Wednesday, May 30, 2018

5 Ways to Boost Your Router Security - Consumer Reports

5 Ways to Boost Your Router Security - Consumer Reports

5 Ways to Boost Your Router Security

New malware is targeting WiFi routers around the world. Here's what to do about it.

A router on a desk for a story on router security.

A new kind of malware is hitting WiFi routers around the world, and security researchers say consumers should tighten the security on their own home networks.

As of Wednesday, the malware, called VNPFilter, had affected half a million routers, along with certain other devices, according to Cisco's data-security group, Talos. And it had been detected in 54 countries.

More on Digital Security

"The average American could be compromised, giving attackers access to personal data and control over the device," says Cisco Talos director Craig Williams. "This is why it is crucial that consumers install security updates regularly."

Routers have long been a favorite target for hackers. In Symantec's latest annual Internet Security Threat Report, routers were the most frequently exploited type of device in IoT, or internet of things, attacks.

The devices are particularly important for consumers' security because they transmit all the data that flows in and out of the home, from emails to credit card information. VPNFilter could allow attackers to monitor data traffic, quietly use a network of routers for illegal activity, or stop either individual routers or masses of them from working at all, according to Williams.

The Truth Is in Our Testing

Get what you need to know when it comes to tech and gadgets.
Join

See If You're Vulnerable to VPNFilter

Williams says his company has identified more than a dozen products that are vulnerable to the malware. Talos has published a list of the devices, near the bottom of a long, fairly technical blog post about VPNFilter. (Keep scrolling; you'll get to it.) The products listed are made by Linksys, MikroTik, Netgear, QNAP, and TP-Link.

However, the post says, "Given our observations with this threat, we assess with high confidence that this list is incomplete and other devices could be affected."

How do you know whether the malware has infected your particular router? According to both Williams and other security experts, there's no way to be sure.

"This is the scary part of router malware," says Craig Young, principal security researcher at Tripwire VERT, a security research firm. "A sophisticated attacker can create malware that would be completely undetectable by even tech-savvy end users. It is simply not possible for someone without specialized tools to confirm whether any particular router is infected or clean."

If you have one of the vulnerable devices, you should assume it has been infected, these experts say. To fix the problem, do a hard reset of the router and update the firmware, as described below.

Update Your Firmware

Router manufacturers typically roll out software updates throughout the year to address security problems. And if your router has the latest updates, you're much less likely to be infected with VPNFilter. Researchers say the malware appears to take advantage of vulnerabilities that had already been identified in the past.

If your device may have been infected, experts say, you should start by doing a hard reset, which will revert the device to the way it was when it came from the factory. Note that doing this wipes out any changes you made to your router settings.

Many routers have a button you can press for several seconds to perform the reset. You may need a paper clip to do this—router makers intentionally make it a bit tricky to avoid accidental resets. If there's no button, you may need to log into the router settings, which will also allow you to update the software.

Newer models make this relatively easy through a mobile app, which you can download to a phone, just like any other app.

For other routers, you'll need to open a web browser and type in the device's IP address. Very often, the address is 192.168.0.1 or 192.168.1.1, but this varies by brand—as do the instructions for downloading and installing your software. So do an online search for the customer support pages for your router model.

Once you perform the update, don't log out.

Instead, take some more time to really harden your defenses against future attacks. Routers are chronically ignored by many consumers, but Consumer Reports' data security and router experts say that taking the following steps can help protect you going forward.

And these steps make sense even if your device isn't vulnerable to VPNFilter.

Turn On Automatic Updates

The easiest way to make sure your router always has the newest, safest software is to set up automatic updates, which are available on many newer models. To see whether this is an option for you, check the router's companion app or look in settings.

If your router doesn't allow for automatic updates, you'll have to periodically download and install the new software from the manufacturer's website yourself.

To be safe, do this every quarter, advises Rich Fisco, who leads the router testing at Consumer Reports. You should also see whether there's a way to get security notices via email from your router's manufacturer. The best way is to complete the product registration process online, during which you'll be given the option to receive notifications when new software is available.

But eventually companies will stop releasing new software for old routers—and just when this happens varies by brand.

"If you find your router is no longer getting updates," Fisco says, "it's too risky to keep using it. Verify its status with the manufacturer, and if it has reached the 'end-of-life' stage, buy a new router."

Use Strong Passwords

If you've never done so, you should change two crucial passwords on your router: the one that lets you manage the device's settings and the one that lets you connect other devices to its wireless network.

This prevents a hacker from using a default password—or one that's easy to guess with a little online sleuthing—to access your network and potentially control your router. If that were to happen, the hacker could change your passwords, spy on you, or access the files on a network-attached hard drive.

Be sure the passwords you create are strong. They should each be comprised of at least a dozen characters, using seemingly random upper- and lower-case letters, numbers, and symbols. "Having a password people can easily guess only prevents those who are indifferent from breaking in," says Robert Richter, who oversees CR's security and privacy testing program.

Turn Off Features You Don't Use

Modern routers come with many handy features that help you manage your WiFi network, but some of them also create weak spots in your security wall. "The more things there are to poke at, the more likelihood one of them will break," Richter says.

So while you're logged into your router's settings, take a minute to review applications that could present opportunities for hackers.

If you don't use Remote Administration (also known as Remote Management or web access from WAN), make sure it's turned off. This denies access to the router's control panel from outside your home network. In most routers, the feature is off by default, but you should confirm this by visiting the advanced or administration section of the settings menu.

Disable Universal Plug-and-Play, which many home routers have enabled by default. UPnP can help devices on your home network connect to each other, but the added convenience isn't worth the security risk: This feature can make it easier for malware to spread through your network.

To disable UPnP, log into your router like you would when changing your password. Find the tools, advanced or advanced networks menu. From there, make sure the "Enable UPnP" box is unchecked.

After doing so, you may notice hiccups in the performance of certain devices on your network. You may need to retype the WiFi password into a Chromecast streaming stick, for example. But most laptops, speakers, TVs, and printers should make the transition without a hitch.

And, last, if you have a guest network without a password, disable it. You don't want unwanted guests using it without permission. Not even the neighbors' kid, who may decide to download movies illegally via your internet connection.

Install Antivirus Software

Antivirus software can protect your router—and by extension all devices connected to it—by identifying malicious software used to collect and encrypt the personal data on a computer, rendering it useless.

Just make sure you download the software from the manufacturer's official website, because scammers have been known to create fake sites. And double-check that you're not grabbing a fee-based product by mistake.

No-cost applications, such as Avira Free Antivirus, can be very effective. However, the software you pay for tends to offer extra benefits. It may provide protection against phishing schemes used by cyberthieves to trick people into giving up login credentials or financial information, for example. It may also feature antispam protection, built-in backup software, and a browser toolbar that alerts you when you're visiting a site that hosts malware.

Use WPA2

The security protocols for routers improve over time, which means the old ones get outdated. In January, for example, the Wi-Fi Alliance announced enhanced security features that will be included in the latest standard—WPA3—expected to roll out later this year.

They include simplified settings, stronger password protection, and improved data encryption.

Currently, the best security is provided by a protocol called WPA2-AES, but your router may let you use another standard, such as the older WEP protocol, instead. (Sadly, acronyms are unavoidable when discussing router security.)

In settings, make sure you have WEP turned off and WPA2-AES turned on. If you have a really old device, this may not be an option, Fisco says. "Unfortunately, router manufacturing and security research aren't always aligned," says Richter. "So older routers may not be equipped with newer protocols."

If you have one of those routers, he says, it's time to replace it.


Sunday, May 27, 2018

Hackers infect 500,000 consumer routers all over the world with malware | Ars Technica

Hackers infect 500,000 consumer routers all over the world with malware | Ars Technica

Hackers infect 500,000 consumer routers all over the world with malware

VPNFilter can survive reboots and contains destructive "kill" function.

Enlarge / A Linksys WRVS4400N, one of more than a dozen network devices targeted by VPNFilter.

Hackers possibly working for an advanced nation have infected more than 500,000 home and small-office routers around the world with malware that can be used to collect communications, launch attacks on others, and permanently destroy the devices with a single command, researchers at Cisco warned Wednesday.

VPNFilter—as the modular, multi-stage malware has been dubbed—works on consumer-grade routers made by Linksys, MikroTik, Netgear, TP-Link, and on network-attached storage devices from QNAP, Cisco researchers said in an advisory. It's one of the few pieces of Internet-of-things malware that can survive a reboot. Infections in at least 54 countries have been slowly building since at least 2016, and Cisco researchers have been monitoring them for several months. The attacks drastically ramped up during the past three weeks, including two major assaults on devices located in Ukraine. The spike, combined with the advanced capabilities of the malware, prompted Cisco to release Wednesday's report before the research is completed.

Update: FBI agents have seized a key server used in the attack. The agents said Russian-government hackers used ToKnowAll.com as a backup method to deliver a second stage of malware to already-infected routers.

Expansive platform serving multiple needs

"We assess with high confidence that this malware is used to create an expansive, hard-to-attribute infrastructure that can be used to serve multiple operational needs of the threat actor," Cisco researcher William Largent wrote. "Since the affected devices are legitimately owned by businesses or individuals, malicious activity conducted from infected devices could be mistakenly attributed to those who were actually victims of the actor. The capabilities built into the various stages and plugins of the malware are extremely versatile and would enable the actor to take advantage of devices in multiple ways."

Sniffers included with VPNFilter collect login credentials and possibly supervisory control and data acquisition traffic. The malware also makes it possible for the attackers to obfuscate themselves by using the devices as nondescript points for connecting to final targets. The researchers also said they uncovered evidence that at least some of the malware includes a command to permanently disable the device, a capability that would allow the attackers to disable Internet access for hundreds of thousands of people worldwide or in a focused region, depending on a particular objective.

"In most cases, this action is unrecoverable by most victims, requiring technical capabilities, know-how, or tools that no consumer should be expected to have," Cisco's report stated. "We are deeply concerned about this capability, and it is one of the driving reasons we have been quietly researching this threat over the past few months."

Cisco's report comes five weeks after the US Department of Homeland Security, FBI, and the UK's National Cyber Security Center jointly warned that hackers working on behalf of the Russian government are compromising large numbers of routers, switches, and other network devices belonging to governments, businesses, and critical-infrastructure providers. Cisco's report doesn't explicitly name Russia, but it does say that VPNFilter contains a broken function involving the RC4 encryption cipher that's identical to one found in malware known as BlackEnergy. BlackEnergy has been used in a variety of attacks tied to the Russian government, including one in December 2016 that caused a power outage in Ukraine.

BlackEnergy, however, is believed to have been repurposed by other attack groups, so on its own, the code overlap isn't proof VPNFilter was developed by the Russian government. Wednesday's report provided no further attribution to the attackers other than to say they used the IP address 46.151.209.33 and the domains toknowall[.]com and api.ipify[.]org.

Advanced group

There's little doubt that whoever developed VPNFilter is an advanced group. Stage 1 infects devices running Busybox- and Linux-based firmware and is compiled for several CPU architectures. The primary purpose is to locate an attacker-controlled server on the Internet to receive a more fully featured second stage. Stage 1 locates the server by downloading an image from Photobucket.com and extracting an IP address from six integer values used for GPS latitude and longitude stored in the EXIF field. In the event the Photobucket download fails, stage 1 will try to download the image from toknowall[.]com.

If that fails, stage 1 opens a "listener" that waits for a specific trigger packet from the attackers. The listener checks its public IP from api.ipify[.]org and stores it for later use. This is the stage that persists even after the infected device is restarted.

Cisco researchers described stage 2 as a "workhorse intelligence-collection platform" that performs file collection, command execution, data exfiltration, and device management. Some versions of stage 2 also possess a self-destruct capability that works by overwriting a critical portion of the device firmware and then rebooting, a process that renders the device unusable. Cisco researchers believe that, even without the built-in kill command, the attackers can use stage 2 to manually destroy devices.

Stage 3 contains at least two plugin modules. One is a packet sniffer for collecting traffic that passes through the device. Intercepted traffic includes website credentials and Modbus SCADA protocols. A second module allows stage 2 to communicate over the Tor privacy service. Wednesday's report said Cisco researchers believe stage 3 contains other plugins that have yet to be discovered.

The three stages of VPNFilter.

Cisco

Hard to protect

Wednesday's report is concerning because routers and NAS devices typically receive no antivirus or firewall protection and are directly connected to the Internet. While the researchers still don't know precisely how the devices are getting infected, almost all of those targeted have known public exploits or default credentials that make compromise straightforward. Antivirus provider Symantec issued its own advisory Wednesday that identified the targeted devices as:

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

Both Cisco and Symantec are advising users of any of these devices to do a factory reset, a process that typically involves holding down a button in the back for five to 10 seconds. Unfortunately, these resets wipe all configuration settings stored in the device, so users will have to reenter the settings once the device restarts. At a minimum, Symantec said, users of these devices should reboot their devices. That will stop stages 2 and 3 from running, at least until stage 1 manages to reinstall them.

Users should also change all default passwords, be sure their devices are running the latest firmware, and, whenever possible, disable remote administration. (Netgear officials in the past few hours started advising users of "some" router models to turn off remote management. TP-Link officials, meanwhile, said they are investigating the Cisco findings.

There's no easy way to determine if a router has been infected. It's not yet clear if running the latest firmware and changing default passwords prevents infections in all cases. Cisco and Symantec said the attackers are exploiting known vulnerabilities, but given the general quality of IoT firmware, it may be possible the attackers are also exploiting zeroday flaws, which by definition device manufacturers have yet to fix.

What this means is that out of an abundance of caution, users of the devices listed above should do a factory reset as soon as possible, or at a minimum, they should reboot. People should then check with the manufacturer for advice. For more advanced users, the Cisco report provides detailed indictors of compromise and firewall rules that can detect exploits.

Cisco researchers urged both consumers and businesses to take the threat of VPNFilter seriously.

"While the threat to IoT devices is nothing new, the fact that these devices are being used by advanced nation-state actors to conduct cyber operations, which could potentially result in the destruction of the device, has greatly increased the urgency of dealing with this issue," they wrote. "We call on the entire security community to join us in aggressively countering this threat."

Dan Goodin / Dan is the Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications.


How to protect yourself from the latest router malware attack | Komando.com

How to protect yourself from the latest router malware attack | Komando.com

How to protect yourself from the latest router malware attack

How to protect yourself from the latest router malware attack

We've been warning you about how vulnerable your router can be if it's not configured properly. Hackers can hijack it to harvest your personal information, commandeer your smart devices, install malware on your computer and redirect your traffic to fake websites.

As you all know, vulnerable routers are always on a hacker's wish list. Your router, after all, is your main gateway to the internet. It is an important component in our internet-connected households and businesses and guarding it against malicious intrusions is critical.

One such threat is this new malware that has reportedly infected half a million routers around the world!

VPNFilter

Revealed this week by Cisco Talos security researchers, the dangerous malware is now known as VPNFilter and it has already infiltrated half a million routers in dozens of countries, including the U.S. It's suspected that the compromised routers will soon be used in a major botnet attack.

A botnet, to refresh your memory, is a group of gadgets that hackers have quietly taken over to be used as minions in cyberattacks, typically that of the distributed-denial-of-service (DDoS) variety.

Note: DDoS is an attack where a targeted website is flooded by an overwhelming amount of requests from millions of connected machines (collectively known as a botnet) in order to bring it down.

And get this, VPNFilter even has remote self-destruct capabilities! Yep, it can delete itself and render infected routers inoperable in the process.

Are you affected?

Here's a list of the targeted devices (courtesy of ArsTechnica):

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

How to remove VPNFilter (and protect yourself, too)

Detecting the presence of VPNFilter on your gadgets is difficult since routers and network-attached storage devices don't have anti-virus software. However, since VPNFilter is what is known as firmware malware, here are a few mitigation steps you can employ.

Perform a factory reset

To play it safe, if you own any of the models on the list, it's recommended that you perform a factory reset as soon as possible. Typically, this involves holding down the router's reset button in the back for five to 10 seconds.

Keep in mind that resetting your router will remove all your configuration settings so you will have to enter them again.

Update your router's firmware 

Next, make sure you have your router's latest firmware. You should check for router firmware updates at least once every three months, anyway.

The process is not as hard as it sounds. Once you're in the router's admin page, check for a section called "Advanced" or "Management" to look for firmware updates, then just download and apply as required. This practice can also protect your router from future infections.

Click here to learn more about updating your router's firmware.

Change the router's default password

When you installed your router, did you remember to do this one critical step - changing its default administrator password? Basically, if someone other than you can get in your router's admin page, then he/she can change any setting they want.

Make sure you've changed the default router password. Every hacker worth his or her salt has access to all the default passwords of every router brand, so you need to create one of your own that's strong.

Click here to learn how to find your router's password (then change it!)

Turn off remote administration

While you're in your router's administrator page, you can turn off remote administration for better security. Remote administration is a feature that allows you to log into your router over the internet and manage it. If you've ever called tech support, you may have experienced something similar.

Remote administration is a handy tool, especially when you need to fix a problem, but it leaves your computer vulnerable to hackers. Unless you absolutely need it, turn this feature off. You can find this under your router settings, usually under the "Remote Administration" heading.

4 scariest forms of malware spreading right now

Speaking of firmware-based malware, it's one of the scariest forms of malware that is spreading right now. Click here to read more.

Source: Cisco Talos
Feed your brain

FEED YOUR BRAIN

Join the 3.6 million subscribers already getting the latest and greatest in the tech world right in their inbox.


Friday, May 18, 2018

Beam texts and photos from your phone to your desktop | Komando.com

Beam texts and photos from your phone to your desktop | Komando.com

Beam texts and photos from your phone to your desktop

Beam texts and photos from your phone to your desktop

As great as our phones are, the drawback many have is that the screens are just not that big. So while they are fine for making calls, texting, reading social media and performing other tasks, there are many times where we wish we could see everything on a larger screen.

While that may not be a practical idea for anyone when they are on the go, it would be ideal for anyone who often uses their phone while at a work desk. If only there was an easy way to take what is on our phone and transfer it to our computer monitor, right?

Funny you should think that because Microsoft is launching an app that will do exactly that. It is called "Your Phone," and it will allow you to essentially view your phone on your computer.

As long as you have Windows 10

The app, which will be available for both Android and iOS and have different features for each, will work so long as your desktop computer is running Windows 10. With it, at least to start, you will be able to see your notifications, read and respond to text messages and move photos between devices.

In essence, your computer screen will mirror your phone's.

The app has been available for testing to people who are part of the Windows Insider Program, and it is expected to arrive in the Microsoft store the next time a Windows 10 update arrives.

Don't want to wait for the update?

If you are anxious to get your hands on the app you can join the Windows Insider Program. Not only would you have access to Your Phone, but any other apps and tools Microsoft is testing.

To sign up for Windows Insider, follow these steps:

  1. Register with the Windows Insider Program with your personal or work account. Use the same account you do for other Microsoft services, like Hotmail. If you do not have a Microsoft account, you will need to create one.
  2. Once you are logged in with your account, on a Windows 10 PC go to Start >> Settings >> Update & Security >> Windows Insider Program. (Note: You will need to have administrator rights on your PC for this option to show up).
  3. Click to join the Windows Insider Program and follow the prompts to complete the setup.
  4. Once it is set up, go to Settings >> Update & Security and click on "Check for updates" to finish the installation.

Now, once you are part of the program and have early access to apps and features, Microsoft hopes you will help by providing feedback to let them know what you think. Remember, the idea is not so much to give stuff out early, but to let people use them in real-world situations to help sharpen them for mass release.


Thursday, May 17, 2018

Here Are All the Mercedes-Benz SL Models Ranked From Best to Worst - Autotrader

Check the comments on the site for some other views.
https://www.autotrader.com/car-news/here-are-all-mercedes-benz-sl-models-ranked-best-w-281474979847783

5 must-do spy hacks you need to use now | Komando.com

5 must-do spy hacks you need to use now | Komando.com

5 must-do spy hacks you need to use now

5 must-do spy hacks you need to use now

Privacy and security seem to be on everyone's mind today. Which makes sense, because cybercriminals are constantly on the attack.

It doesn't matter if you're waiting for a connecting flight at the airport or in the comfort of your own home, hackers will find you. They might be watching your every move over public Wi-Fi or trying to get an up close and personal look at you through your webcam.

No matter what the situation, you don't want critical data falling into the wrong hands. Fending off these attacks is something everyone should know how to do.

That's why we're going to tell you about five must-do spy hacks you didn't know until now.

1. Stop your Smart TV from spying on you

Of all the "smart" devices, few are more controversial than the smart TV. The idea makes a lot of sense: Combine the best parts of a computer and a television into one super-machine. What could go wrong?

Well, as popular as smart TVs are – especially in the luxury tech department – many critics dislike the format, and the technology is surprisingly susceptible to ransomware. Companies have had to defend their inventions again and again and compared to simpler and less expensive forms of entertainment, the smart TV is struggling to earn its place in your family room.

The latest issue: privacy. Certain models keep tabs on their owners in uncomfortable ways, and there's really no good reason for this kind of shifty behavior.

Our advice: Turn the feature off. For the step-by-step instructions click here.

Psst! Smart TVs tend to be a target for hackers. Listen to Kim's free podcast to hear why you should be worried and what you can do about it by clicking the link below.

That's just one of the great topics from the Komando On Demand Podcast, but Kim shares a new podcast each week on her site and on iTunes and Google Play.

She also shares the latest updates from the tech world in her other free podcasts. Consumer Tech UpdateTech News Today and Tech News This Week. Take a listen!

2. See all the information Google has on you

You've probably heard us talk about being tracked by companies like Facebook and Google. They say the purpose is so they can provide you with targeted ads.

That might be the case but the amount of information Google actually has on you is shocking! If you use Google services, it has more information on you than you think. That means Gmail, Google+, Google Contacts, Google Docs, Google Calendar and other Google applications, along with Android.

The good news is that you can find out how much of your information has been logged with Google so you can take steps to get rid of it. The better news is that you can download all that information to your computer for your personal records so you don't lose it in the cleanup.

To find out everything Google knows about you and how to clean it up, click here.

3. Check your smartphone for any spy apps

Are spying apps a good thing? Honestly, it depends on who's doing the spying.

They're a great way for parents to make sure their children are staying safe online. But, in the wrong hands, they can become problematic.

There might be an app on your phone right now sending all your calls, texts, photos, and more to who knows? So, if someone you know seems to know a little too much about your life, they could be spying on you right now.

That's why you should check your gadget immediately to see if there are any spy apps on it. Click here to learn about 5 smartphone spy apps that could be listening and watching you right now.

4. Turn on these Amazon Echo privacy settings

Smart assistant enabled speakers like Amazon's Echo, and Echo Dot can be extremely helpful around the house. You can use them to control smart appliances, lights, listen to music, get the daily news and so much more.

However, there are some privacy concerns that you need to be aware of before bringing them into your home. One is the fact that Alexa is always listening. It listens constantly to hear the "wake word" so it can perform whatever function that you need.

The good news is there are ways to make things more secure. Click here to learn about 3 Amazon Echo privacy settings you should turn on now.

5. Turn your webcam into a spy cam

When you're walking out the door for a vacation or even just a normal workday, it's easy to be thinking about what's ahead, not what you're leaving behind. Sure, you locked the doors, but what if you want to check up on your home while you're gone?

Most people don't think about setting up a monitoring system until they're already out of the house. An internet-enabled security camera will do the trick, but most people don't bother buying and installing one, even though they should.

If cost or complexity is holding you back, I have a less-expensive solution. You probably have a webcam for your desktop or laptop computer, which means you already have almost everything you need for serious spy-grade home surveillance (when you and Fido simply can't be there to secure the home front old-school style).

For a step-by-step guide on how to turn your webcam into a surveillance cam, click here.

Bonus: Stop hackers from spying through your webcam

Now that you've learned how to use your webcam as a surveillance tool, you should also know how to protect yourself from having the tables turned against you. Webcam hacking is a real threat facing computer users every day.

Believe me, you don't want hackers taking over your webcam and watching your every move. That's creepy!

A webcam cover is the easiest way to prevent your webcam from being used to spy on you. Simply slide it over the camera and it's all set.

You're going to love this one! There's no better webcam cover to own, this is deep blue with the Kim Komando Show logo printed on it. Just like Kim keeping you up to date on the latest in security and safety, she will now keep your webcam safe too. The best part, there's no sticky residue left on your computer and it comes with a screen cleaning pad. 

You can get your very own Kim Komando Show webcam cover for just $6.95 from the Komando Shop. Simply click the link below and your webcam will be protected from hackers in style.


New veterans ID cards finally being delivered

https://rebootcamp.militarytimes.com/veterans/2018/05/16/new-veterans-id-are-finally-being-delivered-but-feature-office-depots-logo-on-the-back/

Wednesday, May 16, 2018

Think You’ve Got Your Credit Freezes Covered? Think Again. — Krebs on Security

Think You've Got Your Credit Freezes Covered? Think Again. — Krebs on Security

Think You've Got Your Credit Freezes Covered? Think Again.

I spent a few days last week speaking at and attending a conference on responding to identity theft. The forum was held in Florida, one of the major epicenters for identity fraud complaints in United States. One gripe I heard from several presenters was that identity thieves increasingly are finding ways to open new mobile phone accounts in the names of people who have already frozen their credit files with the big-three credit bureaus. Here's a look at what may be going on, and how you can protect yourself.

Carrie Kerskie is director of the Identity Fraud Institute at Hodges University in Naples. A big part of her job is helping local residents respond to identity theft and fraud complaints. Kerskie said she's had multiple victims in her area recently complain of having cell phone accounts opened in their names even though they had already frozen their credit files at the big three credit bureausEquifax, Experian and Trans Union (as well as distant fourth bureau Innovis).

The freeze process is designed so that a creditor should not be able to see your credit file unless you unfreeze the account. A credit freeze blocks potential creditors from being able to view or "pull" your credit file, making it far more difficult for identity thieves to apply for new lines of credit in your name.

But Kerskie's investigation revealed that the mobile phone merchants weren't asking any of the four credit bureaus mentioned above. Rather, the mobile providers were making credit queries with the National Consumer Telecommunications and Utilities Exchange (NCTUE), or nctue.com.

Source: nctue.com

"We're finding that a lot of phone carriers — even some of the larger ones — are relying on NCTUE for credit checks," Kerskie said. "It's mainly phone carriers, but utilities, power, water, cable, any of those, they're all starting to use this more."

The NCTUE is a consumer reporting agency founded by AT&T in 1997 that maintains data such as payment and account history, reported by telecommunication, pay TV and utility service providers that are members of NCTUE.

Who are the NCTUE's members? If you call the 800-number that NCTUE makes available to get a free copy of your NCTUE credit report, the option for "more information" about the organization says there are four "exchanges" that feed into the NCTUE's system: the NCTUE itself; something called "Centralized Credit Check Systems"; the New York Data Exchange; and the California Utility Exchange.

According to a partner solutions page at Verizon, the New York Data Exchange is a not-for-profit entity created in 1996 that provides participating exchange carriers with access to local telecommunications service arrears (accounts that are unpaid) and final account information on residential end user accounts.

The NYDE is operated by Equifax Credit Information Services Inc. (yes, that Equifax). Verizon is one of many telecom providers that use the NYDE (and recall that AT&T was the founder of NCTUE).

The California Utility Exchange collects customer payment data from dozens of local utilities in the state, and also is operated by Equifax (Equifax Information Services LLC).

Google has virtually no useful information available about an entity called Centralized Credit Check Systems. It's possible it no longer exists. If anyone finds differently, please leave a note in the comments section.

When I did some more digging on the NCTUE, I discovered…wait for it…Equifax also is the sole contractor that manages the NCTUE database. The entity's site is also hosted out of Equifax's servers. Equifax's current contract to provide this service expires in 2020, according to a press release posted in 2015 by Equifax.

RED LIGHT. GREEN LIGHT. RED LIGHT.

Fortunately, the NCTUE makes it fairly easy to obtain any records they may have on Americans.  Simply phone them up (1-866-349-5185) and provide your Social Security number and the numeric portion of your registered street address.

Assuming the automated system can verify you with that information, the system then orders an NCTUE credit report to be sent to the address on file. You can also request to be sent a free "risk score" assigned by the NCTUE for each credit file it maintains.

The NCTUE also offers an online process for freezing one's report. Perhaps unsurprisingly, however, the process for ordering a freeze through the NCTUE appears to be completely borked at the moment, thanks no doubt to Equifax's well documented abysmal security practices.

Alternatively, it could all be part of a willful or negligent strategy to continue discouraging Americans from freezing their credit files (experts say the bureaus make about $1 for each time they sell your file to a potential creditor).

On April 29, I had an occasion to visit Equifax's credit freeze application page, and found that the site was being served with an expired SSL certificate from Symantec (i.e., the site would not let me browse using https://). This happened because I went to the site using Google Chrome, and Google announced a decision in September 2017 to no longer trust SSL certs issued by Symantec prior to June 1, 2016.

Google said it would do this starting with Google Chrome version 66. It did not keep this plan a secret. On April 18, Google pushed out Chrome 66.  Despite all of the advance warnings, the security people at Equifax apparently missed the memo and in so doing probably scared most people away from its freeze page for several weeks (Equifax fixed the problem on its site sometime after I tweeted about the expired certificate on April 29).

That's because when one uses Chrome to visit a site whose encryption certificate is validated by one of these unsupported Symantec certs, Chrome puts up a dire security warning that would almost certainly discourage most casual users from continuing.

The insecurity around Equifax's own freeze site likely discouraged people from requesting a freeze on their credit files.

On May 7, when I visited the NCTUE's page for freezing my credit file with them I was presented with the very same connection SSL security alert from Chrome, warning of an invalid Symantec certificate and that any data I shared with the NCTUE's freeze page would not be encrypted in transit.

The security alert generated by Chrome when visiting the freeze page for the NCTUE, whose database (and apparently web site) also is run by Equifax.

When I clicked through past the warnings and proceeded to the insecure NCTUE freeze form (which is worded and stylized almost exactly like Equifax's credit freeze page), I filled out the required information to freeze my NCTUE file. See if you can guess what happened next.

Yep, I was unceremoniously declined the opportunity to do that. "We are currently unable to service your request," read the resulting Web page, without suggesting alternative means of obtaining its report. "Please try again later."

The message I received after trying to freeze my file with the NCTUE.

This scenario will no doubt be familiar to many readers who tried (and failed in a similar fashion) to file freezes on their credit files with Equifax after the company divulged that hackers had relieved it of Social Security numbers, addresses, dates of birth and other sensitive data on nearly 150 million Americans last September. I attempted to file a freeze via the NCTUE's site with no fewer than three different browsers, and each time the form reset itself upon submission or took me to a failure page.

So let's review. Many people who have succeeded in freezing their credit files with Equifax have nonetheless had their identities stolen and new accounts opened in their names thanks to a lesser-known credit bureau that seems to rely entirely on credit checking entities operated by Equifax.

"This just reinforces the fact that we are no longer in control of our information," said Kerskie, who is also a founding member of Griffon Force, a Florida-based identity theft restoration firm.

I find it difficult to disagree with Kerskie's statement. What chaps me about this discovery is that countless Americans are in many cases plunking down $3-$10 per bureau to freeze their credit files, and yet a huge player in this market is able to continue to profit off of identity theft on those same Americans.

EQUIFAX RESPONDS

I asked Equifax why the very same credit bureau operating the NCTUE's data exchange (and those of at least two other contributing members) couldn't detect when consumers had placed credit freezes with Equifax. Put simply, Equifax's wall of legal verbiage below says mainly that NCTUE is a separate entity from Equifax, and that NCTUE doesn't include Equifax credit information.

Here is Equifax's full statement on the matter:

·        The National Consumer Telecom and Utilities Exchange, Inc. (NCTUE) is a nationwide, member-owned and operated, FCRA-compliant consumer reporting agency that houses both positive and negative consumer payment data reported by its members, such as new connect requests, payment history, and historical account status and/or fraudulent accounts.  NCTUE members are providers of telecommunications and pay/satellite television services to consumers, as well as utilities providing gas, electrical and water services to consumers. 

·        This information is available to NCTUE members and, on a limited basis, to certain other customers of NCTUE's contracted exchange operator, Equifax Information Services, LLC (Equifax) – typically financial institutions and insurance providers.  NCTUE does not include Equifax credit information, and Equifax is not a member of NCTUE, nor does Equifax own any aspect of NCTUE.  NCTUE does not provide telecommunications pay/ satellite television or utility services to consumers, and consumers do not apply for those services with NCTUE.

·        As a consumer reporting agency, NCTUE places and lifts security freezes on consumer files in accordance with the state law applicable to the consumer.  NCTUE also maintains a voluntary security freeze program for consumers who live in states which currently do not have a security freeze law. 

·        NCTUE is a separate consumer reporting agency from Equifax and therefore a consumer would need to independently place and lift a freeze with NCTUE.

·        While state laws vary in the manner in which consumers can place or lift a security freeze (temporarily or permanently), if a consumer has a security freeze on his or her NCTUE file and has not temporarily lifted the freeze, a creditor or other service provider, such as a mobile phone provider, generally cannot access that consumer's NCTUE report in connection with a new account opening.  However, the creditor or provider may be able to access that consumer's credit report from another consumer reporting agency in order to open a new account, or decide to open the account without accessing a credit report from any consumer reporting agency, such as NCTUE or Equifax. 

PLACING THE FREEZE

I was able to successfully place a freeze on my NCTUE report by calling their 800-number — 1-866-349-5355. The message said the NCTUE might charge a fee for placing or lifting the freeze, in accordance with state freeze laws.

Depending on your state of residence, the cost of placing a freeze on your credit file at Equifax, Experian or Trans Union can run between $3 and $10 per credit bureau, and in many states the bureaus also can charge fees for temporarily "thawing" and removing a freeze (according to a list published by Consumers Union, residents of four states — Indiana, Maine, North Carolina, South Carolina — do not need to pay to place, thaw or lift a freeze).

While my home state of Virginia allows the bureaus to charge $10 to place a freeze, for whatever reason the NCTUE did not assess that fee when I placed my freeze request with them. When and if your freeze request does get approved using the NCTUE's automated phone system, make sure you have pen and paper or a keyboard handy to jot down the freeze PIN, which you will need in the event you ever wish to lift the freeze. When the system read my freeze PIN, it was read so quickly that I had to hit "*" on the dial pad several times to repeat the message.

It's frankly absurd that consumers should ever have to pay to freeze their credit files at all, and yet a recent study indicates that almost 20 percent of Americans chose to do so at one or more of the three major credit bureaus since Equifax announced its breach last fall. The total estimated cost to consumers in freeze fees? $1.4 billion.

A bill in the U.S. Senate that looks likely to pass this year would require credit-reporting firms to let consumers place a freeze without paying. The free freeze component of the bill is just a tiny provision in a much larger banking reform bill — S. 2155 — that consumer groups say will roll back some of the consumer and market protections put in place after the Great Recession of the last decade.

"It's part of a big banking bill that has provisions we hate," said Chi Chi Wu, a staff attorney with the National Consumer Law Center. "It has some provisions not having to do with credit reporting, such as rolling back homeowners disclosure act provisions, changing protections in [current law] having to do with systemic risk."

Sen. Jack Reed (D-RI) has offered a bill (S. 2362) that would invert the current credit reporting system by making all consumer credit files frozen by default, forcing consumers to unfreeze their files whenever they wish to obtain new credit. Meanwhile, several other bills would impose slightly less dramatic changes to the consumer credit reporting industry.

Wu said that while S. 2155 appears steaming toward passage, she doubts any of the other freeze-related bills will go anywhere.

"None of these bills that do something really strong are moving very far," she said.

I should note that NCTUE does offer freeze alternatives. Just like with the big four, NCTUE lets consumers place a somewhat less restrictive "fraud alert" on their file indicating that verbal permission should be obtained over the phone from a consumer before a new account can be opened in their name.

Here is a primer on freezing your credit file with the big three bureaus, including Innovis. This tutorial also includes advice on placing a security alert at ChexSystems, which is used by thousands of banks to verify customers that are requesting new checking and savings accounts. In addition, consumers can opt out of pre-approved credit offers by calling 1-888-5-OPT-OUT (1-888-567-8688), or visit optoutprescreen.com.

Oh, and if you don't want Equifax sharing your salary history over the life of your entire career, you might want to opt out of that program as well.

Equifax and its ilk may one day finally be exposed for the digital dinosaurs that they are. But until that day, if you care about your identity you now may have another freeze to worry about. And if you decide to take the step of freezing your file at the NCTUE, please sound off about your experience in the comments below.