1:M Cyber Security News 7/25/23

Good day to you all,

It’s been a short while since my last newsletter, lots going on, and hoping you’re all being super safe online, as always 🙂

OK first things first, PLEASE make sure for those of you who use Gmail and Google Workspace, to set up your passkey to replace your existing Google passwords.

As you recall from my recent an announcement, Passkeys are amazing, and will be replacing passwords in due course. They are essentially a way of logging into websites & mobile apps, with only your biometrics (FaceID or fingerprint) or PIN.

NO PASSWORDS ARE NEEDED ANYMORE!

And not only that, they are 10x easier that passwords to set up and among  save you time logging into websites & apps, and are 10x more secure to use than passwords.

Here is the most recent list of websites that support Passkeys as of today (it is updated daily):

https://passkeys.directory/

And here is an illustrated website with a simple step-by-step guide showing how to create a Passkey:

https://www.passkeys.io/

Moreover, here is 1Password Password Manager’s website explaining how amazing Passkeys are (which they support now :)):

https://www.future.1password.com/passkeys/

And finally some more resources on why/how to set up Passkeys:

https://support.google.com/accounts/answer/13548313

https://security.googleblog.com/2023/05/so-long-passwords-thanks-for-all-phish.html

https://www.wired.com/story/how-to-use-passkeys-google-chrome-android/   

 

OK now for some more interesting cyber security news:

=================

A great write-up on how prevent stalkers from tracking your using your mobile devices – specially important if one is experiencing any form of domestic abuse:

https://www.consumerreports.org/digital-security/shut-stalkers-out-of-your-tech-a6642216357/



iOS Safety Check

Safety Check is a new Apple iOS feature under Settings if you want to safely reset all data and location access you have granted to apps and other people. This feature is not just for general privacy reasons, but also aimed people in complicated and abusive relationships, especially those with violent partners.

  • “Safety Check has two options: Emergency Reset and Manage Sharing & Access. The former will instantly freeze information sharing with people and apps with one tap. It’ll also remove all emergency contacts and reset your Apple account (ID and password). The latter—Manage Sharing & Access—gives you a birds-eye view of what data you’re sharing with whom and with what apps. If you think someone is secretly tracking or monitoring you, you go here to check. The user can cherry-pick what data they want to share with who or if they want to completely stop sharing with this person(s) or app(s).”

https://www.malwarebytes.com/blog/news/2022/09/here-are-the-new-security-and-privacy-features-of-ios-16

 

———–

An article explaining the various ways you can remove all your data from the Internet / search engines, and specifically Data Brokers (or simply pay a company to do it for you):

https://www.consumerreports.org/personal-information/how-to-delete-your-information-from-people-search-sites-a6926856917/

 

———–

Apple has introduced “Advanced Data Protection for iCloud”, a new feature that uses end-to-end encryption to protect sensitive iCloud data, including backups, photos, notes, etc. This basically means even Apple cannot read or recover your backups in the Apple Cloud.

Per Apple “”Advanced Data Protection is Apple’s highest level of cloud data security, giving users the choice to protect the vast majority of their most sensitive iCloud data with end-to-end encryption so that it can only be decrypted on their trusted devices,” This comes on the heels of Lockdown Mode, which is their super-duper security configuration for iOS devices.

Again, per Apple “Lockdown Mode defends high-risk individuals such as human rights defenders, journalists, and dissidents from “extremely rare and highly sophisticated cyber attacks” like targeted deployments of mercenary spyware.

 

https://www.bleepingcomputer.com/news/apple/apple-rolls-out-end-to-end-encryption-for-icloud-backups/

 

———–

Windows has some super cool new security features that will keep an eye on where you are typing in your credentials on the Internet, – and if it suspects you have sent them “somewhere unknown and potentially untrustworthy—you’ll see a message onscreen advising you to change your password to something different. The idea is that you’ll be able to modify your login credentials before anyone has been able to exploit them.” It will also warn you if any of them match the password you also use to sign into Windows itself, to make sure that you are keeping your passwords separate & unique 🙂

As you might already know, you can also ditch the password for your Microsoft and Windows accounts and use a prompt on your phone to log in instead. I recommend you do this also if you haven’t already.

Passwords are lame and becoming antiquated.

https://www.wired.com/story/windows-11-automatic-phishing-protection/

 

———

As Ive mentioned several times now, please switch over from LastPass to another password manager, as I am not going to recommend them anymore due to their recent security breaches (and their lack of transparency of these breaches).

I wholeheartedly recommend 1Password, and it takes less than 30 mins to transfer your entire password vault from LastPass over to 1Password. Here is an article explaining why 1Password will not reveal your password vault EVEN if they themselves are hacked, because they use a Secret Key in addition to the Master password, which is randomly generated and infeasible to bruteforce attacks by hackers.

So even if you have a weak master password, hackers cannot break into your vault!:

https://support.1password.com/secret-key-security/

 

———

Samsung has developed a new security system called Samsung Message Guard to help Galaxy Android smartphone users keep safe from the so-called “zero-click” exploits that use malicious image files in text messages sent to the phone :

https://www.bleepingcomputer.com/news/security/samsung-adds-zero-click-attack-protection-to-galaxy-devices/

 

———

Microsoft will automatically block certain file extensions in OneNote, that are often used to spread malware. These file types will also be blocked in Excel, Word, PowerPoint and Outlook, and this expands on the default blocking of macros from the Internet. As you can see, Microsoft is doing some goods things in security to make us safer in our day to day lives:

https://learn.microsoft.com/en-us/deployoffice/security/onenote-extension-block

==

#ClickGameOver

Leave a Reply