Sponsors

Sunday, September 14, 2014

Prime Minister Speaks on Israel as a Dominant Force in Cyber Security Protection

 

Prime Minister Benjamin (Binyamin) Netanyahu delivered speech on information security at the fourth International Cyber Security Conference at Tel Aviv University.

Prime Minister Netenyahu gave a compelling speech on Cybersecurity today. In addition, he is an excellent global spokes person on the need for protecting Cyber Space for everyone. I extracted a portion of his speech that really hit home with me, and I think it will hit home with others as well.

Impactful Statements:

  • "If the Cyber Space unites us all, let's unite to protect the Cyber Space"
  • "Every county and every citizen of the planet will need Cyber Security"
  • "I don't think there is a person on Earth who won't need Cyber Security"
  • "Long before the term Cyber became know and common place. Israeli companies developed the fist Cyber technology, the first Firewall, several of the first set Anti Virus technologies."
  • “This will be the century where Cyber Security will be achieved, or we will lose the tremendous opportunities that face humanity"

 

One thing that is for certain, Cyber Security is everyone’s business and will offer a bounty of career opportunities.

For Cyber Security Career Advice Visit: http://www.cybersecuritycareeradvisor.com/

 

Saturday, August 16, 2014

The Hacker Group Anonymous and the Ferguson, MO Police Shooting


I can't support what Anonymous is doing with their Robin Hood hacker tactics. First, I am an ISC2 Certified Information Systems Security Professional (CISSP), and by ISC2 ethical standards I can't support the intentional violation of Confidentially, Integrity and Availability of computer networks. Second, Anonymous runs the chance of severely interfering with Justice being served; regardless of how noble their intentions might seem at times. Case and point, they released to the public the wrong name of a police officer who was not involved with the Michael Brown killing. Remember, we want justice, not revenge.

Kind regards,

Julius, CISSP, CISA

Tuesday, March 25, 2014

POWEROCKS Magicstick Portable Battery for Charging Mobile Devices


A few months ago I was asked by the company PowerRocks to evaluate the Magicstick device. They make portable and reliable mobile device charging solutions for mobile devices, and they asked me to do a review of their product on the Clark Thought Leadership Blog and I agreed. They quickly sent me a sample to review and I immediately took it out of its packaging, connected the UBS connector that came with it to my computer and the other end to the micro port and charged it overnight. See above. The PowerRocks charging device takes 5-6 hours to fully charge up when empty.



First, I must say that the Magicstick device is very nice and sleek looking product. They sent me a blue one with a cool metal painted finish. It will definitely create conversations every time you take it out. See below.



The Powerocks Magicstick comes in the following colors.
 

I use an iPhone 5s and I am a heavy app user which results in my phone’s battery draining too fast. By using the PowerRocks device I am able to recharge my smartphone whenever I need to without worrying about finding an electrical outlet. The powerocks device fully charged my iPhone in about 2/5 hours. You will be able to get close to 2 full charges from a fully charged Powerocks device. Not bad at all.

On one end of the Magicstick device there is a Smart push-button LED indicator button that when pressed will let you know who much charging ability is available in the Magicstick. Below the LED is showing a blue light which indicates that the battery has a 70% - 100% charge.


Smart push-button LED light status legend. 
  • Blue light = 70% - 100% full
  • Green light = 30% - 70% full
  • Red light = 1% - 30% full
 
So while I was testing the Powerocks Magic stick my beautiful daughter came over to me and said, "daddy with is that?" I told her that it is a device that recharges mobile devices without having to be plugged in to an outlet. She immediately said, "wow day I can use that while at school! It is very difficult trying to recharge my phone during the dat at school." I initially said no, but as I thought about it and being the IT Security person that I am, I soon realized that the Magicstick would reduce the likelihood that my daughters' Android phone would be stolen, because instead of her plugging up her smartphone in an outlet at school where she would not be able to keep her eyes on it all the time, she could use the Powerocks Magicstick and charge her phone while it is in her book bag and not draw any attention to it. Additionally, it will allow her to focus on her school work and not worry about someone eyeing a charging phone and walking off with it while it is charging; sometimes she said she has charged her phone in empty classrooms and tried her best to hide it; not good at all!



You can find Magicstick portable recharging batteries for under $30. I think they make the perfect gift for individuals who have everything. Power for mobile devices is now a commodity and everyone needs access to power to stay connected to family, friends and work; especially in emergency situations.

I think that the Powerocks Magicstick is a great product that is affordable and one that will see use over and over by the recipient of it. I high recommend the product.


 Quick Review of Spccs.

 
 

 
 


Enjoy,

Julius







Sunday, March 23, 2014

Get 10 GB of Free Computer File Backup Space


What A Great Deal!
There is a cloud based online backup company named Symform that will give you 10GB of Free online backup space. This is the most that I have ever seen offered by any online back up company. The company's business model involves using the disk space from others and reselling it. In return one could actually get unlimited backup space by sharing the unused space on their hard drives.

Plans


I belive that every person should use online backups services. Install. Configure. Forget. Once your online backup service is instailed you can forget about it, but when your hard drive fails you will not use your priceless data. Security wise the company reports that they use 256 Bit encryption and notes that the U.S. Federal computer system are requirment is only 128 Bit encryption. Additionally, this is great for your kids laptops and computer systems. I wish their was some data available on the amount of work lost by kids k-12. I think that backing up the kids computer is the last thing that comes to the minds of parents. So before they lose any school work and start balling and crying about having to attempt to recreate it. Show them that you love them and backup their computers for free!

Enjoy!

 Julius

Thursday, January 16, 2014

The Three Headed Threat

The Highest Web Application Risks
 
The three headed web application Threats that can cause major problems for your web application and become a nightmare.
  • Cross-Site Scripting (XSS)
  • SQL Injection
  • Denial of Service (Dos)
For me these are the big three, for other security professionals it could be a mix of others. I choose these three because they occur so often.
 
Cross-Site Scripting (XSS)
Using the special characters below attackers can compromise your web application and steal its data with cross site scripting.
< >" ' % ; () & + \ # { } | ^ - [ ]
 
Filter the input andoutput of the characters mentioned above is the common method of safeguarding against cross-site scripting attacks.

Impact of Cross-Site Scripting

Hackers can successfully exploit XSS vulnerabilities in a web application by inserting a script allows them to have full control over that gives end users' account credentials. Then are able to perform many malicious activities, such as:
  • Hijack an account
  • Spread web worms
  • Access browser history and clipboard contents
  • Control the browser remotely
  • Scan and exploit intranet appliances and applications
SQL Injection
SQL Injection is input of data that can have unintended results while executing a database query. The input of the data will contain other characters that change the intended SQL string data query. 
Mitigation:
  • Have all SQL statements be built within a stored procedure instead of the application.
  • Filter key SQL elements from the data before executing your inquiry.
 
Denial of Service (DoS)
Denial of Service attacks are caused by an attacker who sends sufficient traffic volume to your web application; typically using free tools available on the internet, which cause the web service to stop responding or become unavailable to answer legitimate web traffic requests. Leaving legitimate users unable to access your web site or application.
Diagnosis:
  • Unusually slow network performance (opening files or accessing websites)
  • Unavailability of a particular website
  • Inability to access any website
  • A dramatic increase in the number of spam emails received
Mitigation:
Have a business continuity plan that utilizes alternate web server resources and IP addresses that can be easily configured to allow legitimate web traffic of customers so they can access the site.
Turn on and review log files to determine if the web application is under a DoS attack; sometimes a DoS attack may not be one at all, but something configured incorectly or something polling your website by mistake.
Their are also cloud services available that can absorb a DoS attack for your web site and only pass legitimate traffic to your site.
 
And for safety's sake; Encrypt The Data!
The only weakness that the mythical three headed dog Cerberus had was that it fell to the mighty strength of Hercules. 
 
Use the mighty strength of encryption to protect your data!
 
All three of the above threats put your data at risk. Anytime your data is at rest (stored), or in transit make sure it is encrypted.
 
 Enjoy,
 
Julius

Friday, October 18, 2013

Healthcare.gov Fix: U.S. Government Sponsored Hackathons

New Idea - The U.S. Government should make these overpriced government Information Technology firms compete against Hackathon public projects when drafting their technology proposals..

This would spark many youth to pursue careers in technology. Because of the rebellious nature of youth, many would get a kick out of creating competing products to stick it to the man! Thus, helping to solve America's STEM crisis.

 

Healthcare.gov would have been child's play for America's young adults who have built social media mega infrastructures, which were originally developed and hosted from dorm rooms and cramped apartments on computers sitting on the floor. 

Until we read again!

Take care!

Monday, September 30, 2013

Thursday, September 26, 2013

How To Prevent A Hacker From Spying On You Using Your Web Cam




Your webcam can be used against you by hackers to spy on you, record you and possibly blackmail you, or be used for revenge or extortion against you. See NBC News article--> FBI Arrests suspect in Miss Teen USA 'sextortion' case.

Because these stories are becoming more and more common in the news, Michael, a friend of mine asked me to share on his Facebook page, a way that individuals can secure their web cams and prevent it from being hacked. More like reduce the likelihood that your webcam gets hacked into. Just know that anything connected on the Internet can be hacked or compromised.
  1. Use a computer account that does not have Administrator rights. Limited rights is perfect.
  2. Keep antivirus software up to date and don't skimp, pay for the annual renewal!
  3. Set your PC or Laptop to download and install security patches automatically.
  4. Keep the computer’s firewall turned on all the time.
  5. Don’t let your children use your computer. Buy your children their own computing devices. Disable the camera on their computer if they have no need to use it. See steps 6 & 7.
  6. If your web cam is external, keep it unplugged until you need it.
  7. If your web cam is internal, consider deleting the drivers for it and purchasing an external web cam and follow step 6.
  8. For internal web cams, use tape or post-It Note to cover camera lens if you are not using it.
  9. Microphone – Turn the microphone input volume down to “zero”, when not using it.
  10. For the Ultra-Paranoid, delete the device drivers for both your web cam and microphone.
  11. Create complex login passwords.
Thanks for asking me to write this article Michael!

Enjoy,

Julius, CISSP

In addition, if you are new to the IT Security field, or have no experience and want to change your career consult with me at:


Get Expert Advice!