Everyday is Cybersecurity Awareness Day

Topics in this category pertain to planning. Discussions include how to prepare yourself, your family and your community for catastrophes and what you plan to do when they hit you.

Moderator: ZS Global Moderators

User avatar
12_Gauge_Chimp
ZS Lifetime Member
ZS Lifetime Member
Posts: 6531
Joined: Thu Apr 09, 2009 4:21 pm
Location: Middle of nowhere, West Texas
Contact:

Re: October is National Cybersecurity Awareness Month

Post by 12_Gauge_Chimp » Wed Oct 31, 2018 4:44 pm

I'm not entirely sure exactly what he did or deleted on his computer, but I do believe this is the same computer he used Bit locker on. He lost his bookmarks last week and I think he may have done something to try and recover them. And maybe in the recovery effort, something went south and he got locked out of it.

I'm not too computer savvy (the most mine gets used for is buying gun parts and browsing ZS), so I'm of very little use to him on the tech support front.

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: October is National Cybersecurity Awareness Month

Post by MPMalloy » Fri Nov 02, 2018 10:12 pm

I'm back, phone-wise. The drive I'm having trouble with is the C drive. I never bit-locked that drive.

I'm not used to using my phone. I'll compose a narrative about the problem.

Yes...I started this thread & this happened to me. :gonk:

User avatar
JayceSlayn
* * *
Posts: 630
Joined: Wed Mar 05, 2008 3:07 pm
Location: North Carolina

Re: October is National Cybersecurity Awareness Month

Post by JayceSlayn » Thu Nov 08, 2018 10:49 am

MPMalloy wrote:
Fri Nov 02, 2018 10:12 pm
I'm back, phone-wise. The drive I'm having trouble with is the C drive. I never bit-locked that drive.

I'm not used to using my phone. I'll compose a narrative about the problem.

Yes...I started this thread & this happened to me. :gonk:
Glad to have you back, either way.

Update on my recommendation of using either Bitlocker or VeraCrypt: https://www.engadget.com/2018/11/06/mic ... ncryption/.

Basically, one of the default settings for Bitlocker was to offload full-drive encryption to the SSD (if the SSD had such capability available), but some SSDs had default blank master passwords, or had otherwise flawed implementations of key storage. This is primarily a failure of drive manufacturers, but also somewhat of Bitlocker, which should have known that this vulnerability existed for some time, and yet retained it as a default setting (for supposed slight performance benefit). The recommended fix is to decrypt the drive and re-encrypt using the software encryption mode.

One of the reasons Self-Encrypting Drives (SEDs) became a thing is because of vulnerabilities discovered in some software disk encryption implementations, and thus offloading the work to the drive was an option. However, it just again proves that moving the problem around doesn't always solve it, and sometimes mistakes are made in either location. It is a bit of "whack-a-mole" in the cybersecurity space, and the real lesson is ultimately the same: true security doesn't exist, but some implementations of "security by asymmetry of difficulty" are better than others.

On by Ubuntu installation, I used the default LUKS encryption when I created the partition, which is still considered secure (as far as I am aware right now), and was relatively painless as well.
Rahul Telang wrote:If you don’t have a plan in place, you will find different ways to screw it up
Colin Wilson wrote:There’s no point in kicking a dead horse. If the horse is up and ready and you give it a slap on the bum, it will take off. But if it’s dead, even if you slap it, it’s not going anywhere.

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Thu Nov 08, 2018 6:04 pm

Change to the tread title. It's November now. December is next. Black Friday, Cyber Monday, Giving to me Tuesday.

It's the Most Wonderful Time of the Year! :mrgreen:

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Thu Nov 08, 2018 6:19 pm

From Wikipedia: Comparison of AV software

Desktop/Laptop/Mobile.

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Tue Nov 13, 2018 5:12 am

Hey! System disks! :clap:

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Tue Nov 13, 2018 6:48 pm

Win 10 Defender found this:
Trojan:Script/Foretype.A!ml
KTS, Dr. Web, MalwareBytes all missed this. :vmad: :evil: :twisted:

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Wed Nov 14, 2018 3:37 pm

Off on a fresh install. Things are good so far. I have a lot of upgrades to slog thru. Nothin new.

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Tue Jan 08, 2019 5:48 pm

I just did these updates from M$. Then I got a email notice from CERT. Here it is:
January 2019 Security Updates
Security update deployment information: January 8, 2019

I read something on Bruce Schneier's blog last night & these came out today. If you use Win10, it seems like a more-than-usual important update.

Just an FYI. That's all.

User avatar
JayceSlayn
* * *
Posts: 630
Joined: Wed Mar 05, 2008 3:07 pm
Location: North Carolina

Re: Everyday is Cybersecurity Awareness Day

Post by JayceSlayn » Thu Jan 17, 2019 9:22 am

Another big credential (login/password) list was posted recently, called "Collection #1" (https://arstechnica.com/information-tec ... passwords/). You can use Have I Been Pwned to check for any breaches associated with your e-mail addresses.

One of my accounts was in the latest "Collection #1" dump, though I believe the credentials were old already. I took the opportunity to do some "spring cleaning" maintenance on my password manager however, and brought everything up to date anyway.
Rahul Telang wrote:If you don’t have a plan in place, you will find different ways to screw it up
Colin Wilson wrote:There’s no point in kicking a dead horse. If the horse is up and ready and you give it a slap on the bum, it will take off. But if it’s dead, even if you slap it, it’s not going anywhere.

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Sat Jan 19, 2019 10:27 am

rufus has ruined two USBs so far. I think I know why I am getting a GUID error. How do I restore the USBs to there original size. I have an 8 GB that is 31.5 KB now. :vmad:

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Sat Jan 26, 2019 8:48 pm


boskone
* * *
Posts: 425
Joined: Wed Oct 17, 2012 4:07 pm
Location: Aggieland-ish

Re: Everyday is Cybersecurity Awareness Day

Post by boskone » Sat Jan 26, 2019 11:10 pm

MPMalloy wrote:
Sat Jan 19, 2019 10:27 am
rufus has ruined two USBs so far. I think I know why I am getting a GUID error. How do I restore the USBs to there original size. I have an 8 GB that is 31.5 KB now. :vmad:
Sorry, I missed this.

If it's still relevant, try this:
  1. Insert your USB keys
  2. Press Windows+R
  3. Type diskmgmt.msc and press <Enter>
  4. Find the disk(s) that match your USB key sizes, as indicated in the left column of the bottom part of the window (e.g. Disk 1 or something)
  5. You'll see one or more...section...things (representing partitions, I don't know how to describe them) on the right side of the bottom part of the window
  6. Each section that isn't a size and Unallocated, right-click and select Delete volume MAKE FOR DAMNED SURE THIS ISN'T A DRIVE YOU CARE ABOUT[1], as data will not be readily recoverable (if it's recoverable at all)
  7. Once they're all deleted, you should see approximately[2] the full size of the drive (e.g. 16GB)
  8. Right-click that now-correctly-sized Unallocated bit, select New simple volume, and you can pretty much just click "Next", "OK", or whatever in the resulting popup to get your drive back to it's full size
[1] I may be overemphasizing this, as you don't seem to be an idiot, but at the same time I can't count the number of times I've seen someone who should know better make this mistake.

[2] Approximately because drive sizes are stupid. Used to be everything was powers of 2, e.g. 1GB was 2^10=1024MB. People got all whiny about it not being powers of 10, though, so now sometimes 1GB is 10^3=1000MB, and we have an unholy mix of binary and decimal measures of both how drives are manufactured and how they're measured by OSes. Like I said, stupid.

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Sun Jan 27, 2019 12:23 am

boskone wrote:
Sat Jan 26, 2019 11:10 pm
MPMalloy wrote:
Sat Jan 19, 2019 10:27 am
rufus has ruined two USBs so far. I think I know why I am getting a GUID error. How do I restore the USBs to there original size. I have an 8 GB that is 31.5 KB now. :vmad:
Sorry, I missed this.

If it's still relevant, try this:
  1. Insert your USB keys
  2. Press Windows+R
  3. Type diskmgmt.msc and press <Enter>
  4. Find the disk(s) that match your USB key sizes, as indicated in the left column of the bottom part of the window (e.g. Disk 1 or something)
  5. You'll see one or more...section...things (representing partitions, I don't know how to describe them) on the right side of the bottom part of the window
  6. Each section that isn't a size and Unallocated, right-click and select Delete volume MAKE FOR DAMNED SURE THIS ISN'T A DRIVE YOU CARE ABOUT[1], as data will not be readily recoverable (if it's recoverable at all)
  7. Once they're all deleted, you should see approximately[2] the full size of the drive (e.g. 16GB)
  8. Right-click that now-correctly-sized Unallocated bit, select New simple volume, and you can pretty much just click "Next", "OK", or whatever in the resulting popup to get your drive back to it's full size
[1] I may be overemphasizing this, as you don't seem to be an idiot, but at the same time I can't count the number of times I've seen someone who should know better make this mistake.

[2] Approximately because drive sizes are stupid. Used to be everything was powers of 2, e.g. 1GB was 2^10=1024MB. People got all whiny about it not being powers of 10, though, so now sometimes 1GB is 10^3=1000MB, and we have an unholy mix of binary and decimal measures of both how drives are manufactured and how they're measured by OSes. Like I said, stupid.
boskone:
Solid copy. I'll try the 8GB first. Then the 64. I have a 16GB that is NIB.

Thank you.

boskone
* * *
Posts: 425
Joined: Wed Oct 17, 2012 4:07 pm
Location: Aggieland-ish

Re: Everyday is Cybersecurity Awareness Day

Post by boskone » Sun Jan 27, 2019 12:37 am

MPMalloy wrote:
Sun Jan 27, 2019 12:23 am
Solid copy. I'll try the 8GB first. Then the 64. I have a 16GB that is NIB.

Thank you.
No problem. Let me know if you have an issue, there's at least one more way to try.

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Sun Jan 27, 2019 2:44 pm

From AP News: APNewsBreak: Undercover agents target cybersecurity watchdog
(ahem) I have heard of The Citizen Lab. That is all.

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Wed Jan 30, 2019 6:25 pm

From US-CERT: CISA Awareness Briefing on Chinese Malicious Cyber Activity

AI-lovin chi-coms. Nuff said. :twisted:

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Thu Jan 31, 2019 3:17 pm

Installing E-OS on a USB. This micro$hit has malf'd for the last time.

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Fri Feb 01, 2019 1:07 am

All DOA except phone.

UEFI on HP rolled back somehow. D: connot write to X:

???

boskone
* * *
Posts: 425
Joined: Wed Oct 17, 2012 4:07 pm
Location: Aggieland-ish

Re: Everyday is Cybersecurity Awareness Day

Post by boskone » Fri Feb 01, 2019 5:00 pm

MPMalloy wrote:
Fri Feb 01, 2019 1:07 am
All DOA except phone.

UEFI on HP rolled back somehow. D: connot write to X:

???
OK, in this case is "D:" a horrified face, or the D: drive? :)

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Sat Feb 02, 2019 8:52 am

bos:
D: is the CD/DVD. X: is..something HP put in the machine for restoring the system. I went to the HP support site & got the latest BIOS & UEFI updates. Things went wrong.

I resurrected an old machine & will try, try, try again.

A number of things went wrong. :(

boskone
* * *
Posts: 425
Joined: Wed Oct 17, 2012 4:07 pm
Location: Aggieland-ish

Re: Everyday is Cybersecurity Awareness Day

Post by boskone » Sat Feb 02, 2019 9:02 am

Sounds like what, at work, we call a good learning experience.

Feel free to ping me in thread or PM if you think you need some help; I'll do what I can.

MPMalloy
ZS Member
ZS Member
Posts: 3959
Joined: Mon Aug 22, 2005 2:48 am

Re: Everyday is Cybersecurity Awareness Day

Post by MPMalloy » Mon Feb 04, 2019 1:22 pm

I have the bivalve on w 7 pro and.....

.\clamscan.exe -i -recursive C:\

I'm adding the -i because clam reports 2 infected.
----------- SCAN SUMMARY -----------
Known viruses: 6796267
Engine version: 0.101.1
Scanned directories: 28669
Scanned files: 192538
Infected files: 2
Total errors: 190
Data scanned: 20060.96 MB
Data read: 28610.97 MB (ratio 0.70:1)
Time: 8770.080 sec (146 m 10 s)
I want to know what Clam is reporting as infected.

argh. :(

User avatar
NT2C
ZS Global Moderator
ZS Global Moderator
Posts: 6947
Joined: Wed Oct 19, 2011 2:37 pm
Location: Outside of your jurisdiction officer

Re: Everyday is Cybersecurity Awareness Day

Post by NT2C » Mon Feb 04, 2019 8:30 pm

Sometimes though, you can take security a little too far and screw yourself over:

https://www.foxnews.com/tech/cryptocurr ... eports-say
Nonsolis Radios Sediouis Fulmina Mitto. - USN Gunner's Mate motto
Whatever doesn't kill you makes you stronger. Except sailors. They will kill you and sing songs about it.

Sic quemadmodum gladius neminem occidit; occidentis telum est - Seneca the Younger, Epistles

Post Reply

Return to “Contingency Planning & Preparation”