• They may be married and have a family
• Introverted with a close group of friends
• Often learned to program at a young age
• College educated, often in electronics, IT, or physics
• No social media accounts – to avoid drawing attention
• Believe that soft drugs, such as marijuana, help them work

Notice that the Secret Service doesn’t specify a gender.

Please forward this to your friends, so they know their adversaries a little bit better.

The post A Hacker Profile – Who Are They? appeared first on Foster Institute.

You’ll make your computer less attractive to attackers, and it limits the window during which they can attack. You have nothing to lose, and you might even reduce your power bill!

Please forward this to all of your friends, so they know this simple step to protect themselves.

The post Power Down to Boost Security appeared first on Foster Institute.

This video is for non-technical people who need to make Zoom more secure today. So, if that’s you, open up your zoom account settings on your screen, and keep this video where you can see it side-by-side. Pause the video when you need to.

Some people say, “Mike, tell us what settings to change to increase our Zoom security.” If that’s you, then you are going to love this video. It walks you through your Zoom account settings so you can follow along.

I know that some of you will want to fine tune the settings more than this. This video is not designed to replace your IT Pro; they know more about your specific system and requirements.

To help protect your Zoom meetings, watch other videos that cover concerns about using Zoom:

Zoom Security – Set Up Two-Step Login

Zoom Security Settings – The Concise Details

Zoom Security Issues – Protect Yourself

The post Zoom Security – Follow Along to Set Security Settings appeared first on Foster Institute.

1. Refuse to permit tech support to access your computer to help you.

If this is your known service provider, then maybe you will decide to trust them. However, nobody else.

Last week, I connected a new well known web-cam that is highly rated. It didn’t work properly, so I called tech support. Their opening line, “I will send you a link to click, that will permit me access into your computer so that I can fix the problem.” I gently told him there was no way he was ever getting remote access. He was shocked, and had to go ask his manager what to do next…

2. Believe your anti-virus.

The camera company’s tech support rep, now with the manager with him, told me to download a special driver and run it on my computer. When I started to download the driver onto a “test” computer, my anti-virus program identified the driver as a virus. So I refused to install the driver. Without missing a beat, he said, “That’s ok, you can trust anything from us – it is safe.”

I wonder how many of their customers have been duped. Even if the tech support had no intention of infecting their customers’ computers, how can they be sure that their software isn’t already compromised without their knowledge? Never let convenience override your choice to do something reckless.

3. Never answer online quizzes.

I love my wife. One day, she was so excited to tell me what her rock band would have been called in High School. She took a quiz on Facebook that told her. I asked what her rock band would have been called. The band name generated by her filling out the online quiz including the street she grew up on, followed by her favorite pet’s name, and the name of the high school she attended. Like I said earlier, I love her so much. But please don’t ever fill out any online quizzes again – ever. You can be duped into giving away too much information. Attackers can combine the answers with other information they discovered elsewhere on the web, and it makes it lots easier for them to assume someone’s identity.

Please forward this to everyone you care about…

The post Avoid These 3 Really Good Hacker Tricks appeared first on Foster Institute.

I know – it would be so easy to blame Google. Those passwords were gathered from other “stolen password repositories” posted on the dark-web. They were originally acquired through key-loggers, social engineering, brute-force attacks, and a myriad of other ways. None of them, so far as anyone can tell, were stolen by bypassing any security on Google’s systems.

Once upon a time, imagine a situation where a company called Eulcon Inc. buys a lock from a company named Good-Lock. If an employee at Eulcon Inc. loses the key, and an attacker finds the key, and the attacker breaks into Eulcon, should they blame Good-Lock for the intrusion?

Here is what would be much more secure. What if, every time someone turned the key in the lock at Eulcon, the lock wouldn’t open yet. First, someone at Good-Lock would phone the person at Eulcon to whom the key is registered, in order to verify that they are the person who turned the key. The lock would only open for an authorized person. Potential intruders stay locked out.

This is why it is so important that all organizations set up two step login everywhere possible. Two factor auth dot org provides a list of services that support two step login. Additionally, VPNs, Windows, and other services support two step login. Configure two step login, or pay the consequences. And don’t blame Good-Lock. And don’t be like Eulcon spelled backwards.

Please forward this cyber-security info to everyone you care about.

The post Why is it not Google’s fault? appeared first on Foster Institute.

Visit two factor auth dot org (no spaces) for a list of services that already permit you to choose two step login. Each site will walk you through the process.

Google calls their service 2 step verification. Google that phrase to find instructions on Google’s site.

Forward this to everyone who you care about so that they can be more cyber-secure too.

The post Gmail Passwords Stolen, Possibly Millions of Them appeared first on Foster Institute.

The application inventory shows how many machines have a specific program installed on them, such as:

Qty – Application
18 – Adobe Flash Player version 11
22 – Adobe Flash Player version 16
79 – Adobe Flash Player version 20
29 – Mozilla Firefox version 38.0.1
99 – Mozilla Firefox version 44.0.2

Your list will be longer.

Notice that there are three versions of Adobe Flash Player and two versions of Firefox.

As you can imagine, more recent versions of software are generally the most secure. Most organizations such as Adobe and Mozilla recommend that you always use the most recent versions of their tools.

Using the most secure versions of applications is especially important for programs that interface directly to the Internet, such as Flash, Java, and your browsers.

Ask your IT Professionals to update, when possible, those kind of applications. Then, they can show you an updated application inventory report, one that shows the machines being all up-to-date. And, you’ll be able to sleep better at night.

Please forward this email message to everyone you care about…

The post Security Version 2.0 appeared first on Foster Institute.

Qty – Application
79 – Adobe Flash Player
84 – Microsoft Office Standard
99 – Mozilla Firefox
10 – WinPcap
25 – WinZip
And your list will be much longer…

To make your systems more secure, look through the list, and identify the applications that are essential to your doing business. Then, ask your IT Pro to remove anything that is not essential.

As you remove the non-essential programs, you make your network more secure. The fewer toe-holds, the more like The Bean, the more secure you will be.

Forward this…

The post Smooth and Slippery for IT Security appeared first on Foster Institute.

SDN: Software Defined Networking. This new technology is a sweeping change that organizations, such as yours, need to consider as a future direction. It is game changing and so simple.

You’ll save money, alleviate a lot of networking issues, increase security, and more.

At the very least, suggest that your IT professional, professionals, and/or third party firm look into this technology.

If you want to learn more, here is a short story intended to introduce the technology in plain English:

Meet the star of the story: Paul the pilot. He flies the newest passenger jets of your favorite airline.

Now, you become a part of the story. Imagine you paying an IT Professional to build a modern airport for your company using the latest technology. Think of Atlanta, DFW, Chicago, or the airport of your choice. The IT Pro creates a network of runways and taxiways for you.

When Paul lands safely at your airport, like at all airports, he uses the runways and taxiways to travel a dot-to-dot path from the runway to the terminal.

The way things work now: Imagine taking all the air-traffic controllers and placing them at intersections around the airport’s field. Then take away everybody’s radios and add fog so thick that nobody can see each other. There is your network! A disaster that is happening!

With this system, imagine this: A plane lands and then, at the end of the runway, there
is an aircraft controller standing on the runway that asks, “Where are you headed?”

Paul steps on the brakes, rolls down the cockpit window and says, “I need to get to Gate 23.” The controller has to think for a moment, then points to one of the taxiways and says, “Drive your plane that way!” Paul does as instructed.

After scooting down the taxiway for a while, Paul encounters another air traffic controller who reviews a table of best routes, and then points Paul towards the next step of the journey. This goes on, through all the intersections along the route, all the way to the terminal. Paul just cannot help it; he starts humming, “Do you know the way to SJO… (San Jose in the Caribbean)

Now think of dozens and dozens of aircraft moving along the taxiways and runways, slamming on the brakes, honking the airplane horns, traffic jams, and the inevitable crashes. No way, San Jose.

In this analogy, the airplanes represent packets of data. Imagine that Paul the pilot comes from (the) cloud, into your (network of) runways and taxiways, and eventually arrives at a (computer) terminal. In a similar fashion, he can leave the terminal, travel your network, and go back into the cloud, or at least into your file server.

Companies such as Cisco, D-Link, HP, Juniper, NETGEAR, etc. design, build, and sell these traffic controllers. Those switches and routers are expensive because each one has to be intelligent enough to know where next to send each data packet. They have to have good memories in order to remember where to route airplanes for best results. In addition, they are usually uncoordinated with the other devices on your network.

When a user connects to your network with their computer, an iPhone, or some other device, their information travels through your network cables of taxiways and runways to and from your servers, other computers, and the Internet cloud.

With this existing system, when someone starts listening to Internet music for peace of mind, it bogs down the whole network. Nobody notices the hacker or virus that is methodically looking for holes in your security by peeking into every computer on your network.

To top it all off, you pay lots of money for this archaic system! Drawbacks of this system, the one you use now, abound.

This is the happy conclusion: You, all the wiser after reading this story, tell your IT Pro to investigate the implementation of SDN: Software Defined Networking.

Then your wise IT Pro will move all the traffic controllers to a control tower, lift the fog so it is a bright sunny day, and provide radio communications so everybody can function as a team. Teamwork between your network devices is like striking oil! Synergy that is.

The key to all of this is the controller. The controller watches the traffic and tells the devices on the network what to do. Every step of the way, there is a signal that tells Paul where to steer next.

Faster – If Paul is carrying lots of music, then because music uses a great deal of data, he is directed to a special taxiway for music.

Prioritize Data – If a passenger is not feeling well, Paul gets priority and is expedited to the gate to provide a high quality of service (QOS).

Security – If there is an unruly passenger aboard, called a hi-hacker, Paul is directed to pull over so that the local S.W.A.T. team can storm the plane.

Save Money – Cisco, and other vendors may not like it, but your switches and routers
become inexpensive because they no longer have to be “intelligent.” They are generic, can be any brand, just as long as they listen to the controller.

Coordination – the seventh habit of successful people! Your devices now listen to an intelligent controller that has a clear view of all of the planes in the airport and can make things work right.

From an IT Pro point of view, this is perhaps oversimplified, but for an executive – I hope you found this very useful for understanding the next step in networking technology – and why you need to be planning for Software Defined Networking.

If you want to speak a little Geek, tell your IT Pros, who may already know all about this: The data pathways (the runways and taxiways) make up the Data Plane. The controller communication travels on the Control Plane using a protocol such as OpenFlow to send out instructions to the Forwarding Plane that contains routing information.

Moreover, all of those signals travel across the regular network connections that are in place now.

Are your IT Pros are aware of the emerging technology called Software Defined Networking?

Please post your comments below…

The post Know About this IT Networking Strategy Change appeared first on Foster Institute.

If you want to, try the search yourself, and do it soon – it is likely to be removed very soon. Here is a what it looks like as of 11:42pm Monday night:

Additionally, it is a paid ad!

The Google search itself may not expose you unduly, but be CAUTIONED about actually clicking on that link!

Please post your comments below…

The post See the Real-Time Attack Luring iTunes Users appeared first on Foster Institute.