have confirmed that at least one of the attacks came from China. Most of these attacks are from highly organized, skilled, and well funded individuals. The college was first alerted of the attacks by the FBI in 2014.
The article also mentions that many colleges universities are targets of cyber attacks that expose many individuals vital information, sometimes social security numbers and credit card information. It's funny to me that these smart cyber attackers are focusing on college to find lucrative information due to most of the accounts are probably students who are broke from paying for college so they aren't going to receive my in the way of money from them. Other information though from professors may be useful so maybe they are guessing that out of 18K people at least they may yield a 1000+ that are useful. Just goes to show that cyber attacks can happen to anyone or any business at any time. No one is safe 100%.
Thursday, May 7, 2015
Norton Identify Safe offers free password management
It's always nice when a company offers something for free and Norton is no exception. They offer a free password protection application that not only stores your passwords on your desktop, but also syncs then across Web and mobile as well. This is wonderful if you are out and about and need that password to your bank account, but it's saved on your desktop at home.
Once this particular application was part of Norton's paid security-suite package, but now it is able to be obtained for free as a standalone. This is for Windows only at the moment so Mac folks will need to find a similar, hopefully free, product in their realm.
The software not only manages passwords and logins, but also does data filling for billing and shipping addresses which is a huge life and time saver when you are in a hurry. Aside from this there is a Wallet section that securely stores all of your credit card and bank information.
If you're in need of an all around personal information protector, then this software by Norton is the way to go. The price tag at least screams "Try me!" and if you don't like it your aren't out much. Norton's been around for a long time so there isn't any reason this product shouldn't be a homerun.
Once this particular application was part of Norton's paid security-suite package, but now it is able to be obtained for free as a standalone. This is for Windows only at the moment so Mac folks will need to find a similar, hopefully free, product in their realm.
The software not only manages passwords and logins, but also does data filling for billing and shipping addresses which is a huge life and time saver when you are in a hurry. Aside from this there is a Wallet section that securely stores all of your credit card and bank information.
If you're in need of an all around personal information protector, then this software by Norton is the way to go. The price tag at least screams "Try me!" and if you don't like it your aren't out much. Norton's been around for a long time so there isn't any reason this product shouldn't be a homerun.
Wednesday, April 29, 2015
Google creates new alert tool to help stop phishing attacks
Google has created a new tool that will fight against phishing. It's called the Password Alert Chrome extension. This new extension keeps track of where you enter your Google account password and when it's entered somewhere other than accounts.google.com.
This keeps you from re-using your Google password on other sites and protects you if you've entered your password on a fake Google website. This is called phishing. Phishing is when an individual acts like they are a legit company to try and get your sensitive info. Emails may be sent to you that look legit, maybe from "Google" try to get specific account details.
This is where the Password Alert extension comes into play. It sends you a message that simply lets you know your Gmail password was used on a non-Google page. You should change your password immediately if this happens. Just choose to ignore it if you know you've legitimately used your password on a secure website. Google is constantly impressing me with it's think outside the box ideas and just all of they ways it makes my life easier daily.
This keeps you from re-using your Google password on other sites and protects you if you've entered your password on a fake Google website. This is called phishing. Phishing is when an individual acts like they are a legit company to try and get your sensitive info. Emails may be sent to you that look legit, maybe from "Google" try to get specific account details.
This is where the Password Alert extension comes into play. It sends you a message that simply lets you know your Gmail password was used on a non-Google page. You should change your password immediately if this happens. Just choose to ignore it if you know you've legitimately used your password on a secure website. Google is constantly impressing me with it's think outside the box ideas and just all of they ways it makes my life easier daily.
Saturday, April 25, 2015
US goes on the offensive in combating cyber attacks
This week the US said it will take measures to use cyberattacks to defend outside attacks on our country. With the increasing amount of attacks over the last few years this was going to need to happen and happen soon.
I'm surprised the US didn't take these measures earlier and not just put out fires when they happened, but become proactive in fighting these types of attacks that cost out country and many corporations millions of dollars in losses yearly.
Our major threats like China, Russia, North Korea, and Iran are probably already taking measures to be ready when the US finally comes back at them. It's great that we are arming ourselves and using the great minds working for the government to protect the citizens of this country from any harm to their finances or their well being.
I'm surprised the US didn't take these measures earlier and not just put out fires when they happened, but become proactive in fighting these types of attacks that cost out country and many corporations millions of dollars in losses yearly.
Our major threats like China, Russia, North Korea, and Iran are probably already taking measures to be ready when the US finally comes back at them. It's great that we are arming ourselves and using the great minds working for the government to protect the citizens of this country from any harm to their finances or their well being.
Subscribe to:
Posts (Atom)