Warning: Bad Rabbit Ransomware

Bad Rabbit, bad bad bad!

A new ransomware attack, nicknamed "Bad Rabbit," WAS spreading --but latest reports suggest that it has been shut down already.  Just in case, we'll treat this as a "teachable moment."  Bad Rabbit tricked visitors to infected web pages by claiming that an update was needed for Adobe Flash Player.  The alert looked like this:
 

Bad Rabbit

In case it's not obvious, if you see something like this pop up on a webpage, DO NOT click on it--just close the webpage. 


Good Passwords Revisited
(for you, Ann and Chris!)

Back in August, the guy (yes, one guy!) who years ago wrote the best-practice rules for passwords announced that he steered us wrong.*  It's MUCH safer to use a long, easy-to-remember passPHRASE like "chickenbananatablebump" than a hard-to-remember string of numbers, letters and special characters like "pAss!W0rd#23".  And, there's no need to change passwords regularly unless you think they've been breached. (You can check if you've been exposed in many of the major breaches at this useful website).

Unfortunately, most websites still follow the old rules; but the experts NOW recommend:

passwords
  • Don't use the same password twice
  • Don't use the same password twice (it bears repeating, because we still see a lot of people doing this!)
  • Use long passwords wherever possible (at least 8 characters); pick a couple of unrelated words and stick them together.
  • Use two-factor authentication wherever available (most email accounts, iCloud, Dropbox, etc.)
  • Consider one of the well-reviewed password managers like Dashlane or Lastpass 
  • Keep a record of your passwords in a SAFE place
  • Do not send passwords (or other sensitive data) by email

Stay safe out there, and Happy Hallowe'en!

*He was working off poor data, to be fair, but the best part of the story is that geek-idol-cartoonist Randall Munroe pointed this out in his popular webcomic YEARS ago