security: Should You Fight or Take a Flight When Being Attacked? - 03/06/18 06:52 AM
I am a big believer that people should run away from an attacker. If a bad guy gets into your home and he often wants to cause you pain, RUN as quickly as you can to the nearest door. If you are in a corner or you have to protect a loved one, you might have to fight him.
Most of us are taught to not hurt other people. We teach our children to have manners and to be kind to others. This is a process known as “civilized conditioning,” and it allows us to live in a civilized society.
However, sometimes violence … (14 comments)

security: What to Do if Accosted on Street and Dragged by a Man - 12/15/14 09:46 PM
The video of Carlesha Freeland-Gaither, 22, being grabbed on a street corner and forced along a sidewalk to her assailant’s car gripped the nation, bringing more attention than ever to how easy it seems for an unarmed man to abduct a woman.

There are things a woman can do to help prevent such a situation, as well as break free and bolt to safety before the assailant can get her into his car.
Sometimes, the abduction seemingly occurs in a microsecond when caught on video. But prior to what we see, there’s been an exchange of communication. Body language accounts … (1 comments)

security: Private Identifiers Not Private - 05/14/14 10:53 PM
Today’s commerce occurs very much online, with products and services ranging from A to Z. Hence, these many online merchants have hundreds of millions of people around the globe registered with them for convenient purchases.

To verify authentication as the true user of these services, the registrant must supply personal data. If cyber criminals get ahold of this data, much of it can be changed by the user after the breach, such as user name, password and even the address they’ve been using.
However, the Social Security Number and date of birth cannot be changed. When cyber crooks get personal … (1 comments)

security: Top Security Techniques That Work For The Masters - 03/17/14 11:25 PM
Banks know security just about better than anyone. Find out what they can teach you about safeguarding your small business.

Security is a journey, not a destination. This is a security industry axiom that means we can strive for security, and by making this effort, we can put ourselves on a path to security. But while we may achieve a relative degree of security, our businesses will never be 100 percent secure—the destination we all strive for. Even Fort Knox, the White House and the New York Stock Exchange are vulnerable.
But that doesn't mean we shouldn't strive to reach … (19 comments)

security: 7 Laptop Security tips for the Traveler - 02/26/14 12:56 AM
Here are nine ways you can add a lot of security to your laptop when traveling.

Bag it. Keep the laptop in a sturdy bag that’s specially designed for laptops. The sleeve should be well-padded and the bag TSA-compliant. The bag should be collapsible and expandable (depending on contents), and easy to wear near your body for extended periods. Don’t part with it. Pretend your laptop is a baby. In public, you wouldn’t leave your baby unattended while you went to the restroom or moved around in your location. Likewise, take your laptop with you wherever you go in public, … (3 comments)

security: Windows XP not dead yet—but users Beware - 02/19/14 12:44 AM
Would you reasonably expect success when attempting to drive cross country in a 1975 Pinto with balled tires, no brakes, dried cracked belts and with already 250k on the motor? You might if you didn’t stop and think about things.

The same is true of an individual or a business who’s still using a Windows XP operating system on devices that have even 1 megabyte of sensitive data. You cannot reasonably expect security with one of the most hacked operating systems in existence.
But I digress. Fret not, there’s temporary hope yet for Windows XP procrastinators: Microsoft is extending support … (3 comments)

security: Multifactor Authentication trumps knowledge based Authentication (KBA) - 02/12/14 09:46 PM
What is knowledge-based authentication? The KBA design asks the user to correctly answer at least one question, a “secret” only the user would know.

There are two types of KBA: 1) Answering a question that the user has pre-selected (static scheme), and 2) Answering a question that’s determined by garnering data in public records (dynamic scheme).
The idea is that if a question is correctly answered, the person’s ID has been verified.
KBA Flaws
Fraudsters can answer “secret” questions—even those that the user must think hard to answer. But how?
Spear-phishing: gaining access to the public data aggregators by tricking … (1 comments)

security: Analyze Security to reduce Threats - 02/04/14 09:09 PM
A deep analysis into security (security analytics programs) unveils some riveting areas that need to be addressed if business users are serious about reducing threats of data breaches.

Reveal data leaks. Convinced your business is “data leak proof”? See what stones that security analytics turn over. Don’t be surprised if the leaks that are discovered have been ongoing, as this is a common finding. You can’t fix a problem that you don’t know exists.
An evolution of questions. Analytics programs can create questions that the business owner never thought to wonder about. Analytics can reveal trends and make them visible … (1 comments)

security: 6 ways to declutter your digital life - 01/16/14 08:41 PM
It’s the New Year so time for new starts and new resolutions. With a new year upon us, now is a good time to clean out the clutter. Clutter is overwhelming, messy and inefficient and it transcends in both our physical and digital lives.
Here are some tips to help clear the clutter out of your digital world.

1. Backup the Data on Your Devices
You are (hopefully) about to delete lots of stuff.
Back up everything you have onto an external drive – make sure this is your files, contacts, browser bookmarks, photos and any other important content you … (2 comments)

security: Devising a data security strategy - 11/24/13 07:49 PM
Whether you are an individual who games, a work-at-home employee, a family of four that shops online, a road warrior or even a small business, chances are you have data to protect—and so this all pertains to you.

Fundamentals:
Antivirus isn’t enough: A free antivirus package is good, but it might not update automatically—and you need your antivirus to be today’s version. Spend a couple bucks and get your antiphishing, antispyware and firewall protection.
Updated browsers: An old, outdated browser is a nightmare that is often riddled with holes for criminals to slither a bug through. Install the latest update … (0 comments)

security: Why Mobile Security is a Must - 11/10/13 04:06 PM
Smartphone use continues to increase. More than one third of Americans have dropped landlines and only use mobiles. It is very possible that within the next 10 years, the landline will be obsolete and we will all be wireless.
And when there’s a major transition in technology, the newness of it all creates a perfect storm for scammers to attack the new systems. Hackers are creating scams and viruses that are designed to spy on and collect our data the same way it’s done on a PC. (Keep in mind that what makes smartphones smart is the fact they are nothing … (1 comments)

security: Security is a Journey, Not a Destination - 08/24/11 01:30 PM
This title of this post is a security industry axiom. In other words, we can strive for security, and by making this effort we put ourselves on a path to security. But while we may achieve a relative degree of security, we can never be 100% secure. Even Fort Knox is vulnerable.
We can, however, apply strategies that significantly reduce our risk level. One of the best techniques is “layering.” Layers of security make a criminal’s job more difficult by addressing all of the vulnerabilities in your home or office.
A bank, for example, has multiple layers of security. First, consider … (4 comments)

security: Seminar to Feature ISECOM’s OSSTMM v3 - 10/23/10 11:21 AM
Pete Herzog, Founder of ISECOM, will be discussing the revised Open Source Security Testing Methodology Manual (OSSTMM v3) and how it applies to web application security today (10-13-2010) in Raleigh, NC.
Pete rarely gets to the US, so this is a unique opportunity for security professionals to have an open discussion with him about trust-based security models and how to apply sound logic to securing and testing web applications.
“About 5 years ago, while searching for any existing methodologies, I stumbled across ISECOM and the Open Source Security Testing Methodology Manual. It changed the way my company and I engaged with … (0 comments)

security: Beware Online Auction Fraud & Identity Theft - 12/25/09 12:22 PM
Robert Siciliano Identity Theft Expert
Scammers often set up pages on auction sites during the holiday season. Consumers should be aware of deals that are obviously too good to be true. Most too good to be true online deals bite unsophisticated shoppers or “newbies” to the online auction world. The victim either gets goods that are inferior, counterfeit or they never get anything and still get charged.
My spouse needed some skin care products and went online to eBay to make a purchase. She’s a newbie at this and doesn’t have a lot of experience. She called me over to help … (2 comments)

security: Protecting email While Traveling From Identity Theft - 07/29/09 07:46 AM
Identity Theft Expert Robert Siciliano
You’re traveling on business or vacation and you log into a public terminal to check email. You enter your credentials and then answer a few emails, delete some spam and fire a note off to a colleague at work. You log out and think nothing of it.  Meanwhile your email account is hijacked and everyone in your address book receives an email from “you”.
The email sent to your friends, family and business associates states; “While traveling in Europe I was approached by what looked like a homeless man who bumped into me, then he apologized. … (0 comments)

security: Data scams have kicked into high gear, Mr. Ming Yang Has 31,000 Viruses - 02/10/09 10:51 PM
Robert Siciliano Identity Theft Speaker 2/11/09
“I am Mr. Ming Yang, I have an obscured business suggestion for you. Your services will be paid for. Contact mr_mingyang_desk45@hotmail.com”
Mr Yang sent me an email just now. He wants…my services…? Or something. He’s not my type. My type doesn’t have a filthy virus. Plus he is a dude.
Care for a dalliance? He’s all yours.
Great article here: Data scams have kicked into high gear as markets tumble
As the markets tank, criminals are releasing a barrage of scams. email scams of every kind, infecting peripherals, drive-by viruses and more. In … (1 comments)

security: Safety Concerns: Do Agents Need To Be So Accessible? - 02/08/08 01:26 AM
Safety Concerns: Do Agents Need To Be So Accessible?by Robert SicilianoReal estate sales can feel like a continual popularity contest. Obviously you, as agents, are much more than that. Of course you want buyers and sellers to think of you when its time to make a move. Agents place ads in the real estate section of the local paper. You put your photos and contact information on signs. Some of you even rent billboards.FREE Agent Online Powerhouse Kit including a FREE business consultationAnd now, with the Web, you include your listings on your brokers' sites and your own personal pages. Your … (7 comments)

 
Robert Siciliano, Realty Security and Identity Theft Expert Speaker (IDTheftSecurity.com Inc)

Robert Siciliano

Realty Security and Identity Theft Expert Speaker

Boston, MA

More about me…

IDTheftSecurity.com Inc

Address: PO Box 15145, Boston, MA, 02215

Office: (617) 329-1182



Listings

Links

Archives

RSS 2.0 Feed for this blog