Comments
it appears that Linux is becoming more popular because of its smart-phones capabilities. Even though Linux may not be compared to Windows desktop capabilities because of the many years of experience Microsoft has over them. Microsoft markets shares are the best in that area. Now comparing the capabilities of Linux and Windows in regards to smart-phones, in the beginning, Linux had no shares, but it gradually started to increase in mid 2010, gaining 13% vs. windows 13.2%.
Androids are based on the Linux technology that uses RIM and Apple. Now Androids are beginning to grow even more do to the fact that of the boom as a tablet OS. Cisco, which foundation is an Android based tablet. I Pad’s are a good product too, but the tablet is gaining because of the special different devises they over. Prime example is the Smart Grid, that is the device that homes are using that requires smart devices. Cisco released their Cisco Home Energy Controller, which utilize the Ubuntu Linux for MID.
Linux being used for forensic tools is somewhat complex because of many laptops and desktops are using Window based operation systems. They have to have additional software to make the Linux forensics tools operate properly. There would be a lot of individuals not willing to go through all the steps necessary to utilize it. Gralla, P. (2010, July 9). Could Linux become the world’s most popular operating system? Retrieved April 19, 2013, from http://blogs.computerworld.com/user/preston-gralla.
Androids are based on the Linux technology that uses RIM and Apple. Now Androids are beginning to grow even more do to the fact that of the boom as a tablet OS. Cisco, which foundation is an Android based tablet. I Pad’s are a good product too, but the tablet is gaining because of the special different devises they over. Prime example is the Smart Grid, that is the device that homes are using that requires smart devices. Cisco released their Cisco Home Energy Controller, which utilize the Ubuntu Linux for MID.
Linux being used for forensic tools is somewhat complex because of many laptops and desktops are using Window based operation systems. They have to have additional software to make the Linux forensics tools operate properly. There would be a lot of individuals not willing to go through all the steps necessary to utilize it. Gralla, P. (2010, July 9). Could Linux become the world’s most popular operating system? Retrieved April 19, 2013, from http://blogs.computerworld.com/user/preston-gralla.
by Rtucker
Comments
by Rtucker
Comments
Tax Fraud Alerts
IRS Wants You to Know About Schemes, Scams and Cons
"If it sounds too good to be true, it probably is!" Don't become a victim to any scheme that offers instant wealth or exemption from your obligation as a United States citizen to file tax returns and/or pay taxes. Some of these schemes can literally cost you your life savings. Others can result in your prosecution and imprisonment if you knowingly participate in them.
Abusive Return Preparer
Taxpayers should be very careful when choosing a tax preparer. While most preparers provide excellent service to their clients, a few unscrupulous return preparers file false and fraudulent tax returns and ultimately defraud their clients. It is important to know that even if someone else prepares your return, you are ultimately responsible for all the information on the tax return.
Abusive Tax Schemes
Abusive tax scheme originally took the structure of fraudulent domestic and foreign trust arrangements. However, these schemes have evolved into sophisticated arrangements to give the appearance that taxpayers are not in control of their money. However, the taxpayers receive their funds through debit/credit cards or fictitious loans. These schemes often involve offshore banking and sometimes establish scam corporations or entities.
Nonfiler Enforcement
There have always been individuals who, for a variety of reasons, argue taxes are voluntary or illegal. The courts have repeatedly rejected their arguments as frivolous and routinely impose financial penalties for raising such frivolous arguments. Take the time to learn the truth about frivolous tax arguments.
All Program and Emphasis Areas for Criminal Investigation
Criminal Investigation has categorized their investigative cases into specific program and emphasis areas of fraud. Examples of case summaries written from public record documents where cases were prosecuted can be viewed on the various program and emphasis area web pages.
Tax Scams - How to Recognize and Avoid Them
To help the public recognize and avoid abusive tax schemes, the IRS offers an abundance of educational materials. Participating in an illegal scheme to avoid paying taxes can result in imprisonment and fines, as well as the repayment of taxes owed with penalties and interest. Education is the best way to avoid the pitfalls of these “too good to be true” tax scams.
IRS Wants You to Know About Schemes, Scams and Cons
"If it sounds too good to be true, it probably is!" Don't become a victim to any scheme that offers instant wealth or exemption from your obligation as a United States citizen to file tax returns and/or pay taxes. Some of these schemes can literally cost you your life savings. Others can result in your prosecution and imprisonment if you knowingly participate in them.
Abusive Return Preparer
Taxpayers should be very careful when choosing a tax preparer. While most preparers provide excellent service to their clients, a few unscrupulous return preparers file false and fraudulent tax returns and ultimately defraud their clients. It is important to know that even if someone else prepares your return, you are ultimately responsible for all the information on the tax return.
Abusive Tax Schemes
Abusive tax scheme originally took the structure of fraudulent domestic and foreign trust arrangements. However, these schemes have evolved into sophisticated arrangements to give the appearance that taxpayers are not in control of their money. However, the taxpayers receive their funds through debit/credit cards or fictitious loans. These schemes often involve offshore banking and sometimes establish scam corporations or entities.
Nonfiler Enforcement
There have always been individuals who, for a variety of reasons, argue taxes are voluntary or illegal. The courts have repeatedly rejected their arguments as frivolous and routinely impose financial penalties for raising such frivolous arguments. Take the time to learn the truth about frivolous tax arguments.
All Program and Emphasis Areas for Criminal Investigation
Criminal Investigation has categorized their investigative cases into specific program and emphasis areas of fraud. Examples of case summaries written from public record documents where cases were prosecuted can be viewed on the various program and emphasis area web pages.
Tax Scams - How to Recognize and Avoid Them
To help the public recognize and avoid abusive tax schemes, the IRS offers an abundance of educational materials. Participating in an illegal scheme to avoid paying taxes can result in imprisonment and fines, as well as the repayment of taxes owed with penalties and interest. Education is the best way to avoid the pitfalls of these “too good to be true” tax scams.
by Rtucker
Comments
Morning Security Brief: Social Media Software, by Carlton Purvis
02/11/2013 -
►Raytheon, the world’s fifth largest defense contractor, has created a new software that can track people on social media and predict future behavior based on online activity. The software “can display on a spider diagram the associations and relationships between individuals online by looking at who they have communicated with over Twitter. It can also mine data from Facebook and sift GPS location information from Foursquare, a mobile phone app used by more than 25 million people to alert friends of their whereabouts. The Foursquare data can be used to display, in graph form, the top 10 places visited by tracked individuals and the times at which they visited them,” The Guardian reports. Raytheon says it hasn’t sold the product to any companies yet.
http://www.securitymanagement.com/news/morning-security-brief-dorner-gets-1-million-bounty-horsemeat-scandal-social-media-software-and
02/11/2013 -
►Raytheon, the world’s fifth largest defense contractor, has created a new software that can track people on social media and predict future behavior based on online activity. The software “can display on a spider diagram the associations and relationships between individuals online by looking at who they have communicated with over Twitter. It can also mine data from Facebook and sift GPS location information from Foursquare, a mobile phone app used by more than 25 million people to alert friends of their whereabouts. The Foursquare data can be used to display, in graph form, the top 10 places visited by tracked individuals and the times at which they visited them,” The Guardian reports. Raytheon says it hasn’t sold the product to any companies yet.
http://www.securitymanagement.com/news/morning-security-brief-dorner-gets-1-million-bounty-horsemeat-scandal-social-media-software-and
by Rtucker
Comments
Biometrics: Your body is your password
Original article By David Braue
As the spectre of Y2K fades and corporate IT strategists resume the process of upgrading infrastructure and enabling e-business, the challenge of maintaining security in increasingly widely distributed environments has become important, and given that the increasing mobility of the workforce means you can't be sure who's really at the other end of the network link, it's clear that simple user ID and password logons are no longer sufficient. In addition, some high-speed internet connections such as broadband internet may not be a solution against online security breach.
In the past, the issue has often been resolved through the adoption of handheld hardware tokens that provide a one-off, time-limited code to the login procedure. However, these tokens are also one more thing users can lose. Sensing an opportunity to simplify access even further, biometrics vendors are pushing down prices and kicking off corporate trials intended to make their products the next major standard for user authentication in corporate IT environments.
US-based research firm International Biometric Group predicts that the world-wide biometric market will grow from $US58.4 million in 1999 to $US594 million by 2003. To achieve this growth, however, vendors will need to overcome a number of obstacles; most importantly, corporate awareness of the technology's advancement. Analyst firm Forrester Research recently reported a glum future for biometrics in a survey of 50 Global 2500 companies. At the time of the survey, none of the respondents were using biometrics, and a meagre 4% and 2% expected they would be using biometrics to authenticate users and business partners respectively, within two years.
Forrester predicts that the technology will ultimately bomb due to long-held beliefs that it is expensive and unwieldy. The lingering perception that biometrics is invasive technology which compromises privacy compounds the problem. These fears have been fuelled by privacy lobbyists fighting the technology's use in governmental identification schemes. Yet within relatively closed corporate environments, rapidly dropping costs and improved integration have made today's biometrics an extremely practical, inexpensive and transparent method of user authentication.
Original article By David Braue
As the spectre of Y2K fades and corporate IT strategists resume the process of upgrading infrastructure and enabling e-business, the challenge of maintaining security in increasingly widely distributed environments has become important, and given that the increasing mobility of the workforce means you can't be sure who's really at the other end of the network link, it's clear that simple user ID and password logons are no longer sufficient. In addition, some high-speed internet connections such as broadband internet may not be a solution against online security breach.
In the past, the issue has often been resolved through the adoption of handheld hardware tokens that provide a one-off, time-limited code to the login procedure. However, these tokens are also one more thing users can lose. Sensing an opportunity to simplify access even further, biometrics vendors are pushing down prices and kicking off corporate trials intended to make their products the next major standard for user authentication in corporate IT environments.
US-based research firm International Biometric Group predicts that the world-wide biometric market will grow from $US58.4 million in 1999 to $US594 million by 2003. To achieve this growth, however, vendors will need to overcome a number of obstacles; most importantly, corporate awareness of the technology's advancement. Analyst firm Forrester Research recently reported a glum future for biometrics in a survey of 50 Global 2500 companies. At the time of the survey, none of the respondents were using biometrics, and a meagre 4% and 2% expected they would be using biometrics to authenticate users and business partners respectively, within two years.
Forrester predicts that the technology will ultimately bomb due to long-held beliefs that it is expensive and unwieldy. The lingering perception that biometrics is invasive technology which compromises privacy compounds the problem. These fears have been fuelled by privacy lobbyists fighting the technology's use in governmental identification schemes. Yet within relatively closed corporate environments, rapidly dropping costs and improved integration have made today's biometrics an extremely practical, inexpensive and transparent method of user authentication.
by Rtucker
Comments
Security Vulnerability Assessments
SVA Overview
SECURITY VULVERABILITY ASSESSMENT
The Security Vulnerability Assessment (SVA) is used to identify a level of protection that is necessary to adequately mitigate identified risks from critical infrastructure assets.
The Division of Homeland Security and Emergency Management’s Critical Infrastructure and Key Resources (CIKR) planning team uses this process to identify specific security countermeasures designed to protect a community’s continuity of operations, critical assets, population, and visitors.
The first step to the community assessment process begins with the identification of critical assets within the community. The SVA team works through the infrastructure taxonomy provided by the National Infrastructure Protection Plan (NIPP) to identify which assets should be included in the report.
Through historical research, open source data mining, and working directly with the individual asset owner/operators the SVA team is able to gather CIKR asset and interdependency data. The asset information is then entered into the Automated Critical Asset Management System (ACAMS)*, which is a secure, online database and database management platform that allows for the management of CIKR asset data; the cataloguing, screening and sorting of this data; the production of tailored infrastructure reports; and the development of a variety of pre- and post-incident response plans useful to strategic and operational planners and tactical commanders.
Following the data collection phase of the SVA, the team conducts physical “on-site” surveys documenting security countermeasures already in place in the following categories:
• Site Security Criteria Site perimeter, site access, exterior areas and assets, and parking.
• Structure Security Criteria Structural hardening, façade, windows, and building systems.
• Facility Entrance Security Criteria Employee and visitor pedestrian entrances and exits, loading docks, and other openings in the building envelope.
• Interior Security Criteria Space planning and security of specific interior spaces.
• Security Systems Criteria Intrusion-detection, access control, and closed-circuit television camera systems.
• Security Operations and Administration Criteria Security management and personnel, plans, and training.
Through the assessment process and review the SVA team will assign each asset a baseline Level of Protection, or LOP, based off of the asset’s mission, symbolism, threat history, accessibility, recognizability, recoverability, population, proximity to other assets, and vulnerability scores.
During the review and reporting phase the team first decides whether there are additional risks that should be considered in establishing the baseline level of protection (LOP) t}at is required. Second, they determine whether the countermeasures associated with the LOP provide an adequate level of protection to address those risks. Customization of the recommended protective measures may fluctuate relating to the risks identified throughout the assessment. The existing LOP is then compared to the necessary LOP to determine if it adequately addresses the threat(s), or if vulnerabilities exist that need to be addressed (see figure 1). If the existing LOP equates to the necessary LOP, current countermeasures should be maintained and tested on a regular basis. Conditions at the facility should be monitored for changes that may impact the effectiveness of countermeasures or the needed LOP. If the existing LOP does not sufficiently address the risks, shortfalls must be identified and countermeasures to recommendations to address those vulnerabilities will be included in the final report.
This process helps to ensure that the level of protection recommended to CIKR facilities, their employees, and visitors is commensurate with the level of risk.
SVA Overview
SECURITY VULVERABILITY ASSESSMENT
The Security Vulnerability Assessment (SVA) is used to identify a level of protection that is necessary to adequately mitigate identified risks from critical infrastructure assets.
The Division of Homeland Security and Emergency Management’s Critical Infrastructure and Key Resources (CIKR) planning team uses this process to identify specific security countermeasures designed to protect a community’s continuity of operations, critical assets, population, and visitors.
The first step to the community assessment process begins with the identification of critical assets within the community. The SVA team works through the infrastructure taxonomy provided by the National Infrastructure Protection Plan (NIPP) to identify which assets should be included in the report.
Through historical research, open source data mining, and working directly with the individual asset owner/operators the SVA team is able to gather CIKR asset and interdependency data. The asset information is then entered into the Automated Critical Asset Management System (ACAMS)*, which is a secure, online database and database management platform that allows for the management of CIKR asset data; the cataloguing, screening and sorting of this data; the production of tailored infrastructure reports; and the development of a variety of pre- and post-incident response plans useful to strategic and operational planners and tactical commanders.
Following the data collection phase of the SVA, the team conducts physical “on-site” surveys documenting security countermeasures already in place in the following categories:
• Site Security Criteria Site perimeter, site access, exterior areas and assets, and parking.
• Structure Security Criteria Structural hardening, façade, windows, and building systems.
• Facility Entrance Security Criteria Employee and visitor pedestrian entrances and exits, loading docks, and other openings in the building envelope.
• Interior Security Criteria Space planning and security of specific interior spaces.
• Security Systems Criteria Intrusion-detection, access control, and closed-circuit television camera systems.
• Security Operations and Administration Criteria Security management and personnel, plans, and training.
Through the assessment process and review the SVA team will assign each asset a baseline Level of Protection, or LOP, based off of the asset’s mission, symbolism, threat history, accessibility, recognizability, recoverability, population, proximity to other assets, and vulnerability scores.
During the review and reporting phase the team first decides whether there are additional risks that should be considered in establishing the baseline level of protection (LOP) t}at is required. Second, they determine whether the countermeasures associated with the LOP provide an adequate level of protection to address those risks. Customization of the recommended protective measures may fluctuate relating to the risks identified throughout the assessment. The existing LOP is then compared to the necessary LOP to determine if it adequately addresses the threat(s), or if vulnerabilities exist that need to be addressed (see figure 1). If the existing LOP equates to the necessary LOP, current countermeasures should be maintained and tested on a regular basis. Conditions at the facility should be monitored for changes that may impact the effectiveness of countermeasures or the needed LOP. If the existing LOP does not sufficiently address the risks, shortfalls must be identified and countermeasures to recommendations to address those vulnerabilities will be included in the final report.
This process helps to ensure that the level of protection recommended to CIKR facilities, their employees, and visitors is commensurate with the level of risk.
by Rtucker
Comments
SECURING INFORMATON SYSTEMS ASSETS
According to Sun Tzu, what two things must be achieved to adequately secure information system assets?
One must know who Sun Tzu is to understand why his methologies are still being used today in modern technology. Sun Tzu was a Chinese General, in th periods of 544–496 BC and strategist who is traditionally believed to have authored The Art of War, an influential ancient Chinese book on military strategy considered to be a prime example of Taoist thinking." (Swtornio & Jericho, 2010) His believe was that if you know yourself and enemy, and you know your assets are worth, you should know how to protect those assets from your enemy. “The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable."
According to Sun Tzu, what two things must be achieved to adequately secure information system assets?
One must know who Sun Tzu is to understand why his methologies are still being used today in modern technology. Sun Tzu was a Chinese General, in th periods of 544–496 BC and strategist who is traditionally believed to have authored The Art of War, an influential ancient Chinese book on military strategy considered to be a prime example of Taoist thinking." (Swtornio & Jericho, 2010) His believe was that if you know yourself and enemy, and you know your assets are worth, you should know how to protect those assets from your enemy. “The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable."
by Rtucker
Comments
What is COBIT? Who is its sponsor? What does it accomplish?
Control Objectives for Information and Related Technology (COBIT) is an IT governance framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks.
COBIT is sponsored by the Information Systems Audit and Control Association (ISACA). This group was formed in 1967 of individuals with similar auditing controls jobs. They wanted it to be more centralized so the formed the EDP Auditors Association. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge and value of the IT governance and control field.
COBIT now enables clear policy development and good practice for IT control throughout organizations. COBIT emphasizes regulatory compliance, helps organizations to increase the value attained from IT, enables alignment and simplifies implementation of the COBIT framework.
Control Objectives for Information and Related Technology (COBIT) is an IT governance framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks.
COBIT is sponsored by the Information Systems Audit and Control Association (ISACA). This group was formed in 1967 of individuals with similar auditing controls jobs. They wanted it to be more centralized so the formed the EDP Auditors Association. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge and value of the IT governance and control field.
COBIT now enables clear policy development and good practice for IT control throughout organizations. COBIT emphasizes regulatory compliance, helps organizations to increase the value attained from IT, enables alignment and simplifies implementation of the COBIT framework.
by Rtucker
Comments
by Rtucker
Comments
HAVING PROBLMS WIT MICROSOFT? Lance Whitney explans why.
permanent fix for the latest bug in Internet Explorer is still in the works.
by Lance Whitney
January 4, 2013 9:23 AM PST
Microsoft's regular Patch Tuesday rolls around next week. But one flaw that won't be fixed in the mix is the latest zero-day exploit in Internet Explorer.
Last Saturday, Microsoft warned about the zero-day flaw in IE 6, 7, and 8 that could allow attackers to gain control of Windows computers to host malicious Web sites. In its advisory, the company noted that IE 9 and 10 are unaffected by the vulnerability and suggested a variety of workarounds to those running the older browser versions.
On Monday, the company issued a temporary fix that prevents the flaw from being exploited without forcing users to tweak their browser settings. Microsoft warned that this fix is not designed to replace actual security updates but revealed that it is working on a permanent fix.
"We are actively working on a security update for the issue described by Security Advisory 2794220," Dustin Childs, group manager of Microsoft Trustworthy Computing, said in a statement sent to CNET today.
"At this time, we've seen only a limited number of affected customers," he added. "We take customer protection very seriously and until a security update is released, we encourage people to apply the one-click Fix it solution offered with Security Advisory 2794220 to help ensure protection. Additionally, customers should ensure their anti-malware solution is up-to-date and follow good network hygiene practices, such as enabling a firewall, for added protection against threats."
The flaw can only be exploited if a user is taken to a malicious Web site, typically through an e-mail or instant message. So as always, people should be wary of opening any links in an e-mail or IM that seem suspicious.
permanent fix for the latest bug in Internet Explorer is still in the works.
by Lance Whitney
January 4, 2013 9:23 AM PST
Microsoft's regular Patch Tuesday rolls around next week. But one flaw that won't be fixed in the mix is the latest zero-day exploit in Internet Explorer.
Last Saturday, Microsoft warned about the zero-day flaw in IE 6, 7, and 8 that could allow attackers to gain control of Windows computers to host malicious Web sites. In its advisory, the company noted that IE 9 and 10 are unaffected by the vulnerability and suggested a variety of workarounds to those running the older browser versions.
On Monday, the company issued a temporary fix that prevents the flaw from being exploited without forcing users to tweak their browser settings. Microsoft warned that this fix is not designed to replace actual security updates but revealed that it is working on a permanent fix.
"We are actively working on a security update for the issue described by Security Advisory 2794220," Dustin Childs, group manager of Microsoft Trustworthy Computing, said in a statement sent to CNET today.
"At this time, we've seen only a limited number of affected customers," he added. "We take customer protection very seriously and until a security update is released, we encourage people to apply the one-click Fix it solution offered with Security Advisory 2794220 to help ensure protection. Additionally, customers should ensure their anti-malware solution is up-to-date and follow good network hygiene practices, such as enabling a firewall, for added protection against threats."
The flaw can only be exploited if a user is taken to a malicious Web site, typically through an e-mail or instant message. So as always, people should be wary of opening any links in an e-mail or IM that seem suspicious.
by Rtucker
Comments
Incident Response Plan for your PC
Before Virus Attack
Users
1. Make sure you have installed an antivirus program on your PC.
2. Back up all your files.
3. Do not open emails you are not aware of.
Technology Service
1. Make sure you antivirus program is always on.
2. Make sure that you update you antivirus program automatically on a daily basis.
3. Have remote date backup. “If PC comes infected it can be restored with the easy system restore function” ("Remote data backups," 2008)
During Virus Attack
User
1. Your PC will identify the attack and let you know that an attempt of a virus was trying to attack your PC. The antivirus will stop the attack by deleting or quarantine the virus.
2. If your PC is running slow immediately turn off your PC or unplug it to prevent any damage.
Technology Services
1. Run a scan of the PC to assure that the virus has been contained.
After Virus attack
User
1. Run a full scan of your system to assure that it is safe to operate.
2. Check emails and delete the ones that you do not recognize.
3. Check your antivirus to assure that it has the latest dates.
Before Power Failure
User
1. Make sure that you do not overload your circuits by putting multiple electronics in one outlet.
2. Know where your circuit breaker is located.
3. Make sure that you have a back of all your files in a storage container.
4. Do not have opened containers of liquids by your PC.
Technology Services
1. Make sure that you have a power surge on your PC.
2. Back up the file you are working by having a thumb drive. “Portable storage device that plugs in your PC USB port” ("Freedom scientific," 2009).
3. Have remote data backup system services.
During Power Failure
User
1. Unplug your PC to eliminate further damage.
2. Disconnect the battery to eliminate all power going to your PC if you have a laptop.
Technology Services
1. Contact the technology center by phone and follow their instructions.
2. If you smell smoke take do not turn back on your PC it further damage your PC.
3. Do not try your cover off of your PC.
After Power Failure
User
1. Look for signs of damage of your PC.
2. Smell to see if you smell anything burning.
3. If you are able to turn you your PC check for any smoking coming out of the tower.
Technology
1. After turning the PC back on run a systems check to look for any damage that might have occurred on your hardware.
2. If your PC do not power backup, do not take it apart unless you are certified to do so.
Have your PC serviced if it do not power back up.
Before Fire
Users
1. Make sure that all files are backed up on a floppy disc.
2. Have fire alarms installed in the home.
3. Have a fire extinguisher available
Technology Service
1. Have a back recovery system in place on your PC.
2. Have an online backup system service company to backup files online for extra safety.
During Fire
Users
1. Turn off and unplug the PC.
2. Take PC with you if you can.
3. Move PC away from the fire zone if possible.
Technology
1. Grab the fire extinguisher and try to put out the fire.
2. Do not wet or spray you PC.
3. Notify the fire department if you can put out the fire.
After Fire
Pray lol
Before Virus Attack
Users
1. Make sure you have installed an antivirus program on your PC.
2. Back up all your files.
3. Do not open emails you are not aware of.
Technology Service
1. Make sure you antivirus program is always on.
2. Make sure that you update you antivirus program automatically on a daily basis.
3. Have remote date backup. “If PC comes infected it can be restored with the easy system restore function” ("Remote data backups," 2008)
During Virus Attack
User
1. Your PC will identify the attack and let you know that an attempt of a virus was trying to attack your PC. The antivirus will stop the attack by deleting or quarantine the virus.
2. If your PC is running slow immediately turn off your PC or unplug it to prevent any damage.
Technology Services
1. Run a scan of the PC to assure that the virus has been contained.
After Virus attack
User
1. Run a full scan of your system to assure that it is safe to operate.
2. Check emails and delete the ones that you do not recognize.
3. Check your antivirus to assure that it has the latest dates.
Before Power Failure
User
1. Make sure that you do not overload your circuits by putting multiple electronics in one outlet.
2. Know where your circuit breaker is located.
3. Make sure that you have a back of all your files in a storage container.
4. Do not have opened containers of liquids by your PC.
Technology Services
1. Make sure that you have a power surge on your PC.
2. Back up the file you are working by having a thumb drive. “Portable storage device that plugs in your PC USB port” ("Freedom scientific," 2009).
3. Have remote data backup system services.
During Power Failure
User
1. Unplug your PC to eliminate further damage.
2. Disconnect the battery to eliminate all power going to your PC if you have a laptop.
Technology Services
1. Contact the technology center by phone and follow their instructions.
2. If you smell smoke take do not turn back on your PC it further damage your PC.
3. Do not try your cover off of your PC.
After Power Failure
User
1. Look for signs of damage of your PC.
2. Smell to see if you smell anything burning.
3. If you are able to turn you your PC check for any smoking coming out of the tower.
Technology
1. After turning the PC back on run a systems check to look for any damage that might have occurred on your hardware.
2. If your PC do not power backup, do not take it apart unless you are certified to do so.
Have your PC serviced if it do not power back up.
Before Fire
Users
1. Make sure that all files are backed up on a floppy disc.
2. Have fire alarms installed in the home.
3. Have a fire extinguisher available
Technology Service
1. Have a back recovery system in place on your PC.
2. Have an online backup system service company to backup files online for extra safety.
During Fire
Users
1. Turn off and unplug the PC.
2. Take PC with you if you can.
3. Move PC away from the fire zone if possible.
Technology
1. Grab the fire extinguisher and try to put out the fire.
2. Do not wet or spray you PC.
3. Notify the fire department if you can put out the fire.
After Fire
Pray lol
by Rtucker
Comments
Stolen credentials, basic security lapses at core of 2012 breaches
Robert Westervelt, News Director Published: 26 Dec 2012
A common thread could be weaved through the high profile data breaches that took place in 2012. Attackers are targeting basic security lapses and configuration errors or bypassing security systems altogether by using stolen account credentials to appear as a legitimate user on the network.
In this edition of the Security Squad podcast, the SearchSecurity editorial team discusses some of the lessons learned from the top breaches of 2012. From source code leaks to credit card data, from poorly protected email and account credentials to intellectual property, attackers demonstrated that they can get into corporate systems and often remain there undetected for extended periods.
Emerging password alternatives have some complex hurdles to climb before becoming mainstream. Multi-factor authentication is being implemented by more websites, but implementation needs to be rolled out systematically and more of an effort needs to be made to encourage people to more broadly adopt the protection.
Security awareness training is essential in reducing social engineering attacks, but the training must be done in a way that makes it personal for the end user. Programs that teach employees how to protect their children and their banking activities could eventually foster awareness and translate into better protecting the company data, experts say.
Listen to the Security Squad podcast or right click and download the MP3.
Related Topics:Identity Theft and Data Security Breaches, VIEW ALL TOPICS
\
For information about this issue you can follow this web page: http://searchsecurity.techtarget.com/news/2240175306/Stolen-credentials-basic-security-lapses-at-core-of-2012-breaches
Robert Westervelt, News Director Published: 26 Dec 2012
A common thread could be weaved through the high profile data breaches that took place in 2012. Attackers are targeting basic security lapses and configuration errors or bypassing security systems altogether by using stolen account credentials to appear as a legitimate user on the network.
In this edition of the Security Squad podcast, the SearchSecurity editorial team discusses some of the lessons learned from the top breaches of 2012. From source code leaks to credit card data, from poorly protected email and account credentials to intellectual property, attackers demonstrated that they can get into corporate systems and often remain there undetected for extended periods.
Emerging password alternatives have some complex hurdles to climb before becoming mainstream. Multi-factor authentication is being implemented by more websites, but implementation needs to be rolled out systematically and more of an effort needs to be made to encourage people to more broadly adopt the protection.
Security awareness training is essential in reducing social engineering attacks, but the training must be done in a way that makes it personal for the end user. Programs that teach employees how to protect their children and their banking activities could eventually foster awareness and translate into better protecting the company data, experts say.
Listen to the Security Squad podcast or right click and download the MP3.
Related Topics:Identity Theft and Data Security Breaches, VIEW ALL TOPICS
\
For information about this issue you can follow this web page: http://searchsecurity.techtarget.com/news/2240175306/Stolen-credentials-basic-security-lapses-at-core-of-2012-breaches
by Rtucker
Comments
There has been an attack on asking individuals for money to unlock their computer. If this happened to you or you know of someone who had this happen to them, please contact the United States Cyber Security Moneypak. You can follow this website to find out more information.
http://guides.yoosecurity.com/blocked-by-united-states-cyber-security-moneypak-virus-scam-malware-screen-asking-for-200-fine-to-unlock-your-computer/
Blocked by United States Cyber Security Moneypak Virus Scam Malware Screen Asking for $200 Fine to Unlock Your Computer?
Fake United States Cyber Security Moneypak Virus Scam warning virus to pay $200 using Moneypak to unlock the computer?
What happens when the US Cyber Security malware blocks your computer? IP address blocked by fake United States Cyber Security ransomware and a window says pay $200 fine to unlock computer? Is there a chance if i watched porn and this united states cyber security locked my PC and asked for $200 in 24 hours? Do you know US website 200 dollar security copyright infringement? How to unlock my laptop from United States Cyber Security Moneypak Virus Scam screen?:(
http://guides.yoosecurity.com/blocked-by-united-states-cyber-security-moneypak-virus-scam-malware-screen-asking-for-200-fine-to-unlock-your-computer/
Blocked by United States Cyber Security Moneypak Virus Scam Malware Screen Asking for $200 Fine to Unlock Your Computer?
Fake United States Cyber Security Moneypak Virus Scam warning virus to pay $200 using Moneypak to unlock the computer?
What happens when the US Cyber Security malware blocks your computer? IP address blocked by fake United States Cyber Security ransomware and a window says pay $200 fine to unlock computer? Is there a chance if i watched porn and this united states cyber security locked my PC and asked for $200 in 24 hours? Do you know US website 200 dollar security copyright infringement? How to unlock my laptop from United States Cyber Security Moneypak Virus Scam screen?:(
by Rtucker
Comments
This was released on Monday, December 3, 2012 |
With Congress focusing much of their time on the fiscal cliff, following another failed attempt to pass cybersecurity legislation, the White House may be a step closer to releasing its anticipated cyber executive order.
http://cybersecuritynews.org/2012/12/03/new-draft-of-white-house-cyber-executive-order-surfaces/#more-2150
With Congress focusing much of their time on the fiscal cliff, following another failed attempt to pass cybersecurity legislation, the White House may be a step closer to releasing its anticipated cyber executive order.
http://cybersecuritynews.org/2012/12/03/new-draft-of-white-house-cyber-executive-order-surfaces/#more-2150
by Rtucker
Comments
Securing the Cyber Ecosystem
DHS plays a key role in securing the federal government's civilian cyber networks and helping to secure the broader cyber ecosystem through:
•partnerships with owners and operators of critical infrastructure such as financial systems, chemical plants, and water and electric utilities
•the release of actionable cyber alerts
•investigations and arrests of cyber criminals, and
•education about how the public can stay safe online.
DHS plays a key role in securing the federal government's civilian cyber networks and helping to secure the broader cyber ecosystem through:
•partnerships with owners and operators of critical infrastructure such as financial systems, chemical plants, and water and electric utilities
•the release of actionable cyber alerts
•investigations and arrests of cyber criminals, and
•education about how the public can stay safe online.
by Rtucker
Comments
Google Releases Google Chrome 23.0.1271.91
Google has released Google Chrome 23.0.1271.91 for Windows, Mac, Linux, and ChromeFrame to address multiple vulnerabilities. These vulnerabilities could result in a denial of service or allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update to Chrome 23.0.1271.91.
If you like Google this is for you.
Google has released Google Chrome 23.0.1271.91 for Windows, Mac, Linux, and ChromeFrame to address multiple vulnerabilities. These vulnerabilities could result in a denial of service or allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update to Chrome 23.0.1271.91.
If you like Google this is for you.
by Rtucker