28. Keep Your Mobile Phone Safe

Top 10 (or 11) tips for protecting the information on your phone

UPDATE to last week's Headlines:
Microsoft officially releases Windows 11 announcement, preview.  Expected to arrive Oct 20

This Week's Security Tip:
10 easy tips for mobile phone security:

1. Lock your device with a PIN or password, and never leave it unattended in public 
2. Uninstall apps you don’t use 
3. ONLY download apps from trusted sources 
4. Keep your phone’s operating system updated 
5. Install antivirus software 
6. Use your phone’s “find me” feature to prevent loss or theft 
7. Cover the camera with a camera sticker when not in use 
8. Back up your data 
9. Encrypt the data if you have sensitive info stored on it 
10. Don’t click on links or attachments from unsolicited e-mails or texts

Today's Headlines:
  • Western Digital MyBook users urged to unplug devices from the network - malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.
  • Quickbooks Online opts users in to share payroll info of 1.4 million small businesses with Equifax, who has been and will be hacked again. (To disable sing-in to QBO, go to Payroll settings, uncheck "Shared Data.")
  • Eight unsecured databases were found leaking approximately 60 million records of LinkedIn user information. While most of the information is publicly available, the databases contain the email addresses of the LinkedIn users.
  • HSE, socialized public healthcare system of Ireland, breached in May and 700GB of patient and employee data, orders Virus total to reveal 
  • Briefly mention PrintNightmare, security vulnerability that affect every version of Windows.  Much more in depth next week.

  • Kasaya ransom: $70,000,000 for universal decryptor ($5mill per individual compromise) 
    • fewer than 40 customers worldwide, though all MSPs with over 1000 clients
    • Supply chain attack on on-prem servers – all from US based hosting servers.  CISA and Biden announce almost immediately they are investigating and blame Revil/Russia.  This all comes weeks after FBI/DOJ seized ReVIL/Darkside servers.
    • Was allegedly a known exploit that Kasaya was in the process of patching, before the zero-day attack was carried out.
Next Week's Teaser:
What the heck is an AUP…and why do you want it?

Call to Action:
We talk a lot about stupid (nothing bad ever happens to me; head in the sand; too busy; I’ll do it later). So what’s smart? Taking this seriously TODAY. Book a 10-minute Discovery Call right now. I’ll ask some key questions and give you a quick score. If you’re doing everything right, you can sleep better at night. If there’s room for improvement, we’ll discuss options. NO PRESSURE, NO STRINGS. JUST BOOK THE CALL!

www.mastercomputing.com/discovery