Tech Friday with Dave Hatter - July 10th 2020 - SPONSORED BY INTRUST IT


  • 50% of remote workers are not prepared for cyberattacks:
    • A new report from IBM suggests remote workers, their devices and their environments are not prepared for cybercriminals
    • Cybercriminals have changed and continue to change their tactics to target remote workers
    • IBM found that over half of remote employees using their personal device for work and "have yet to be given any new security policies on how to securely work from home”
    • Additionally, they found that for more than half of the people, their employer has done nothing to secure their equipment
    • The home environment often has many security issues including insecure WiFi, personal devices and multiple users
  • What you can do to be more secure:
    • Don't allow family members to useworkrelated equipment
    • Don't share user credentials (username and password) betweenworkand personal accounts
    • Follow all company policies carefully
    • Update to Windows 10
    • Endpoint protection (anti-virus) software
    • Virtual Private Network (VPN) software for encryption of data transmitted over the Internet. For example, NordVPN
    • Bitlocker for encryption of data on the PC
    • A high quality WiFi router. Change default password and ensure that you are using WPA2 or higher security
    • Regular patching of all your devices
    • Backup - cloud or external drive
    • Use a privacy oriented browser like Firefox
    • Consider a password manager (vault) like LastPass
    • A surge protector and/or UPS
    • Only install carefully vetted apps on a device that containsworkrelated information
    • Ask your IT/security team for help/advice
    • Check out cloud based platforms such as O365 to work securely:
    • Collaborate easily with co-workers with SharePoint, Teams and OneDrive
    • Backup and share files with SharePoint and OneDrive
    • Microsoft offers 6 month free trial of paid Teams tier in light of Coronavirus
  • Calendar invitations are being used for Phishing:
    • Researchers at Abnormal Security discovered that cybercriminals are using calendar invitations to disguise phishing
    • More than 15,000 Wells Fargo customers have been targeted since June
    • The spoofed emails appear to be from Wells Fargo and inform the recipient that they need to do something or their account will be suspended
    • The emails contain .ics files (calendar invites). If opened, an invitation is added to the user’s calendar
    • An ICS file is used by most popular email and calendar applications to share calendar events with other users
    • The blackhats are using the .ics files to bypass email security filters and put malicious phishing links in a user's calendar
    • They know most users won’t be expecting to receive phishing attacks in a calendar invitation
    • The invitations contain a malicious link to a spoofed Wells Fargo page that prompts the user for their account information.
    • BleepingComputer said "Their calendar apps would deliver automatic notifications that the victims would likely click since they're delivered by a trusted app."
    • Like most phishing attacks, these emails have a sense of urgency so that the user feels more compelled to act
    • "Access to a user’s sensitive information would allow an attacker to commit identity theft as well as steal any money associated with the account. Many of these companies have stringent regulations and security in order to protect users and their financial holdings. However, attackers are continually finding ways to compromise users’ accounts." - Abnormal Security
    • Stop, Think, Protect (yourself, your family and your organization)
    • Always stop and verify any email or text message that asks for sensitive personal or financial information independently
  • Delete TikTok:
    • TikTok is a popular social media app developed by a Chinese company that allows users to upload and share short-form video (up to 60 seconds)
    • It's especially popular for dance, lip-sync, and comedy
    • TikTok now has over 1 billion active users and it's stated mission is “to capture and present the world’s creativity, knowledge, and precious life moments, directly from the mobile phone"
    • It was the most downloaded app of 2019 and is especially popular with teens
    • The TikTok privacy policy says “We share your data with our third party service providers we rely on to help provide you with the Platform. These providers include cloud storage providers and other IT service providers. We also share your information with our business partners, advertisers, analytics and search engine providers…”
    • Concerns have been raised that the information of US citizens could be compromised by its Chinese makers
    • TikTok has come under fire in the past because kids can receive direct messages from strangers and be exposed to inappropriate content. By default, all information is public
    • In December of last year, the Pentagon warned that all US military personnel should delete TikTok from all smartphones
    • Some military branches have strongly discouraged members from using TikTok on their personal devices
    • TikTok has also come under heightened scrutiny by Congress
    • Apple recently announced that they are fixing a serious problem in iOS 14 that allows apps to secretly access the clipboard on users’ devices
    • TikTok is one of several apps caught snooping on the clipboard
    • If TikTok is active on your phone it can read anything and everything you copy on another Apple device: Passwords, work documents, sensitive emails, financial information, etc. through the Apple universal clipboard functionality
    • Back in April, they said the problem is related to the use of an outdated Google advertising SDK that was being replaced
    • TikTok didn’t stop this practice as they promised and now they have changed their story
    • TikTok now claims the issue is “triggered by a feature designed to identify repetitive, spammy behavior,” and says they have “already submitted an updated version of the app to the App Store removing the anti-spam feature to eliminate any potential confusion.”
    • Currently it is not known if this an issue for Android users
    • Users will be warned whenever an app reads the last thing copied to the clipboard in iOS 14 which is due in the fall
    • The best bet is to delete TikTok, but if you use it, remember that it is actively reading your clipboard and keep that in mind
    • All iPhone users should update to the latest version of TikTok as soon as it’s released