Managing large ActiveDirectory estates can often be a challenge, especially when you have a large group of AD administrators controlling group access.. This nifty little VBScript can be used to enumerate all the members of an AD Group. Handy for regular maintenance tasks.

This VBScript could easily be adapted to out put the list to a file, or even embedded inside a larger application which performs automated maintenance tasks.



AndroidThis morning Android users around the world are waking to an announcement potentially putting their privacy at risk. In an announcement that seems all too common around the Android OS yet another security flaw has been discovered. This particular issue is based around potential to acquire unrestricted access to any Android devices camera.

Szymon Sidor recently posted a blog post exposing the latest threat to Android users. The vulnerability could potentially allow malicious applications access to get access to and use the camera for both video and photos.

Although the SDK doesn’t allow use of the camera without a preview window on the device’s screen, its seemingly possible to make this window 1 pixel wide by 1 pixel high.. Thus making it almost impossible for the end-user to see. Whats more, with the pixel on the screen – even when the device is powered off the app is still capable of capturing photo and video footage! Once the footage has been captured, the Android SDK allows quick and easy upload to websites or services, so the malicious app developer could immediately start capturing and uploading photos and video without your knowledge.

However this would should up in the data usage charts on your Android device.

Check out Szymon’s video below:

There are many guides available on the net on how to secure your Android device, there are however some simple things to remember:

  • Make sure your Android device is always up to date
  • Consider applications carefully that request access to your camera – do they really need access..?
  • Keep an eye on apps that run in the background
  • Ensure you use 2 factor authentication on your Google account

Privacy has always been somewhat of a concern around the Android OS, however, used with forethought in can be just as safe and secure as any other OS.

Now the news is out I am sure Google will be working as fast as possible to remedy this security flaw.

For a list of all current known Android Security Flaws check the CVE Details site



Choose a strong passwordIt seems like everything wants a password these days. You’ve got a password for work, a password for online shopping, a password for your bank account…the list goes on and on. The number of services requiring a password makes it tempting to use the same one everywhere – but that’s a really bad idea. Using the same password across every site means that if just one of them is hacked, then the hacker has the details for everything you use.

So what’s the answer? One approach is to use a password management tool to randomly generate and store all your passwords. There are many software solutions available that will do this for you, two of the best being LastPass and Keepass. Programs like these are great, but have their drawbacks. For a start many charge for at least some of their features, and they all require you to trust your passwords to one single source. While they take all kinds of measures to secure your data, it still introduces an element of risk. The other downside is that the tools encourage you to forget your passwords. There is a school of thinking that says this is a good thing, because good passwords are too difficult to remember. But what happens when you need a password and don’t have access to your password store? Even worse, what happens if you forget the password required to access your passwords? For these reasons I still find it useful to create passwords that I can carry around in my head – but that doesn’t mean you have to resort to weak keys.

One method is to come up with a memorable base password that you can then build on and make unique for each service. Avoiding words found in the dictionary and names will help make your password harder to crack, so consider using a short phrase or perhaps the first initials of favourite song lyric or quotation. For example, if you were an Oasis fan (and who isn’t?) you could take a line from Wonderwall:

I don’t believe that anybody feels the way I do

We can turn that into memorable but random looking password by using each first letter, giving you idbtaftwid. That’s a pretty good start – a ten character none dictionary password that you won’t forget!

It’s good practice to use complex passwords that use a mixed case, numbers and symbols, and in fact many sites will require it. To bring our password up to scratch lets change it slightly, but in a way that still makes sense to us. If we capitalise the I’s like we would if we were writing the original lyric, and then add the year of release to the beginning we get:

95IdbtaftwId

Now, I know what you’re thinking, it looks like a nightmare. It’s long and looks like gibberish. The beauty of it is though that although it looks like gibberish, it means something to you. You don’t have to remember the password as it appears - as long as you can remember that lyric you’ll be able to remember your password.

Finally, we can take our password and make it unique for every site we use it on. Let’s say we want to use it as a base for our Amazon password. Take the last three characters from the name of the service and add it into your password. Insert it at any point you want, but make it consistent across all the versions you create. For this password, I think after our year of release might be the easiest place to remember and least obvious to anyone looking at it. This gives us:

95zonIdbtaftwId

A password to be proud of! Using our new method we can quickly create a whole raft of passwords:

95ttoIdbtaftwId – Lotto

95ookIdbtaftwId – Facebook

95terIdbtaftwId – Twitter

If you use this method yourself, mix it up to make it truly individual to yourself. Try placing that meaningful number mid-way through the rest of the characters, and adding special characters like ? ! * @. As long as you’re consistent and make it meaningful, you won’t forget it.

So there we have it – with a little bit of thought you can create a password scheme that is easy for you to remember but produces terrifying looking passwords! Do you have a different system that works well for you? If so why not tell us about it in the comments below.

 



Looking for a great security app for your cell phone but don’t know where to start? There are hundreds of different apps that you can use to keep your data safe, use for parental control software or even use to keep your employees online.
Security apps have thousands of applications so you can definitely find one for anything that you want to do. Before you go looking for security apps, decide what you are looking for, how much you are going to pay for it and then search. You’re sure to find something for your phone and your phone’s operating system.

Antivirus App – An antivirus app is unfortunately necessary if you have a Windows 8, Android or Blackberry phone. While you can find some antivirus apps for Apple, they are few and far between but still useful. Did you know that about 25% of spammers and hackers are now targeting mobile devices with their malicious software? If you aren’t protected, you could be losing your important personal data! Great options include mobile versions of popular antivirus systems such as Norton or etc.

Parental Control – Keeping your kid’s safe is important and we all want to do our part. If you’ve given your kids a phone you have to worry about cyber bullying inappropriate content and even sexting. In fact, it’s estimated that about 70% of kids either sext or share inappropriate photos! You can use parental software including mobile spy apps like mSpy or etc. or you can learn more about your parental control options and have your kids show you their phones every night. However, this won’t prevent them from texting something naughty and then deleting it.

Phone Tracking – Whether you want to know where your phone is if you lose it or it gets stolen or want to know where the owner of a phone is, phone tracking apps are invaluable. Mobile spy apps will usually contain features that will let you accurately track the exact GPS location of any phone as long as it has battery and internet.
There are hundreds if not thousands of free security apps you can download, but you should remember that the best ones will probably cost money. Most good antivirus apps will cost a yearly subscription and so will any parental control or phone tracking apps you decide to download. You and your families, safety is important, especially on your mobile phone.

Author Bio: Ida C Evans
An experienced writer in the high tech sphere, Ida C Evans works at an mSpy company developing cell phone spy software. Contact her at idacevans@gmail.com.



Seemingly everywhere you turn just recently everyone is implementing 2 factor/2 step verification, this is essentially a second step required to enable you to access normally password secured sites and services. Everything from your bank account to your web based email will shortly be secured using these new methods.
Each service has it’s own way of providing this second layer of security, your work VPN may have a code generating tokenkeychain, your bank may have provided you with a calculator and Google are now providing codes to your mobile device which you can use.
Each of the major services will hopefully contact you to set up your 2nd layer. For your Google accounts, you should be able to enable it now by visiting this link
It’s a good idea to enable this as soon as possible to prevent unauthorised access to your account.



Page 1 of 212