All articles by ggee
Quick Email
Quick Email is an iOS universal (iphone/ipod/ipad) app to facilitate sending of emails in an efficient manner. I wrote this because I found myself sending emails to only a certain set of people and it was time consuming to find the names in the address book, type in a subject, then finally write the message....
Continue reading...
Putty Launcher
Do you have multiple saved sessions in Putty and find it annoying to load a session through the application? Do you hunt through the settings tabs to find the right parameter you want to change for a session? While I love and use putty often, these were the common annoyances on my end and I...
Continue reading...
Sense8 TV show
Last year I supported a new TV show called ‘Sense8’ which is a Netflix original. I provided them some hacking equipment and provided input into hacking scenes. A few months ago it was released and I finally got to see all the episodes and I’m super excited on how it turned out. The hacking scenes...
Continue reading...
Image Auto Download plugin for Firefox
I needed a plugin that I could automatically save images based on regex or dimensions and couldn’t find any available so I decided to get one coded instead. It is in beta form right now as there are a couple features and bugs needing to be resolved still but the basic functions work. I use...
Continue reading...
Kindle Rapid Research Tool
Are you an author that wants to keep track of the competition? Or perhaps you want to see what topics are being written about and the structure of other books. I coded this tool to save time with kindle research related tasks. Main Screen: Keyword Search: Additional Data Gathering: Options: Requirements: Windows based machine...
Continue reading...
WooConf 2014 Notes
Below are my notes from the first ever WooCommerce Conference that just occurred a week ago. State of the Woo – Mark Forrester 2011 WooCommerce launched 2014 5 million downloads, 380000 installs which is roughly 18% of all ecommerce stores Quick Wins to make your store more valuable – Brennan Dunn Book – Don’t Make...
Continue reading...
Book Preview – Cyber Security Principles
If you enjoyed the previous post series on cyber security fundamentals, you will love the book that I have been working on titled Cyber Security Principles. Sign up below and get notified when my first book on Cyber Security Principles is launched. *UPDATE* The book has been published. You can get it on amazon....
Continue reading...
Should I Use Social Networking Sites?
This is more of a personal question, as most of the sites have some sort of privacy related clause / statement that I don’t like. The key to security relating to social networking sites is knowing what you are getting into. The two biggest areas I have issue with on social networking sites are: Information...
Continue reading...
How to Protect Your Credit Card Information Online
With the recent news headlines of store breaches, everyone is worried about their information. We have already covered how to monitor your situation, and in this article we will cover how to protect your card information while actively using it. Slowly gaining popularity, there are services that “mask” or “generate” new credit card numbers for...
Continue reading...
Should I Shop Online?
After the banking question, the next question usually is about shopping online. I too shop online, but still have some guiding principles to keep my risk low. Only shop at reputable online stores. Use a credit card and not a debit card. The card companies are usually on your side to protect you from fraud....
Continue reading...
Should I Bank Online?
I get asked this question often from family members, and while they are looking for a yes or no answer, I can’t leave them with just a yes. Yes I bank online. But I apply several underlying cyber security fundamentals when I bank online. I would advise you to do the same. A couple items...
Continue reading...
Common Online Usage Post Series
Coming next is a post series from common questions on online usage. Feel free to ask additional questions in the comment section below. The post series will contain the following: Should I Bank Online? Should I Shop Online? How to Protect Your Credit Card Information Online Should I Use Social Networking Sites?...
Continue reading...
Web Hosting Support Levels
Finding the right secure and reliable web hosting provider comes down to the support level. If you have been following the past Cyber Security Fundamentals post series, then you will want to be asking the same questions you asked yourself to them. Understanding what support they truly provide is key when it comes to your...
Continue reading...
Web Hosting Software
You will want to know what specific software is being ran on your server and ensure that it is running a stable version and not vulnerable to security vulnerabilities. Software is what exposes you to risk, but it is also what runs your business website! So you want to be intentional in what is being...
Continue reading...
Web Hosting Architecture
There are several factors at finding a secure and reliable web hosting provider, and it starts at the core infrastructure. What architecture do they have in place for the web servers, database servers, dns servers, etc? Is it a redundant setup so if there is a denial of service attack or you get excessive traffic...
Continue reading...
Shared vs Dedicated Web Hosting
The next main decision point is likely if you want to have a account on a shared server or dedicated server. Shared means that other customers will have an account on the same server and dedicated means that you are the only customer on the server. Most of the time, an account on a shared...
Continue reading...
Managed vs Do It Yourself Web Hosting
This is probably the main decision question you have when finding a web hosting company. Do you want to manage the servers yourself or do you want to have a provider support you in those efforts? My personal opinion is that there are so many aspects to having a secure and reliable web server, that...
Continue reading...
Web Hosting Post Series
Coming next is a post series about web hosting. The format for this post series is a bit different as it will focused on due diligence efforts you should do and look out for in finding a secure and reliable web hosting provider. The post series will contain the following: Managed vs Do It Yourself...
Continue reading...
How To Tell if Your WordPress Site is Hacked
There are a couple different ways to monitor your site and be notified if your site was acting malicious, which is a sign of being hacked. On the service side, you can use the Google Webmaster Tools assuming you are signed up for it and Google is indexing your site. On a local WordPress plugin...
Continue reading...
How to Monitor Your WordPress Site
To monitor your WordPress site for various types of activities, I recommend a few plugins to assist you so that you don’t have to do it manually. For monitoring the activity of a logged in user, you can use one of the following plugins. They both provide detailed user activity logs such as when they...
Continue reading...
What Should I Monitor on my System?
Hopefully I convinced you why you should monitor your system activity so the next question becomes, what should I monitor? Here are a couple common areas to monitor regardless of system function. From webservers to desktops, this list can get you started: What a user did on your system. If you have a system that...
Continue reading...
Why Should I Monitor My System Activity?
Like many important things in life, security is one of those items that you shouldn’t just “set it and forget it”. Part of having a holistic security system is to monitor your systems for various indicators. You will want to monitor for system activity because you want to be proactive and understand the changes on...
Continue reading...
System Monitoring Post Series
Coming next is a post series about system monitoring. As usual I will cover fundamentals first, and then have specific tactical information when it comes to your own systems and WordPress sites. The post series will contain the following: Why Should I Monitor My System Activity? What Should I Monitor on my System? How to...
Continue reading...
How to Restrict WordPress Access
Here is some tactical advice for you to implement in your WordPress site so that you can restrict access and put better controls on your system. Create an author or editor role for yourself and use this account for all your posting. Don’t use the admin role for posting content. Only use the admin role...
Continue reading...
Three Additional Access Control Strategies
Below are some some additional access control strategies that are commonly in use. Limit access to networked systems by IP. Example would be if you have a database server online, does all of the internet have a need to access that system? Or does really only your webserver(s) need access to it? In the case...
Continue reading...
Welcome 2014!
I wish you all a great 2014. Stay safe and secure out there....
Continue reading...
What is Least Privilege?
Best practice when using a system that has multiple levels of permissions or roles, is to use the account with the least amount of privileges to perform the action required. You see this in Windows and Apple OSX machines by default now where you have a regular user account, and then when you want to...
Continue reading...
Why Should I Care About Access Control?
Acccess control is about who can access your data or resources, and the act of accessing may mean consuming, entering, or using. A couple common examples of access control is a physical lock such as a house lock, and a login prompt to a website. If anyone could gain access to your private data or...
Continue reading...
Access Control Post Series
Coming up is a post series about access control. As usual I will cover fundamentals first, and then have specific tactical information when it comes to your own systems and WordPress sites. The post series will contain the following: Why Should I Care About Access Control? What is Least Privilege? Three Additional Access Control Strategies...
Continue reading...
Validate Your Backup Integrity With Restore
The whole point of a backup system is to have the ability to restore important files that were lost. An important step in your backup system is to ensure that you can recover the files and that the backup data is not corrupted. There is no point of a backup if you can’t access your...
Continue reading...
How to Backup Your WordPress Site
As your WordPress site is your online presence, you want to make sure you have a backup of all the key items. Those items are likely the custom file modifications, and the database. WordPress core, plugins, and themes could all be downloaded again if you needed to, which is why I consider them a nice...
Continue reading...
Additional Backup Strategies
Today I will cover some additional backup strategies that I have used in the past. Best practices regarding backups: Store them encrypted! This is very important as your backups contain all your data and sensitive files and you don’t want it to fall into the wrong hands and open yourself up to identity theft right?...
Continue reading...
What Should I Backup?
What should you backup is a personal question and I can’t answer it for you definitively, but you should backup any information that is important to you. Any data that you created, obtained, hard to find, contact lists, bookmarks, passwords, etc. On a daily basis I backup the following: “My Documents” folder “My Images” folder...
Continue reading...
Why Backup Your Data?
Your data is the most important asset of in your computer. Hardware and software could be replaced, but if you don’t have a backup of your data and something were to happen to your computer, you will likely be in a lot of pain from the data loss. You would need to recreate all that...
Continue reading...
Backup Post Series
Coming up is a post series about backups. As usual I will cover fundamentals first, and then have specific tactical information when it comes to your own backups and WordPress sites. The post series will contain the following: Why Backup Your Data? What Should I Backup? Additional Backup Strategies Validate Your Backup Integrity With Restore...
Continue reading...
Finding Secure WordPress Plugins
Having an updated WordPress core site doesn’t do anything for security if you are running plugins that are not secure. Plugins run at the same authority as WordPress itself and it only takes one bad plugin to risk your whole site’s security so you want to be sure that the plugins that you have are...
Continue reading...
Target Store Data Breach
Brian Krebs originally posted yesterday that Target is investigating a data breach. Today Target confirmed that 40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec. 15, 2013! Ouch. As the impact is so wide, it would either be an inside job or the internal servers were breached. What...
Continue reading...
How to Maintain WordPress Software Security
Just as your desktop software, you should keep your WordPress software up to date as well. With WordPress running a majority of websites now, more attackers are looking for vulnerabilities as it would have a high return rate for them. There have been various vulnerabilities identified with WordPress in the past, and they have a...
Continue reading...
How to Know When New Security Patches Exist
While the built in tools are made to help you get notifications of new security updates, you might not notice them in a timely manner due to various factors. One way to stay up to date on when security patches are released is to subscribe to security notifications from the vendors or utilize a service...
Continue reading...
Where to Find Software Patches?
This will vary to what operating system and applications you are running. Based on the most common software products in use for Microsoft Windows based machines, Adobe Reader, Adobe Flash and Oracle Java are the top products have frequent updates for security patches. Microsoft releases their security updates every second Tuesday of the month. This...
Continue reading...
Why Should I Apply Software Patches?
One major factor to your computer’s state of security is what software you are running. The more software in use, the more potential issues could be leveraged from an attacker. The top cause for a computer to get exploited is from running older versions of software which in turn have known vulnerabilities in them. This...
Continue reading...
How to Setup Strong WordPress Passwords
WordPress 3.7 updated their password meter to recognize common mistakes that can weaken your password such as dates, names, keyboard patterns (123456789), and even pop culture references. While this is a good start, we recently learned how to create a strong password by using one of the password management tools or an online tool like...
Continue reading...
Password Management Tools
If you have come to the same conclusion that I have and you need strong random passwords on all your accounts, how will you manage all of them? You know you shouldn’t write them down or keep them in a plain text file, so what to do? Thankfully there are several password management solutions out...
Continue reading...
Why You Need Random Passwords
I highly recommend having random passwords for every site you have a account on. If you can’t do that, then at least have different passwords for accounts that have payment related information in them. Why? If an attacker got access to your account,then they just got access to all your other accounts as well! Below...
Continue reading...
Minimum Password Length
Several websites state that having a password length of 8 is good enough, but that number was based off of current CPU technology at the time and the time required to to use those CPUs to break them. Graphic cards have been taking over the password cracking scene for a several years now, as password...
Continue reading...
How to Create a Strong Password
As passwords are your keys to many digital things, you probably want to ensure that it is reasonable secure and strong right? There is a lot of advice out there when it comes to creating a strong password, and while most of it is good, some of the recommendations should not be listened. Part of...
Continue reading...
Is Your WordPress Blog Part of a DDoS Attack?
The Hacker News had an article titled DDos Attacks originated from thousands of .edu and .gov wordpress blogs and it highlights the importance of a couple security best practices. 1) Use complex account passwords 2) Monitor your server for compromise 3) Upgrading to latest versions to protect against known vulnerabilities The article mentions that older...
Continue reading...
SpiderLabs Discovers 2 Million Stolen Accounts
Yesterday there was a post from the Trustwave SpiderLabs crew about discovery of compromised accounts due to their investigation of the Pony Botnet. This is another great example of how one must protect their account information by having complex passwords for websites. And if you have the same password in multiple places, an attacker could...
Continue reading...
OptimizePress–0day in Wild
I know many of you use OptimizePress, but there is an unauthenticated file upload vulnerability with the code which essentially means a hacker can upload code to your server and have that code be executed. Disabling the plugin will not do you any good, but adding an .htaccess rule to protect your /wp-content/themes/OptimizePress/lib/admin/ should reduce...
Continue reading...
Changing Scope
My personal blog will now be focused on tips as it relates to entrepreneurship. While brainstorming topics to post about, I’m thinking about productivity, learning techniques, quantified self lessons, startup life, and of course cyber security. Speaking of cyber security, I will likely have a cyber security slant to everything I post about as that...
Continue reading...