1:M Cyber Security Update 3/7/19


It Takes Russian State-Sponsored Hackers Only 19 Minutes to Start Spreading Throughout a Breached Network

According to Crowdstrike, a Security Incident Response firm well-versed in investigating cyber hacks, it takes only 19 MINUTES to start spreading throughout a company’s network, after someone has clicked a link in a targeted posing email 🙁

I repeat: 19 minutes




Google Chrome Will Start Warning you About Lookalike Websites

Bravo to Google for offering this soon: the upcoming version of Chrome’s will warn you if you’re about to visit a ‘lookalike’ website e.g. g00gle instead of google

This couldn’t come any sooner, as this is a very common way of hackers social engineer you. They will try to send you to a site that looks identical to the one you want to visit, and then trick you into providing your credentials/money/secrets. Here is a photo of what that looks like:




Deepfakes Will Amplify Misinformation

You will start hearing about ‘Deepfakes’ A LOT in the news soon. as it’s going to become a HUGE issue for us as a civilization (and I mean that in all honesty) Deepfakes are basically videos and images that have been altered, using Artificial Intelligence, to be able to “combine and superimpose existing images and videos onto source images or videos” (according to Wikipedia).

So what this means, is you will be watching a video of, say a politician or celebrity, saying or doing something on camera that they NEVER said or did. There are already a number of Deepfake videos circulating the Internet, and their accuracy is absolutely astounding. Most people wouldn’t know the difference.

These could be used to affect elections, kick off civil unrest, and generally cause untold amount of trouble for humans. If we thought we have issues today with circulating fake news articles, wait until fake videos and images become common.

When we are unable to truly trust what we see, how will that affect us as a civilization?

Scary thought really, but luckily there are many people tackling this issue now and trying to create ways to detect and remove Deepfakes from the Internet before they go viral and cause major issues.



Facebook Will Be Merging All 3 Messaging Apps

There is news that Facebook will be integrating all 3 messaging platforms it owns: Instagram, WhatsApp and Facebook Messenger. This makes sense from a commercial standpoint as their users can all talk entirely within Facebook soon, rather that using all 3 separate platforms, But from a privacy standpoint it could have major issues for us, because as you already know, Facebook doesn’t score well at all when it comes to user privacy.

The issue lies in the encryption used on these apps. As mentioned in the training, WhatsApp has “end-to-end” encryption BY DEFAULT, meaning you conversations are completely scrambled and unreadable to anyone who intercepts your messages.

However, Instagram does NOT have end-to-end encryption, and Facebook Messenger only offers this encryption feature if you turn on “Secret Conversations.

So Facebook could , in theory ‘snoop’ on your conversations, and analyze them for data they can then use to sell your targeted ads in the future.

Hopefully Facebook will keep their promise and upgrade Instagram and Messenger encryption to match WhatsApp when they all merge, and not vice versa (by the way it never hurts to keep super secrets chat off Instagram and Messenger for now until this is resolved)



New Cliqz and Ghostery Browsers are very privacy-focused

In addition to the privacy-focused Brave Browser that is discussed several times in the training, I wanted to let you know about Cliqz and Ghostery browsers (yes the same Ghostery we discuss in the training that blocks trackers so well).

They are both very similar to Brave, and are VERY privacy-focused. They all aim to block ads, trackers and 3rd party cookies, as well as warn you about malicious websites. This is great news for us all, and many steps in the right direction. I’m sure Chrome and Edge are taking note…




We Are Moving Towards a Password-less Web

Google’s Android phones that are version 7.0 and up will now support FIDO2, which is a huge deal. FIDO2 is a new technology that is being welcomed by the major tech companies like Microsoft, Mozilla, Google, Apple etc., and to put it simply, what it does is allow you to log into a website or mobile app with your face ID, fingerprint, or security key, RATHER than typing in password (You will learn more about security keys in the 2FA section of the training). You may have already noticed some banking apps logging you in this way, and you will likely see a lot more of this in the future.

Everyone is tired of managing 100000s of passwords, for obvious reasons, so kudos to FIDO2 for making this happen securely.

Another cool thing about FIDO is that it won’t allow you to log into a fake phishing site. It will ONLY present your credentials to the real website e.g. Amazon, and not a fake one like Amaz0n.

A password-less Internet is definitely where the future is heading…:)




Please be safe out there everyone.


Leave a Reply

WordPress PopUp