Have You Restricted Your Google History?

The internet and search engine giant, Google, has proliferated the digital world such that it has become difficult to sidestep their persistent presence. Admittedly, we all continue to use google products packaged in different forms. From google chrome to maps and a plethora of other dependent and integrated apps, Google has become the giant David can no longer sling down. While other search providers such as Microsoft’s Bing, Yahoo, Yandex, or Baidu exist, Google is by far the most used search engine.  Google’s dominance is by no chance breaking news. By now, we all know that Google collects user data for different purposes including marketing and “improvement” of service delivery. The caveat is that most of us do not know that we can opt-out of wanton data collection and retention. while Google will continue to footprint our activities in many ways as aided by wide cross-platform outreach, doing what we can with what we have can certainly go a long way toward limiting data collecti

Top 5 Things you are probably doing wrong with your phone - A cybersecurity perspective

Since the invention of the first smartphone in 1992 , humanity has raced to acquire the latest gadgets on the market. Smartphone makers have equaled the challenge to satisfy a technology-hungry population that now accounts for over 6.5 billion smartphones globally. While this technology adoption has largely been beneficial to globalization and economic development, it has become a source of security risk.  I previously wrote an article about the proliferation of mobile phone viruses and how to take care of them . Even so, old habits die hard. You still need to consider whether some of your tendencies make it easy for attacks and unauthorized access. Below are what I consider the most common mistakes people do with their smartphones to the delight of the bad guys; 1. Implementing easy device security settings The first entry point to a smartphone is the screen lock that requires a pattern/pin/fingerprint/password to unlock. People assume that since they have little to lose or hide, t

Still think strong passwords are overrated? Think twice!

A few months ago, I wrote about various ways attackers could make attempts on your passwords for nefarious purposes. In case you did not read it, do so here right away.  Since then, have you really cared to reinforce your passwords to conform to best practices? Some of the discussed password strengthening strategies I highlighted included using unique passphrases that are a mix of 8 characters or more, not recycling passwords for use in more than one site, and using password managers in case you feel overwhelmed by the number of passwords you need to cram and/or use.  In case you are not convinced that you need to have really good passwords, let me make an attempt to crack a deliberately weak WIFI password from one of my routers. To do this, I will set a generic password i.e. password123 as my WIFI password, and then attempt to crack it.  While practical, this article is for demonstration purposes. Never attempt to crack passwords at your workplace or target devices and infrastructure

Basic tools for Open Source Intelligence (OSINT) and Cybersecurity

With increasing application of technology across different domains world over, information has become the new oil upon which organizations base their business strategies. Alongside the proliferation of technology and a myriad of increasingly significant fields such as data science, more and more organizations are becoming cognizant of the enormous advantages data and information can present. While organizations will feel the need to protect their assets with greater urgency, even the least of tech savvy individuals can make use of tools and technologies that make it easy to at least  muster the basics of information acquisition.  This article is for groups of people who may want to know the general basics of information gathering from freely accessible sources (OSINT). Whether you are a doctor or a mason, information gathering will ultimately be important in building a knowledge base vital for both personal and professional use. By extension, any individual would naturally be interest

Password Attacks: How Much do you Know?

Image There are a variety of ways hackers can get hold of your passwords to compromise the confidentiality, integrity, and availability of your system/accounts. The type and severity of the attacks will depend on the willingness to get hold of your accounts and whether you present anything of value to the attacker's course. Nonetheless, everyone needs to know the methods hackers can use to get breach the integrity of their passwords. Whether you are a clueless toddler with a tablet or a tech-savvy CEO, understanding password attacks will better help you know how to protect yourself.  Non-Electronic Password Attacks Non-electronic password attacks are a common tool for attackers without any deep technical knowledge. Such malicious actors will use subtle ways to get wind of your passwords, more so without your knowledge. One such way is through social engineering , where the individual will manipulate and trick you into revealing your password. The attack might for exampl

True Story: How I Was Scammed Through Social Engineering (With Illustrations)

Four years ago –2017– I was a victim of a well orchestrated social engineering attack that left me–and other students– a thousand shillings sorry . At this time, I was a 3rd Year student taking computer technology that would later, in hindsight, transition me to the cybersecurity profession. Now I know better and can perhaps laugh at how na├»ve I was, and by extension, how scammers know how to tap desperation and capitalize on the gullibility of campus students. Here is the narrative! On Wednesday April 26, 2017, I applied for a data entry job that I had heard of by word of mouth and through social media platforms. Such opportunities were always hard to come by, and with the long holidays about to kick in, such a chance was bound to attract many students across public universities. So, as the rest of the comrades, I diligently applied for the position that had supposedly been advertised by the ministry of education seeking data entry clerks to work with.   Barely three hours after app