Cybersecurity

“Using your mobile network connection is generally more secure than using a public wireless network.”
https://www.us-cert.gov/ncas/tips/ST05-017 (Access date 2017-07-19)

Security-announce — Product security notifications and announcements from Apple: https://lists.apple.com/mailman/listinfo/security-announce (I added this url to this blog post on 2017-09-03)

ICS-CERT and US-CERT activity/alerts/bulletins/tips subscription system: https://www.us-cert.gov/ncas
To sign up, go to the paragraph below the items listed “Current Activity”, “Alerts”, “Bulletins”, and “Tips”, and click on the link in the sentence “To learn more or to subscribe, visit the subscription system.” Or, to go directly to that page (however note that the page is relatively non-descript, so you don’t really know what you’re signing up for if you go directly to the page), go to https://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new
(I added this to this blog post on 2017-09-03)

Stay safe while traveling: FTC Releases Alert on Digital Security While Traveling (Article was released 2017-07-14, I added it here on 2017-09-11)

Don’t answer calls that you get on your own phone from your own phone number, because they are scammers/hackers. https://www.consumer.ftc.gov/blog/2015/07/getting-calls-your-own-number

Harden (https://en.wikipedia.org/wiki/Hardening_(computing)) a mac with instructions from http://docs.hardentheworld.org/OS/MacOS_10.12_Sierra/index.html

If anyone calls claiming to be from Equifax, it’s probably best to hang up, but US-CERT specifically says “Legitimate Equifax representatives will not contact consumers to ask for verification of their information.” https://www.us-cert.gov/ncas/current-activity/2017/09/14/Potential-Phishing-Scams-Related-Equifax-Data-Breach

2018-05-23 VPNFilter Destructive Malware: “NCCIC is aware of a sophisticated modular malware system known as VPNFilter. Devices known to be affected by VPNFilter include Linksys, MikroTik, NETGEAR, and TP-Link networking equipment, as well as QNAP network-attached storage (NAS) devices. Devices compromised by VPNFilter may be vulnerable to the collection of network traffic (including website credentials), as well as the monitoring of Modbus supervisory control and data acquisition (SCADA) protocols.”

Hanging Up on Mobile in the Name of Security; TL;DR: NEVER sign up for SMS-based one-time authentication tokens for something that has monetary value.
 

Understanding Firewalls (US-CERT)

2018-09-27 October is National Cybersecurity Awareness Month (2018)
2018-10-02 National Cybersecurity Awareness Month: Cybersecurity at Home