Living Social hack exposes dangers of using one password at multiple sites

Are you guilty of one of the worst bad technology habits possible? Do you ever use the exact same password and login name for a large number of online sites? If so, you might be putting yourself at severe risk. Clever hackers just might crack your password. And when they do, what’s to stop them from using that password to access all of your favorite online sites – including, potentially, your online bank – while pretending to be you?

Major Breach

According to the story, LivingSocial.com — which offers users daily bargains on everything from restaurants and spas to amusement parks and museums — recently suffered a massive security breach. The breach exposed the names, e-mail addresses and password information for up to 50 million LivingSocial users, according to ars technica.

Too Little, Too Late?

After the breach, Tim O’Shaughnessy, chief executive officer of LivingSocial.com, advised the site’s users change the passwords they utilize to access the deals site. He also advised that users change any passwords that they use to access other sites that are the same or similar to what they use to log into LivingSocial. This, as ars technica reports, is a bit of an understatement. If you use the same password to log onto Netflix, LivingSocial.com and your online bank, stop reading this account and immediately go and change these passwords. And do yourself a favor — do not ever reuse a password from one site at another.

Change it Up

It can be difficult to recall dozens of passwords. And there are occasions when you simply want to log onto a site with a password that you’ve used lots of times before as it’s easier than creating, and writing down, a brand-new access code. Don’t fall victim to this urge. If a hacker cracks your password at one site, it’s not overly hard for this cyber criminal to use the same one to gain access to your other Web sites, too, if you’re too lazy to create unique passwords at different sites. Yes, passwords are imperfect. Even so the more creative you are with them — including creating separate passwords for each and every site you visit — the better off you’ll be.

Can you guess which mobile device is hacked most often?

Apple’s iPhone collection of smartphones remains loved by consumers. Unfortunately, they’re also well-liked by a less savory group, hackers. Business Insider recently documented on a new study that found that the iPhone stands as the most hacked mobile device. And most stunning? It’s not even close – the iPhone is the most hacked by a lot.

The most hacked

Business Insider reported on the latest figures from Web security company SourceFire, which released the report “25 Years of Vulnerabilities.” This report charted the Critical Vulnerabilities and Exposures — better known as CVE — of a host of software and mobile devices. The CVE is the standard that security companies use when charting cyber-exploits. SourceFire found that 210 CVE reports had been filed on the iPhone. For comparison’s sake, Android only had 24 CVE reports.

What’s behind it?

This begs the question: Why have iPhones been hacked so many more times than have Android mobile devices? Just as with so many other big questions, there aren’t any easy answers. Business Insider ponders whether part of the reason could be the iPhone’s popularity. The devices, after all, remain a top seller. But the SourceFire report states that Android has received fewer CVEs in 2012 than it did in 2011. This drop happened even though Android enjoyed a big rise in market share last year.

Going after the king

A recent interview with the SourceFire report author on the ZDNet Web site proposes another excuse for the high number of iPhone hacks: Hacking the iPhone might present a challenge worthy of the most talented hackers. Consider how Android devices work. They make use of an open platform. Consequently developers could create malicious third-party apps that users can download onto their phones. That’s not very much of a challenge for hackers. But hacking the iPhone, which does not boast an open platform? That’s a true test of a hacker’s skill.

Don’t leave your small business vulnerable to a cyber attack

Hackers aren’t shy about targeting small businesses. They know that the majority of businesses are vulnerable to cyber crimes. It’s not overly difficult for smart hackers to break into the credit-card accounts or bank accounts of small businesses. Many have no difficulty accessing employee facts such as their Social Security numbers. Fortunately, small business owners do have a tool to use against cyber criminals: common sense. Entrepreneur Magazine recently ran a feature story providing tips for small business owners who want to protect their businesses from hackers. Below are a few suggestions from the story.

Encrypt your Data

Entrepreneur recommends that you first encrypt all of your significant data, anything from bank routing numbers to credit-card account information to employee Social Security numbers. Hackers want to steal these records. It’s how they ultimately drain money from your small business. Entrepreneur’s advice? Turn on the full-disk encryption tools that are included with your computer’s operating systems. On Windows, this tool is labeled BitLocker. On Macintosh computers, it’s known as FileVault. The tool, once activated, will encrypt every file and program on the drive.

The Lockdown Approach

Most computers have a Kensington lock port, a small metal loop that users can run a cable through to lock them to their desks. If you wish to truly protect your business, require that your employees take this protection measure. It might sound silly, but the Entrepreneur story said that businesses are often hacked after burglars break in and steal laptops along with other devices. A cable strapping a laptop to a desk won’t stop all thieves. But it might scare away those who want to strike especially quickly.

Wi-Fi Protection

Often the easiest way for cyber criminals to gain access to your company accounts is through your business’ Wi-Fi network. That’s why Entrepreneur Magazine suggests you do away with Wi-Fi completely and instead install a wired network. If you can’t do that, at least protect your Wi-Fi accounts with passwords which are difficult to compromise. A good bet? Long passwords consisting of a combination of letters, numbers and symbols.

These IT projects will boost your business in 2013

If your business isn’t growing, it’s dying. That’s why it’s important to stay on the lookout for new ways to grow your small business. There is one area, though, where small business owners often fail to look for growth strategies: IT. Yes, you can grow your business’ revenue by investing in IT. Small Business Computing.com provides a roadmap, listing several IT projects to help make your business and employees more efficient and productive.

Bring Wi-Fi to your business

A growing number of businesses permit their staff to bring their own electronic devices – everything from laptops to tablets – to their cubicles. The reasoning driving this movement: When people work on laptops and tablets that they know well, they work more proficiently. But allowing your employees to participate in the bring-your-own-device movement doesn’t mean much if your office isn’t prepared with a reliable Wi-Fi network that allows your workers to access the internet, send e-mail and post to social media sites while at their desks. Make installing a powerful Wi-Fi network in your office a top priority for 2013.

Ultrabooks

Ultrabooks are outstanding tools. They’re not as cumbersome as traditional laptops and far more powerful than Netbooks. They can also help your salesforce bring in more business: They can take their Ultrabooks home with them or on the road when they’re traveling to work on reports and presentations. They can run multimedia presentations for potential customers. And Ultrabooks are more affordable than ever today. If you want your employees to reach their full potential, equip them with Ultrabooks.

No more Windows XP

Do you still have computers running the Windows XP operating system? That’s a mistake. As Small Business Computing.com highlights, Microsoft will not provide technical support for this operating system as of early April 2014. The company will also no longer distribute regular security updates for the system as of this time. Running Windows XP, then, means that not only will your employees be working on a decade-old operating system, but their computers will also be highly susceptible to virus attacks. Make the smart move and upgrade to a more current Windows operating system.

Is the U.S. government driving a black market in zero-day bugs?

Stuxnet made big headlines in 2010. That’s when online security experts first discovered this new piece of malware, one strong enough to attack and control the industrial systems used in the nuclear program being developed by Iran. As a newly released story by the MIT Technology Review says, most people today believe the intelligence departments of Israel and the United States collaborated to develop Stuxnet. And that, to many, is troubling news. It’s evidence of a new from of electronic warfare, one in which countries create powerful malevolent software to unleash on their adversaries. And the United States seems to be leading the charge.

A developing industry

What is the long-term impact of malware weapons? The Technology Review story fears that governments, by investing a great deal of research and dollars into creating these virtual weapons, is making an ever-more hazardous Internet. And it appears these fears are justified. Since Stuxnet was unleashed in 2010, it’s clear that governments have invested a lot more money producing malware weapons. No one knows, in fact, how frequently such weapons have been deployed. It’s almost certain many of these weapons have already been unleashed without the public’s knowledge.

A mobile attack?

Even more alarming? Smartphones and tablets are far from safe from this kind of government-created malware. It’s indisputable that consumers are leaving desktop computers and latching onto smartphones, tablets as well as other mobile-computing devices. As this trend gains momentum, governments are focusing their efforts on the mobile market. The Technology Review story says that exploits that focus on mobile software are prized because manufacturers so rarely send updates to their mobile operating systems. As a result these systems are especially susceptible to malware attacks.

An old story?

The Technology Review story ends on this chilling thought: Maybe malware weapons are nothing new. After all, countries are always developing new and more damaging weapons. It ought to come as little surprise, then, that governments are taking to the online world, too, with regards to crafting new weapons. It’s unfortunate, though, that this newest round of arms building is creating a more dangerous Internet.

Making the choice: Desktop or Web-based e-mail

Are you a user of Web-based e-mail such as Gmail or Yahoo!? Or do you use a desktop e-mail client such as Postbox, Outlook or Sparrow? Each e-mail option features its own pluses and minuses. As a recent story by the Lifehacker Web site says, some users will do better using a desktop e-mail client and others will thrive with a Web-based e-mail system. Are you currently debating over whether to install that latest desktop e-mail client? Or are you contemplating signing up for Gmail? Deciding if Web-based or desktop e-mail is best for you necessitates a close look at your computing habits.

When desktop makes sense

Here’s who ought to be employing a desktop e-mail client, according to Lifehacker: Users who have multiple e-mail addresses with different domains, those who have to access their e-mail messages even when they’re offline and people who filter and block e-mail messages based on subject headers, senders and specific words. Lifehacker also recommends the use of desktop e-mail clients if you like making use of security features like encryption and digital signing.

When Web-based e-mail makes sense

Lifehacker supplies a list, too, that will help you decide if a Web-based e-mail system is the better option for you. First, if you prefer a single inbox for all your e-mail, Web-based e-mail might make more sense in your case. Secondly, if you only maintain a few e-mail addresses, you can choose Web-based e-mail. This kind of e-mail is practical, too, if you do much of your work at the office or at school. Often, your employer or school won’t let you download and install a desktop e-mail client on their computers.

Plenty of choices

No matter if you go with desktop or Web-based e-mail services, the good news is there are more alternatives than ever before when it comes to e-mail. There was a time e-mail was just about ignored by technology companies. Today, though, companies have launched a wide variety of e-mail services, both Web-based and desktop, that can make organizing and managing your e-mail messages a simpler task than ever before.

Hackers now targeting smart phones

Cyber criminals have long centered on running their swindles on PC users. And they have been tremendously successful in stealing personal data and stealing funds from countless people. Now these cyber criminals are unleashing their malware attacks on smartphones, tapping into another huge potential market of gullible users. This should come as being a surprise to nobody. Smart phones are booming in popularity. And many users treat their mobile devices as miniature computers. They surf the Web, send e-mail messages and bank online using their smart phones. Fortunately, you can take measures to ward off mobile malware. It mostly requires that you employ good judgment when navigating the internet using your smart phone.

Scary Numbers

The security firm F-Secure offers rather frightening numbers: According to the firm, the volume of malware attacks directed at mobile Android devices quadrupled from the first quarter of 2011 to the same quarter in 2012. That’s one among the numerous unsettling statistics regarding mobile malware. CNN Money writer David Goldman, for instance, recently cited an article from security firm Lookout Security that four in 10 smart phone users will click or swipe a suspicious Web Link this year. Goldman also writes that mobile phone cyber attacks have spiked by a factor of six, according to numbers revealed from anti-virus company McAfee.

The Good News

There is some very good news, though. In spite of the surge in smartphone malware attacks, such cyber crimes continue to be relatively rare, particularly if when compared to the frequent attacks on PCs. Goldman writes that McAfee by the middle of 2012 had found about 13,000 mobile malware types. That sounds like a lot. But the same company found more than 90 million forms of malware attacks leveled against PCs. The reason for the discrepancy? First, smart phone code is relatively new. Programmers have learned from the many cyber attacks unleashed against PCs. Secondly, cyber criminals have done so well in attacking PCs, they haven’t had as much incentive to target smartphones and other mobile devices.

Protect Yourself

You can safeguard your phone from mobile malware attacks. Start by getting anti-virus software from reputable companies. Be cautious, though–cyber criminals could create bogus anti-virus software that doesn’t protect your phone but instead sends these criminals your information. Also, make sure to research any app before you download it. You want to be sure that it is offered by a reputable company. Finally, be equally as wary of phishing schemes as you would be while sitting in front of your computer. Never provide your Social Security Number, bank account numbers or other important information in an e-mail. Your bank will not ask for such numbers in e-mail.

Internet trivia for a new year

What do you actually know about the Internet? Sure, you know that the ‘Net helps you view your favorite TV shows, download the greatest hits collection of that hot new band and play word games with contacts who live on the other side of the planet. But did you know the way the Internet actually works? Probably not. Luckily for us, the editorial staff at Web site Business Insider are ready to help. The Web site recently produced a feature highlighting a number of the more unusual facts about the Internet. Here are some tidbits that will help you raise your Internet IQ.

Facebook is King

We know Facebook is huge. But the social network company is not only big. It rules cyberspace. Business Insider quoted data from Hitwise to discover just how big of a player Facebook has grown to be: Facebook accounts for one in every five page views on the Internet. Facebook also, in September of 2012, reached 1 billion users.

The Biggest Data Center is Rising in Utah

Business Insider also mentioned that the largest data center in the world is now being built in Utah. The National Security Agency is behind this center, and when the data center is finished, it will store a yottabyte of data. You might not know what a yottabyte is. But it’s big. It equals 1,000 zettabytes or 1 million exabytes, according to Business Insider.

Streaming is on the Rise

Do you stream movies or Tv programs to your TV, computer or tablet? Even if you don’t, the odds are high your neighbor probably does. Streaming has become one of the Internet’s most widely used features. According to the Business Insider story, quoting statistics from Harris Interactive, greater than 50 percent of U.S. residents are using the Internet to view TV. Streaming video has become a particularly desired service among the younger customers that are flocking to Web streaming. As stated by Business Insider, streaming is a big hit among consumers younger than 35.

>

How To Protect Yourself From Ransomware

Have you ever heard of ransomware? It is a particularly frightening new form of malware. A recent story published by Slate goes into the details of how it attacks your computer. After clicking on a dubious link from an email or a webpage, your screen will instantly turn grey. Then a message pops up that is branded to look like it’s from the FBI. Additionally, it has you on a live webcam feed!

That isn’t even the scariest part. A message will then appear on your screen telling you that you have violated copyright laws and have two choices. One, pay a fine within 48 to 72 hours, or two, go to prison for as much as three years. You are also told that if you do not pay your computer will be locked indefinitely.

A real threat

Obviously you will not be charged with anything if you don’t pay, it is a scam. However, they may actually be able to lock you out of your computer according to a senior security advisor quoted by Slate. So should you just pay the fine to prevent this, it’s usually in the $100 range, or not? Maybe not, once they have your money there is no guarantee they won’t lock your computer anyway to get more money.

True protection

McAfee, the well-known maker of antivirus software, noted that it recorded more than 120,000 new examples of ransomware attacks in the second quarter of 2012. How to protect yourself? Exactly the same way you protect yourself from any type of malicious code. Make certain you have antivirus software installed on your computer. Just as significantly, don’t visit dubious websites, illegally download files to your computer, or click on strange links in email addresses.

And if your computer is infected? This is a pretty complex type of malware. To revive your computer, you might need to recruit the help of a computer security expert. Slate also suggests that you contact the real FBI by filing a complaint at www.ic3.gov.

Antivirus Software: Not As Protective As You Think

Most of us think it’s vital that you keep your antivirus software up-to-date. This is how we can protect our systems from viruses. Recently MIT’s Technology Review published an article that opposes this “given” we have all lived by.

Antivirus Software: Unreliable?

The antivirus software that we have paid for and long trusted to shield our information may not be effective. The technology is running a race with malware programs and malware is winning. More sophisticated and tricky to detect malware comes out every day and this is very concerning to those of us who access the Internet on a daily bases.

Burned by Flame

One of the most complex examples of malware to date is Flame. Flame copies documents, audio, network traffic, and keystrokes made on a computer that has been infected by it. The scary thing is, Flame has been active for a couple years now. During all of this time, no security software has been developed to detect this malware.

An Industry Under Siege

As the Technology Review story says, though, Flame is far from the only malware to slip past antivirus software. Several complex malware attacks in recent years have avoided detection by antivirus software. The story quotes an official with an antivirus firm who labeled Flame as a major failure of the antivirus industry. What’s this mean for you? Only that your computer probably isn’t nearly as safe as you’ve thought. Naturally, this doesn’t mean that you shouldn’t install any antivirus software on your computer. Until the security side of the computer industry catches up, antivirus software remains your very best chance of thwarting a virus attack. Just don’t be overly surprised if that antivirus software fails.