Malware. GRRR!! Spooky!

--Originally published at Eric tries to write down cool things

Malware… OH MALWARE! The fantastic and exotic creation of some people that just want screw other for money, for pride or for FREAKING FUN!

Yes, there are teenagers that mess up with the government just because they are able to do it and get away with it. Anywayyyyysssss.

Malware is a type of software that does harm a user. This malware was not born from magic dust and hopes of people, some guy decided to create it with a single purpose: Get the best out of people.

Malware is usually detected before doing any harm and it’s removed safely, but there are certain occasions where users insist into screwing themselves up by getting into unsafe sites! And clicking god know where to get screwed!!! DAMN PEOPLE, IT’S SO EASY TO AVOID ALL OF THESE REALLY!

Anyways, if the malware manages to get into your system, it will be camouflaged until the attacker decides to activate it and retrieve something from you. May it be raw information, passwords, accounts, credit cards or your family trip to Thailand from 5 years ago! WHO CARES?! This guy already has you grabbed by the p**** and he can do whatever he wants with your info if you don’t catch it before he gets out.

How to avoid this?

DAMN Firewalls!

DAMN not clicking on random stuff!

DAMN not downloading illegal stuff from random places!

DAMN not installing unsecured thinguies here and there!

It’s so easy I want to kiss the people who allow it to be easy :*

Play safe kids, PEEEACE

The various types of certifications

--Originally published at Eric tries to write down cool things

This one is a bit more about how you can get certifications to prove that you are qualified for security matters. A bit of a pain if you ask me…

When suddenly lost wi-fi from gifs

Licenses (depending which one) may come from one of the following sources:

Schools/Universities
Vendors also known as sponsored credentials (e.g. Microsoft, Cisco)
Association and Organization sponsored credentials
Governmental body sponsored licenses, certifications and credentials

There are a lot of certifications out there, but here we are going to discuss just 5.

CEH Credential

Recently I discovered the Certified Ethical Hacker Credential, as discussed before in a blog post talking about Ethical Hacking, this certification ensures that the person is trained on detecting systems vulnerabilities with techniques that also hackers employ.

The exam for this type of certification has 125 questions related to penetration testing techniques, security laws and standards, malicious software coverage and hacking in general. Also there are several sites and universities that offer training in the matter.

CompTIA

CompTIA works as a professional certification provider in the information technology industry, once obtained; certifications they offer like A+, N+ and Security+ have a validity duration of 3 years.

A+ is a basic essential IT certification, that demonstrates competence as a computer technician.
N+ (or Network+) well the name speaks for itself It certifies skills as a network technician
Security+ the one we care about inside the information security course, ensures security knowledge and skills, it covers principles for network security and risk management inside systems.

CISSP

Stands for Certified Information Systems Security Professional. This consists in an exhaustive 6 hours with 250 question examination. It is given to those who show deep knowledge and competence in new threats and growing security attacks. It covers topics like: Identity access management, security operations and the insurance of assets.

GIAC

https://sharegatewordpress.blob.core.windows.net/sg-wp/app/archive/media/Sharegate/Images/OfficeSecurityWebGuide/chapt7-img1.png

Continue reading →

It’s the little things …

--Originally published at Eric tries to write down cool things

Here is a special blog post about some small security issues in my campus:

First of all, I use to work at my campus a year ago and I was given an ID which allowed me to enter the campus… I still have that ID and works perfectly to avoid security at the front of the campus

Then in the online student services, we can allocate students very easily with only their names.

If that wasn’t crazy enough, you can get the information from students from across all campuses, this dude is in Monterrey and I study in Guadalajara. Makes no sense to be able to get his info

Whenever we are about to start class, most of the professors expose their info into our faces. Info that may be used later for other purposes. The screen also shows a lot of student’s info, which may be sensitive info and used in a wrong manner.

You might want to start thinking about things you ignore …

--Originally published at Eric tries to write down cool things

Recently I started taking a security class and at the beginning, I felt confident with the knowledge I started with, but it was not long until I felt a little out of place with my knowledge. We started talking about the most baaaaaasic security issues, which most of the time come from the users.
I use to not care much about having multiple passwords across all my accounts because I knew I would forget a password sooner or later… so I use to have 1 master password across all services (mentioning this doesn’t affect me anymore ).

Right after the very first sessions of my security class, I started taking action across my accounts and started using a password manager. At the beginning, I was not very confident about my decision, but once I started noticing the advantages of a password manager, I was starting to see why such a change was necessary. And if you haven’t thought about it, I encourage you to have a peek at it… after all, that’s the first step

Gonna even make it easy for you:

http://www.pcworld.com/article/3195260/security/password-managers-the-good-the-bad-and-the-ugly.html

Bottom line: If your attention is caught by something and you know you are … somewhat ignorant about it, you might want to start reading about it, especially if it’s something security related.