Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x

Security

24K

Solutions

23K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello, EE Experts!

I wanted to make sure that all Apple users understand what's going on with the new Wi-Fi (WPA2) vulnerability "KRACK."

Apple is working on a fix to roll out as soon as possible to all its users. They've stated that there is a fix for this vulnerability in the beta versions, but that the fix is not in the latest update you have on your device.

So, what can you do?

Don't connect to Wi-Fi at hotels, coffee shops, or anywhere outside your place of business or home. Even at your house or area of work use a VPN.

Wait, even at my house?

Yes. Essentially the attacker can read all the information that is being transmitted wirelessly throughout your home. That said, if you use a VPN you're making an encrypted tunnel around the information you're sending and not relying on the WPA2 protocol that should keep your data safe. So, even if the attacker is looking at the data on your home network, the VPN is making it unreadable.

Also, if you're out and about, please turn off the Wi-Fi capability on your iPhone or iPad. By turning off the Wi-Fi, you're making your iPhone or iPad solely dependent upon cellular data, which is not susceptible to this attack.

Where can I get a VPN?

I use Encypt.me because it's fast, simple, relatively cheap, and works on all of my devices without In-app purchases. However, there are free VPNs that you can grab …
4
Keep up with what's happening at Experts Exchange!
LVL 10
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Gmail just launched a physical Security Key access option, dubbed as Advanced Protection, for their service:
https://landing.google.com/advancedprotection/

You'll need to purchase two physical security keys to enroll in it.

Here is the announcement from their blog:
https://www.blog.google/topics/safety-security/googles-strongest-security-those-who-need-it-most/

Good to see a big email service provider taking security seriously, for 'personal' users.

6
 
LVL 54

Expert Comment

by:Scott Fell, EE MVE
Good post. Because I am lazy, I made a request to have this type of thing save to my ee knowledgebase or browser bookmark.

https://www.experts-exchange.com/bugs/21366/Save-posts-to-knowledge-base-as-a-bookmark.html
1
October Month!! National Cyber security Month
1
5
 
LVL 17

Expert Comment

by:Kyle Santos
A Bug Has No Name
+1 for the Game of Thrones reference.
2
Hello, EE Experts!

If you haven't already updated your iOS devices to 11.0.3, please do so. I've tested it out (it's only been out two days), and it seems stable. That's it! Take care everyone.

Side note: Be on the lookout for my article on the Apple Watch 3 Series with LTE, since my wife and I are pushing them to the limits to give you the best information on whether or not you should buy one.
6
 
LVL 14

Author Comment

by:Justin Pierce, CEH
Someone has to. ;)
1
 
LVL 124

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE^2)
already upgraded!
1
1
1
 
LVL 98

Expert Comment

by:John Hurst
It was the initial Creator Update on my ThinkPad X1 Carbon. As I noted, the issues seem to be fixed in the last 60 days, so here is hoping for good / better with V1709
0
 
LVL 56

Author Comment

by:McKnife
John, this is about MacOS.
0
3
 
LVL 7

Expert Comment

by:Brian Matis
Whoops! Thanks for the head's up!
0
1
1
Cyber Threats to Small Businesses (Part 2)
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Another day, another cyber-attack! Back in March, Deloitte discovered that hackers gained access to an administrator account that didn't utilize two step verification. Compromised information includes emails and their attachments, usernames, passwords, IP addresses,  architectural diagrams for businesses and health information.

https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-clients-secret-emails
1
 
LVL 7

Expert Comment

by:Brian Matis
Starting to feel like we need a "sadface" option in addition to the endorse icon... I'm glad you posted the info, but I'm not endorsing that it happened!
1
 
LVL 17

Expert Comment

by:Kyle Santos
inb4 the CEO, CIO resign.
0
Marketo made an announcement in response to the statement recently released by Equifax that identified a vulnerability in Apache Struts as the attack vector for their 2017 breach. Neither Marketo nor ToutApp use the struts programming framework, therefore this issue does not pose a risk to Marketo or ToutApp data.
7
Hey kids! Don't click unknown links! Look twice at "system messages" on webpages, chances are they're not.. Don't be naïve. Yeah, and don't do drugs, especially don't order them online, they ARE bad for you!!
2
 
LVL 2

Expert Comment

by:Juana Villa
LOL!!! Do people order drugs online??!! hahahaha
0
 
LVL 3

Author Comment

by:Thomas Qvidahl
They sure do.. There are lots of "designer drugs" floating around, they are so new that laws don't even forbid them, and can be sold over the counter..
0
1
2
"Considering the recent Equifax breach, what are your top personal security tips?"

Don't use the same password everywhere!  If you have trouble remember passwords, there are several password managers out there.  KeePass and LastPass are a couple that I've used before and liked.
6
 
LVL 3

Expert Comment

by:Anthony Pangilinan
Great point Doug!
0
 
LVL 13

Expert Comment

by:Dustin Saunders
Or another strategy is to vary your password based on the site.  

Say your preferred password is "JumpingBrownFox", you could use:

Facebook - "JumpingBrownFox$FB"
LinkedIn = "JumpingBrownFox$LI"
Gmail = "JumpingBrownFox$GM"

etc. etc.
3
Subject of the week | Considering the recent Equifax breach, what are your top personal security tips?

Use different passwords for different sites! If someone gets a hold of your email/password combination, they'll just try it on every site. So a single breach can turn into a bunch of compromised accounts.
2
My top security tip: If two factor authentication is available, use it. It may not be perfect, but still adds an extra layer of defense.
5
 
LVL 14

Author Comment

by:Phil Phillips
Yeah, the gaming industry has embraced two-factor it seems.  I play Guild Wars 2 on and off, and they even give you special in-game items if you enable two-factor on your account.
1
 
LVL 13

Expert Comment

by:Dustin Saunders
@Brian - That's why I just play D&D.  Can't steal a password for paper.

Can spill Dr. Pepper on it though...
2
Here's a simple security tip: lock your computer when you're away! An unlocked work station leaves you ridiculously vulnerable and it's a simple thing to avoid.  Just get in the habit of hitting Ctrl-Alt-Del and choosing Lock every time you get up (for Windows anyway, adapt as needed for your specific OS choice).

You wouldn't leave your front door wide open when you're not at home, right? Same principle here :-)
0
 
LVL 9

Expert Comment

by:Brandon Lyon
There was a person who used to work here who would prove that point by using unlocked computers to send a random silly email to everyone
2
 
LVL 7

Author Comment

by:Brian Matis
@Brandon: I've also seen people get a browser extension installed that would cause Guy Fieri to start showing up on webpages they'd visit. (Note: I don't really endorse these sorts of shenanigans—it can be easy to accidentally take it too far and inadvertently do something actually malicious—but I will admit to getting a good chuckle out of them.)
1
Technology Partners: We Want Your Opinion!
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

2
3
4
 
LVL 7

Expert Comment

by:Nicholas
Accountability - what's that all about it.

Makes you wonder what they know that they get off with a nice retirement package...
0
 
LVL 17

Author Comment

by:Kyle Santos
Seriously.  They're like 'peace out y'all!'  *vacations in Maui*
0
3
Good morning, everyone!

I just wanted to make sure that my EE pals had the right information to stay ahead of the Equifax breach (below is the article the FTC wrote on the subject).

First, know that there is a good chance you're a part of the fiasco, and if you don't have credit monitoring already, you'll need to get some immediately (Equifax is providing it for free). Second, to get the credit monitoring, you'll have to go to Equifax's website and click on the "Potential Impact" tab. Once you've done that, just give them the last six digits of your SSN, and you'll find out in seconds whether or not you're a part of this breach. Lastly, if this incident impacts you, Equifax will give you a page to input your credentials for the free credit monitoring.

That's it! Stay safe everyone and take care.



4
2

Security

24K

Solutions

23K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.