Human-rights

10 Reasons Why Human Rights Are Important

Defenders Protection Initiative (DPI) is global organization comprising of many corporations in unity with people who take injustice and violations of human rights as an offense. We are  well known for employing research, advocacy, action and campaigns to fight against abuses of human rights around the world. One of the ways our organization fights against injustice is through informing the public. DPI covers a broad spectrum of issues from women’s rights and political freedoms to regional and global conflicts. We also offer digital security.

Below are some of the top reason why Human Rights Are Important.

#1: Human rights ensure people have basic needs met

Everyone needs access to medicine, food and water, clothes, and shelter. By including these in a person’s basic human rights, everyone has a baseline level of dignity. Unfortunately, there are still millions of people out there who don’t have these necessities, but saying it’s a matter of human rights allows activists and others to work towards getting those for everyone.

#2: Human rights protect vulnerable groups from abuse

The Declaration of Human Rights was created largely because of the Holocaust and the horrors of work load limit. During that time in history, the most vulnerable in society were targeted along with the population, including those with disabilities.

#3: Human rights allow people to stand up to societal corruption

The concept of human rights allows people to speak up when they experience abuse and corruption. This is why specific rights like the right to assemble are so crucial because no society is perfect. The concept of human rights empowers people and tells them that they deserve dignity from society, whether it’s the government or their work environment. When they don’t receive it, they can stand up.

#4: Human rights encourage freedom of speech and expression

While similar to what you just read above, being able to speak freely without fear of brutal reprisal is more expansive. It encompasses ideas and forms of expression that not everybody will like or agree with, but no one should ever feel like they are going to be in danger from their government because of what they think. It goes both ways, too, and protects people who want to debate or argue with certain ideas expressed in their society.

#5: Human rights give people the freedom to practice their religion (or not practice any)

Religious violence and oppression occur over and over again all across history, from the Crusades to the Holocaust to modern terrorism in the name of religion. Human rights acknowledges the importance of a person’s religion and spiritual beliefs, and lets them practice in peace. The freedom to not hold to a religion is also a human right.

#6: Human rights allows people to love who they choose

The importance of freedom to love cannot be understated. Being able to choose what one’s romantic life looks like is an essential human right. The consequences of not protecting this right are clear when you look at countries and tribes where where women are forced into marriages they don’t want.

#7: Human rights encourage equal work opportunities

The right to work and make a living allows people to flourish in their society. Without acknowledging that the work environment can be biased or downright oppressive, people find themselves enduring abuse or insufficient opportunities. The concept of human rights provides a guide for how workers should be treated and encourages equality.

#8: Human rights give people access to education

Education is important for so many reasons and is crucial for societies where poverty is common. Organizations and governments concerned with human rights provide access to schooling, supplies, and more in order to halt the cycle of poverty. Seeing education as a right means everyone can get access, not just the elite.

#9: Human rights protect the environment

The marriage between human rights and environmentalism is becoming stronger due to climate change and the effects it has on people. We live in the world, we need the land, so it makes sense that what happens to the environment impacts humanity. The right to clean air, clean soil, and clean water are all as important as the other rights included in this list.

#10: Human rights provide a universal standard that holds governments accountable

When the Universal Declaration of Human rights was released, it had a two-fold purpose: provide a guideline for the future and force the world to acknowledge that. Human rights had been violated on a massive scale. With a standard for what is a human right, governments can be held accountable for their actions. There’s power in naming an injustice and pointing to a precedent, which makes the Universal Declaration of Human Rights and other human rights documents so important.

hacker-attack

Top Ways Businesses get Hacked

Bait and Switch Attack

Using trusted marketing methods such as paid-for advertising on websites, attackers can trick you into visiting malicious sites. When websites sell advertising space, it can be purchased by rogue attackers. The bona fide advertisement can be replaced with a ‘bad’ link that can be used to download malware, lock up your browser, or compromise your systems.

Alternatively, the advertisement may link to a legitimate website, but it will be programmed to redirect you to a harmful site

Key Logger

A key logger is a small piece of software that, when downloaded into your computer, will record every keystroke. The key logger will capture every keystroke on the keyboard, every username, password and credit card number, etc., exposing all of your data and personal information

Denial of Service (DoS\DDoS) Attacks

A Denial of Service attack is a hacking technique designed to flood your web server with a myriad of requests to the point that it overloads the web server resulting in a website crash.

To do this, hackers will deploy botnets or zombie computers that have a single task, flood your web site with data requests

ClickJacking Attacks

This method tricks you into clicking on something different from what you thought you were clicking. The clickjacking element could be a button on a web page that, when clicked, performs another function, allowing others to take control of the computer. The host website may not be aware of the existence of the clickjacking element.

Fake W.A.P.

A hacker can use software to impersonate a wireless access point (W.A.P.), which can connect to the ‘official’ public place W.A.P. that you are using. Once you get connected to the fake W.A.P., a hacker can access your data.

To fool you, the hacker will give the fake W.A.P. an apparent genuine name such as ’T.F. Green Aiport Free WiFi.’

Cookie Theft


The cookies in your web browsers (Chrome, Safari, etc.) store personal data such as browsing history, username, and passwords for different sites we access. Hackers will send I.P. (data) packets that pass through your computer, and they can do that if the website you are browsing doesn’t have an SSL (Secure Socket Layer) certificate. Websites that begin with HTTPS:// are secure, whereas sites that start with HTTP:// (no ‘S’) do not have SSL and are NOT considered secure.

Viruses and Trojans

Viruses or Trojans are malicious software programs that, when installed on your computer, will send your data to the hacker. They can also lock your files, spread to all the computers connected to your network, and perform many other nasty actions.

Seek for a Security Check

As you can see, it is all too easy to have your business systems inadvertently compromised, you can seek for a security check to secure to protect your business. It is tailored to the needs of each business.   click here

hack-whatsapp-1024x682

WhatsApp 2FA: Secure Yourself From This Simple Hack

Imagine someone has taken over your account, what would happen to you and the people who contact you on WhatsApp?

Just as it is easy to fresh install of WhatsApp for your new phone is also how easy an attacker would gain access to your WhatsApp and possibly start a conversation with your friends claiming it is you.

Most times, the direct risk is not to you if you’re attacked, but to your contacts. They can expect to receive requests for data or even emergency funds. This is social engineering at its best. We would trust an end-to-end encrypted platform, a message from a trusted friend and so are coded to have our guards down and rather feel pity in these circumstances.

The repercussions of this happening are beyond imagination. This can even further spread to more of your contacts having there WhatsApp accounts taken over.
With the account taken over, the attackers could then message contacts in the groups you are in as if from the account holder (you), as well as any other contacts whose WhatsApp messages were received after the take over. No legacy data is compromised. The target device remains untouched. WhatsApp has simply been ghosted onto an illegitimate device.

It is surprising how many people have not yet enabled the Two-step verification PIN in WhatsApp—almost everyone we have asked has yet to set it up. If you’re the same, then please take that minute and set it up now. 

The Question now is, How do we prevent this from happening to you for the first time or again?

WhatsApp introduced a feature where you can set a PIN of your own choice and even an email address just in case you forget your PIN. The PIN is your own verification to confirm that it is you even after inputting the SMS verification so you do not otherwise have to share your PIN with anyone.

You can find this feature in your WhatsApp setting > Account > Two-step verification: There you will be prompted to enable your PIN and confirm it, then you will also be asked to type in an email address to use to recover your account in case you forget your PIN

Human rights shutter stock 1

Safeguarding Human Rights Defenders in Uganda

A Strategic Emergency Response Initiative seeking to establish and coordinate a joint mechanism that offers effective emergency response solutions to the dynamic and complex HRDs security needs associated with the working environment in Uganda, especially during this COVID-19 Pandemic.

Cybersecurity, secure passwords and site registration. Computer and smartphone protection by antivirus software. People with a lock, key, gear. Devices screens. Vector flat. (Cybersecurity, secure passwords and site registration. Computer and smartph

Safeguarding Human Rights Defenders during COVID-19

A Strategic Emergency Response Initiative seeking to establish and coordinate a joint mechanism that offers effective emergency response solutions to the dynamic and complex HRDs security needs associated with the working environment in Uganda, especially during this COVID-19 Pandemic.

Cognizant that Uganda has registered some progress in managing the situation and infection rate, these achievements have not gone without a challenge. The majority of non-governmental organizations have had to adapt to the new normal of working from home according to the respective guidelines. Therefore, our civic effort to push back against human rights violations has been curtailed since all attempts to support affected HRDs, activists, and non-governmental organizations have been stifled by the hostile civic space’s attendant elements.

HRDs and individual activists who speak truth to power during this Pandemic are highly susceptible to physical and digital security attacks. These attacks include but are not limited to intimidation, arrest, torture, killings, withdrawal of operation license, defamation, freezing of bank accounts, office closure, computer and network surveillance, office break-ins, theft and confiscation of digital equipment, loss of information, denial of service attacks and internet censorship.

Despite such hostilities, there is a lack of an inclusive, well-coordinated, sustainable and effective emergency response system geared at security, safety, and protection of the HRDs/groups and the allies during this period. Albeit the availability of the several organizations and entities that support HRDs in such instances, a reasonable number of democracy activists within and out of the capital city have on various forums referred to the available emergence response system as ineffective, unsustainable, inaccessible, individualistic, to mention but a few.

We strongly believe that the current and post-pandemic period will require response through concerted effort. Thus, it is imperative to take stock of partner organizations’ possible roles as strategies for responding to any emerging issues.

Download Concept
end to end encrypt

End-to-End encryption: What is it, Why you need it, What more you can do

Today all we hear is that end-to-end encryption is the way to go and it is very secure. And That’s all we know, and ever since WhatsApp, Signal among other social communication platforms announced their implementation of end-to-end encryption, everyone has embraced use of these platforms.

We want to tell you more about end-to-end encryption and why you need to have it in your communications. We shall keep this article simple for everyone to understand.

What is encryption? This is a process that encodes a message or file so that it can be only be read by certain people.
This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information

What is end-to-end encryption? This is the act of applying encryption to messages on one device such that only the device to which it is sent can decrypt it. The message travels all the way from the sender to the recipient in encrypted form.

Why end-to-end encryption?

  • The biggest reason why we need to communicate via platforms that offer end-to-end encryption is the security of our communication while it is in transit from you the sender to the recipient.
    “It is as if when you mailed a letter you put it in a box that was physically impossible to open — immune to any sledgehammer, saw, lockpick, and so forth — except by the addressee. End-to-end encryption ensures the privacy of your communication.”
  • The second reason could be the fact that since no one is able to intercept your message, therefore no one can make changes to your message until it reaches the recipient of the message. This promotes integrity.

What more can you do? Having all your communication through end-to-end encrypted channels might make you feel secure, although there is much more you can do to further protect your communication.

Make sure to keep your communication device safe because if someone gets hold of your device, they can read all your messages and therefore encryption wont help you.
Keep your device safe by: Using an access lock (password/PIN/pattern) and set your device to automatically lock in a few seconds, Use Genuine software on your devices

Secondly, even if you protect your device – you might not be certain about the device of your recipient, so in this case, spread the word to make sure your devices are all safe

You can also read more on this here https://usa.kaspersky.com/blog/what-is-end-to-end-encryption/23288/

screenshot

Human Rights Defenders Protection Bill

Policy & Principles of the Bill
The Policy of the Bill is to provide a framework for the recognition and protection of the work and activities of Human rights defenders in order to guarantee a safe and enabling environment for human rights defenders to freely operate.
Defects with current legislation
Chapter Four of the 1995 constitution of the Republic of Uganda provides a Bill of rights which guarantees various rights and freedoms for persons in Uganda, including recognising the existence and work of Human Rights Defenders under article 50 (2) of the Constitution and empowering them to bring action against the violation of human rights and freedoms.
HRD-Protection-Bill

Human Rights Defenders Protection Bill

The Policy of the Bill is to provide a framework for the recognition and protection of the work and activities of Human rights defenders in order to guarantee a safe and enabling environment for human rights defenders to freely operate.

delayed-phishing

What you need to know about Delayed Phishing/ Post-Delivery Weaponized URL

Truth is, most of us have ever been a victim of phishing before and with the abundant resources online and trainings that we have so far had, we have become sort of immune to phishing.

Click here to as well look at our blog post about phishing and what you need to know

Our immunity against phishing has so far been boosted by e-mail service providers, mail gateways and even browsers that we use which has all embedded in their systems anti-phishing filters and malicious address scanners.

With all these above, cybercriminals are constantly inventing new, and refining old, circumvention methods. One such method is delayed phishing.

Delayed phishing is an attempt to lure a victim to a malicious or fake site using a technique known as Post-Delivery Weaponized URL.

“As the name suggests, the technique essentially replaces online content with a malicious version after the delivery of an e-mail linking to it. In other words, the potential victim receives an e-mail with a link that points either nowhere or to a legitimate resource that may already be compromised but that at that point has no malicious content. As a result, the message sails through any filters. The protection algorithms find the URL in the text, scan the linked site, see nothing dangerous there, and allow the message through.”

Effecting the malicious link

Attackers operate on the assumption that their victim is a normal worker who sleeps at night. Therefore, delayed phishing messages are sent after midnight (in the victim’s time zone), and become malicious a few hours later, closer to dawn.

If cybercriminals find a specific person to attack, they can study their victim’s daily routine and activate the malicious link depending on when that person checks mail.

Technology behind Delayed Phishing

For delayed phishing to be effective, hackers use at least one of these 2 common methods:

  1. Simple link: In this case, the hackers are the ones who are controlling the target site in that at the time of delivery, the site is safe so it can go through the several security levels it is scanned before it is delivered to your mailbox. At the time of delivery, the link leads to either a meaningless stub or (more commonly) a page with an error 404 message and the malicious version of the site is activated after delivery.
  2. Short-link switcheroo: Several sites offer link shortening services to the world, with this you can get alternative links that are easy to remember and short instead of long and boring links. However, some of this services allow you to alternate the link behind these short links. So the cybercriminals take advantage of this in that, by the time they are sending the email, the short link it pointing to a legitimate site and is swapped to the malicious site after delivery.

Although there is a third technology that is not so common which includes a randomized and short link where there is a probabilistic redirection. That is, the link has a 50% chance of leading to google.com and a 50% chance of opening a phishing site. The possibility of landing on a legitimate site apparently can confuse crawlers (programs for automatic information collection).

Spotting & fighting Delayed Phishing

Ideally, there is need to prevent the phishing link from getting to the user, so rescanning the inbox would seem to be the best strategy.

In some cases, that is doable: for example, if your organization uses a Microsoft Exchange mail server. Kaspersky Security for Microsoft Exchange Server is also included in our Kaspersky Security for Mail Servers and Kaspersky Total Security for Business solutions.