Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Education online: Ad ...

 Tips

Nobody planned for the current situation, but because of COVID-19, all types of education, all around the world, whether K–12, university, or continuing professional education, have at least partially moved learning to the Internet. With summer breaks coming to an end, the issue of how online learning can be   show more ...

conducted as conveniently, effectively, and safely as possible for both students and teachers is once again top of mind. In this post, we present 10 pieces of advice that will help teachers make the most of online learning. However, we think students will find these tips useful as well —at least they’ll be on the same page as their teachers. 1. Learn about the tools you’ll be using Selecting the tools you will use to conduct your online classes — the videoconferencing platform, testing service, messaging app, and so forth — gives you the most flexibility. However, your educational institution may have chosen tools for you already. Regardless, you should get to know their capabilities and features as well as you can by reading through the instructions, learning the interface, and searching on the Internet for configuration guides. For example, we have a guide for using Zoom. If your school or university provides you with access to Office 365 or G Suite, for example, clarify with your administrator the full list of resources you can access and use for your classes. It’s possible you didn’t know about something useful. Gain access as soon as possible and learn how to use the services. 2. Understand the rules (and review them with your students) Your school or university probably has guidelines for the services they want faculty and staff to use, including what you may or may not use them for. And there are probably also rules stipulating which services are prohibited. For example, the school may have a policy forbidding the use of personal accounts for work purposes, or it may insist that everyone use a certain messaging app. You should know all of those rules and requirements. In addition, you should also stay in the loop about the rules for using school-issued equipment. You might be allowed to take your school laptop home, or you might not. You might be allowed to play solitaire on it in your free time. It’s worth checking. Last but not least, inform your students in advance about any requirements and restrictions that affect them as well. It is good practice to make such rules available in written form, too. 3. Limit your tools The IT tools you select to conduct classes should be convenient for both teacher and students. More tools does not necessarily mean a better experience. Before starting classes, make sure you have sufficient tools for the job and that all participants in the educational process are comfortable using them. The school may have access to a very large number of services. That does not mean you have to use all of them (unless your organization requires it). 4. Set a unique password for each service If someone manages to crack your password for one of the services you’re using, such as the videoconferencing platform, then you have a problem. But if you use the same password for the grading or reporting platform, that problem just got a lot bigger. Therefore, the following rule applies here just as it does for other services: For every account, you need one unique password. Of course, all of your passwords should be strong — long enough and not too obvious. We will not go into more detail here; we have written extensively about this. Don’t write your passwords on a piece of paper or otherwise store them where someone can find them. If you find it difficult to remember your passwords, use a special password manager, such as, for example, Kaspersky Password Manager. Finally, if at all possible, avoid situations in which several people share one account. In such cases, you may be unable to establish who made a particular change, and also, the more people using an account, the more vulnerable it is. A chain is only as strong as its weakest link, after all. 5. Develop a code of conduct for your classes During the first lesson (or better, before it), teachers and students should reach an agreement about class procedures. You may agree, for example, that everyone’s camera should be turned on by default, but only the teacher’s microphone should be on at the start of class. That is just an example, of course. Nevertheless, some code of conduct (preferably set in writing) is necessary in virtual classrooms just as it is in a traditional school setting. Following the code makes conducting class easier for teachers and helps students learn the material with fewer distractions. If you conduct classes for several grade levels, you may be able to hold one rule-setting session for everyone at once, saving everyone time. During the session, actively test the code of conduct so that teacher and students share common expectations for the school year. 6. Agree on backup channels Even the most reliable services sometimes encounter a glitch. The reason could be on the service provider side or at the network level of your institution. Regardless, you’ll need a backup plan. To avoid having to make up classes, figure out in advance which service your class will use if the default one isn’t working. For example, if students are unable to launch Teams at the beginning of the lesson should they join a Skype call immediately or find out the new plan in WhatsApp? Key for that plan to work is knowing in advance where to convene. 7. Maintain punctuality Remote learning, just like remote work, has its upsides and downsides. One of the latter is that some people may not realize others are waiting for them, which can cause them to be late. Ten people waiting for one person to start class is a pointless waste of time, which is why maintaining punctuality is imperative. If a lesson is supposed to start at 10:00, start it at exactly 10:00. (It is a best practice to connect to the videoconferencing service several minutes before the start of class to make sure everything is working properly and that everyone has any necessary documents on hand. Let any latecomers connect without comment; arriving late to an online classroom is not as disruptive as arriving in a physical classroom after the bell has rung.) 8. Guard your educational accounts Pay careful attention to the accounts you use for educational purposes. You should have no problems accessing them at any moment, and no one else should be able to log in to them. If you are a teacher, your accounts may be of some interest to your students, but ordinary student meddling (say, altering grades) is far from your biggest concern. An attacker who gains access to your account can also obtain the personal data of the other students in the class, which could lead to legal consequences. If a student loses access to their account, their time will be wasted restoring access or creating a new account. They may also lose the information saved in the account. Though not as critical as the loss of a teacher’s account, it’s still unpleasant and worth avoiding if possible. All educational accounts need protection. If the service allows it, turn on two-factor authentication for everyone. 9. Understand how to recognize phishing e-mails Educational platforms and videoconferencing services being popular, they are of interest to cybercriminals. These attackers create phishing websites and send out phishing e-mails intended to lure you to their site, where they steal your account credentials. Therefore, it is important to know how to distinguish phishing attempts from official mailings and the messages legitimate services might send. Phishing sites often contain errors, misaligned layouts, and broken links, but sometimes scammers manage to create phishing pages that are indistinguishable from the real thing. First, look at the website address in the browser address bar. If it is different by even one character from the address of the service’s official website, do not enter any personal information on the page. We also recommend this post about how to protect yourself from phishing. 10. Protect devices You need reliable protection on every device you use to access educational resources. If a student’s school computer is crawled by ransomware, for example, restoring the computer and files can waste a lot of valuable time. And if a teacher’s computer becomes compromised, things can get even more interesting. Some malware may try to spread to students’ devices. That is why you need reliable protection on all computers, smartphones, and tablets.

 Threat Intel & Info Sharing

Romance or confidence scams drew nearly 20,000 complaints back in 2019, with losses totaling almost half of billion dollars, according to the FBI's Internet Crime Complaint Center (IC3).

 Breaches and Incidents

It's unclear at this time what damage has been done but it does not appear any data was stolen. Staff was forced to shut down the entire network to remove the threat and restore the systems.

 Breaches and Incidents

The CISA and the FBI issued an alert warning financial institutions of BeagleBoyz who have attempted to steal nearly $2 billion since 2015 by rendering financial institutions’ systems inoperable.

 Feed

Red Hat Security Advisory 2020-3581-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only   show more ...

allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a password leak vulnerability.

 Feed

Gentoo Linux Security Advisory 202008-24 - Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in the arbitrary execution of code. Versions less than 8.262_p01:8 are affected.

 Feed

Gentoo Linux Security Advisory 202008-20 - Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which could result in the arbitrary execution of code. Versions less than 9.52 are affected.

 Feed

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

 Feed

Red Hat Security Advisory 2020-3585-01 - Red Hat JBoss Enterprise Application Platform CD20 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform CD20 includes bug fixes and enhancements. Issues addressed include XML injection,   show more ...

deserialization, man-in-the-middle, memory exhaustion, remote SQL injection, and traversal vulnerabilities.

2020-08
Aggregator history
Monday, August 31
SAT
SUN
MON
TUE
WED
THU
FRI
AugustSeptemberOctober