BLOG: NEWS AND INFORMATION

This section provides news articles and information regarding LeverettNet, Internet Security, TV streaming, and other topics selected by the LMLP to inform subscribers and other interested parties.
Scroll to see posted items in chronological order, or use the Archive and Category links [in sidebar at right or at bottom in mobile device].
Featured post

Cyber Security Awareness Newsletter

OUCH! is the world’s leading, free security awareness newsletter designed for the common computer user. Published every month and in multiple languages, each edition is carefully researched and developed by the SANS Securing The Human team, SANS instructor subject matter experts and team members of the community. Each issue focuses on and explains a specific topic and actionable steps people can take to protect themselves, their family and their organization. OUCH! is distributed under the Creative Commons BY-NC-ND 4.0 license. You are free to distribute OUCH! within your organization or to your customers as part of your security awareness program, or share OUCH! with your family, friends and coworkers. The only limitation is you cannot modify nor sell OUCH!.

Click the link below to see the current Cyber Security Awareness Newsletter and Newsletter Archive. 

Source: Cyber Security Awareness Training and Programs | SANS Securing the Human

Russian hacker warning: How to protect yourself from network attacks | ZDNet

…with home users and small businesses said to be vulnerable to these exploits, there are concerns that these individuals and organisations will remain vulnerable to attacks because the users don’t understand how to secure the devices.Even the NCSC advisory says the very reason attackers select these devices is they’re known to be vulnerable and are often not patched.”Network devices are often easy targets. Once installed, many network devices are not maintained at the same security level as other general-purpose desktops and servers,” said the advisory.It added how few of these devices run antivirus or security tools and that “manufacturers build and distribute these network devices with exploitable services, which are enabled for ease of installation, operation, and maintenance”.The report urges manufacturers not to design products to support legacy or unencrypted protocols and to design the devices so that users are required to change the default passwords before using the device.

Source: Russian hacker warning: How to protect yourself from network attacks | ZDNet

The dots do matter: how to scam a Gmail user

Gmail users Beware! Look carefully at the TO address [not just the FROM address] when you get a suspicious email!

I recently received an email from Netflix which nearly caused me to add my card details to someone else’s Netflix account. Here I show that this is a new kind of phishing scam which is enabled by an obscure feature of Gmail called “the dots don’t matter”. I then argue that the dots do matter, and that this Gmail feature is in fact a misfeature.

Source: The dots do matter: how to scam a Gmail user