Should You Update Your iPhone?

Keeping your iPhone updated will help keep you secure. (Photo credit: Sumudo Mohottige)

Keeping your iPhone updated will help keep you secure. (Photo credit: Sumudo Mohottige)

According to a Pew Research study from 2017, “around one-in-ten people report they never install updates to their smartphone’s apps or operating system.”

Security flaws are constantly being discovered on all kinds of devices in today’s connected world, and iPhones are no exception. Keeping devices updated is incredibly important. Here are some of the main reasons to keep your iPhone (and other devices) updated:

Patch Security Exploits

iPhones can be vulnerable to exploits. (Photo credit: Dlanor S)

iPhones can be vulnerable to exploits. (Photo credit: Dlanor S)

It is a common misconception that only Windows PCs can get viruses or other malware. While it’s true that over 78% of all attacks in 2019 were carried out against Windows systems, there are still significant risks to iOS, MacOS, Linux, and other operating systems.

One case of this was the AceDeceiver Trojan, discovered in 2016 on iOS devices in China. This malware was able to install itself on devices by exploiting a flaw in Apple’s DRM protection. Once on a device, it could install other malicious apps without any knowledge of the user.

This is just one example of malware that existed on iOS, and is a reason why users should take security updates seriously.

Limit Tracking

Apple released iOS 14.5 in April 2021, which included a feature to limit tracking by third parties. (Photo credit: Luke Chesser)

Apple released iOS 14.5 in April 2021, which included a feature to limit tracking by third parties. (Photo credit: Luke Chesser)

With the release of iOS 14.5 in April of 2021, Apple introduced a feature called App Tracking Transparency that allows users to request to opt-out of third party tracking. An example of this kind of tracking is when you search for an item in your web browser, and then suddenly start seeing advertisements for similar items in your social media. While some may find this to be a convenient way to get relevant ads, most view it as a breach of privacy.

Users can opt-out of this tracking by going to Settings > Privacy > Tracking and toggling “Allow Apps to Request to Track” off. This will stop apps from sharing advertising data with each other, and it will automatically say “no” to the apps that request to track your data in the future.

Without updating to iOS 14.5, users would not have this option!

New Features

Keep your iPhone updated to take advantage of the latest features. (Photo credit: Bagus Hernawan)

Keep your iPhone updated to take advantage of the latest features. (Photo credit: Bagus Hernawan)

Hardware is not the only way that manufacturers release new features. Many new features are released as software updates. Just a few examples of new features in iOS 14.5 include:

  • Unlock Your iPhone With Apple Watch When Wearing a Mask

  • AirTags Support

  • Apple Maps Crowdsourcing for Accidents, Hazards, and Speed Checks

  • Dual-SIM 5G Support

  • New Emoji Characters

  • Expanded Game Controller Support

Conclusion

Yes, users should keep iOS devices updated. The added security, privacy, and access to new features are compelling reasons to take these updates seriously.

Thanks for reading!

How to Safely Store Bitcoin

Keep your cryptocurrencies safe and secure! (Photo credit: André François McKenzie)

Keep your cryptocurrencies safe and secure! (Photo credit: André François McKenzie)

The rise of Bitcoin and other crypto has created more reasons for owners to understand proper security of these currencies. Users can lose money due to hardware failure, loss of keys, and theft. Here are some of the best ways to store cryptocurrencies such as Bitcoin:

Hot Wallet

A “hot wallet” is internet-connected, making it more convenient but also more vulnerable. (Photo credit: Dmitry Demidko)

A “hot wallet” is internet-connected, making it more convenient but also more vulnerable. (Photo credit: Dmitry Demidko)

A “hot wallet” is the easiest way to store cryptocurrencies. Similar to a checking account, a hot wallet is a fast way to access and transfer funds. One important consideration is that hot wallets, also know as exchange wallets, are not insured by the FDIC or any other entity. In other words, if that organization was to be hacked and your coins were stolen, there would be nothing to bail you out. While a hot wallet is useful for making exchanges, it should not be used for holding large amounts of cryptocurrencies. Instead, those larger amounts should be transferred to the next option:

Cold Wallet

A “cold wallet” is safer because it is stored offline. (Photo credit: Erin McKenna)

A “cold wallet” is safer because it is stored offline. (Photo credit: Erin McKenna)

A “cold wallet” is the safest way to store Bitcoin and other digital currencies. Also known as hardware wallets, these wallets are stored offline and are therefore less susceptible to hacking. One of the safest ways to store an offline wallet is by printing it off and making a “paper wallet.” This includes a public and private key that can be used to verify your identity and access the coins. Another way to store a wallet offline is by using a USB drive to hold the public and private keys. The risk in this situation would be the loss or damage to these physical devices/paper.

Physical Coins

Physical coins are another popular way to store Bitcoin. (Photo credit: Dmitry Demidko)

Physical coins are another popular way to store Bitcoin. (Photo credit: Dmitry Demidko)

There are premium services available that will create and ship physical coins to you, with a tamper-proof sticker that indicate the value of the coin. This is more expensive that the free methods mentioned above, but it represents a unique way to hold a digital currency.

Other Considerations

Bitcoin Considerations.jpg

Here are some other things to consider when storing digital currencies:

  • Keep your wallet backed up to protect yourself from hardware failures. Store the backup separately from the computer with a good password.

  • Keep your Bitcoin/crypto software updated to keep it secure.

  • Consider using multiple signatures for transactions to increase security from theft.

  • Read as much as you can about the topic. Search for articles and learn about the currency you are investing in and how to keep it safe!

Thanks for reading!

How to Secure a Raspberry Pi

A Raspberry Pi can be a fun and powerful tool! (Photo credit: Harrison Broadbent)

A Raspberry Pi can be a fun and powerful tool! (Photo credit: Harrison Broadbent)

A Raspberry Pi is a tiny, inexpensive computer. It is a great tool for everyday computing tasks, learning how to code, and even retro gaming. As hardware like this becomes more popular and inexpensive, it is that much more important to understand how to secure these devices from attackers. To secure your device, check out the following steps!

Change the DefaUlt Password

Change the default password on all of your devices! (Photo credit: Amazee Labs)

Change the default password on all of your devices! (Photo credit: Amazee Labs)

One of the first steps you should take to secure your Raspberry Pi is to change the default password. These settings can be changed from the “raspi-config” application, or by typing “sudo raspi-config” from the command line. An even faster way to change this password would be to just type “passwd” into the command line, which will then prompt you to type in a new password.

This is an incredibly important step you should take on any new device, including routers, computers, smart devices, and anything else with an internet connection. To leave the default password unchanged is to invite attackers into your system freely.

Set Up a New User Account

Avoid using the default username when possible (Photo credit: Aryan Dhiman)

Avoid using the default username when possible (Photo credit: Aryan Dhiman)

Everyone that knows about the Raspberry Pi knows that the default username is “pi.” That in itself is a good reason to use a different username. To add a new user named “ryan,” simply type “sudo adduser ryan” in the command line. You can then go through the process of deleting the “pi” user, but it is important to note that some applications require the “pi” user to be present. If you have determined that you are ready to delete the “pi” user, you can read more about that topic in the official documentation here; just make sure you save any data from the “pi” user directory that you might need later!

Require a Password for “SUDO”

The “sudo” command stands for “superuser do.” (Photo credit: Joan Gamell)

The “sudo” command stands for “superuser do.” (Photo credit: Joan Gamell)

The “sudo” command is what allows Raspberry Pi users to act as a “superuser,” giving them elevated privileges with the ability to modify important system files. Unfortunately, the sudo command does not require a password by default, leaving your device vulnerable to attackers!

To force “sudo” to require a password, type “sudo visudo /etc/sudoers.d/010_pi-nopasswd” and change the “pi” entry (or whichever usernames have superuser rights) to: “pi ALL=(ALL) PASSWD: ALL” and save the file. For more details, check out the documentation.

Download the Latest Updates

Keep your system updated to stay secure! (Photo credit: Vishnu Mohanan)

Keep your system updated to stay secure! (Photo credit: Vishnu Mohanan)

Keeping your Raspberry Pi updated is a fast and easy way to increase security. As vulnerabilities are discovered in software, developers release updates to protect against those weaknesses.

To update your Raspberry Pi, simply type “sudo apt update” in the command line and press enter. This updates your system’s package list. Then, type “sudo apt full-upgrade” which upgrades your software to the latest version. That’s it!

For more details, read the manual here regarding system updates. For more ways to secure your Raspberry Pi, check out the official documentation here. Thanks for reading!

Introduction to RangeForce

The RangeForce logo

The RangeForce logo

RangeForce describes itself as “the world’s most comprehensive cybersecurity training and cyber skills assessment program.” They use virtual machines and step-by-step training to guide you through practice labs on introductory topics such as VIM, regex, and Docker, as well as advanced topics like password cracking and packet capture forensics. With over 20 modules covering various topics, there is a lot of material available for learners of any experience level. Best of all, the training is provided at no cost through the Free Community Edition. Here is a quick walkthrough to get you started:

Create an Account

The account sign-up page for RangeForce Free Community Edition

The account sign-up page for RangeForce Free Community Edition

The account sign-up process is simple but might take some time. Fill out the form on the RangeForce website and click submit. You will then receive an email notifying you that it could take up to two business days to receive access to an account because each registration is processed individually. You will probably receive account access within 12-24 hours. You will then need to verify your email address and finish the setup process.

Check Out the Dashboard

The RangeForce dashboard

The RangeForce dashboard

Once you have finished creating your account, you will be greeted with the RangeForce dashboard. This hub shows your current rank on the leaderboard, how many modules you have completed, and the progress of your individually set goals.

Your position on the leaderboard automatically updates as you complete each module. At the time of this writing, you can put yourself in the top 100 members by completing only 13 out of the 21 available modules!

The modules cover a wide variety of topics, including Linux execution content, Splunk, cloud security, and Metasploit. Each category lists a difficulty level of foundational, intermediate, or advanced. Try one of the foundational modules to get an idea of how the courses work.

Individual goals can be set and measured by time spent or modules completed each month or week. As you accomplish the goals you set, this section will update automatically to track your progress and reward you when you finish.

Do the Work!

A few of the available modules

A few of the available modules

The next step is to set a goal and start working on the modules! Each module includes hints and solutions if you need them. Comment below with your current goal and ranking on RangeForce!

What is Buffer Overflow?

A buffer overflow can allow hackers to access your system in unexpected ways. (Photo credit: Lars Kienle)

A buffer overflow can allow hackers to access your system in unexpected ways. (Photo credit: Lars Kienle)

A buffer overflow is an exploit used by a hacker to force a system to perform actions not intended by the programmers. To understand this concept, we first need to understand what a buffer is.

A buffer is a place where data is stored. A common example of this would be a login/password text box on a website. For our purposes, let’s assume that the text box is expecting a password of 12 characters or less. If a malicious hacker can input a formula that the programmer didn’t account for that could result in many more than 12 characters being entered into that text box, those extra characters would spill over into the surrounding memory, causing unintended side effects. This type of exploit can be used by the bad guys to gain access to hidden information on the system which could compromise and even change the operations of that computer/server. Without the proper controls in place, the extra information (overflow) is inserted into the computer memory, causing the computer to blindly run new instructions.

The simplest method for preventing buffer overflows is to use a programming language that does not allow for them. While C allows for buffer overflows, other languages such as Java, Python, and .NET do not require special changes.

Buffer overflows can represent a serious vulnerability to your systems. It is important to check your code for these vulnerabilities and ensure that you are mitigating risk from these types of attacks!

What is Ransomware and Crypto-Malware?

These types of malware could lock you out and cost you big money. (Photo credit: FLY:D)

These types of malware could lock you out and cost you big money. (Photo credit: FLY:D)

Ransomware is a type of malware designed to encrypt a computer, locking the user out of the computer or network completely. The attacker then demands a ransom to restore access to the system. These types of attacks have been carried out against individuals, companies, schools and even hospitals. In 2020, Cybersecurity company BlackFog estimated that “a business is attacked by a cybercriminal every 11 seconds” with a total estimated cost of $20 billion by 2021 (source).

Victims are often required to pay the bad guys in cryptocurrencies such as Bitcoin. “Once they have the Bitcoins, it’s simply a matter of ‘washing’ them via the Dark Web (a process which removes all traces of previous ownership and transactions) and the hackers can then convert the coins to cash” (Eurostaff).

Crypto-malware is similar to ransomware, with the main difference being that crypto-malware locks out the user from personal files but still leaves the operating system functional. The bad guys leave the OS running so that they can present a message to you demanding the ransom payment.

In either case, there are some steps you can take to help prevent these types of attacks:

  • Keep OS, software, and virus protection up to date on the latest version

  • Avoid opening emails or attachments from unknown senders

  • Avoid suspicious websites and links

  • Keep your data backed up routinely on an offline drive

These are just a few ways to keep you safe from ransomware and crypto-malware. It’s up to you to stay informed and stay vigilant!

TryHackMe - What is Splunk?

(Photo credit: Vishnu R Nair)

(Photo credit: Vishnu R Nair)

TryHackMe is a great resource for learning basic hacking concepts and getting hands-on experience! This article will show you around the “Detect Attacks Using Splunk” room from TryHackMe. “Splunk” is a product that captures and organizes data into digestible formats to help find patterns and solve problems for companies.

Begin by creating a TryHackMe account and completing the first few click-throughs, which eventually leads to this link:

Once you’ve entered the Splunk “room,” you will need to start your virtual machine. While the machine loads, you will answer some basic questions about Splunk commands. Google is your friend!

Following your quiz is an opportunity to learn about “BOTS,” which is described as a “blue-team jeopardy-esque (CTF) activity.” Learn more about that here.

Eventually, your virtual machine will load. Open the web browser and navigate to the URL listed in the instructions. This should lead you to the first exercise, with a screen that looks like this:

Splunk2.png

Our first task is to track down P01s0n1vy, who is attacking our company, Wayne Enterprises. Follow the prompts to begin to understand which IP address attacked us, and which software was used to carry out the attack. While all of the answers are more or less given to you, it is best to always click the green button to “Run the Search in a New Tab,” which helps you see exactly how Splunk works with data to find the answers.

Splunk3.png

You will then progress through a series of questions. Don’t be discouraged if you need to google some of the answers. The most important thing to remember is that as long as you are learning something, your time is well spent. Everyone starts somewhere, and TryHackMe is a great way to expose yourself to the world of hacking! Keep going and you will keep learning.

(Photo credit: Kaur Kristjan)

(Photo credit: Kaur Kristjan)

Here is a link that provides many answers if you get stuck.

Good luck, and enjoy!

What are DoS and DDoS Attacks?

What is the difference between DoS and DDoS? (Photo credit: Kevin Ku)

What is the difference between DoS and DDoS? (Photo credit: Kevin Ku)

A “Denial of Service” (DoS) attack involves disrupting a computer or network and making it unavailable to users. This can be accomplished by exploiting a vulnerability in the system. One common DoS method is to flood the network with requests to overload it, which stops legitimate requests from coming through.

A “Distributed Denial of Service” (DDoS) attack is a DoS attack that comes from multiple coordinated sources. This is often achieved by using a botnet, which is a network of private computers maliciously being controlled without consent from the owners. A botnet has strength in numbers and is able to overwhelm a target by abusing protocols such as DNS, ICMP, and Network Time Protocol.

Here are some ways to protect yourself against DoS and DDoS attacks:

  • Use a multi-level defense strategy. This could include Intrusion Prevention and Detection Systems, firewalls, VPNs, content filtering, secure backups, and more depending on the scope of your network.

  • Keep software and firmware updated on all of your network devices. Avoid using hardware that is no longer supported with security updates from the manufacturer.

  • Monitor your network traffic. Understand your baseline so you can recognize anomalies as they occur.

  • Consider implementing cloud-based technologies as a way to outsource DDoS prevention.

Denial of Service attacks normally target business and larger companies, but individuals should also practice good security habits online. This includes using a firewall, keeping your software and OS updated, and not clicking suspicious links or opening strange emails. This will help prevent your system from unknowingly becoming part of a botnet, and will keep you safer online. Stay informed, and stay vigilant!