Computer and Online Cyber Security
Computer Security No 4: John the Ripper
Personal Computer Security
John the Ripper is a fast password cracker, currently available for many flavours of Unix, Windows, etc. Its primary purpose is to detect weak Unix passwords. It is a free and open source software distributed in code format. There is a version called John the Ripper Pro, which is distributed in the form of a native package for the target operating systems.
People who support the project buy John the Ripper apparel at 0-Day Clothing. Sometimes it is used for ethical hacking, when you forgot a password on an Excel spreadsheet, etc. It is nevertheless a low level program.
93 percent of phishing emails are ransomware - study Thursday 2 June 2016 | 12:21 PM CET
According to a report released today by PhishMe, 93% of phishing emails have contained encryption ransomware.
The number of phishing emails hit 6.3 million in the first quarter of 2016, a 789% increase over the last quarter of 2015.
Ransomware accounted for 51% of all variants in March, up from just 29% in February and 15% in January. The growth is due to that fact that ransomware is getting easier to send and that it offers a quick and easy return on investment.
Other types of cyberattacks typically take more work to monetize. Stolen credit card numbers have to be sold and used before the cards are cancelled, for example. Identity theft takes even more of a time commitment.
With ransomware, however, victims tend to pay quickly. Instead of hunting through company networks for valuable data, exfiltrating it, processing it, and monetizing it, ransomware criminals can just sit back and watch the money flow in.
As regards the two common varieties of ransomware, in October and November of 2015, CryptoWall accounted for 90% of encryption ransomware samples. In March, nearly 75% of all samples were Locky.
(source: the Paypers)
Personal cybersecurity checklist
(source: adapted from Shane Peden
2. Securing your Laptop, Personal Data & Online Communication (the guide is NOT exhaustive)
2.1 Use the built in disk encryption utilities on your laptop.
2.2 Encrypt all external hard drives and flash drives.
2.3 Make a habit of looking for HTTPS when visiting sensitive sites and learn how to identify strong cryptography.
2.4 Use a VPN service when accessing public Wi-Fi OR do not use public Wi-Fi at all.
2.5 Use the Firefox or Chrome web browser with added security plugins; some experts suggest to NOT use plugins at all (the safest option)
2.6 Secure your laptop for public Wi-Fi - turn off file sharing, enable firewalls, etc).
2.7 Configure your system to use Open DNS with web filtering and the MVPS Hosts file to prevent malicious content while browsing the web.
2.8 Use a standard account for everyday computer usage; Admin only when needed; create an account that does not give your details for downloads of papers, etc.
2.9 Use a reputable anti-virus software and enable automatic updates.
How to encrypt a USB:
Many people use KeePass to manage their passwords:
Moderated by Monica Schlesinger: www.advisoryboardsgroup.com.au
© 2011 - 2016 Advisory Boards Group website by aml websites