According to the creator of HaveIBeenPwned.com, over 21 million passwords have been hacked and revealed on the dark web. Leo says to find out if your passwords have been hacked and stolen, head over to https://haveibeenpwned.com/passwords and input your passwords. It'll let you know if your passwords have been hacked.
2018 brought about the news that every processor built in the last ten years have a flaw in them that could give hackers access to sensitive data. Initially believed to affect just Intel processors, the latest is that this affects every single processor made, regardless of platform.
The flaws utilizes a technique called "processor speculation," which enables the processor to speculate what the user will do next in order to accelerate performance. But the feature also gives hackers access to sensitive L2 cache data like passwords. It's especially true for networks.
A new bill being proposed would allow computer users to hack back any hackers that strike them. This will give them the ability to destroy any data stolen from them, as well as giving a little digital pay back. Leo says that it's hard to know where the attack is coming from and you could make matters worse for some innocent person who was also hacked, with their computers and email addresses used as an alias for the real hacker. He also says this is asking for trouble because hackers are far more sophisticated than their victims.
Equifax was recently hacked and over 143 million people had their credit information stolen. Even worse, Equifax executives sat on the news for five weeks while many executives sold stock before it would tank. Leo says that this was insider trading plain and simple. Equifax has a higher duty to protect user credit information because we are required to have our credit monitored. They had one job: Protect the data that they gathered without our permission.
Securing your online accounts is vitally important. The consequences of being hacked can be great — someone could lock you out of your email account. If that account is used for password recovery for your other accounts, then a hacker could get access to all of those as well. There are a few basic things that you should make sure you do to protect your email account:
1. Provide a secondary email address for recovery.
2. Provide a phone number for password recovery.
3. Turn on 2 Factor Authentication.
This week was the annual DefCon hackers convention in Las Vegas and Leo says that hackers are now more interested in creating hacks for the government, where they can make more money than hacking online. They also created a 3D printed robot that was able to crack a safe in 30 minutes. Leo says it's not super practical, but still cool.
Hackers have been stealing people's information, filing their returns, and getting the refund. Last year, the IRS noticed that the FAFSA online system could get enough personal information that it could be used by hackers. In October, the IRS sent a memo to the Department of Education saying that the system could be abused. But because up to 15 million people used the system out of convenience, they kept it online. In February, the IRS noticed a pattern of fraudulent activity, and shut it down last month.
There are a lot of ways that bad actors online can compromise your computer. As their techniques become more sophisticated, it becomes more difficult to know whether or not your system has been compromised. There are some signs to look for, however, to tell if your computer is affected by malware.
You can always scan your computer with antivirus software. Microsoft includes its own antivirus utility as part of Windows 8 and above. You can also use the Malicious Software Removal Tool by pressing the Windows Key + R, typing in "MRT," and pressing enter.
Ransomware has always been a terrible plague of the internet, where bad guys inject software into your computer through phishing emails. They usually trick you by saying it's from your bank, the IRS, or even your boss asking you to open something. When you do that, it's an application that runs and scrambles all of your data and asks you to give them money to get the data back.
A new article on Motherboard details how hackers used a spearfishing attack to get passwords and break into the email of members of the Democrat National Committee, namely John Podesta, and also Colin Powell. The attack came as a phoney message from Google that someone had their password and they should change the password immediately, along with a big "change password" button.
