But where the good things come sometimes the bad ones follow. We talk about the so-called digital risks you willingly take when embarking on another new social media life. A lot of people spend a considerate time living digitally and one day start worrying about what details of reality they expose. Another question — “How does it influence me” — is usually consequential from the first one. And it does influence you not only in a way where social media platforms shape your digital personality but also your online cybersecurity.

Below you will find the five most common mistakes people tend to make on social media. These mistakes are often neglected but those that once made can have unpleasant results for a person.

Accepting friend requests from unknown accounts

You may be the friendliest person in the world, but that is not a good option online. That’s not only about allowing a stranger to view your personal information. In that way, you’re putting at risk other people you befriended on social media. That is especially true if you have a private account, so seeing your info requires your permission. In the case of public accounts, anyone can see what you’re posting and sharing, but even this option some users go with brings other nuances to think about when securing your cyber safety.

Having a private account means aiming at less exposition of your details, plans for the future, et cetera. It is important to be consequent in these attempts to make them as effective as possible. These random people who send you friend requests and seemingly want to just to get to know more people and make some friends can be different kinds of fraudsters like romance scammers, phishers, boxers, etc. You never know their true intentions, and even getting into a conversation with them might lead to more dangerous consequences.

Not checking photos you’ve been tagged on

Have you checked what on those photos that you’ve been tagged on? If you’re not — you better do. You are the one who’s in charge of the content you’re allowed to circulate on the Internet related to your account. Keeping an eye on what others share about it is also an important thing in your cyber well-being. No one wants some embarrassing photos of oneself from a friend’s birthday party to end up online. And sometimes it’s not only your friends to blame for sharing content you’d rather wish to lay in archives. You have to check settings that will allow you to have more control over the content related to your account.

Oversharing

This is a mistake that most people may have made the most. The problem in today’s digital landscape makes life much easier for threat actors but not for ordinary users themselves. Sharing the current workplace, your own, or your relatives’ home location doesn’t positively contribute to securing one’s safety. A well-informed threat actor can hope for a more successful cyber attack with the kinds of information you sometimes provide themselves on one of your social media accounts.

The good practice will be to minimize the info you share on social media accounts. It is especially actual in cases when a social network asks for it, but that is not an obligatory thing. Nevertheless, your coworkers and friends on Facebook most likely won’t need the info about the school you attended, who is your third cousin, or where you lived before. Normally, people on the same social media platform only need a way to somehow identify that this account belongs to you — the person they know or want to befriend.

For this they only need to see your name and a photo showing that it is truly you. If you are quite good at managing your digital footprint and its size, sharing just your name and a photo won’t put you at some enormous cyber security risk but instead you restrict a variety of freely circulated information on your persona for anyone on the internet to use for their purposes.

Don’t also forget about not oversharing your life events on social media platforms you use when you post photos with geolocation, sharing stories in real time tagging places or people you are going to visit or visited, revealing in posts your travel plans, major life plans, etc. Too much is also posting photos that explicitly show your surrounding neighborhood, your workplace, and places you regularly go shopping. Oversharing your life events may lead to serious life-threatening cases like stalking, burglary, physical assaults, etc

Neglecting some security essentials

Some of the important security essentials include enabling two-factor (2FA) or multi-factor authentication (MFA) features, restricting access to the information on your social media account, enabling some of the features that won’t allow completely strange people in any way to interact with your account. You only need several minutes to set these settings, but they will save you a significant amount of time when in the future you may have to deal with a cyber-attack or data breach. On any major social media platform, you can find various tutorials on how to make sure you follow security essentials concerning your safety it and know how to apply them.

Reusing passwords on multiple accounts

A number one rule in cybersecurity hygiene. One password — one account. In case of a compromise of one account, you won’t endanger the other accounts that may have the same password. Of course, it can be hard when trying to manage all the passwords users now can have which can amount sometimes to up to fifty or a hundred passwords. But you can always choose a reliable password manager that will help you to secure your accounts’ access and keep passwords in one place.

The post 5 Security Mistakes You’re Making On Social Media appeared first on Gridinsoft Blog.

This feature allows organizations to improve performance and even serve customers. Organizations that want to protect the transmission of their data and the device through which it happens must understand IoT cybersecurity, as most attacks are aimed at that. According to the calculations of attacks aimed at IoT devices, statistics are growing significantly every year and should consider this situation and how to counteract it. In this article, we will analyze the smallest but most common number of attacks that can cause significant damage to devices and users’ data.

Types of IoT Cyber Security Attacks

1. Physical Attacks

These attacks are propagated intentionally by attackers to discover, modify, steal, destroy, and gain unauthorized access to infrastructure, physical assets, firewall, or equipment. The most common physical attacks can be considered:

• Zero-day attacks: This sub-type of attack targets security vulnerabilities. the vulnerability that the attacker is looking for should be made public, after which the elimination of an attack on such an unknown vulnerability is almost impossible. Therefore, zero-day is considered that the consequences of this attack are sad.
• Eavesdropping attacks: The intruders here are aimed at stealing confidential data through an attack on communication channels that are used only by certain individuals and companies for the exchange of information.
• Data Injection attacks: These attacks are embedded through commands and malicious codes of control systems that are poorly protected.
• Replay attacks: In this case, the attack occurs through an authenticated data packet modified by malicious instructions. Packets are sent to electronic equipment that does not know what is in those packets, namely, a disguised malicious packet under a completely legitimate data packet.

2. Encryption Attacks

An attacker can intercept data, modify, install their algorithms and gain control over your device if the user’s IoT device is not encrypted. In this regard, encryption should not be forgotten, as it is necessary in the IoT environment.

3. DdoS (Denial of Service)

DdoS attacks target system resources, aimed at distributing malware, through the host of the machine, and also at getting a denial of service. In another case, DdoS can shut down the system, that is, intercept a session in order to implement a different type of attack into it. Types of DdoS:

• TCP SYN flood attack: A buffer space is used to propagate this type of attack, through which a large number of connection requests are hacked , half of which creates a target system queue, and because of it a failure in the system.
• Teardrop attack: The failure of this attack is due to such a chain of actions: when the attack starts, there is an offset of Internet protocol fragmentation, the system tries to resist it, but cannot.
• Smurf attack: This type of attack uses IP spoofing and ICMP.
• Ping of death attack: Here the attacker uses IP-packages “ping”. The attacker fragments the IP packet and the target system is unable to assemble the packets because the buffer is full and it fails.

4. Firmware Hijacking

This attack involves the attacker capturing the device, after which the installation of malware on the user’s device. To avoid this, you should always check the firmware updates of IoT to avoid this risk. Firmware is the core, the core of your device, which is common software. Functions can be considered data exchange with software installed on your computer.

5. Botnets

A botnet attack starts remotely with a large number of bots on the IoT device. This happens remotely and under the control of the intruder, who is focused on either disabling the user’s device or transferring or selling the user’s data to a dark network. This attack is a big problem today, as it affects a huge number of devices around the world.

6. Man-in-the-Middle

Here the attacker works between, in the middle. Now we’ll sort out what it means. Now, a hacker intercepts communications between two sources, thereby deceiving one of these recipients to receive a legitimate message. Two users are deceived by the attacker and begin to act blindly, not realizing that the messages that come to them are fake. These messages might look like this: an email indicates that something has happened to your bank account, which is why you should log in to the system to fix the problem, and invites you to go to a fake site where you are already waiting for an attacker to collect your credentials.

7. Ransomware

Ransomware attack is a type of malware that targets you and your data. This happens by blocking your data through encryption. For the user to get the decryption key, the user is asked to pay it, and often not a small amount.

8. Eavesdropping

This attack targets sensitive data by intercepting network traffic and weakening the connection between the server and IoT devices. Then through data interception, digital listening, or analog communication, eavesdropping occurs.

9. Privilege Escalation

An attacker attempts to access resources through IoT device vulnerabilities, often protected by a user profile or an application. But bypassing all the security systems, the hacker is trying to spread malware Po or steal confidential data.

10. Brute Force Password Attack

This type of attack is a rough way to steal confidential user data. This attack occurs through software that can generate many password combinations that the attacker distributes to a certain number of users. Next, all simple accounts protected by a weak password fall under this attack. This allows the attacker to take confidential data, distribute malware, and create everything he needs.

The post 10 Types of Cyber Security Attacks in IoT appeared first on Gridinsoft Blog.