Lake Street El

The holiday season is upon us and that means more trips to the stores and more purchases online. This also means the bad guys are increasing their patrols to steal, defraud and get your data. This episode lays out tips that you can can to strengthen your security when you are out shopping in a store or online. How to avoid crimes of opportunity and keep your property safe.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

The OWASP Top 10 series continues and we're up to number 7. This one is called Missing Function Level Access Control and talk about protecting the inner functions of an application from being called by the approved users. Just because a user logged in doesn't mean they can call any function in the application they want. his episode breaks this control down.

OWASP A7 - Missing Function Level Access Control

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

Uber was the recent hack that was made public. 57 million records of riders and drivers. The data stolen for the riders was name and email, no passwords, payment info or locations. The drivers had more sensitive data stolen that included their driver's license numbers. 

Instead of notifying the proper authorities and public releases, they paid the hackers $100,000 to delete the data, allegedly, and keep it quiet. This is a scary approach. 57 million people's data was in the hands of a criminal and it was covered up. This episode goes into the dangerous slippery slope of handling breaches this way.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

Hard drive space is becoming a problem again with the ever increasing mobile devices. Why? We need a place to back them up. All those photos, videos and app fit on your phone but on your PC space can be a problem. 

WinDirStat for Windows and Disk Inventory X for Mac helps you get control of your hard drive space. You can easily see what is taking up the most space and help you quickly manage and delete unwanted files from PCs and external hard drives. You can also use it to manage your cloud drives like Dropbox, Box, OneDrive and so on if they are installed as folders on your PC. 

Here is a blog post I wrote about these tools to help you step through the use - https://binaryblogger.com/2016/05/23/using-windirstat-manage-cloud-drive-space/

Download Links - 

WinDirStat For Windows - https://windirstat.net/

Disk Inventory X For MacOS - http://www.derlien.com/

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

Continuing with the Top 10 Security Tips For Your Network mini-series we are up to number four. This tips talk about creating cyber rules for your employees. How you need to set the expectations of use and more importantly communicating the 'why' the rules and guidelines are in place. Awareness is power. 

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

Continuing with the OWASP Top 10 mini-series we are up to number 6, Sensitive Data Exposure. This episode reviews the challenge of figuring out what data you deem sensitive and all the areas you need to worry about securing properly to prevent leaking any data. 

OWASP Top 10 A6 Sensitive Data Exposure

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

The Internet of Things lack of security focus strikes again! This times it is a flaw in Bluetooth dubbed BlueBorne than impacts billions of mobiles devices and now your home devices too.

This episode goes into the flaw, how it can be exploited and what you can do to protect yourself.

Here are the the flaws that were found - 

• Information Leak Vulnerability in Android (CVE-2017-0785)
• Remote Code Execution Vulnerability (CVE-2017-0781) in Android's Bluetooth Network Encapsulation Protocol (BNEP) service
• Remote Code Execution Vulnerability (CVE-2017-0782) in Android BNEP's Personal Area Networking (PAN) profile
• The Bluetooth Pineapple in Android—Logical flaw (CVE-2017-0783)
• Linux kernel Remote Code Execution vulnerability (CVE-2017-1000251)
• Linux Bluetooth stack (BlueZ) information leak vulnerability (CVE-2017-1000250)
• The Bluetooth Pineapple in Windows—Logical flaw (CVE-2017-8628)
• Apple Low Energy Audio Protocol Remote Code Execution vulnerability (CVE Pending)

You can look up the CVE definitions here - http://www.cvedetails.com/

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

One of the top websites to keep you informed of your security risks is Have I Been Pwned. This website allows you to search for your email account(s) to see if they have been part of any breaches. This website is critical to keep tabs on your privacy and security. It also shows you how dangerous poor password practices, like password re-use across sites can be and how important it is to use multi-factor authentication where possible. 

If you have not run a check on your email account(s) I highly suggest you do so now. 

Have I Been Pwned

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

Continuing with the mini-series, Top 10 Security Tips For Your Network, number 3 talks about physical security. You can spend thousands to millions on all the tools, devices and server to protect your business but if someone can walk away with the device the investment is worthless. This episode goes into the often glazed over physical security focus, especially in small businesses. Physical security needs to be a crucial part of your security program.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

Most of us have home Wi-Fi. When friends, family and visitors come over they may expect to get on your Wi-Fi to get Internet access. There are various reasons why you should not be allowing them access to your primary Wi-Fi network but instead use the Guest network feature of your routers. This episode goes into why you should setup and leverage the guest network for your guests.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

Halfway through the OWASP Top 10 mini-series we reached number 5, Security Misconfigurations. This item in the top 10 shows that the OWASP covers more than the code. Security Misconfigurations deals with the entire application stack and that means more than the developers need to be involved in the development cycle. This episode goes over the control and the partnership of developers and IT.

OWASP Top 10 - A5 - Security Misconfigurations

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

President Trump's Twitter account was deactivated for 11 minutes and the world went bonkers. It turns out that it wasn't a mistake but a rogue act by an employee's last day on the job. This episode takes this a step farther and talk about departing employee's and the trust you should or should not have. 

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

This week's TTT episode talks about the search engine DuckDuckGo. If you want to search without being tracked, recorded and followed then you should use DuckDuckGo. This episode goes into the details of how other search engines work and why DuckDuckGo is the right choice if you are concerned about your privacy.

See what Google knows about your browsing - https://myactivity.google.com/myactivity

DuckDuckGo - https://duckduckgo.com/

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

Continuing with the mini-series Top 10 Security Tips For Your Network number 2 is about patching. Equifax happened, ultimately, due to a lack of prompt patching. Updates to your network components and software fix bugs, improve performance but also close security gaps. This episode goes into the details and reasons why patching it so important.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

The best advice you can take is to look into getting a Password Manager. A vaulting, generator to help manage all your passwords for personal and business accounts. Bad password practices, using the same passwords on multiple sites is increasing your risk to having your accounts and identity compromised. 

This episode goes into details of all the benefits for using a password manager.

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

We continue with the OWASP Top 10 series and next up is number 4, Insecure Direct Object References. This episode gives a high overview of this control, how attackers exploit it and how you can work to prevent this from happening in your applications.

OWASP A4 - https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

This episode talks about Browser Canvas Fingerprinter, the less known 'super tracking cookie' of the Internet. Firefox announced that their next browser update will block Canvas Fingerprinting by default, built-in to the browser. So what? What is it and why should you know about it?

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com

In this week's TTT episode I talk about a website called Mr. Whoer. This should be part of your bookmarks and used regularly. Mr. Whoer provides you with all the information about you and your system. It's handy for testing network connections, verifying your anonymizers are working properly and what people can see about your computer. 

Mr. Whoer - https://whoer.net/

Be aware, be safe.

------------------------------------

Website - https://www.binaryblogger.com

Podcast RSS - http://securityinfive.libsyn.com/rss

Twitter @binaryblogger - https://www.twitter.com/binaryblogger

iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2

YouTube - https://www.youtube.com/binaryblogger

TuneIn Radio - Security In Five Channel

iHeartRadio - Security In Five Channel

Email - contactme@binaryblogger.com