Computer Security

The programs called "spyware" record information about your computer use and forward it to another user, typically one unauthorized to collect this data.

As much as he understands, it will take as much time as his intelligence

From NIST 800.53 rev 4:

Physical and Environmental Protection Policy and Procedures

Physical Access Authorizations

Physical Access Control

Access Control for Transmission Medium

Access Control for Output Devices

Monitoring Physical Access

Visitor Access Records

Power Equipment and Cabling

Emergency Shutoff

Emergency Power

Emergency Lighting

Fire Protection

Temperature and Humidity Controls

Water Damage Protection

Delivery and Removal

Alternate Work Site

Location of Information System components

Information Leakage

Asset Monitoring and Tracking.

==========

Physical access control to spaces where computer assets (computers, networking connections, cabling, etc.) are present.

Physical protection of documented information about instituted protections.

Environmental protections of computers and users to protect availability and integrity (for example, EM interference can compromise integrity of transmitted information)

Physical protections against eavesdropping, interception, alteration, and interference

Tamper evident seals

Protection from physical threats (for example: protecting data center from fires, floods, tornadoes, etc.)

Protection of storage media (tapes, disks, drives, etc) - access control, theft prevention, protection against damage

Such a website is usually called a "phishing website" because users are usually sent to them via a phishing message. It can also be legitimately called a "malicious website" because the information harvested from it is then usually used as part of an identity theft.

The phrase is "social engineering" where the attacker manipulates people into providing confidential information or performing actions that compromise security. It is also referred to as "phishing" or "pretexting."

The component of UEFI that helps prevent malware from hijacking a system during or before the operating system load is Secure Boot. Secure Boot ensures that only trusted software, such as the operating system and its bootloader, is allowed to run during the boot process. By verifying digital signatures of the boot components against a list of trusted certificates, Secure Boot helps block unauthorized code from executing and protects the system from potential malware attacks.

When internet fraudsters impersonate a business to trick you into giving out your personal information, it's called phishing. Like any kind of fraud, it is a crime, but the difficulty of catching the fraudster is increased due to the insulation of the criminal from the target by transient nature of thee accounts they launch their attacks from

True

Remove your CAC and ensure the workstation is locked.

You could use the Microsoft Baseline Security Analyzer (MBSA) tool to perform security scans on Windows-based systems using official Microsoft documentation, security bulletins, and security best practices as sources of information. Additionally, you can utilize vulnerability databases and industry-recommended security standards for reference during the scanning process.

Someone creates ransomware, which inserts a virus onto your computer and demands cash to fix it. Avoid clicking on the message and close it using task manager and you may avoid having it download. Also, do not "resume previous session." It is prevalent in Europe, but there is a fair amount of occurrence in the US.

Bruteforce

SSL/TLS is a communications protocol (a strict set of rules) that enables encryption (an ordered method to scramble data involving the password so that no third party can understand it) to protect personal information such as identity information and financial information while transactions are being conducted.

The public key is associated with a key that is used in an entire program while a private key is only used within a function.

A normal password is a word of six to eight letters. Some sites require a number in the password. Regardless, they're easy to crack. While most people use such passwords, in comparison to a house, they're no more secure than locking your home but forgetting to lock all the windows.

A better password will be a random setting of capital and lower case letters mixed with numbers and characters on the keyboard. This should be no less than eight letters/numbers/characters long making it much harder to crack. However, a password cracking program will still be able to break it, but the longer the password, the more time it will take. DO NOT USE RECOGNIZED WORDS, BIRTHDAYS, ETC... In comparison with the above house example, this would be like locking all your doors and windows, turning on your home alarm system, and keeping a hungry and mean dog inside.

The best method for making a password is to use the random capital and lower case letters mentioned above in addition to adding special characters. These characters cannot be found located on your keyboard, so they must be created. This requires a keyboard with a number pad attached, as the numbers across the top of the keyboard will not work. To make special characters, you press and hold down the ALT key plus a series of three numbers on the number pad (AGAIN, YOU MUST USE THE NUMBER PAD). Man of these characters you can create CAN NOT be cracked by any password cracking program, making your password not only uncrackable, but one that would be virtually impossible to guess. These passwords do not need to be as long as many of the characters that can be made in this manner simply cannot be cracked, period. Keep in mind though, longer is always better. Using the house example as before, this would be like locking up your solid steel doors and impact proof windows, setting your alarm, and paying the Navy's SEAL Team Six to guard your house until you got back.

I have a list of which characters are uncrackable. I learned how to do this while working in Information Warfare while in the United States Navy. Using this method, you can create passwords the government can not break.

Using a custom Antivirus or the built in Windows Firewall, you can choose which ports to remain open and connect, and which ones are closed. Closed ports deny connection attempts made to them.

Nowadays, simply hashing the database does not provide enough encryption as hackers can run brute forcing software and/or dictionary attacks against them, also using hash decrypters.

With today's sophisticated GPUs, millions of hashes can be cracked a second with programs like John the Ripper and Hashcat. Salting the passwords and information is safer, but still not foolproof by a long way.

About the NSA's system of eavesdropping on worldwide electronic messages.

change password, change security question, change back-up email address.

Cookies get saved to your computer when visiting sites. So a cookie of a website can't be saved it you haven't visited that particular website.

The explanation for that may be that the site was visited a by user of silent through a virus and the history cleared but the cookie not deleted

There are many ways to encrypt a message in an image file.

The way I've seen people do this on YouTube is them just editing the image's hex coding.

Anyway, it depends on how the message is encrypted. If it is just regular text in the image, you have to get a hex editor, such as Hex Workshop, then load the image and parse the hex coding to find the message.

In most cases, it will be located in the first few lines of the hex coding and it will be just a regular string, unencrypted.

In more advanced cases I've seen, it could be located near the middle of the whole hex coding of the image, then encoded again using a method called "Base64". To decrypt this message, I had to open up the hex coding, find the Base64 encoded string (usually ends with two equal signs "=="), then I had to unencrypt the Base64 string, which is really easy. In PHP, it's just a simple command:

echo base64_decode("base64string");

?>

Once I unencrypted the base64 string, it output the hidden message.

Conclusion:

Just open the image up in Hex Workshop, and read a few lines of the hex coding. Usually the message can be found in the first few lines.

70BnMgcS