Photo: Yuganov Konstantin (Shutterstock)

After a year of rising prices resulting from inflation, many families are cutting back on their holiday spending—including when it comes to gift-giving. Making a rule about not giving presents to other adults is one thing, but you probably want to give your kids a holiday experience to remember (for something other than the lack of presents).

One way to do that—and stick to your budget—is to plan a Christmas treasure hunt at home. Here’s what to do.

How to plan a Christmas treasure hunt

First, a quick primer on “hunts” of this type. “Scavenger hunts” involve players or teams competing to collect and/or photograph the most items specified a list in the amount of time allotted. A “treasure hunt” is the kind where players or teams follow a series of clues (sometimes in the form of riddles) to find some sort of prize at the end. It’s also the one we’re talking about here.

Of course, you can take the time to write your own clues for your Christmas treasure hunt, but if you don’t have the time or energy for that, there are plenty of generic holiday-related clues online. You can either write them out yourself, or use some of the free downloadable and printable clues that are available. (Most are mislabeled as being for a scavenger hunt, so don’t let that throw you off.)

Alternative: a less-time-consuming holiday hunt

Separately, there’s also the kind of hunt where various prizes are hidden throughout a set location, and participants simply need to find them—the classic example being an Easter egg hunt.

Because treasure hunts typically require the ability to read clues, if you have younger children, you may want to opt for this type of Easter-egg-style hunt. But considering that it requires much less time and effort to put together than an actual treasure hunt, it might make more sense to do this version, regardless of whether or not your kids can read.

All you have to do is hide small prizes (e.g. a treat, stickers, a small toy or trinket from the dollar store, etc) throughout your home and/or yard, and then set the kiddos loose.

from Lifehacker https://ift.tt/Nr1plPu

Photo: Bozhena Melnyk (Shutterstock)

Most houseplants need to be potted in a container with some type of drainage. If water doesn’t have a way of exiting the pot, it will settle at the bottom, causing the roots to rot, and eventually killing the plant.

But what if you’re looking for something that’s so easy to care for that drainage isn’t an issue? In that case, you’re in luck, because there are some indoor plants that don’t require pots with drainage. Here are a few examples.

Chinese evergreen (Aglaonema Maria)

This houseplant grows best is moist soil, so a lack of drainage isn’t an issue. Of course, the idea isn’t for the soil of a Chinese evergreen to be soggy or waterlogged, but rather, to ensure that it doesn’t dry out: Something that may be easier to control in a pot without holes on the bottom. One potential downside is that Chinese evergreen is toxic to dogs and cats, so pet owners may want to consider getting a different plant.

Spider plant (Chlorophytum comosum)

Spider plants are popular with beginners for many reasons—one of which is that it doesn’t need to be in a pot with drainage holes. In fact, as you may recall from elementary school science class experiments, it’s possible to start growing a clipping from a spider plant in a bowl of water.

Spanish moss (Tillandsia usneoides)

Given its ability to grow hanging from trees, it should come as no surprise that Spanish moss is a pretty hardy plant. And if you’d like to grow some as a houseplant, you don’t need to worry about finding a pot with drainage—or any soil, for that matter. Spanish moss gets its water and nutrients from the atmosphere, so instead of dealing with dirt and drainage, you’ll be spritzing it with water and liquid fertilizer.

from Lifehacker https://ift.tt/0QAD7Uv

Photo: TravnikovStudio (Shutterstock)

Want to do something with the kids for the holidays, but can’t afford breakfast with Santa or the Polar Express train ride? Or perhaps you’re looking for something festive to do with your friends or on a date, but tickets to the Nutcracker aren’t in the budget. Don’t worry, we’ve got you covered.

Here are a few examples of free or cheap events that take place in communities across the country throughout the holiday season.

Free or cheap holiday events

Check the event listings in your community and surrounding areas for activities like these:

City/town tree-lighting ceremonies

Though the lighting of the Rockefeller Center tree and National Christmas Tree get all the attention, there are smaller-scale tree-lighting ceremonies in cities, towns, and neighborhoods across the country. Your local government website should have the details on how to attend, but don’t wait to check: Many are happening this week.

Holiday open houses

Cultural institutions like museums, local historical societies, and libraries often hold holiday open houses, which are typically free and open to the public—even if there’s usually an entry fee—and often involve free refreshments.

Historical homes that now operate as museums are a particularly good choice, as they often have period holiday decorations. This is a great way to check out a place in your community that you’ve always wanted to visit.

Concerts, plays, and screenings

There’s typically no shortage of free or cheap holiday performances you can attend in your community, including but not limited to choir concerts, Christmas pageants, holiday movie screenings, and carol singalongs.

Driving around looking at holiday lights

While this isn’t an “official” event, you can make it one. Pile everyone in the car, crank your favorite holiday music, and cruise around looking at the lights. Technically it’s not totally free, because you still have to pay for gas, but at least you get to enjoy the lights without footing the energy bill.

from Lifehacker https://ift.tt/mjLhJvk

Those numbers or names that pop up when a call comes up? They're OK as a hint of who's calling, but THEY PROVE NOTHING
from Naked Security https://ift.tt/UflaGwt

Photo: Bartosz Zakrzewski (Shutterstock)

‘Tis the season to dig out the decorations and trim your tree, and any other parts of your home that you think could use some holiday cheer. But if rising energy costs have you hesitant to plug in multiple strings of lights, an inflatable snowman, or your blow mold nativity scene, you may be rethinking your design strategy.

Fortunately, there are plenty of ways you can deck your halls for the holidays without running up your electric bill. Here’s what to know.

Christmas decorations that don’t require electricity

Of course, going out and buying all new holiday decorations isn’t the most cost-effective solution, but if you’ve decorated in previous years, you should at least a few things to work with already. Here are some options:

Wooden cutouts

If you’ve inherited vintage outdoor Christmas decorations from your parents or a family member, it might include wooden cutouts of various holiday and winter characters—Santa, reindeer, snowmen, carol singers, and the other usual suspects. They typically have a stake at the bottom that can be pressed into the lawn or other unpaved area.

Wreaths and garland

Who doesn’t love a festive wreath or some evergreen garland? Whether yours are fresh or artificial, they don’t need electricity to add some holiday cheer to the inside or outside of your home. If the wreath or garland you already have has a strand of lights woven through it, you can still hang it without turning them on.

Solar-powered decorations and lights

Need a way to illuminate your outdoor decor? Opt for solar-powered spotlights, which can be found at most hardware and big-box stores, as well as online retailers. Plus, you can use them for other purposes year-round.

Other than that, there are now more solar-powered light-up Christmas decorations available than in previous years. If that’s something you’re interested in, you could always buy and try a few this year, and if you like them, stock up for next year when they go on sale after Christmas.

from Lifehacker https://ift.tt/ziumKXv

Here’s a look at the most interesting products from the past week, featuring releases from Solvo, Sonrai Security, and Spring Labs.

Sonrai Risk Insights Engine empowers security teams to reduce impact of exploits

Sonrai Security releases Risk Insights Engine which lets developer and security teams control the chaos in both their organizations and their multicloud environments, minimizing lateral movement that leads to data theft. The platform recommends goals based on multiple factors, including the intended use of an environment (development, staging, production, etc.), presence of sensitive data (e.g., PII), and the maturity of the team responsible for it.

Solvo Data Posture Manager protects organizations using public cloud services from data leakage and breaches

Data Posture Manager delivers enhanced visibility into users and cloud components that have access to sensitive data, alerting organizations to excessive or newly-granted privileges and enabling one-click, real-time remediation of security policy violations, ultimately helping security teams combat overload, fatigue, and lack of resources.

Spring Labs TrueZero enables companies to exchange sensitive data without revealing PII

TrueZero authenticates account information and cuts vendor due diligence times by up to 50%. The service also replaces business’s sensitive information with non-sensitive data called tokens to allow businesses to share data with third parties without sending any PII.

from Help Net Security https://ift.tt/GVvDE0O

The cyber game is now an entire underground economy wrapped around cyberattacks. Thanks to increased international friction and the activity of groups such as Lapsus$, cybercriminals have upped the ante on cybercrime in order to turn a profit. Atakama outlines its top cybersecurity predictions for 2023.

IoT blends with shadow IT to make a security headache

With 43 billion devices connected to the internet in 2023, attackers have no shortage of targets. Although IoT devices can provide productive capabilities in commercial environments, risks abound. Manufacturers prioritize convenience and consumer-like appeal over security fundamentals. Unsurprisingly, devices are often deployed with weak or default credentials.

To make matters worse, IoT has proliferated within shadow IT systems, leaving already-weakly-protected cameras, microphones and sensors well outside the control of organized security platforms. Even within a strong perimeter, a poorly configured IoT device is bad news. Susceptibility increases many fold when the same poorly configured IoT device is within a shadow IT system.

Rise in sophisticated ransomware attacks put data exfiltration in the spotlight

The rising prevalence and sophistication of attacks targeting sensitive data will continue to plague organizations into 2023 and beyond. Double extortion attacks, pack an even greater punch by encrypting sensitive and proprietary data, hold it for ransom, and worse, publish the data on the dark web unless organizations cough up the cash. As the Verizon 2022 Data Breach Investigations Report says: “There are now more ways for attackers to monetize data.”

These attacks will increase as cyber criminals find it relatively easy to breach organizations’ defenses, and cash out.

In response, organizations will need to look beyond conventional data protection practices toward technologies that protect data at the source, such as multifactor encryption to render files useless to threat-actors who will not be able to access the data, whether it is still inside the security perimeter or successfully exfiltrated.

DevSecOps goes up a notch

Securing developer environments will become one of the most critical components to achieving optimal security for organizations in 2023. Count on highly elaborate cyberthreats targeting these complex infrastructures, as seen with the success of the SolarWinds attack, which continues to inspire malicious actors because application development is such a rich target. Inserting a few lines of malicious code can potentially open up thousands of entities in the supply chain of partners and customers.

Heightened DevSecOps practices in line with zero trust architectures and advanced encryption solutions will become more common as organizations realize these approaches are a critical business necessity.

People will continue to be the weakest link in cyber teams’ security chain

Sad to say, people will remain the main source of cybersecurity risk in any organization. Despite all the training, employees are still likely to provide threat actors with an entry point through social engineering, phishing or lapses that include sharing of passwords and log-in credentials. The Verizon 2022 report found the “human element” was a “key driver” in 82 percent of data breaches.

Insider threats from corrupt employees or individuals bearing a grudge will continue to be a serious concern. Threats from employees at partner organizations and third-party suppliers will require continued vigilance and increased implementation of zero trust strategies.

More awareness of CISO liabilities

This year’s Uber data breach conviction will focus many minds on the C-suite that the CISO role is one that carries significant ethical responsibilities.

Cybersecurity, like many other professions, has a code of ethics that’s expected of its practitioners. Individuals entrusted with the security and privacy of data, must behave ethically.

We know that the cybersecurity landscape is not always a level playing field and even the most ethical and highly technical cybersecurity teams cannot prevent the most determined attackers.

2023 may prove to be a more volatile year for CISO’s as they deal with the pressures of maintaining a ridged security posture, while also dodging the bullet of blame when attacks are successful.

They are likely to rely on degrees in information security disciplines and a wide range of professional certifications such as CISSP. What’s important is for CISOs constantly to update their knowledge because it is not just the threats that will develop, solutions will too, and they need to keep up-to-date.

Daniel H. Gallancy, CEO of Atakama adds: “Cyberthreats will continue to proliferate in number and grow in sophistication throughout 2023. While basic security practices will prevent many breaches, organizations are going to need more advanced solutions to protect themselves from the devastating consequences of a successful attack.”

from Help Net Security https://ift.tt/qEP2Ljt