The document provides tips for securing your digital footprint and privacy online. It discusses securing social media accounts, using strong and unique passwords, deleting personal information from search engines, enabling two-factor authentication, using secure browsers and VPNs, being wary of sharing personal information publicly, and understanding the risks of a large digital shadow and footprint online. It also covers tips for securing mobile devices, IoT devices, and protecting privacy when traveling across borders.
The Internet is a fun place to be, but it is full of dangers too.This presentation helps you understand:
a. Types of Threats on the Internet
b. The Dos of Internet Security
c. The Don'ts of Internet Security
Quick overview of tips for maintain home computer, home network, cell phone and social media security. References to articles are included that provide more detail.
Border crossing mobile social media life-saving security tipsErnest Staats
This practical talk focused on steps one can take which could save them or someone else while traveling internationally or even around town. The focus was on the information that is “leaked” by mobile devices and social media, along with some of the most-overlooked steps that could lower risk.
An Introduction To IT Security And Privacy In LibrariesBlake Carver
An hour long presentation I gave for LYRASIS. It introduces many topics in security and privacy on the internet and computers and any other type of device with an ip address. IOT Internet of things, browsers, portable devices and more. In this hour I focused on things to train in libraries, security awareness training and other things relevant to people in libraries. Librarians and anyone else in a library
The Internet is a fun place to be, but it is full of dangers too.This presentation helps you understand:
a. Types of Threats on the Internet
b. The Dos of Internet Security
c. The Don'ts of Internet Security
Quick overview of tips for maintain home computer, home network, cell phone and social media security. References to articles are included that provide more detail.
Border crossing mobile social media life-saving security tipsErnest Staats
This practical talk focused on steps one can take which could save them or someone else while traveling internationally or even around town. The focus was on the information that is “leaked” by mobile devices and social media, along with some of the most-overlooked steps that could lower risk.
An Introduction To IT Security And Privacy In LibrariesBlake Carver
An hour long presentation I gave for LYRASIS. It introduces many topics in security and privacy on the internet and computers and any other type of device with an ip address. IOT Internet of things, browsers, portable devices and more. In this hour I focused on things to train in libraries, security awareness training and other things relevant to people in libraries. Librarians and anyone else in a library
An Introduction To IT Security And Privacy In Libraries & AnywhereBlake Carver
An hour long presentation I gave for LYRASIS. It introduces many topics in security and privacy on the internet and computers and any other type of device with an ip address. IOT Internet of things, browsers, portable devices and more. In this hour I focused on things to train in libraries, security awareness training and other things relevant to people in libraries. Librarians and anyone else in a library. There's a focus on practical ways to secure yourself, browsers and other things. Also some dicussion on privacy
An Introduction To IT Security And Privacy - Servers And MoreBlake Carver
An hour long presentation I gave for LYRASIS. It introduces many topics in security and privacy on the internet and computers and any other type of device with an ip address. IOT Internet of things, browsers, portable devices and more. In this hour I focused on servers and review the previous 3 weeks. Librarians and anyone else in a library
Learn about basic cybersecurity tips for protecting your computes, accounts and personal information. Topics include passwords and authentication, proactive defense against unwanted software and how to keep your devices current with security updates.
Implementing security for your library | PLAN Tech Day ConferenceBrian Pichman
When we talk about security for your library, we should understand some of the tools people may use to harm your network and infrastructure. In this session, learn how hackers may hack and ways to protect yourself. IT security is more than just a buzzword; it’s a necessity to understand and implement the correct measures to keep you, your library, and your patrons safe.
this is a short awareness talk in one of OWASP MEETUP sessions in University Kuala Lumpur, Malaysia, discussing about Android application penetration testing and how to discover potential vulnerabilities
Short presentation I did at BrainTank 2012 in Providence RI. The focus was on issues surrounding wireless security at the small business level and how there is not enough being done to address it.
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...Tom Eston
Breaking in is easy, real security is hard. Breaching the security of a Casino doesn't have to be as dramatic or dangerous as depicted in the Ocean's Eleven movies. In fact, by simply sitting in a hotel room of a Casino, hackers can find ways to breach the high security that Casino's have been known for. This type of attack has a simple goal: steal the Casino's money and cheat the system. All of this can be done without anyone seeing you and is much easier then walking directly into the Casino vault armed with guns and explosives.
In this presentation Tom Eston from SecureState walks us through some of the more interesting and exciting penetration tests his team have conducted. These include breaking into Casinos, Banks, Energy companies and other high security facilities (with permission of course). Tom's stories not only show how attackers break in but also show important lessons on how businesses can better secure their physical as well as network assets.
Mobile apps are the entry point to your web applications, APIs and web services. But sometimes the developer implements security in the mobile app that can easily be bypassed by a malicious attacker, allowing the attacker to exploit your web applications and steal confidential information. In this presentation I will show you how easy it is to attack a mobile application, intercept the communication and exploit the trust model of mobile apps. I will also give an overview of the OWASP Top 10 Mobile Risks.
Cybersecurity Awareness Training Presentation v2021.08DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to help them better understand ways they can avoid scams, cyber attacks, and become more security aware. This slide deck is based on version 2021.08 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, version 1.0 was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have free and downloadable worksheets referenced in the training. These worksheets provide material that attendees can take back home with them to try out and continue the security conversation. We also have free cybersecurity quizzes that are based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
On our website, we also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Do you want to take this content and present it in your own community or business? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or Google Slides using ‘Make a Copy’. Those downloadable versions from our website also include speaker notes to provide talking points or tips for anyone delivering the content.
https://www.treetopsecurity.com/slides
DEF CON is the world's largest hacker conference, and it's easy to get PWND. Reed Loden leads Information Security at Lookout, and this is his summary of how to stay safe at DEF CON 21.
Cybersecurity Awareness Training Presentation v1.1DallasHaselhorst
This cybersecurity awareness training is meant to be used by organizations and end users to educate them on ways to avoid scams/attacks. This slide deck is based on version 1.1 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, it was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have a free cybersecurity quiz that is based directly off of this material so anyone can test their awareness knowledge. We also have a downloadable 'certificate of completion' for this training; this allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
We also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Want to take this content and present it in your own community? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or using ‘Make a Copy’ in Google Slides.
https://www.treetopsecurity.com/slides
This presentation is primarily for small businesses interested in having their employees work from home. It provides do's and don'ts as well as short-term and long-term goals business leadership should strongly consider to better protect business data/systems. This presentation also provides home users tips they can use to help secure their home environment such as seeing what's on their network. Our team originally presented this material on a Zoom webinar on April 23rd, 2020 in conjunction with multiple business organizations. The version below is a recorded, webinar presentation without audience questions throughout.
Video presentation
https://www.treetopsecurity.com/7-cybersecurity-sins-when-working-from-home
Need help securing your business data? Please keep TreeTop Security and the Peak platform in mind for a better approach to small business cybersecurity.
A look at the methodology and techniques or hackers, cyber criminals and state sponsored attackers. Explores the kill chain, Geo political instability and the dark web.
Ever wonder, "how can I make my home internet more secure" or "how can I make sure my kids are safely browsing the internet"? Join this cat meme filled presentation on how to secure your home's internet; everything from securing your wireless network to tools that you can use to help keep you and your family safe while surfing the web.
We are surrounding with technology. The more we surround and integrate with technology the more we will be in risk our privacy data/online/internet/cyber. Not only you are in risk, your family and friend alos in risk. If we think I am not important person then that would be your great mistake. You are important to someone in somewhere in this world.
Mind it your daily life is watched by someone. So be conscious… remember Prevention is Better than cure.
An Introduction To IT Security And Privacy In Libraries & AnywhereBlake Carver
An hour long presentation I gave for LYRASIS. It introduces many topics in security and privacy on the internet and computers and any other type of device with an ip address. IOT Internet of things, browsers, portable devices and more. In this hour I focused on things to train in libraries, security awareness training and other things relevant to people in libraries. Librarians and anyone else in a library. There's a focus on practical ways to secure yourself, browsers and other things. Also some dicussion on privacy
An Introduction To IT Security And Privacy - Servers And MoreBlake Carver
An hour long presentation I gave for LYRASIS. It introduces many topics in security and privacy on the internet and computers and any other type of device with an ip address. IOT Internet of things, browsers, portable devices and more. In this hour I focused on servers and review the previous 3 weeks. Librarians and anyone else in a library
Learn about basic cybersecurity tips for protecting your computes, accounts and personal information. Topics include passwords and authentication, proactive defense against unwanted software and how to keep your devices current with security updates.
Implementing security for your library | PLAN Tech Day ConferenceBrian Pichman
When we talk about security for your library, we should understand some of the tools people may use to harm your network and infrastructure. In this session, learn how hackers may hack and ways to protect yourself. IT security is more than just a buzzword; it’s a necessity to understand and implement the correct measures to keep you, your library, and your patrons safe.
this is a short awareness talk in one of OWASP MEETUP sessions in University Kuala Lumpur, Malaysia, discussing about Android application penetration testing and how to discover potential vulnerabilities
Short presentation I did at BrainTank 2012 in Providence RI. The focus was on issues surrounding wireless security at the small business level and how there is not enough being done to address it.
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...Tom Eston
Breaking in is easy, real security is hard. Breaching the security of a Casino doesn't have to be as dramatic or dangerous as depicted in the Ocean's Eleven movies. In fact, by simply sitting in a hotel room of a Casino, hackers can find ways to breach the high security that Casino's have been known for. This type of attack has a simple goal: steal the Casino's money and cheat the system. All of this can be done without anyone seeing you and is much easier then walking directly into the Casino vault armed with guns and explosives.
In this presentation Tom Eston from SecureState walks us through some of the more interesting and exciting penetration tests his team have conducted. These include breaking into Casinos, Banks, Energy companies and other high security facilities (with permission of course). Tom's stories not only show how attackers break in but also show important lessons on how businesses can better secure their physical as well as network assets.
Mobile apps are the entry point to your web applications, APIs and web services. But sometimes the developer implements security in the mobile app that can easily be bypassed by a malicious attacker, allowing the attacker to exploit your web applications and steal confidential information. In this presentation I will show you how easy it is to attack a mobile application, intercept the communication and exploit the trust model of mobile apps. I will also give an overview of the OWASP Top 10 Mobile Risks.
Cybersecurity Awareness Training Presentation v2021.08DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to help them better understand ways they can avoid scams, cyber attacks, and become more security aware. This slide deck is based on version 2021.08 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, version 1.0 was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have free and downloadable worksheets referenced in the training. These worksheets provide material that attendees can take back home with them to try out and continue the security conversation. We also have free cybersecurity quizzes that are based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
On our website, we also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Do you want to take this content and present it in your own community or business? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or Google Slides using ‘Make a Copy’. Those downloadable versions from our website also include speaker notes to provide talking points or tips for anyone delivering the content.
https://www.treetopsecurity.com/slides
DEF CON is the world's largest hacker conference, and it's easy to get PWND. Reed Loden leads Information Security at Lookout, and this is his summary of how to stay safe at DEF CON 21.
Cybersecurity Awareness Training Presentation v1.1DallasHaselhorst
This cybersecurity awareness training is meant to be used by organizations and end users to educate them on ways to avoid scams/attacks. This slide deck is based on version 1.1 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, it was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have a free cybersecurity quiz that is based directly off of this material so anyone can test their awareness knowledge. We also have a downloadable 'certificate of completion' for this training; this allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
We also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Want to take this content and present it in your own community? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or using ‘Make a Copy’ in Google Slides.
https://www.treetopsecurity.com/slides
This presentation is primarily for small businesses interested in having their employees work from home. It provides do's and don'ts as well as short-term and long-term goals business leadership should strongly consider to better protect business data/systems. This presentation also provides home users tips they can use to help secure their home environment such as seeing what's on their network. Our team originally presented this material on a Zoom webinar on April 23rd, 2020 in conjunction with multiple business organizations. The version below is a recorded, webinar presentation without audience questions throughout.
Video presentation
https://www.treetopsecurity.com/7-cybersecurity-sins-when-working-from-home
Need help securing your business data? Please keep TreeTop Security and the Peak platform in mind for a better approach to small business cybersecurity.
A look at the methodology and techniques or hackers, cyber criminals and state sponsored attackers. Explores the kill chain, Geo political instability and the dark web.
Ever wonder, "how can I make my home internet more secure" or "how can I make sure my kids are safely browsing the internet"? Join this cat meme filled presentation on how to secure your home's internet; everything from securing your wireless network to tools that you can use to help keep you and your family safe while surfing the web.
We are surrounding with technology. The more we surround and integrate with technology the more we will be in risk our privacy data/online/internet/cyber. Not only you are in risk, your family and friend alos in risk. If we think I am not important person then that would be your great mistake. You are important to someone in somewhere in this world.
Mind it your daily life is watched by someone. So be conscious… remember Prevention is Better than cure.
This month, Community IT presents basic IT security training for end users. Learn about common threats and the best techniques for dealing with them. This webinar is intended for a broad audience of both technical and non-technical staff.
What's in your personal threat model? What assets are you trying to protect? Learn how to improve your personal security and privacy online through best practices and security tips. This talk is for everyone, whether your a seasoned security professional or complete novice hopefully you will take away a few areas where you can better protect your personal information.
Video Link: https://www.youtube.com/watch?v=PIwvxSZj5e8
How paranoid should you really be about online security safety? Read Security Engineer Geoff Vaughan's advice on security best practices for regular users.
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
Our security practices need to evolve in order to address the new challenges propped up by the rapid adoption of technologies and products to enable the world to WFH. The mantra of the attacker remains consistent -- attack that which yields maximum result -- and that is usually something used by a very very large number of users. This webinar will discuss the Top 10 Security Gaps that CISOs should be aware of as they brace for long WFH periods.
What will you learn :
-New Attack techniques hackers are using targeting WFH
-How to handle decentralisation of IT and technology decisions?
-Application risks as enterprises pivot to online/new business model(s)
-New risks in the Cloud and due to Shadow IT
-Security risks due to uninformed employees & their home infrastructure
-How to handle Misconfigurations & Third party risks
-How to build a robust breach response and recovery program?
Full video - https://youtu.be/bQLfnmhDnQs
As if running a business isn't hard enough!
AVG (AU/NZ)'s Security Advisor, Michael McKinnon, presents 10 simple tips to secure your business from online threats.
Cyber Security Awareness Training by Win-ProRonald Soh
Businesses are becoming more vulnerable to Cyber Security Threats.Especially, Small and Medium Businesses (SMB) that may not have the huge budget to spend more security to protect their business. This cyber security presentation will help to understand and help SMB mitigate risks by making some changes in their business.
IT Staff NDA Template Employee Confidentiality AgreementErnest Staats
This is a sample IT Staff NDA or "Employee Confidentiality Agreement" It has more power to educate staff on what they should or should not do with their power & Access.
How do we separate hype from useful information in Cyber Security? As Congress is debating a National privacy law, and several states have privacy and breach reporting laws, how will that impact our workload? Privacy starts with good cyber-hygiene. We will look at how we can leverage the focus on Privacy to address standards for:
Firewall and network Configs,
Cloud security
Protocols and ports that need attention
Authentication best practices
Server and network rights
Password rules
What does the current research say about the positive and negative influence of emerging technologies on our ministries, our families, and ourselves? It's imperative we comprehend how media impacts our mental and spiritual health. Technology is changing our lives, how we relate to and understand each other.
How to use technology in ministry & parentingErnest Staats
Engaging with technology beyond the level of experience. We need to understand how technology is changing us so we can ensure we are modeling wise habits. There are some good ways we can use technology to understand and shape its use. Suggestions will be given for what we can start doing today that will make positive impacts on our lives and ministries.
How do we separate hype from useful information in Cyber Security? As Congress is debating a National privacy law, and several states have their own privacy and breach reporting laws including Georgia, how will that impact our workload? Privacy starts with good cyber-hygiene. We will look at how we can leverage the focus on Privacy to address standards for:
Firewall and network setups
Cloud security
Protocols and ports that need attention
Authentication best practices
Server and network rights
Password rules
Idwg bimonthly security exchange cyber only sectionErnest Staats
Had a great time sharing with OSAC today on Cyber Security trends, We went over some practical steps organizations, and their staff can take to secure their information and privacy better.
Why security is the kidney not the tail of the dog v3Ernest Staats
Security is sometimes thought of being the tail that wags the Dog. A better analogy is that Cyber Security should be the Kidneys of the organization taking out the waste while allowing the useful information to pass.
FBI & Secret Service- Business Email Compromise WorkshopErnest Staats
Compiled some Open source and other tools that I that I have used for BEC/EAC protection, security, & training. I had a great time sitting on the panel with other members.
Many ways to support street children.pptxSERUDS INDIA
By raising awareness, providing support, advocating for change, and offering assistance to children in need, individuals can play a crucial role in improving the lives of street children and helping them realize their full potential
Donate Us
https://serudsindia.org/how-individuals-can-support-street-children-in-india/
#donatefororphan, #donateforhomelesschildren, #childeducation, #ngochildeducation, #donateforeducation, #donationforchildeducation, #sponsorforpoorchild, #sponsororphanage #sponsororphanchild, #donation, #education, #charity, #educationforchild, #seruds, #kurnool, #joyhome
Russian anarchist and anti-war movement in the third year of full-scale warAntti Rautiainen
Anarchist group ANA Regensburg hosted my online-presentation on 16th of May 2024, in which I discussed tactics of anti-war activism in Russia, and reasons why the anti-war movement has not been able to make an impact to change the course of events yet. Cases of anarchists repressed for anti-war activities are presented, as well as strategies of support for political prisoners, and modest successes in supporting their struggles.
Thumbnail picture is by MediaZona, you may read their report on anti-war arson attacks in Russia here: https://en.zona.media/article/2022/10/13/burn-map
Links:
Autonomous Action
http://Avtonom.org
Anarchist Black Cross Moscow
http://Avtonom.org/abc
Solidarity Zone
https://t.me/solidarity_zone
Memorial
https://memopzk.org/, https://t.me/pzk_memorial
OVD-Info
https://en.ovdinfo.org/antiwar-ovd-info-guide
RosUznik
https://rosuznik.org/
Uznik Online
http://uznikonline.tilda.ws/
Russian Reader
https://therussianreader.com/
ABC Irkutsk
https://abc38.noblogs.org/
Send mail to prisoners from abroad:
http://Prisonmail.online
YouTube: https://youtu.be/c5nSOdU48O8
Spotify: https://podcasters.spotify.com/pod/show/libertarianlifecoach/episodes/Russian-anarchist-and-anti-war-movement-in-the-third-year-of-full-scale-war-e2k8ai4
Presentation by Jared Jageler, David Adler, Noelia Duchovny, and Evan Herrnstadt, analysts in CBO’s Microeconomic Studies and Health Analysis Divisions, at the Association of Environmental and Resource Economists Summer Conference.
A process server is a authorized person for delivering legal documents, such as summons, complaints, subpoenas, and other court papers, to peoples involved in legal proceedings.
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
ZGB - The Role of Generative AI in Government transformation.pdfSaeed Al Dhaheri
This keynote was presented during the the 7th edition of the UAE Hackathon 2024. It highlights the role of AI and Generative AI in addressing government transformation to achieve zero government bureaucracy
1. Securing Your Digital Shadow
Ernest Staats
MS Information Assurance, CISSP, CEH, CWNA,
Security+, MCSE, CNA, I-Net+, Network+, Server+, A+
2. Security Tips
• Don't sign up using anothersocialnetworkingaccount
• Lock down those socialnetworkprivacy settings
• Think before you post
• Lie. About. Everything
3. More Security Tips
• Usea passwordmanager andtwo-factor authentication
• Disposableemail DoNotTrackMe, and Yahoodisposable
emails MeltMail
• Usesecure browser suchasFirefox withlistedaddons
• Create personal andprofessional personas
• Delete yourInformationon Google
• Google ads
https://www.google.com/settings/u/0/ads/authenticated
• Privacyhttps://myaccount.google.com/
4. Identity Protection Tips
• Ask questions before you share it
• Lock it up
• Shred it before you put intrash
• Password protect it
• Freeze Credit (for allfamilymembers)
• Checkall familymembers digital foot print
• Set Google Alerts for family
• https://www.google.com/alerts#
5. Understand Risk
Mobile + IoT + Digital Shadow = Digital Monster
• IoT Scanner https://iotscanner.bullguard.com/
• IoT Search - Shodan https://www.shodan.io/explore
6. Protect Personal & Work Data
• Use and maintain anti-virus software and
a firewall
• Regularly scan your computer for
spyware
• Keep software up to date
• Evaluate your software's settings
• Remove unused software programs/Apps
• Consider creating separate user accounts
• Use passwords and encrypt sensitive files
• Dispose of sensitive information properly
7. Protecting Your Privacy
• Do business with credible companies
• Do not use primary email in online
submissions
• Avoid submitting credit card
information online
• Devote one credit card to online
purchases
8. Safe Social Networking
• Lie
• Limit personal information you post
• Internet is a public resource
• Be skeptical
• Evaluate your settings
• Be wary of third-party applications
• Use strong passwords
9. Avoid Identity Theft
• Do business with reputable companies
• Check privacy policies
• Be careful what information you
publicize
• Use and maintain anti-virus software
and a firewall
• Be aware of your account activity
10. Has your identity been stolen
• Unusual or unexplainable charges on
your bills
• Phone calls or bills for accounts,
products, or services that you do not
have
• Failure to receive regular bills or mail
• New, strange accounts appearing on
your credit report
• Unexpected denial of your credit card
14. IoT Discovery Security
• Check your network from the outside
– https://iotscanner.bullguard.com/
• If found then run https://www.shodan.io/
• Download and Run RIoT
– https://www.beyondtrust.com/free-iot-
vulnerability-scanner/
15. IoT Protection
• Monthly check IoT & router's firmware
• Change administration passwords
• Change your Wi-Fi network name
• Select WPA2 encryption for Wi-Fi
• Stick a cut-off headset plug in laptop's
microphone
• Put Cover on Cam
• Research smart-home devices
16. Check your System Firewall
• Checkpoints free FW Verification
• Ransomware
• Identity Theft / Phishing
• Zero Day Vulnerability
• Bot Infection
• Browser Attack
• Anonymizer Usage
• Sensitive Data leakage
http://www.cpcheckme.com/checkme/
17. Digital Shadow
• Nothing to hide
• Don’t care if others know
• Just the internet
– Looking for a job or applying for credit
• One in millions (still easy to find)
• I get discounts (at what cost)
• I am getting something for Free (no)
18. Known Digital Shadows
PeekYou
Give a lot ofInformationfor free just wait andscroll down
http://www.peekyou.com/
Pipl
Search fora person using nameandlocationhttps://pipl.com/
Check Mate
Search fora person using nameandlocation
https://www.instantcheckmate.com
Spokeo
Searches lots ofpublic Records to find informationabout someone
http://www.spokeo.com
US Search
Search fora person using emailnameor user name
http://www.ussearch.com/
19. Unknown Digital Shadows
Pandora
What do theylisten to and who is following them http://www.pandora.com/
Twitter
See what they post online https://twitter.com/
Amazon
What aretheir likes wishes and look at comments http://www.amazon.com/
Facebook
Pay attention tofamily connections posting GPS
https://www.facebook.com/
Linkedin
What arethey posting https://www.linkedin.com/
20. Browser Trackers
• Visible Trackers:
– Google's red
– G+ button
– Facebook's "like”
– Twitter's little blue bird .
21. Digital Hygiene
• Keep an eye on your bank accounts - Click here
to learn how to set up two-factor authentication.
• Investigate your email address - Have I Been
Pwned
• Change your password - Read this article to help
you create hack-proof passwords.
• Close unused accounts - Here's an easy way to
manage all of your online accounts at once.
• Beware of phishing scams - Take our phishing
IQ test to see if you can spot a fake email.
• Manage passwords - LastPass or KeePass
22. Remove WiFi Networks
• iPhone or Ipad:
Settings → General → Reset → Reset
Network Settings.
• On Android phones and your computer
you can see the wifi networks you've
connected to before, and delete them
individually.
23. Understand Your Shadow
• Logout & clear browser of all settings
• Search your Name, place of work, school,
use google and DuckDuckGo
• Sign into Google
– https://google.com/history
– https://google.com/takeout
• Sign into Twitter
– request your advertiser list
– see your own interests
• About the Data What is stored
– https://aboutthedata.com/portal/registration/step1
25. Browser Fingerprinting
• Use Electronic Frontier Foundation
Panopticlick tool
– "Test Me”
• Sticky Trackers
– "stick" in your
browser - instead of disappearing when you
leave a website
26. Clean your Shadow
• Clean Web Browser
– Use Ccleaner
• DEMO
• Delete Apps you don’t use
• Turn Off location settings
– Demo
• Use VPN
• Like Random things
• Delete mobile Number/ school/ work online
• Check App permissions
• Backup photos
• Use Password Manager
27. Basic Privacy Settings
• Facebook go to settings Privacy
– Turn off location
– Select Friends for post, phone, email address
– No to search engines outside of Facebook
• Twitter profile picture>Settings>Security
– Photo tagging do not allow
– Protect my tweets
– Uncheck add location to tweets
– Uncheck let others find me by my email
28. Metadata
• The most common types of metadata are:
– Software Version
– File share / servers
– Phone numbers, emails and usernames
– Location data: where your mobile phone is
– Date- and time-stamps on phone calls,
emails, files, and photos.
– Information about the device you are using
– The subject lines of your emails
• Covered in NY DFS Security Regulation “nonpublic information”
29. Scrubbing Meta Data
Discover Meta Data on websites
FOCA https://www.elevenpaths.com/labstools/foca/index.htm
Software
Jpg andPNGmetadatastriperhttp://www.steelbytes.com/?mid=30
BatchPurifierLITE
http://www.digitalconfidence.com/downloads.html
DocScrubber
http://www.javacoolsoftware.com/dsdownload.html
See MetaData in photos
http://regex.info/exif.cgi
31. Protect Mobile
• Keep all applications and system patched and
updated
• Use 5 digit Pin to lock device (at least)
• Don't install 'off-road' Android apps
• Don't jailbreak/root your mobile
• Install antivirus
• Enable two-factor authentication on every account
• Remove apps you don't use
• Use a password manager
• Cover WebCam / headphone-Mic Jack
• Turn Off WiFI – BlueTooth (when not using)
32. How Many APPS?
• The Number of Apps on your Device
impacts your security exposure:
– 0-19 Low
– 20-39 Moderate
– 40-59 High
– 60+ Very High
• What does the App do for you… at what
cost?
37. Before Crossing The Border
• Register with Smart Traveler Enrollment Program
https://step.state.gov/step/
• First Backup Device and settings
• Establish a VPN account i.e. https://www.privateinternetaccess.com
• Make sure it is Encrypted Mobile, Laptop, & USB drive
• Factory Reset / reimage
– Configure VPN you established before
• Encrypt mobile
• Strong passcode six digit at least (No Fingerprint)
38. More - Before Crossing The Border
• Use a Secure phone - Silent Circle Phone
“Blackphone” https://goo.gl/WnXfOa
• Turn Off WiFi and Bluetooth
– Forget/ Remove all Wireless and Bluetooth networks (all the time)
• Disable Location tracking and history
https://maps.google.com/locationhistory/b/0
• Delete all History before stepping off plane
• Turn off all location and tracking information
• Setup a Temp email i.e. PBJapple@gmail.com Forward email if
needed