Zero-access encryption is a method to protect data while it’s at rest, which happens to be how Courier encrypts your item data. Everything works unless the app leaks the master password to the Internet somehow. Hopefully this never happens, but occasionally it does. Cases in point are bugs and bad employees.
Category: Blogspace
The Traffers threat
Traffers are criminal teams who typically redirect you to malware that steals your private information. The term “Traffer” comes from the Russian word “Траффер” which translates to “worker.” In 2022 alone, over 120 such teams have been created worldwide! The most effective protection against traffers is the use of multi-factor authentication while never clicking on links inside uninvited emails or sketchy web sites. Link to full article
How to become a cybersecurity pro
Essential tips for this essential job role.
3-2-1 Backup Strategy
The true value of your computer or device is not your equipment, it’s your data, like photos, documents, and music! You can easily replace stolen or broken equipment, but without a proper backup you can’t replace your important data! Since any computer can crash at any second, or be infected by malware such as ransomware, it is critically-important to have established a quality backup strategy, such as the ever-popular “3-2-1” method. Here’s how the “3-2-1” method works: Check out this…
Tips for Two-factor Authentication
2FA, also known as “Multi-Factor Authentication” or “MFA” is technology that attempts to increase security beyond a simple logon ID and password. It does this using three concepts: knowledge – something only the user knows (like a password/PIN/secret questions) possession – something only the user has (like a one-time or hardware token) inherence – something only the user is (like a biometric scan) Logging In Most sensitive consumer-facing websites today use the following method: user enters their user ID and…
Password Do’s and Don’ts
There are best and worst practices for handling your passwords. Here are a few examples of both: Do’s: always use a quality password manager that can generate new hard-to-crack passwords consider who you’re willing to trust with your most-personal data audit password strength often delete unused or forgotten accounts always use longer passwords with at least 12-16 characters which are much harder to crack change passwords for critical sites at least annually never use public WiFi networks without a good…
Beware “Zero-day” malware
Malware, aka "malicious software", are nefarious programs created by cybercriminals designed to somehow violate your privacy, or cause you damage or other hassle. There are at least nine major categories of malware: Spyware — spies on your to steal your sensitive information Ransomware — blocks access to your files then extorts money from you Viruses — infects your files and/or programs Worms — infects the system files Trojan horses — misrepresents itself to appear useful Adware — forces advertising on…
Beware Banking on a Windows PC
The vast majority of viruses and other malware is written for the most-popular PC operating system: Windows. As of 10/28/19 GlobalStats reports that 72.9% of desktop PCs run Windows, followed by 21.1% that run Apple’s OSX. Best practice is to never log on to your banking website if you run a Windows PC. Instead, build a “Live CD” (or use a USB flash drive for quicker startup) that boots it with a less-popular operating system like Linux. You can then…
Beware tricky new scam: ‘Vishing’
Even security pros are falling for ‘Phishing’s evil twin: Voice-assisted phishing, aka ‘Vishing.’ This scam often involves a human being on the phone with you, typically ‘reporting’ something like fraud to you then asking you to verify personal and account-related details like home address, social security number, PIN number, etc. Bottom-line: always disregard the caller’s caller-ID, even if it matches your bank or creditor’s numbers — since caller-ID is easily faked. Best practice if you’re worried — hang up, then…
Beware SIM-swapping Attacks
Most people consider their Social Security number to be their most valuable personal data. Another threat is brewing that targets your mobile phone number — yes, the phone you use for 2-Factor Authentication and resetting your website passwords! Here’s how it works: Criminal somehow acquires your mobile phone number then gathers some basic information about you Criminal calls your mobile carrier and impersonates you requesting them to reassign your mobile number to a different phone Criminal then uses this phone…
