HOW TO DISABLE THE SEND YOUR SEARCH HISTORY FEATURE IN MICROSOFT EDGE

Microsoft Edge can silently send search queries, demographics, and other data to Microsoft servers. Moreover, not only search data in Bing, but also search data in Google, DuckDuckGo, 
StartPage and other search engines.  

Typically, Edge warns the user about this literally in plain text. 

Or rather, a separate notice that states that the user now has the opportunity to help Microsoft improve its products and services, and that for this purpose it will collect his (the user’s) search data, but as if anonymously, that is, they “will never will be associated with the data of the user himself or his computer." The option that the user allows the company to collect this data is present in the open part of the Edge settings (in the “Optional diagnostic data” subsection) and is active by default. Simply put, if you use Microsoft Edge, you are already helping, and volunteering at that. 

WHERE TO CHECK AND HOW TO DISABLE THE FUNCTION OF SENDING YOUR SEARCH HISTORY IN MICROSOFT EDGE 

Taking into account the fact that in the mentioned notification there is a button that redirects to the browser settings, but you can only get to the main Settings page, we do the following: open Edge and continue: or copy the address into the search bar 

edge://settings/privacy#searchServiceImprovement 

and press Enter (at this address the subsection we need “Optional diagnostic data” should open automatically); 

 or open “Settings” Edge (3 buttons in the upper right corner of the screen > “Settings”), go to the “Privacy” section. search and services" and simply scroll down the screen to the Optional diagnostic data subsection: Turn off the option Send us optional diagnostic data about your browser usage, websites visited, and crash reports to help us improve Microsoft products ; and restart the browser. 

 WHAT DATA DOES EDGE SEND TO MICROSOFT? 

In response to this question, we can only quote an excerpt from the explanation, which was published on the official Edge Support page: We collect and use data from your searches in Microsoft Edge. We use your search results to make everyone's online experience more convenient, relevant and useful. We collect data from your online searches, including from sites that Microsoft does not own or control. The data collected may include your search query, the search results displayed, and your interaction with those search results, such as what links you click on. We may also collect demographic information. Of course, there is a strong suspicion that this is not all. But Microsoft support, as we see, clearly identified four elements: search queries, searching results, search interaction data (including links you click) and your demographics. And the company needs this information “To improve your experience in Microsoft Edge, Microsoft Bing, Microsoft News and other Microsoft services.”

Now even a light bulb can steal your Wi-Fi password.

Recently, vulnerabilities were discovered in TP-Link Tapo L530E smart bulbs and the TP-Link Tapo application. These vulnerabilities can pave the way for any malicious actor to access Wi-Fi credentials.

The vulnerabilities are related to unreliable authentication and a lack of random elements in symmetric encryption.

With the help of these vulnerabilities, a malicious actor can obtain the Wi-Fi credentials of the victim's network and control all devices connected to that network.

Until the vulnerabilities are fixed, I recommend not using these light bulbs and their associated application. 

Source: AntiHaker Blog  

Unlock / Delete File or Folder, Locked by a System or Applications

Choose the right tools

 Tested, works

 

 https://emcosoftware.com/unlock-it

Reconciling the DHCP Database

When inconsistencies in the DHCP database are detected, reconciliation of data across all scopes can resolve the problem. Lease information is stored in the database in two forms: detailed and summary. During reconciliation, these details are compared for contradiction. If found, the DHCP server either reverts the addresses  in question to the original owners or creates temporary reservations for them, valid for the assigned lease time. 

Access the DHCP console and select the relevant server from the console tree to perform reconciliation. 

On the 'Action' menu, click 'Reconcile All Scopes', then 'Verify'. 

Any inconsistencies are reported and can be fixed by clicking 'Reconcile'. 

If the database is found to be consistent, click OK.

To perform this process for an individual scope, click the applicable scope in the console tree, and from 'Actions', click 'Reconcile', and then 'Verify'. Any inconsistencies detected can be corrected by selecting the discrepancies and clicking 'Reconcile'.

AI helps to prevent accidental data exposure

 Hornetsecurity releases 365 Total Protection Plan 4 for Microsoft 365 with AI Recipient Validation that prevents misdirected emails.

AI Recipient Validation is one of 365 Total Protection’s newest features, providing security and compliance managers with true visibility into how often employees are exposed to potentially misdirected emails and how they respond to them. It protects the end user by providing a warning when an email they are about to send appears to be misguided or contain sensitive information. The user can decide to either adjust their email or continue to send without modification.

Additionally, this new AI-based service continuously updates its understanding of the user’s email communication patterns by learning user behaviour and responses. It then automatically adjusts warnings for outgoing emails and prevents users from receiving similar warnings multiple times.

Read more:

https://www.hornetsecurity.com/en/press-releases/launch-of-365tp-plan4-with-airv

Reminder
Tips for identifying malicious emails

Professional cyber attacks via email are very difficult to detect, but there are a few clues for detecting fraud. First of all, if a fraudulent email is suspected, Verify whether the sender address actually matches the original domain. Consider carefully whether the sender is really an acquaintance or business partner of yours or whether the email address only resembles that of the actual person. Check for spelling and grammar mistakes, especially if the email is supposed to come from a reputable company. An impersonal form of address in the cover letter, such as “Dear Ladies and Gentlemen,” is another clue. Be careful with links or buttons placed in emails, because as a “normal user” it is very difficult to check whether the apparent link target is actually correct. In case of doubt, it is safest not to click on any attached link.

GoldeN Rules- 13

 

Simplify IT concepts for non-technical users.

 

While IT professionals are familiar with terms like botnets, DDoS attacks, drive-by downloads, and spear phishing campaigns, many users may not be. It's crucial to make things easy to understand.

 

Think of it this way: imagine explaining complex ideas to a 5-year-old. That's the approach we should take when explaining cyber security to non-technical folks. We want to break it down into simple terms that anyone can grasp.

 

If you or your users need a handy reference, I recommend checking out this glossary of cyber security terms on TechAdvisory.com. It can be a great resource for understanding the jargon and making the topic more approachable.

Cybercrime Statistics 2023

As you will see, unlike most horror movie franchises that get progressively less frightening year after year (and eventually become silly), the story here has become even more terrifying.

• Approximately 43% of cyberattacks target SMBs. [Source]
• 60% of SMBs experienced at least one cyberattack in the last year, and 18% of them experienced six or more. [Source]
• 67% of SMBs said that they are more concerned about IT security now than a year ago. [Source]
• 32% of SMBs are allocating less than 5% of their IT budget towards IT security, which is below the recommended minimum amount. [Source]
• The average cyberattack insurance claim cost for SMBs is now $139,000 per claim (all figures in this article are USD), which is more than double the 2021 level. [Source]
• Cyber insurance premium costs have increased by an average of 28%, and many companies are finding it harder to get coverage. [Source]
• The financial toll of a cyberattack on SMBs now ranges from $120,000 to $1.24 million per incident, depending on factors such as the number of compromised records involved. [Source]
• The financial toll of a cyberattack on larger organizations has climbed to $4.54 million per incident — the highest number ever recorded. [Source]
• The number of malware attacks has reached 5.5 billion per year, which is 2% higher than the previous year. [Source]
• Zero-hour threats, which exploit vulnerabilities before they are known and patched, now account for 54% of all threats. [Source]
• Over 850,000 domain names per year are now reported for phishing. [Source]
• 71% of businesses say they have fallen victim to ransomware attacks. [Source]
• Approximately 50,000 websites are hacked each day, and there is an attack on a website every 39 seconds. [Source]
• 18% of all websites are alleged to contain critical severity threats, and 4.1 million websites contain malware at any given time. [Source]
• 17% of all cyberattacks are Business Email Compromise (BEC) attacks, in which hackers try and trick corporate victims into sending money or divulging confidential company information. [Source]
• 74% of organizations are at least moderately vulnerable to insider threats. [Source]
• The average ransomware payment has surged to $4.4 million. [Source]
• It takes an average of 277 days — or roughly 9 months — for businesses to identify and report a data breach. [Source]
• The number of IoT malware attacks annually reported has reached 112.3 million instances — an 87% year-over-year increase. [Source]
• The global cost of cybercrime is predicted to reach $8 trillion annually in 2023. [Source]

Source