Posts Tagged Data Security

Ways To Verify Data Breaches

A data breach is an incident where a hacker gains access to a database that contains the user’s personal details such as login information, financial details, Social Security Number, address, PHI, etc. In the case of an organization, a data breach can result in revealing of trade secrets and other critical business information. Once stolen, this information is then sold on the dark web to cyber criminals who use it for their profit.

The damage caused by a data breach can be minimized if it is detected in time. Here are some ways to verify a data breach:

  • Online Tools: A number of online tools are available to help users in verifying if their email account has been breached. Another way of verifying a data breach is via a data breach database. A data breach database such as HIBP (created by Troy Hunt, a Microsoft regional director, and MVP) contains a list of compromised email accounts and passwords. Users can search these databases for their email to see if their email and password are among the compromised lists.
  • Updated Browsers: Using an updated browser that has special features can help users in knowing if their password has been compromised. Browsers such as Chrome 79 include ‘Password Checkup Feature’. When a user enters a password, the feature warns the user if the password has been compromised without the need of saving the password.
  • Unauthorized Activity: Regularly check your accounts for any unauthorized activity in your account. Keep an eye on your sent emails. If you notice any emails sent to anonymous accounts, this indicates that your email account has been hacked. In case of any social media account, make a note of any unusual posts, messages, etc. Any unauthorized activity indicates a data breach including username and password.

Whilst these methods may be helpful, there is no bulletproof method of verifying a data breach. An ideal way of approach is to employ stringent data protection strategies. Some of the most efficient personal data protection strategies include access controls on the network, use of automated backup system, equip the data storage center with a protective suit, robust monitoring & reporting, and use of a secure password.

For more information on ways to verify data breaches, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Data Protection From Malicious VPN Apps

Web users intend to use VPN services with an assumption that VPN keeps their web browsing and personal data safe. However, recent research has thrown light on some vulnerabilities found in common and popular VPN apps.

These vulnerabilities include:

  • Missing encryption of sensitive data.
  • Hard-coded cryptographic keys within the app; thus, even if the data is encrypted, hackers can decrypt it using these keys.
  • Some VPN apps have user privacy breaking bugs such as DNS leaks which expose user DNS queries to their ISPs.

These vulnerabilities of VPN apps allow hackers to intercept user communications including web browsing history, username, passwords, photos, videos, and messages. The privacy breaches include location tracking, access to device status information, use of the camera, microphone access and ability to send SMS secretly. Using these vulnerabilities, hackers can manipulate the users to connect to their malicious VPN servers.

In addition to these vulnerabilities, there are some other concerns associated with free VPN apps:

  • Some free VPN apps sell your bandwidth to paying customers allowing them to use your device’s processing power.
  • Malicious VPN apps incorporate ads that may include malware. These apps may also share the online activity of users to third party marketing professionals.

Some signs that your phone has been affected by malware are:

  • Phone becomes slow.
  • Higher loading time of app.
  • Battery drains faster than usual.
  • Large number of pop-up ads.
  • Unexplainable data usage.

As the number of data breaches is exceeding, it has become important to take necessary measures for safeguarding yourself against malicious VPN apps. Following are some measures that you should take:

  • Check if you have sufficient information about the app developer. Download the VPN apps provided by trusted app developers only.
  • Check the app reviews. You can also search for the app on the search engine to check if there is any controversial news about it.
  • Audit the apps on your phone to check if they were downloaded by you or not.
    Delete apps that you don’t use frequently.
  • Run a malware scan after downloading any app to ensure it is safe.

For more information on ways to protect your data from malicious VPN apps, contact Centex Technologies at (254) 213 – 4740.

, , , , ,

No Comments

Points To Consider While Securing MSPs

PDF Version: Points-To-Consider-While-Securing-MSPs

, , ,

No Comments

Tech Support Scams: Everything You Need To Know

Tech Support Scams is a million-dollar industry that is known to be existing since 2008 and is at its all-time peak. It targets innocent people into spending hundreds of dollars by tricking them with non-existent computer problems. In order to secure yourself from ever-rising Tech Support Scams, it is important to understand what these scams are and how do they operate.

What Are Tech Support Scams?

Tech support scams trick people by making them believe that their computers have encountered a technical problem. The scammers motivate the victims to make a payment in order to get rid of the problem.

How Do Tech Support Scams Operate?

The tech scammers implement a variety of tricks to target the victim. Following are some of the common ways used by the scammers:

  • Cold Calls From Fake Agents: The scammers operate from discrete locations and call random numbers from a phone directory. The scammers use VoIP technology to hide their actual number and location. They pose as technical agents from software companies such as Microsoft, Windows, etc. They take control of the victim’s computer and send fake error reports. Once the victim is convinced, they collect money for mending the error. The best way to secure yourself against these scams is to ignore such fake calls.
  • Toll-Free Numbers From Fraudulent Tech Support Companies: These companies advertize heavily on popular search engines or heavy traffic websites to build trust and attract customers. Once a customer calls these technicians for a minor service such as software activation, these technicians introduce fake pop-ups on the customer’s computer stating that the system is infected. Thus, the customer ends up paying hundreds of dollars for ‘Windows Support’. In order to protect yourself from such scammers, it is imperative to be careful while choosing a technician or tech support company.
  • Screenlockers: This method has gained popularity recently. The scammers spread malware with the purpose of locking the user out of his own system. The malware poses as an installer for legitimate software. Once installed it may either result in a ‘Blue Screen Of Death’ or show a message that you are using an expired software. In the case of BSOD, the screen will show a few numbers for seeking help. If the message indicates an expired software, it will ask for a license key. The message may include a number and some links for popular remote assistance sites/software such as TeamViewer. The scammers ask the user to install the software and share the access id in lieu of gaining access to rectify your computer’s problem. The underlying motive is to sell you overpriced solutions and ‘service contracts’.

What To Do If You Have Given Access To The Scammers?

In case you have already granted remote access to the scammers, follow these steps to reduce the impact of the scam:

  • Revoke the access or restart your system to expire the session and remove the scammers from your system.
  • Run a malware scan as the scammers may have installed malicious software like password stealers in your system.
  • Change all your passwords and update your security protocol.
  • Run a ‘System Restore’ to restore any missing files or software from your system.

For more information on new Tech Support Scams, call Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Potential Hurdles Limiting The Internet of Things

There is immense hype surrounding Internet of Things (IoT). However, irrespective of technological advancements and immense benefits offered by IoT, there are some potential challenges that limit the application of IoT. In order to understand these hurdles, it is first important to understand what IoT is and how it works?

IoT is a network of interconnected things, devices, machines, animals or humans that are equipped with sensors, software, network connectivity and necessary electronics which enable them to share, exchange and collect data. The sensors of every connection in the network communicate with a cloud system and send data to it through internet connectivity. Once data is received by cloud, the software processes it to take an action like sending an alert or making adjustments to sensor/device with manual efforts of the user.

Following are the hurdles that limit the use of Internet of Things:

  • Availability Of Internet: Although IoT offers high levels of convenience and technological access to users, but there is a basic internet requirement for IoT to be operational. Undoubtedly, internet access is not considered to be a problem by majority of people, but there are still some areas of world where internet connectivity may be spotty or absent.
  • Expenses: IoT requires placement of sensors on the devices or objects. For implementing this technology to its complete potential, there is a requirement to place sensors on roads, traffic lights, utility grids and buildings. Embedding sensors on all required places is looked upon as a huge expense. Progress has been made to develop cheaper sensors. However, more progress is required before organizations would embrace the technology completely.
  • Privacy & Cyber Security: As the number of cyber security breaches is rising, organizations and individuals are thoroughly concerned about the security related to IoT. If every household item or organizational computer is connected over web, it raises the need for strict cyber security protocols.
  • Data Surge: It is estimated that by 2020, around 26 billion items or objects will be a part of IoT. This will lead to the generation of large amount of data. So, businesses need to invest in new hardware, equipment and data mining techniques for effectively collecting and analyzing data in real time.
  • Consumer Awareness: IoT is a technological buzzword, but still 87% of general public is unaware of the term or its actual meaning. There are chances that people may actually be using the technology in some way and yet be unaware of it. This lack of knowledge may result in loss of interest. However, there has been an increased interest in the use of wearable technology which could act as a gateway for other connected objects.

Irrespective of these hurdles, the number of IoT developers is expected to reach 4.5 million by 2020. This gives a hope for new solutions to these hurdles for facilitating the spread of technology and its applications.

For more information on Internet of Things, call Centex Technologies at (254) 213 – 4740.

, , , , ,

No Comments