MC2SX Security Concerns

Friday, September 2, 2011

MC2 SX Post TSA Full Body Scanner Sweating New Tests

New Airport Scanners Alarmed

by Sweaty Armpits

Link: http://news.cnet.com/8301-17852_3-20086884-71/new-airport-scanners-alarmed-by-sweaty-armpits/

TinyURL: http://tinyurl.com/3slpxgo

==================================

Thursday, June 2, 2011

MC2 SX Needle in the Haystack Password Protection

===========================

Must Listen Podcast:

Security Now!

Episode 303

===================

Password Haystack

===================

Note:

Clicking on the link will start playing the podcast.

Link: http://www.podtrac.com/pts/redirect.mp3/aolradio.podcast.aol.com/sn/sn0303.mp3

===================

Common words and numbers

are Bad Passwords.

Number 1 most used password is 123456
Number 4 most used password is password
monkey is no. 14
michael is in the top 20.

Don't use these!

=============

46.67% of all Passwords

only use lower case alpha.

abcdefg etc.

=============

only all numeric passwords are even worst.

123456 etc.

=============
=============

New Password Methodology:

The Best password should have At Least:

1 uppercase, 1 lowercase, 1 digit and 1 symbol

It's Best to Mix the Order As You Like.

A Very Simple
(But don't use this)

Example:

D0g......................

That's the uppercase D, the number 0,
lowercase g and

22 periods.

====================
The Length of the Password is extremely Important.

The above is 25 "characters" long.
====================

Thanks Steve and Leo for a Great Resource.

Link: http://twit.tv/sn

====================
====================

Want to check how tough to crack Your password ideas are?

Check out This GRC page:

How Big Is Your Haystack?

Link: https://www.grc.com/haystack.htm

============

Thursday, February 3, 2011

MC2SX Security Concerns: Bluetooth

Last Post 11-18-2010

Bluetooth ICON image:

======================

From: http://tech.blorge.com

How to Hack Bluetooth Cell Phones, and How to Protect Yourself

Link One: http://tech.blorge.com/Structure:%20/2009/02/22/how-to-hack-bluetooth-cell-phones-and-how-to-protect-yourself/

======================
======================

======================
Security Now Podcasts on the Subject: Bluetooth Hacking
======================

======================
December 22nd, 2010
Security Now 280: Bluetooth Security

Link: Two: http://twit.tv/sn280
======================
January 12th, 2011
Security Now 283: Hacking Bluetooth

Link Three: http://twit.tv/sn283
======================
Bluetooth Hacking Names:

Bluejacking
Blue Snarfing
Blue Printing
HelloMoto
BlueToone
Red Fang among lots of others..

"More Link and INFO coming" --Wingman

======================

Thursday, November 18, 2010

MC2SX Post Whitehat Cracks Notorious Rootkit Wide Open

Whitehat Cracks Notorious Rootkit

Link: http://www.theregister.co.uk/2010/11/18/zeroaccess_rootkit_deconstructed/

TinyURL: http://tinyurl.com/2bwatkl

======================================

Step-by-Step Reverse Engineering Malware:
ZeroAccess / Max++ / Smiscer Crimeware Rootkit

by Giuseppe Bonfa

Link: http://resources.infosecinstitute.com/step-by-step-tutorial-on-reverse-engineering-malware-the-zeroaccessmaxsmiscer-crimeware-rootkit/

======================================
======================================

Friday, October 1, 2010

MC2SX Post Stuxnet Worm The "hits" Just Keep on Coming

September 30, 2010:

A computer virus dubbed the world's "first cyber superweapon" by experts and which may have been designed to attack Iran's nuclear facilities has found a new target -- China.

The Stuxnet computer worm has wreaked havoc in China, infecting millions of computers around the country, state media have reported.

Link: http://www.physorg.com/news205050403.html

------------------------------------------------------------------------------------

Steve Gibson Reported about this on last weeks
Security Now Show 268
Stating that it was a unknown Government backed attack,
because it was too sophisticated for regular hackers to pull off.

------------------------------------------------------------------------------------

http://www.podtrac.com/pts/redirect.mp3/aolradio.podcast.aol.com/sn/sn0268.mp3

------------------------------------------------------------------------------------

====================================
ALL LINKS From http://www.physorg.com/
Related Story Links:
====================================

September 24,2010:

Software smart bomb fired at Iranian nuclear plant: experts

Link: http://www.physorg.com/news204526371.html

====================================

September 25,2010:

US does not know source, purpose of Stuxnet worm: official

Link: http://www.physorg.com/news204605847.html

====================================

September 26,2010:

Stuxnet infects 30,000 industrial computers in Iran: report

Link: http://www.physorg.com/news204701147.html

====================================

September 27,2010:

Stuxnet worm rampaging through Iran:
IT official

The Stuxnet worm is mutating and wreaking further havoc on computerised industrial equipment in Iran where about 30,000 IP addresses have already been infected, IRNA news agency reported on Monday.

Link: http://www.physorg.com/news204793427.html

====================
====================

Wednesday, August 18, 2010

MC2 Security Concerns QR Codes, A Good Thing Or NOT?

QR Code

What in The Heck Are QR Codes?

Bar code

Basically, QR codes are like Bar codes that most products have now but differ in that Smart Phones with Web Cams can Quickly Read, hence the name QR, or Decode. These QR codes can be placed on Personal Stuff and include just about any Tags you want to give you "Stuff".

The Problem is The Data can be hidden and send you to a Web Page you know

nothing about. Even Sites with dubious motives.

Fortunately QR codes haven't made any significant inroads in the US, the bulk of push seems to be centered Europe right now. But That could change very quickly, and awareness of the potential and pitfalls of this community spreading tech is something to keep a cautious eye on.

Link: http://socialmediasecurity.com/2010/08/14/social-media-security-podcast-17-icanstalku-qr-codes-facebook-directory-via-torrent-linkedin-captchas/

Link: http://socialmediasecurity.com/

=============================
=============================

Security Now with Steve Gibson.

Link: http://twit.tv/sn

Latest Podcast: Security Now 261:
Your Questions, Steve's Answers 98
Hosts: Steve Gibson with Leo Laporte

===========================================

========================

QR Code Specs, Decoders, Etc.

Link: http://qrcode.sourceforge.jp/

Link: http://www.qrme.co.uk/qr-code-forum.html?func=view&id=106&catid=13

Link: http://en.wikipedia.org/wiki/QR_Code

Wikipedia QR Code PIX:
QR Code for the URL of the
English Wikipedia Mobile main page.
Note that the white border is part of the encoding.

====================================

Friday, February 1, 2008

Listening to Podcasts Pays Off Again!

[Snapshot Pointer]

Steve Gibson, of Spinrite Fame, appears on Security Now Podcast on TWIT.TV mentioned a terrific NEW program for Windows XP users, and a possible Vista equivilant to be forth coming.

"Windows SteadyState is a tool developed by Microsoft for use with Windows XP that gives administrators enhanced options for configuring shared computers, such as hard drive protection and advanced user management. It is primarily designed for use on computers shared by many people, such as internet cafes, schools, etc." from Wikipedia.

Go to : http://en.wikipedia.org/wiki/Windows_SteadyState,
For a quick overview of the program at Wikipedia, and yes, the program is free, from Windows.

Stay Tuned...