Author: Samuel Norris

Everything You Need To Know About Meltdown And Spectre

Everything You Need To Know About Meltdown And Spectre

Unless you’ve been living under a rock this past week, you’ve probably heard something about Meltdown and Spectre. These cyber attacks look to exploit a serious flaw embedded in just about all modern processors. Unfortunately, this flaw isn’t limited to personal computers. Smartphones as well as other smart devices are also at risk.

In order to understand how Meltdown and Spectre exploit your system’s processor, you must first understand a key function of modern CPUs: speculative execution. Without going into technical detail, speculative execution can improve CPU performance by predicting the route in which information will travel. This allows the CPU to execute a command in any order it sees fit. This avoids potential bottlenecks that would otherwise increase processing time. In the event that the processor fails to predict the correct route, the command will be rolled back in a way that is invisible to applications. These attacks exploit this function, allowing them to extract information from the CPU’s memory cache. Like a reverse phone number lookup, Meltdown and Spectre can access an unprecedented amount of sensitive information.

Meltdown And Spectre Vulnerabilities

While both of these attacks exploit the same processor flaw, the Meltdown attack causes the greatest amount of concern. This is because Meltdown allows the attacker to access information from the computer’s “kernel” (the central part of the operating system). The kernel essentially acts as a bridge between the computer’s applications and the processing unit. By peering into this location, Meltdown can extract the most sensitive information on a given device. As you can probably tell, an attack that can penetrate this deep into a computer system poses a massive security risk. For that reason, just about every major tech company and manufacturer has issued a patch to address this vulnerability.

Spectre, while still a significant security threat, is a far more difficult attack to execute than Meltdown. Unfortunately, this also makes Spectre more resilient to patches that otherwise address Meltdown. Some researchers believe software updates will not be enough to completely protect our systems from Spectre. Only by developing new hardware without speculative execution can we completely eliminate the threat of Spectre. That being said, it may take years before CPU manufacturers can develop such a chip. Until then, Spectre will continue to haunt our processors.

Another issue regarding these exploits is that no single company can fix either on their own. In order to address these vulnerabilities, processor companies (Intel, AMD), operating system companies, (Microsoft, Apple) and cloud service companies (SAP, IBM) have to work in tandem. So far the efforts of these companies have successfully created a working patch for the Meltdown attack (while still addressing Spectre in some ways).

The Impact Of Meltdown And Spectre

Everything You Need To Know About Meltdown And Spectre
Everything from personal devices to computer servers are at risk

Even though fixes for Meltdown (and in some ways, Spectre) have been released by most major manufacturers, some devices have yet to be patched. For those devices that have fixes available, installing the patches can slow down your computer by upwards of 30%. While the typical user might not notice a slowdown, the same cannot be said for everyone. In fact, many systems that rely on cloud computing are having trouble. For instance, Epic Games, the creator behind the popular shooting game “Fortnite” has had numerous reports of login failure and server downtime since the patches went publicThe company has since revealed that a third-party cloud service, responsible for handling the game’s influx of players, is at fault for the issues.

If you happen to be running an AMD chip however, a 30% slowdown is the least of your worries. Many AMD users who have installed Microsoft’s Meltdown and Spectre patch have bricked their entire system. Microsoft seems to be working on a fix for this issue. So we’ll be sure to update this blog when the fix arrives. In the mean time, if you happen to own a device with an AMD chip in it, make sure you disable the Windows auto update feature. Hopefully, as developers learn more about these vulnerabilities, more efficient ways to address Meltdown and Spectre will be found. For now however, we’ll have to settle for slower processing speeds and failed login attempts.

Related: Cryptojacking And How It Can Put Your Computer At Risk

 

Cryptojacking And How It Can Put Your Computer At Risk

Cryptojacking And How It Can Put Your Computer At Risk

Cryptojacking And How It Can Put Your Computer At Risk

What Are Cryptocurrencies?

I’m sure most of you reading this have heard about cryptocurrency in one form or another. Some of you may have even invested in this new form of currency. But for those of you who aren’t familiar with the different cryptocurrencies and how they work, I’ll go over some very basic knowledge before jumping into cryptojacking and its effects.

Cryptocurrencies are a secure digital asset that have exploded in both popularity and value over the past year. There are many different types of cryptocurrencies in circulation today. Aside from the most well-known (and valuable) Bitcoin, there is Ethereum, Ripple, and Monero. It’s important to understand how Monero differs from the others, since it’s the primary currency being used in cryptojacking efforts.

While it may be difficult to uncover the real name behind a bitcoin address, it is certainly possible. And once that name is uncovered, a simple person search can be used to find out everything there is to know about that individual. Monero on the other hand is completely anonymous and notoriously difficult to track payments. That is why its been so widely adopted by the online black market.

Unlike traditional forms of money that print new bills to add to circulation, a specialized process know as “mining” is used to create new cryptocurrency. Without going too in-depth, the practice of mining essentially uses your computer’s processor to solve complex mathematical sequences. Once the correct solution is found, the user will be awarded a predetermined amount of cryptocurrency. In order to be successful at mining however, a massive amount of processing power is needed. This is why most miners build specialized computers and join groups of other miners to increase the power of their networks.

Cryptojacking And How It Can Affect Your Device

Contrary to it’s name, the term cryptojacking does not refer to stealing an individual’s currency. Instead, cryptojacking refers to stealing computing resources (and the electricity used to power those resources) from an individual’s computer in order to mine for cryptocurrency.

Cryptojacking And How It Can Put Your Computer At Risk
Cryptojacking scripts utilize your computers processing power to help mine currency for the website’s host.

The first wide-spread instances of cryptojacking were reported back in September when Showtime and the popular torrent site The Pirate Bay were found to have injected cryptojacking code into their websites. While it’s unclear what method Showtime used, The Pirate Bay admitted to testing a new program called Coinhive in hopes of replacing their notoriously terrible ads. Essentially what this program does is turn any visiting computer into a mining tool for the host website. As a result, any Internet users browsing The Pirate Bay were subjected to an increased CPU load.

The issue with cryptojacking isn’t that websites are trying to monetize their traffic. In fact, some researchers believe this technique, in a more legitimate form, could actually help websites reduce the need for advertisements. The problem is, websites running these programs are using their visitor’s computer resources without their permission. Not only is this an invasive practice, it can also impact the lifespan of the computer itself. One researcher found that having multiple tabs opened to known cryptojacking websites easily brought the computers CPU load up to 100%. Prolonged usage at these rates can significantly reduce the lifetime of internal components. In some cases, important components can be irreversibly damaged, rendering the whole system inoperable.

How You Can Protect Yourself

Now that you’re all caught up, let’s take a look at some ways you can protect your devices. The first thing to look into would be your anti-virus software. Some of these programs, such as Malwarebytes, offer tools that can block cryptojacking scripts. If your anti-virus software doesn’t have such a tool, then you can download an extension for your browser that will do the same thing. One such example is the NoCoin extension for the Chrome browser. If extensions aren’t really your thing, you could instead download the new Opera browser. As of today, Opera’s 50th version will come standard with cryptojacking protection. Choose the option which best suits your needs and remember to always keep an eye on your computer’s performance.

Related: 9 Types Of Malware That May Put Your Data At Risk

 

How I Used A Reverse Number Lookup To Catch My Cheating Girlfriend

How I Used A Reverse Number Lookup To Catch My Cheating Girlfriend

I’m sure some of you out there have been in a relationship where someone has cheated. Maybe you were the one being cheated on, or perhaps you were the one doing the cheating. Personally, I have first hand experience with the former. Let me explain a little more about this relationship, and more importantly, how I was able to use Kiwi Searches phone lookup tool  to catch my girlfriend cheating.

Find Out Who They're Talking To

A few months ago, I ended a long-term relationship with a girl named Lisa. At first, everything started off as perfect as can be. We spent a few days talking online and texting each other before we decided to set up our first date. That was the beginning of a relationship that lasted just over two and a half years. For the majority of that time we were as happy as could be. We would go out together a few times a week, text each other constantly while we were apart and would spend just about all of our free time in each other’s company.

That being said, a few weeks after our two year anniversary, things started to go downhill. At first it started out slowly, with a break in our weekly routine. Little by little our time together started to disappear. While this was definitely a red flag, I didn’t think much of it at first. Lisa had told me that a new promotion at her job was responsible for taking up the majority of her free time. I remember her promising that once the training for said position was complete, we would get to see each other more often. At first, I was excited to hear about her promotion, but after a few weeks went by I began to realize the promotion wasn’t the reason for her lack of free time.

How I Used A Reverse Number Lookup To Catch My Cheating Girlfriend

What really convinced me something was wrong was the way she started behaving whenever we would spend time together. The first thing I noticed? She began hiding her phone from me constantly. At first I thought she was doing this unintentionally, after all, this was something she had never done before. Also, if her phone was ever left out in the open, it was always face down. But once again, I was willing to give her the benefit of the doubt.

That was until one day I noticed her phone constantly going off throughout the night. This began to bother me as it would continue to happen every time we saw each other. I never brought my concerns to her attention, but I did make a passing comment on all the new messages she was receiving. But she insisted these messages were from her job, and we left it at that.

After a few consecutive weeks of similar behavior, I decided it was time to take matters into my own hands. One evening, Lisa fell asleep on the couch in the middle of our movie night. However, out of the corner of my eye I noticed her face down phone had constantly been lighting up throughout the movie. I reached for the phone, careful not to wake Lisa up. What I found when I flipped over the phone shocked me. In the hour and a half that the movie was playing for, Lisa had received 7 missed calls from a seemingly random phone number along with 23 new text messages. I couldn’t believe what I was seeing. My first thought was to use Lisa’s finger to unlock her phone. That way I could at least read all those text messages, which were undoubtedly from the same number.

Half of me wanted so badly to unlock her phone. I needed to know who was sending my girlfriend these messages nonstop. But the other half of me still trusted Lisa. I asked myself what would happen if I broke into her phone only to find out the person on the other end had the wrong number? Also, I knew if I went through with this plan, Lisa would undoubtedly wake up and catch me in the act. Ultimately, I decided against breaking into her phone, but I couldn’t shake the feeling that this wasn’t a random caller.

The next day I did what anybody would do when faced with a problem they couldn’t solve: I asked Google. After typing in “how to reverse look up a phone number” I stumbled upon an amazing service that helped me identify that random number, and so much more.

Using A Reverse Phone Number Lookup Service

As I said earlier, the service that I used to perform this number lookup was called Kiwi Searches. Upon arriving on the homepage, the first thing I noticed was the amount of services available. From the reverse address lookup to criminal record searches, Kiwi Searches can be used to compile a variety of different reports. But I was here for one reason, which was to find out as much as possible about the owner of a particular phone number.

I began this process by selecting the reverse phone search option from the drop down menu on the homepage. After entering the number I discovered on Lisa’s phone the night before, I was brought to a preview page which revealed a few details about the phone’s owner. This information included the owner’s age and address history. To my surprise, this individual lived only a few miles from Lisa’s job and was around the same age as us. I needed to know more, so I decided to go ahead and purchase the full report. What I discovered next changed everything.

The information laid out in the phone report gave me the owner’s name: Brad. Having found this information, I decided to go back and perform a reverse name lookup on this Brad. From this report, I discovered that Brad not only lives close to Lisa’s job, he actually works there as well. But the most surprising thing I found was in the social media section of the report. It turns out Brad has a ton of recent pictures, including one of him kissing my girlfriend! This was all I needed to finally convince myself to end my relationship with Lisa.

I can honestly say that without Kiwi Searches, I might still be with Lisa today. So if you ever find yourself in a similar situation, the first thing you should do is gather as much information as possible. And the best way to do that is by using Kiwi Searches.

Protecting Your Google Home And Amazon Alexa

Protecting Your Google Home And Amazon Alexa

Do you have a voice assistant in your home? If so, you already know about the convenience these devices can give both you and your family. Whether its an Amazon Alexa in your living room, or a Google Assistant in your kitchen, these devices are great for helping you multitask. And if you happen to have the Google Assistant, it can do two things at once as well. On the other hand, if you purchased an Alexa instead, you can take advantage of the more than 20,000 “skills” available. For example, fans of the game Destiny 2 can use an Alexa skill to equip their favorite loadout or call for backup, all without having to pick up a controller. You can even purchase your very own Ghost (the AI companion that helps guide you through the game) which connects to your Alexa, giving you the most immersive gaming experience possible.

As with any device that’s connected to the Internet, security is of paramount concern. Voice assistants are no exception, which is why you must take the necessary steps in order to secure them. Aside from having access to personal information, voice assistants can also be used to make online purchases. Luckily, there are ways you can prevent unauthorized access to your information.

Voice Assistant Vulnerabilities

Not taking into account the more technical security issues, such as WiFi exploits that could compromise your devices, there are other ways for someone to gain access to your Alexa or Google Assistant. The simplest one? Imitating the owner’s voice. A key feature of voice assistants is their ability to differentiate one person’s voice from another. This allows the device to store personal settings (such as account information) for each individual user. The problem with this? It’s pretty easy to fool the voice recognition software.

Your Smart Home's Voice Recognition Software Could Be Easily Tricked
It’s far easier for someone to access your voice assistant than you may realize.

To be fair, if someone was trying to access your personal profile they would still have to be close enough to your device to activate it. That being said, if you’re someone who lives with a few roommates, your device may be at risk. Luckily, there are ways you can protect yourself.

Securing Your Google Home Or Alexa

The absolute best way to secure either of devices would be to completely disable the voice recognition tool. That way you won’t have to worry about someone getting into your own personal profile. For most users though, this defeats the purpose of having a voice assistant in the first place. Instead, try adding a voice activated pin number to your personal account, That way, anytime your Google Assistant or Alexa is prompted to make a purchase, the 4-digit pin number would have to be spoken first. While this is somewhat inconvenient, it does end up giving you the best of both words. You will still be able to make purchases via voice command, but you’ll also have the security you need to protect your personal information.

Related: How To Secure Your Connected Devices And Personal Information

How To Keep Your Information Safe On Black Friday & Cyber Monday

How To Keep Your Information Safe On Black Friday & Cyber Monday

Black Friday & Cyber Monday Survival Guide

Thinking of spending Black Friday on the couch this year instead of camping out at your local Walmart? Well then, you probably already know that most retailers are expanding their in-store Black Friday deals to include their online stores as well. But before you decide to do all your holiday shopping online, there are a few things you should do to ensure your information is well protected. Here are a few tips to help get you started.

Use A Reputable Payment Service

How To Keep Your Information Safe On Black Friday & Cyber Monday
Payment service providers make online shopping safer and less of a hassle

There are many payment service providers on the market today. Some of the most popular ones include Paypal, Apple Pay, Mastercard’s Masterpass, and Visa Checkout. There are many reasons why you should consider using one of these services. The most important one being; you don’t have to enter your credit card information every time you buy from a new website. The payment service will essentially act as your credit card, ensuring that your information stays safe even in the event of a future data breach. In addition to this, using these services will make it far easier to purchase from multiple sites. You won’t have to take the time to enter your credit card information, you just log into your payment service account and checkout.

Shop On Safe & Secure Websites

How To Keep Your Information Safe On Black Friday & Cyber Monday
Before you enter any personal information, make sure the website you’re on is secure

One of the most important tips to follow while shopping online is to ensure that the site you are purchasing from is legitimate. Before you even make it onto the payment page, look for signs that the website is secured. You can verify the security of a website by looking in the top left corner of your web browser. Search for a green padlock to the left of the address bar, or for the HTTPS attached to the URL. Finding either of these will let you know that the website you’re currently on is secure.

Proceed With Caution

How To Keep Your Information Safe On Black Friday & Cyber Monday
Be vigilant and keep a lookout for anything suspicious this holiday season

While shopping online this holiday season, be on the look out for fake retailer apps, email scams, and “too good to be true” offers. Each year, scams such as these flood the internet, hoping to cash in on shopping craze. If you choose to go the app route, make sure you download it through your smartphone’s official app store. The majority of apps you’ll find here are safe to download, however, you should still make sure it’s official. Look for misspellings in both the title of the app and on the description page, as these are potential signs of a fake app.

This same tip applies to spam emails which are commonplace throughout the Black Friday/Cyber Monday weekend. These emails are filled with incredible deals that are designed to peak the interest of whoever opens them. Do not be fooled however, these fraudulent emails are designed to entice you to click their many links. Once you click through the email, you will be lead to a fake website designed to steal your information. There are a few things you can do to spot these fake emails. For one, most of them will be filled with misspellings. You can also hover your mouse over any links in the email to see their destination. If the URL seems to be suspicious, avoid clicking through any of the links on the email.

These few tips should help you secure your information this shopping season. Do you have any tips you would like to see included in this article? Let us know by leaving a comment.

Related: How To Secure Your Connected Devices And Personal Information

 

 

 

Everything You Need To Know About The Latest Ransomware Attack

Everything You Need To Know About The Latest Ransomware Attack

The Bad Rabbit Ransomware Attack

Following in the footsteps of WannaCry and NotPetya, a new ransomware attack has surfaced. First discovered last week, Bad Rabbit has infected hundreds of computer systems. While the vast majority of infected systems are located in Russia, a few instances of the malware have appeared in Germany, Ukraine, Bulgaria, and Turkey. Unfortunately, the source of the attack has yet to be identified. Researchers believe BadRabbit may have originated from the creators of NotPetya. Here’s everything we know about Bad Rabbit at this point.

What We Know About Bad Rabbit

Everything You Need To Know About The Latest Ransomware Attack
Researching the underlying code of past ransomware attacks can help slow or prevent these attacks in the future.

One important thing that we know about Bad Rabbit is the way in which it spreads. To start, the malicious code is uploaded onto an insecure website (the majority of websites infected with the Bad Rabbit code were Russian domains). Once a victim arrives on one of these websites, they will be prompted to download an update for Adobe Flash. Opening this fake installer will infect the user’s computer with the Bad Rabbit malware. At this point, the system will be locked and a screen will appear demanding payment of .05 bitcoin (roughly $286). If the payment is not made within 40 hours, the cost will begin to rise.

Compared to WannaCry and NotPetya before it, this new ransomware attack is relatively small. Both of the previous attacks affected hundreds of thousands of devices (especially WannaCry which infected more than 200,000 in the span of two days). In this way, Bad Rabbit is far less severe, having infecting only a few hundred devices. That being said, the threat is still out there, which means devices are still at risk of infection.

However, this is some good news. A cybersecurity researcher discovered that the data locked by Bad Rabbit may be recoverable. So even if you’ve been infected by the Bad Rabbit malware, you may be able to retrieve your data.

Are ransomware attacks keeping you up at night? Are you doing anything in particular to protect yourself from them? If so, let us know in the comment section.

Related: How To Protect Your Devices From The Latest WiFi Vulnerability

Newly Discovered Botnet Infects Over A Million IoT Devices

Newly Discovered Botnet Infects Over A Million IoT Devices

It’s been a little over a year since the last major botnet, Mirai, was discovered. This particular piece of malware is responsible for infecting over 2.5 million devices over the course of a few months. The vast majority of these devices were routers and webcams running off of older versions of Linux OS. Once infected, these devices were then used en masse to perform several DDoS attacks, including one which effectively took down the internet for the majority of the US.

The Reaper Botnet Is Here

Newly Discovered Botnet Infects Over A Million IoT Devices
Fear the Reaper! This new botnet is taking the internet (of things) by storm

Just in time for Halloween, a far more advanced botnet has surfaced. This new botnet, fittingly referred to as Reaper, functions similarly to last year’s Mirai. Both of these botnets attempt to grow their zombie horde by targeting IoT devices. That being said, there is one major difference between these two botnets. And it just so happens to be the reason why Reaper is more dangerous.

Reaper vs. Mirai

Newly Discovered Botnet Infects Over A Million IoT Devices
Mirai and Reaper both have similar end games; however, the methods they use to get there are completely different.

To compare, Mirai’s method of breaking into IoT devices was through a simple (but effective) brute force attack. Essentially, Mirai’s malware would identify the manufacturer and model of a particular device and break into it using the device’s default login credentials, which can easily be found online. Reaper on the other hand operates in a much more sinister way.

Reaper assumes control by exploiting common weaknesses found in an IoT device’s (notoriously weak) security protocols. Think of a hacker breaking into a computer system or network – Reaper uses similar tactics to hack IoT devices. This, in turn, allows Reaper to possess far more devices than Mirai ever could.

To put things into perspective, Mirai took nearly 3 months to accumulate it’s peak 2.5 million IoT devices. However, Reaper was only discovered last week and has already infected close to two million IoT devices.

If you have reason to believe that your IoT devices may have become enslaved by a botnet overlord, the first thing you should do is look for any new updates or patches made available by the device’s manufacturer. If your device does not have the ability to update (as is the case with many IoT devices) your only other option may be to perform a factory reset. Note you’ll have to redo any changes you once made to your device, such as changing the login credentials.

 

Have you been affected by this new botnet attack? Are you concerned about the future of IoT security? Let us know in the comments below!

 

How To Protect Your Devices From The Latest WiFi Vulnerability

How To Protect Your Devices From The Latest WiFi Vulnerability

How To Protect Your Devices From The Latest WiFi Vulnerability

Earlier this week, a major WiFi vulnerability was found to exist in the WPA2 (WiFi Protected Access 2) encryption protocol. Prior to the discovery of this vulnerability, WPA2 was hailed as the most secure method of protecting your WiFi network. It’s been estimated that WPA2’s Advanced Encryption Standard (AES) would take millions of years for even the most advanced supercomputers to break through its encryption process. Unfortunately, the latest attack does not have to break through any form of encryption. Instead it exploits a serious weakness found in WPA2’s framework.

The KRACK WiFi Vulnerability

Key Re-installation Attack (KRACK for short) can completely bypass WPA2’s security. The attack works by tricking the WiFi network into believing that the hacker has the correct credentials to access the network. Once inside, the hacker can monitor every piece of information flowing into and out of the WiFi network. All kinds of personal information, such as credit cards, social security numbers, usernames, and passwords are at risk of being stolen. If you believe your information may have been stolen, try running a background check on yourself to determine if someone has been using your information.

Certain operating systems are more susceptible to KRACK (such as Android 6.0 or higher and Linux OS). It’s important to note that all devices operating off of WiFi networks are vulnerable. This includes PCs, laptops, smartphones, and even IoT devices (such as digital home assistants and smart TVs).

How To Protect Your WiFi Network

Mathy Vanhoef, the security researcher who discovered WPA2’s vulnerability to key re-installation based attacks, has published both a research paper as well as a website that goes into further detail on subject. However, if you’re not into the more technical aspects of the attack, and are only concerned with how you can protect yourself from this new threat, we’ve got you covered.

Update All Devices On Your Network

How To Protect Your Devices From The Latest WiFi Vulnerability
Keeping your devices up-to-date is essential for both functionality as well as security

Updating any WiFi connected device is by far the most important thing you can do to protect your network. In this particular case, your number one priority should be updating your router’s firmware. While updating firmware usually requires some additional steps, the process is simple enough that anyone can do it.

Once you’ve updated the firmware on your router, your next priority is the software on the rest of your devices. Most major manufacturers have already developed patches for the KRACK vulnerability. However, there are still some manufacturers who have yet to release an update for their devices. If you’re unsure about whether your device’s manufacturer has already provided a patch for this WiFi vulnerability, take a look at this list.

Use An Alternative Connection To WiFi

How To Protect Your Devices From The Latest WiFi Vulnerability
Every WiFi enabled device is susceptible to key re-installation attacks, so consider using some alternatives until your devices are patched

What if the majority of your devices have not been properly patched? In that case, the next best thing you can do is disable your router’s WiFi and use an alternative connection. While not every device has a built in ethernet port available, some of the more data sensitive devices, such as PCs and laptops, are sure to have one. Consider utilizing these ethernet connections on your important devices until a proper fix has been publicly released.

In addition to PCs and laptops, smartphones also contain a ton of sensitive information. Unfortunately, many of these devices are at an elevated risk (Android devices in particular). In order to protect your smartphone from this WiFi vulnerability, try using your smartphone’s data instead of connecting to the WiFi, especially if you find yourself in a public place.

If there’s one thing you take away from this article, it’s that you should always keep your devices updated. Most modern devices come standard with some sort of auto-update feature. Enabling this feature can help secure your devices from potential vulnerabilities in the future. For those devices that require manual updates (such as router firmware), remain vigilant and keep a lookout for future updates.

If you found this article helpful, or have any additional tips, please let us know in the comment section below!

Related Article: How To Secure Your Connected Devices And Personal Information

Update (11/8/2017): Google has released a new security patch for Android devices (versions 5.0.2 Lollipop to 8.0 Oreo) that addresses the KRACK WiFi vulnerability. There are multiple patches available for November, however the 2017-11-06 patch is the one to look out.

How To Secure Your Connected Devices And Personal Information

How To Secure Your Connected Devices And Personal Information

How To Secure Your Connected Devices And Personal Information

Most of our personal information is stored online and easily accessible in today’s digital age. Many internet users choose to save their personal information on their favorite browser — everything from account names and passwords to home addresses and phone numbers are commonly saved in this way.

Even if you choose not to save your information, chances are it’s already been recorded somewhere on your device. This could potentially lead to a serious data breach if your device is targeted by a hacker or malicious software. Luckily, there are some steps you can take in order to secure your connected devices and reduce the risk of a break-in.

Turn Off Your Bluetooth Connection When Not In Use

How To Secure Your Connected Devices And Personal Information
Bluetooth is the current standard in wireless connectivity. However, it is not without its vulnerabilities.

Many newer devices rely heavily on Bluetooth to provide a wireless connection. However, hackers are also able to utilize this connection to remotely gain access to your devices. The most effective way to combat this is to turn off your Bluetooth whenever you’re not using it (same with your Location Services). This is especially important for connected devices, such as smart TVs and e-readers, which typically do not have the same level of security as PCs and smartphones.

Aside from a lack of security, many of these devices also lack the ability to receive updates or patches to fix potential exploits. Even for devices that do have the ability to update, it can take manufacturers months to identify a particular vulnerability, let alone develop a patch to address it. For example, at the time of this article, Apple’s iPhone operating system, iOS, has received a massive patch to address a malicious Bluetooth hack, while Google is still in the process of developing a fix for their mobile devices.

That particular Bluetooth vulnerability is known as the BlueBorne hack. When Bluetooth is turned on, the device is constantly open, trying to find other Bluetooth enabled devices to connect itself with. The BlueBorne hack takes advantage of this behavior by disguising itself as a Bluetooth enabled device seeking to make a connection. Once a connection has been established with another device, it begins to scan for potential vulnerabilities.

These vulnerabilities can be present in outdated operating systems or in a device that lacks security features altogether (which is the case for many of these devices). Once an access point has been established, the hacker can remotely control the device, even if it already has an established connection. At this point, the hacker will be able to extract any information that’s been entered or stored on the device. If the hacked device happens to be a smart phone, there’s no limit to the amount of personal information the hacker can extract.

There is some good news, however. The BlueBorne hack, as well as any other Bluetooth-related vulnerability, will require close proximity to the device in order to access it (roughly 35 feet for most Bluetooth devices). This means the connected devices in your home are more or less safe from intrusion. That being said, any connected device that you take with you outside of your home may be at risk, especially if you find yourself in crowded, public areas.

The key takeaways here are to make sure your connected devices are always updated to their latest version (if possible) and to ensure that your Bluetooth connection is turned off while it’s not in use. In doing so, you can better protect yourself against Bluetooth intrusions.

Change The Password On Your Router And Any Connected Devices

How To Secure Your Connected Devices And Personal Information
Creating a unique username and password for any device connected to your network is an important step in protecting your personal information.

Most internet users know about the need for security features, such as firewalls, anti-malware software, and virus scans, but few people ever go the extra mile and change the default login credentials on their routers. What most people don’t know is that this is one of the most important steps you can take to protect all the devices connected to your Wi-Fi network.

By not changing the login information on your router, you’re putting the entire computer network at serious risk. This is because it gives potential hackers an easy way to bypass any security protocols your system may have. For most updated devices, breaking through these security protocols is a difficult and time-consuming task. On the other hand, if you’re one of the many people that never change the default login credentials on your router, it can be as easy as typing in a username and password to break into your network and extract any data flowing in or out of your network.

This same rule applies to any connected devices you may have. Just like routers, many consumers don’t know about the security risks associated with leaving the default login credentials unchanged. This rule is perhaps even more of a necessity when it comes to connected devices, due to the prevalence of botnets.

The term “botnet” is used to describe a collection of devices infected with a specific malicious software that allows a single source to control the actions of each infected device at the same time. Connected devices are commonly targeted by this malware because the default login credentials can easily be found online. Once a large enough network of botnets has been established, the hacker can then use the network to perform distributed denial of service (DDoS) attacks on websites and servers alike. In addition to this, these connected devices have little to no onboard security, making the login screen the only thing stopping potential hackers from breaking into them.

While there are different ways in which you can secure your personal devices and information, following these simple tips provide a good starting point. Remember, if you’re proactive about the security on all of your internet enabled devices, you can protect yourself from the majority of hackers.

Are you one of the few people who are already following these tips? Are there any other ways in which you have secured your own devices and data? Let us know in the comments section!

You May Also Like: 5 Types Of Digital Threats To Beware Of & How To Prevent Them

Update (11/16/2017): Armis, a cyber security firm which specializes in protecting IoT devices, released a report today which revealed a total number of 20 million Amazon Echo & Google Home devices were made vulnerable to the Blueborne attack. Both Amazon & Google have since patched out these vulnerabilities on their respective devices. These devices also auto-update by default, so if you do happen to own one of these devices, chances are you’re in the clear.

9 Types Of Malware That May Put Your Data At Risk

9 Types Of Malware That May Put Your Data At Risk

9 Types of Malware That May Put Your Data At Risk

When trusting your devices with important data and files, you never expect that something will happen to them. The sad truth is that every day, all over the world people are experiencing malware attacks that threaten the security of their computers, cell phones, and tablets (and the precious data they contain). There are many more types of malware than most people realize, so it’s important to be informed in order to protect your devices.

 

Here are 9 types of malware that may put your computer data at risk:

 

1. Virus

This is the most widely-known type of malware, which is what reviews of antivirus software tend to target. However, not everyone knows exactly what a virus entails. A virus is a code that is attached to a piece of software. It’s easily spread and replicates itself just like a human virus, contracted by file or software sharing (often via email).

 

2. Trojan

Trojans are the most dangerous type of malware, because their end goal is to steal your financial information by taking control of your device. In a larger system, this can result in a denial-of-service attack, meaning the system itself is down to users. This is a huge threat to businesses.

 

3. Spyware

9 Types of Malware That May Put Your Data At Risk

One of the more obvious malwares is the spyware, since it does exactly what its title suggests. It spies on your computer activities and logs them in order to target you, usually with advertisements.

 

4. Keylogger

A keylogger records everything you type in order to collect your username and password data. This is often one of the first steps in hacking a specific user because it does not require guesswork or backdoor methods to get into your private information.

 

5. Ransomware

9 Types of Malware That May Put Your Data At Risk

When your computer is infected with ransomware, you will be unable to access your computer or the data within. It holds your device hostage and typically will request that you pay the hacker money to regain control.

 

6. Adware

Adware targets advertisements at you that are unwarranted. This is usually done by first using spyware to see which ads will be most effective for the hacker to use against you.

 

7. False security

Not all security softwares are made equal. In fact, some of them may be fake and designed to infect your computer instead of clean it up and keep you safe. To be certain your program is reputable, make sure to look up security software reviews for products that are in good standing and proven to work well, like Norton Security Deluxe or Bullguard Internet Security.  

 

8. Worm

9 Types of Malware That May Put Your Data At Risk

Worms are aptly named, since they are programs that will duplicate themselves and then proceed to “eat” away at your data and computer programs. They won’t stop until your drive is completely empty and you have lost all your data.

 

9. Backdoor

Backdoors are malware programs that create a weakness in your computer security to allow for other types of malware or hackers themselves to gain access to your system.

Now that you know all about the different kinds of malware, you can choose a security or antivirus software that works for you to protect yourself. If you suspect you may already have been the target of a malware attack, check out our related post: 6 Symptoms Of An Infected Computer