In this episode we talk about managing your passwords and updating technology to stay secure.
BBP : Episode 55 - Have You Updated Today?
Yahoo Email Hack - Now up to 3 Billion accounts, apparently every yahoo account. - announced by the new owner, Verizon
- No credit card information in the breach, but
- Suspect part is that the new intelligence was just recently obtained AFTER the deal closed to buy Yahoo.
Equifax update - there's a good chance the company will have to pay penalties to affected consumers going north of $1B.
- For the record, $1B comes to just over $7 per possible affected user.
Cortana is now rollout out into Skype. You should start seeing it appear in private and group chats to offer assistance for scheduling and other items.
- Will also appear in the Android and iOS versions soon.
- Still not sold on voice systems like Google, Amazon or Siri, but I hope to become more reliant on it when the new Pixel 2 phone arrives
- Microsoft claims 141 million "monthly" users of Cortana. I use it only when I accidentally click the button on my desktop toolbar, so that probably counts at least once a month.
- Siri - 41.4 monthly, 19% daily.
- Google claims 20% of mobile searches are voice searches - couldn't find a published #
- Becoming more popular
- Would love to discuss voice searches and voice control on a future episode, so if you're an "expert" please contact me.
Today's topic - You are Responsible for Updating Your Technology
- In the last month, I've had to do the following:
- Rescued three websites from obvious hacking
- Two were hijacked by an out-of-date Wordpress plugin and dozens of fake blog posts linking to a casino were placed on the sites.
- One was using a password created several years ago and the FTP was compromised, with THOUSANDS (over 50k) web pages were created, uploaded and indexed by google.
- The new index.php page and all the rest were the only ones showing up in Google searches because of the dominance.
- About six months ago I got a call that a Wordpress site built over five years ago had NEVER been updated, and now stopped working.
- That required updating WP, finding out what, if any of the existing plugins would still work with the new WP, and we had to find alternate solutions for outdated, un-updatable, or costly upgrades to certain plugins.
- Two months ago I worked on a computer that was full of malware. The client was still running Windows XP and didn't want to update. Windows XP was abandoned by Microsoft in April 2014, meaning there was no further development on the operating system and it would be exposed as insecure.
- In all cases, there was a massive cleanup, one new install of WP, and a complete forced re-indexing of the website by Google and other search engines.
- Rescued three websites from obvious hacking
ALL of these could have been avoided if the core functions would have been maintained. By following just a few steps, your computer, phones and other devices can stay up to date and minimize the danger of being compromised.
Remember, criminals will most always take the low-hanging fruit, like the computer not updated in over 5 years, the Wordpress site with outdated plugins, or the FTP password that hasn't changed in half a decade.
A word of warning… updates can sometimes fail, and even cause larger issues. BACK UP YOUR DATA before running updates, or just in general. However, the risk of something bad happening during an update is nothing compared to the possible issues that can happen by running an out-of-date system.
- Wordpress and Other Websites
- Back up everything on a regular basis - Always have a way to reset if something bad happens, even if you lose some data.
- Turn on automatic updates for plugins and incremental Wordpress updates.
- Use a service to update multiple sites if needed.
- Turn on notifications for major Wordpress or theme releases, and run them after you back up, update plugins and prepare for possible downtime.
- Also change your FTP and Cpanel passwords on a regular basis, or when someone leaves the organization.
- Windows Computers
- Back up on a regular basis. Services like Dropbox, OneDrive, Google Drive and others offer cheap, or even free secure cloud services that will back up your data.
- Turn on automatic updates in the control panel. This will run in the background, and prompt to reboot when larger updates appear.
- If you can update your operating system to at least Windows 8.2 you will at least be receiving regular security updates. There was a time you could have updated to Windows 10 for free, but you most likely missed that if you're still running an older version.
- Keep your software like browsers, office software and other major applications like Photoshop and others up to date by regularly checking, or selecting auto-updates if prompted.
- Back up on a regular basis (notice a theme here?). Most carriers have this available, but you can keep your music in the cloud, photos backed up to Google Photos for free, contacts saved to Gmail or Gsuite, again for free, and other data can use Dropbox, Carbonite and other services.
- Go into the Play Store or Updates on your mobile device and click Update All on a regular basis.
- Always accept operating system updates when prompted, your device is properly charged or connected to a power source, and you have the necessary allotted time to accomplish the update. Do a full reboot once in a while to clear the device and also to re-engage auto-updates when the phone reaches back out to the carrier or app store.
Updates are an easy way to keep your site and devices secure. Criminals are looking for the easy targets when you're dealing with electronic crime, so stay on top of your systems and update regularly.