Jan 15, 2019

None of my Feedburner automatic Twitter post links have been working since March!

I was in for a rude awakening today. Something I wish I would have realized sooner, but just figured it was working so I didn't bother checking on it... until today. That is that the "Socialize" feature in Feedburner no longer works!

I take that back, it still posts to Twitter just fine, but because it still uses goo.gl link shortening, the links don't work!

I noticed today when clicking on one of the links on Twitter that I was redirected to this nonsense:

Dynamic Link not found
If you are the developer of this app, ensure that your Dynamic Links domain is correctly configured and that the path component of this URL is valid.

A quick search on Google brings up this Google Developers Blog post about it:
Starting April 13, 2018, anonymous users and users who have never created short links before today will not be able to create new short links via the goo.gl console. If you are looking to create new short links, we recommend you check out popular services like Bitly and Ow.ly as an alternative. 
If you have existing goo.gl short links, you can continue to use all features of goo.gl console for a period of one year, until March 30, 2019, when we will discontinue the console. You can manage all your short links and their analytics through the goo.gl console during this period. 
After March 30, 2019, all links will continue to redirect to the intended destination. Your existing short links will not be migrated to the Firebase console, however, you will be able to export your link information from the goo.gl console.
Well, gee thanks Google. Considering that Feedburner is one of many Google's properties, one would think that they would have updated that platform to either use their new Firebase console, or to allow users to use another shortening service. Apparently that is too much to ask though.

Now I'm forced to pay money to dlvr.it to autopost my blogs to my various social media accounts. At $10 a month, it's very reasonable. I prefer free, but if I'm forced to, I suppose I can fork over the dough for something that works.

Did this happen to you too? What are you using to auto-post to social media? Let us know in the comments.

Jan 14, 2019

If You Use LastPass, You Should Change All Your Passwords

I've been getting bombarded with a lot of spoofed messages from alleged hackers lately claiming they have stolen my password by inserting a Trojan from some porn site that I had supposedly visited, and they have hacked my webcam and if I don't pay them in bitcoin they will release whatever... blah blah blah. Here you can read an example below:

As you may have noticed, I sent you an email from your account.
This means that I have full access to your account: On moment of hack your account has password: [SOME PASSWORD]

You say: this is the old password!
Or: I will change my password at any time!

Yes! You're right!
But the fact is that when you change the password, my trojan always saves a new one!

I've been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.

If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence.

Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.

I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks. I can also post access to all your e-mail correspondence and messengers that you use.

If you want to prevent this, transfer the amount of $523 to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”).

My bitcoin address (BTC Wallet) is: 1EGap2ZeR8pf9hfJ2KrSAQ1eYCPBcxJrqo

After receiving the payment, I will delete the video and you will never hear me again.
I give you 48 hours to pay.
I have a notice reading this letter, and the timer will work when you see this letter.

Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.

If I find that you have shared this message with someone else, the video will be immediately distributed.

Best wishes!
These messages are clearly spoofed based on the header and IP information. They obviously didn't hack my email. Anyway, pretty funny right?

Krebs On Security wrote a post about a similar scam, and this is what they surmised:
It is likely that this improved sextortion attempt is at least semi-automated: My guess is that the perpetrator has created some kind of script that draws directly from the usernames and passwords from a given data breach at a popular Web site that happened more than a decade ago, and that every victim who had their password compromised as part of that breach is getting this same email at the address used to sign up at that hacked Web site.
Oh, just a site that was hacked 10 years ago? No big deal right? I disagree. I think the passwords these script kiddies are using came from a LastPass breach.

If you don't remember, back in 2015 LastPass reported a major data breach. At that time PC World reported:
The good news is it appears hackers didn’t get away with anyone’s encrypted password vaults. Still, it certainly sounds like a bad breach, but the consensus among security experts is that it could’ve been a lot worse.
I'm beginning to think that was either a lie, or LastPass didn't realize how deep their breach really was. Why do I think that? For three reasons:

  1. The number of spam emails I've received from these guys
  2. Many of them show different passwords. If it was just one or two sites that were breached I'd see a pattern of the same passwords.
  3. Many of the passwords these guys show (although not the actual passwords, but are close enough that I can tell that they have my actual password info somewhere) are randomly generated. I only use such randomly generated passwords with LastPass.
So what did I do about it? First, I reset my LastPass master password again, all of my financial account passwords, all of my social media passwords, online store account passwords, etc. I also went through LastPass's security challenge tool to update old passwords, or any passwords I had previously re-used in multiple sites inadvertently.

I had changed my LastPass credentials shortly after the breach in 2015 as directed by LastPass, but at the time believed the reports that none of the vault password information was touched. I'm starting to think that may not be accurate. If you agree with me, then it's time to change all of your passwords too.

Have you received any of these emails? What are you doing about it? Let us know in the comments!

Jan 7, 2019

Cloud Computing: What's Holding You Back?

The fastest growing SMBs have embraced the Cloud as a method to address four main IT Challenges:

  • High capital costs;
  • Skill shortage;
  • Scalability as the business grows, and;
  • Innovation as the business matures.

Results are positive. Surveys indicate that:

  • 53% of SMB's using cloud technologies are more likely to experience a rise in revenue.
  • 85% of businesses believe the cloud-enabled their business to scale and grow faster.

Organizations are finding that Cloud computing provides immediate access to the tools needed to digitally transform their business and improve customer experience.

Many businesses are still reluctant to make the move to the Cloud despite these advantages. The reluctance to migrate is particularly evident in Western Canada, where we've seen cloud adoption be approximately 25% less than the rest of Canada. So, what's holding you back?

Security Exposure

Security is cited as the number one objection to Cloud for 49% of organizations (IDC 2017). Should you be concerned? The security investments made by the major Cloud providers is significant and has created cloud platforms in which security breaches, due to vendor error are rare. In fact, the Cloud has proven to be more secure than most non-cloud environments.

Network Response

A key detractor to cloud for customers in Western Canada is the worry that network connectivity will be insufficient to provide the type of response time and security that end users are accustomed to. With the major public Cloud providers located in Eastern Canada, it is understandable that network connectivity options should be well understood before proceeding. Several networking options exist to address the need for high bandwidth, security and connectivity to Cloud, including solutions based in Saskatchewan.

Service Availability

Service availability, including response time and user downtime, is a concern due to the perceived loss of control over the computing environment. To mitigate this concern, public Cloud vendors provide service levels for all their products with financial credits provided if they are not achieved. The robust engineering of the Cloud environment is such that high availability is consistently achieved. In a worst-case scenario, organizations can further protect critical applications by configuring them to automatically failover to alternate data centres should a Cloud data centre go offline.

Cloud Costs

There is a general perception that services in the Cloud are more expensive than in the non-Cloud environment. This is often raised when the comparison between Cloud and non-Cloud platforms does not accurately reflect all the costs that make up the non-Cloud infrastructure.

With all the non-Cloud costs in the table above considered, there's an almost 50% reduction in support and maintenance costs when the Cloud is chosen. When doing a financial comparison or Cloud ROI, it's also important to take into account the increased revenue that will take place as you drive your digital transformation results using Cloud services.

Getting Started

It can seem daunting when trying to decide how to get started. The best place to start often with consulting a trusted partner with experience in Cloud migrations. Cloud migration requires skill and experience; often organizations who tackle this transition by themselves find it difficult and time-consuming.

If you want to know how to get started but aren't sure where to begin, reach out and let's grab a coffee. We can discuss your particular needs and help define a path forward for your organization to embrace all that the Cloud has to offer.

Dec 31, 2018

Brace Yourselves For The Upcoming Cybersecurity Trends of 2019

2018 is coming to an end, and as usual, the arena of cybersecurity is having some new trends coming up. As digital threats are also getting up to a new level, we need security experts to adopt and implement future solutions.

Now, the trends like AI, Biometrics, and IoT have been there as always, but these are evolving to a new level every year which is impacting the related sectors. Further, the zero-trust model and GDPR compliance related legislation are in a boom.

Upcoming Cybersecurity Trends for 2019

Identity management, application improvement, and creating efficient and intelligent threat-management solutions are some of the areas where AI is expanding the cybersecurity arena.

2018 has been a great year for the capital funding of cybersecurity projects. This October 2018 saw an investment of $3.3 billion. Investors are willing to splurge more into this technology as well as security is the crucial concern of every industry.

Let us discuss the emerging trends of cybersecurity for the year 2019 here.

The Zero Trust Cloud Security Model

There is a prediction that 2019 will witness the boom of zero trust security model in the enterprises. Several global enterprises are eager to adopt the zero trust cloud security solution.

So, what is the zero trust approach? Of course, as the title suggests, there should be no trust in any individual. Hence, this zero trust security model regularly checks the actions and behaviour so that it becomes easy to spot and eradicate the probable threats. The legitimate parameters are set to determine the validity of a user's actions and responses. These factors can help in calculating the risk score. The elements can include a user's IP address, physical location, permissions, etc.

So, the zero trust model will always be calculating the risks from various factors, and if that score surpasses the top level, then that user is going to be out of the network. That user can also be asked to go through a multi-aspect authentication procedure.

A Rise in the Use of Biometric Security Systems

The capital investment in the market of biometric systems is going to rise by 25% in 2019.

The concept of biometrics is a threatening one because you get physically connected to the digital world through your online accounts. But, mostly they are in the use of several organisations and have become a significant part of our daily lives like unlocking cell phones via fingerprints or face. These systems increase the efficiency of security functions. By 2023, the investments in the biometric security market are going to be $41.8 billion (as per MarketsandMarkets), but seeing the current demand of the systems, by the end of 2019, the numbers can go up to $20 billion approximately.

IoT Security Advancement

There is widening in the supply of IoT offerings and endpoints which is causing the quantity of IoT security products to boom. The IoT security incidents are going to double in 2019 than in 2018.

The humongous rise in the IoT endpoints/devices is not going to stop at any time. This has given a lift to the necessity of innovating our security service. Even if we have several 'smart' devices, but many of them are having quite big security loopholes. Several technologies and software are helping to protect businesses from attacks like DDoS, but not all the solutions solve the problems from its core. Security professionals will have to determine the underlying cause of insecure IoT endpoints. There is no balance between rising endpoints and security solutions. Therefore, the vulnerability will still exist, and attacks will grow.

GDPR Compliance as a Service

Yes, you read that correct! GDPR compliance as a Service is also capturing the markets through privacy and security services. The growth rate will be about 75% in this case for the year 2019.

The regulations from governments and international authorities have been strict, and hence there is such massive growth. The rise in the number of regulations is causing the businesses to pace up for being updated to keep their customers happy. But, adopting new GDPR and other such technologies related to compliances can help the businesses in a long-term, even though in the initial phases the management can take time. Finally, this will lead to the adoption of fully managed services, and this business will be in a boom.

Looking Ahead in 2019

The trends mentioned here are some of the emerging trends. However, it is believed that these are the most significant trends, considering the changes in the overall market. These are supposed to have the most significant potential impacts on the larger scale of companies as they are going to embrace the security-centric business on a worldwide level.

Dec 24, 2018

A beginner's guide to Bitcoin & Blockchain technology [Infographic]

Ever since it's peak price of over $20,000 per bitcoin in December of 2017, the idea of cryptocurrency and blockchain technology has had the media buzzing about its potential not just as an investment, but real world applications. Many people still don't quite understand the technology though, so we thought we'd share this inforgraphic for all you noobs out there! Enjoy!

[Via Bitcoinfy]

Dec 19, 2018

New Google Assistant Ad Revives Kevin McCallister from 'Home Alone'

Personally I'm not a fan of in-home electronic personal assistants like Google Home or Amazon Echo. Namely, I don't like these companies spying on every conversation I have in my house. Even more, I don't like the NSA using these devices to spy on my every conversation either.

That being said, I am a fan of the original Home Alone movie, which features a young Kevin McCallister protecting his home from the "Wet Bandits"! Well, Google just revived that character in their new ad for Google Assistant!

Check it out:

Just because I don't like these devices, doesn't mean they are not popular. Millions of people find these to be very handy.

Do you use one? Which one? Why do you like it? Let us know in the comments.

Dec 17, 2018

Is Bitcoin Finished?

It has been a pretty crappy year for Bitcoin investors since it reached an all time high of over $20,000 this time last year. Since then it has been a very turbulent downhill ride. Those who got in in the early days, and cashed out in December last year are laughing all the way to the bank! Those who just got into the game are crying themselves to sleep at night.

Well, in more heart breaking news for late investors, Bitcoin finally dropped below the cost to mine it.

Via New York Post:
To add to the misery to bitcoin enthusiasts, the act of finding or “mining” the cryptocurrency has become unprofitable as the price continues to crater. 
This raises further questions about the viability of the accounting system supporting the cryptocurrency. 
The volatile asset is now fetching under $3,200, off more than 84 percent from the highs seen during its “tulip mania” phase of a year ago.
If it's not even worth it to mine, and miners are what makes up the backbone of the cryptocurrency, then does that mean Bitcoin is doomed?

If not, then it's certainly a good time to buy. At the time of this writing Bitcoin is trading for roughly $3,500. If one were to buy now and the price ever gets back up to $20,000 they stand to make a lot of money.

What do you think? Is Bitcoin finished? Is this just a massive correction? Let us know what you think in the comments.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam