1:M Cyber Security News 11/1/19

Hope all is well in your lives, and you’re staying safe and cyber secure 🙂

OK, some cool stuff going on lately. Lets jump right in:

=================

Wired Magazine has a series of posts that helps you lock down your social media accounts, home assistants, and Windows 10 privacy settings. I strongly urge you to follow their needed advice:

• https://www.wired.com/story/facebook-instagram-twitter-posts-private/

• https://www.wired.com/story/keep-siri-alexa-google-assistant-recordings-private/

• https://www.wired.com/story/windows-10-privacy-settings/

———–

StateScoop has developed a detailed interactive map of every known public-sector ransomware attack going back nearly 6 years. Its quite eye-opening, so please check it out:

• https://statescoop.com/ransomware-attacks-map-state-local-government/

———–

Make sure you use a good password manager!

As we discuss in Lecture 35, one of THE most important things you can do RIGHT now, to keep yourself secure online, is to use a password manager. It creates new secure (i.e. long) passwords for you to use on new websites, it keeps all of your passwords in an encrypted vault, and it even syncs them across devices. They are quite easy to use as well. Please choose one for your PC, Mac, Android, iPhone, and web browsers.

• https://www.wired.com/story/best-password-managers/

———–

News Flash: New privacy technology called DNS-over-HTTPS (DoH)

Both Chrome and Firefox browsers are about to release default support for “DoH” (Dns-over-HTTPS), which in simple terms means any browser lookups for websites you perform will now be encrypted (DNS is basically what your browser uses to look up the ‘Internet Directory’ for the particular website you are trying to visit). The new DoH feature would mean your browser traffic cannot be read by your ISP, who have been profiting off your DNS data by way of targeted advertising. It will also stop DNS-hijacking, which  basically means the bad guys cannot force you to a website of their choosing.

Keep in mind though, that DNS encryption only transfers trust from your ISP, to another company you trust a lot more. Its not 100% private or anonymous browsing (for that use TOR!)

• https://nakedsecurity.sophos.com/2019/09/12/google-experiments-with-dns-over-http-in-chrome/?

• https://nakedsecurity.sophos.com/2019/09/10/mozilla-increases-browser-privacy-with-encrypted-dns/?

———–

Mozilla’s Private Network & ‘1.1.1.1 + Warp ‘

Mozilla Private Network is brilliant! Its a simple, and free, browser extension that encrypts all the data leaving your browser (sort of like a browser-VPN if you will), and sends it over to Cloudflare (a trusted content delivery provider that promises to delete all your logs after 24 hours). This is great, as it bypasses your ISPs altogether, who have been known to sell your browsing data to 3rd party marketing firms.

On a similar note, you can also install Cloudflare’s very own “1.1.1.1 + Warp” app, which will similarly keep your mobile phone’s web traffic from being snooped by your ISP.

Both a great resources you should really consider:

• https://blog.cloudflare.com/announcing-warp-plus/

• https://private-network.firefox.com/

———–

A nice simple break down of the must-do’s when keeping your personal data in the cloud

https://nakedsecurity.sophos.com/2019/10/22/storing-your-stuff-securely-in-the-cloud/

———–

Firefox’s Enhanced Tracking Protection

Firefox has a new feature that allows you to see how many trackers are being blocked by Firefox’s Enhanced Tracking Protection. on any website you visit. Just click the shield on the left of the address bar at the top to see this info, as well sign up for Firefox Monitor (which warns you if any of your credentials have been exposed in a big data breach on the Internet). Pretty cool, huh!

https://blog.mozilla.org/blog/2019/10/22/latest-firefox-brings-privacy-protections-front-and-center-letting-you-track-the-trackers/

———–

Make sure you Limit Ad Tracking!

Most of us don’t know that there is yet ANOTHER way that we are tracked by the big tech companies, using something called Ad Tracking. They assign you a unique Ad ID on your mobile phone, and keep tabs on you that way.

“But the benefit of having a designated ad ID is that iOS and Android both allow you to reset it or zero it out. This means that with just a few taps on either platform, you can disrupt the profiles ad networks have collected about you, and keep them from growing any more, by turning on a feature in both Android and iOS that essentially sends out a dummy ID that’s all zeros. If you turn this on, you’ll stop the tracking that apps were coordinating through your ad ID.”

So at a minimum, reset your Ad ID periodically to frustrate the tracking companies. Better yet, follow the article’s instructions to turn on “Limit Ad Tracking” altogether 🙂

• https://www.wired.com/story/ad-id-ios-android-tracking/

 

———–



Please be safe out there everyone.

#ClickGameOver