Discover how mastering email communication can boost business efficiency, avoid common pitfalls, and ensure secure, respectful online interactions.
Turkey Revenge
The turkeys are pissed this Thanksgiving they are seeking revenge.
Germs Infest 60% of Americas Phones
60% of Americans sleep with their phones, harboring germs. Cleaning regularly with UV sanitizer or alcohol wipes can help keep your phone and bed germ-free.
Smartphone Sanitizing: A Practical Guide
Securely erase personal data from your old smartphone before recycling. Protect your identity from hackers—easy steps to follow.
Why Soft Skills Matter in Today’s Job Market
Boost your career with essential soft skills like communication, teamwork, and emotional intelligence. Learn why they’re crucial for workplace success.
Reducing Your LinkedIn Risks
Microsoft’s recent purchase of LinkedIn has pushed the struggling ersatz professional networking site back into the limelight. There is plenty of speculation why Microsoft (MSFT) purchased the site for over $2.6 billion. Undoubtedly it has to do with LinkedIn’s (LNKD) cache of over 430 million online users. Whatever Redmond’s designs are, now is probably a good time to check LinkedIn security to reduce your LinkedIn risks.
Attackers have long used social networking as part of their reconnaissance activities. They cull personal information posted on the site to craft targeted attacks that have a higher chance of succeeding. The cyber-criminals rely on the fact that people tend to trust people within their personal network.Their targets are more likely to fall for a spear phishing email if it appeared to come from a fellow member. The victims would also be more likely to visit a website if a member of their network suggested it.
LinkedIn risks
The fake LinkedIn profiles “significantly increase” the likelihood that these social engineering attacks will work according to research by Dell SecureWorks. The SecureWorks article describes how attackers use fake LinkedIn profiles. Most of these fake accounts follow a specific pattern:
They bill themselves as recruiters for fake firms or are supposedly self-employed. Under the guise of a recruiter, the attackers have an easy entry point into the networks of real business professionals. Real recruiters already use the service as a way to find potential candidates. LinkedIn users expect to be contacted by recruiters, so this ruse works out in the scammers’ favor.- They primarily use photos of women pulled from stock image sites or of real professionals. Many of the fake LinkedIn accounts use unoriginal photographs. Their profile photos were found on stock image sites, other LinkedIn profiles, or other social networking sites.
Attackers copy text from profiles of real professionals. They then paste it into their own. The text used in the Summary and Experience sections were usually lifted verbatim, from real professionals on LinkedIn.- They keyword-stuff their profile for visibility in search results. Fake LinkedIn accounts stuff their profiles with keywords to gain visibility in to specific industries or firms. Northrup Grumman and Airbus Group are popular.
The primary goal of these fake LinkedIn accounts is to map out the networks of business professionals. Using these fake LinkedIn accounts, scammers can establish a sense of credibility among professionals to start further connections. The fake network was created to help attackers target victims via social engineering.
In addition to mapping connections, scammers can also scrape contact information from their connections. The attackers collect personal and professional email addresses as well as phone numbers. This information could be used to send spear-phishing emails.
LinkedIn cyber-thieves use TinyZbotmalware (a password stealer, keystroke logger, multifunctional Trojan) and disguise it as a résumé application. The Dell researchers advise organizations to educate their users of the specific and general LinkedIn risks in their report:
- Avoid contact with known fake personas.
- Only connect with people you know and trust.
- Use caution when engaging with members of colleagues’ or friends’ networks that they have not verified outside of LinkedIn.
- When evaluating employment offers, confirm the person is legitimate by directly contacting the purported employer.
Reduce your risks
There are a few ways users can identify fake LinkedIn accounts:
Do a reverse-image search. Tineye.com offers a browser plugin or use Google’s Search by Image to confirm the in picture is legit.- Copy and paste profile information into a search engine to find real profiles.
- If someone you know is already connected with one of these fake accounts, reach out to them and find out how they know them.
- If you suspect that you’ve identified a fake LinkedIn account, you should report it.
LinkedIn told Panda Security:
We investigate suspected violations of our Terms of Service, including the creation of false profiles, and take immediate action when violations are uncovered. We have a number of measures in place to confirm authenticity of profiles and remove those that are fake. We urge members to use our Help Center to report inaccurate profiles and specific profile content to LinkedIn.
As always, it pays to be careful with information that you share online as it can save you many potential problems in the future.
Here are some tips to keep your LinkedIn experience as secure as possible. Update Privacy Settings to understand how you’re sharing information. Smart options include:
Turn your activity broadcasts on or off. If you don’t want your connections to see when you change your profile, follow companies or recommend connections, uncheck this option.- Select what others can see when you’ve viewed their profile. When you visit other profiles on LinkedIn, those people can then see your name, photo, and headline. If you want more privacy, display anonymous profile information or show up as an anonymous member.
- Select who can see your connections. You can share your connections’ names with your other first-degree connections, or you can make your connections list visible only to you.
- Change your profile photo and visibility. You can choose to have your photo displayed only to your first-degree connections, only to your network, or to everyone who views your profile.
Opt into Two-Step Verification to prevent other people from accessing your account. LinkedIn lets members turn on two-step verification for their accounts. This will require an account password and a numeric code sent to your phone when you attempt to sign in from a device your account doesn’t recognize.
Opt into Secure Browsing for extra protection against unauthorized access to your Internet activity and to make sure you’re connected to the real LinkedIn website. While LinkedIn automatically secures a connection when you’re on certain pages that require sensitive information, you also have the option to turn on this protected connection when viewing any page.
Related articles
- Russia has banned LinkedIn (LNKD) (businessinsider.com)
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedIn, Facebook and Twitter. Email the Bach Seat here.
Thanksgiving 2016
Stop Having These Meetings
Followers of the Bach Seat know that passwords suck. As a Project Manager, something that also sucks are bad meetings. Meetings that don’t have an agenda or a goal or a purpose will suck the motivation out of people coming to the meeting. In the interest of having fewer sucky meetings here are some meetings, your team will thank you for eliminating or fixing.
The Monday morning staff meeting
The problem with this meeting is that no one is ever ready for it. After all, it’s 8:00 a.m. on Monday morning. Nothing has happened yet and whatever happened last week is mostly ancient history. A second problem with this meeting is that for anyone to be ready, they have to work Sunday night. That is fine on occasion but guaranteed to earn you some serious votes for “jerk of the year” from employees and the family members of employees. For a while, I worked for an insomniac boss who would fire off emails off at 2:00 AM on Sunday. She would expect answers at 8:00 AM meetings. It was a happy day when she moved on.
The third problem with this meeting is that stuff happens on the weekends. And stuff needs to be addressed, especially in IT. Did you change your tapes? Check your logs? Walk your data center? Are there warning lights? How many tickets are there? Who has time for a meeting? The solution: if you must run a team meeting on Monday, push it to later in the morning or early in the afternoon. Better yet, push it to Tuesday morning.
The Round-the-Table status meeting
We have all been there. It’s the meeting where focus moves around the room and everybody shares their latest updates, sagas, fantasies, and dreams. Sit in the wrong place and you end up as the 19th person to offer an update. By that time nobody cares because their bladders are over-strained and brains numb from the politically oriented updates emanating from the mouths of colleagues in far-away functions.
The solution: meet if you must, but set some rules on the updates. Ask people to focus on important news that impacts everyone or on challenges that need help from across functions. Do anything to limit the painful march of gratuitous and self-serving status updates that undisciplined round-the-table meetings generate.
Recurring meetings with no purpose
Any recurring meeting where no one can remember why this meeting still takes place is a candidate for immediate elimination. The laws of physics transfer to meetings. A meeting on the schedule tends to stay on the schedule long after it has used up its usefulness in the workplace.
The solution: review all the recurring meetings that you subject your team to or that you are a participant in. Drop them from your life and the lives of your team members. If you are not the host of the meeting, tell the host of your intention and of your perspective on the utility of the meeting. If you are the host/sponsor, poll team members and give them a voice and a vote. A bit of draconian slicing of recurring meetings opens up valuable time for other more important activities.
Group wordsmithing
Th
is is any meeting where you pull together a group of people to work on the wording for something. Be it a vision, a mission, a strategy statement, a scope statement in project management. The output of these sessions is typically a series of awkwardly constructed sentences reflecting compromises on the part of the HPPiO. Everyone nods their heads, yes but no one agrees with the final product. The wording moves beyond ridiculous to just awful in trying to make the pain go away.
The solution: never relegate rough wording of anything to a committee. Take a stab at the item in question yourself. Then bounce it off a few colleagues. When you approach something that is beginning to work for you, very carefully ask for comments from a group. Ask clarifying questions, take great notes and then disappear and redraft the statement(s). Repeat the process as necessary.
Death by PowerPoint
Death by PowerPoint is a phenomenon that can make any meeting suck. The poor use of presentation software causes Death by PowerPoint (DBPP) according to TargetTech. Key contributors to DBPP include confusing graphics, slides with too much text, and presenters whose idea of a good presentation is to read 40 slides out loud.
Audiences that are emotionally disconnected from the presentation are the fault of the presenter. There is a good chance that the speaker has not spent enough time and effort thinking about which key points he wants the audience to take away. Or she has spent entirely too much time and effort setting up the presentation in PowerPoint.
DBPP can be avoided if the speaker uses the technology as a visual aid to enhance what is being said. Do not rely on the technology to serve as the focus of the presentation. Don McMillan demonstrates what not to do with PowerPoint in his video “Life after Death by PowerPoint.”
How to be better at meetings
Meetings are opportunities ripe for overuse and even abuse. Strive to be the manager that respects the power and importance of meetings. Use these forums to focus on key issues and solicit ideas. To keep your meetings constructive you need to start with respect.
Respect the time that everyone puts into the sessions. Start your meetings on time. If your meeting starts on time there are fewer chances to derail others’ productivity throughout the day. Starting on time also helps you to end on time. This is crucial because once the time slot for the meeting is over, employees will start to mentally check out whether you’ve made it through the agenda.
rb-
Bad meetings suck so much that the Project Management Institute (PMI) added a section to the Project Management Book of Knowledge (PMBOK) on meetings. that right – In version 5 of the PMBOK Integration Knowledge Area, there are four processes that have “Meetings” as a Tool & Techniques.
- 4.3 Direct and Manage Project Work
- 4.4 Monitor and Control Project Work
- 4.5 Perform Integrated Change Control
- 4.6 Close Project or Phase
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Category: Project Management |
Tags: 2016, Agile, Gantt chart, Management, Meetings, Microsoft, MSFT, PMBOK, PMI, PowerPoint, Project management, Status meeting
Veterans Day 2016
Bad Passwords Crippled the Web
Followers of the Bach Seat know that passwords suck and now default passwords really suck. In fact, default passwords seem to be a key part of the massive DDOS attack that disabled large parts of the Internet on October 21, 2016. The cyberattack targeted Internet traffic company DYN. DYN provides DNS services for many high-profile sites. Some of the sites affected by the attack on Dyn included; Amazon (AMZN), Business Insider, New York Times, Reddit, and Twitter (TWTR).
Security researcher Brian Krebs, whose site, krebsonsecurity.com, was one of the first sites hit by a massive 620 GB/s DDoS attack, has reported the Mirai botnet was at the center of the attack on his site. CIO.com reports ‘Mirai’ can break into a wide range of Internet of Things (IoT) devices from CCTV cameras to DVRs to home networking equipment turning them into ‘bots. CIO reports a single Chinese vendor, Hangzhou Xiongmai Technology made many of the devices used in the Mirai attacks.
Level 3 Communications says there are nearly half a million Mirai-powered bots worldwide. To amass an IoT botnet, a Mirai bot herder scans a broad range of IP addresses, trying to login to devices using a list of default usernames and passwords that are baked into Mirai code, according to US-CERT. The Mirai zombie devices are largely security cameras, DVRs, and home routers. Mr. Krebs identified some of the specific devices.
Mirai Passwords
| Username | Password | Function |
|---|---|---|
| admin | 123456 | |
| root | 123456 | ACTi IP camera |
| admin | password | |
| admin1 | password | |
| root | password | |
| admin | 12345 | |
| root | 12345 | |
| guest | 12345 | |
| admin | 1234 | |
| root | 1234 | |
| administrator | 1234 | |
| 888888 | 888888 | |
| 666666 | 666666 | Dahua IP camera |
| admin | (none) | |
| admin | 1111 | Xerox printers, etc. |
| admin | 1111111 | Samsung IP camera |
| admin | 54321 | |
| admin | 7ujMko0admin | Dahua IP camera |
| admin | admin | |
| admin | admin1234 | |
| admin | meinsm | Mobotix network camera |
| admin | pass | |
| admin | smcadmin | SMC router |
| Administrator | admin | |
| guest | guest | |
| mother | fucker | |
| root | (none) | Viviotek IP camera |
| root | 00000000 | Panasonic printers |
| root | 1111 | |
| root | 54321 | Packet8 VoIP phone |
| root | 666666 | Dahua DVR |
| root | 7ujMko0admin | Dahua IP camera |
| root | 7ujMko0vizxv | Dahua IP camera |
| root | 888888 | Dahua DVR |
| root | admin | IPX-DDK network camera |
| root | anko | Anko Products DVR |
| root | default | |
| root | dreambox | Dreambox TV receiver |
| root | hi3518 | HiSilicon IP Camera |
| root | ikwb | Toshiba network camera |
| root | juantech | Guangzhou Juan Optical |
| root | jvbzd | HiSilicon IP Camera |
| root | klv123 | HiSilicon IP Camera |
| root | klv1234 | HiSilicon IP Camera |
| root | pass | |
| root | realtek | Realtek router |
| root | root | |
| root | system | IQinVision camera, etc. |
| root | user | |
| root | vizxv | Dahua camera |
| root | xc3511 | H.264 - Chinese DVR |
| root | xmhdipc | Senzhen Anran security camera |
| root | zlxx. | EV ZLX two way speaker |
| root | Zte521 | ZTE router |
| service | service | |
| supervisor | supervisor | VideoIQ |
| support | support | |
| tech | tech | |
| ubnt | ubnt | Ubiquiti AirOS Router |
| user | user |
US-CERT says the purported author of Mirai claims to have 380,000 IoT devices are under its control. Some estimate the botnet has generated greater than 1Tbps DDoS attacks.
When Mirai botnets are called upon to carry out DDoS attacks, they can draw on a range of tools including ACK, DNS, GRE, SYN, UDP and Simple Text Oriented Message Protocol (STOMP) floods, says Josh Shaul, vice president of web security for Akamai.
rb-
Followers of Bach Seat already know that many of the default passwords used by Mirai are among the worst and should have been changed already. They include:
- Password
- 123456
- 12345
- 1234
While reports say, Chinese vendor, XiongMai Technologies equipment was widely exploited, other notable tech firms are included. The Mirai zombie army includes equipment from Xerox (XRX), Toshiba (TOSBF), Samsung (005930), Panasonic (6752), and ZTE (763).
I wrote about security cameras being compromised as part of botnets back in July here.
Related articles
- Terabit-scale DDoS events are on the horizon (helpnetsecurity.com)
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Category: Uncategorized |
Tags: 2016, Botnet, Brian Krebs, Business Insider, China, cyber attack, DDOS, Denial-of-service attack, DNS, Dyn, Mirai, New York Times, Passwords, Reddit, Samsung, Security, Toshiba, Twitter, TWTR, Xerox, XiongMai Technologies, ZTE