Binary Code
Computers and other electronic devices store information as Binary Code (which is a series of 1s and 0s that might look like this: 10101001 01101100 11001010).
Network Topology Map
A Network Topology Map is a diagram of a computer network's components, including network access points and connections between its various parts.
Fake Anti-Virus Software
Fake Anti-Virus Software - also known as 'scareware' - is designed to trick you into buying worthless anti-virus protection that you do not need.
Domain Name System
The Domain Name System (DNS) is like the ‘telephone book’ of the Web – it translates a website's name into its corresponding numerical IP address on the Internet.
Social Engineering
A Phishing e-mail is an attempt to trick the recipient into giving up information, such as account, credit card or password information.
Data Encryption
Data Encryption is the intentional scrambling of information into unreadable form - until it is later converted back into its original form by the intended recipient.
Botnet, or Compromised Computers
A Botnet is a collection of computers compromised by a malware attack that can be controlled remotely (via the Internet) to attack websites, send out spam emails, etc.
Distributed Denial of Service Attack
A Distributed Denial of Service (DDoS) Attack can use a botnet to force a website, network or other resource to shut down by overloading it with requests for data.
USB Flash Drive
A USB Flash Drive, aka a 'stick drive' or 'thumb drive' is a portable data storage device which connects to a computer's USB port to send and receive data.
Electronic vs. Static Media
Static Media is something like a book, magazine or printed photo, while Electronic or Digital Media (websites, digital photos, etc.) requires power to be viewed.
Administrative Access
A user with Administrative Rights has unrestricted power to create, modify or delete files, folders, settings and programs on a particular computer.
Computer Security Tip of the Week
Scott Aurnou – Many modern cameras and smartphones include location data when taking photos and, when those photos are then uploaded to the Net, that information goes with it. This can include personal photos, shots of your kids, etc. What steps can you take to control (or eliminate) that location data?
Websites referenced in this video include:
Ver EXIF
If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.
By Scott Aurnou
In 2012, a young scam artist based in Asia posing as a private investigator simply purchased the personal information for more than 200 million users directly from credit reporting giant Experian and then posted it for sale online. The only reason we know about the incident is that the U.S. Secret Service caught it. Experian didn’t.
Cyber criminals know that the weakest link in most computer networks is the people using it. Verizon’s highly respected Data Breach Investigations Report has repeatedly noted that most attacks start with employees. Attackers use “social engineering” to trick their victims into allowing unauthorized system access, data theft and even specialized stealthy attacks used to quietly steal massive amounts of sensitive data over time. These attacks frequently exploit our natural tendency to want to help others. They can be in person, electronic or over the telephone, and there are a variety of ways they can be used to take advantage of you:
“Phishing” attacks are designed to steal your personal, financial or log-in information through an email, text message (referred to as “smishing”) or even an automated phone call (“vishing”). The attacks often appear to come from well-known and trusted companies like banks, airlines or industry groups and contain attachments or links to websites that look legitimate but are really there to steal account log-in information or host malware ready to attack the recipient’s computer as soon as he clicks on any of the links. These emails and messages can also be used to lure victims into contact with scam artists posing as potential clients or officials offering to release substantial funds if only the target would be so kind as to hand over detailed personal information or a sum up front.
Read more ›
Computer Security Tip of the Week
Scott Aurnou – Biometric security measures like fingerprint scanners have been incorporated into a few products recently, but do they provide effective protection or are they more of a novelty at this point?
If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.
By Scott Aurnou
The specter of attorney-client privilege has a long and well-respected history in litigation… but means nothing at all to a hacker. “Delete this email if you are not the intended recipient” or similar language theoretically sounds imposing, but essentially does nothing to protect firm or client data from any nefarious actors who view it (though they may get a good chuckle before reading the “forbidden” email).
In May 2014, LexisNexis published a study pertaining to law firm security awareness versus actual practices with respect to communications and file sharing with clients. Almost 90% of those surveyed used email to communicate with clients and privileged third parties. The vast majority of attorneys surveyed also acknowledged the increasingly important role of various file sharing services and the inherent risk of someone other than a client or privileged third party gaining access to shared documents. Yet only 22% used encrypted email and 13% use secure file sharing sites, while 77% of firms relied upon the effectively worthless “confidentiality statements” within the body of emails to secure them.
Read more ›
Computer Security Tip of the Week
Scott Aurnou – Why would a hacker engage in a potentially time-consuming and difficult attack against a well-guarded computer network or secure location when he or she can simply trick someone into giving them access? Learn about the basics of social engineering here.
If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.
