Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
George found a website called howsecureismypassword.net to determine how secure his login is. It'll tell you how long it would take a computer to crack your password with a brute force attack. Leo says that the longer the password is, the better. It's interesting, but giving a password to a random site will make it far easier to crack since it's no longer private. So while it may be interesting to try, don't use that password after.
Andrew is looking for a good password manager. Leo says that Last Pass, 1Password, are among the best options out there. And don't trust browser password vaults. They can be easily compromised, though some security gurus prefer it. Leo says that a password manager is the best way to go.
Employees have been warning IT company Kaseya that the company would be hacked for three years. With weak encryption and lackluster cybersecurity, Kaseya was finally breached, exposing over 1500 IT companies to ransomware. The hack was performed by Russian criminal gang REvil, demanding 70 million in bitcoin for the decrypter. Leo says that there's no excuse for it, as the executives of Kaseya left the company a sitting duck for an attack.
Leo also adds that every year, ransomware gets worse and more prevalent.
Jeff has an iPad and he can't remember the four-digit code to log in. How can he figure that out or should he just start over? Leo says there is no way to bypass the code in the iPad, and after ten times trying, the tablet will rewrite it. Chances are, his iCloud account has all the data, so that won't really be a big deal if the tablet gets overwritten. Apple has a process if a user forgot their AppleID password.
REvil is the latest ransomware to hit the world. Leo says that the exploit uses the Cassea remote management supply chain to infect thousands of MSP computers. REvil disables your AVS and deploys a fake Windows Defender app to infect and encrypt computers. So far, it's hit several grocery and convenience stores, forcing them to shut down. If stores are using Cassea, then they are advised to go offline and shut down their remote access.
Hugo wants to know why companies pay ransomware when they should normally have a backup to their data and network. Leo says that's a good question. Oftentimes, though, the ransomware isn't triggered right away. It lies in wait. Meanwhile, hackers browse around, looking for valuable data to steal and other weaknesses. The hackers will also look for where the backups are stored and seek to disable the backups or lock them up as well. Then, once the recon is done, the malware is triggered, bringing the network down.
Alan is a huge Samsung fan but keeps hearing that iPhones are more secure. Is that true? Leo says that they're both very secure, though Android phones are encrypted at the software level, while iPhones use a hardware secure enclave to keep encryption keys. Apple's iTunes store is more secure than the Play store only because it has a tougher standard for approving apps. But if the Pentagon approves Android phones for use, that is a pretty good seal of approval. Having said that, users can "sideload" third-party apps if they turn off the security feature.
Western Digital's My Book Live hard drives were compromised this week using a remote code exploit that had been left unfixed since 2018. Leo says it's important that devices get updated for security reasons regularly, and when it goes out of service, to think about replacing it. Leo also says it's important to adopt a 3-2-1 backup strategy. Three copies, on two different kinds of medium, and one off-site. Just in case.
Travis wants to be able to see what his granddaughter is doing on his tablet. Leo says you can't really monitor everything she's doing, but you can use parental controls to determine what she can and cannot do. It's built into the OS. Settings. Family. Parental Controls. You can also set a PIN so she can't buy anything. You can also set an age level on YouTube. You could also download YouTube for Kids and lockout regular YouTube.
Richard is having problems logging into Windows on an old HP computer. He's tried to reset the password, but it's not communicating with Microsoft. Leo says that if there isn't anything on the computer he can't afford to lose, then the best thing is probably to start over and reinstall Windows. Not just reset. But reinstall with the Windows 10 Media Creation Tool. Make sure to erase the existing accounts. Start completely over. And that's not a bad thing, because whoever worked on the computer before, clearly messed up the reset.