Facebook just changed your default email without your consent

Facebook just changed your default email without your consent: here???s how to opt out | Technology News Blog – Yahoo! News

http://news.yahoo.com/blogs/technology-blog/facebook-just-changed-default-email-without-consent-opt-191146629.html

People looking at your Facebook profile will no longer see your real off-site email unless you act

You’d be forgiven for not knowing that Facebook has an external email system built in to the site’s familiar messaging system. After all, few of us have need for yet another email address. And given the way Facebook algorithms decide to hide messages that the site doesn’t believe is important, we’re absolutely terrified of losing important messages.

The fact that you’re not using that Facebook email address appears to have led to Facebook trying to figure out new ways to push you to the system. So, they’ve taken action by forcibly changing your contact email address listed on your Facebook page from your actual address that you regularly check to [your.name.here]@facebook.com ??? or worse, [random number]@facebook.com.

What does this mean? Well, if your high school sweetheart finds you on Facebook and wants to contact you, they’ll have to do it on Facebook ??? there’s no external option. There’s nothing opt-in about this change, and there was no notification about it either: Facebook just decided to swap out emails to try to get people to use their cobwebbed email system.

Thankfully, you take a few simple steps to restore your old, non-Facebook email address. Start by visiting your profile page and clicking on “About” to bring up, amongst other things, your contact info. Click the edit button on the “Contact Info” section, which should bring up a list of all the email addresses Facebook has on file for you, including your new facebook-domained email address. Left click on the open circle to the right of your.name.here@facebook.com and choose the “Hidden from Timeline” closed circle. Then pick which email address you’d prefer folks to contact you at, and change that closed “Hidden from Timeline” circle to an open “Shown on Timeline” circle. Simple as that!

Advertisements

Cell Phone Warning – From University of Miami Hospital

READ THIS!!!! IMPORTANT

        FROM THE  UNIVERSITY OF MIAMI HOSPITAL …..VERY SERIOUS  WARNING… 

A few  days ago, a person was recharging his mobile  phone at home.
 

Just at  that time a call came in and he answered it with  the charging Instrument  still connected to the outlet.
 

After a  few seconds electricity flowed into the cell  phone unrestrained
 and the  young man was thrown to the floor  with a heavy thud. The  phone actually  exploded. 

His  parents rushed to the room only to find him  unconscious, with a weak heartbeat  and burnt fingers.
 

He was  rushed to the nearby hospital, but was  pronounced dead on arrival.
 

Cell  phones are a very useful modern  invention.
 

However,  we must be aware that it can also be an  instrument of death.
 

Never use  the cell phone while it is hooked to the  electrical outlet! If you are charging the cell  phone and a call comes in, unplug it from the  charger and outlet.
 

FORWARD  THIS TO THE PEOPLE THAT MATTER IN YOUR  LIFE!!!!
 


Whether or  not they have a cell phone. They can also inform  others who do……
 

Surgical  Services
 

Download


1400 NW  12th Ave.,
 
Miami
 ,  FL33136

</t

If You’re Using ‘Password1,’ Change It. Now.

If You’re Using ‘Password1,’ Change It. Now. – Yahoo! Finance

http://finance.yahoo.com/news/if-you-re-using–password1—change-it–now-.html

If You’re Using ‘Password1,’ Change It. Now.

The number one way hackers get into protected systems isn’t through a fancy technical exploit. It’s by guessing the password.

That’s not too hard when the most common password used on business systems is “Password1.”

There’s a technical reason for Password1’s popularity: It’s got an upper-case letter, a number and nine characters. That satisfies the complexity rules for many systems, including the default settings for Microsoft’s widely used Active Directory identity management software.

Security services firm Trustwave spotlighted the “Password1” problem in its recently released “2012 Global Security Report,” which summarizes the firm’s findings from nearly 2 million network vulnerability scans and 300 recent security breach investigations.

Around 5% of passwords involve a variation of the word “password,” the company’s researchers found. The runner-up, “welcome,” turns up in more than 1%.

Easily guessable or entirely blank passwords were the most common vulnerability Trustwave’s SpiderLabs unit found in its penetration tests last year on clients’ systems. The firm set an assortment of widely available password-cracking tools loose on 2.5 million passwords, and successfully broke more than 200,000 of them.

Verizon came up with similar results in its 2012 Data Breach Investigations Report, one of the security industry’s most comprehensive annual studies. The full report will be released in several months, but Verizon previewed some of its findings at this week’s RSA conference in San Francisco.

Exploiting weak or guessable passwords was the top method attackers used to gain access last year. It played a role in 29% of the security breaches Verizon’s response team investigated.

[Related: Smartphone Features You Don’t Really Need]

Verizon’s scariest finding was that attackers are often inside victims’ networks for months or years before they’re discovered. Less than 20% of the intrusions Verizon studied were discovered within days, let alone hours.

Even scarier: Few companies discovered the breach on their own. More than two-thirds learned they’d been attacked only after an external party, such as a law-enforcement agency, notified them. Trustwave’s findings were almost identical: Only 16% of the cases it investigated last year were internally detected.

So if your password is something guessable, what’s the best way to make it more secure? Make it longer.

Adding complexity to your password — swapping “password” for “p@S$w0rd” — protects against so-called “dictionary” attacks, which automatically check against a list of standard words.

But attackers are increasingly using brute-force tools that simply cycle through all possible character combinations. Length is the only effective guard against those. A seven-character password has 70 trillion possible combinations; an eight-character password takes that to more than 6 quadrillion.

Even a few quadrillion options isn’t a big deal for modern machines, though. Using a $1,500 computer built with off-the-shelf parts, it took Trustwave just 10 hours to harvest its 200,000 broken passwords.

“We’ve got to get ourselves using stuff larger than human memory capacity,” independent security researcher Dan Kaminsky said during an RSA presentation on why passwords don’t work.

He acknowledged that it’s an uphill fight. Biometric authentication, smartcards, one-time key generators and other solutions can increase security, but at the cost of adding complexity.

“The fundamental win of the password over every other authentication technology is its utter simplicity on every device,” Kaminsky said. “This is, of course, also their fundamental failing.” To top of page

Poisoned Search Results: More of a Malware Threat Than You Probably Think

Poisoned Search Results: More of a Malware Threat Than You Probably Think | The Exchange – Yahoo! Finance

http://finance.yahoo.com/blogs/the-exchange/poisoned-search-results-more-malware-threat-probably-think-150643365.html

Poisoned Search Results: More of a Malware Threat Than You Probably Think

 | The Exchange ??? 12 hours ago

Be careful what you click on when searching the Web; the international cybercrime community is coming for you.

That’s the message from Internet security firm Blue Coat, which earlier this year found that poisoned search engine results remain the number one malware threat on the Web, accounting for a full 40 percent of all cyberattacks in 2011. The popular bait-and-switch tactic is nearly four times more likely to snag unsuspecting users than the once common email-based approach, which now only accounts for 11 percent of attacks. Social networking rounds out the top three threats with 6.5 percent.

The Blue Coat report was based on an analysis of the Web traffic of more than 75 million users.

“Searching is at least as dangerous as going into your email in-box and clicking on things,” Chris Larsen, Blue Coat’s chief malware expert, recently told USA Today.

The scam works like this: The bad guys set up themed “bait sites” using terms that are likely to show up in search engine results, as a way to trick users into visiting their sites. When the unsuspecting user clicks on a poisoned result in their search engine, thinking they are going to a legitimate site related to their search, they are served a site designed by the phishers to gather their financial information or get them to download a piece of malware or otherwise fall victim to whatever scam they are running. In many cases, users don’t even know they have been victimized until it’s too late.

A Numbers Game

It’s the sheer scale of search engine traffic that attracts the scammers. With millions of users clicking on Google and Bing search results every hour of every day, sooner or later someone is going to slip up and visit a malware site.

Still, the study revealed some interesting trends in search poisoning strategy. The conventional wisdom is that cyber criminals are more likely to focus on major news events or celebrity stories that would generate lots of traffic for their sites, but in fact they seem to prefer to target searches to terms that only a few people will be searching for to give themselves a better chance of showing up at the top of the search results page. People don’t expect poisoned search results when looking for obscure refrigerator parts or Christmas decorating ideas, Larsen said, so their guard is down and they are more likely to click.

And, unfortunately for everyday users, poisoned search results are far from rare. There were 26 million new malware samples reported in 2011, according to the Anti-Phishing Working Group, andnearly 40 percent of the world’s computers are thought to be infected. According to Blue Coat, 1 in every 142 searches last year led to a malicious link, while research by Web security firm Symantec has found that as many as one in three search results in its studies are poisoned. Either way, the odds heavily favor the bad guys.

Case in point: Earlier this year, search results related to the popular Hunger Games series of books and movies were poisoned on a large scale by cyber criminals, setting off international warnings from Web security firms.

Stay Safe Out There

So what can average users do to protect themselves from the risks of poisoned search results? Awareness is the key, as is a basic understanding of what legitimate Web addresses look like. Here are a few suggestions from Blue Coat.

Scan the site description ??? Google and Bing display two lines of “flavor text” alongside their text search results, which can provide clues to the site’s provenance. “Look for disjointed, random text, like it was mashed up by a computer (because it was).”

Check out the domain name ??? “Is it one you’ve heard of? Does it seem to have something to do with the topic you were searching for?”

Preview before clicking ??? “Google now has a ‘preview’ feature, where text-search results have a little button to the right. If you hover your mouse on it, it will display an image of the page. This lets you see if the page ‘looks legit.'”

Know your top level domains (TLDs) ??? “There are a lot of two-letter TLDs assigned to specific countries: .RU = Russia, .IN = India, etc. If you’re searching for a U.S. culture topic, like Halloween costume ideas, or Thanksgiving recipes, or Christmas decorations and your search returns results on .RU or .IN, etc, ask yourself if it’s likely that a site hosted there would really have good content about your search topic.”

Use protection ??? It’s always important to protect your computer with antivirus and antimalware software, which will block many of the malicious infrastructures that run search engine poisoning attacks.