Category: Steven Andiloro

Steven Andiloro Personal Security Devices You Need

Personal Safety Devices You Need

On June 14, 2017

I am a fervent believer of personal security and safety. I have mentioned, in previous blogs, the importance of protecting your personal information from online hackers, but I have not touched on an even more important topic: your own physical safety. The digital space has its importance in our lives, but nothing will be more important than your or your family’s personal safety. That is why I wanted to list a few personal safety gadgets that are great to have on hand.

Mace/Pepper Spray

This is possibly one of the most popular and well-known personal safety devices in existence. If ever you are alone and feel uncomfortable and need to fend off an attacker, nothing beats this classic. Typically, pepper spray contains oleoresin capsicum, an oil that contains the compound capsaicin, which is what causes the burning sensation of pepper spray. The compound finds its way into an attacker’s nose, throat and eyes and almost certainly incapacitates them.

Pocket Shirt

Whenever you’re traveling, or even if you are just taking a stroll in your own neighborhood, one of the biggest looming threats to your personal safety is a pickpocket or a mugger. These thieves always go for your wallet, but what if they didn’t know where your wallet was? Shirts that contain hidden pockets located on the chest offer a clever way to hide your personal belongings. This could include your credit card, passport, cash or just your wallet. It is certainly worth looking into.

Personal Safe

For those moments when you don’t want to carry all of your personal belongings, but you also don’t trust the hotel or location that you are staying in, look no further than a personal safe. Just large enough to store money and small personal items, personal safes offer a terrific way to keep all of your content safe and secure. And if you were to carry it with you and get mugged, the attacker would not have access to the safe anyways. It is a great way to keep your most precious belongings safe when you are on the move.

Even more of the Worst Online Attacks in History

By stevenandiloro

On June 14, 2017

In Computer Security, Online Security, Security, Steven Andiloro

I’ve previously discussed several of the world’s most notorious online hacks. I figured I would continue this series and take you down memory lane with two more of the worst online attacks in history.

Jonathan James

This is quite possibly one of the most unique and tragic hacks in the history of cyber crime. In 1999, a young hacker by the name of Jonathan James committed one of the most stunning cybercrimes to that point in time: he was able to hack into the computers of both NASA and the US Department of Defense. At only 15 years old, Jonathan was able to install a backdoor into the US Department of Defense’s servers which gave Jonathan access to over three thousand private messages, which included usernames and passwords. Jonathan also installed a backdoor into NASA’s servers which granted him access to a portion of the aeronautics organization’s software. The attack cost NASA $41,000 to repair. Once caught, Jonathan was sentenced to house arrest and probation, and was required to write letters of apology to both NASA and the Department of Defense. Unfortunately, Jonathan was suspected of being involved in another series of online hacks in 2004, and took his own life in 2008.

The TJX Attacks

Going off of Jonathan’s story, the attack that he was suspected of being a part of turned out to be quite a large attack. Jonathan was suspected of being a part of a group of hackers named the “Shadowcrew.” The crew, led by Albert Gonzalez, managed to steal over 45 million credit and debit card numbers from shoppers of the TJX company, which owns the TJ Maxx and Marshalls retail stores. Gonzalez, the mastermind behind the operation, supposedly took on an expensive lifestyle and spent millions of dollars. And this wasn’t Gonzalez’s only series of attacks. He also led attacks on Dave & Busters and Heartland Payment. Gonzalez was put on trial in 2010 for his TJX hacks and was sentenced to 20 years in prison. He was incredibly remorseful for his actions, and hopefully, once he is released he will be a changed man.

Cybercrime has been going on for years, and it shows no signs of stopping. Hopefully we can learn from history and, as a society, boost our respective network security systems and prevent situations like this from ever happening.

Be sure to check back in for even more of the worst online hacks in history!

Phishing For Trouble

By stevenandiloro

On May 25, 2017

In Computer Security, Online Security, Security, Steven Andiloro

On May 3, Google shut down one of the most sophisticated phishing attacks of all time, which infiltrated approximately one million Gmail accounts in just under an hour.

How is this possible, you might ask?

This particular phish impersonated a Google Docs request from a trusted contact, such as a family member, coworker, or spouse. By clicking on the request, users were redirected to a legitimate Google login page, where they were asked to provide their username and password, as well as authorize the use of the infected third-party extension, “Google Apps.”

By giving permission to this extension, it was feared that users had unwittingly given scammers access to their inboxes, passwords, and other personal information. However, Google concluded that, in spite of this lack of “thinking before clicking,” only users’ contact lists were made accessible to this phishing campaign — hence the rapid distribution of these faux Google Docs requests.

Aaron Higbee, chief technology officer at the phishing research company that analyzed data from the scam, commented, “The importance of this phish is not how it spread, but rather how it didn’t use malware or fake websites tricking users to give up their passwords. This phish worked because it tricked the user into granting permissions to a third-party application. This is the future of phishing, and every security technology vendor is ill-equipped to deal with it.”

Google took immediate action in resolving the scam. The company said in a statement that they have “disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again.”

In spite of these extensive and preventative security measures, users should remain vigilant and keep their eyes peeled for any copycat attacks — which they should immediately report as phishing within Gmail.

Those who have fallen victim to this scam are advised to log into their accounts, go to their Permissions page and revoke any access to fake Google services, such as “Google Docs” or the aforementioned “Google Apps.” From there, users ought to change their passwords and cleanse their Gmail accounts of any spam or phishing emails.

Two More of the Worst Online Hacks in History

By stevenandiloro

On May 5, 2017

In Computer Security, Online Security, Security, Steven Andiloro

As a continuation of last month’s blog, I took a look at some more detrimental online hacks that have rocked our nation. Although preventive cyber security measures have increased, so have the capabilities of hackers. A lot of our personal information is exposed when we utilize online resources. Many of us know someone who has been affected by cyber attacks and may even know people involved in some of these larger scale incidents. Here are a few more noteworthy security breaches to hopefully remind you to stay safe online.

Target:

In 2014, retail mogul, Target, faced one of the worst data hacks our country has seen. The attack led to 70 million names, mailing addresses, emails, and phone numbers being stolen. Additionally, 40 million credit and debit card number, expiration dates, and CV codes were obtained by the hackers. The unique scenario of the hack made it a national news story. The breach in security took place over a three-week time period, which is why so many accounts were infiltrated. Many customers lost a great deal of trust in the company, and stocks did take a hit for a few months. From a security standpoint, Target had all of the right preventative measures in place. Yet, they neglected to react to the warnings they were provided. Many lawsuits filed against the company due to damages were dropped once damages were returned to customers. After discovering the breach, Target offered a year of free credit monitoring and identity theft protection to U.S. based customers. A few customers received settlement funds from Target and the security measures have increased drastically. I’d be willing to bet that they won’t be ignoring any more warning signs in the future.

Sony Pictures

Those working in the entertainment industry already have a significant amount of their dirty laundry aired. You can imagine their emotions when they found out that Sony Pictures had fallen victim to a cyber attack. The attack was orchestrated by a North Korean based group self-titled “Guardians of Peace.” The group claimed their motive was the release of the film “The Interview,” a comedy portraying an assassination attempt on Kim Jong-Un. The breach consisted of the group receiving access to Sony employee’s personal information, emails within the company, and copies of then-unreleased films. As a result of the attack, Sony has heightened their cyber security efforts including the use of new software to house all company information.

Two of the Worst Online Hacks in History

By stevenandiloro

On April 13, 2017

In Computer Security, Online Security, Security, Steven Andiloro

I’ve said it before and I’ll say it again: we cannot escape technology. Technology has infested our everyday lives. And because of that technology, we have put a large amount of our personal information out in the open, without us fully realizing it. From online purchases to banking, our credit card and social security numbers, dates of birth and just about everything else are all out in the open, waiting to be taken. And unfortunately, malicious hackers have taken advantage. There have been dozens of online hacks on companies which have put millions of users’ information at risk before, but there are two in particular that I feel are exceptionally bad.

Playstation Network Outage

Video games are a multibillion dollar industry, with billions playing around the world. And Playstation, one of the world’s most popular gaming consoles, has a very popular online gaming community called the Playstation Network. In this community, subscribers can play video games and speak with each other and purchase video games or movies through the online store, which requires a credit card. And in 2011, hackers breached the Playstation Network, bringing the platform to its knees. The attack resulted in the access of 77 million subscribers’ personal information by hackers. Sony, the parent company of Playstation, was forced to shut down the service for a total of 23 days. In that time, they restructured the infrastructure and made the network safe to use again. In response, Sony executives publicly apologized during a press conference by bowing their heads in shame. At the time, it was one of the worst online hacks in history.

Yahoo! Account Breach

Speaking of the worst security breaches in history, Yahoo! has the unfortunate pleasure of laying claim to this record. An incredibly recent event, Yahoo!, the popular tech company, admitted to the breach of over 1 billion users’ accounts. What made the case so extraordinary was the fact that Yahoo! had been attacked twice within two years. The first hack occurred in 2013, which compromised the initial 1 billion accounts; the second hack took place a year later, adding an additional 500 million breached accounts. It is by far the worst data breach of any company on record. What makes matters worse is that Yahoo! only recently disclosed the security attack, in September of 2016. Although the news made headlines, it did not necessarily damage the company’s image.

3 Best Internet Security Apps

By stevenandiloro

On April 13, 2017

In Online Security, Security, Steven Andiloro

We live in a technologically driven age. Our smartphones are attached to our hands, the Internet is no longer an option, and we are constantly connected to each other through social media. Technology is everywhere. And with that technology comes risk. Billions of people around the world access the Internet through a variety of devices, but typically, they connect to the World Wide Web through their computers. Regardless of whether it is a laptop or desktop, that computer is at risk. The digital age has given birth to the hacker. These hackers find ways to virtually enter your computer and steal information, money or both. This is most commonly done through the Internet; this rising trend in Internet hacks gave way to Internet security software.

Sometimes when purchasing a new computer, you aren’t exactly sure which software to purchase, or if you even need it. Firstly, you do need it. And secondly, it can be difficult making that choice. So I’ve decided to round up three of the best Internet security programs to help make the choice a bit less daunting.

Kaspersky

Kaspersky Internet Security is one of the more popular suites on the market. Offering a comprehensive list of features, through a variety of tiers, Kaspersky could be the way to go. For the average user who will likely only use the Internet for reading articles or viewing entertainment, the Anti-Virus package may be the best fit for you. However, for those who will be doing a bit more, you might want to look into the Internet Security package—which features multiple platform use, better protection for online transactions, and parental controls—or the Total Security Package—which includes everything from the previous two packages, as well as secure storage of passwords and the ability to backup and encrypt files. With so many features at an affordable price, the Total Security package is the more common choice.

Norton

Another high-profile brand, Norton Internet Security has been around since the early 2000s. Much like Kaspersky, Norton Security offers multiple different software packages—Basic, Standard, Deluxe and Premium—with varying features. Again, average users could probably get by with the Basic package, which protects against spyware, malware and other online viruses. The Deluxe package, however, protects from viruses, offers the Norton 100% guarantee, is optimized to protect your computer while maintaining its speed, and grants the ability to use the software on 5 PCs, Macs, smartphones or tablets. And although these are all great packages, the Premium package—which includes all of the previously mentioned features, the ability to use the software on 10 devices, child friendly Internet surfing and 25GB of cloud storage—is by far the best choice. Did I mention that it’s also cheaper than the competition?

BitDefender

One of the more admittedly obscure brands, BitDefender is nonetheless deserving of its place on this list. While it does offer multiple different Internet security suites, with all of the expected features like antivirus protection, the ability to backup files and child protection, what makes BitDefender stand out is its BitDefender Box. The BitDefender Box takes the Internet security software idea and expands upon it. The box protects not only your laptop or desktop, but anything that is connected to the Internet. That includes smartphones and smart TVs. The box even allows for remote management of your devices. It’s an incredibly useful and intelligent feature that has earned several accolades from acclaimed publications like TIME and Digital Trends.

Google’s New Home Security System

By stevenandiloro

On March 8, 2017

In Security, Steven Andiloro

In today’s highly technologically advanced world, we are constantly stepping closer to a world similar to that of the Jetsons, full of self-driving cars and automated assistants. Probably one of the more sought-after pieces of tech has to be the smart house. A house that is connected to the Internet and can autonomously perform a variety of mundane tasks. And while there have been major breakthroughs in this field, one area that is constantly striving to advance itself is that of home security. And it appears as though Google has come up with new technology aimed to make your home even more secure.

According to a report from Digital Trends, Google has filed a patent for an incredibly advanced security system that would work completely autonomously, thus removing the need for any manual modification.

For example, currently, any home security system must be armed or unarmed manually, by any of the home’s occupants. And while there have been major improvements in making this process easier, such as remote arming through a Wi-Fi connection, the system still requires a human being to physically and manually arm it. Google’s newest security system is looking to fix that.

The patent, originally filed in December of 2014, was updated this past November. The patent describes a system that could monitor a house through the use of several inputs, then autonomously arm or disarm the security system. That being said, there are systems available that essentially accomplish the same goal, however Google’s system wants to include more inputs to increase its intelligence. These inputs include using the home occupants’ location through the use of smartphone tracking, motion sensor information, and collected data such as the average time that the house is vacant and full. The system will then analyze all of this data in order to make an intelligent decision on whether or not to arm the house.

In order for a system such as this to actually work, the house it monitors would have to be jam-packed with high-tech gadgetry, such as sensors, cameras, etc.

It is exciting to see where the future of home security systems is headed. Keep in mind that many companies file hundreds of patents, only to let them sit for years without any further development. Hopefully Google will move forward with this patent and bring us one step closer to a truly smart house.

Welcome!

By stevenandiloro

On February 10, 2017

In Security, Steven Andiloro

Welcome to Steven Andiloro’s security blog! Check back for updates soon!