Binary Code

Computers and other electronic devices store information as Binary Code (which is a series of 1s and 0s that might look like this: 10101001 01101100 11001010).
Network Topology Map

A Network Topology Map is a diagram of a computer network's components, including network access points and connections between its various parts.
Fake Anti-Virus Software

Fake Anti-Virus Software - also known as 'scareware' - is designed to trick you into buying worthless anti-virus protection that you do not need.
Domain Name System

The Domain Name System (DNS) is like the ‘telephone book’ of the Web – it translates a website's name into its corresponding numerical IP address on the Internet.
Social Engineering

A Phishing e-mail is an attempt to trick the recipient into giving up information, such as account, credit card or password information.
Data Encryption

Data Encryption is the intentional scrambling of information into unreadable form - until it is later converted back into its original form by the intended recipient.
Botnet, or Compromised Computers

A Botnet is a collection of computers compromised by a malware attack that can be controlled remotely (via the Internet) to attack websites, send out spam emails, etc.
Distributed Denial of Service Attack

A Distributed Denial of Service (DDoS) Attack can use a botnet to force a website, network or other resource to shut down by overloading it with requests for data.
USB Flash Drive

A USB Flash Drive, aka a 'stick drive' or 'thumb drive' is a portable data storage device which connects to a computer's USB port to send and receive data.
Electronic vs. Static Media

Static Media is something like a book, magazine or printed photo, while Electronic or Digital Media (websites, digital photos, etc.) requires power to be viewed.
Administrative Access

A user with Administrative Rights has unrestricted power to create, modify or delete files, folders, settings and programs on a particular computer.

How Much Damage Can An Outdated Computer OS Do to Your Practice?

Posted on February 11, 2014 by Scott Aurnou

By Scott Aurnou

This article originally appeared in the February 5, 2014 issue of the New York Law Journal.

Can you or your firm actually be held liable for using the wrong software? If that software is well known as out-of-date and insecure, yes. That circumstance is coming very soon. Below is a discussion of specific risks for attorneys and law firms (hint: it’s more than just your firm’s computers), as well as what to do if your office is still using the popular older software.

Microsoft software like the Windows operating system (OS), MS Office and Outlook is commonplace in law offices. As newer versions are released over time, older ones are effectively retired. “Software retirement” itself is not unusual, though a particularly wide-ranging example is rapidly approaching.

What’s at issue? On April 8, 2014, both the Windows XP operating system and Microsoft Office 2003 will reach their respective “end-of-life” dates (also referred to as going “out of support”). While that does not mean that XP or Office 2003 will suddenly stop working on April 8, it does mean there will be no further technical support from Microsoft and no more security updates…ever. That should be a particular concern, since the combination of a widely used 13-year-old operating system and an older version of commonly used office software going out of support on the same day is basically a dream come true for hackers.
Read more ›

Tagged with: End of Life, Model Rules, New York Law Journal, NYLJ, Orphanware, Out of Support, The Security Advocate, Windows XP
Posted in Laptops & Desktops, Network Security

Select a Qualified Computer Forensics Expert

Posted on February 3, 2014 by Scott Aurnou

Computer Security Tip of the Week

Scott Aurnou – Computer forensics experts need to be both qualified to retrieve data without altering it and potentially be ready to testify in any subsequent litigation. There are a number of certifications that should be considered when choosing one.

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.

Tagged with: ACE, CCE, CEECS, CFCE, CISSP, Computer Forensics, EnCE, Expert Witness, Forensic Expert, Forensic Tesitimony, GCFA, The Security Advocate
Posted in Security Tip of the Week

Suffer a Data Breach? Your 1st Call Should Be to… a Lawyer

Posted on January 27, 2014 by Scott Aurnou

By Scott Aurnou

No doubt you’ve noticed that high profile data breaches are increasingly in the news lately. Recent cyber attacks against Target, Neiman Marcus and Michael’s are just a taste of what’s to come.

As you might expect, a data breach – high profile or not – can be a nasty surprise to deal with. In addition to potentially negative publicity (sometimes very negative), there are often significant costs associated with a breach. These include forensically analyzing your organization’s electronic systems to figure out what happened, taking steps to fix the problem, notifying clients/customers that their data has been potentially compromised, possible statutory fines, and extra costs like credit monitoring services for the affected clients and/or customers and engaging public relations and crisis management firms to try and mitigate the damage done to your organization’s brand.

In recent years, data breaches have also increasingly led to lawsuits (Target already has a bunch). That’s why your first call should be to an outside law firm with cyber security expertise. If not, every panicked email, detailed investigative report and potentially embarrassing internal memo could be subject to discovery in a subsequent government investigation or lawsuit and wind up in the hands of class action plaintiffs’ attorneys determined to make your organization pay. On the other hand…
Read more ›

Tagged with: Attorney, Cybersecurity Law, Data Breach, Law Firm, Network Security, Privilege, The Security Advocate
Posted in Network Security

Encryption & the NSA – a Few Tips to Protect Yourself

Posted on January 3, 2014 by Scott Aurnou

Computer Security Tip of the Week

Scott Aurnou – Recent revelations about the NSA’s Project ‘Bullrun’ paint a frightening picture concerning the security of the encryption underlying the Internet itself. Here are the basics regarding what the program entailed, as well as a few basic tips to protect yourself and your data.

Websites referenced in this video include:
TrueCrypt
GNU Privacy Guard

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.

Tagged with: Encryption, Endpoint Security, GNU Privacy Guard, GnuPG, NSA, The Security Advocate, TrueCrypt, VPN
Posted in Laptops & Desktops, Network Security, Privacy Issues, Security Tip of the Week, Smartphones & Tablets

9 Ways to Secure Your New Tablet (or Smartphone)

Posted on December 25, 2013 by Scott Aurnou

By Scott Aurnou

Get a new smartphone or tablet? Awesome!

Unfortunately, hackers, cyber criminals and real world thieves won’t wait for you to break it in before they start making trouble. In addition, it could be said that the device manufacturers and wireless carriers haven’t taken advantage of some currently available measures to safeguard the smartphones and tablets they sell. With that in mind, here are nine basic (and relatively easy) steps you can take that will go a long way towards securing your new device:

1) Set a passcode or password. A passcode is a basic four-digit code required to use the device. Without one, anyone holding your device only needs to turn it on to access everything on it. Most new devices also offer the option to use a longer alphanumeric password (which is considerably more secure than a passcode).

If you have an iPhone 5S (or HTC One Max), you can use a fingerprint scanner, though hackers found a way around it within days of its release and numerous users have had problems with it.

2) Turn on the auto-lock function. Right after you set a passcode or password, you should enable the auto-lock function on your device and set it to as short a time period as you’re comfortable with (1 to 5 minutes is good). Aside from saving a bit of battery life, a shorter period makes it that much less likely that someone will stumble upon your phone or tablet while it’s still turned on.
Read more ›

Tagged with: Android, Auto-Lock, Avast, Bluetooth, BYOD, Geo-tagging, iOS, Jailbroken, Lookout Mobile, NFC, Passcode, password, Remote Wiping, Rooted, Smartphones & Tablets, Sophos, The Security Advocate
Posted in Privacy Issues, Smartphones & Tablets

RT @JimBlasingame: How the government cyber-security forces guard the U.S. election. @saurnou joins Jim to report on how the #government #c… 01:44:47 AM December 06, 2020 from Twitter Web App Reply Retweet Favorite
RT @AndreiCherny: A family of Muslim immigrants from Turkey newly arrived in Germany. The boy in the yellow t-shirt went on to lead the te… 01:43:10 AM December 06, 2020 from Twitter Web App Reply Retweet Favorite
RT @_marcba: Developers can be cruel sometimes https://t.co/kpYvO9aZsu 03:46:39 PM June 29, 2020 from Twitter Web App Reply Retweet Favorite

@saurnou