security and privacy

Is my computer vulnerable to attack?

Wireshark

Episode 1601

Jim from Wisconsin

Jim ran GRC Shields Up scanner on his router and he discovered that port 443 was open, not stealth. Is he vulnerable? Leo says you have to have port 443 to run on the internet, but it should be in "stealth mode." You'll also want to find out what's using it. NetStat will help you determine that. Wireshark will also do that. His fan is also running a lot. Leo says that may mean your computer is getting hotter. Probably needs to have the dust cleaned out of it.

Another Security Issue Hits Facebook

Facebook Security

Episode 1584

Facebook had another security issue hit this week, as the social media company admitted that millions of Instagram passwords were stored in a plain text file that could be easily accessed from anyone on the network.  But they swear that it wasn't accessed or maliciously maligned. Since they initially stated thousands, then admitted millions of accounts were at risk and that it has happened many times now, Leo says that Facebook's priorities are out of whack. They don't really care about protecting user data.

Is it Safe to Send Documents Scanned by my Phone?

Google Drive

Episode 1583

Dolores from Lancaster, CA

Dolores wants to know if it's safe to scan images of documents and send them to her attorney. Rich says it depends on the app itself.  Take proper precautions and use a reliable/reputable app. Rich uses Google Drive to scan apps on an Android phone. On the iPhone, scan the document with Apple's NOTES app, or with Scannable.

Once she's scanned them, then she wants to be sure she can send them securely.

2019 - Ransomware is everywhere

Arizona

Episode 1580

Leo says that while 2018 was the year Ransomware, 2019 is even worse. Arizona Beverages got hit by ransomware last week. The attack shut down sales operations for days, scuttled their networks, and servers. The network was hacked and encrypted, targeted by hackers with a ransom note posted to their website.  Leo says that Arizona struggled with trying to rebuild their operations for five days. Most of their servers hadn't been given security patches in years and their backups didn't work.

How can I Make Sure my Passwords are Kept Secure?

Krebbs

Episode 1572

Nathan from Spearfish, South Dakota

Nathan wants to know if there's any recourse if a company isn't protecting his passwords. Leo says in Europe they have the GDPR, but in the US the only real protection is through HIPPA in the medical field. Leo recommends talking to Brian Krebbs at Krebbs on Security and asking him how he should write a letter to warn them of their liability.

Why are VPNs slower?

DashLane

Episode 1570

Tom from Tustin, CA

Tom uses DashLane for his password vault, and wants to know if their new VPN service slows him down. Leo says it can. He's essentially running a computer remotely, and it works with an encrypted tunnel. So, it can cause some latency as it works its way in and out of the tunnel. Not all VPNs are alike either. Some are faster than others, so he should check with DashLane to see how many servers they run. He also wants to be sure they don't log his use. Tom also doesn't like that he doesn't have the option to opt-out after they raised his monthly fee.

How can I protect my network on a shared internet access portal?

Keyboard

Episode 1559

Don from Lake Forest, CA

Don is worried that his network may be compromised because he uses a shared internet network in his office building. Leo says there may be a weak link with a point of entry that's a result of the building, but it should be locked down pretty well. Leo recommends getting an IT consultant to help run his internet access. Employees may actually be a bigger risk if they fall victim to phishing scams. An IT consultant can help train the employees to be on the lookout for scams.