No Picture

5 Apple security myths

Five Apple Security Myths — and the Disturbing Truths Five hard lessons With that in mind, here are five Apple security myths — and the brutal truth behind each: Myth: I don’t need antivirus and spam protection because I work on a Mac. Truth: The Mac OS X operating system is targeted less frequently by malware only because it’s not as widespread as Windows. It’s no more secure than any other operating system, said Sorin Mustaca, data security expert at Germany-based Avira. As for phishing attacks, said Mustaca, “the biggest problem in this case is not the computer itself, but…

No Picture

Improve your Security #3: Online Protection

It is usually said that those who are behind a hardware router are protected from any danger. This is true in regard to the connections that come from outside but it is not true for the dangers which come from inside the local network. We must not forget that most of threats are landing on users’ computers via email or web traffic (either drive-by downloads or web bugs and exploits). Thus it is important to use multiple layers when it comes to online protection. For the sake of simplicity, I separated the protection layers in three areas: External area, Network…

No Picture

Complex passwords aren’t always better

Recently I’ve had the exam for the CompTIA Security+ Certification. While practicing for the exam, I’ve had the following question. Q:When setting password rules, which of the following will lower the level of security of a network ? A: Complex passwords that users can not remotely changed are randomly generated by the administrator and given to users Why ? Very simple, actually 🙂 Because the users will write these passwords on stickers and hang them on their monitors 🙂 So, IT guys, please make your life simpler and let the users to change the passwords. There you must definitely enforce…

No Picture

Smart and true quote

If there’s anything I’ve learned from my years in the tech world, it’s that companies don’t get killed by competition. They usually find creative ways to commit suicide. Sridhar Vembu,CEO of Zoho How true this is ! This applies to me as well. Now, let me detail this a little bit. If a company wants to be better than another company, they will kick each other’s ass until one wins. At that moment, the other one will be weakened and is vulnerable. And the company who is in a better shape would buy the other one. Why ? Because, usually,…

No Picture

The CompTIA Security+ Certification: passed

I’ve had today the exam for the CompTIA Security+ SYS-201 certification and passed it with 828 points out of 900 (min. 750 to pass it). I’ve learnt after the book The CompTIA Security+ 2008 Study Guide, 4th Edition., author Emmet Dulaney. Why this book ? It was recommended by CompTIA on their website and it was cheap 🙂 I started initially with the eBook : The CompTIA Security+ 2008 in Depth, author Mark Ciampa. Remember by posts about the posts : Not all AV software are the same” – CompTIA Security+ 2008 and Cybercriminals from Eastern Europe ? They were…

No Picture

A closer analysis of DE-Cleaner from Symantec

I was curious about how the DE-Cleaner of Symantec works, so I downloaded the software and give it a closer look. I did not dissemble it or anything similar… I simply performed a little black box testing. So, I started it without any internet connection. The result was: no scanning was possible. DE-Cleaner requires an Internet connection. This is an indication that the software is an in-the-cloud scanner. After seeing this, I searched on the website more details. And I found them… yes, indeed the Symantec De-Cleaner needs an Internet connection. This is why the file has the size…

No Picture

“Not all AV software are the same” – CompTIA Security+ 2008

CompTIA Security+ 2008, page 99, Chapter Antivirus Not all AV software is the same. Free AV software that is available for download through the Internet will typically only look for viruses in standard files. However, most commercial AV software will also look for Trojans, worms, macro viruses, and adware in standard files as well as in compressed (.ZIP) files. In which decade are you guys from CompTIA living ? *Any* AV product looks for those malware in all files. Maybe you should update the book 😉

No Picture

Romanian Phishing: Ministertul Finantelor Publice – Taxe si Impozite

“Romanian tax return phishing” published in the Avira Techblog From: Ministerul Finantelor Publice Date: 25.11.2010 07:54:34 Subject: Ministertul Finantelor Publice – Taxe si Impozite Dupa ultimele calcule ale activitatii dumneavoastra anuale am stabilit ca va sunt eligibile pentru primirea unei rambursari a impozitului in conformitate cu sectiunea 501 (c). Valoarea impozitului returnat este de 473,27 RON. Va rugam sa ne trimiteti cererea de rambursare a impozitului si sa asteptati 6-9 zile pentru verificarea datelor introduse. Pentru a accesa formularul de plata va rugam sa va completati datele aici : Aceasta notificare a fost trimisa de catre Ministerul Finantelor Publice…

No Picture

“Cybercriminals from Eastern Europe”

“Cybercriminals from Eastern Europe” – quote from CompTIA Security+ 2008, Chapter 1, Page 36 Oh, please… this is stupid ! It is true that many of the attacks are conducted from Eastern Europe, but this is not the way to publish something like this. You are ruining their chances. There are many good guys and they are brilliant ! I have the pleasure to work with many such young people every day. Cybercriminals There is a new breed of computer attackers known as cybercriminals. Cybercriminals are a loose-knit network of attackers, identity thieves, and financial fraudsters. These cybercriminals are described…

No Picture

onMouseOver() Twitter security flaw (+Update)

A Twitter security flaw is being widely exploited on Twitter, showing remote content from third-party websites without user’s consent. The flaw uses a JavaScript function called onMouseOver() which creates an event when the mouse is passed over a text or link. Any user can use this flaw to create simple popups, redirect the page to somewhere else, retweet some messages or hide parts of the message. The link has to be constructed in such a way that it starts with<text>@”onmouseover=”<code>” The problem is that Twitter doesn’t filter the code, it instead executes it. To overcome the problem, use some…

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.