Tag Archive for: checklist

Securing Android in 2024: An 8-Step Security Checklist

/in


Securing Android in 2024: An 8-Step Security Checklist

In an age where our digital identities are as real as our physical selves, safeguarding our personal information has become crucial. As we enter 2024, Android users are faced with the challenge of not only enjoying the vast capabilities of their devices but also ensuring their security in an increasingly hostile digital landscape. This article presents an 8-step security checklist designed to help you bolster the safety of your Android device.

Staying Ahead in the Security Race

Every technology user is part of an ongoing security race. On one side are the tech giants like Google, Microsoft, and Apple, tirelessly patching up vulnerabilities in their systems. In December 2023, Google addressed nearly 100 security issues in Android, including two critical flaws in the Framework. Microsoft patched over 30 vulnerabilities, including several risks of remote code execution. On the other side are potential attackers, always on the lookout for new ways to exploit these systems.

Armed with Awareness: Your Personal Security Checklist

To stay one step ahead, here is an 8-step security checklist for Android users:

1. Update Your OS: Keep your Android operating system up-to-date with the latest security patches. This move can protect your device against new threats and vulnerabilities.

2. Trust Your Sources: Install apps only from trusted sources like the Google Play Store to fend off malicious software.

3. Be Unique: Use strong, unique passwords for device access and online accounts. A password manager can help manage these securely.

4. Double Up on Security: Activate two-factor authentication (2FA) wherever possible. It adds an extra layer of security, making it harder for unauthorized individuals to gain access to your accounts.

5. Review Permissions: Regularly review app permissions to ensure apps only have access to necessary data. Minimize privacy risks by limiting what personal data each app can access.

6. Back It Up: Keep a backup of important data in a secure location. This way, you can recover your data even if your device is stolen or damaged.

7. Add Extra Protection: Install a reputable security app for additional…

Source…

HS releases mobile device security checklist, update on ransomware threat 

/in


The Department of Health and Human Services yesterday released a mobile device security checklist for the health care sector, and an update on the Black Basta ransomware group targeting the sector since last year.

“The Health Sector Cybersecurity Coordination Center checklist is a practical guide to mobile device security, and the unique risk exposure we face through the integration of these devices into clinical operations on site and via remote access,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “Mobile device security also raises the related issues of HIPAA security and privacy compliance. Mobile devices used to store or transmit patient data should be centrally managed by enterprise mobile device management applications. 

“The Black Basta Russian-speaking ransomware gang has been aggressively targeting the health care sector since 2022, gaining access through unsecured remote desktop protocol and using highly targeted spear phishing emails containing malicious attachments. Black Basta and other Russian-speaking ransomware gangs increasingly rely on the despicable tactic of data extortion — threatening to publicly expose sensitive patient health information to force ransom payment. I strongly recommend storing and transmitting all protected health information inside and outside the electronic health record in an encrypted manner.”

For more information on this or other cyber and risk issues, contact Riggi at [email protected]. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity
 

Source…

Have you been hacked? Follow this seven-step checklist ASAP

/in


I always feel sympathy when I hear about hackers breaking into someone’s computer. I felt terrible when Phillis from Orlando Beach, FL, called the show and said hackers stole $150,000 from her brother’s PC. If you’ve ever been hacked, you know how scary it is.

That’s why I put together this hacking survival guide. Follow this seven-step checklist if you’re unfortunate enough to fall victim to this cybercrime.

1. Change all passwords

Update all of your passwords — especially your email and financial accounts. Every password you keep is a potential entry point for a hacker.

Here are five ways to make a strong password:

  1. Make them longer than 14 characters: More is better, but be mindful of character limits.
  2. Use a mix of uppercase and lowercase letters: Mix them up to make your password more complex.
  3. Throw in numbers: Avoid birth dates. They’re far too easy to figure out.
  4. Don’t forget the symbols: Throw in asterisks, parentheses, exclamation marks, commas, question marks and anything else you can think of.
  5. Make it a secret phrase: Use something like, “I went to the spa and saw the moon.” Replace some of the letters with numbers and symbols.

Need more advice? Use these 10 tips to secure your accounts with strong passwords.

Don’t forget to use unique passwords for every online account. It can be challenging to remember them all. A password manager can help keep track of your changes. Here’s everything you need to know about these important security tools.

2. Enable two-factor authentication (2FA) after you’ve been hacked

2FA makes you prove your identity whenever you log in. For example, when you try to access your online banking account, you’ll need to enter your credentials and a security code sent by text. Type the code into your device to prove your identity.

Unfortunately, some hackers can intercept 2FA texts. That’s why I recommend authenticator apps. They provide one-time-only codes that refresh every 30 seconds. Since they’re time-sensitive, they’re…

Source…

Enterprise IoT Security Practices Checklist That You Need to Follow

/in


Enterprise IoT Security Practices Checklist that you need to Follow

It is fascinating to see how extraordinary our daily life has become. Courtesy of Driverless cars, AI robots and state-of-the-art innovation— the future we had been dreaming of is here. This revolution is called the Internet of Things (IoT). In fact, it is estimated that by the end of 2025, there will be 55.75B IoT Devices, creating connectivity of smart appliances, smart grids, self-driving cars, and many more.

IoT is defined as physical systems and information systems colliding with each other. While it brings tremendous advantages into the life of people, it also brings risks in the form of IoT security challenges. In the cyber world, countless people are checking in all the time with an aim to infect the devices by installing video recorders, listening to communications, stealing data, gaining access to code handling and analyzing data at the edge side.

Therefore it’s imperative for organizations to constantly evaluate the risks on the security aspects of IoT devices.

Recent IoT Attacks

Since IoT systems are vulnerable to attacks, they continue to get prone to malicious cyber breaches. Here is a list of significant attacks that shook the world of the Internet of Things:

Malware can harm the computer in various ways and sometimes the effects are not known until it is too late! What’s worse? Your device is getting affected by Botnet (short for Robot+Network). Cybercriminals use special malware to breach the security of several users’ devices and organize all affected systems into a network of bot.

The affected device may operate completely normally with no warning sign but the hacker gets access to create a zombie or bot network which is capable of spreading many different kinds of cybercrimes, such as spreading DDoS or Malware attack.

Mozi malware comprises source code from Mirai, Gafgyt and IoT Reaper, which are all part of Malware families that target IoT devices. Mozi is capable of embedding Linux devices with exposed telnet.

Similar to Xbash Botnet, the Mozi malware assembles the affected IoT devices into an IoT botnet which is accessible by the network owner. The owner can easily distribute DDoS attacks, payload execution and exfiltrate data by accessing the network.

An…

Source…