508-909-5961 [email protected]

The risks of autocomplete passwordsHackers may have found another way of tracking you via seemingly harmless autocomplete passwords. Here’s what you need to know. Why auto-fill passwords are so dangerous Certain web browsers have integrated features that enable usernames and passwords to be automatically entered into a web form. There are also password manager applications that have made it […]

The post The risks of autocomplete passwords appeared first on Complete Technology Resources, Inc..

The risks of autocomplete passwords

Hackers may have found another way of tracking you via seemingly harmless autocomplete passwords. Here’s what you need to know.

Why auto-fill passwords are so dangerous

Certain web browsers have integrated features that enable usernames and passwords to be automatically entered into a web form. There are also password manager applications that have made it easy to access login credentials. But these aren’t completely safe. They can become a liability if hackers gain access to computers or browsers.

For example, if a hacker gains access to just one account, it’ll be easier for them to obtain access to other accounts because the autocomplete feature will fill in all other saved credentials.

Tricking a browser or password manager into giving up saved information is incredibly simple. All a hacker needs to do is place an invisible form on a compromised webpage to collect users’ login information.

Using auto-fill to track users

For over a decade, there’s been a password security tug-of-war between hackers and cybersecurity professionals. Little do users know that shrewd digital marketers also use password auto-fill to track user activity.

Digital marketing groups AdThink and OnAudience have been placing these invisible login forms on websites to monitor the sites that users visit. AdThink and OnAudience track people based on the usernames in hidden auto-fill forms and sell the information they gather to advertisers. While the intention is not to steal passwords, there’s always the likelihood of exposure.

One simple security tip for today

A quick and effective way to improve your account security is to turn off auto-fill in your web browser. Here’s how to do it:

  • If you’re using Chrome – Open the Settings window, click Advanced, and select the appropriate settings under Manage Passwords.
  • If you’re using Firefox – Open the Options window, click Privacy, and under the History heading, select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”
  • If you’re using Safari – Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

Being cautious about your password security habits can go a long way in protecting your sensitive data. For managed, 24/7 cybersecurity assistance that goes far beyond protecting your privacy, call us today.

Published with permission from TechAdvisory.org. Source.

The post The risks of autocomplete passwords appeared first on Complete Technology Resources, Inc..

Read More

Protect your IoT system with the following rulesThe Internet of Things (IoT) is quickly becoming an important tool for many businesses, as it allows enterprises to leverage the capabilities of the cloud and automation to maximize business potential. Learn how you can secure your IoT network with these tips: Set passwords Many users fail to realize that they can set passwords for […]

The post Protect your IoT system with the following rules appeared first on Complete Technology Resources, Inc..

Protect your IoT system with the following rules

The Internet of Things (IoT) is quickly becoming an important tool for many businesses, as it allows enterprises to leverage the capabilities of the cloud and automation to maximize business potential. Learn how you can secure your IoT network with these tips:

Set passwords

Many users fail to realize that they can set passwords for IoT devices. Failing to do so makes their gadgets easy to hack. You have to make sure to create strong passwords — preferably with a combination of upper- and lowercase letters, numbers, and symbols — and also put a smart and proactive password policy in place. Make use of all security options at your disposal, such as two-factor authentication (2FA) and regular password resets.

Disable Universal Plug and Play

Universal Plug and Pay (UPnP) helps IoT gadgets discover and connect with other network devices. However, this feature can also be exploited as a gateway for hackers to infiltrate your devices and network. To prevent this, disable this feature.

Create a separate network

It’s a good idea to keep your IoT devices connected to a network separate from your main office network. This way, gadgets can connect to the internet but won’t have access to mission-critical files.

You can also invest in device access management tools. These allow you to control which devices can access what data, and prevent unauthorized access.

Update your firmware

You need to keep your software up to date if you want to secure your devices against cyberattacks. Manufacturers regularly release patches for the latest vulnerabilities, so make it a habit to check and install IoT firmware updates regularly.

If you have several devices, use patch management software to automate patch distribution and schedule regular updates.

Unplug it

Simply disconnecting your devices or turning them off when not in use can significantly reduce your vulnerability to cyberattacks. It removes potential entry points into your network and minimizes the chances of unauthorized access to your network.

With the advent of IoT devices in homes and offices, hackers also developed more cunning ways to exploit them. Adopting the abovementioned security habits can prevent a variety of IoT attacks, but if you need to beef up your security, contact us today. We have robust security solutions to keep your hardware and systems safe.

Published with permission from TechAdvisory.org. Source.

The post Protect your IoT system with the following rules appeared first on Complete Technology Resources, Inc..

Read More

Single sign-on: The key to user managementFrom complexity requirements to minimum lengths, creating a password for a new online account can be bothersome. If your business is constantly experiencing this issue, single sign-on (SSO) can help. This technology is secure, easy to manage, and eliminates the need to remember a long list of usernames and passwords. What is SSO? Single sign-on […]

The post Single sign-on: The key to user management appeared first on Complete Technology Resources, Inc..

Single sign-on: The key to user management

From complexity requirements to minimum lengths, creating a password for a new online account can be bothersome. If your business is constantly experiencing this issue, single sign-on (SSO) can help. This technology is secure, easy to manage, and eliminates the need to remember a long list of usernames and passwords.

What is SSO?

Single sign-on allows you to create one username and one password that thousands of websites will recognize. If you’ve ever clicked “Continue with Google” on a non-Google website, you’ve already enjoyed the benefits of SSO. It’s faster, simpler, and more secure. Now, small businesses can accomplish the same level of efficiency between their employees and cloud platforms.

Instead of requiring everyone in the office to track separate accounts for Office 365, Slack, Trello, and other cloud apps your company uses, you can give them a single set of credentials and manage what they have access to remotely. Employees come to work, enter their designated username and password, and they’re all set for the day.

Why is SSO more secure?

There are a number of ways to set up a small business SSO solution, but most of them focus on removing login information from your servers. Usually, you’ll provide your employees’ logins to an SSO provider (sometimes referred to as an Identity-as-a-Service provider) and each employee will receive a single login paired with a secondary authentication — like a fingerprint or an SMS code to a personal device.

Every time one of your employees visits a cloud platform, such as Office 365 or Google Apps, the SSO provider will verify the user’s identity and the connection’s security. If anything goes wrong, your IT provider will be notified.

Should your network or any of its devices be compromised, hackers would find nothing but logins to your SSO accounts, which are meaningless without fingerprints or mobile devices.

How to get started with SSO

The first step is making sure you have a healthy and responsive IT support system. You need a team that’s constantly available to review suspicious alerts and troubleshoot employee issues. If you don’t currently have that capacity, contact us today and we’ll help you out!

Published with permission from TechAdvisory.org. Source.

The post Single sign-on: The key to user management appeared first on Complete Technology Resources, Inc..

Read More

Hackers come in all shapes and sizesHackers are known by the general public as cybercriminals, especially with so much news about nude celebrity photos beings released to the cloud, millions of customer information being stolen across many industries, and government agencies paying the ransoms hackers demand so that the former can regain access and control of their systems. However, did you […]

The post Hackers come in all shapes and sizes appeared first on Complete Technology Resources, Inc..

Hackers come in all shapes and sizes

Hackers are known by the general public as cybercriminals, especially with so much news about nude celebrity photos beings released to the cloud, millions of customer information being stolen across many industries, and government agencies paying the ransoms hackers demand so that the former can regain access and control of their systems. However, did you know that not all hackers are bad guys? Read on to learn more about them.

A complicated history

In the 1950s, the term “hacker” was vaguely defined. As computers became more accessible, the word was used to describe someone who explored the details and limits of computer technology by testing them from a variety of angles.

But by the 1980s, hackers became associated with teenagers who were caught breaking into government computer systems — partially because that is what they called themselves, and partially because the word hacker has an inherently aggressive ring to it.

Today, several of those pioneering hackers run multimillion-dollar cybersecurity consulting businesses, while countless others run amok online, hoping to make a quick buck off of hapless victims.

“Black hat” hackers

Closer to the definition that most people outside the IT world know and use, black hat hackers create programs and campaigns to commit all sorts of malicious acts. Crimes such as identity theft, credit card fraud, and extortion are for their sole benefit, but they can also work under the auspices of a corporation or a state and commit espionage and cyberterrorism.

During the 1990s, Kevin Mitnick was a prime example of a black hat hacker. Mitnick went on a two-and-half-year hacking spree wherein he committed wire fraud and stole millions of dollars of data from telecom companies and the National Defense warning system.

After paying his debt to society by spending five years in prison, he set up his own eponymous cybersecurity firm and became its CEO and Chief White Hat Hacker.

“White hat” hackers

Sometimes referred to as ethical hackers or plain old network security specialists, these are the good guys. Whether it’s selling what they find to hardware and software vendors in “bug bounty” programs or working as full-time technicians, white hat hackers are just interested in making an honest buck.

Linus Torvalds is a great example of a white hat hacker. After years of experimenting with the Sinclair QDOS operating system on his Sinclair QL, he released Linux, a secure open-source operating system.

“Gray hat” hackers

Whether someone is a security specialist or a cybercriminal, the majority of their work is usually conducted over the internet. This anonymity affords them opportunities to try their hands at both white hat and black hat hacking.

For example, Marcus Hutchins is a known gray hat hacker. He’s most famous for testing the WannaCry ransomware until he found a way to stop it.

During the day, Hutchins works for the Kryptos Logic cybersecurity firm, but the US government believes he spent his free time creating the Kronos banking malware. He was arrested in 2017 and branded a “gray hat” hacker.

Published with permission from TechAdvisory.org. Source.

The post Hackers come in all shapes and sizes appeared first on Complete Technology Resources, Inc..

Read More