129 bytes small Linux/x86_64 bind (4444/TCP) shell (/bin/sh) + password (pass) shellcode.

120 bytes small Linux/x86_64 reverse (127.0.0.1:4444/TCP) shell (/bin/sh) + password (pass) shellcode.

4

In Week 1 of National Cybersecurity Awareness Month (NCSAM) we looked at spoofed emails, cybercriminals' preferred method of spreading malware. Today, in an effort to provide you with the best information out there to keep you safe online, we're hitting you with a double dose of cybersafety news.

Let's take look at the topics for Week 2 and 3 of National Cybersecurity Awareness Month: malware and password security. They're separate but related issues in the world of Internet crime prevention, and a better understanding of each is key to protecting your property and personal information in today's digital world.

Malware

Malware is an umbrella term used to describe software that is intended to damage or disable computers and computer systems. If you'd like, you can take a moment and watch this video on malware from Norton Security. But the best way to begin protecting yourself against this stuff is to learn about all the different types of malware that can affect your computer. There are tons, so we'll just go over the broader categories for now.

Viruses: Malicious bits of code that replicate by copying themselves to another program, computer boot sector, or document and change how a computer works. Viruses are typically attached to an executable file or program and spread once a user opens that file and executes it.

Worms: They're like viruses, but are different in terms of the way they're spread. Worms typically exploit a vulnerability or a weakness that allows an attacker to reduce a system's information assurance. Missed that last Windows update? You might be more vulnerable to worms.

Trojans: These look like legitimate pieces of software and are activated after a user executes them. Unlike a virus or a worm, a trojan does not replicate a copy of itself. Instead, it lurks silently in the background, compromising users' sensitive personal data.

Ransomware: This refers to a type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking or threatening to erase the users' files unless a ransom is paid. You may recall the WannaCry attack that affected users across the globe this summer, only to be thwarted by the accidental discovery of a "kill switch" that saved people from the malicious software.

Spyware: This malware collects your personal information (such as credit card numbers) and often passes this information along to third parties online without you knowing.

You can check out more descriptions and examples of the types of malware that exist today at MalwareFox, a malware detection and removal software program.

Tips for Protecting Yourself Against Malware

Staying malware-free doesn't require an engineering degree. You can greatly reduce, if not completely eliminate, your chances of falling victim to malware by following these easy tips.

• Keep your operating system current.
• Keep your software up to date, particularly the software you use to browse the Internet.
• Install antivirus and security software and schedule weekly scans. At TechSoup, we're protected by Symantec Endpoint Protection. At home, there are dozens of solutions you can use to protect yourself (PCMag lists many here).
• Mind where you click. Think twice before you download torrent videos or free Microsoft Office templates from some random website.
• Avoid public, nonpassword, nonencrypted Wi-Fi connections when you can. Use a VPN when you cannot.

Spread the Word

Let people know that TechSoup is helping you become more #CyberAware by sharing a message on your social media channels. If you tag @TechSoup on Twitter, we'll retweet the first two tweets. Remember, we're all in this together.

Password Security

Now that we've covered the nasty stuff that can make your life miserable if it ends up on your computer, let's go over some password security tips to help prevent malware from getting there in the first place. Using best practices when it comes to protecting your passwords is a proven way to protect your personal and financial information. Curious how knowledgeable you already are? Watch this video and take this quiz to enter a drawing for a $25 Amazon gift card!

First, let's go over some facts.

• Passwords are the first line of defense to protect your personal and financial information.
• A weak password can allow viruses to gain access to your computer and spread through TechSoup's or your family's network.
• It's estimated that 73 percent of users have the same password for multiple sites and 33 percent use the same password every time. (Source: Digicert, May 2014)
• Despite a small sample size of 1,110 U.S. adults, a recent YouGov survey still found that 28 percent of adults use the same passwords for most of their online accounts. (Source: Business Insider, October 2017).

Best Practices for Effective Password Protection

One great way to better protect yourself is by opting for a passphrase, which is much more difficult to crack than a single-word password. Here are some guidelines to creating one.

• Pick a famous quote or saying and use the first letter of each word.
• Add a number that you can remember.
• Capitalize one letter.
• Make it unique by adding the first letter of your company's name to the beginning or end of the passphrase.
• Make it between 16 and 24 characters.

You should never write your password down, but if you must, never store user IDs and passwords together. Finally — even though it might seem unwieldy — you should always use a different password for each site that requires one. In today's world, everything is connected. A savvy hacker can easily breach your bank account, email, and medical records in one fell swoop if you're using the same password for all three.

Additional Cybersecurity Resources

In case you missed it, take a look at last week's post on recognizing suspicious emails.

Need a little inspiration? Find out how TechSoup and Symantec are making a difference in the lives of at-risk teens.

Get more security tips from the National Cyber Security Alliance. National Cyber Security Alliance Month — observed every October — was created as a collaborative effort between government and industry to ensure that all Americans have the resources they need to stay safer and more secure online. Find out how you can get involved.

spanhidden

Kuwait's National Vision 2035 has economic diversification at its heart. This move from hydrocarbon reliance to other sectors is attracting investor attention, as Wendy Atkins reports.

President Obrador aims to mobilise billions in public and private investment to create an alternative to the Panama Canal along the Tehuantepec corridor. 

Up to 18 countries across Latin America have joined China’s new Belt and Road Initiative, hoping to boost their infrastructure development and investment.  

The minister of foreign affairs for Belarus tells fDi why the country is keen to join the WTO and strengthen economic relations with the CIS.

Moldova's wine industry has gained some international recognition but the country remains largely untroubled by tourists, a combination that is enticing some foreign investors.

Miriam Gozalo is an electrification project development manager at BP, one of the largest oil and gas companies in the world. Her work is squarely focused on the energy transition. Read what she has to say about her role working on ultra-fast electric vehicle charging stations in a company that most people associate with drilling rigs and gasoline.

A series of U.S. renewable energy incentives violated international trade rules, according to the World Trade Organization, threatening to stoke tensions between the two countries as President Donald Trump prepares to meet Prime Minister Narendra Modi on Friday.

On July 1, Public Service of New Mexico filed a plan with regulators in the state for how it plans to get to a 100 percent emission-free power by 2040. The utility reviewed four scenarios, all of which involved the early retirement of the San Juan Coal Plant, to arrive at its recommended path forward.

This week artificial intelligence (AI)-driven energy storage services provider Stem said that it had formed a partnership with New York-based private equity company Syncarpha Capital to build 28.2 megawatt-hours (MWh) of large-scale storage projects co-sited with solar in Massachusetts.

Community stakeholders and climate experts from the University of Arizona are helping Tucson Electric Power to build an energy portfolio that supports reliable, affordable and increasingly sustainable service over the next 15 years.

Energy generation and consumption is rapidly transforming into a decentralized, decarbonized, and digitized model due to a number of market forces. The declining costs of solar energy systems, as well as the increasing price of energy from the grid has led to grid parity. This has caused PV proliferation to accelerate to such an extent that in the past five years alone, PV installed capacity has increased by 300%. Simultaneously, the EV market is also on the rise and is expected to reach the electrification tipping point by 2030. This is due to support from governments trying to limit the effects of climate change, thus leading to automotive manufactures transitioning their fleets from standard petrol- and diesel-powered cars to EVs. As a result of the acceleration of both of these markets, EV charging has created demand patterns causing an even steeper and faster ramp-up in the evenings than the PV duck curve. , This is causing the grid’s balancing act to be increasingly complex. In order to support this new energy dynamic, advanced management software is required to ensure grid stabilization and to unlock the value of these energy resources.

Last week, California’s Glendale Water & Power (GWP) received approval from the Glendale City Council to move forward with a plan to repower the aging Grayson Power Plant with a combination of renewable energy resources, energy storage and a limited amount of thermal generation.