Over a fifth are “very stressed” at work

Read More

Graham Cluley Security News is sponsored this week by the folks at Keeper Security. Thanks to the great team there for their support! The mass migration to distributed work has given IT and DevOps teams the new challenge of performing infrastructure monitoring and management remotely. IT and DevOps personnel need a secure, reliable, and scalable … Continue reading “Keeper Connection Manager: Privileged access to remote infrastructure with zero-trust and zero-knowledge security”

Read More

Imagine, if you will, a person goes online each day with the sole mission to trigger confrontation and provoke conflict. Sounds bizarre and exhausting, doesn’t it? Sadly, that’s precisely what online trolls hope set out to do. And while trolls often target adults, when they target kids, the emotional impact can be confusing and painful. 

What is a troll?

A troll is a person who posts inflammatory messages in an online forum to purposefully cause confusion or harm to other users online for no reason at all. 

A 2021 Pew Research report found that nearly 41 percent (four in ten) Americans have encountered online harassment. Additionally, 55 percent think it is a “major problem.” Seventy-five percent of the targets of online abuse say their most recent experience was on social media.  

Bullies vs. Trolls

It’s important to differentiate bullies and trolls. While both cause harm, bullies often know their targets. Trolls, however, amplify the emotional complexity of online harassment by targeting strangers. Their goal is to anger and exhaust people with name-calling, body shaming, political or gender bashing, and other forms of emotional abuse.  

Helping kids understand, process, and respond in a healthy way to this kind of cruel behavior is, no doubt, a challenge all parents face today. So, what can we do? There are a few things.  

6 Ways to Help Kids Starve the Trolls

1. Prepare. Consider taking the time to discuss this important topic with your child. If they have yet to encounter a troll, it won’t be long. Define what a troll is, what their motives might be, and the different ways they wreak havoc online. For a few conversation starters, google “trolls and motives.” You will find that, among other reasons, trolls incite mayhem online to attract attention, exercise control, and hurt and manipulate others. In fact, some studies show trolling is associated with (among other personality disorders) psychopathy, Machiavellianism, and narcissism.

Helping your kids understand these personalities—and not internalize a troll’s hurtful comments—will take time and consistency.  

2. Parental Controls. One way to help your kids steer clear of trolls is parental controls. This level of software will block apps and filter websites trolls might frequent. In addition, parental controls will generate online activity reports and help parents limit screentime, both factors in reducing online conflict. 

3. Starve the trolls. It’s human nature. We want to strike back hard and fast with an epic comeback when we’re attacked online. However, studies show that the best way to deal with a troll is to ignore or starve them. Trolls feed on angry reactions so arguing is like serving them a chocolate sundae.  Instead, consider coaching your child to take a deep breath, step away from their devices, process the troll’s motives, and lastly, not engage. This will not only starve the troll, hopefully, it will also help your child build self-control.  

4. Exercise your power. Is it tough to ignore the trolls? You bet! However, muting, blocking, and reporting is still a way for kids to exercise their power. A good reminder to relay to kids: While the internet may be free and open to everyone, your child’s profile, page, or blog belongs to them. It is not a democracy that requires them to tolerate free speech or abusive behavior. Encourage your child to exercise their power and voice by using the reporting tools—unfollow, mute, block, report—designed to help them feel secure and safe online.  

5. Make accounts private. Many trolls tend to operate under anonymous names and use hidden IP addresses. For that reason, encourage your child to limit their online circles to friends only. While this may not ward off all trolls, it will reduce their chances of getting through the gates. This is especially important for children who play video games and chat online with unknown online players who may be trolls. Remind them to create private accounts on social networks and to keep all personal information private.  

6. Take appropriate action. If a trolling situation escalates to stalking or threats, report it to authorities immediately. A great place to learn more about trolling is the Crash Override Network, an exhaustive list of resources for victims of online harassment. Note: Be sure to take screenshots of the abusive posts, so you have proof in case the person attempts to edit or delete them. 

It’s easy to forget that each time your child logs into a device, they step into a literal worldwide web of strangers with diverse behaviors and agendas. Taking time to talk about trolls—before your kids rush to scroll Tik Tok or play Fortnite—will help equip them to deal with this growing threat.     

The post 6 Ways to Help Your Kids Deal with Haters and Harassers Online appeared first on McAfee Blog.

Read More

At its annual Summit event, Red Hat is rolling out new edge-computing features for the company’s well-known enterprise Linux distribution, and security features for its Advanced Cluster Security for Kubernetes platform.

Read More

A novel post-exploitation framework that allows the activity of its malicious actors to persist on their targets was exposed Wednesday by Crowdsrike’s Falcon OverWatch threat hunters. Dubbed IceApple, the .NET-based framework has been observed since late 2021 in multiple victim environments in geographically diverse locations with targets spanning the technology, academic and government sectors, according to CrowdStrike’s report.

Up to now, Falcon OverWatch’s threat hunters have found the framework only on Microsoft Exchange instances, but they said it’s capable of running under any Internet Information Services (IIS) web application and advise organizations to make sure their web apps are fully patched to avoid infection.

To read this article in full, please click here

Read More

The 10-count complaint alleges Idris Dayo Mustapha used phishing and other means to obtain user credentials

Read More

ForgeRock, a global identity and access management company, has introduced ForgeRock Autonomous Access, a new application that uses AI to prevent identity-based cyberattacks and fraud. 

The application monitors login requests in real-time to block malicious attempts and add authentication steps for anomalous behavior, while streamlining access for authorized users.

“We believe that modern AI-driven solutions have the ability to protect organizations and their customers and employees from damaging and costly cyberattacks and fraud,” says Peter Barker, chief product officer at ForgeRock. “Our approach is to use AI to stop bad actors at a massive scale and reduce the risk of account takeovers.”           

To read this article in full, please click here

Read More

Georgetown has a new report on the highly secretive bulk surveillance activities of ICE in the US:

When you think about government surveillance in the United States, you likely think of the National Security Agency or the FBI. You might even think of a powerful police agency, such as the New York Police Department. But unless you or someone you love has been targeted for deportation, you probably don’t immediately think of Immigration and Customs Enforcement (ICE).

This report argues that you should. Our two-year investigation, including hundreds of Freedom of Information Act requests and a comprehensive review of ICE’s contracting and procurement records, reveals that ICE now operates as a domestic surveillance agency. Since its founding in 2003, ICE has not only been building its own capacity to use surveillance to carry out deportations but has also played a key role in the federal government’s larger push to amass as much information as possible about all of our lives. By reaching into the digital records of state and local governments and buying databases with billions of data points from private companies, ICE has created a surveillance infrastructure that enables it to pull detailed dossiers on nearly anyone, seemingly at any time. In its efforts to arrest and deport, ICE has — without any judicial, legislative or public oversight — reached into datasets containing personal information about the vast majority of people living in the U.S., whose records can end up in the hands of immigration enforcement simply because they apply for driver’s licenses; drive on the roads; or sign up with their local utilities to get access to heat, water and electricity.

ICE has built its dragnet surveillance system by crossing legal and ethical lines, leveraging the trust that people place in state agencies and essential service providers, and exploiting the vulnerability of people who volunteer their information to reunite with their families. Despite the incredible scope and evident civil rights implications of ICE’s surveillance practices, the agency has managed to shroud those practices in near-total secrecy, evading enforcement of even the handful of laws and policies that could be invoked to impose limitations. Federal and state lawmakers, for the most part, have yet to confront this reality.

Read More

The joint advisory is designed to enable transparent discussions between MSPs and their customers on securing sensitive data

Read More

Malware researchers warn about a stealthy backdoor program that has been used by a Chinese threat actor to compromise Linux servers at government and private organizations around the world. While the backdoor is not new and variants have been in use for the past five years, it has managed to fly under the radar and have very low detection rates. One reason for its success is that it leverages a feature called the Berkeley Packet Filter (BPF) on Unix-based systems to hide malicious traffic.

BPFdoor was named by researchers from PwC Threat Intelligence who attribute it to a Chinese group they call Red Menshen. The PwC team found the threat while investigating several intrusions throughout Asia last year and included a short section about it in their annual threat report released late last month

To read this article in full, please click here

Read More