Tag: Security

What is Sfara Guardian?

On January 2, 2018

In Computer Security, Online Security, Personal Security, Security, Steven Andiloro

In today’s world, there are multiple threats lingering around every corner. From digital to physical, we all must work diligently to ensure that we are all safe and protected. While there have been many services, devices and applications over the years that have assisted in providing protection from threats, there hasn’t been an all-encompassing service, a “catch-all” application that offers protection on all fronts. Until now.

Sfara, a mobile safety solutions company, has recently launched Sfara Guardian, the company’s new service that offers around-the-clock care and security. The company believes that the service could revolutionize the security industry, and it very well could.

Sfara Guardian comes in the form of a mobile application that connects users to what Sfara calls “Emergency Managers.” These operators interact with users to assess any calls for assistance. Once a call is placed to one of Sfara’s Emergency Responders, the responder can then contact the appropriate authorities if the situation demands it. Emergency Managers also provide first responders with real-time data on accidents and rescues, directions to the nearest medical facility and can dispatch roadside assistance.

So far, Sfara Guardian may sound very pleasant, but nothing about it truly stands out. Everything that I’ve described above can be completed through some other service in some form or another. However, Guardian does have one ace up its sleeve: artificial intelligence.

Through the use of AI and a patented algorithm, Sfara Guardian can utilize the sensors found on many of today’s most popular smartphones to determine if an accident has occurred. If a user were to get into a car accident and was unable to pick up his phone to call for help, the app’s sophisticated algorithm can detect the accident and dial for assistance immediately.

The application also features other methods of contacting Emergency Managers, such as triple tapping and even setting a check-in timer that will notify a manager if a user doesn’t check-in to a designated location within a certain amount of time.

The app features a bevy of robust features, but none more advanced than its patented algorithm. Sfara Guardian has the potential to completely revolutionize personal security with its refreshing blend of traditional and futuristic methods of retrieving help.

Will you be downloading Sfara Guardian?

Even More Personal Safety Devices

By stevenandiloro

On December 18, 2017

In Computer Security, Online Security, Personal Security, Security, Steven Andiloro

With all of the technological attacks and threats that have plagued our world in the last few years, it is very easy to forget about protecting yourself in other ways. Personal security is just as important as online security. You must remain vigilant at all times and protect yourselves. Luckily, today’s technologically-driven world has allowed for some fascinating advancements in personal security, as well as online security. Here are a few personal security gadgets and devices that you should look into.

Door Stop Alarm

If you’re looking to prevent home burglaries, then look no further than the door stop alarm. An incredibly simple device, the door stop alarm is shaped like a traditional door stop, and features an alarm that will sound if a door is opened. No matter how silently a thief opens a door, they cannot prevent the alarm from going off. It’s a great way to protect your home.

Wearable Alarms

When you’re being stalked or even chased by an assailant, reaching for your cell phone and making a call may be next to impossible. That is precisely why wearable alarms have become very popular in recent years. Personal security devices, like the Nimb Ring or the WearSafe are designed for situations like these. Although all of these devices have their own exclusive features and variations, the idea is still the same: a wearable device that connects to your smartphone through an application and can send an alert signal to authorities and personal contacts when pressed. These alarms can be literal lifesavers.

Video Doorbell

If you’re home alone and you get a ring at your door, you want to know who it is, right? But what if you weren’t expecting any company or it is very late at night? Who is at your door? Well, with a video doorbell, you can find out in just a few taps. Video doorbells connect to your home wifi and allow you to see who is standing at your door in real-time through a mobile application. You can even communicate with your visitor. It’s an incredibly safe way to answer your door.

Make sure to stay safe out there!

Password Protection: A Huge Mistake?

By stevenandiloro

On August 10, 2017

In Computer Security, Online Security, Personal Security, Security, Steven Andiloro

Technology has created many wonders in our lives. And because it has become such a large part of our lives, we now often store sensitive and personal information on our technological devices (smartphones, computers, tablets, etc.). And in order to protect that information, we’ve created a password authentication process. For years we have needed to create passwords to protect our documents, photos and other personal information. And in 2003, Bill Burr, a manager at the National Institute of Standards and Technology (NIST), created a guidebook for password creation. But now he regrets it.

Essentially, Burr’s guidelines had suggested that we create incredibly complicated passwords in order to prevent any hackers or hacking software from breaking into our accounts or devices. These guidelines suggested that we create a new password regularly (roughly every 90 days or so) and that we use a series of numbers and lowercase and capital letters to fool would-be hackers. Unfortunately, as time has progressed and as new studies are being conducted, Burr has realized the error of his ways. These new studies suggest that the type of passwords that Burr suggested are actually not very safe. The NIST has found that using phrases for passwords is much harder to crack than alphanumeric words. And the suggestion about changing your password every 90 days? Wrong. Those same studies suggest that humans are less likely to drastically change their password each time they are asked to do so.

According to a report from Engadget, Burr stated his remorse for creating the guidlines that have plagued humanity for well over a decade stating, “Much of what I did I now regret.”

Fortunately, the NIST has finalized a new set of guidelines with the appropriate updates. The new guidelines include the aforementioned updates as well as the suggestion for IT departments to only force password changes in the event of a breach.

So, hopefully, for any of you who have gone to painstaking lengths to change your passwords up with a strange series of numbers, letters and symbols, you can now rest assured that soon you will be able to settle for a much less complicated password.

Even more of the Worst Online Attacks in History

By stevenandiloro

On June 14, 2017

In Computer Security, Online Security, Security, Steven Andiloro

I’ve previously discussed several of the world’s most notorious online hacks. I figured I would continue this series and take you down memory lane with two more of the worst online attacks in history.

Jonathan James

This is quite possibly one of the most unique and tragic hacks in the history of cyber crime. In 1999, a young hacker by the name of Jonathan James committed one of the most stunning cybercrimes to that point in time: he was able to hack into the computers of both NASA and the US Department of Defense. At only 15 years old, Jonathan was able to install a backdoor into the US Department of Defense’s servers which gave Jonathan access to over three thousand private messages, which included usernames and passwords. Jonathan also installed a backdoor into NASA’s servers which granted him access to a portion of the aeronautics organization’s software. The attack cost NASA $41,000 to repair. Once caught, Jonathan was sentenced to house arrest and probation, and was required to write letters of apology to both NASA and the Department of Defense. Unfortunately, Jonathan was suspected of being involved in another series of online hacks in 2004, and took his own life in 2008.

The TJX Attacks

Going off of Jonathan’s story, the attack that he was suspected of being a part of turned out to be quite a large attack. Jonathan was suspected of being a part of a group of hackers named the “Shadowcrew.” The crew, led by Albert Gonzalez, managed to steal over 45 million credit and debit card numbers from shoppers of the TJX company, which owns the TJ Maxx and Marshalls retail stores. Gonzalez, the mastermind behind the operation, supposedly took on an expensive lifestyle and spent millions of dollars. And this wasn’t Gonzalez’s only series of attacks. He also led attacks on Dave & Busters and Heartland Payment. Gonzalez was put on trial in 2010 for his TJX hacks and was sentenced to 20 years in prison. He was incredibly remorseful for his actions, and hopefully, once he is released he will be a changed man.

Cybercrime has been going on for years, and it shows no signs of stopping. Hopefully we can learn from history and, as a society, boost our respective network security systems and prevent situations like this from ever happening.

Be sure to check back in for even more of the worst online hacks in history!

Phishing For Trouble

By stevenandiloro

On May 25, 2017

In Computer Security, Online Security, Security, Steven Andiloro

On May 3, Google shut down one of the most sophisticated phishing attacks of all time, which infiltrated approximately one million Gmail accounts in just under an hour.

How is this possible, you might ask?

This particular phish impersonated a Google Docs request from a trusted contact, such as a family member, coworker, or spouse. By clicking on the request, users were redirected to a legitimate Google login page, where they were asked to provide their username and password, as well as authorize the use of the infected third-party extension, “Google Apps.”

By giving permission to this extension, it was feared that users had unwittingly given scammers access to their inboxes, passwords, and other personal information. However, Google concluded that, in spite of this lack of “thinking before clicking,” only users’ contact lists were made accessible to this phishing campaign — hence the rapid distribution of these faux Google Docs requests.

Aaron Higbee, chief technology officer at the phishing research company that analyzed data from the scam, commented, “The importance of this phish is not how it spread, but rather how it didn’t use malware or fake websites tricking users to give up their passwords. This phish worked because it tricked the user into granting permissions to a third-party application. This is the future of phishing, and every security technology vendor is ill-equipped to deal with it.”

Google took immediate action in resolving the scam. The company said in a statement that they have “disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again.”

In spite of these extensive and preventative security measures, users should remain vigilant and keep their eyes peeled for any copycat attacks — which they should immediately report as phishing within Gmail.

Those who have fallen victim to this scam are advised to log into their accounts, go to their Permissions page and revoke any access to fake Google services, such as “Google Docs” or the aforementioned “Google Apps.” From there, users ought to change their passwords and cleanse their Gmail accounts of any spam or phishing emails.

Two More of the Worst Online Hacks in History

By stevenandiloro

On May 5, 2017

In Computer Security, Online Security, Security, Steven Andiloro

As a continuation of last month’s blog, I took a look at some more detrimental online hacks that have rocked our nation. Although preventive cyber security measures have increased, so have the capabilities of hackers. A lot of our personal information is exposed when we utilize online resources. Many of us know someone who has been affected by cyber attacks and may even know people involved in some of these larger scale incidents. Here are a few more noteworthy security breaches to hopefully remind you to stay safe online.

Target:

In 2014, retail mogul, Target, faced one of the worst data hacks our country has seen. The attack led to 70 million names, mailing addresses, emails, and phone numbers being stolen. Additionally, 40 million credit and debit card number, expiration dates, and CV codes were obtained by the hackers. The unique scenario of the hack made it a national news story. The breach in security took place over a three-week time period, which is why so many accounts were infiltrated. Many customers lost a great deal of trust in the company, and stocks did take a hit for a few months. From a security standpoint, Target had all of the right preventative measures in place. Yet, they neglected to react to the warnings they were provided. Many lawsuits filed against the company due to damages were dropped once damages were returned to customers. After discovering the breach, Target offered a year of free credit monitoring and identity theft protection to U.S. based customers. A few customers received settlement funds from Target and the security measures have increased drastically. I’d be willing to bet that they won’t be ignoring any more warning signs in the future.

Sony Pictures

Those working in the entertainment industry already have a significant amount of their dirty laundry aired. You can imagine their emotions when they found out that Sony Pictures had fallen victim to a cyber attack. The attack was orchestrated by a North Korean based group self-titled “Guardians of Peace.” The group claimed their motive was the release of the film “The Interview,” a comedy portraying an assassination attempt on Kim Jong-Un. The breach consisted of the group receiving access to Sony employee’s personal information, emails within the company, and copies of then-unreleased films. As a result of the attack, Sony has heightened their cyber security efforts including the use of new software to house all company information.

Beginners Guide To Internet Security

By stevenandiloro

On May 3, 2017

In Computer Security, Online Security, Security

The creation of the internet has led to many great technological advances in our lifetimes. Everything from research capabilities to video chatting with people around the world is feasible thanks to the world of being able to log online. Sadly, many people have dedicated their lives to creating viruses and cyber attack mechanisms to destroy and alter the way we use the internet. It is important for everyone to be aware of viruses that exist and best practices for keeping your digital footprint safe.

Preventative Measures

Before the hackers and viruses can make their way onto your devices, there are plenty of proactive methods for keeping your information secured. One of the best practices includes making sure a strong password is used for all properties. Many sites now have strength requirements (upper and lower case letters, numbers, special characters, etc.) but for those that have no requirements, it is still best practice to include as many features in a password as possible. Another tip, though tedious, is creating a different username and password for all login credentials. People who use the same passwords for all accounts are more likely to be hacked via multiple sites rather than just one. A great tool to utilize are apps such as Keeper, which creates a secure location to manage all of your passwords in case they are forgotten.

One of the largest sources of cyber attacks stems from improper use of certain online properties. McAfee shares that improper use of tools such as email and instant messaging can cause holes in your security walls, allowing viruses to be easily implanted in your system. Additionally when online shopping, make sure that there is a note on the checkout page, ensuring that the site and your information is safely protected from hackers.

Services

In addition to completing the above actions, there are many companies that provide online security for you and your devices.Top Company Compare ranks a few of the top contenders with brands such as Norton, Scanguard, and Total AV making the top 5 list. By purchasing one of these software systems, you are eliminating any additional risk factors that come along with intense online use. These products usually update automatically and are applicable to multiple devices, giving optimal coverage for any possible online invasions.

With the number of daily technological advances being made, there is always room for cyber attackers to grow their craft. Even those who sparingly use the internet, knowledge, and protection from any sort of breach or hack that may present itself is crucial. Continuously remaining aware of our internet practices will provide less of an opportunity for cyber disasters.

Two of the Worst Online Hacks in History

By stevenandiloro

On April 13, 2017

In Computer Security, Online Security, Security, Steven Andiloro

I’ve said it before and I’ll say it again: we cannot escape technology. Technology has infested our everyday lives. And because of that technology, we have put a large amount of our personal information out in the open, without us fully realizing it. From online purchases to banking, our credit card and social security numbers, dates of birth and just about everything else are all out in the open, waiting to be taken. And unfortunately, malicious hackers have taken advantage. There have been dozens of online hacks on companies which have put millions of users’ information at risk before, but there are two in particular that I feel are exceptionally bad.

Playstation Network Outage

Video games are a multibillion dollar industry, with billions playing around the world. And Playstation, one of the world’s most popular gaming consoles, has a very popular online gaming community called the Playstation Network. In this community, subscribers can play video games and speak with each other and purchase video games or movies through the online store, which requires a credit card. And in 2011, hackers breached the Playstation Network, bringing the platform to its knees. The attack resulted in the access of 77 million subscribers’ personal information by hackers. Sony, the parent company of Playstation, was forced to shut down the service for a total of 23 days. In that time, they restructured the infrastructure and made the network safe to use again. In response, Sony executives publicly apologized during a press conference by bowing their heads in shame. At the time, it was one of the worst online hacks in history.

Yahoo! Account Breach

Speaking of the worst security breaches in history, Yahoo! has the unfortunate pleasure of laying claim to this record. An incredibly recent event, Yahoo!, the popular tech company, admitted to the breach of over 1 billion users’ accounts. What made the case so extraordinary was the fact that Yahoo! had been attacked twice within two years. The first hack occurred in 2013, which compromised the initial 1 billion accounts; the second hack took place a year later, adding an additional 500 million breached accounts. It is by far the worst data breach of any company on record. What makes matters worse is that Yahoo! only recently disclosed the security attack, in September of 2016. Although the news made headlines, it did not necessarily damage the company’s image.

Google’s New Home Security System

By stevenandiloro

On March 8, 2017

In Security, Steven Andiloro

In today’s highly technologically advanced world, we are constantly stepping closer to a world similar to that of the Jetsons, full of self-driving cars and automated assistants. Probably one of the more sought-after pieces of tech has to be the smart house. A house that is connected to the Internet and can autonomously perform a variety of mundane tasks. And while there have been major breakthroughs in this field, one area that is constantly striving to advance itself is that of home security. And it appears as though Google has come up with new technology aimed to make your home even more secure.

According to a report from Digital Trends, Google has filed a patent for an incredibly advanced security system that would work completely autonomously, thus removing the need for any manual modification.

For example, currently, any home security system must be armed or unarmed manually, by any of the home’s occupants. And while there have been major improvements in making this process easier, such as remote arming through a Wi-Fi connection, the system still requires a human being to physically and manually arm it. Google’s newest security system is looking to fix that.

The patent, originally filed in December of 2014, was updated this past November. The patent describes a system that could monitor a house through the use of several inputs, then autonomously arm or disarm the security system. That being said, there are systems available that essentially accomplish the same goal, however Google’s system wants to include more inputs to increase its intelligence. These inputs include using the home occupants’ location through the use of smartphone tracking, motion sensor information, and collected data such as the average time that the house is vacant and full. The system will then analyze all of this data in order to make an intelligent decision on whether or not to arm the house.

In order for a system such as this to actually work, the house it monitors would have to be jam-packed with high-tech gadgetry, such as sensors, cameras, etc.

It is exciting to see where the future of home security systems is headed. Keep in mind that many companies file hundreds of patents, only to let them sit for years without any further development. Hopefully Google will move forward with this patent and bring us one step closer to a truly smart house.

Welcome!

By stevenandiloro

On February 10, 2017

In Security, Steven Andiloro

Welcome to Steven Andiloro’s security blog! Check back for updates soon!