Tech Friday

posted by Brian Thomas - 

  • Search and delete your old Tweets:
    • Twitter allows people to amass huge numbers of tweets (posts) over time, and some of them may be less than flattering
    • Scandals involving high-profile celebrities and politicians have sprung over the years from old posts someone found
    • You can review (and potentially delete) your old posts, but it can be cumbersome and time consuming 
    • Here two ways to simplify and speed up the process:
      • Advanced Search:
        • Use this to search your tweets
        • Type in a term in the Search box and search
        • Click on Show by Search Filters
        • Click on Advanced Search
        • Enter your Twitter handle (@ symbol included) in the "From These Accounts" field
        • Enter at least one word in one of the "Words" fields
        • Click Search at the bottom of the page
        • Delete any Tweets you don't like
      • Download your entire history:
        • This allows you to pull all your Tweets and analytical data down to your PC
        • Go to your Account Profile
        • Scroll to the bottom and click Request Your Archive
        • Twitter will send you an email with the archive attached
        • Download the attached archive file
        • Extract the archive which will create many files
        • Use a text editor like Notepad to search the Tweets.js file
        • Each tweet has a date time stamp in the created_at field
        • Use this information to search Twitter to find and delete the Tweet(s)
    • Worst case scenario, you can delete your entire account
    • Understand that some or all of these Tweets may still be available somewhere on the web
    • It's always best to think about potential future ramifications before you post something and to remember that the Internet is forever
  • DOJ Cybersecurity Task Force explains plans to protect elections:
    • The Cyber-Digital Task Force (CDTF), announced in February, is designed to help the Department of Justice (DOJ) combat cyber threats
    • The role of the CDTF includes election interference, infrastructure protection, botnets, data theft, curbing the spread of violent ideologies, and the use of technology to hide criminal activity
    • The CDTF recently produced a 156 page report focused on what the Attorney General described as "one of the most pressing cyber-enabled threats" confronting the US, "malign foreign influence operations" attempting to interfere with elections and sow dissension
    • Threats outlined in the report include operations targeting election infrastructure such as voting machines and voter registration databases, and operations to harm political organizations and public officials
    • Russia was explicitly named in the report which cited the hacking of the Democratic National Committee (DNC) as well as Russian meddling in the 2016 presidential election
    • Another concern is operations that use social media to spread disinformation as well as overt influence operations using lobbyists and foreign media
    • In the report, intelligence officials express concern that the midterm elections will be targeted by Russia
    • The report outlines plans to fight threats to the 2018 midterm elections and outlines a framework for countering foreign influence operations
    • "Combating foreign influence operations requires a whole-of-society approach that relies on coordinated actions by federal, State, and local government agencies; support from potential victims and the private sector; and the active engagement of an informed public." the CDTF noted
    • You can read the report here: https://www.justice.gov/ag/page/file/1076696/download
  • Software security vulnerabilities found in most companies:
    • A new study by Rapid 7 found that only 16% of companies investigated are free of software vulnerabilities that could be exploited by cyber attacks
    • The study attempted to determine the most common weaknesses in modern enterprises to use as a basis to better defend against them
    • A key discovery was that penetration testers were able to leverage at least one network misconfiguration 80% of the time, and it rose to 96% for internal tests
    • Penetration testers found that in 53% of tests, they were able to discover at least one set of user credentials (user name and password) that gave them undetected access  
    • Sadly, the study found the use of Two-Factor Authentication (2FA) in only 15% of sites tested
    • Probably the most shocking statistic reported was that in 28% of cases, penetration testers were able to gain full control over the network, and it rose to 67% for internal penetration   tests!
    • The report hammered on the importance of network segmentation to block routes across a network
    • The report also focused on the "Principle of Least Privilege" which essentially says give accounts the minimum access needed 
    • Vulnerability and patch management were also called out: "While a patching routine may not necessarily be technically automatic for these systems, it’s imperative that IT and security organisations work together to ensure that patches are rolled out as quickly and seamlessly as practicable"
    • Other topics included the importance of education and training so that every user shares responsibility for cybersecurity. The report said: "Training users to spot phishing campaigns, social engineering operations and other relatively low-tech attack techniques goes a long way to extending the security team’s vision and reach"
Brian Thomas

Brian Thomas

Based in Cincinnati, OH, the Brian Thomas Morning Show covers news and politics, both local and national, from a conservative point of view. Read more

title

Content Goes Here