You’re Doing Winter Recycling All Wrong

Photo: Mulevich (Shutterstock)

We all know recycling is a generally good practice, but it’s one of those things where it’s not really not just the thought that counts. If you recycle incorrectly, the goods you’re trying to preserve for reuse can be rendered useless. In the winter time, in particular, there are some seasonally specific recycling dos and don’ts that you may not be aware of.

Rinse your bins and containers

Throughout the winter, give your containers and bins a good rinse, then turn them upside down and let them dry fully before you put any recyclables in them. According to AccuWeather, this will prevent ice build-up, which in turn can cause recyclables to become stuck together.

Put your recyclables in the right order

Don’t just toss all your paper or plastic goods into their bins and call it a day—at least not when the weather is frightful. Wind can come along and snatch lighter, looser materials off the top of the pile, which would lead to inadvertent littering—the exact opposite of what you’re trying to accomplish by recycling.

G/O Media may get a commission

13% Off

Meta Quest 2 Bundle

Enter a new reality
This bundle packs in the Meta Quest VR headset itself, two controllers, Beat Saber, and Resident Evil 4 as well, which is everything you need to have a good time.

Instead, before you bring the bin out, take time to put heavy items on top. And don’t bring it out and leave it overnight, either, Certified Recycling advises. Try to take recycling out the morning of your pick-up so it’s not sitting out in the elements all night.

Place your bags and bins in a safe spot

AccuWeather also says you have to be choosier with where you set your bins in the winter. Snow removal areas are dangerous, of course, but even setting your bags or tied-up cardboard on icy spots is a bad idea, as they can actually become frozen in place.

Take care with holiday decor and waste

When you’re cleaning up after the holidays, don’t just stick your tree on the curb and drop your old lights in the bin. Check with your local waste department about their policies for discarding these items. Your local department may mulch trees and wreaths, for instance, and old lights can be recycled by scrap metal companies, so give them a call, too.

Finally, according to Earth Day 365, don’t try to recycle any kind of packing materials or wrapping paper: This means no stick-on bows, no styrofoam, and no bubblewrap. You can, of course, recycle cardboard boxes.

 

from Lifehacker https://ift.tt/ZuhtGIq

How to Unclog the Dishwasher Yourself

Photo: Happy Lenses (Shutterstock)

If you have a houseful of guests, or are engaged in a holiday baking marathon, a clogged dishwasher can really slow down your operation. Hand washing all your dishes uses more time and water than using your appliance—but getting a professional out to look at your dishwasher during the holidays can be hard to schedule, not to mention expensive. Luckily there are some things you can do yourself to deal with a clog.

First, check the kitchen sink drain

If the drain to your sink is also not working, there’s a possibility that the drain for your kitchen is clogged, and that the dishwasher isn’t the source of the problem. Try using a snake, also known as a drain auger, to clear the drain from the kitchen sink before doing anything to the dishwasher. If the sink and dishwasher begin to drain after that, chances are that the dishwasher doesn’t need any special maintenance. If not, there are some dishwasher-specific steps to try.

First, turn off the power to your dishwasher and garbage disposal. This will help to avoid electric shock while you’re working and will prevent you from accidentally turning anything on. If there’s no shutoff at the machine, you can shut off the power from your breaker box.

How to prep your dishwasher to unclog the drain

The next step is to empty out the dishwasher, removing all the dishes and the shelves and racks to give you room to work. You’ll also need to remove any water from the bottom of the dishwasher. For this part, scoop some of the water out with a measuring cup or use a dish towel, large sponge, or a bath towel to soak up any that remains. (If you have one, a wet vac will also work.) In addition to making the dishwasher more accessible to work on, this will reduce the probability of slipping in water or flooding the area around the dishwasher while you’re unclogging the drain.

G/O Media may get a commission

13% Off

Meta Quest 2 Bundle

Enter a new reality
This bundle packs in the Meta Quest VR headset itself, two controllers, Beat Saber, and Resident Evil 4 as well, which is everything you need to have a good time.

Check the drain hose

Once the appliance is prepped, the first thing to check is the drain hose. If you have a garbage disposal, this is the hose that connects to the disposal, usually under the sink. If you don’t have a garbage disposal, the hose will connect with the drain to your kitchen sink. The hose could also be attached behind your dishwasher. Once you locate the drain hose, you can detach it by undoing the hose clamp that holds it to the machine. Check it to see if there’s any debris inside and use a hose clearing tool to pull any clogs out. Run some warm water through after you unclog the hose to make sure that any loose bits don’t cling inside and form the basis for a new clog.

Once you’re finished, replace the hose and make sure to tighten the clamp—if it comes loose, the dishwasher will drain onto your floor, causing a flood.

Check the drain itself

If there isn’t an obstruction in the hose, you might have an issue in the drain of the dishwasher itself. This is in the bottom of the appliance, with a screen or a strainer-like cover. These usually come off with a screwdriver and might have a filter below the drain cover. Once you have removed the drain cover, use your hose clearing tool to clean out the drain. If you think you’ve got the drain cleared, run a small amount of water through it to make sure that it’s running clear. If everything works, you can reassemble the drain cover, put your shelves and baskets back into the dishwasher, and switch the power back on.

When to call a professional

If your drain is still clogged after taking these steps, you should call a professional. A faulty drain in an appliance like a dishwasher can cause flooding, leading to water damage and a much more expensive repair bill. Leave the appliance off until you can get it repaired to avoid further damage.

from Lifehacker https://ift.tt/SUCoweu

These Glitches Let You Cheat in 'Pokémon Scarlet' and 'Violet'

By now, you probably know how buggy Pokémon Scarlet and Violet are. At this point, the glitches and issues are more features than bugs. Most of the games’ quirks seem to range from harmless to game-breaking, but there are some newly-discovered ones you can use for your benefit...specifically to duplicate items and Pokémon in your game.

These duplication glitches have been circulating around social media, as have other Scarlet and Violet glitches. The difference here is that these bugs actually improve things for players, netting them extra items and Pokémon without much effort. And while you always have to take these types of claims with a grain of salt, Polygon was able to confirm some of them actually work.

The first they test is a simple glitch: If you set up a picnic over a sparkly spot in the wild, you’ll find an item in your basket. If you leave the picnic here, that item will continue to respawn every now and then, in an apparent infinite item glitch. There’s no telling what item will spawn over the sparkly spot, but it’s worth your time since it could be something good.

My favorite example of this glitch, though, is the ability to catch the same shiny Pokémon over and over again. As demonstrated by creator Austin John, if you encounter a shiny Pokémon in the wild, you can catch it, head towards the nearest town, save just before crossing into that town, then head back to the original spot you caught the Pokémon to find an identical shiny in its place, as if you’d never caught it.

How to Duplicate Wild Shiny Pokemon in Pokemon Scarlet and Violet

And if you’ve beaten the Area Zero part of the game, you can try an interesting (yet convoluted) way to duplicate the items your Pokémon are holding. To take advantage of the trick, make sure your party is full, give your Miraidon or Koraidon an item to hold, then start a battle with a wild Pokémon and catch it. Because your party is full, you’ll need to move one Pokémon to your box. Chose Miraidon or Koraidon, then quickly hit A or B to trick the game. While you normally aren’t able to transfer these Pokémon to your box, you’ll find them duplicated here, complete with whichever item they were holding. The new item will be added back to your bag, and you’ll be able to take the original item back from the Pokémon when you add them back to your party.

G/O Media may get a commission

13% Off

Meta Quest 2 Bundle

Enter a new reality
This bundle packs in the Meta Quest VR headset itself, two controllers, Beat Saber, and Resident Evil 4 as well, which is everything you need to have a good time.

One Polygon commenter shared a good use for this glitch: You could have your Miraidon or Koraidon hold an Ability Patch and duplicate it to quickly boost the stats of your other Pokémon. But, of course, use the glitch to duplicate any item you find useful.

Whether you’re enjoying your Scarlet or Violet experience or not, there’s no denying these games are glitchy. Some users are even asking for their money back, and they’re getting it. However, if you choose to stick with these new Pokémon titles, you might as well take advantage of the chaos.

 

from Lifehacker https://ift.tt/41ZqpA6

9 Mostly Untrue Myths About Witch Hunts

Image: Three Lions (Getty Images)

They did burn some witches, to be sure. I mean, if you’re torturing and killing people for various real and bullshit crimes, you might as well include the stray witch you come across. But technically their purview was rooting out heresy among baptized Christians.

Earlier, Jews and Muslims had been forced to either convert to Catholicism or leave Spain; now, the Inquisition was tasked with finding people who said they were Christians but were actually practicing other religions in secret. Along the way, they rounded up various others they saw as heretics and criminals, questioned and tortured them, and then announced their verdicts at public festivals/executions known as autos-da-fé (“acts of faith”).

In the Inquisition, about 7,000 people were accused of witchcraft, with only about a dozen being convicted and executed for it. If you want to find a real hotbed of witch burning, you have to look elsewhere, such as the area now known as Germany, where witchcraft trials and executions were much more popular. In one region with a population of 2,200 people, an estimated 500 were burned as witches.

from Lifehacker https://ift.tt/xeXv7WG

Layer Your Leftovers Into a Lasagna

Photo: Allie Chanthorn Reinmann

The concoctions I’ve assembled over these post-Thanksgiving days has given me a lot of insight. Specifically, the idea that certain foods “go together” and other combinations don’t, is really just a load of crap. I’ve eaten a few combinations this year that I would have politely declined in the past, only to find myself scarfing the entire thing (and growling at anyone who tried to take some). I had this culinary revelation while eating a Thanksgiving leftovers-lasagna—and you should too.

My mysterious mind has rustled up numerous ways to re-work leftovers, like French-toasting your stuffing or making buffalo turkey pizza, but reading this article had me considering the pros and cons of cramming all of your leftovers into one bulky, strange lasagna. My concern was that every forkful would become an unpleasant putty of flavors, each one competing for the attention of my taste buds, and zero of them shining through—like mixing all of your colors together and getting gray. I’m delighted to report that I was worried for no reason. Every bite of the first slice answered the question, “It couldn’t be good… could it?” It was good! So good, I proceeded to have two more slices.

Photo: Allie Chanthorn Reinmann

Normally I’d like to give you tips on the best way to make a leftovers-lasagna, but, besides adding a little sauce to the bottom so the noodles don’t stick, I don’t think there’s a wrong way. The big thing I learned is that anything goes. Potatoes, stuffing, turkey, asparagus, sweet potatoes (marshmallows remain untested), and mac and cheese all work well together. Depending on how many leftovers you have, you can find a way to cram it all in, or bulk up small amounts of leftovers with a ricotta mixture and extra cheese. The assembly is up to you. Spread stuffing on the bottom, drop Brussels and corn in the middle, and add sweet potatoes on top. Or switch it around. The layers will look lovely, and when you put a fork through it, you’ll be eating all of those flavors at once regardless of their arrangement. Miraculously, you’ll be able to taste them all, and they “go” together.

I did have one internal dispute while building the lasagna. Brown gravy or Italian gravy? Brown turkey gravy would have been a boss move, but I only had a jar of red sauce. I was a little dismayed, thinking the tomato sauce would overpower everything, but again, it was somehow perfect. Just a small amount of tomato sauce provided the perfect amount of acidity to balance out the sweet, savory, salty, and umami swirling around my palate. Regardless of what kind of sauce you use, which layer the mac and cheese is on, or even when it’s regular, non-Thanksgiving leftovers, layering yesterday’s food into a lasagna tastes fantastic, and it’s a great way to clean out your fridge.

from Lifehacker https://ift.tt/UyFZlL9

There’s Finally a Hidden Setting to Stop Chrome From Killing Your Laptop’s Battery

Photo: monticello (Shutterstock)

From all the web browsers to choose from these days, Chrome is still the most popular for some reason. Practially everyone uses it, and as such, everyone knows it’s a battery hog—and the more tabs you open and the more extensions you use, the worse the energy drain becomes. While we’ve tried to help you out in the past with workarounds to limit Chrome’s energy use, they’re no longer necessary. Google finally has implemented an official “low power mode” solution you can enable in one step.

As reported by How-To Geek, Google dropped the new “Energy Saver” feature alongside the release of Chrome 108. When you enable the option, Chrome will preserve your battery by minimizing background activity, visuals, and frame rates. You will likely notice a change in performance when browsing with those three components limited. Animations and scrolling may feel choppy, and Chrome’s overall speediness may be diminished. But I’ll take it if it means I can actually get a full day’s work done without staying tethered to my charger.

That said, at this point it’s unclear how much battery Energy Saver will actually preserve, since the feature is so new. Still, it seems worth trying, even to squeeze an extra few minutes of juice from my MacBook.

How to enable Low-Power Mode in Chrome 108

The first step is to update Chrome to at least version 108. If it hasn’t updated automatically, you can force an update ton Windows, Mac, or Linux by clicking the three dots in the top-right corner, choosing Help > About Google Chrome. Hit “Relaunch” once Chrome loads the update.

G/O Media may get a commission

13% Off

Meta Quest 2 Bundle

Enter a new reality
This bundle packs in the Meta Quest VR headset itself, two controllers, Beat Saber, and Resident Evil 4 as well, which is everything you need to have a good time.

Then you’ll have to do a little digging, because Google hasn’t (yet) made the new option user-facing—there’s no obvious battery-saver setting; instead, the feature is hidden behind a feature flag. (Google launches experimental new features as flags it doesn’t consider ready for the general public, but which are good enough for tinkerers to try out. The company warns that enabling flags can mess with your browser and its data, but Energy Saver seems like a relatively safe one to try.)

If you want tinker with Energy Saver, type chrome://flags into the address bar, then hit enter. Here, click the “Search flags” field and type “battery” to pull up “Enable the battery saver mode feature in the settings” (it’s identifying flag is “#battery-saver-mode-available”). Click “Default,” change the setting to “Enabled,” then hit “Relaunch” to reboot the app. Once Chrome opens back up, head to Settings, then click on the new “Performance” tab to see “Energy Saver.”

From here, you have two options. You can either have Energy Saver kick on when your laptop hits 20% battery, or you can choose to keep the feature on anytime your laptop is unplugged. I didn’t bring my charger to work today, so I know which option I’m picking.

from Lifehacker https://ift.tt/wDYL6vp

Amazon Security Lake: Automatically centralize your security data

Amazon Security Lake is a service that automatically centralizes an organization’s security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account so customers can act on security data faster.

Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings, converts incoming security data to the efficient Apache Parquet format, and conforms it to the Open Cybersecurity Schema Framework (OCSF) open standard to make it easier to automatically normalize security data from AWS and combine it with dozens of pre-integrated third-party enterprise security data sources.

Security analysts and engineers can use Amazon Security Lake to aggregate, manage, and optimize large volumes of disparate log and event data to enable faster threat detection, investigation, and incident response to address potential issues quickly, while continuing to utilize their preferred analytics tools.

Customers want greater visibility into security activity across their entire organizations to proactively identify potential threats and vulnerabilities, assess security alerts, respond accordingly, and help prevent future security events. To do this, most organizations rely on log and event data from many different sources (e.g., applications, firewalls, and identity systems) running in the cloud and on premises, each using a unique and often incompatible data format.

To uncover security-related insights, like spotting unauthorized external data transfers for sensitive information or identifying the installation of malware across employee devices, organizations must first aggregate and normalize all this data into a consistent format. Once the data is formatted consistently, customers can analyze it and understand the current level of vulnerability, and then correlate and monitor threats for improved observability.

Customers typically use different security solutions to address specific use cases, such as incident response and security analytics, which often means they duplicate and process the same data multiple times because each solution has its own data stores and format. This is time consuming and costly, slowing down security teams’ ability to detect and respond to issues.

As customers add new users, tools, and data sources, security teams must also spend time managing a complex set of data-access rules and security policies to track how data is used and ensure people can get the information they need. Some security teams create a central repository for all their security data in a data lake, but these systems require specialized skills and can take months to build due to the large amount of log data from different sources, which can run into petabyte scale.

Amazon Security Lake is a purpose-built security data lake that can be created in just a few clicks and enables customers to aggregate, normalize, and store data so they can respond to security events faster using their preferred tools. After setup and connections to selected data sources, Amazon Security Lake automatically builds a security data lake in a customer-selected region, which can help customers meet regional data compliance requirements.

After customers choose their data sources, Amazon Security Lake automatically aggregates and normalizes data from AWS, combines it with third-party sources that support OCSF (an open standard), and optimizes it into a format that is easy to store and query. Amazon Security Lake automatically orchestrates the end-to-end process from data lake creation and data aggregation to normalization and integration. The new service builds the security data lake using Amazon Simple Storage Service (Amazon S3) and AWS Lake Formation to automatically set up security data lake infrastructure in a customer’s AWS account, providing full control and ownership over security data.

Once ingested and normalized, customers can use their preferred security and analytics tools, including Amazon Athena, Amazon OpenSearch, and Amazon SageMaker, along with leading third-party solutions (e.g., IBM, Splunk, or Sumo Logic) to make it faster and easier to capture broader and deeper analytics from AWS and more than 50 third-party (e.g., Cisco, CrowdStrike, and Palo Alto Networks) and customer data sources. As a result, Amazon Security Lake helps customers improve their overall security posture, provide greater visibility for security teams to identify and understand events, and reduce the time to resolve security issues.

“Amazon Security Lake lets customers of all sizes securely set up a security data lake with just a few clicks to aggregate logs and event data from dozens of sources, normalize it to conform with the OCSF standard, and make it more broadly usable so customers can take action quickly using their security tools of choice. With Amazon Security Lake, customers get superior visibility and control, with help from the largest ecosystem of security partners and solutions,” said Jon Ramsey, VP for Security Services at AWS.

from Help Net Security https://ift.tt/z5DCrgm

The Best Ways to Store Leftover Pizza

Photo: Elizabeth A.Cummings (Shutterstock)

Pizza is a delicious convenience that most of us appreciate in that moment when we want a hot meal (that we didn’t have to prepare) delivered straight to us. But what comes next—storing the leftovers—can be tricky. Pizza boxes are not exactly easy to fit into the refrigerator, but you know you’re going to want to partake in round two tomorrow. Here are a couple easy ways to store pizza slices, depending on how you like your leftovers.

If you like your leftover pizza on the moist side

For gooey, moist, second-day pizza, you’re going to want to take steps to make sure the slices don’t dry out too much in the fridge, according to Lifehacker food writer Allie Reinmann. Put them in airtight containers, like Tupperware, for best results. You can also use resealable bags, but you’ll have to put each slice in on its own.

If you like your leftover pizza more dry

I, on the other hand, prefer dried-out pizza on the second day. It’s crispier that way, you see. If you feel the same, there are two options we recommend. The first involves retrofitting the pizza’s original box to be smaller and better fit inside your fridge: You rip the top off the box, then remove the side flaps. Bend the bottom piece of cardboard right down the middle and you have a smaller box that will slide right in your fridge. Here’s a TikTok explaining the method:

Your other method will involve stacking and individually wrapping each piece. Per the Grand Island Independent, you want to stack your first piece on a plate, then put down a layer of parchment paper (to prevent the pieces from sticking together) and continue stacking, alternating pizza and paper until you’ve piled all the pieces. Wrap your new stack tightly with cling wrap.

from Lifehacker https://ift.tt/1aSqzM5

Apple Music Finally Has Its Version of 'Spotify Wrapped'

Screenshot: Jake Peterson

I love Apple Music, but I’ll admit, at this time each year, I’m jealous seeing everyone’s Spotify Wrapped. Apple Music lets me imagine I have a sophisticated taste with an expertly curated library, while Spotify lets its customers bask in the embarrassment of their actual listening history. I, too, want to be humbled. Thankfully, it looks like Apple Music is delivering us some humble pie this holiday season with its own version of Spotify Wrapped.

Apple Music has had some end-of-year reports available in the past, in a service called Apple Music Replay. You might have seen this feature before in the app, which appears as a playlist of your top 100 songs for the year. But Apple has been expanding the feature in recent years, adding a web app with additional yearly stats. Now, it’s better than ever.

To start, open Apple Music on your device of choice, then go to the Browse tab. Here, you should see a new Replay option. Tap it, and Apple Music will take you to the official Replay website. Sign in with the Apple ID you use for Apple Music, then allow Replay to load. Once it does, you’ll have access to a succinct summary of your year in music.

Scroll through this page, and you’ll see the following stats: How many songs you listened to, including your top 10 of the year and how many times each was played; how many artists you listened to, featuring your top 10 and how many minutes you played each artist for; how many albums you played, which were the top 10, and how many plays you contributed to each; how many playlists you listened to, and how long for each; your top radio stations, and how many minutes you spent with each; and, at the end, your official Apple Music Replay playlist, which lists your top 100 songs of the year.

These stats are fun to scroll through of course, but they’re not all Replay has to offer this year. The best part is the new Highlight Reel, which makes it easy to share Spotify Wrapped-like stats to your socials. The reel offers fun graphics with the stats we just covered above and more, including how many minutes you listened to Apple Music in total; your top song, artist, and album; and your top genres of the year, all the while accompanied by music from your Replay itself. Each slide includes a share button, which lets you easily save the slide to your device for sharing.

Screenshot: Jake Peterson

It is a bit odd that Apple Music doesn’t let you use this new Replay feature in the app, though. Right now, it’s only available on the Apple Music web app, when it’d be much more convenient to use in the main app itself. At least Apple points you to Replay’s web app in Apple Music, rather than force you to learn about it elsewhere. You can still access the Apple Music Replay playlists from your Apple Music app, including Replay playlists from each year you subscribed to the platform.

from Lifehacker https://ift.tt/Wa1CZdt

Your Next Party Needs This Giant Grilled Cheese Sandwich

Photo: Allie Chanthorn Reinmann

In the category of reliable sandwiches, the grilled cheese reigns supreme. Simple in method, and an easy crowd pleaser, their only real drawback is they’re tough to make for an actual crowd. So I sought to develop a grilled cheese manufacturing method with all the benefits of the stove top variety, and the ability to scale. Further, I’m of the opinion that party food is better when it’s appetizer-sized—something you can stand with, and finish in a couple bites. My solution was to create one giant grilled cheese sandwich, completely made in the oven, and cut it into small bites. The results were cheesy sandwich perfection.

Done right, this method produced a thin, crispy, deeply toasted exterior and melty, flavorful interior, all without having to stand at the ready to squish and flip each sandwich one at a time. Making it will require all of the usual cheesy sandwich ingredients, multiplied by about eight. You’ll also need two sheet pans of the same, or nearly the same, size, and an oven-safe skillet or pot. I used soft, sliced wheat bread and took off just a smidge of the rounded edges so the slices could sit as flush as possible into the pan without losing too much bread. (To quickly shape up multiple slices at once, stack the pieces and use a serrated knife to trim them together.) Save trimmings for breadcrumbs or an impatient snack.

Lay the slices of bread on the sheet pan, puzzling together half-pieces until you’ve covered the entire surface. Using a pastry brush or pliable rubber spatula, slather the bread with a layer of softened, salted butter. No need to abide by any bread borders; treat the bread as if it’s one large piece.

Photo: Allie Chanthorn Reinmann

Flip the slices over so the buttered-side is pressed against the metal of the baking pan. Layer the bread up with cheeses and seasonings as you wish. I used Boursin, cheddar, and black pepper, but feel free to sub in your tried and true favorites. Top the filling with more squared-up bread slices, staggering them so the so the edges don’t line up perfectly. (If you had full slices on the right and half slices on the left, the top layer should be full slices on the left and half pieces on the right.) This ensures that even if you don’t cut along the seams later, the pieces will still hold together on one side. Butter the top as you did the bottom, but leave it butter-side up.

Photo: Allie Chanthorn Reinmann

If you intend to cut it into smaller, pull-apart pieces later, the important mindset shift is to treat it as a uniform object—you’re not making individual sandwiches that happen to be next to each other, you’re making one big sandwich. Make sure to put the filling over bread divisions, so there are no empty spots when you cut it into small pieces later. Had I had more cheese in my apartment, I would have covered it even more thoroughly.

Photo: Allie Chanthorn Reinmann

Lay a second sheet pan on top, so the metal makes good contact with the buttered bread. Put it in a preheated 400°F oven, and place a heavy, oven-safe skillet or pot on top. Bake this for 20 minutes. The metal of the sheet trays in direct contact with the buttered bread will produce a crunchy, evenly toasted surface on both the top and bottom of your party-sized grilled cheese. I forwent the use of parchment or foil lining because it doesn’t help with browning without adding a risk of sticking.

After 20 minutes, remove the skillet and top tray. The edges will be browned but the area directly under the skillet might be a little blonde. Flip on the broil for two minutes to take care of that.

Photo: Allie Chanthorn Reinmann

Take the sandwich out of the oven and use a small knife or metal spatula to release any melted out cheese from the rim. Immediately place a large cutting board over the top, and invert it to release the sandwich from the baking sheet. While it’s still hot and crispy, cut the sandwich into the slice size you want, and serve to your awaiting eaters. Depending on how big or small you cut them, a 10 by 15-inch sheet pan can make 20-48 pieces.

  

from Lifehacker https://ift.tt/sizbAFn

Being Disorganized Is Costing You Money

Photo: TippaPatt (Shutterstock)

As long as inflation keeps making our lives more and more expensive, it’s crucial to be as conscientious a spender as possible. The last thing you want is to keep losing money on the typically avoidable costs that come with being disorganized. As someone who has dabbled in being a disorganized procrastinator, I know just how expensive being scatter-brained can be. I’ve paid my fair share of late fees, cancelation fees, and generally all the fees that come with lost items, missed appointments, and leaving everything until the last minute.

And now, as someone who has seen the light (read: gotten my shit together), here are the most helpful tips to get organized and avoid unnecessary costs.

All the ways being disorganized is expensive

Although being “scatter-brained” can seem harmless, the costs of disorganization add up quick:

• Scattered mail leads to missed bills and late fees.
• Missed appointments mean cancelation fees.
• Procrastinating travel plans leaved you with price hikes at the last minute.
• Misplaced items (like clothing or kitchen supplies) means wasted money on replacements.
• Panic purchases mean losing out on free delivery or potentially cheaper options.
• No groceries or meal plans cause you to splurge on take-out.
• Missed credit payments can hurt your credit score.
• Small, daily purchases from unconscious spending can add up over time.

When we’re disorganized in various areas of our life, we don’t have the freedom to make intentional cost-cutting decisions. Below are our tips to get on top of your spending and stop subjecting yourself to the disorganization tax.

How to get organized and cut costs

Leaving things until the last minute can turn you into an anxious, unwise spender. Here are some ways to be more intentional so you don’t lose money where you could be saving.

• Make lists before you start shopping. It’s helpful to physically write down the things you want to buy before you buy them. This way, when you read over items on this list, you’ll be able to make a more thoughtful decision as to what you really need.
• Book travel plans as soon as you know about them. Flights and train tickets usually get more expensive the closer to the date. Here’s the best order to book your flight, hotel, and car rental.
• Put reminders for birthdays and holidays a month out from the actual date. You’ll have more time to find affordable (and thoughtful!) gifts.
• In general, find a schedule system that works for you. For instance, you might consolidate all your scattered reminders about upcoming appointments into one mega Google Calendar.
• Declutter your home. I know, easier said than done. Here’s our guide to using hooks, file baskets, and more to organize your home so you don’t waste money re-purchasing misplaced items.
• Set up automatic payments—for most recurring bills. It makes sense to ensure you never miss rent or a credit card payment. On the other hand, make sure you aren’t losing money via automatic charges on things like unused subscription services.
  

The bottom line is that there’s a serious tax to being disorganized and leaving things until the last minute. You can spend less and save more with small, attainable improvements to your organizational skills. In other words: Get on top of your shit, and your bank account will thank you.

from Lifehacker https://ift.tt/xHuXvzL

Stop Your Unconscious Spending

Photo: Prostock-studio (Shutterstock)

With inflation making all our lives increasingly expensive, it’s more important than ever to keep on top of your spending habits. Making a budget is a great start, but following it easier said than done. It’s one thing to abstractly vow to “cut back on pricey coffee;” but how do you stick to that when it’s 8 a.m. and you need caffeine ASAP? Here are our tips to becoming a more conscientious spender, so that you can cut back on spending that isn’t adding true value to your life.

Figure out where your money has been going

In order to undo unconscious spending habits—like the costs of lifestyle creep—you have to confront some tough questions about your finances as honestly as possible.

The most important question to answer: Where does my money go? Don’t settle for estimates here. Go through your bank statements and look your spending habits full in the face. Then, evaluate which expenses are actually valuable to you, and not some subscription service you forgot about long ago. It’s far easier to eliminate unconscious spending once you bring it out into the open.

Get specific about your money goals

The idea of “cutting back on spending” is abstract and hard to achieve. It’s like saying you want to “learn how to cook” without ever picking out a recipe or buying an ingredients. Instead, you need specific, attainable goals to guide your conscientious spending.

G/O Media may get a commission

One place to start with your specific spending goals is to physically write down the things you want to buy before you buy them. Use those bank statements to inform what items make your official “to-buy list.” When you read over items on this list, you’ll be able to make a more thoughtful decision as to what you really need.

Remember, you’re still allowed to treat yourself

Cold-turkey restriction is a recipe for an unhealthy relationship with money. As NPR explains, it’s important to indulge thoughtfully. Ask yourself, “How do I expect this purchase will make me feel? What do I want it to make me feel? What feelings am I trying to avoid by buying it?”

Only you can determine what is truly valuable in your life. Personally, I’ve budgeted enough money for my daily coffee indulgence. For you, it might mean treating yourself to a fancy dinner once a month, or perhaps cutting back on restaurant costs in order to go wild on vacation in a few months. Allow yourself to indulge, especially if these indulgences improve your overall relationship with your money.

When you feel confident that you’re spending only on things you love and not wasting money on things you don’t love, you will make much better big financial decisions. For more, here’s how how much small, daily purchases really affect your long-term finances.

  

from Lifehacker https://ift.tt/UMdE7ct

The Best App to Always Win at Music Trivia

Photo: Piotr Piatrouski (Shutterstock)

Spotify and Apple Music may be great for music discovery, but they don’t do a great job telling you more about who you’re listening to. You could know every lyric to “Don’t Stop Believin’,” but if you don’t know what year it came out, you’re going to let your trivia team down. (It’s 1981, by the way.)

NowPlaying is an app that wants to become the encyclopedia of music trivia. It gives you more information about the song, album, artist, or band you’re listening to, and goes into some pretty great details along the way—including where the song or album was recorded, and the names of all of the musicians who worked on any track.

The app listens to songs playing around you, or links with your Apple Music account to pick up songs from your playing history, which makes it pretty convenient to look up trivia. It packages that information in a nice interface, as well.

To give you a sample of what you can expect, we looked up Green Day’s song “Holiday” using NowPlaying. Its liner notes include the story of how Green Day was out of ideas and had an upcoming album’s masters stolen before the band started work on the album American Idiot. From there, it goes on to talk about the album itself and has a paragraph for each of its biggest hits.

You can also use the app to see the lyrics of any song, provided by Genius. It won’t be a new feature for Apple Music users, but at least you don’t need to leave to app to follow along with the singer.

G/O Media may get a commission

NowPlaying is good with popular artists and albums, but it comes up short when you go look up obscure ones. The app has plenty of details to keep you hooked, but its database should expand for it to become the gold mine of trivia that it wants to be. You can download NowPlaying for free. If you want to access additional content and remove ads, it has a $10/year subscription fee.

  

from Lifehacker https://ift.tt/ecKFYbN

What to Do When Your Kid Starts Tattling That Santa Isn’t Real

Photo: Kiselev Andrey Valerevich (Shutterstock)

Last year, it wasn’t even Thanksgiving and my 7-year-old had already let it spill. We were driving home from school with her 5-year-old brother our 6-year-0ld neighbor when out of the blue, she said it: “Santa isn’t real.”

While there’s some good advice out there on what to do when your child doesn’t believe anymore, I was unprepared for the potential social ramifications of my daughter crushing the hopes and dreams of other children. So I asked Shoshana Fagen, a psychologist with Franciscan Children’s, and psychiatrist and parent coach Jess Beachkofsky for some advice on what parents can do if their kid is the one who tells others that there’s no Santa.

Recruit their help—or let go of the story altogether

First, they both said, isolate the one who talked. “It is a good idea to sit your older child down privately to have a conversation with them about your expectations,” Fagan says. Then, appeal to their ego. “Talk to the kid about how clever they are,” Beachofsky says. “Sometimes, if you really want to keep the secret of the story going, you can collude with the nay-sayer and get them to buy into keeping up the ruse. It can be fun for a kid to know the truth and be in cahoots with adults to keep the story alive,” she says.

Beachkofsky also suggests transparency: “Explain why the story is important to the whole family, why you have continued to tell it, and that it’s important to you that it continues for as long as it can (i.e., ‘hint, hint, please don’t tell your little brother!’)”

Keep in mind that your child may feel a sense of betrayal if you tell them their theories are correct. “Kids can have surprisingly complicated feelings about something super magical being a huge make-believe story that almost everyone is in on,” Beachkofsky says. So she suggests giving them space to air their feelings and let them know you hear their grievances.

G/O Media may get a commission

“If you want to continue the Santa tradition in your family after a child grows out of believing, it is OK to continue. Just be aware you both know it is now just about tradition,” says Fagan.

If the kids who have unexpectedly been told the truth are upset, you will need to make some choices. “The easiest solution is to have everyone on the same page about the story,” Beachkofsky says, which means you might have to let the magic go before you might have anticipated for your younger kids. This can be sad but, as Fagan adds, “it is always OK to let go of any family tradition that you have previously started. No tradition is a lifetime commitment.”

How to handle kids who aren’t yours

Try to avoid talking about Santa at all with kids who aren’t yours, especially because “they may actually have some differences in their Santa story that have been passed down along the generations,” Fagan says. “You wouldn’t want to accidentally ruin part of their Santa story unknowingly.”

If it does come up, though, “say things that are as non-committal and vague as possible,” Beachkofsky says. “Try to be thoughtful with your word choices. I would recommend against ‘We don’t believe in Santa here,’ which gives the tip that he’s not real, vs. ‘He doesn’t visit our house,’ which is true but doesn’t give the idea that he’s made up.”

For a direct line of questioning, Beachkofsky says, if a kid asks you point blank about the existence of Mr. Claus, say, “We don’t talk about politics, religion, or Santa without a signed disclosure from your parents.” The legal jargon might work on them, but if they stare at you too blankly, you can also go with, “That’s a great question! I bet your mom would love to be the one to talk to you about this some more,” she says.

If the kids your child broke the story to are not your own, you need to inform the parents of what transpired—you don’t want a similar conversation to go down at their next playdate or family dinner. “For some, this is a huge loss and really feels like their little ones are that much closer to moving away,” Beachkofsky says.

If the other parents get mad at you, don’t beat yourself up too much. “An apology may help with an upset parent, but all kids eventually find out the truth behind Santa through a variety of ways that are out of your control,” Beachkofsky says.

Growing up is all about having little moments of clarity. Helping your kids move through these realizations gently and with love is part of the gig, even if it’s bittersweet to reach these milestones.

from Lifehacker https://ift.tt/HPFabQR

12 of the Best Ways to Use Up Leftover Cranberry Sauce

It would almost be too easy to forget about Thanksgiving and move on to December’s festivities—if it weren’t for that bowl of cranberry sauce that keeps getting moved around in the fridge. It’s great with turkey, but after the last bits have been devoured, the crimson sauce seems to be an outcast. There is absolutely…

Read more...

from Lifehacker https://ift.tt/KPo1zxc

The Best Privacy-Focused Browsers You’ve Never Heard Of

Photo: SFIO CRACHO (Shutterstock)

There’s never a bad time to switch to a browser that respects your privacy more than Chrome does. For most people, Firefox or Brave (along with a few settings changes) is good enough. But if you’re after a browser designed entirely with privacy in mind, you have even better options than those, too.

Of course, no matter which browser you use, you’re never going to magically disappear from the internet. But these four browsers start with privacy-friendly add-ons pre-loaded, and they claim to send no telemetry data as well. They’re great if you want to reduce tracking from advertising networks and your ISP, but not so much if you’re worried about surveillance from governments.

LibreWolf

LibreWolf is a Firefox-based browser with uBlock Origin pre-loaded. It doesn’t send any telemetry data back to its developers, and prioritizes privacy-focused search engines such as DuckDuckGo over the usual Google or Bing defaults. You can think of this browser as Firefox, but with more privacy out of the box. It’s available on Windows, Mac, and Linux, but you’ll have to manually download and install updates if you download its installer. Instead, you should install the app via repositories such as Chocolatey.

Pale Moon

If you want to try a privacy-friendly browser that doesn’t rely on Chrome’s Blink or Firefox’s Gecko engines, then Pale Moon is worth a shot. The browser is open source and says it doesn’t collect any data—something most browser can’t claim in their privacy policies. It works fairly well most of the time, but you may face certain issues like video loading problems. Pale Moon not a mainstream browser, so you’ll also have to give up some of the conveniences of using a popular alternative—for example, the latest extensions may not be available for Pale Moon, and your favorite add-ons may not work.

G/O Media may get a commission

SnowHaze

All iOS browsers are essentially variants of Safari, because Apple doesn’t allow non-WebKit browsers on the App Store. That makes it hard to justify using Safari alternatives, but even then, some browsers like SnowHaze stand out. SnowHaze has a built-in adblocker available from launch and claims to prevent all kinds of tracking and fingerprinting on the internet by default. The browser also has an optional paid VPN available, but don’t rush to sign up for that. You should do your research on the trustworthiness of the developers if you decide to sign up. We have a guide that helps you check if a VPN is shady to get you started.

Mull

Mull is a privacy-focused browser for Android phones. It’s built by the folks behind F-Droid (an alternative app store for Android), and its focus is on privacy. To start, you’ll have to download the F-Droid client on your phone and then install Mull from there. Once you do, don’t forget to install uBlock Origin for more privacy.

 

from Lifehacker https://ift.tt/jIHn8Ch

How to Avoid an Online Shopping Fail

Photo: Kaspars Grinvalds (Shutterstock)

Ever opened up a package only to find that the sturdy, beautiful item you ordered is tissue-paper-thin, or far larger (or smaller) than it looked online? We have a few tips to help you make sure that what you receive isn’t going to be a disappointment—whether you’re buying it as a gift or for yourself.

Look at a lighter color

This excellent tip comes from Reddit, where one smart shopper advises that you shop for dark-colored shoes, bags, and clothing by looking at the lighter colorways.

Stitching, texture, material, and other details may not always show up well in photos of black, brown, dark gray, or navy items. But if the same backpack, say, is available in a light gray or beige, the photo there may offer more clues about how it’s made.

This is where you realize that part of the bag is cloth where you thought it was leather, or that it only has a one-way zipper where you were expecting the kind with two zipper pulls. On clothing, you’ll be able to notice seams in weird places, or that it doesn’t have pockets where you expect.

G/O Media may get a commission

Take measurements and check specs

Clothing shopping for someone else can be dicey if it requires you to know the specific size and fit of the item. But if you do have those measurements, or if you can compare to yourself or a family member of similar size, definitely make use of the size chart.

This applies to non-clothing items, too. Especially if you think you’re getting a good deal on something, measure to make sure it’s the dimensions you expect. We’ve all seen those photos from people who didn’t realize they were buying dollhouse furniture, but it can happen with other items, too. For example, I once shopped for very small weight plates to put on an Olympic bar, and then fell into a comparison-shopping rabbit hole. I didn’t realize until the package arrived that the plates had a 1" instead of a 2" hole, and didn’t fit my barbell.

So, double check the dimensions before you check out. If you’re buying doll clothes, for example, there’s a big difference between clothes for 18" dolls and clothes for 14" dolls. For some items, you may even want to trace out the measurements onto a piece of paper or cardboard to see if it’s a good size. (I’ve done this when shopping for phones.)

Look at resale websites to see how it wears

The photos on a shopping website give you the best view of the object. Someone has chosen the most flattering angles, and possibly stuffed or smoothed its shape. If it’s an item that can be worn, the model’s body type might also skew your sense of how it will look in real life.

Fortunately, there are other ways to see what the item really looks like. Some shopping sites allow customers to upload photos or videos with a review, but these still tend to be newer items, just unboxed.

For a more honest look, check out places where people sell gently used items, like Poshmark. If something fades, wears, or scuffs easily, you’ll see evidence of that. This can also help you to make a considered decision about whether you actually want to buy this item, rather than being dazzled by the way it’s packaged or photographed.

A redditor in r/MakeupRehab posted that they check out used listings of expensive makeup to see whether they still like it after seeing it mussed up. “I rarely am excited to buy it after,” they note. If you’re tempted to buy things for yourself while gift shopping, this could be a good way to temper that excitement.

   

from Lifehacker https://ift.tt/wQnqZKF

30 of Greatest Movie Soundtracks Ever

Screenshot: Saturday Night Fever/Paramount Pictures

Imagine Trainspotting without “Lust for Life.” Do the Right Thing without “Fight the Power.” Shaft without...”Shaft.” You can’t. The perfect song choice can make a good cinematic moment great, and a bad one can ruin an otherwise decent scene.

There’s an art to building a stellar movie soundtrack, and plenty of them fail to strike the balance. Some might have a memorable single, but don’t come close to offering up an album’s worth of music worth to listening to outside of the film. The best movie soundtracks succeed in supporting the films that they were created for, but also standing on their alone—they benefit from the context the movies provide, but are also solid listens on their own.

Crafting a list of some of the best soundtrack albums ever requires some ground rules: No out-and-out musicals, mostly; it seems fairer to cordon those off into a separate category. Also, the soundtracks albums have to mostly feature music actually used in the movie; a few songs that didn’t wind up in the finished film are excusable, but none of this “inspired by” business. All of these albums should all be readily available wherever you stream music.

from Lifehacker https://ift.tt/DJUHl7Q

15 of the Best Species of Live Christmas Trees (and Which to Choose)

Photo: Paul McKinnon (Shutterstock)

If you celebrate Christmas, you probably have a decorated tree set up somewhere in your house. As a kid, the tree in my house was a dusty old artificial model that had to be assembled branch by branch. We always kept it in the basement, stuffed into a cardboard box, and every holiday season, unboxing it was a game of Spider Or Not?

At some point my parents decided a real, live tree would be a more dignified option (which changed our annual game to one of Squirrel Family or Not?), and thus began our tradition of standing around various parking lots while gruff men cheerfully sold us what appeared to my young eyes to be a random pine tree.

But these trees weren’t random! And nor should they be: You actually have a surprisingly wide range of tree species to choose from for the centerpiece of your holiday decorating. If you’re in the market for a real Christmas tree this year, here are the 15 best types—and why you would choose each one over all the other trees in the lot.

from Lifehacker https://ift.tt/ULTYmZ1

CyberCube Account Manager Version 4.0 helps underwriters proactively assess their CAT exposure

CyberCube launched Version 4.0 of Account Manager, the software-as-a-service (SaaS) solution designed explicitly for single risk (re)insurance underwriters.

Resulting from CyberCube’s continuous analysis of cybersecurity data at a petabyte scale, Account Manager delivers a comprehensive, curated spectrum of impactful signals, analytics, and financial risk quantification to empower underwriters to make consistent, data-driven decisions.

The latest version includes a variety of improvements including new data, usability enhancements, as well as scoring and signal refinements. New financial quantification insights have also been introduced, leveraging CyberCube’s catastrophe loss modeling for single-risk evaluation needs, to help carriers proactively assess their CAT exposure at the point of underwriting.

John Anderson, CyberCube’s Principal Product Manager for Account Manager, said: “For too long, insurance carriers have been relegated to using solutions designed for other purposes to inform their decisions.

“Account Manager Version 4.0 is the next gen solution underwriters have been demanding. It combines many elements including our world class CAT model, attritional and large loss model, proprietary security signals and data, in a highly intuitive and underwriter centric layout. This tool empowers underwriting teams, enabling meaningful guideline setting, and is prime for adoption.”

Mohammad Al Boni, CyberCube’s Lead Data Scientist, said: “We strive to continuously study and analyze our data and analytics, applying several advanced techniques such as multivariate statistical analysis and predictive forecasting. Account Manager Version 4.0 demonstrates the high degree of rigor we apply to ensure we are validating and producing cutting edge analytics.”

Account Manager Version 4.0 is now available and is the latest enhancement to CyberCube’s continuously evolving suite of solutions and services.

from Help Net Security https://ift.tt/Tk2KmQc

Cloud security starts with zero trust

In this interview for Help Net Security, Mark Ruchie, CISO at Entrust, talks about cloud security and how zero trust should be implemented to guarantee overall cloud protection.

Organizations are increasingly moving their operations to the cloud, thus making security a top priority to make sure employee, personal and customer data is safe. Are organizations up to date with the security requirements?

Many organizations today are not close to where they need to be in order to have sufficient cloud security in the current work environment. Most organizations have outdated security systems that are generally based on-premises. Many times, these outdated systems add an extra layer of complexity to the process of shifting to the cloud, but this complexity does not mean organizations should hold off on this shift. In fact, holding off will only postpone the inevitable and make a system update even more complex down the line. An outdated system will also make an organization more susceptible to outside attacks due to limited security. This is why it is imperative for organizations to implement security controls when shifting to the cloud.

What are the steps organizations have to take to implement zero trust in their cloud environment?

Generally speaking, the best way for an organization to approach zero trust is for security teams to take the mindset that the network is already compromised and develop security protocols from there.

With this in mind, when implementing zero trust into a cloud environment, organizations must first perform a threat assessment to see where their biggest vulnerabilities lie. Zero trust strategy requires an inventory of every single item in a company’s portfolio, including a list of who and what should and should not be trusted. Additionally, organizations must develop a strong understanding of their current workflows and create a well-maintained inventory of all the company’s assets.

After conducting a thorough threat assessment and developing an inventory of key company information, security controls must be specifically designed to address any threats identified during the threat assessment to tailor the zero trust strategy around them. The nature of zero trust is inherently complex due to the significant steps that a company has to take to achieve a true zero trust atmosphere, and this is something that more businesses should take into account. Zero trust will not be achieved overnight and takes time, but it is worth it in the long run.

How can zero trust help protect data stored internally and externally?

Today, zero trust is the new “zoning” of legacy on-premise networks. However, zoning was tough to implement and introduced a lot of friction whereas zero trust has the potential to provide better security capabilities and not introduce as much friction to the business.

Additionally, zero trust provides more clarity for organizations as it is focused on protecting data rather than securing different segments. Zero trust limits access to data based on individual roles within an organization and protects access by role, helping to better secure valuable, sensitive company data by specifically identifying who has access to information. This is especially important in a cloud-based working environment since a zero trust strategy focuses on protecting data from bad actors. While employees may work on different networks or devices, zero trust can help ensure that important company data stored in the cloud is secure while still being accessible to those who need it.

At its core, zero trust inherently means security teams do not trust anything, so individuals accessing the organization’s network must prove they are trustworthy. This trust determines who is able to pass an organization’s firewalls. This is why it is important for organizations to go through a thorough assessment before granting trust.

How can zero trust optimize business operations money wise?

Implementing zero trust can greatly help organizations determine which areas are significant threats and which areas need increased security. This can help businesses ensure they are spending money on more targeted services that their IT teams need most to improve security. This can also help eliminate overspending on aspects of the company’s security strategy that are already sufficient. Overall, zero trust helps businesses focus on what is truly needed to improve security and helps inform business leaders to spend money wisely.

How do you see cloud security evolving in the future?

As more and more businesses migrate to the cloud, cloud security is already maturing and spreading out, requiring different solutions based on different design principles, processes and technologies. Several years ago, most people thought that they only needed to replicate on-premise security controls like web application firewall, and then came cloud access security brokers (CASBs), which required a new set of security controls.

Today, we have SaaS security posture management (SSPM), cloud workload protection platform (CWPP) and combined cloud-native application platform protection (CNAPP) tools. All these different tools make it more difficult for businesses to keep up with the changes to cloud security. There are only going to be more tools coming out in the future, so it’s critical businesses prioritize cloud security today so they can better keep up with the ever-changing cloud landscape.

from Help Net Security https://ift.tt/reXv1PJ

How the dynamics of phishing attacks are changing

In this Help Net Security video, Alex Paquette, COO at Ironscales, discusses the impact in terms of the time and energy required to defend against the never-ending and ever-evolving onslaught of phishing attacks. A recent study conducted by Osterman Research found that IT and security teams spend one-third of their time handling phishing threats every week. 70% of organizations spend 16-60 minutes dealing with a single phishing email message. Almost half of the respondents state … More →

The post How the dynamics of phishing attacks are changing appeared first on Help Net Security.

from Help Net Security https://ift.tt/Dv4Uqn8

7 free cybersecurity resources you need to bookmark

CodeSec

CodeSec is a CLI based tool which brings Contrast’s enterprise-level security testing right to your laptop. It allows you to run real-time SAST or Serverless scans and receive actionable results in a matter of minutes.

Defendify Essentials Package

Assess your cyber risk, test your network, and improve awareness with essential tools from Defendify:

• Cybersecurity assessments: Assess your cyber strengths, weaknesses, and opportunities for improvement.
• Vulnerability scanning: Identify and prioritize vulnerabilities in your organization’s external facing network.
• Threat alerts: Stay informed and cyber smart with curated cybersecurity news, events, and notifications.

Have I Been Pwned

Have I Been Pwned is a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or “pwned” in a data breach.

PhishTank

PhishTank is a collaborative clearing house for data and information about phishing on the Internet. Also, PhishTank provides an open API for developers and researchers to integrate anti-phishing data into their applications at no charge.

Shodan

Shodan is the world’s first search engine for Internet-connected devices. Discover how Internet intelligence can help you make better decisions.

VirusTotal

VirusTotal inspects items with over 70 antivirus scanners and URL/domain blocklisting services, in addition to a myriad of tools to extract signals from the studied content. Any user can select a file from their computer using their browser and send it to VirusTotal.

Web Security Academy

The Web Security Academy is a free online training center for web application security. Unlike a textbook, the academy is constantly updated. It also includes interactive labs where you can put what you learn to the test. If you want to improve your knowledge of hacking, or you’d like to become a bug bounty hunter or pentester, this is the right place.

from Help Net Security https://ift.tt/9vxr5lk

Many Global 2000 companies lack proper domain security

CSC released its third annual Domain Security Report that found three out of four Forbes Global 2000 companies have not adopted key domain security measures—exposing them to high risk of security threats. These companies have implemented less than half of all domain security measures.

In addition, lookalike domains are targeting those companies as well—with 75% of homoglyph registrations being registered to unrelated third parties. That means many of the world’s largest brands contend with maliciously registered domains that look like their brands.

The intent of these fake domain registrations is to leverage the trust placed on the targeted brand to launch phishing attacks or other forms of digital brand abuse, or IP infringement that leads to revenue loss, traffic diversion, and a diminished brand reputation. Homoglyph domains are just some of the endless domain spoofing tactics and permutations that can be used by phishers and malicious third parties.

Additional key takeaways

137 companies (6.8%) had a domain security score of “0”

Not deploying any of the recommended domain security measures puts these companies at risk for a variety of attacks, including but not limited to domain and DNS hijacking attacks, network and data breaches, phishing and ransomware attacks, and business email compromise (BEC).

45% of companies that use enterprise-class domain registrars also deploy registry lock

Registry lock is a highly cost-effective means to protect domain names against accidental or unauthorized modifications or deletions. Only 5% of companies that use consumer-grade registrars have registry lock deployed. Additionally, only six organizations within the Global 2000 had the highest overall domain security score, which correlates with their use of an enterprise-class registrar.

DMARC is the only domain security measure with significantly increased adoption this year

Given all the news about phishing attacks—including their increase in volume and complexity—it’s no surprise that domain-based message authentication, reporting, and conformance (DMARC) adoption has increased by 12 percentage points in the last 12 months. However, growth in other domain security measures, such as registry lock, domain name system (DNS) redundancy, DNS security extensions (DNSSEC), and certificate authority authorization (CAA) records saw limited increases year-over-year.

“This report shows that while some progress has been made, a majority of the companies listed in the Forbes Global 2000 are still overlooking full implementation of foundational domain security measures,” says Mark Calandra, president of CSC’s Digital Brand Services.

“A focus on securing legitimate domains while monitoring for malicious domains in parallel needs to be a bigger priority for companies that are advocating for a zero trust model to stay protected and thwart cyber risk. Otherwise, companies are exposing themselves to significant enterprise risks that can impact their cyber security posture, data protection, intellectual property, supply chains, consumer safety, revenue, and reputation.”

The report also found that 82% of the third parties registering homoglyph domains are actively masking their identity. This demonstrates the attempt to hide their ownership, showing they may have some nefarious intentions. Additionally, 48% have MX records in 2022, compared to 43% in 2021. MX records can be used to send phishing emails or to intercept email.

from Help Net Security https://ift.tt/N1qAidH

Chrome fixes 8th zero-day of 2022 – check your version now

There isn't a rhyme to remind you which months have browser zero-days... you just have to keep your eyes and ears open!
from Naked Security https://ift.tt/2fd0hOT

Stop Using These Arrogant-Sounding Phrases at Work

Photo: Mangostar (Shutterstock)

Sounding confident and knowledgeable at work is a good thing, but sometimes we can say things that we think highlight our value as employees, but actually give the impression that we’re pretentious or insecure.

Of course, a lot of it comes down to your tone, the context, and the specific situation, but there are certain phrases that are almost always the wrong choice in a workplace setting. Here’s what to know.

Avoid using these arrogant-sounding phrases at work

According to Kathryn Petras and Ross Petras, authors of the book “You’re Saying It Wrong,” and hosts of the NPR podcast of the same name, there’s a fine line between sounding confident and arrogant at work.

Using a 2011 study published in the Journal of Personality and Social Psychology, they’ve come up with this list of phrases that they say tend to come across as arrogant, and, in most cases, should be avoided at work:

1. “I don’t mean to brag, but …” — Great, then don’t brag.
2. “I already knew that ...” (or “Doesn’t everyone know that?”) — Everyone’s lived experiences are different, so no.
3. “I’m pretty sure that …” — It’s usually better to say that you don’t know something than to attempt to guess or make something up.
4. “No offense, but ….” — Saying that does nothing to soften whatever comes next.
5. Overusing “I” (or “me) — Chances are, it’s not all about you.
6. “Oh, I’m just kidding!” — This passive-aggressive way to insult someone doesn’t give you permission to say whatever you want. See also: “No offense, but....”
7. “You probably don’t know this, but …” — Just share the piece of information without the insulting disclaimer.
8. “If I were you, I’d ….” — Did someone specifically ask you what you would do if you were in their position? If not, then leave this phrase out.

More effective ways to communicate at work

Instead of using the phrases above, the Petrases recommend these general approaches to workplace communication:

• Genuinely listen to your colleagues and consider their perspectives, rather than assuming and asserting that you’re always right. And don’t interrupt them when they’re speaking.
• Get out of the habit of talking just for the sake of it, because you think it makes you sound knowledgeable or confident. Your contributions to a conversation will have more of an impact if you’re actually adding something new or helpful.
• Ask other people about their experiences, rather than making everything about you and yours. The same goes for opinions: Just because you have one, it doesn’t mean you need to share it.
• Use more inclusive terms like “we” and “our” instead of “I,” “me,” or “my” to at least make it sound like you’re a team player.

from Lifehacker https://ift.tt/v45nzgZ

Use Nature for Free Christmas Decorations

Photo: Sergey Mikheev (Shutterstock)

Looking to save money on holiday decorations this year? Along with reusing (or repurposing) pieces you have from previous years, you can freshen up your festive decor with a little help from nature. Here’s what to know.

How to decorate for the holidays using pieces from nature

First, a few ground rules. If you’re fortunate enough to own a house with your own yard, then by all means, help yourself to what’s there. City-dwellers and others who don’t have access to their own nature shouldn’t trespass on private property, or take things from parks. They can, however, ask friends and family with trees and yards if they could pop over and help tidy up their property (i.e. forage for holiday decorations).

Anyway, here are a few ideas:

Evergreen branches

The most obvious—and most versatile—of the natural decorations, branches from evergreen trees can be used for everything from garland, to tablescapes, to wreaths, to greenery around a nativity scene. Pop a few sprigs in a clear glass bottle, tie a ribbon or piece of twine around it, and place it anywhere in your home that could use a little sprucing up.

No evergreen trees in your area? If you happen to live near one of those Christmas tree pop-ups on the street, in an empty lot, or in a parking lot, ask the vendor if they have any broken branches they want to get rid of, or if you have permission to pick up those that are already on the ground.

Pinecones

Another winter classic, pinecones can be used in a variety of ways, including filling a bowl and used as a centerpiece, made into ornaments, or glued together as a wreath.

Sticks and twigs

Like evergreen branches, you can put a few twigs into a vase or glass jar for instant holiday decor. If come across any longer sticks that are relatively flexible, bend a few into a round shape, secure them, then add some greenery at the bottom, perhaps a pinecone, and make a wreath.

from Lifehacker https://ift.tt/tcogDC7

Yes, You Really Can Gift Your Little Kid a Cardboard Box

Photo: Sorapop Udomsri (Shutterstock)

Children can be fickle creatures. A toy they wanted more than anything else could lose its appeal in a matter of minutes. But through fads and trends, one item has kept kids entertained for generation: A (large) cardboard box.

To a kid, a cardboard box that’s big enough for them to fit inside with a friend or sibling has the potential to be anything: A fort, a plane, a spaceship, an office cubicle, or their own personal library. It can also simply be a cardboard box that they sit inside while everyone else is stuck on boring couch or chairs.

That’s why we propose gifting your little kid a giant cardboard box—not as a replacement for their other present(s), but as something to add that doesn’t cost much, but they’re likely to enjoy. Here are some ideas.

How to gift a cardboard box to your young child

The first step is finding the right box. If you happen to be getting a new large appliance sometime very soon, then you’re all set. Otherwise, you can either buy a new cardboard box at a hardware, office supply, moving/shipping, or big box store, or hit up one of the places were you can often get them for free. Then assemble the box (if it comes flat).

Once you have the box, it’s time to fill it. It’s up to you what goes in there, but keep in mind that you’ll have to clean it up (i.e. avoid packing peanuts). Some options include: A special pillow and blanket for taking naps, some of those plastic balls you’d normally put in a ball pit, or a bunch of tissue paper. You can also throw in some art supplies or props they can use to transform their box, or a few books they can use as inspiration.

Finally, wrap up the box (a bow is an optional, but fun touch), and place it under the tree.

from Lifehacker https://ift.tt/2ltDE0P

Week in review: 5 free CISA resources, surviving a DDoS attack, Google to make Cobalt Strike useless

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Google seeks to make Cobalt Strike useless to attackers
Google Cloud’s intelligence research and applications team has created and released a collection of 165 YARA rules to help defenders flag Cobalt Strike components deployed by attackers.

Fake subscription invoices lead to corporate data theft and extortion
A threat actor dubbed Luna Moth has been leveraging social engineering and legitimate software to steal sensitive data and extort money from small and medium-size businesses.

A flaw in ConnectWise Control spurred the company to make life harder for scammers
A vulnerability in popular remote access service/platform ConnectWise Control could have been leveraged by scammers to make compromising targets’ computers easier, Guardio researchers have discovered.

5G can reduce – but also create – security risk
In this interview with Help Net Security, Anubhav Arora, VP of Security Engineering at Cradlepoint, talks about the most common 5G security misconceptions, how to make sure the network is safe, but also how 5G can benefit businesses.

5 free resources from the Cybersecurity and Infrastructure Security Agency (CISA)
The Cybersecurity and Infrastructure Security Agency (CISA) is an agency of the United States Department of Homeland Security. CISA is in charge of enhancing cybersecurity and infrastructure protection at all levels of government, coordinating cybersecurity initiatives with American U.S. states, and enhancing defenses against cyberattacks.

Future-proofing asset and vulnerability intelligence in response to CISA’s BOD 23-01
Modern environments have become more dynamic and the need for equally progressive asset discovery techniques has intensified. The new Cybersecurity and Infrastructure Security Agency (CISA) Binding Operational Directive (BOD) 23-01 recognizes this fact.

Three security design principles for public REST APIs
In this Help Net Security video, Dr. Pedram Hayati, Founder of SecDim, offers a technical write-up based on a secure programming challenge.

90% of organizations have Microsoft 365 security gaps
A recently published study evaluated 1.6 million Microsoft 365 users across three continents, finding that 90% of organizations had gaps in essential security protections.

How entrepreneurs can capitalize on the impending golden age of cybersecurity
As the markets continue to fluctuate, budget cuts and layoffs now extend across the tech industry, with cybersecurity no exception from tightening its belt and assessing its priorities.

Legacy IT system modernization largely driven by security concerns
In this Help Net Security video, Tim Jones, Managing Director, Application Modernization for Advanced, talks about how being tethered to legacy systems is seen as a true barrier to digitalization for the enterprise today, and offers insight into the main reasons for modernizing the mainframe.

The pros and cons of using open-source Kubernetes security software
Open source tools are a key part of the Kubernetes security environment, with most companies using open source Kubernetes security software, research by ARMO has revealed.

Out of the blue: Surviving an 18-hour, 39M-request DDoS attack
No online business can afford to neglect malicious bot threats. Attackers and fraudsters increasingly leverage bots to automate and coordinate attacks, driving IT teams and ill-equipped security tools to their limits.

What cyber insurance really covers
In this Help Net Security video, Manoj Bhatt, Head of Security and Advisory at Telstra Purple, discusses how with increasing product complexity and compliance requirements, ever-rising product premiums, and access to cover restricted for many organizations, many security teams are questioning the value of cover in the first place.

Threat actors extend attack techniques to new enterprise apps and services
Perception Point announced the publication of a report, “The Rise of Cyber Threats Against Email, Browsers and Emerging Cloud-Based Channels“, which evaluates the responses of security and IT decision-makers at large enterprises and reveals numerous significant findings about today’s enterprise threat landscape.

Best practices for implementing a company-wide risk analysis program
For most organizations today, the threat surface is broad and getting broader. There are the obvious concerns like the user base, remote or BYOD computing, on-premises infrastructure, and cloud, SaaS, and virtual environments.

The impact of inadequate SaaS management
In this Help Net Security video, Uri Haramati, CEO at Torii, talks about how it’s impossible for IT to take full ownership or responsibility for managing cloud apps today.

Cyber risk focus areas for portfolio companies
IT management is a top concern, with many portfolio companies struggling with IT hygiene, potentially leaving them susceptible to costly breaches, according to a report from BlueVoyant.

The safest datacenter is the one that works best
A recent Gartner study found that organizations’ overall spending on datacenters is set to amount to $221B in 2023 – a predicted rise of 11.3% in spending since 2021. It’s clear that investment in datacenters is a global priority for businesses.

How cloud PCs act as an insurance plan for ransomware recovery
In this Help Net Security video, Matt Davidson, CTO at Workspot, discusses how cloud PCs are serving as a modern insurance plan for business recovery, enabling safe access for employees from anywhere in the world at a moment’s notice while IT leaders investigate and mitigate the damage.

Here’s how to make sure your incident response strategy is ready for holiday hackers
The best line of defense against holiday hacking schemes is a comprehensive incident response strategy that focuses on end-user vulnerabilities.

Overcoming unique cybersecurity challenges in schools
With ransomware attacks rising, administrators must find ways to prevent their schools from becoming the next victim, while preserving the integrity of the learning process.

Introducing the book: The Security Analyst’s Guide to Suricata
In this Help Net Security video interview, Eric Leblond, CTO at Stamus Networks, talks about The Security Analyst’s Guide to Suricata, a book he co-wrote with Peter Manev.

New infosec products of the week: November 25, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Solvo, Sonrai Security, and Spring Labs.

from Help Net Security https://ift.tt/VwHBqgO