Post Archives

Category: How To

How to Overcome the Pitfalls of Using Tor
Posted on by marketheedCategories Blurb, Computer Security, How To, Light Point Web, Security, Web SecurityLeave a comment on How to Overcome the Pitfalls of Using Tor

The idea of surfing the web without leaving a trace using tools like Tor may sound great at first. But for all the benefits that Tor brings to the table, there are still several ways that it falls short.

The Onion Router, commonly known as Tor, provides anonymity by bouncing your web requests off of several relays which will cause slow response times, and in turn lead to a bad user experience. Tor network is also susceptible to common attacks including browser fingerprinting. And using certain browser plug-ins, like Flash, may compromise anonymity while browsing in Tor. Furthermore, anonymity is not always guaranteed, especially if you violate the rules spelled out on the Tor website and/or do not follow the outlined best practices.

In an article posted on The Windows Club, author Pavithra Bhat explores several alternatives to Tor that can protect users’ privacy better than a standard browser, while also allowing them to surf the web at faster speeds. Read the full article here.

In the blog, Pavithra recommends options like I2P, FreeNet, and Disconnect, however, they too come with their own drawbacks, the most significant of which is that they may seriously fall short of protecting the user’s online security. For example, none of those alternatives can fully protect the user against malware, ransomware, zero-day or other web-based threats. Once the user’s machine is compromised, the user’s privacy gets tossed out the window, thus defeating the purpose of using such tools in the first place.

Anonymous web browsing has very real use cases for corporate users and the good news is that there is a solution that can provide corporate users the security they need while maintaining high standards with the browsing experience that users have come to expect.

Remote Browser Isolation offers the best of both worlds – it reliably protects your identity, makes getting to all your users’ favorite web destinations fast and easy, and  guarantees that your corporate network will not be exposed to any web-based threats. It accomplishes this by running a full browser outside of your network in an isolated virtual environment. This keeps any website resources from ever entering your network, which not only hides your identity, but also ensures you are never infected with malicious website content.

While the Tor browser has its place in the world of online privacy, alternatives like Remote Browser Isolation are a simpler, more effective way of protecting a large number of enterprise users, all packaged into a single, easy to manage solution.

 

Learn more about Remote Browser Isolation

How to Balance Employee Freedom With the Needs of Corporate Security
Posted on by Zuly GonzalezCategories Computer Security, How To, Web SecurityLeave a comment on How to Balance Employee Freedom With the Needs of Corporate Security
balancing stones on white background

Today’s employees prefer to use a wide range of web apps in the office in order to get the absolute most out of their workday. For example, they manage their calendar with Google Calendar, check their emails through Office 365, chat with fellow employees using Slack, watch videos over YouTube, have conference calls over Zoom or store and share files using Dropbox.

The idea of allowing employees access to various web applications they need to maximize their productivity may sound like a good one at first, but often this level of freedom can create a host of headaches for a company’s security department. The problem is further exacerbated when security teams have to worry about securing access to such web apps over multiple web browsers for every employee on every device.

Web Browsers Are a Necessary Evil

Gartner estimates that 98% of all external information security attacks happen over the public internet, and 80% of those attacks are carried out through end users’ web browsers. With browsers at the center of so much corporate activity, it’s no surprise that browsers are the most likely place for cyber-attacks to happen.

Oftentimes, to keep things simple, the IT department will block entire categories of websites, including many of the essential sites that employees need to do their job effectively. Contrary to popular belief, no good comes out of being so heavy handed with blocking sites. First, the inability to access sites to do their job leads to employee productivity loss, and second, enterprise networks are still vulnerable since blocking sites doesn’t eliminate the threat of web-based malware that can be introduced through typically “safe” sites. To make matters worse, some organizations even take the extreme measure of blocking internet access altogether, which has obvious productivity concerns.

Then what is the best way to mitigate the threat of browser-based attacks while still providing employees with all the flexibility they need to be productive on a daily basis?

Remote Browser Isolation Provides a Solution

The solution to keeping your network safe while allowing unrestricted access to the web and work flexibility is Remote Browser Isolation. Remote isolated web browsing brings the best of both worlds into one seamless, easy to use solution that lets employees browse the web with complete freedom while also protecting your network from any browser-based threats.

Remote Browser Isolation moves your web browsing activity off the corporate network entirely, and into a remote virtual environment. This means that no web content ever enters the corporate network, so if any infected links or files are encountered, they are unable to cause any damage.

Furthermore, Remote Browser Isolation enables truly anonymous browsing capabilities that protect a user’s identity when browsing the web.

Conclusion

Today, the internet is the go-to source for information, productivity tools, commerce, socialization and business communication. The rapid emergence and use of social media, news sites, web apps and other business sites in the workplace, whether for personal or business use, have made the web browser one of the most likely places for cyber-attacks to happen. Every new website that is allowed into the corporate network potentially introduces a whole new range of attack vectors that security teams need to worry about. Remote Browser Isolation alleviates these security concerns while still allowing employees access to a wide range of websites and web applications in the office in order to get the absolute most out of their workday.

Learn More About Remote Browser Isolation

How to Prevent Web Browser Forensic Data From Falling Into the Wrong Hands
Posted on by Zuly GonzalezCategories How ToLeave a comment on How to Prevent Web Browser Forensic Data From Falling Into the Wrong Hands

There is a wealth of information available online, and web browsers are the primary way we access it. Just as web browsers help us learn about the world, the world (both good and bad actors) can learn a lot about us by looking at our web browsers.

Web browsers store a host of valuable information about a user’s surfing habits and usage patterns. In his recent article, author Barry Shteiman describes the different ways that enterprises can use the data collected by web browsers to help quantify the nature, scale and scope of any potential threat, including insider threats. Read the full article here.

For example, in a post-breach investigation, investigators can collect vital evidence of the user’s activities and motivations to understand if a cyber-crime was committed. Aside from the more obvious pieces of information like web browsing history and autofill options, more specific breadcrumbs left by the user during their sessions like cookies, alternate email logins, and file download histories can be used to more accurately piece together a picture of the ‘person of interest’.

But, in the same way that the good guys (a member of an organization’s own network security team) can use this information to identify an insider threat, it can also be used against them if this data happens to fall into the wrong hands. Web browsing exposes your organization to web-based malware attacks that can allow unfettered access to this data to bad actors who will in turn use it for far more nefarious purposes.

To prevent malware from being delivered from the web to your corporate network via phishing links or other browser-based exploits, consider using security solutions like remote browser isolation. With browser isolation technology, users’ browsing activities are moved to an environment that’s completely separated from their organization’s network. Malware gets trapped in the isolated environment, where it is safely contained and disposed of. This prevents any kind of corporate data, including user’s’ browser data, from being exposed to potential hackers, while allowing users to freely surf the web.

Learn More About Remote Browser Isolation

Securing Your WordPress Site: Top Plugins
Posted on by Beau AdkinsCategories How To, Security, Web Security4 Comments on Securing Your WordPress Site: Top Plugins

WordPress LogoWordPress is huge. It is currently the most popular blogging system in use, and it manages 22% of all new websites. We use it for our site, and I would personally recommend it to anyone thinking of creating a new website.

However, because it is so popular, it becomes a target for hackers. Right now, automated bots are crawling the web looking for WordPress sites to attack. If you take some time to protect yourself, you can greatly reduce your chances of having a problem.

With that, I decided it would be useful to share some of the tips and tricks I have learned to protect our site. There is too much for one blog post, so I will release others over time, but I will start with the most important ones.

So, here are my recommendations for the 4 best WordPress security plugins. All WordPress plugins are easy to install, but some may take some time to configure correctly.

  1. WordPress File Monitor Plus. This plugin is used to alert you anytime a file on your site changes. When a WordPress site gets hacked, what actually happens is the attacker adds one or more files to your site, or they alter one that is already there. A WordPress installation consists of hundreds of files, so it’s very easy to blend in and not be noticed. But with just one file, attackers have the ability to change your site however they want, including attacking your site’s visitors with malware, and eventually getting you banned from Google.

    WordPress File Monitor Plus will regularly check your WordPress installation for new files, deleted files, and changed files. If it finds anything, it will send you an email with details. It is your responsibility to read these emails to see if any changes are unexpected. For example, uploading a new image, or upgrading a plugin will cause an alert. If you see something you can’t explain, investigate it immediately. This plugin will not stop you from being hacked, it will only let you know when you are attacked, and help you clean it up.

    Out of the box, this one is pretty easy to set up. You just tell it how often to scan your files. But most likely, you will want to tell it which files to not scan. For example, if you have a caching plugin, it will cause the File Monitor to tell you things over and over. The best plan is to set it up with no excludes, and when the alerts start coming in, you can identify which directories to not pay attention to anymore. Eventually, it will only tell you about important changes.

  2. Limit Login Attempts. This plugin protects you from automated password guessers. If you install this plugin, it will let you configure how many tries someone gets at logging into your WordPress site before they are locked out for some amount of time. The guess count and lockout time are configurable. If someone guesses incorrectly too many times, you will be sent an email about it, and they will be stopped from trying again for some amount of time.

    So how useful is this? You would be surprised. Once you install this plugin, you will find out that there are automated bots that will find WordPress sites, and try to brute force the password. Without this plugin, they will eventually guess it. Depending on the speed of your server, they could guess hundreds of passwords a second. With this plugin installed, they may get 6 guesses every 2 days.

    This plugin is simple to install and configure. So you have no excuse.

  3. Secure WordPress. This plugin is more of a hardener. It does a lot of little things to make an attackers life harder. While none of these things make it impossible to be hacked, they will make hacking your site harder than hacking someone else’s, and that is usually enough.

  4. TimThumb Vulnerability Scanner. There is a library called TimThumb that people use to dynamically create thumbnail images for websites. It is used by millions of sites. In 2011, a vulnerability was discovered in it that allowed attackers to easily take over any site using it. The vulnerability has been corrected, but sadly old versions are still out there years later. This vulnerability is probably still the most common way WordPress sites get hacked. This plugin will automatically determine if you are using an out of date version of TimThumb, and if so, it will upgrade it for you.

Please let me know if these recommendations helped you, or if you know a WordPress plugin that belongs on this list.

Facebook Supports HTTPS Secure Connection
Posted on by Zuly GonzalezCategories How To, Security, Web Security7 Comments on Facebook Supports HTTPS Secure Connection

HTTPS Secure ConnectionFacebook announced that it will expand its current usage of HTTPS to all Facebook pages.  Until now Facebook had only supported HTTPS on its login page in order to encrypt a user’s password. Now they will give users the option to experience Facebook entirely over HTTPS.

This is a huge step forward for Facebook, who in my opinion, has hugely neglected the privacy and security issues plaguing the social network. My only complaint is that Facebook has decided not to make this a default setting, so users must manually turn the option on (I show you how to do this below). Facebook points out that some features, including many third-party applications, are currently not supported in HTTPS. They are working to resolve those issues, and claim that they plan to offer HTTPS as a default in the future. Let’s hope they keep their word.

What Is HTTPS?

HTTPS is a protocol that allows secure communication with a website by encrypting user data, and prevents eavesdroppers from obtaining your personal information. HTTPS is used by online banking and financial institutions to secure your financial information.

Because there are tools available that allow malicious attackers to obtain unencrypted data being transferred by your web browser, it is especially important to use HTTPS when using an unprotected public Wi-Fi connection, such as those found at Starbucks and airports.

You know you are in an HTTPS session if you see https in the address bar, instead of http. You will also see a yellow lock in your browser window. Internet Explorer displays the lock in the address bar, while Firefox displays the lock in the lower right corner of your browser window. And depending on what browser you use, the address bar may change color when in an HTTPS session.

How to Enable HTTPS

As I mentioned above, Facebook did not enable HTTPS usage by default, so if you want to use HTTPS on Facebook, you must manually set it. Here I show you how to do this. (Please note that this feature will not be available to all 500 million users at once, but will instead be rolled out slowly over the next few weeks.)

I highly encourage you to set HTTPS as your default, especially if you frequently use unsecured public Wi-Fi. If you are relying on remembering to switch over to HTTPS when in public, I can almost guarantee you will forget. It’s best to set it, and forget it. If having HTTPS enabled becomes too annoying for you because you just can’t get enough of FarmVille, then you can always turn it off.

To enable HTTPS, first go to Account Settings. You can find Account Settings in the Account tab drop down menu located in the upper right corner.

Facebook Account Settings

Once in the Account Settings page, go down to Account Security and click on the change link.

Facebook Edit Account Settings

If the HTTPS feature has been rolled out to your account, you will see an option that says “Secure Browsing (https), Browse Facebook on a secure connection (https) whenever possible”. Click on the box next to that option to enable it, and hit save. If you do not see the option for Secure Browsing that means that this feature has not been rolled out to your account yet.

Facebook HTTPS Settings

For more on this, check out this video from Facebook.

And if you’re interested in Facebook security, learn how to remove malicious third party apps from your Facebook account.

Has HTTPS been rolled out to your Facebook account yet? If you’ve tried it out, how has it impacted your Facebook experience? Is it noticeably slower? Are there any games, or other apps, that don’t work?

Guide to Removing Malicious Apps From Your Facebook Account
Posted on by Zuly GonzalezCategories How To, Security, Web Security10 Comments on Guide to Removing Malicious Apps From Your Facebook Account

Let’s kick off this new year right by removing unnecessary third party apps from our social media accounts. (This blog post is a How To guide on removing third party apps from your Facebook account. For a guide on removing apps from your Twitter account, see this blog post.)

My sister informed me that she has given 146 apps permission to access her Facebook account. That is just too many! And I know for a fact that some of those apps have malicious intentions, because my Facebook wall has been spammed by some of them.

I for one, only allow a certain few applications that I trust access to my social accounts. Why? Because for starters, you don’t know what an application was really designed to do. Cyber criminals can create malicious applications designed to steal your personal information, or to take over your account in order to trick your friends into clicking on a malicious link. If you inadvertently give one of these malicious apps permission to access your account, you and your friends risk losing valuable personal information. So unless you trust the source of the application, do not give it access to your social account!

Secondly, although a third party application may be legitimate (and not intent on ruining your life), it may unknowingly contain security holes that open it up to being hacked by cyber criminals. So, the more third party apps you give permission to access your social account, the more vulnerable that account becomes.

Which Applications Should You Remove?

You should have as few third party applications as possible accessing your social accounts. Again, the more apps you have accessing your account, the more vulnerable that account is. You should remove:

  • any application you do not recognize
  • any application you no longer use or need
  • any application that has been identified as malicious or not secure

Examples of such applications include contest or prize apps you have given permission to send out a message on your behalf during a contest. For example, there are many applications designed to send out a tweet to all of your followers alerting them that you have entered a contest. That’s fine to do if you wish to, but once the contest is over, you should revoke that app’s access to your account, because it is no longer needed.

It is also good practice to remove any applications you do not recognize. Usually this means that you either gave an app permission to access your account without realizing it (a sign that the app may be malicious), or you knowingly gave it permission a long time ago, and no longer use it so you forgot about it. If it turns out that you removed an app you actually need, you can always re-allow it to access your social account. It’s better to be safe than sorry.

And of course, if a report comes out that an application you are using is malicious, you should immediately revoke its access. For example, a malicious Facebook app was recently released that spreads virally by posting itself on users’ walls.

How to Remove Apps From Your Facebook Account

To remove third party applications from your Facebook account, follow these 5 easy steps.

Step 1: While logged into your Facebook account, click on Privacy Settings. You can find Privacy Settings by clicking on the Account tab.

Facebook Privacy Settings

Step 2: Go to the bottom of the Privacy Settings page, and click on the Apps and Websites link.

Facebook Privacy Settings Page

Step 3: Click on the Edit Settings button in the Apps you use section.

Facebook App - Edit Settings

Step 4: Once in the Apps You Use Page, you will see a list of all the third party apps you have given permission to access your Facebook account. Look for any apps that you either don’t recognize or no longer have a need for. To revoke an app’s permission, simply click on the x next to the Edit Settings link.

Facebook: Remove App

Step 5: Click on the Remove button to confirm your selection.

Facebook: Confirm App RemovalAt this point the app you selected has been removed. Repeat steps 4 and 5 until you have removed all unwanted apps.

You also have the option to view the permissions each app you have given access to has. You can do this by clicking on the app. For example, the image below shows that the app I have selected only has permission to access my basic information, and send me an email. Some apps, on the other hand, pretty much have the freedom to do as they please on your account. You can use this information to help you determine whether you should revoke an app’s permission.

What a Facebook app has permission to do

If you’d like, watch the Sophos video below, which walks you through the same exact steps I just did.

Do you also have a Twitter account? Learn how to remove third party apps from your Twitter account.

How many Facebook apps have you given permission to access your account? How many apps did you end up removing? Were you surprised with what you found? Share with us in the comments.

How to Remove Third Party Apps From Your Twitter Account
Posted on by Zuly GonzalezCategories How To, Security, Web Security4 Comments on How to Remove Third Party Apps From Your Twitter Account

Let’s start off 2011 right by removing unnecessary third party apps from our social media accounts. (This blog post is a How To guide on removing third party apps from your Twitter account. For a guide on removing apps from your Facebook account, see this blog post.)

My sister informed me that she has given 146 apps permission to access her Facebook account. That is just too many! And I know for a fact that some of those apps have malicious intentions, because my Facebook wall has been spammed by some of them.

I for one, only allow a certain few applications that I trust access to my social accounts. Why? Because for starters, you don’t know what an application was really designed to do. Cyber criminals can create malicious applications designed to steal your personal information, or to take over your account in order to trick your friends into clicking on a malicious link. If you inadvertently give one of these malicious apps permission to access your account, you and your friends risk losing valuable personal information. So unless you trust the source of the application, do not give it access to your social account!

Secondly, although a third party application may be legitimate (and not intent on ruining your life), it may unknowingly contain security holes that open it up to being hacked by cyber criminals. So, the more third party apps you give permission to access your social account, the more vulnerable that account becomes.

Which Applications Should You Remove?

You should have as few third party applications as possible accessing your social accounts. Again, the more apps you have accessing your account, the more vulnerable that account is. You should remove:

  • any application you do not recognize
  • any application you no longer use or need
  • any application that has been identified as malicious or not secure

Examples of such applications include contest or prize apps you have given permission to send out a message on your behalf during a contest. For example, there are many applications designed to send out a tweet to all of your followers alerting them that you have entered a contest. That’s fine to do if you wish to, but once the contest is over, you should revoke that app’s access to your account, because it is no longer needed.

It is also good practice to remove any applications you do not recognize. Usually this means that you either gave an app permission to access your account without realizing it (a sign that the app may be malicious), or you knowingly gave it permission a long time ago, and no longer use it so you forgot about it. If it turns out that you removed an app you actually need, you can always re-allow it to access your social account. It’s better to be safe than sorry.

And of course, if a report comes out that an application you are using is malicious, you should immediately revoke its access. For example, a Trojan horse was recently discovered in repackaged versions of various applications and games in the Android Market.

How to Remove Third Party Apps

To remove third party applications from your Twitter account, follow these 3 easy steps.

Step 1: While logged into Twitter, go to Settings. You can find Settings by clicking the drop down arrow next to your Twitter username.

Twitter Account Settings

Step 2: Once in your Settings page, click on Connections.

Twitter Account Settings - Connections

Step 3: While in the Connections page, you will see a list of all the third party apps you have given permission to access your Twitter account. It will also list the date and time you gave each app permission to access your account, and the permissions given to that app (e.g. read and write access, read-only access). Look through the list for any apps that you don’t recognize, or no longer use. To remove unwanted apps, click on the Revoke Access link associated with that app.

Twitter Revoke Access To Third Party Apps

At this point any permissions you have granted that app have been revoked. You can verify the action did in fact take, if now instead of the link saying “Revoke Access” it says “Undo Revoke Access”. You will also notice that the app’s icon is now grayed out. Once you navigate away from the Connections page you will no longer see the removed app in your list.

Twitter Undo Revoke Access For Third Party Apps

Do you also have a Facebook account? Learn how to remove third party apps from your Facebook account.

What did you find in your Twitter Connections page? Were you surprised with what you found? Share with us in the comments.


Light Point Security
@LightPointSec

Categories
Archives