Binary Code

Computers and other electronic devices store information as Binary Code (which is a series of 1s and 0s that might look like this: 10101001 01101100 11001010).
Network Topology Map

A Network Topology Map is a diagram of a computer network's components, including network access points and connections between its various parts.
Fake Anti-Virus Software

Fake Anti-Virus Software - also known as 'scareware' - is designed to trick you into buying worthless anti-virus protection that you do not need.
Domain Name System

The Domain Name System (DNS) is like the ‘telephone book’ of the Web – it translates a website's name into its corresponding numerical IP address on the Internet.
Social Engineering

A Phishing e-mail is an attempt to trick the recipient into giving up information, such as account, credit card or password information.
Data Encryption

Data Encryption is the intentional scrambling of information into unreadable form - until it is later converted back into its original form by the intended recipient.
Botnet, or Compromised Computers

A Botnet is a collection of computers compromised by a malware attack that can be controlled remotely (via the Internet) to attack websites, send out spam emails, etc.
Distributed Denial of Service Attack

A Distributed Denial of Service (DDoS) Attack can use a botnet to force a website, network or other resource to shut down by overloading it with requests for data.
USB Flash Drive

A USB Flash Drive, aka a 'stick drive' or 'thumb drive' is a portable data storage device which connects to a computer's USB port to send and receive data.
Electronic vs. Static Media

Static Media is something like a book, magazine or printed photo, while Electronic or Digital Media (websites, digital photos, etc.) requires power to be viewed.
Administrative Access

A user with Administrative Rights has unrestricted power to create, modify or delete files, folders, settings and programs on a particular computer.

5 Cloud Encryption Tips

Posted on October 14, 2013 by The Security Advocate

By Gilad Parann-Nissany

A day doesn’t go by when we don’t hear about sensitive information being exposed or stolen. The culprits could be the government, professional hackers, careless employees with data on mobile devices, or internal employees with unauthorized access to data or unintentional release of data. It seems the wave of data breaches has gained momentum as data has moved from internal servers to the cloud; and access has gone mobile. Though the fact remains that there will be gaps in security, the goal of companies and IT departments should be to make those gaps as small and as difficult to take advantage of as possible.

Encryption has always been viewed as one of the strongest security measures, and its price-performance has become very attractive with the advent of cloud computing. This is because encryption is by far the best way to replace physical walls in the cloud.

Here are our top 5 cloud encryption tips (and we know a thing or two about encryption) to help protect your data:

1. Consider Encryption at rest, in use and in transit.
Data can be exposed when it is at rest in the cloud, on a virtual disk, in a cloud database, or in object storage. Eavesdropping may occur when data is being transmitted, perhaps from a user’s browser to your servers in the cloud, or between your cloud servers. Really nasty hackers may even try to gain access to your “root account” in a cloud server and look at the memory of your server while the data is being used and computation is going on. You should be aware of all these possibilities and choose solutions that address all of these risks.
Read more ›

Tagged with: Cloud Encryption, Cloud Encryption Tips, Cloud Security, Gilad Parann-Nissany, Homomorphic Encryption, Key Management, Network Security, Porticor Cloud Security, The Security Advocate
Posted in Cloud Security, Guest Posts

Mobile Banking Safety: a Few Tips

Posted on October 11, 2013 by Scott Aurnou

Computer Security Tip of the Week

Scott Aurnou – Increasingly popular mobile banking apps allow you to connect with your bank at your convenience. Hackers know this and are more than happy to use them to steal your personal information, financial account log-in details and your money. Learn how to protect yourself here…

Websites referenced in this video include:
Lookout Mobile Security
Sophos Mobile Security for Android
Top Ten Reviews – Best Mobile Security Software

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel (and subscribe if you like).

Tagged with: Android, Bank, Banking App, BlackBerry, eBanking, Electronic Banking, Fraud, hackers, iPad, iPhone, iPod, Lookout Mobile, Mobile Banking, Nexus, Scam, Smartphone, Smartphones & Tablets, Sophos, Tablet, The Security Advocate, Top Ten Reviews
Posted in Security Tip of the Week, Smartphones & Tablets

What Are Honeypots (and How Can They Protect Your Network)?

Posted on October 4, 2013 by Scott Aurnou

Computer Security Tip of the Week

Scott Aurnou – Securing a computer network from hackers with advanced skills can be tricky business. One surprisingly effective (and affordable) way to protect it is by deploying honeypots. Learn more about them here…

Websites referenced in this video include:
Glastopf
Ghost USB
KFSensor
Specter

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel (and subscribe if you like).

Tagged with: Advanced Persistent Threat, APT, Ghost USB, Glastopf, hackers, Honeypot, KFSensor, Network Intruder, Network Security, Specter, The Security Advocate, Zero-Day Malware
Posted in Network Security, Security Tip of the Week

The Phishing Gallery – October 2013

Posted on October 1, 2013 by Scott Aurnou

By Scott Aurnou

‘Phishing’ attacks are designed to steal your personal, financial and/or log in information. This can be done in a few ways, including via email or text message (referred to as ‘smishing’). They often contain links to websites that look legitimate but are really there to steal your account log in information or host malware ready to attack your computer as soon as you click on the link. These emails and messages can also be used to lure you into contact with scam artists posing as potential clients or officials offering to release substantial funds to you if only you would be so kind as to give them detailed personal information and/or a sum up front. Phishing attacks are generally designed to make you take action by either frightening or tempting you. Some of them are actually very well crafted. Some not so much. And some border on the ridiculous. Each month at The Security Advocate, we will present a few examples, along with explanations of what to look out for to avoid falling victim to one of the scams.

An email like this one, with the subject line ‘Warning Are you protected from Viruses? Get Norton Now!‘ paints an alluring picture, but that’s all it is: a picture. And it has nothing at all to do with the real Norton or the VeriSign logo at the bottom left of the image. It’s no different than if you took a picture of a Pepsi bottle and sent it to someone else yourself while pretending that it was coming from PepsiCo directly. As for the Norton angle… many attacks masquerade as ‘security’ software with the intent of scaring you into buying ‘protection’ from a non-existent threat, allowing the scammer to remotely access your computer to ‘fix’ the ‘problem’ (and potentially steal your data and/or leave you a lovely malware-laden parting gift), or simply take you to a website to trick you into giving up your personal and financial information. Also, don’t get thrown off by vaguely legitimate-sounding sender’s name – like ‘Antivirus Deals’ or ‘Norton Partner’ – especially if it doesn’t match the sender’s email address. This generally indicates an automated message sent via a botnet solely to attack the recipient of the message. The vast majority of spam emails come from computers under the commend of a botnet.
Read more ›