Thank You for 1,000,000 Views! January 26, 2016Posted by Chris Mark in Uncategorized.
Tags: 1 million views, Chris Mark, InfoSec, PCI DSS, security
1 comment so far
I was just notified that the GlobalRiskInfo blog just had it’s 1 millionth view with over 850,000 visitors! I want to give a big “Thank You!” to everyone that has taken the time to read my inane drivel and for those who take the time to comment! This is simply a labor of love and I am grateful for the support. This started 4 years ago and I have published 404 blog posts. While some have been big hits others have not. Regardless..thank you!
Chris Mark speaking at Secura Risk Management Fall Forum (Oct 28-29) October 24, 2015Posted by Chris Mark in Uncategorized.
Tags: Chip and Pin, Chris Mark, cyber, cybercrime, DarkNet, Deepweb, EMV, PCI, Secura, security, TOR
add a comment
If you are a bank, credit union, or work for one and want to listen to me (Chris) speak and are looking for a reason to go to beautiful Charleston, South Carolina..check out the Secura Fall Risk Management Forum! Yours Truly will be speaking on CyberCrime and the DarkNet as well as EMV “Chip & PIN” (a misnomer but…I will not discuss here). Should be a great event and will be in one of my favorite US cities…Charleston, South Carolina!..I have not had an opportunity to speak at a Secura event yet but they appear to be very well put together and the agenda looks very compelling. Also, if you didn’t have a chance to attend the AT&T Cyber Security Conference in NYC, you can watch a replay of the event here! You can see me on the ‘big stage’ talking with Jamie Wallace on Mobile Security. It was a great event with top shelf speakers…(notice that I am rocking my Recon Jack to represent the USMC Recon Community!)
Tags: Breach, chip, compromise, EMV, hack, information, mobile, P2PE, PIN, risk, security
add a comment
I have been invited to co-present on Mobile Retail Security at the 17th Annual AT&T Cyber Security Conference. The conference is October 5th and 6th in Manhattan and will feature some amazing speakers including AT&T’s own CSO Dr. Ed Amoroso, Palo Alto’s CSO Rick Howard and “Dr. Chaos” Aamir Lakani to name but a few. If you are going to be in NYC on Oct 5th and/or 6th and want to attend…registration is FREE!...Check it out!!
Tags: Cloud, CyberGhost, data breach, hack, Microsoft, OneDrive, privacy, security, VPN, WIFI, Windows 10
1 comment so far
Below is a guest post from CyberGhost on how to increase privacy on Windows 10. This is very timely and great advice!. I have upgraded to Windows 10 and really think it is a huge upgrade over Windows 8/8.1 but (there is always a but) there are some serious privacy concerns. (SERIOUS) Thanks to CyberGhost’s Silvana Demeter for providing this valuable info! BTW…I am very familiar with CyberGhost really like their products. Check them out!
“On July 29, Microsoft has released its new operating system, Windows 10, available globally in 190 countries. The new version offers new features and completes different gaps. Windows 10 is fluid and fast and its new browser Microsoft Edge might win back a lot of users being super-fast.
Some privacy related concerns appear though, one possible problem being that data such as contacts, calendar, mail, messages are transferred to Microsoft’s servers, creating a more detailed user’s profile. Another feature that is infringing one’s privacy is the advertising ID assigned to individuals that are later targeted with specifically tailored ads. Even encrypting the hard drive won’t make an improvement to the privacy since the keys are stored by default on OneDrive. These new settings and features are aimed at increasing productivity, as they make apps and operating system smarter.
In order to improve the future experience of its users, Microsoft uploads data on their servers. As stated in the Terms of Service, Microsoft has the right to share this data whenever it “has a good faith belief doing so is necessary to: 1.comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; 2.protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone; 3.operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or 4.protect the rights or property of Microsoft, including enforcing the terms governing the use of the services.”
In addition, all these settings are ON by default and will remain enabled if not unchecked while installing or upgrading to Windows 10.
All the data used by the Microsoft account (@live.com, @outlook.com, @msn.com – necessary for most of the new features) is scanned by Microsoft’s services. The location or even the talks with Cortana (searches, reminders, notes, and actions) are also processed by Microsoft’s services: “We also share data with Microsoft-controlled affiliates and subsidiaries; with vendors working on our behalf; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of our services; and to protect the rights or property of Microsoft.”
How to increase privacy on Windows 10
The Privacy settings can be managed by searching the term privacy in the start menu and most of the modules that send data to Microsoft can be disabled.
Below are some important features that can be changed to obtain more privacy:
- Disable advertiser ID: open the settings and search for “advertising;” open “Choose if apps can use your advertising ID” and disable the first option: “Let apps use my advertising ID for experiences across apps”
- Disable “…info about how I write” so that the text one types and writes with a stylus is not sent to Microsoft servers
- Disabling the Advertising ID in the “Privacy Settings.”
o “Let apps use my Advertising ID…” -> OFF
o “Send Microsoft info about how I write..” -> OFF
o “Location” -> OFF
- Speech, Inking, & typing: If all options are cleared, Cortana will also be disabled
Another new feature introduced by Windows 10 is “Wi-Fi Sense” – a feature that syncs all Wi-Fi passwords to the cloud and shares them with the contact list. Through this functionality, the PC will be able to exchange passwords and automatically connect to WIFI, even to unprotected hotspots. The “Wi-Fi Sense” feature can be disabled by accessing Settings, “Wi-Fi” and then “Change Wi-Fi Settings.” Lucian Crisan, Head of Support and QA at CyberGhost VPN and former Microsoft employee recommends this change in order to avoid man-in-the-middle attacks and phishing attempts.”