Your computer might be more impressive than you think. In a recent test, Russian physicists have discovered that a home computer has what it takes to go against a supercomputer. In fact, it is more effective at certain tasks than a supercomputer. Find out how your machine can outperform a high-level computer in complex calculations.
Home Computer Performance
The test was performed by physicists at the Lomonosov Moscow State University. They wanted to see how well a consumer-level machine holds against a supercomputer. A supercomputer is a computer that has high-level computational capacity. This gives it the ability to perform weather forecasting, code breaking, simulations, and many other complex equations.
Researchers used a Nvidia GPU in order to perform the equations. These equations calculated how multiple quantum particles interact with each other. The researchers used multiple programs, along with the GPU, to calculate a numerous amount of data.
The Nvidia GPU excelled at the task. It even outperformed the supercomputer. Researcher begin to think differently about how they process data.
According to the team leader Vladimir Kukulin, “The program computes 260 million complex double integrals on a desktop computer within three seconds. No comparison with supercomputers! My colleague from the University of Bochum in Germany carried out the calculations using one of the largest supercomputers in Germany with the famous blue gene architecture, which is actually very expensive. And what took his group two or three days we do in 15 minutes without spending a dime.”
This test proves that a home computer is cheaper and more effective. It also changes who has access to this technology. Many groups do not have the resources to use one. Now, they can perform complex task, such as quantum mechanics and nuclear physics, on their own. Now that more people have access, eventually these test will lead to new discoveries.
A few weeks ago, close to 500 million Yahoo email accounts were stolen. The amount of private data and information stolen culminates in the largest data breach in history. If you have a Yahoo account, we suggest that you immediately change your password. Our email security tips will keep you safe.
Email Security Tips
Create Complex Passwords – Even though computer experts urge people to create secure, complex, and creative passwords, some individuals do not listen. You’ll find many people with passwords like 12345 or password as their form of security. In fact, last year, passwords didn’t get any better. Create a password that utilizes capital letters, special characters, and numbers. This makes it harder for hackers to guess your password.
Change Your Security Information Frequently – Passwords and security questions are two most important forms of email security you can have. That is why it is important to change your password at least every 6 months. This is a great counter measure against security breaches, very much like the one that happen to Yahoo. This prevent hackers from obtaining the latest passwords and security access.
Delete and Block Unknown Senders – Your email’s security features should catch any incoming junk mail. However, some messages from unknown senders can still end up in your inbox. You should delete and block messages from people you do not trust. Avoid clicking on any links. This can lead you to malicious sites.
Never Give Your Personal Information Away – We all have several passwords for our social media, shopping, and business accounts. One thing you should remember is that these accounts will never ask you for your password. Many hackers will attempt to impersonate a company in what is called a phishing scam. Call the company directly and find out if the email address is from them.
Curiosity can be a fascinating thing. It can lead us to the answers we are looking for, however, it can also get us into trouble. This is especially true when it comes to navigating the internet. Dangerous links can make our computers vulnerable to malware and other security threats. While this notion might seem obvious, people are more likely to let curiosity get the better of them and click on something they shouldn’t.
Watch Out for Unknown Senders
How can you avoid dangerous links? The first step is to know who the link comes from. If you receive an email or Facebook message from an unknown sender, you should delete. Links embedded into the message can lead you to a malicious website, which in turn can potentially infect your computer.
Unfortunately, not everyone will follow this advice. In a recent study at Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU), researchers found that one in two users were more than likely to click on a link from someone they did not know.
Why People Click on Dangerous Links
Prior to this experimental study, which tested around 1700 FAU students, researchers asked students if they were aware of the risks of unknown links. According to Dr. Zinaida Benenson, lead author and Computer Science at the FAU, “The overall results surprised us as 78 percent of participants stated in the questionnaire that they were aware of the risks of unknown links.”
Over 56 percent of email recipients, and 38 percent of Facebook message recipients clicked on a link that was addressed to them. Despite their knowledge of how dangerous the link might be, curiosity lead them to click on the link anyway. This is especially true when the users either believed that they knew the sender or the contents of the email related to them in some way.
It’s important for users to be aware that attacks can occurs in this way. When receiving messages, be care to check that the sender’s traditional are correct. Otherwise, do not let curiosity get you into trouble.
That was the question on the table when researchers examined the vulnerabilities of 44 different nations. Let’s take a look at how the U.S.’s cybersecurity fared, which nations were the most secure, and which could face serious trouble from hackers in the future.
Why This Study Is Important
Unfortunately, cyberterrorism is a global scourge. Some nations have a better system in place to defend against attacks, and other nations could stand to learn a thing or two. Plus, it is important to be able to respond quickly and appropriately to a cyber-attack. It’s not just criminals and terrorists who are lurking online. Sometimes a nation hacks another nation. So national defense now includes preparing for online attacks.
How the U.S.’s Cybersecurity Scored
Of the 44 nations in the study, the U.S. was ranked 11th. The 2-year study found that nations, including Denmark, Finland, and Norway, had the best systems and responses in place. Who were in the danger zone for attacks? Three of the worst-defended countries were superpowers China, Russia, and India, all of which boast a nuclear arsenal. Not the nations you want hackers being able to attack easily.
Takeaways from the Study
The researchers examined stats on trojans along with worms and viruses to see which nations were best prepared to handle them. The U.S. did really well in that department. Unfortunately disk cleanup utilities, fake anti-virus programs, and other misleading software exploits seemed to be very prolific.
These hacks are usually based on the user, and not the defenses of the system. Basically, it comes down to the fact that while the U.S. has really good security software in place, user error accounts for how poorly the nation as a whole did in the study. This means education is vital in order to avoid potential hacks.
What This Means for Your Business
Your business’ cybersecurity is probably in line with the results of the study. You may have firewalls in place and keep software up to date, but have your employees been sufficiently trained to detect a scam? This may be the most important thing to consider in your data security.
If you use the Internet, you use OpenSSL. It’s as simple as that. OpenSSL is the most frequently used software package when it comes to online data security. There’s just one problem. It may not be as secure as everyone thinks.
At least that is what researchers have discovered while looking for vulnerabilities in the extremely common security protocol. They referred to the vulnerability as a side channel attack.
What is this type of attack, and what is being done to protect your browser use?
What is a Side Channel Attack?
This type of attack allows a hacker to glean information regarding software through examining the use of a computer system. Some examples include how much of the system’s power is being used during activity or the timing in which the software is used.
Why is this ability to listen in on a computer so dangerous? Researchers were able to use this method to acquire the unique key that identifies who is using the computer. Does this have implications for your internet use?
What OpenSSL Vulnerability Means for Your Security
The fact is that hackers are unlikely to use this method to hack a computer at your home. Unfortunately, the reason for that is simply because there are many easier ways to hack a personal computer.
For businesses, we’ll just have to wait and see what kind of fix the researchers come up with, and hope that this exploit is deemed too time-consuming for most hackers who seem to be opportunists. After all, this type of hack doesn’t seem to be common, and OpenSSL has had this vulnerability for as long as it has been in existence.
While most manufacturers are sticking to their guns about this hack not being possible—but because it was repeated under controlled circumstance by the researchers, this was enough for the OpenSLL developers to start looking for a fix. In the meantime, it’s important to keep an eye out for potential attacks though this type of hack, no matter how unlikely it may be for someone to use it.
When it comes to defending yourself and your company from potential threats, knowledge is power. That’s why we will report on an extremely common type of cyberattack in the most basic terms possible. Knowing what an exploit kit is can help you to be able to defend yourself and your company’s assets.
Defining the Exploit Kit
Basically, this is a collection of different things that can be used to infiltrate a stream of revenue. It would include redirecting browser URLs as well as other exploits. An exploit kit is not generally used to target one particular system or company. It’s simply placed out on the internet, and it constantly searches for places it can go and do what it has been designed to do.
Many types of exploit kits are online today, including common ones like Nuclear, Angler, and RIG. Some of these kits exploit thousands of systems on a daily basis. Often, they are used to deliver ransomware or other exploits designed to cheat businesses and consumers alike out of money.
How the Exploit Kit Infects a System
It’s quite a simple process. These kits are already out there just waiting to find an in. It all starts when a user goes to an infected website. Frequently, it is an advertisement on the site and not the site itself that contains the exploit. This means the user doesn’t have to do anything wrong to start the process other than going to the shady site. The ad redirects the user to a landing page that actually uploads the exploit. However, this often happens in short time-frame, so the user never knows that something is happening until it is too late.
Defending Yourself from Exploit Kits
For a business, defense from exploit kits means restricting the sites that employees can go to on the company network. It also means educating employees. After all, your firewall doesn’t help if an employee takes a business laptop home, and then gets on a malicious site.
Knowing that these kits exist, and training users to avoid shady sites on any device being used for work, are the best ways to keep your company safe from an attack.
Cybersecurity is on the forefront of everyone’s minds. Just ask the Democratic National Committee (DNC) if they wish their email servers had been more secure. In the world of digital data, the hacker can do more damage in a day than almost any weapon. Businesses can be greatly compromised overnight due to hacks. How can you protect your business? Have you ever considered hiring white hat hackers to help?
That’s just what the Department of Defense (DoD) did a few months ago—setting loose 1,400 white hat (no criminal intent) hackers on the Pentagon’s cyber defenses. They were promised rewards for finding security flaws in the system so that the government could close the gaps to future black hat (criminal) hackers.
The white hat hackers filed a total of 1,189 reports on things they discovered. Of these, the government determined that 138 reports qualified as valid security concerns. In total, more than $70,000 was paid out to the hackers as rewards for the legitimate reports. In the end, the program was viewed as a success. The total cost of the program was estimated at about one-seventh (14%) of what a professional contractor would have cost.
This isn’t the only DoD project in place that provides bounties to hackers. Others in the future will allow hackers to search for potential exploits in applications and websites used by the government.
White Hat Hackers: What Does This Mean for Your Business?
The U.S. government may be happy with the results, but this probably isn’t the route you want to go with your business. Why not? What if, while fooling around in your system, a hacker leaves himself a backdoor to get in later? You simply don’t want to take that chance with your livelihood.
The fact is that, for an SMB (small to medium-sized business), a security audit is affordable. So there’s no need to provide a bounty to hackers and let them run wild on your system. A security audit can allow a consulting agency to determine the weak points in your data security, so these can then be secured.
If you want to protect your business, you have to protect your data, which means getting professional assistance.
Threats to your data security come from many different angles. The secret to being able to defend your organization is knowledge. That’s why threat intelligence is becoming an important part of data security. But what types of threat intelligence are there? We’re going to identify three.
1) Preemptive Threat Intelligence:
This type of intelligence involves gathering data on things that could potentially happen in the future. Your IT department or agency should look at trends in cybercrime to determine threat that will exist in the next 1–2 years. This will give your organization time to plan ahead to rebuff such attacks by updating hardware and software as needed. It also gives you the chance to train your staff to avoid risky behavior that could invite an attack.
2) Active Threat Intelligence:
Looking at the data collected by your network logs and other security features will help you determine current behavior that needs to be adjusted. It also allows you to see indicators of attacks that have already occurred so as to adjust your future defenses. Basically, you are auditing your current security to find the gaps that future hackers will use as an in to your system so you can proactively plug those holes accordingly. It can be something as simple as updating software or training a particular team member who needs to be more careful online.
3) Tactical Threat Intelligence:
Know your enemy in order to defend yourself from future threats. This means thinking like a hacker. What does your organization have that is worth stealing? How would you try to get into the system? Is your weak link the lack of a firewall? Perhaps the biggest threat is an unhappy employee who is willing to sell his login credentials to the highest bidder. Once you know which tactics hackers are most likely to employ to steal from you, this provides a starting point for developing a plan of preventative action.
If your organization is employing these three types of threat intelligence, you are not only making it tougher for hackers to attack your company, but you are also setting yourselves up to be able to say “We did everything we could,” if a data breach should occur, and that is important for PR.
What would you say if someone walked up to you and asked for your email password? You would probably immediately say no, even if you knew the person. You may allow only your most intimate associate, such as a mate, to have that information. So how do hackers manipulate people into giving out login credentials on a daily basis? Welcome to the world of social engineering.
Social Engineering: Infiltration Doesn’t Come Cheap
It can be expensive and time consuming for a hacker to develop a way into a secure system. It is far easier to manipulate someone into giving away his credentials. Not easy, just easier.
That’s why psychologists studied 1,208 individuals to learn some of the methods that prove to be effective in getting a person to reveal login information.
One of the methods used in the study was to give the user a reward. After first receiving a piece of chocolate, half of the users were asked for passwords during an interview. Others were asked about the password first, and then given the chocolate when the interview was over (fair is fair).
Over 43% who received the chocolate first were willing to give away login credentials. In fact, almost half of people who were given the chocolate immediately—before being asked the question—gave away their password, while just under 40% caved when the reward was provided early in the interview, and long before the question was asked.
People Cave to the Idea of Reciprocity
When an incentive is provided, many people reciprocate without considering whether the trade is equal. Even the timing of the reward or gift is crucial to how likely a person is to respond. Don’t get us wrong—nearly 1 in 3 people in the control group gave out their credentials without any “gift,”—but a reward increases the likelihood of a positive response. Clearly, the reward does not have to be much.
Knowing this, calls for employee training that encourages your staff members not to trust freebies online, especially if there is something required in return. Employees need to be taught never to share passwords.
While employees often do things such as open email attachments that they shouldn’t, fail to update software and apps, or visit websites that have been compromised, these aren’t the only ways someone can get to your data through your staff. Let’s look at a few more serious data security mistakes your employees should be trained to avoid.
Common Data Security Mistakes
- Password problems – Start with the concept of using passwords that are not secure. Not only should things like 12345 be avoided—and your IT team should make sure passwords like that can’t be used—but “personal-type” passwords should also be avoided. For example, it’s not a huge reach for a hacker to learn personal info about an employee, and then try the person’s birthdate or anniversary as a password. Besides these things, employees should be instructed to effectively protect passwords by never sharing them, even with another employee. Having a list of passwords on a mobile device, or even on a piece of paper under the keyboard, are also terrible ideas.
- Cloud computing – First of all, there’s nothing wrong or not secure about using cloud computing for The problem begins when employees feel they can share private company information through cloud file-sharing services that are not designed for business, and are thus less secure.
- Losing data/devices – Any time that data is removed from the office on a device like a laptop or a phone or even on something like a thumb drive, loss becomes an issue. Something as simple as leaving a smartphone at a restaurant can lead to theft. And once a thief finds private corporate information on the device, what is to stop him from trying to increase his payday by selling the information before selling the device?
It all comes back to proper training. Your employees need to know how to create strong passwords and manage them properly. They need to understand the difference between a secure way to send a file and a way that is inviting trouble. And they need to understand the importance of protecting devices with sensitive information on them, especially if such devices are taken out of the building.