Binary Code

Computers and other electronic devices store information as Binary Code (which is a series of 1s and 0s that might look like this: 10101001 01101100 11001010).
Network Topology Map

A Network Topology Map is a diagram of a computer network's components, including network access points and connections between its various parts.
Fake Anti-Virus Software

Fake Anti-Virus Software - also known as 'scareware' - is designed to trick you into buying worthless anti-virus protection that you do not need.
Domain Name System

The Domain Name System (DNS) is like the ‘telephone book’ of the Web – it translates a website's name into its corresponding numerical IP address on the Internet.
Social Engineering

A Phishing e-mail is an attempt to trick the recipient into giving up information, such as account, credit card or password information.
Data Encryption

Data Encryption is the intentional scrambling of information into unreadable form - until it is later converted back into its original form by the intended recipient.
Botnet, or Compromised Computers

A Botnet is a collection of computers compromised by a malware attack that can be controlled remotely (via the Internet) to attack websites, send out spam emails, etc.
Distributed Denial of Service Attack

A Distributed Denial of Service (DDoS) Attack can use a botnet to force a website, network or other resource to shut down by overloading it with requests for data.
USB Flash Drive

A USB Flash Drive, aka a 'stick drive' or 'thumb drive' is a portable data storage device which connects to a computer's USB port to send and receive data.
Electronic vs. Static Media

Static Media is something like a book, magazine or printed photo, while Electronic or Digital Media (websites, digital photos, etc.) requires power to be viewed.
Administrative Access

A user with Administrative Rights has unrestricted power to create, modify or delete files, folders, settings and programs on a particular computer.

5 Computer Security Terms You Ought to Know

Posted on May 21, 2013 by Scott Aurnou

By Scott Aurnou

The world of computer security has plenty of confusing terms, though many of them are also very helpful to know so you can protect your data (and yourself). Here are a few:

Drive-By Download: A drive-by download is a piece of malicious software (aka ‘malware’) that is downloaded onto your computer or mobile device without your knowledge when you visit an infected website. Although they are frequently found on malicious websites, drive-by downloads can also be lurking on normal ones that have been compromised by hackers. The best things you can do to defend yourself are to keep your software up-to-date (since malware often attacks through older security flaws that a given software manufacturer has already fixed via an update) and think before you click. If you’re using a desktop or laptop computer, you can hover over a given link before clicking on it. The destination address will appear on the lower left of your screen. If it’s something you don’t expect or haven’t seen before, don’t click on the link.

Jailbreaking: ‘Jailbreaking’ or ‘rooting’ a mobile device refers to overriding the manufacturer’s settings – including disabling the device’s security settings and future updates – to allow it to download and use apps and other features that are normally not enabled on the device (‘jailbreaking’ refers to the process as it applies to an Apple iPhone, iPod Touch or iPad and ‘rooting’ is much the same for a smartphone or tablet running the Android mobile operating system). The vast majority of mobile malware affects these devices since their security systems are badly compromised by the jailbreaking or rooting process and they should never be connected to a business computer network.
Read more ›

Tagged with: Drive By Download, Jailbreaking, Laptops & Desktops, Network Security, Rooting, Smartphones & Tablets, Spear Phishing, The Security Advocate, Web Inject Attack, Zero-Day Exploit
Posted in Fraud & Scams, Laptops & Desktops, Network Security, Smartphones & Tablets

Your GPS Can Pose a Security Risk. Yes, Really…

Posted on May 17, 2013 by Scott Aurnou

Computer Security Tip of the Week

Scott Aurnou – Strange as it may sound, your GPS can actually pose a security threat. Learn more about it (and a simple way to prevent it) here.

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel (and subscribe if you like).

Tagged with: GPS, Security, The Security Advocate, Theft
Posted in Security Tip of the Week

Top Questions to Ask Before Your Business Stores Company Data in the Cloud

Posted on May 13, 2013 by The Security Advocate

By Lauren Mack

If you own a business, your IT staff is likely one of many across the globe who are slowly convincing businesses owners and managers that storing data in “the cloud” is the future. He or she probably pointed out that hiring a third party to store your company’s data will allow you and your employees to access it from anywhere via the Internet, cut costs, and may help you avoid a great deal of hassle should something happen to the company’s on-site data storage facilities. But before you give the green light to your resident tech geek to start outsourcing your company’s data storage to the cloud, there are several legal considerations that you should be aware of prior to making the big move. Here are the five major questions that you as a business owner or manager need to know the answers to BEFORE signing a contract with a cloud service provider:

1. Who will have access to your business’ data?

The first piece of information that you need to obtain from potential cloud service providers is whether a third party will be processing, storing, or transmitting your company’s data. In some cases, a cloud service provider may not actually own the servers where your data will be stored. The cloud service provider may subcontract out the storage of data, and that subcontractor may in turn be subcontracting out storage services, and so on. Other cloud service providers may offer bundles of cloud software services that seem to all be part of one application to the user, but are actually made up of several subcontractors that operate the different services and the associated data storage. The more subcontractors that are involved, the more legal risk your company will likely be subject to because it can never know where the data is physically located and how well it is protected at any one time.
Read more ›

Tagged with: Cloud Security, Cloud Service Provider, COPPA, Data Breach, Data Privacy, Gramm-Leach-Bliley, HIPAA, HITECH, Lauren Mack, The Security Advocate, Wahab & Medenica
Posted in Cloud Security, Guest Posts, Privacy Issues

What is ‘Spoofing’ & Who REALLY Sent You That Weird Email?

Posted on May 10, 2013 by Scott Aurnou

Computer Security Tip of the Week

Scott Aurnou – Thanks to a process called ‘spoofing,’ people (or machines) calling or emailing you can pretend to be someone else in order to trick you. Learn more about it here.

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel (and subscribe if you like).

Tagged with: Botnet, Computer Securirty, Email, Phishing, Spoofed, Spoofing, The Security Advocate
Posted in Fraud & Scams, Laptops & Desktops, Security Tip of the Week

The Phishing Gallery – May 2013

Posted on May 6, 2013 by Scott Aurnou

By Scott Aurnou

‘Phishing’ attacks are designed to steal your personal, financial and/or log in information. This can be done in a few ways, including via email or text message (referred to as ‘smishing’). They often contain links to websites that look legitimate but are really there to steal your account log in information or host malware ready to attack your computer. These emails and messages can also be used to lure you into contact with scam artists posing as potential clients or officials offering to release substantial funds to you if only you would be so kind as to give them detailed personal information or a sum up front. Phishing attacks are generally designed to make you take action by either frightening or tempting you. Some of them are actually very well crafted. Some not so much. And some border on the ridiculous. Each month at The Security Advocate, we will present a few examples, along with explanations of what to look out for to avoid falling victim to one of the scams.

This attack is intended to tempt you into taking a peek at your new ‘Facebook Cover Photo’ – it’s human nature, as we’re all curious, though Facebook doesn’t actually have those. If it did, you can rest assured you would see it when you logged in. If nothing else, the mismatched name and email address in the ‘From’ field give it away as the product of a botnet (i.e., definitely not Facebook). Faking a email sender’s name is unfortunately pretty easy for scammers to do – it’s a process known as ‘spoofing.’ Avoiding this type of phishing attack is relatively simple: whenever you receive an email notification from any social media site, just log in to the site directly to read it. Never use the web links found in the notification emails, and you won’t have to find out the hard way that they’re not what they appear to be.
Read more ›

Tagged with: American Airlines, Botnet, Email, Facebook, FedEx, Laptops & Desktops, Phishing, Scam, Spoofing, The Security Advocate
Posted in Fraud & Scams, Laptops & Desktops

RT @JimBlasingame: How the government cyber-security forces guard the U.S. election. @saurnou joins Jim to report on how the #government #c… 01:44:47 AM December 06, 2020 from Twitter Web App Reply Retweet Favorite
RT @AndreiCherny: A family of Muslim immigrants from Turkey newly arrived in Germany. The boy in the yellow t-shirt went on to lead the te… 01:43:10 AM December 06, 2020 from Twitter Web App Reply Retweet Favorite
RT @_marcba: Developers can be cruel sometimes https://t.co/kpYvO9aZsu 03:46:39 PM June 29, 2020 from Twitter Web App Reply Retweet Favorite

@saurnou