FreesTech

27/02/2024

Durban Burger Beach Couple Date Experience: Shop now on hk Top2 Shopping and go enjoy your relationship.

hlubi kabelo top2 shopping lets you easily buy and create date experiences to enjoy life with yourself, partner, friends or family.

06/02/2023

"ATTENTION SOUTH AFRICANS” Are you aware of your rights as a data subject under the Protection of Personal Information Act (POPIA)? This act grants you several rights, including

THE RIGHT TO BE INFORMED
The right to be informed under POPIA is an important aspect of the act that ensures that individuals are aware of how their personal information is being used and that they have given their consent to the collection, use, and sharing of their personal information. Organizations must be transparent and clear in their communication with individuals and obtain their consent in order to be compliant with POPIA.

THE RIGHT OF ACCESS
The right of access under POPIA gives individuals the right to request and receive a copy of their personal information that is being held by organizations, and to correct any errors or inaccuracies in their personal information. Organizations are required to provide the requested information and make any necessary corrections within a reasonable time frame and at no cost to the individual.

THE RIGHT TO RECTIFICATION
The right to rectification under POPIA gives individuals the right to have their personal information that is being held by organizations corrected if it is inaccurate or incomplete. Organizations are required to take reasonable steps to ensure that the personal information they collect and process is accurate, complete, and up-to-date, and to respond to requests for rectification within a reasonable time frame and inform any third parties to whom the personal information was disclosed.

THE RIGHT TO ERASURE
The right to erasure under POPIA gives individuals the right to request that organizations delete their personal information. Organizations are required to delete personal information when it is no longer needed for the purpose for which it was collected, or when an individual withdraws their consent for the processing of their personal information, or if it was processed unlawfully, or if erasure is necessary to comply with a legal obligation. However, this right is not absolute and there may be situations where organizations are not able to delete all of the personal information that an individual requests

THE RIGHT TO RESTRICT PROCESSING
The right to restrict processing under POPIA gives individuals the right to request that organizations temporarily or permanently stop processing their personal information in certain circumstances. This includes when they contest the accuracy of their personal information, or if they believe the processing of their personal information is unlawful. Organizations are required to restrict the processing of the personal information while they verify the accuracy of the information or investigate the alleged unlawful processing, unless they can demonstrate compelling legitimate grounds for the processing that override the interests, rights and freedoms of the individual.

THE RIGHT TO OBJECT
The right to object under POPIA gives individuals the right to object to the processing of their personal information in certain circumstances, when they believe that the processing of their personal information is based on the legitimate interests of the organization, and that these legitimate interests are overridden by the individual’s fundamental rights, freedoms and interests. Organizations are required to stop processing the personal information in the manner requested by the individual, unless they can demonstrate compelling legitimate grounds for the processing that override the interests, rights and freedoms of the individual.

THE RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION MAKING
The right not to be subject to automated decision making under POPIA gives individuals the right to request that organizations not make decisions about them based solely on automated processing of their personal information. Organizations are prohibited from making decisions about individuals based solely on automated processing of their personal information, unless the individual has given their explicit consent, or unless the decision is necessary for the performance of a contract or is authorized by law. When an individual requests not to be subject to automated decision making, organizations must take steps to comply with the request, to ensure that the decision is fair and accurate.

THE RIGHT TO LODGE A COMPLAINT
The right to lodge a complaint under POPIA gives individuals the right to make a complaint to the Information Regulator if they believe that their rights under the act have been violated. The Information Regulator is an independent body established to oversee the implementation and enforcement of POPIA, has the power to investigate complaints, conduct audits and impose fines or penalties on organizations that violate POPIA. Before lodging a complaint, an individual must first raise their concern with the responsible party, such as the organization, and allow them a reasonable time to respond.

30/01/2023

Discussion #5 - Password Security

Password security refers to the measures taken to ensure the protection and confidentiality of passwords used to access online accounts, systems, and networks

The following are common BEST Practices for creating secure passwords :

USE A MIX OF UPPERCASE & LOWERCASE LETTERS, NUMBERS, & SPECIAL CHARACTERS :

Characters to make your password more complex and difficult to guess.
Using a mix of uppercase and lowercase letters, numbers, and special characters in a password makes it more complex and difficult for hackers to guess. This is because it increases the number of possible character combinations and makes it harder for automated programs or hacking tools to crack the password using a brute force attack. Additionally, using a mix of different characters also makes it harder for someone to visually guess the password if they happen to see it written down or typed in.

PASSWORDS SHOULD BE AT LEAST 12 CHARACTERS LONG:

Length is important because it increases the number of possible combinations for a password, making it more difficult for hackers to crack it through brute force attacks or dictionary attacks. A longer password also makes it more difficult for someone to guess or determine through social engineering. By requiring a password to be at least 12 characters long, it creates a stronger barrier for potential attackers.

AVOID USING GUESSABLE INFORMATION, SUCH AS YOUR NAME, ADDRESS, OR BIRTHDATE:

Using easily guessable information in your password makes it more vulnerable to being cracked by someone attempting to gain unauthorized access to your account. Personal information such as your name, address, or birthdate can often be found through publicly available records or through social engineering tactics, making it easy for a hacker to guess your password. By avoiding the use of this type of information in your password, you are making it more difficult for someone to gain access to your account.

USE A DIFFERENT ACCOUNT FOR EACH OF YOUR ONLINE ACCOUNTS:

Using a different password for each online account is important because if a hacker or malicious individual gains access to one of your accounts using a compromised password, they will not have access to all of your other accounts. This helps to limit the potential damage that can be caused by a compromised password and ensures that your other accounts remain secure. Additionally, using different passwords for each account makes it more difficult for hackers to crack multiple accounts by using the same attack methods. This is an important best practice in password security to protect your personal and sensitive information from cyber threats such as hacking and identity theft.

AVOID USING COMMON WORDS OR PHRASES SUCH AS “password”or “1234” :

This is important because common words and phrases are easily guessable and can be easily cracked by hackers using automated software and dictionary attacks. By using unique and non-guessable words or phrases, it makes it much harder for hackers to crack the password, therefore increasing the security of the account. Additionally, using a combination of letters, numbers, and special characters can also make the password even more complex and harder to crack.

USE A PASSWORD MANAGER :

Using a password manager to generate and store complex passwords is important because it helps to ensure that each password is unique, long, and difficult for hackers to guess. Additionally, a password manager can automatically fill in login information, making it easier for you to use different passwords for different accounts. This way, even if one password is compromised, the others will still be secure. Additionally, password manager encrypts the password with high level encryption and protects them with a master password which is known only to you. This ensures that, even if the password manager is hacked, your passwords will still be safe.

DON'T WRITE DOWN YOUR PASSWORD, OR SHARE IT WITH OTHERS:

Writing down or sharing your passwords can lead to them being compromised, as anyone with access to the written password or the person you shared it with can use it to gain access to your accounts. Additionally, if the written password or shared information is lost or stolen, your accounts are at risk of being hacked. Using a password manager is a more secure way to store and manage your passwords.

CHANGE YOUR PASSWORD REGULARLY AT LEAST ONCE EVERY MONTHS:

It is important to change your passwords regularly because it reduces the amount of time that a hacker has to try to crack your password. Also, over time, it is possible for passwords to become compromised through data breaches or other means. By regularly changing your passwords, you can ensure that your accounts stay secure and reduce the risk of unauthorized access. Additionally, by setting a reminder to change your passwords every 3-6 months, you can make it a habit and not forget to do it.

USE MULTI-FACTOR AUTHENTICATION (MFA) WHEN POSSIBLE :

Using multi-factor authentication (MFA) adds an extra layer of security to your account because it requires more than one method of identification to gain access. This means that even if a hacker has obtained your password, they will not be able to access your account without access to the additional form of identification, such as a fingerprint or a code sent to your phone. This helps to prevent unauthorized access and keeps your account more secure. Additionally, MFA can protect against certain types of attacks such as phishing and keylogging, as well as account takeover attacks. It makes it harder for hackers to gain access to sensitive data and personal information which is being stored in the network.

For More Info
Email : [email protected]
Website :

A new Flutter project.

26/01/2023

Discussion #4 Public WI-FI Security

Public Wi-Fi refers to wireless internet access that is provided in public places such as airports, hotels, cafes, and libraries. It allows users to connect to the internet using their personal devices, such as smartphones, laptops, and tablets. Public Wi-Fi is convenient and often free to use, making it a popular option for people on the go or in need of internet access. However, because public Wi-Fi networks are often unsecured, it can put users at risk for cyber attacks and data breaches. Therefore, it's important to be aware of the potential risks and take necessary precautions to protect personal and sensitive information when using public Wi-Fi.

What are the Risks?

HACKERS CAN INTERCEPT YOUR INFORMATION ( Man in the Middle Attack)

A man-in-the-middle (MitM) attack is a type of cyber attack where an attacker intercepts and alters communication between two parties. This can occur on public Wi-Fi networks, where an attacker can gain access to the network and intercept communication between a user and the internet.

In a MitM attack on public Wi-Fi, an attacker can use a variety of techniques to intercept and alter communication, once the attacker has intercepted the communication, they can then alter or steal sensitive information being transmitted, such as login credentials, personal information, and financial information. They can also inject malicious code into the communication, such as malware or phishing links, which can compromise the user's device or steal personal information.

To protect against MitM attacks on public Wi-Fi, it's important to use a VPN (Virtual Private Network) when connecting to public Wi-Fi networks. VPNs encrypt all communication between the device and the internet, making it much more difficult for an attacker to intercept and alter the communication. It is also important to be cautious of free Wi-Fi and to avoid sensitive transactions when connected to public Wi-Fi. Additionally, it's good practice to keep your device updated and use a firewall, and be aware of the suspicious requests and pop-ups that may appear when connected to a public Wi-Fi network.

HACKERS CAN DISPLAY ROGUE ACCESS POINT(RAP) TO LURE YOU.

A rogue access point (RAP) attack is a type of man-in-the-middle (MitM) attack that targets public Wi-Fi networks. In this type of attack, an attacker creates a fake Wi-Fi access point with a similar name to a legitimate one in order to trick users into connecting to the attacker's access point.

Once a user has connected to the rogue access point, the attacker can intercept and alter all communication between the user and the internet. This can include stealing login credentials, personal information, and financial information. The attacker can also inject malicious code into the communication, such as malware or phishing links, which can compromise the user's device or steal personal information.

RAP attacks are particularly dangerous because they can be difficult to detect. The fake access point may have a similar name to a legitimate one and may even have the same logo or branding. This can trick users into thinking they are connecting to a legitimate Wi-Fi network, making them more likely to connect without suspecting anything.

To protect against RAP attacks on public Wi-Fi, it's important to be cautious when connecting to public Wi-Fi networks. Avoid connecting to networks with suspicious or unfamiliar names, and be careful when connecting to networks that are not password-protected. It's also a good idea to use a VPN (Virtual Private Network) when connecting to public Wi-Fi networks, as this can encrypt all communication between the device and the internet, making it much more difficult for an attacker to intercept and alter the communication. Additionally, it's good practice to keep your device updated and use a firewall and be aware of the suspicious requests and pop-ups that may appear when connected to a public Wi-Fi network.

In summary there are several security measures that can be taken when using public WIFI to protect personal and sensitive information from being intercepted and stolen by cybercriminals. Some of the most important measures include:

Use a VPN: A Virtual Private Network (VPN) encrypts all data sent and received over the network, making it much more difficult for hackers to intercept and steal information.

Avoid using public WIFI for sensitive transactions: It is best to avoid using public WIFI for sensitive transactions such as online banking or shopping. Instead, use a personal hotspot or a cellular network to ensure that the information being transmitted is secure.

Be cautious of free WIFI: Public WIFI networks that are free to use may be more likely to be unsecured and therefore more vulnerable to hacking. Always be cautious when using free WIFI and only connect to networks that are trusted.

Avoid using public WIFI to access sensitive accounts: Avoid logging into sensitive accounts, such as your email or social media accounts, when using public WIFI.

Keep your device updated: Make sure your device has the latest security updates installed. This will help to protect against known vulnerabilities that hackers may exploit.

Use a firewall: A firewall is a software or hardware-based security system that monitors and controls incoming and outgoing network traffic. It can help to protect your device from cyber attacks.

Be wary of suspicious requests: Be wary of suspicious requests for personal information or strange pop-ups that may appear when connected to a public WIFI network. This may be a sign of a phishing attempt.

Disconnect when finished: Remember to disconnect from the public WIFI network when you are finished using it. This will help to protect your device from any potential threats that may be present on the network.

Next Topic: INFORMATION SECURITY THREATS OF WORKING REMOTELY

For More Info
Email : [email protected]
Website : http://www.freestech.co.za

23/01/2023

Discussion #3- Why is your Privacy IMPORTANT IN A DIGITAL AGE, WHY SHOULD YOU CARE ABOUT the Protection of Personal Information Act (POPIA)

In today's digital age, personal data is collected, shared, and used in ways that were previously unimaginable. As technology advances, it has become increasingly important to ensure that personal data is protected, and that individuals' privacy rights are respected. One of the key implications of privacy to data subjects is the potential for the misuse or abuse of personal information.

In simple terms POPIA should give you a control of your personal information, in a sense that you must know who has it, what they use it for, how long they are going to keep it and if they share it with who.

If your personal information is not handled in accordance with the law (POPIA) in this case, the following can happen to it:

DATA BREACHES
A data breach is an unauthorized access or release of sensitive, confidential, or protected information. This can happen when cybercriminals hack into a company's network and steal information, when employees inadvertently or deliberately release information, or when a company loses control of the information, such as through a lost or stolen device.

Data breaches can have significant consequences for individuals and organizations. For individuals, a data breach can lead to financial loss, identity theft, emotional distress, and damage to their reputation. For organizations, a data breach can lead to financial loss, legal repercussions, and reputational damage

DISCRIMINATION
Discrimination in the context of privacy violation refers to the use of personal information for discriminatory purposes, such as denying employment, insurance, or credit, or providing different services or prices to different individuals based on their personal information.

Discrimination can occur when personal information is collected, used, or disclosed without the individual's knowledge or consent. For example, if an organization collects personal information, such as race or religion, and uses that information to make decisions about hiring or promoting employees, it could be considered discrimination.

Discrimination based on personal information can have a significant impact on an individual's life, as it can lead to loss of opportunity, inequality, and feelings of marginalization. Discrimination can also have a significant impact on society as a whole, as it can perpetuate and reinforce existing inequalities and social divisions.

UNLAWFUL SURVEILLANCE

Unlawful surveillance in the context of privacy violation refers to the unauthorized collection or monitoring of personal information without the knowledge or consent of the individual. This can include activities such as hacking into personal devices or networks, installing tracking software, or using cameras or other surveillance equipment to monitor individuals without their knowledge or consent.

Unlawful surveillance can have a significant impact on an individual's privacy and personal freedom. It can lead to feelings of insecurity, mistrust, and loss of control over personal information. It can also be used for malicious purposes such as stalking, harassment, or blackmail.

HARASSMENT
Harassment in the context of privacy violation refers to the use of personal information to stalk, threaten, or harm an individual. This can occur when personal information is collected, used, or disclosed without the individual's knowledge or consent, and then used to contact or locate the individual in a way that causes them distress or fear.

Harassment can take many forms, from unwanted phone calls or messages to physical stalking. It can have a significant impact on an individual's mental and physical well-being, and can lead to feelings of fear, anxiety, and isolation.

NOW THAT WE HAVE DISCUSSED WHY YOUR PRIVACY IS IMPORTANT, ON THE NEXT TOPICS WE WILL DISCUSS YOUR RIGHTS AND RESPONSIBILITIES AS WELL AS RESPONSIBILITIES OF THOSE WE SHARE OUR PERSONAL INFORMATION WITH.

For More Info
Email :[email protected]
Website :http://www.freestech.co.za

19/01/2023

Discussion #2- Phishing(How Hackers trick you into providing sensitive information)

Phishing is a type of social engineering attack in which an attacker uses email or other methods to trick you into providing sensitive information, such as login credentials or financial information. The goal of a phishing attack is to obtain sensitive information such as login credentials, financial information, or personal information. They'll usually use money to entice you, telling you that you've won this and that, or you have pension fund waiting for you etc. They are simply looking for your sensitive personal information.

Phishing attacks can take many forms, including:

EMAIL PHISHING: Email phishing is the most common form of phishing attack. It involves sending an email that appears to be from a legitimate source, such as a bank or a well-known company, a government or even your employer, with a link or attachment that, when clicked, takes you to a fake website or downloads malware. //we will discuss malware and it's dangers on later topics.

SPEAR PHISHING: Spear phishing is a type of phishing attack that is targeted at specific individuals or organizations. The attacker may use personal information, such as your name, to make the email or message appear more credible, this type of attack is not general, so the attacker will know things about you before they attack you, they'll try to make their message look very authentic and personal so that you won't be able to suspect that it's from the bad guys.

SMS PHISHING (SMiShing): SMS Phishing or SMiShing is a form of phishing that uses text messages to trick you into providing sensitive information or visiting a malicious website.. Remember the

VISHING: Vishing is a form of phishing that uses phone calls to trick you into providing sensitive information.

I'm sure you’ve recently received an SMS from your bank telling you that they will never ask you to send banking passwords. Well, that’s a bank’s way of trying to warn you about phishing attacks.

So the hacker's trick is to get you to a website you can trust so that you can provide your sensitive information thinking you are giving it to the legitimate website , or to install a malicious file that can help them spy on you or steal the sensitive information fron your device.

To protect against phishing attacks, it is important to:

LOOK FOR SPOOFED EMAIL ADDRESSES.

A spoofed email address is one that looks like a legitimate email address to make the phishing email appear from a trusted source. You can identify a spoofed email by looking at the sender's email address. If the email address is not from a trusted source, or if it is slightly different from an expected email address, it may be a spoofed email.

e.g., the email claim to be from Qwa2 Bank, and the domain of QwaQwa Bank is qwaq2bank.com, the sender's email address should be from [email protected] , so always look at the sender's email address, the bank or most legitimate companies will not use Gmail or another platform to send official communication as they are supposed to have their own domain. Even if the sender is legitimate and using Gmail, it's important to verify, especially if they require you to send sensitive information like personal information or login details.

Check the email content: Be wary of emails that ask for sensitive information, or that contain urgent or alarming language. Legitimate organizations will rarely ask for personal information via email.

Check the email attachment and links: Be cautious of clicking on links or attachments in emails, especially if they come from an unknown source.

Check the spelling: Spoofed emails may contain typos or poor grammar. Legitimate organizations will typically proofread their emails before sending them.

Use of anti-phishing technology: Anti-phishing technology, such as browser extensions or email filters, can help to protect against spoofed email addresses by blocking or flagging suspicious emails or website

NEVER CLICK ON LINKS FROM UNVERIFIED EMAILS, TEXTS etc. THIS MAY LEAD YOU TO MALICIOUS WEBSITES WHICH MAY STEAL YOUR INFORMATION OR INSTALL MALWARE (COMMONLY KNOWN AS VIRUSES) ON YOUR DEVICE.

LOOK FOR CLONED WEBSITES

In many cases if we click on links from the bad guys, they'll often redirect us to websites, these websites will often mimic the official websites, but unfortunately in most cases these websites will be fake or clones of official websites

Check the website's URL: One way to identify a spoofed website is to look at the website's URL (the www.qwa2bank.com part on the address bar). If the URL is different from the expected URL, it may be a spoofed website. If a website URL is slightly different from the expected URL, it is likely to be a spoofed website. NEVER put in your login details, BANK CARD details, personal information, or any sensitive information before looking at the address bar. If it's supposed to be www.qwa2bank.com then you should not trust anything else different, even if just one character has changed from the official website to something like www.qwa22bank.com, Notice that I've added the number 2, so it's no longer www.qwa2bank.com it has now changed to www.qwa22bank.com , so, the one with 22 will be the illegitimate fake or cloned website, so always be cautious of websites you give your information to.

Check the website's security certificate: Legitimate websites will have a valid security certificate. If a website does not have a valid security certificate, it may be a spoofed website. Check the website's URL: Look at the website's URL, and make sure it starts with "https" instead of "http." The "s" in "https" stands for "secure," and it indicates that the website is using a security certificate. So, you must trust [https://www.qwa2bank.com ] INSTEAD of [ http://www.qwa2bank.com ] . Look for the lock icon: Most web browsers will display a lock icon in the address bar when you visit a website that has a valid security certificate. Click on the lock icon to view the website's security certificate. Review the certificate details: The security certificate will contain details about the website, such as the website's name, the organization that issued the certificate, and the date the certificate is valid until. Make sure that the certificate is valid and that it was issued by a trusted organization. Check the certificate's expiration date: Make sure that the certificate is still valid and that it has not expired. Check for any warnings or errors: If your web browser displays any warnings or errors about the website's security certificate, it may indicate that the certificate is not valid or that the website is not secure.

NEVER PUT YOUR SENSITIVE INFORMATION TO A WEBSITE WITHOUT A VALID CERTIFICATE, THIS MAY MEAN THAT THE WEBSITE IS CLONED OR SENDING YOUR INFORMATION USING AN INSECURE CHANNEL. WHICH MAY MEAN THAT BAD GUYS MAYBE ABLE TO INTERCEPT YOUR INFORMATION EVEN IF THE WEBSITE IS LEGITIMATE, SO, THE LOCK or THE (S) AT THE END OF HTTP IS VERY IMPORTANT

Remember: If something seems too good to be true, it probably is! Be vigilant and protect your personal information.

OTHER PHISHING TECHNIQUES

Social Media- to be discussed when we cover Social Media Use

Impersonation–to be discussed when we cover Social Engineering

NEXT TOPIC: WORKING REMOTELY.

More Info

Email : [email protected]
Website : http://www.freestech.co.za

16/01/2023

Hi Friends 😊😊😊....

As previously stated, we are going to dedicate the next few weeks/months to making an awareness about Information Security and Privacy and why you should care about them and what you can do to achieve both.



We will start by briefly explaining both concepts and how they relate to each other



WHAT IS INFORMATION SECURITY?

Information security primarily focuses on protecting sensitive information from unauthorized access, use, disclosure, disruption, modification, or destruction. This includes protecting against cyber threats such as hacking, malware, and phishing. The goal of information security is to ensure the

Confidentiality- ensuring that your information (pictures, apps, banking information and other sensitive information) is only accessible to the people you have given access to it, we will discuss how thieves and hackers access such information and what you can do to stop them.

Integrity- ensuring your information is accurate, complete, and has not been changed. We will discuss how to see if your information has been changed and what techniques you can use to avoid this.

Availability of information- ensuring that you can use your information whenever you need to, we will get deeper in discussing how bad guys can make your information and devices/apps unavailable for you to use and what techniques you can use to avoid this.



PRIVACY?

Privacy, on the other hand, primarily focuses on the right of individuals to keep their personal information confidential and to control how organizations (potential employers, employers, banks, shops, Drs etc.) collect it, how they use it and how they share it. Privacy also goes further by checking who can access your information when it is being processed at different organizations and how it is protected, this is to ensure that even if you have applied the correct security measures, the organizations which you have entrusted with your information don’t expose your sensitive information to criminals, also what should be done incase the company which you have given information has been breached,what are responsibilities of these companies to you after they have been breached and what your rights are. The goal of privacy is to protect individual autonomy and personal freedom. We will base our Privacy discussions on the Protection of Personal Information Act (POPIA) as it applies to us in South Africa.

Information such as name, ID number, address, phone number, email address, financial information, children's data, and other sensitive data are all covered by POPIA. POPIA also has what they call special information, which include information like religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health or s*x life, and biometric information where the organizations are expected to process this information in accordance with provisions in the Act.

In recent years, the growing use of technology has raised new privacy concerns, such as the collection and use of personal data by tech companies, marketing companies, the use of facial recognition technology, and the potential for surveillance by governments. As a result, there has been increased focus on privacy and the need for stronger privacy laws and regulations.

In the next sections of our privacy discussions, we will cover a wide range of topics related to the protection of personal information, including the collection, use, storage, and sharing of personal information, as well as providing individuals with rights to access, correct, delete and portability of their personal information as covered by Protection of Personal Information Act.

Next Topic : Phishing (How Hackers trick you into giving them your sensitive information like login details)

For More Info
Email : [email protected]
Website : http://www.freestech.co.za