Google has created a new tool that will fight against phishing. It's called the Password Alert Chrome extension. This new extension keeps track of where you enter your Google account password and when it's entered somewhere other than accounts.google.com.
This keeps you from re-using your Google password on other sites and protects you if you've entered your password on a fake Google website. This is called phishing. Phishing is when an individual acts like they are a legit company to try and get your sensitive info. Emails may be sent to you that look legit, maybe from "Google" try to get specific account details.
This is where the Password Alert extension comes into play. It sends you a message that simply lets you know your Gmail password was used on a non-Google page. You should change your password immediately if this happens. Just choose to ignore it if you know you've legitimately used your password on a secure website. Google is constantly impressing me with it's think outside the box ideas and just all of they ways it makes my life easier daily.
Wednesday, April 29, 2015
Saturday, April 25, 2015
US goes on the offensive in combating cyber attacks
This week the US said it will take measures to use cyberattacks to defend outside attacks on our country. With the increasing amount of attacks over the last few years this was going to need to happen and happen soon.
I'm surprised the US didn't take these measures earlier and not just put out fires when they happened, but become proactive in fighting these types of attacks that cost out country and many corporations millions of dollars in losses yearly.
Our major threats like China, Russia, North Korea, and Iran are probably already taking measures to be ready when the US finally comes back at them. It's great that we are arming ourselves and using the great minds working for the government to protect the citizens of this country from any harm to their finances or their well being.
I'm surprised the US didn't take these measures earlier and not just put out fires when they happened, but become proactive in fighting these types of attacks that cost out country and many corporations millions of dollars in losses yearly.
Our major threats like China, Russia, North Korea, and Iran are probably already taking measures to be ready when the US finally comes back at them. It's great that we are arming ourselves and using the great minds working for the government to protect the citizens of this country from any harm to their finances or their well being.
Thursday, April 16, 2015
Target settles with MasterCard over 2013 data breach
This week Target settled a dispute with MasterCard over a 2013 data breach by agreeing to pay $19M to card issuers worldwide that have to cancel accounts, create new accounts, and reissue new cards to customers who were affected.
The person responsible for this huge attack has not been caught yet and had access to 110 million customer records, including 40 million credit card numbers. Target notified card issuers immediately after the attack so customers could get new cards quickly and accounts back to normal.
Visa is in talks with Target for a smaller settlement.
It seems this is happening more and more lately with large multibillion dollar companies with robust IT departments and presumably very good data security measures to combat this. When one hacker or a small group of hackers relatively easily breaks the system and gets access to sensitive information this becomes real to me as a consumer with lots of information in the virtual world and on company servers.
I want to trust that companies are doing all that they can to combat this type of thing, but when you are seemingly getting nipped at weekly, maybe even daily, by those that wish to steal from others instead of working for themselves, it scares me into becoming extra careful when I put my credit card or social into any website. I suppose this is good that my senses are heightened to this so I do take more responsibility and not blindly trust who is on the other end of my transaction.
The person responsible for this huge attack has not been caught yet and had access to 110 million customer records, including 40 million credit card numbers. Target notified card issuers immediately after the attack so customers could get new cards quickly and accounts back to normal.
Visa is in talks with Target for a smaller settlement.
It seems this is happening more and more lately with large multibillion dollar companies with robust IT departments and presumably very good data security measures to combat this. When one hacker or a small group of hackers relatively easily breaks the system and gets access to sensitive information this becomes real to me as a consumer with lots of information in the virtual world and on company servers.
I want to trust that companies are doing all that they can to combat this type of thing, but when you are seemingly getting nipped at weekly, maybe even daily, by those that wish to steal from others instead of working for themselves, it scares me into becoming extra careful when I put my credit card or social into any website. I suppose this is good that my senses are heightened to this so I do take more responsibility and not blindly trust who is on the other end of my transaction.
Tuesday, April 7, 2015
White House Network Breach
Today it was reported that very sophisticated Russian hackers had breached the White House and State Department's computer systems in an attempt to commandeer classified US information, it seems, for the Russian government.
According to a high ranking official the hackers were not successful in getting into the classified systems and the very sensitive information they hold. This is a scary situation when it's seemingly this easy to get into the most powerful man in the free world's home system. If these hackers can do this and make the geniuses that run the government network security areas look like it's their first day on the job, then how does the private sector have much hope.
The same thing seems to be happening from China as well when it comes to trying to get into our country's private computer databases and cherry pick specific information that could damage our economy and bruise our egos. We aren't as safe as we thought we were and without extreme measures to squash these individuals this will continue to happen as it did not long after the first attack. The same hackers were able to roam around for upwards of a month in State Department network systems.
There are good hackers out there that fight every day against foreign hackers and I'm glad they are working for us because we are only heading into a more and more virtual world that will continue to bring security breach attacks on our government and us as individual Americans.
According to a high ranking official the hackers were not successful in getting into the classified systems and the very sensitive information they hold. This is a scary situation when it's seemingly this easy to get into the most powerful man in the free world's home system. If these hackers can do this and make the geniuses that run the government network security areas look like it's their first day on the job, then how does the private sector have much hope.
The same thing seems to be happening from China as well when it comes to trying to get into our country's private computer databases and cherry pick specific information that could damage our economy and bruise our egos. We aren't as safe as we thought we were and without extreme measures to squash these individuals this will continue to happen as it did not long after the first attack. The same hackers were able to roam around for upwards of a month in State Department network systems.
There are good hackers out there that fight every day against foreign hackers and I'm glad they are working for us because we are only heading into a more and more virtual world that will continue to bring security breach attacks on our government and us as individual Americans.
Friday, April 3, 2015
DDoS attack on Github website and online gamers: What is a DDoS attack?
The popular programming and app developing website Github was hit by a DDoS attack recently and the website is still trying to recover from the attack.
A DDoS attack, or Distributed Denial of Service, is making a website or personnal IP address unavailable by overwhelming it with traffic from multiple services. The website believes this was coordinated by individuals in China that don't like some of the customers of Github specifically ones that promote free speech and promoting banned websites in China like the New York Times website.
DDoS attacks are becoming more and more rampant these days. I keep up with online pro gamers who deal with this problem very often. One minute they are streaming for thousands of people and the next they are being hit offline by an attack to their IP address by, most of the time, some pimple faced teenager living in the basement of their parents house.
These are just some of the ways that DDoS attacks are implemented. According to digitalattackmap.com there are four main types of attacks. A TCP connection attack is when all available connections are used up and the system goes down. A volumetric attack involves using up bandwidth and are mainly used to simply cause confusion between the internet and a network. A fragmentation attack is a flood of packets is sent to a network and causes poor performance among other issues. An application attack is used to target a specific area of an application and handicap it with few attacking devices.
Regardless of what type of attack is presented DDoSing, as some would call it, is troublesome and easily accomplished by even an unseasoned hacker. As soon as you find a fix another attack could take place at a different angle. For computer professionals this will continue to be a problem for the foreseeable future.
A DDoS attack, or Distributed Denial of Service, is making a website or personnal IP address unavailable by overwhelming it with traffic from multiple services. The website believes this was coordinated by individuals in China that don't like some of the customers of Github specifically ones that promote free speech and promoting banned websites in China like the New York Times website.
DDoS attacks are becoming more and more rampant these days. I keep up with online pro gamers who deal with this problem very often. One minute they are streaming for thousands of people and the next they are being hit offline by an attack to their IP address by, most of the time, some pimple faced teenager living in the basement of their parents house.
These are just some of the ways that DDoS attacks are implemented. According to digitalattackmap.com there are four main types of attacks. A TCP connection attack is when all available connections are used up and the system goes down. A volumetric attack involves using up bandwidth and are mainly used to simply cause confusion between the internet and a network. A fragmentation attack is a flood of packets is sent to a network and causes poor performance among other issues. An application attack is used to target a specific area of an application and handicap it with few attacking devices.
Regardless of what type of attack is presented DDoSing, as some would call it, is troublesome and easily accomplished by even an unseasoned hacker. As soon as you find a fix another attack could take place at a different angle. For computer professionals this will continue to be a problem for the foreseeable future.
Subscribe to:
Posts (Atom)