The American television series Mr. Robot introduces its viewers to a lot of hacking attacks, techniques, and tools. Most of it is based on actual methods and hardware, even if it is presented as far easier to do on the show than in real life. One thing the show portrays as a common, almost pedestrian attack technique is keylogging.
You need to know about keylogging, because it really is as common, easy to do, and critical to the success of criminals as it is on the TV show. That’s because the targets of attacks that involve keylogging are, well, just about anyone and everyone. And you wouldn’t even know that it’s happening.
Cybersecurity insurance has been gaining prominence over the past couple years across a variety of sectors. Now it’s poised to be the next big thing for consumers.
For a barometer, look no further than American International Group Inc.’s newest consumer product called Family CyberEdge. According to AIG executives who spoke to press, it “offers coverage for expenses that arise from online bullying, extortion and other digital misdeeds.” They said Family CyberEdge would include “public relations and legal services, as well as at-home assessments of family electronic devices.”
Before you get too excited about adding cyberstalking to your home or renter’s policy, know that AIG’s fancy cyberinsurance is meant for high net-worth individuals. Same goes for New York-based Pure Insurance, which launched its rich-people’s cyberinsurance product in 2015. According to press at the time, Pure’s offering came with a hefty price tag:
In a world where we’re being told to change our passwords every five minutes thanks to the latest massive breach, it’s hard to imagine life without a password manager. Though now that these killer apps are a dime a dozen, the market has predictably been flooded with options you should think twice about using.
Once you’ve started using a password manager, you realize just how absolutely insane things have gotten that we’d be expected to not only remember a jillion passwords, but also be able to spontaneously make up words and phrases that follow all the different and bizarre password-creation rules that sites require of us.
If you’re reading this and not using a password manager, keep reading. You’re in a high-risk category for getting hacked and exploited. Even if you’re already utilizing the best consumer tool for computer security since antivirus, you should also keep reading—because not all password managers are created equal.
Computer security is science, yet it sure seems to traffic in enough beliefs to make it seem like a collection of warring cults. And no matter which infosec church you’re most swayed by, you’re probably one of the many who believe that Macs don’t get malware. Even if you’re not totally on board with this, chances are good you at least behave like Macs are immune.
In fact, the number of malware attacks on Apple’s operating system skyrocketed by 744 percent in 2016. Despite this, most people still believe that Macs don’t get viruses. Add to this the fact that, despite the seeming ubiquity of Apple’s products, the company’s user base is still growing. There are nearly 100 million Apple users worldwide, myself included.
Antivirus software ain't what it used to be. The sneaky, sophisticated security threats your PC faces now have gone far beyond what traditional software can do. The future of protecting your PC will require a multi-pronged approach involving vigilant updates, bug bounties, and artificial intelligence.
Like any software, antivirus is susceptible to bugs. Earlier this summer, Google’s Project Zero discovered serious flaws in enterprise and consumer products from Symantec that allowed malicious actors to take control of a computer. Symantec provided updates for the bugs, but some required manual installation from users, who needed to be in the know.
Symantec isn’t alone. Project Zero regularly publishes findings that reveal security flaws in software made by Kaspersky Lab, McAfee, and FireEye, to name a few. Brian Soldato of NSS Labs, a security product testing organization, says his company has seen “unprecedented numbers” of vulnerabilities that are bypassing security software.
WASHINGTON—We already know that law enforcement agencies can hack our phones. But we don’t know what they find, how they find it, or even who helps them discover the information. Top cybersecurity experts and lawmakers argued about how much should be revealed at a July 11 meeting of the Congressional Internet Caucus.
“Government hacking has already happened. The question of whether it should happen is actually way past the point,” said Harley Geiger, director of public policy at Rapid 7, an Internet security company.
Geiger and others cited the FBI-Apple encryption dispute as a troubling example. Apple refused to help the FBI unlock the iPhone belonging to one of the terrorists involved in the December, 2015 attack in San Bernardino, California. The agency sued Apple, then dropped the lawsuit when it used a third party to crack the passcode in the phone instead. The issue of whether law enforcement should be able to take advantage of vulnerabilities remains unresolved, and government hacking is still unregulated.