Binary Code

Computers and other electronic devices store information as Binary Code (which is a series of 1s and 0s that might look like this: 10101001 01101100 11001010).
Network Topology Map

A Network Topology Map is a diagram of a computer network's components, including network access points and connections between its various parts.
Fake Anti-Virus Software

Fake Anti-Virus Software - also known as 'scareware' - is designed to trick you into buying worthless anti-virus protection that you do not need.
Domain Name System

The Domain Name System (DNS) is like the ‘telephone book’ of the Web – it translates a website's name into its corresponding numerical IP address on the Internet.
Social Engineering

A Phishing e-mail is an attempt to trick the recipient into giving up information, such as account, credit card or password information.
Data Encryption

Data Encryption is the intentional scrambling of information into unreadable form - until it is later converted back into its original form by the intended recipient.
Botnet, or Compromised Computers

A Botnet is a collection of computers compromised by a malware attack that can be controlled remotely (via the Internet) to attack websites, send out spam emails, etc.
Distributed Denial of Service Attack

A Distributed Denial of Service (DDoS) Attack can use a botnet to force a website, network or other resource to shut down by overloading it with requests for data.
USB Flash Drive

A USB Flash Drive, aka a 'stick drive' or 'thumb drive' is a portable data storage device which connects to a computer's USB port to send and receive data.
Electronic vs. Static Media

Static Media is something like a book, magazine or printed photo, while Electronic or Digital Media (websites, digital photos, etc.) requires power to be viewed.
Administrative Access

A user with Administrative Rights has unrestricted power to create, modify or delete files, folders, settings and programs on a particular computer.

Is Your Router Secure? Be Sure Your Network Is Encrypted Properly

Posted on August 16, 2013 by Scott Aurnou

Computer Security Tip of the Week

Scott Aurnou – Your router is the piece of equipment that connects your computer to the Internet. If it’s not set up (aka ‘configured’) properly, it can leave you vulnerable to a number of different electronic attacks. These can include stealing your business, financial and personal data, as well as a few other nasty surprises…

Websites referenced in this video include:
Secure Your Wi-Fi Router (it’s What Connects You to the Internet)

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel (and subscribe if you like).

Tagged with: Advanced Encryption Standard, AES, Encryption, Network Security, Router, The Security Advocate, Wardriving, WEP, Wi-Fi, Wired Equivalent Privacy, Wireless Protected Access, WPA, WPA2
Posted in Network Security, Security Tip of the Week

What Is a Rootkit?

Posted on August 12, 2013 by Scott Aurnou

Image courtesy of Sophos

By Scott Aurnou

‘Rootkit’ is a term used to describe stealthy – and frequently malicious – software that can give an attacker complete control over a system while remaining effectively invisible to a legitimate computer user or system administrator. One way to think of it might be like an unseen intruder able to wander though your home or office at will. A disconcerting image, to be sure. The name ‘rootkit’ comes from the term ‘root’ access, which in turn describes administrative or ‘superuser’ access on the older Unix computer operating system. Someone with root access effectively has system-wide control. This can be used to cause significant damage to a computer or network, though rootkits are generally geared towards stealth – they are more likely to alter other software running in the system to prevent detection and conceal themselves. This makes many of them very difficult to detect.

There are legitimate uses for rootkits – such as employer or parental monitoring software – though many of them are malicious.

What kind of damage can a rootkit cause? While the degree of access and control to a target computer depends upon where it is embedded in a system, a well-placed rootkit can do just about anything to a target computer. This includes hiding other malware from detection by security software and/or creating easy access (usually via a ‘backdoor’ in the target system) for the rootkit or other malware to surreptitiously spy on computer users, steal data, sabotage system resources or remotely control the computer for use in a botnet.
Read more ›

Tagged with: aswMBR, Bitdefender, Botnet, Drive By Download, GMER, Hacker, Malware, Privilege Escalation, Root Access, Rootkit, SEO Poisoning, Social Engineering, Sophos, TDSSKiller, The Security Advocate
Posted in Laptops & Desktops, Network Security

Computer Forensics Is Never DIY – What Can Go Wrong?

Posted on August 9, 2013 by Scott Aurnou

Computer Security Tip of the Week

Scott Aurnou – Computer forensics is the science of identifying, acquiring & preserving potential electronic evidence stored within computers, networks and various electronic devices. Acquiring that evidence properly requires specialized equipment and training and, without it, the evidence you need can be rendered unusable or even destroyed. Learn more about it here…

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel (and subscribe if you like).

Tagged with: Computer Forensics, Data Retrieval, Digital Forensics, e-Discovery, e-Evidence, Electronic Evidence, ESI, IT Department, IT Forensics, Spoliation, The Security Advocate
Posted in Network Security, Security Tip of the Week

The Phishing Gallery – August 2013

Posted on August 5, 2013 by Scott Aurnou

By Scott Aurnou

‘Phishing’ attacks are designed to steal your personal, financial and/or log in information. This can be done in a few ways, including via email or text message (referred to as ‘smishing’). They often contain links to websites that look legitimate but are really there to steal your account log in information or host malware ready to attack your computer as soon as you click on the link. These emails and messages can also be used to lure you into contact with scam artists posing as potential clients or officials offering to release substantial funds to you if only you would be so kind as to give them detailed personal information and/or a sum up front. Phishing attacks are generally designed to make you take action by either frightening or tempting you. Some of them are actually very well crafted. Some not so much. And some border on the ridiculous. Each month at The Security Advocate, we will present a few examples, along with explanations of what to look out for to avoid falling victim to one of the scams.

This email tries to grab your attention with the ominous-sounding all caps subject ABOUT THE CONTRACT and reads:

Hello,
I got your email from the Internet index.
Can we discuss business? Please email me on
guanting.contact@yahoo.com.tw for details.
Mr Guan Ting

While this particular message is a rather clumsy attempt to entice the recipient with the possibility of a business arrangement, much better versions of this sort of scam are not uncommon. They often (but not always) target lawyers and other professionals who can ‘help’ them collect an allegedly unpaid debt. The debt will appear to be settled without much trouble and the new client will be happy with the fine work. He or she will then instruct the email recipient to deduct their fee and send over the balance of the amount collected. After the funds have been sent out, of course, the debt payment will turn out to be bogus and the overseas ‘client’ will never be heard from again. This sort of scam is not new, and the ABA and a number of individual state bar associations have warned attorneys about them. If you receive an email like this, don’t respond to it. If anything, consider forwarding it to the U.S. Attorney’s Office or the F.B.I.
Read more ›

Tagged with: ABA, Attorney, Bar Association, Email, Fraud, Gift Card, Kentucky Fried Chicken, KFC, Lawyer, Phishing, Scam, The Security Advocate
Posted in Fraud & Scams, Laptops & Desktops

What is BYOD and What Are the Risks That Come with It?

Posted on August 2, 2013 by Scott Aurnou

Computer Security Tip of the Week

Scott Aurnou – BYOD has become increasingly common as more and more businesses allow their employees to connect to company computer networks with their own smartphones and tablets. Learn more about the various ways a BYOD program can be set up, as well as the risks that can come with it here.

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel (and subscribe if you like).

Tagged with: Bring Your Own Device, BYOD, Cell Phone, Company Network, Computer Network, COPE, Limited Separation, Mobile Phone, Smartphone, Smartphones & Tablets, The Security Advocate, Virtualization, Walled Garden
Posted in Network Security, Security Tip of the Week, Smartphones & Tablets

RT @JimBlasingame: How the government cyber-security forces guard the U.S. election. @saurnou joins Jim to report on how the #government #c… 01:44:47 AM December 06, 2020 from Twitter Web App Reply Retweet Favorite
RT @AndreiCherny: A family of Muslim immigrants from Turkey newly arrived in Germany. The boy in the yellow t-shirt went on to lead the te… 01:43:10 AM December 06, 2020 from Twitter Web App Reply Retweet Favorite
RT @_marcba: Developers can be cruel sometimes https://t.co/kpYvO9aZsu 03:46:39 PM June 29, 2020 from Twitter Web App Reply Retweet Favorite

@saurnou