Hardening your Android Device, Part-3

Securing your Android Phone can be accomplished in many different ways, and by catering to many different tastes, so no single way is correct, or best for everyone. I do recommend at least the following as a minimum spread on your device.  There are three main areas for security on your device, those settings which left in default mode can be a serious security risk, those apps and programs which help secure your device like AntiVirus and AntiMalware, and AntiTheft apps which can lock-down and secure your information should your device be lost or stolen.

Continue reading

Hardening your Android Device, Part-2

Part-2: Take Control of your Google Account
We’ve all heard the old axiom that building a good house requires a good foundation.  I prefer the Engineer’s version of that saying: “To build a stable house requires a square, true, and level foundation.  Well, ensuring your sole control over your account is the equivalent first step in our endeavor. Actually, you can have any kind of account as your primary account for your Android phone, but we’re presuming for the purposes of this article that you have a Google Account.  If you have a Microsoft or Yahoo account, you’ll need to do some of your own research to find these kind of equivalent settings. 

And while it might sound counter-intuitive to securing your device, we actually need to take control of your Google account before we can harden your device.  This is to ensure that you are the only person with access to your Google Account.  Even if you are certain that you never shared your account password with a good friend, or significant other, your account could still have been compromised.  This is the perfect opportunity to confirm that your account is still entirely yours.

Continue reading

Why you need a Password Manager

My biggest and best argument for using ANY Password Manager is this: passwords are by definition a security measure meant to ensure that your accounts are kept as secure as possible by being as complex as reasonably possible.  However, making a password as easy to remember actually runs counter to the entire idea of security.  So why bother challenging yourself to remember any password at all when a Password Manager could do this part of the job for you.  And if a Password Manager performs the “manage” portion of the job correctly, then they can actually make your life a whole lot easier by automatically inputting the username and password at the appropriate times.

Continue reading

Hardening your Android Device, Part-1

There are many steps that should be taken in following the general strategy of hardening one’s mobile device.  For the purposes of this article, I’ll be hardening a Samsung Galaxy S7.  This process will be divided into three parts: Preparation Work will be Part-1,  Take Control of your Google Account Part-2, and finally Part-3 will be the actual Hardening of the Android Phone.

Part-1: Prep Work
Let’s get some housekeeping chores done first, prior to attempting to harden your Android Device. We’ll begin by actually doing some updates on your PC if you have one.  If you don’t have a PC that you use any of your current phone services from, then you’re find to move on to Part-2.

Continue reading

How to recover your Hacked WordPress Site (Part-3)

 

Have you read How to recover your Hacked WordPress Site (Part-2) yet?

Stage 6: Getting back to (almost) business as usual.

The new Mindset: As mentioned above, before you are done with this clean-up process you will need to look at security in a whole new light.   Or at the very least, you had best respect the fact that your ability to keep hackers at bay rests on your ability to maintain a proper pro-security mindset.  So along those lines, let’s discuss a few quick topics pertaining to Security that you can mull over now that the immediate emergency is over.

Continue reading

How to recover your Hacked WordPress Site (Part-2)

 

Have you read How to recover your Hacked WordPress Site (Part-1) yet?

Stage 3: Let the Sanitizing begin.

Once you’ve identified the “vector” or angle that the hackers used to compromise your website, you can now get to work plugging the holes.  Wordfence keeps a massive Archive collection of every known WordPress Theme and Plugin.  For those legitimate configuration files that might have simply been compromised along the way, you can re-download a known-good version of the file from the Wordfence archives.  Delete the ones that don’t belong on your website.  Just keep fixing those files which are infected, and deleting those that don’t belong until your site is once again clean.  If your hacker wasn’t aware of your attempt to take back your Account and Website, they will probably begin to realize it soon.  Keep moving!

Continue reading

How to recover your Hacked WordPress Site (Part-1)

So, you think that your WP Site got hacked, what is the first thing you should do?

There are quite literally several dozen things that you should do, but each case is different.  I will try to highlight the most important points below.  The reason that there are so many steps is that there are so many different ways to approach this dilemma.  The most immediate decision for you is are you going to adopt a hands-off approach of hiring a security consultant to clean it for you, or are you going to go the DIY route like I chose to do.  Even then, there are so many different ways that people prefer to do things.  Overall, this process involves a lot of smaller steps, but there is one step to the whole process that is really big, regardless of whether you DIY or hire someone to do the cleanup.  It may be the single most important aspect of this entire process: and that is changing your mindset on about how you approach security.  And that folks, is a massive undertaking, because changing the way your mind operates may also be the single hardest step in this entire how-to guide.

The following are all recommendations on my part, suggestions that you need to discard or accept, but in my opinion they make up a fairly logical progression on how to deal with such issues should you ever find yourself in this situation.   You can of course choose to perform these steps in a different order, but I believe that they will be most effective in the order I present them.  I hope they will at least be a helpful aid to you in your time of need, allowing you to recover as much of your website as is possible.   Cleaning any hack is going to take some time and effort, so you really need to think about whether you want to tackle this on your own.   In the end, I think you’ll be happy that you chose to do it yourself.  As with any such DIY process, you assume all risk and responsibility for any and all actions and outcomes, and obviously your mileage may vary.  No matter which direction you decide to go, I’ll wish you the very best of luck in your cleaning endeavors!

Continue reading