Blog Feed
How to Set Up Two-Factor Authentication on LocalBitcoins with Protectimus Slim NFC
Learn more about Protectimus Slim NFC token or order one here: Protectimus Slim NFC The best 2FA token to protect your LocalBitcoins account! How to enable two-factor authentication with hardware 2FA token Protectimus Slim NFC in LocalBitcoins cryptocurrency exchange. Make sure that your Android smartphone supports NFC technology and download the Protectimus TOTP Burner application. Log in your LocalBitcoins account and initiate the enrolment of the software token: Choose “Edit profile” from the pop-up menu in the right upper corner -> Go to “Security” section -> Click “Edit Security options” -> Click “Enable two-factor authentication” -> Choose “Mobile app based two-factor authentication” and click “Proceed to activation” -> You will see the QR code with the secret key (seed). Use it to program the Protectimus Slim NFC token. Program the Protectimus Slim NFC token by scanning the QR code. Learn how to program Protectimus Slim NFC token here. Save the QR code in a very safe place to use it as a backup in the future. To finish the token enrollment enter the one-time password from Protectimus Slim NFC in the field “Authentication code” and tick the checkbox below if you saved the secret code. Enjoy reliable and convenient protection for your LocalBitcoins...
read moreHow to Set Up Two-Factor Authentication on EpicNPC with Protectimus Slim NFC
Learn more about Protectimus Slim NFC token or order one here: Protectimus Slim NFC The best 2FA token to protect your EpicNPC account! How to enable EpicNPC two-factor authentication with hardware OTP token Protectimus Slim NFC. Download the Protectimus TOTP Burner application. Login to EpicNPC account and initiate the enrolment of the software token: Choose “Settings” section on the main bar -> Choose “Two-Factor AUthentication” from the settings list -> Click the “Enable Two-FActor Authentication” button -> You will see the QR code with the secret key (seed). Use it to program the Protectimus Slim NFC token. Program the Protectimus Slim NFC token by scanning the QR code. Learn how to program Protectimus Slim NFC token here. To finish the token enrollment enter the one-time password from Protectimus Slim NFC token in the field “Code Validation”. Enjoy reliable and convenient protection for your EpicNPC...
read moreHow to Set Up Two-Factor Authentication on CEX.io with Protectimus Slim NFC
Learn more about Protectimus Slim NFC token or order one here: Protectimus Slim NFC The best 2FA token to protect your CEX.io account! CEX.io cryptocurrency exchange asks its users to enable 2-factor authentication immediately after registration. But if you don’t use two-factor authentication on CEX.io you can always activate in in security settings. We prepared 3 guides to add hardware security token Protectimus Slim NFC to CEX.io cryptocurrency exchange: For those who are new on CEX.io. For CEX.io users who never activated 2-factor authentication, and now want to enable it with Protectimus Slim NFC. For those who already use 2-factor authentication with software OTP token. Guide 1 How to enable CEX.io 2FA with Protectimus Slim NFC for those who are new on CEX.io. Download the Protectimus TOTP Burner application. Sign up to CEX.io. After registration, choose two-factor authentication via Smartphone app. You will see the QR code with the secret key (seed). Use it to program the Protectimus Slim NFC token. Program the Protectimus Slim NFC token by scanning the QR code. Learn how to program Protectimus Slim NFC token here. Download 2FA backup key. To finish the token enrollment enter the one-time password from Protectimus Slim NFC in the field “Enter 2FA code from the app” and press the button “Next”. Guide 2 How to enable CEX.io 2FA with Protectimus Slim NFC for existing accounts without enabled two-factor authentication. Download the Protectimus TOTP Burner application. Login to your CEX.io account and initiate the enrolment of software token: Choose “Profile” section from the drop-down menu in the right upper corner -> Go to “Security” settings -> Enable two-factor authentication -> Choose 2-factor authentication via Smartphone app. You will see the QR code with the secret key (seed). Use it to program the Protectimus Slim NFC token. Program the Protectimus Slim NFC token by scanning the QR code. Learn how to program Protectimus Slim NFC token here. Download 2FA backup key. To finish the token enrollment enter the one-time password from Protectimus Slim NFC in the field “Enter 2FA code from the app” and press the button “Next”. Guide 3 How to enable CEX.io 2FA with Protectimus Slim NFC for those who already use 2-factor authentication with software OTP token. Note: DON’T delete Google Authenticator or another application you use for OTP generation until you finish the Protectimus Slim NFC setup. Download the Protectimus TOTP Burner application. Login to your CEX.io account and disable 2-factor authentication with software token: Choose “Profile” section from the drop-down menu in the right upper corner -> Go to “Security” settings -> Click the “Edit settings” button -> Deactivate 2FA -> Enter one-time password from your software authenticator to disable authentication app -> Confirm your actions -> Click the button “I’d like to proceed anyway”. Initiate the enrolment of software token one more time: Choose “Profile” section from the drop-down menu in the right upper corner -> Go to “Security” settings -> Enable two-factor authentication -> Choose 2-factor authentication via Smartphone app. You will see the QR code with the secret key (seed). Use it to program the Protectimus Slim NFC token. Program the Protectimus Slim NFC token by scanning the QR code. Learn how to program Protectimus Slim NFC token here. Download 2FA backup key. To finish the token enrollment enter the one-time password...
read moreHow to Set Up Two-Factor Authentication on Bitlio with Protectimus Slim NFC
Learn more about Protectimus Slim NFC token or order one here: Protectimus Slim NFC The best 2FA token to protect your Bitlio account! How to enable two-factor authentication with hardware 2FA token Protectimus Slim NFC in Bitlio cryptocurrency exchange. Make sure that your Android smartphone supports NFC technology and download the Protectimus TOTP Burner application. Login your Bitlio account and initiate the enrolment of the software token: Click “My Account” and choose “Activate 2-Factor Authentication” from the drop-down menu -> Click the “Get Started” button -> You will see the QR code with the secret key (seed). Use it to program the Protectimus Slim NFC token. Program the Protectimus Slim NFC token by scanning the QR code. Learn how to program Protectimus Slim NFC token here. Save the QR code in a very safe place to use it as a backup in the future. To finish the token enrollment enter the one-time password from Protectimus Slim NFC OTP token in the corresponding field and click “Verify”. Congratulations! Now, 2FA is...
read moreHow to Set Up Two-Factor Authentication on Luno with Protectimus Slim NFC
Learn more about Protectimus Slim NFC token or order one here: Protectimus Slim NFC The best 2FA token to protect your Luno account! How to enable two-factor authentication with hardware OTP token Protectimus Slim NFC in Luno cryptocurrency exchange. Download the Protectimus TOTP Burner application. Login to your Luno account and initiate the enrolment of software token: Go to the account settings -> Enable two-factor authentication -> Read important information before proceeding further -> You will see the QR code with the secret key (seed). Use it to program the Protectimus Slim NFC token. Program the Protectimus Slim NFC token by scanning the QR code. Learn how to program Protectimus Slim NFC token here. Write down or print your recovery code to use it as a backup in the future if needed. To finish the token enrollment enter the one-time password from Protectimus Slim NFC in the field “Code” and press the “ENABLE” button. Enjoy reliable and convenient protection for your Luno...
read moreHow to Set Up Two-Factor Authentication on Livecoin with Protectimus Slim NFC
Learn more about Protectimus Slim NFC token or order one here: Protectimus Slim NFC The best 2FA token to protect your Livecoin account! How to enable the Livecoin two-factor authentication with Protectimus Slim NFC hardware OTP token. Make sure that your Android smartphone supports NFC technology and download the Protectimus TOTP Burner application. Log in your Livecoin account and initiate the enrolment of the software token: Go to the Livecoin account settings -> Choose the “Security” section -> Choose advanced security level “Leven 2: advances” and click the “Change security level” button -> You will see the QR code with the secret key (seed). Use it to program the Protectimus Slim NFC token. Program the Protectimus Slim NFC token by scanning the QR code. Learn how to do this here. After programming the Protectimus Slim NFC token click “Continue” button -> To finish the token enrollment enter the one-time password from Protectimus Slim NFC token, as well as confirmation code from the e-mail and your PIN code. Then press “Continue”. Enjoy reliable and convenient protection for your Livecoin account — make hackers’ lives...
read moreHow to Set Up Two-Factor Authentication on Nintendo with Protectimus Slim NFC
Learn more about Protectimus Slim NFC token or order one here: Protectimus Slim NFC The best 2FA token to protect your Nintendo account! How to enable the Nintendo 2-step verification with hardware OTP token Protectimus Slim NFC. Make sure that your Android smartphone supports NFC and download the Protectimus TOTP Burner application. Log in your Nintendo account and initiate the enrolment of the software token: Go to the Account Settings -> Choose “Sign-In and Security Settings” section -> Click the “Edit” button for 2-step Verification settings -> Start 2-Step Verification setup -> Verify your e-mail address -> Then you’ll see the QR code with the secret key (seed) -> Program the Protectimus Slim NFC token by scanning the QR code. Learn how to program Protectimus Slim NFC token here. Enter the one-time password generated with the help of Protectimus Slim NFC token in the field “Code”. Enjoy reliable and convenient protection for your Nintendo account with Protectimus Slim...
read moreHow to Set Up Two-Factor Authentication on Poloniex with Protectimus Slim NFC
Learn more about Protectimus Slim NFC token or order one here: Protectimus Slim NFC The best 2FA token to protect your Poloniex account! How to enable two-factor authentication with hardware OTP token Protectimus Slim NFC in Poloniex cryptocurrency exchange. Download the Protectimus TOTP Burner application. Login to your Poloniex account and initiate the enrolment of software token: Go to Settings and choose “Two-Factor Authentication” -> You will see the QR code with the secret key (seed). Use it to program the Protectimus Slim NFC token. Program the Protectimus Slim NFC token by scanning the QR code. Learn how to program Protectimus Slim NFC token here. Save the backup codes. To finish the token enrollment enter your password and the one-time password from Protectimus Slim NFC and press the “Enable 2FA” button. Enjoy reliable and convenient protection for your Poloniex...
read moreThe Petya Virus: How It All Went
27 June 2017 could be called Ukrainian history’s “black cyber Tuesday”. On that day, the NotPetya (Petya.A, ExPetr) attack began, affecting almost all sectors in the country: communications, energy, banking, media, and transportation. The Petya ransomware is far from the first test of the strength of Ukraine’s infrastructure. Such attacks have been attempted at least three times. The first two attacks didn’t take place on such a large scale, but were highly unpleasant: in late 2015, the BlackEnergy virus, targeting energy company “Ukrenergo”, led to blackouts in some areas. Exactly a year later, in December 2016, some commercial banks and the Ministry of Finance were targeted along with, once again, Ukrenergo. But up to that point, nothing like this had happened. What it was Initially, Petya took the form of a file-encrypting virus which would subsequently demand a ransom. Hackers promised a decryption key to users who sent $300 worth of Bitcoins to their electronic wallet. However, these users received no code after transferring the funds, and decryption of the data remained impossible. Some experts, having analyzed the hackers’ strategy, noted that ransomware doesn’t work that way; receiving the ransom funds was not the goal of this attack’s organizers. As time passes, there is more and more support for the belief that the NotPetya malware was only disguised as ransomware. Its main purpose was another: the destruction of information stored on affected computers’ disks. Based on this, the malware can be categorized as a wiper, rather than ransomware. The encryption-decryption story was there only to divert users’ attention. There is also another version of the story. The alternate story argues that the attackers’ goal was to obtain control over all the infected computers, which would persist even after the removal of the virus and cleaning up of disks. In response to this, though, it can be observed that the method by which the attack was executed was too “loud”, attracting too much attention. A real spy would have attempted to gain a foothold, so to speak, on victims’ computers in the least noticeable way possible, without advertising the infection. Thus, an attempt to cause chaos in large organizations and companies, causing them material losses as well as damaging their image, seems more realistic. How it got in and spread One of the main infection vectors was the accounting software M.E.Doc, used for submission of reports and circulating electronic documents in a majority of Ukraine’s enterprises and organizations. An investigation carried out by Ukraine’s cybersecurity team showed that malicious code was injected into an update for the program. Thus, only the computers on which users downloaded the update were immediately infected. The malware then spread through corporate networks, including to machines on which the notorious M.E.Doc had not been installed. This was possible because back in the spring of 2017, the attackers gained control of an account used by an employee of the developer (Intellect Service), thereby receiving access to the program’s source code. An additional risk factor was the use of outdated software on the company’s server. That very server, in fact, went four years without being updated. Another way the file-encrypting virus arrived on computers was through phishing emails that contained links which triggered a download of the malware. After infection and a spontaneous reboot, access to these...
read moreSocial Engineering: What It Is and Why It Works
What do advanced network hackers have in common with run-of-the-mill scammers lying in wait for unsuspecting victims on the street? Both of them make extensive use of social engineering. …though many of them don’t even know this term. Social engineering refers to a method of acquiring desired information by using psychology; in particular, the weakness of the human factor. The fact that the reaction of Homo sapiens is largely predictable. Knowing this, it’s possible to “program” the behavior of both individuals and groups. Examples of social engineering can be found both online and in everyday life. It’s used in marketing and political campaigns, for which terabytes of information about people’s preferences and habits is gathered in advance. After all, knowing typical behavioral and preferential patterns makes it possible to target advertisements that encourage people to buy something, order something, or vote for a particular candidate. Practices like these certainly aren’t going to please everyone, but at least as far as legal collection of information is concerned, citizens do have the option to not share their data. For example, internet users can prohibit sites from tracking their search and geolocation history. The criminal application of social engineering techniques is first and foremost to obtain some desired confidential information, naturally without any thought as to the victims’ wishes. The standard procedure used by these social hackers consists of several basic steps: Choosing a valuable target. Collecting data on the target in order to find the most vulnerable avenue of attack. Creating a scenario based on the collected data — this scenario should coerce the victim into taking some action desired by the attacker. (On the internet, the goal is usually to facilitate unauthorized access to a computer system, bypassing authentication and other security measures.) Speaking of coercion: it’s important to note that there is no outright force involved; instead, the manipulation is transparent to the target, who thinks they are acting of their own free will. We can model such a situation, in which the victims themselves turn to the attacker for “help”. For example, a flyer with the contact information for a tech support service is left in some conspicuous location in an office, and the attacker remotely creates some sort of problem on an office computer. As a result, the user him/herself turns to the attacker, and in the process of “solving the problem”, they disclose the information desired by the attacker. Basic social engineering techniques Phishing One way to obtain confidential information from the user is through phishing. In this technique, an e-mail is sent to the victims, supposedly from their bank or some other authoritative organization, asking the user to enter some information into a form, such as a username, password, card number, or PIN code. In addition to revealing sensitive information to the attacker, the phishing victims also risk having their devices infected by malware when navigating to the fake website or filling out the form. (We cover the dangers of phishing and how to protect yourself from it in another post.) Trojan Viruses Trojan viruses are a variation on the previous method, typically also distributed through e-mail. Instead of a fake form to fill out, the email features an attachment containing malware which can collect or modify data on the user’s computer at a later...
read more