Steven Andiloro| Security

Steven Andiloro is the owner of Professional Security Solutions, a security company in North Carolina servicing customers nationwide!

Steven Andiloro---Password-Protection--A-Huge-Mistake--compressor

Password Protection: A Huge Mistake?

Steven Andiloro---Password-Protection--A-Huge-Mistake--compressor

Technology has created many wonders in our lives. And because it has become such a large part of our lives, we now often store sensitive and personal information on our technological devices (smartphones, computers, tablets, etc.). And in order to protect that information, we’ve created a password authentication process. For years we have needed to create passwords to protect our documents, photos and other personal information. And in 2003, Bill Burr, a manager at the National Institute of Standards and Technology (NIST), created a guidebook for password creation. But now he regrets it.

 

Essentially, Burr’s guidelines had suggested that we create incredibly complicated passwords in order to prevent any hackers or hacking software from breaking into our accounts or devices. These guidelines suggested that we create a new password regularly (roughly every 90 days or so) and that we use a series of numbers and lowercase and capital letters to fool would-be hackers. Unfortunately, as time has progressed and as new studies are being conducted, Burr has realized the error of his ways. These new studies suggest that the type of passwords that Burr suggested are actually not very safe. The NIST has found that using phrases for passwords is much harder to crack than alphanumeric words. And the suggestion about changing your password every 90 days? Wrong. Those same studies suggest that humans are less likely to drastically change their password each time they are asked to do so.

 

According to a report from Engadget, Burr stated his remorse for creating the guidlines that have plagued humanity for well over a decade stating, “Much of what I did I now regret.”

 

Fortunately, the NIST has finalized a new set of guidelines with the appropriate updates. The new guidelines include the aforementioned updates as well as the suggestion for IT departments to only force password changes in the event of a breach.

 

So, hopefully, for any of you who have gone to painstaking lengths to change your passwords up with a strange series of numbers, letters and symbols, you can now rest assured that soon you will be able to settle for a much less complicated password.

Steven Andiloro - HBO's Hacking Headache

HBO’s Hacking Headache

Steven Andiloro - HBO's Hacking Headache

Large-scale corporations are prone to hackers. Because of their large size and massive amount of money, they are just large targets for hackers. It’s nothing new. In fact, it’s so common that I’ve written a few blogs on some of the largest online hacks on large corporations. Just recently, HBO, the massively popular premium cable television network, was hacked, and a large amount of data was stolen from the company.

 

According to reports, last week saw a major hack of HBO’s servers that resulted in over 1terabyte of data being stolen. This data, which included several scripts for unaired episodes of the popular Game of Thrones television show, as well as full, unaired episodes of Ballers and Room 104, has been leaked online. So far, the amount of content that has been leaked to the public has only amounted to 3.5 gigabytes of data. To put that into perspective, there are 1,000 gigabytes in a terabyte. At the moment, no one is entirely sure of what other data the hackers have a hold of, but there is speculation that they have several episodes of Game of Thrones.

 

And while pirated episodes of Game of Thrones is nothing new, the hackers claim to have accessed much more important information as well. According to a report from The Verge, the hackers have gained access to the phone numbers and addresses of all of the actors from Game of Thrones’ season 7, as well as internal HBO passwords. This makes the situation much more serious, as that information could bring harm upon the actors of the show. While HBO claims that there is little evidence of such personal information being leaked, the threat should still be taken seriously.

 

The network is conducting an investigation and hopes to avoid a repeat of a similar disaster from 2014 when Sony Pictures’ email servers were hacked. Multiple emails were stolen that damaged the reputation of some executive members of the film studio.

 

Although large-scale hacks such as these are not necessarily shocking, they are still an unnecessary headache. It is incredibly important that all businesses, large and small, focus a large amount of attention on their security and IT departments. By strengthening their malware and virus protection, they decrease the risk of incidents such as these from potentially ruining the company or the careers of those involved.

Steven Andiloro Even More Gadgets for Personal Security

Even More Gadgets for Personal Security

Last month I wrote an article about important personal security devices that are important to keep on your person. And although I covered a few items, there are still plenty of other gadgets out there that can should be used for protection. And so, I thought it would be a good idea to list a few more personal security items.

 

Security Alarm

This may seem like an obvious choice for those who value their personal security, but not everybody is aware that these devices exist. Essentially, personal security alarms are tiny devices that can be carried discreetly and, in the case of an emergency, set off in order to alert authorities. Devices like the GE Personal Security Keychain Alarm or the Nimb Ring all offer a sense of safety for anybody.

 

Portable Camera

Admittedly, this might be a bit of overkill, but depending on your situation, you might want to have a camera on you at all times. Especially if you are walking alone in the park or through the streets. By having a portable camera on your person, you can video record your assailant and report him or her to the authorities. With video evidence, they can then track the perpetrator and bring him to justice.

 

Undercover Colors

This “gadget” is possibly one of the most unique and ingenious devices I’ve ever seen. Undercover Colors is a brand name of nail polish that can be used to detect predatory drugs. According to Undercover Colors, 1 in 6 women will be sexually assaulted in her lifetime. This special blend of technology and nail polish is looking to combat that. The nail polish can be worn as normal and dipped into a variety of beverages; if the nail polish changes color, that means that the drink has been spiked with a predatory drug. This fantastic device is stylish and secure, and could help prevent thousands of unnecessary acts of violence.

Steven Andiloro - Being Safe While Traveling

Being Safe While Traveling

Steven Andiloro - Being Safe While Traveling

Summertime is officially here and what better way to enjoy the warm weather and long nights than traveling across the world? Kids are on summer break, adults are on vacation, it’s a very popular time to travel. And although it is important to have fun, it is also incredibly important to remain vigilant. Here are a few safety and security measures you can take to protect yourself and your family while traveling abroad.

 

Beware social media

These days, everybody loves to post what they are doing on social media. From Facebook posts, to Instagram photos to tweets on Twitter, personal lives are shared 24/7. While sharing a photo of the sunset in Puerto Rico or posting a status of when you are leaving for vacation might sound like fun and innocent ways of letting your friends and family know where you are, it can unfortunately let other malicious people know where you are. By posting your whereabouts on social media, you can be setting yourself up for a home invasion. An empty house means an easy target. Taking hundreds of photos to remember your experience is fine, but just make sure that you do not post those photos online until after you return home.

 

Purchase a smart home security camera

Home security cameras are nothing new. They allow you to see exactly what is going on in your house when you are away. And while they were fantastic devices upon their creation, the 21st century has truly made home security cameras groundbreaking. With a smart home security camera, you can view your house anywhere, anytime. This way, if someone breaks into your house, not only will you have video evidence of it, you will also be able to see it in real time and alert the proper authorities as quickly as possible.

 

Don’t stick out

You’ve probably heard this tip before, but it deserves repeating. Make sure to blend into the crowd as much as possible. This may be your first time visiting a country or state that you’ve always dreamed of going to, but being obvious about it will clue in potential thieves and miscreants. Don’t walk around with a map, don’t look up at every building with tremendous awe and wonder, and limit the number of photos that you are taking. These are all things that will make you susceptible to an attack.

 

It is a big world out there. Enjoy it, but be safe.

Steven Andiloro Personal Security Devices You Need

Personal Safety Devices You Need

Steven Andiloro Personal Security Devices You Need

I am a fervent believer of personal security and safety. I have mentioned, in previous blogs, the importance of protecting your personal information from online hackers, but I have not touched on an even more important topic: your own physical safety. The digital space has its importance in our lives, but nothing will be more important than your or your family’s personal safety. That is why I wanted to list a few personal safety gadgets that are great to have on hand.

 

Mace/Pepper Spray

This is possibly one of the most popular and well-known personal safety devices in existence. If ever you are alone and feel uncomfortable and need to fend off an attacker, nothing beats this classic. Typically, pepper spray contains oleoresin capsicum, an oil that contains the compound capsaicin, which is what causes the burning sensation of pepper spray. The compound finds its way into an attacker’s nose, throat and eyes and almost certainly incapacitates them.

 

Pocket Shirt

Whenever you’re traveling, or even if you are just taking a stroll in your own neighborhood, one of the biggest looming threats to your personal safety is a pickpocket or a mugger. These thieves always go for your wallet, but what if they didn’t know where your wallet was? Shirts that contain hidden pockets located on the chest offer a clever way to hide your personal belongings. This could include your credit card, passport, cash or just your wallet. It is certainly worth looking into.

 

Personal Safe

For those moments when you don’t want to carry all of your personal belongings, but you also don’t trust the hotel or location that you are staying in, look no further than a personal safe. Just large enough to store money and small personal items, personal safes offer a terrific way to keep all of your content safe and secure. And if you were to carry it with you and get mugged, the attacker would not have access to the safe anyways. It is a great way to keep your most precious belongings safe when you are on the move.

Steven Andiloro Even more of the Worst Online Attacks in History

Even more of the Worst Online Attacks in History

I’ve previously discussed several of the world’s most notorious online hacks. I figured I would continue this series and take you down memory lane with two more of the worst online attacks in history.

 

Jonathan James

This is quite possibly one of the most unique and tragic hacks in the history of cyber crime. In 1999, a young hacker by the name of Jonathan James committed one of the most stunning cybercrimes to that point in time: he was able to hack into the computers of both NASA and the US Department of Defense. At only 15 years old, Jonathan was able to install a backdoor into the US Department of Defense’s servers which gave Jonathan access to over three thousand private messages, which included usernames and passwords. Jonathan also installed a backdoor into NASA’s servers which granted him access to a portion of the aeronautics organization’s software. The attack cost NASA $41,000 to repair. Once caught, Jonathan was sentenced to house arrest and probation, and was required to write letters of apology to both NASA and the Department of Defense. Unfortunately, Jonathan was suspected of being involved in another series of online hacks in 2004, and took his own life in 2008.

 

The TJX Attacks

Going off of Jonathan’s story, the attack that he was suspected of being a part of turned out to be quite a large attack. Jonathan was suspected of being a part of a group of hackers named the “Shadowcrew.” The crew, led by Albert Gonzalez, managed to steal over 45 million credit and debit card numbers from shoppers of the TJX company, which owns the TJ Maxx and Marshalls retail stores. Gonzalez, the mastermind behind the operation, supposedly took on an expensive lifestyle and spent millions of dollars. And this wasn’t Gonzalez’s only series of attacks. He also led attacks on Dave & Busters and Heartland Payment. Gonzalez was put on trial in 2010 for his TJX hacks and was sentenced to 20 years in prison. He was incredibly remorseful for his actions, and hopefully, once he is released he will be a changed man.

 

Cybercrime has been going on for years, and it shows no signs of stopping. Hopefully we can learn from history and, as a society, boost our respective network security systems and prevent situations like this from ever happening.

 

Be sure to check back in for even more of the worst online hacks in history!

Steven Andiloro - Phishing For Trouble

Phishing For Trouble

Steven Andiloro - Phishing For Trouble

 

On May 3, Google shut down one of the most sophisticated phishing attacks of all time, which infiltrated approximately one million Gmail accounts in just under an hour.

 

How is this possible, you might ask?

 

This particular phish impersonated a Google Docs request from a trusted contact, such as a family member, coworker, or spouse. By clicking on the request, users were redirected to a legitimate Google login page, where they were asked to provide their username and password, as well as authorize the use of the infected third-party extension, “Google Apps.”

 

By giving permission to this extension, it was feared that users had unwittingly given scammers access to their inboxes, passwords, and other personal information. However, Google concluded that, in spite of this lack of “thinking before clicking,” only users’ contact lists were made accessible to this phishing campaign — hence the rapid distribution of these faux Google Docs requests.

 

Aaron Higbee, chief technology officer at the phishing research company that analyzed data from the scam, commented, “The importance of this phish is not how it spread, but rather how it didn’t use malware or fake websites tricking users to give up their passwords. This phish worked because it tricked the user into granting permissions to a third-party application. This is the future of phishing, and every security technology vendor is ill-equipped to deal with it.”

 

Google took immediate action in resolving the scam. The company said in a statement that they have “disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again.”

 

In spite of these extensive and preventative security measures, users should remain vigilant and keep their eyes peeled for any copycat attacks — which they should immediately report as phishing within Gmail.

 

Those who have fallen victim to this scam are advised to log into their accounts, go to their Permissions page and revoke any access to fake Google services, such as “Google Docs” or the aforementioned “Google Apps.” From there, users ought to change their passwords and cleanse their Gmail accounts of any spam or phishing emails.

 

Steven Andiloro- Two More of the Worst Online Hacks in History

Two More of the Worst Online Hacks in History

 

As a continuation of last month’s blog, I took a look at some more detrimental online hacks that have rocked our nation. Although preventive cyber security measures have increased, so have the capabilities of hackers. A lot of our personal information is exposed when we utilize online resources. Many of us know someone who has been affected by cyber attacks and may even know people involved in some of these larger scale incidents. Here are a few more noteworthy security breaches to hopefully remind you to stay safe online.

 

Target:

In 2014, retail mogul, Target, faced one of the worst data hacks our country has seen. The attack led to 70 million names, mailing addresses, emails, and phone numbers being stolen. Additionally, 40 million credit and debit card number, expiration dates, and CV codes were obtained by the hackers. The unique scenario of the hack made it a national news story. The breach in security took place over a three-week time period, which is why so many accounts were infiltrated. Many customers lost a great deal of trust in the company, and stocks did take a hit for a few months. From a security standpoint, Target had all of the right preventative measures in place. Yet, they neglected to react to the warnings they were provided. Many lawsuits filed against the company due to damages were dropped once damages were returned to customers. After discovering the breach, Target offered a year of free credit monitoring and identity theft protection to U.S. based customers.  A few customers received settlement funds from Target and the security measures have increased drastically. I’d be willing to bet that they won’t be ignoring any more warning signs in the future.

 

Sony Pictures

Those working in the entertainment industry already have a significant amount of their dirty laundry aired. You can imagine their emotions when they found out that Sony Pictures had fallen victim to a cyber attack. The attack was orchestrated by a North Korean based group self-titled “Guardians of Peace.” The group claimed their motive was the release of the film “The Interview,” a comedy portraying an assassination attempt on Kim Jong-Un. The breach consisted of the group receiving access to Sony employee’s personal information, emails within the company, and copies of then-unreleased films. As a result of the attack, Sony has heightened their cyber security efforts including the use of new software to house all company information.

Steven Andiloro Beginners Guide To Internet Security

Beginners Guide To Internet Security

The creation of the internet has led to many great technological advances in our lifetimes. Everything from research capabilities to video chatting with people around the world is feasible thanks to the world of being able to log online. Sadly, many people have dedicated their lives to creating viruses and cyber attack mechanisms to destroy and alter the way we use the internet. It is important for everyone to be aware of viruses that exist and best practices for keeping your digital footprint safe.

 

Preventative Measures

Before the hackers and viruses can make their way onto your devices, there are plenty of proactive methods for keeping your information secured. One of the best practices includes making sure a strong password is used for all properties. Many sites now have strength requirements (upper and lower case letters, numbers, special characters, etc.) but for those that have no requirements, it is still best practice to include as many features in a password as possible. Another tip, though tedious, is creating a different username and password for all login credentials. People who use the same passwords for all accounts are more likely to be hacked via multiple sites rather than just one. A great tool to utilize are apps such as Keeper, which creates a secure location to manage all of your passwords in case they are forgotten.

 

One of the largest sources of cyber attacks stems from improper use of certain online properties. McAfee shares that improper use of tools such as email and instant messaging can cause holes in your security walls, allowing viruses to be easily implanted in your system. Additionally when online shopping, make sure that there is a note on the checkout page, ensuring that the site and your information is safely protected from hackers.

 

Services

In addition to completing the above actions, there are many companies that provide online security for you and your devices.Top Company Compare ranks a few of the top contenders with brands such as Norton, Scanguard, and Total AV making the top 5 list. By purchasing one of these software systems, you are eliminating any additional risk factors that come along with intense online use. These products usually update automatically and are applicable to multiple devices, giving optimal coverage for any possible online invasions.

With the number of daily technological advances being made, there is always room for cyber attackers to grow their craft. Even those who sparingly use the internet, knowledge, and protection from any sort of breach or hack that may present itself is crucial. Continuously remaining aware of our internet practices will provide less of an opportunity for cyber disasters.

Steven Andiloro Two of the Worst Online Hacks in History

Two of the Worst Online Hacks in History

I’ve said it before and I’ll say it again: we cannot escape technology. Technology has infested our everyday lives. And because of that technology, we have put a large amount of our personal information out in the open, without us fully realizing it. From online purchases to banking, our credit card and social security numbers, dates of birth and just about everything else are all out in the open, waiting to be taken. And unfortunately, malicious hackers have taken advantage. There have been dozens of online hacks on companies which have put millions of users’ information at risk before, but there are two in particular that I feel are exceptionally bad.

 

Playstation Network Outage

Video games are a multibillion dollar industry, with billions playing around the world. And Playstation, one of the world’s most popular gaming consoles, has a very popular online gaming community called the Playstation Network. In this community, subscribers can play video games and speak with each other and purchase video games or movies through the online store, which requires a credit card. And in 2011, hackers breached the Playstation Network, bringing the platform to its knees. The attack resulted in the access of 77 million subscribers’ personal information by hackers. Sony, the parent company of Playstation, was forced to shut down the service for a total of 23 days. In that time, they restructured the infrastructure and made the network safe to use again. In response, Sony executives publicly apologized during a press conference by bowing their heads in shame. At the time, it was one of the worst online hacks in history.

 

Yahoo! Account Breach

Speaking of the worst security breaches in history, Yahoo! has the unfortunate pleasure of laying claim to this record. An incredibly recent event, Yahoo!, the popular tech company, admitted to the breach of over 1 billion users’ accounts. What made the case so extraordinary was the fact that Yahoo! had been attacked twice within two years. The first hack occurred in 2013, which compromised the initial 1 billion accounts; the second hack took place a year later, adding an additional 500 million breached accounts. It is by far the worst data breach of any company on record. What makes matters worse is that Yahoo! only recently disclosed the security attack, in September of 2016. Although the news made headlines, it did not necessarily damage the company’s image.

Page 1 of 2

Powered by WordPress & Theme by Anders Norén