Tag Archive for: Professionals

7 useful hacker tools for Microsoft Windows professionals

/in


The internet offers a rich selection of tools for criminal purposes: password crackers and vulnerability scanners are just two examples. At the same time, one also finds web applications that are suitable for violating privacy — for example, reverse searches for the owners of telephone numbers or a person in a photo.

However, these tools can not only be used for criminal purposes or to find out the identity of other people, you can also use them for your own protection or for emergencies. Password crackers, for example, are often the last resort if you have forgotten an important password. Vulnerability scanners can also be used on your own network to detect and then block possible entry points for hackers.

Caution: Cracking passwords or even spying on networks is only permitted by law if it involves your own passwords and your own network. If you try to decrypt someone else’s password or spy on another network, you are liable to prosecution.

Replace Windows password

Der Offline NT Password & Registry Editor kann auch die Passwörter von Windows 10 und 11 überschreiben. Eine ausführliche Anleitung im Web erklärt Ihnen, wie das geht.

The Offline NT Password & Registry Editor can also overwrite Windows 10 and 11 passwords. A detailed guide on the web explains how to do this.

IDG

The first password you have to enter after turning on your computer is usually the Windows password. If you no longer know this password, your data is not lost — you can boot the computer with a boot stick or a boot CD, for example, and copy important documents to another medium — but you usually have no choice but to reinstall the operating system.

The free tool Offline NT Password & Registry Editor offers a way out. It does not even try to crack the password, but simply overwrites it with a character combination of your choice.

The tool is already quite old, the last version dates from 2014, but it still runs under Windows 10 and 11, albeit with some restrictions. For example, the computer must support legacy mode when booting; the program does not work with a UEFI boot. In addition, the hard disk or SSD must not be encrypted with Bitlocker or any other software.

Also note that Windows’ built-in encryption, the EFS file system, is tied to the password. If you change it with the Offline NT Password & Registry Editor and had…

Source…

Recent Hacks Prove Need to Educate More Cybersecurity Professionals

/in


(TNS) — The recent hack at MGM Resorts International last week points to a need for more cybersecurity professionals, an expert says, and the importance of training professionals in Massachusetts.

Steven Zuromski, chief information officer and vice president of information technology at Bridgewater State University, said Monday that the breach should serve as a reminder to consumers to monitor their finances for unexplained charges or new accounts.

Zuromski said a hacker group known as Blackcat or AlphaV has taken responsibility for the attack on MGM, using common methods of phishing and social engineering. The hackers gleaned information from an MGM employee’s LinkedIn account and used that knowledge to impersonate the individual and convince MGM employees to take steps that left the computer systems vulnerable.


“And wreak serious havoc over there for more than a week,” Zuromski said. “It appears to be pretty widespread.”

Widespread enough that Zuromski worries that consumer and account data might have been stolen. “If these actors were able to get this far,” he said. “MGM needs to be thinking very carefully about what data might have been exfiltrated.”

Last week, Caesars Entertainment told stock regulators that hackers stole Social Security numbers and driver’s license numbers of its loyalty program in a recent data breach.

On Monday, MGM executives briefed the Massachusetts Gaming Commission on cybersecurity issues at their Springfield casino, eight days after hackers damaged MGM’s computer systems companywide.

The discussion was kept to a closed-door executive session, just as commissioners did last week when they got an initial rundown on the hack.

STATE’S NEW RULES

Meantime, the Massachusetts Gaming Commission will host a roundtable Tuesday with the state’s sports betting operators to discuss implementation of new personal data rules the commission approved last month, according to spokesman Thomas Mills.

Those rules govern how the state’s in-person and mobile sports betting operators — a list that includes MGM — can collect and store personal data. The rules forbid them from…

Source…

We must equip health care professionals with tech resilience

/in


For weeks, a significant portion of our state has been significantly inconvenienced, even put at risk, by an increasingly disturbing trend. For nearly the entire month of August, Eastern Connecticut Health Network and Waterbury Health, which control several state hospitals and medical offices, have been suffering the effects of a cyberattack that have effectively paralyzed their technological capabilities, shutting down their information technology databases.

These are just some of 25 hospitals across the country that have had their operations impacted through this hack, and the significance of 25 hospitals being unable to provide care to their fullest extent cannot be understated. While treatment of patients is ongoing and emergency departments continue to operate, medical professionals are experiencing significant issues due to lack of connectivity through electronic systems. Local hospitals including Manchester Memorial, Rockville General and Waterbury Hospital cannot offer full outpatient medical imaging or blood drawings, with an unclear deadline or end to the outages. Even urgent care centers under the network have been forced to open alternative phone systems for patient contacts.

The continuing advances of technology in our world, and especially medical technology, have provided new opportunities to improve patient health and provide better outcomes for patients in need. In the current times, our dependency on technology also includes increasing access to remote work, electronic or e-consulting services and electronic multidisciplinary teams, almost universal electronic patients’ medical records, online scheduling, electronic radiologic images and other lab tests, robotic surgeries and remote cardiac monitoring among others. Technology has become the single most critical part of outpatient and inpatient services and communications.

Our increasing reliance on technology also poses significant risks. The current situation reinforces that our systems need more safeguards. This includes recognizing that in general, health service personnel have relatively less experience in working remotely, digital literacy and cybersecurity, leaving the sector…

Source…

Cyber security training: Insights for future professionals

/in


In this era of digitalisation, the world is witnessing exponential growth in incidents that compromise the security of information owned by businesses or governments. Recently the Royal Mail’s overseas deliveries suffered severe disruption due to a ransomware attack linked to Russian criminals. In 2022, around 50 Indian government websites were hacked and eight data breaches were reported. These included a ransomware attack on some servers at the All India Institute of Medical Science (AIIMS) that paralysed operations of the premier medical institute in India for many weeks.

The tremendous increase in such incidents has fuelled the demand for qualified IT professionals who could prevent cyber attacks on critical government and business IT assets. But there exists a considerable mismatch in the supply-demand situation of qualified cyber security professionals. To complicate this further, professionals entering this field face difficulty in deciding what skills they should acquire. This article explores what paths are available in cyber security training by analysing reports released by two eminent associations in the field of information security.

The first report discussed is the latest edition of the annual report on the cyber security workforce released by (ISC)2 titled 2022 Cyber Security Workforce Study. This report presents insights into the challenges and opportunities faced by cyber security professionals around the world. The report was prepared after conducting a survey among 11,779 cyber security professionals. The study estimates that the size of the global cyber security workforce in 2022 was 4.7 million people and the gap in the global cyber security workforce stood at 3.4 million people, which is an increase of 26.6% at the year-over-year (YoY) level.

Clearly, there exists a wide gap between the supply and demand of cyber security professionals, and the shortage is more evident in the EMEA and APAC regions where the YoY increase is greater than 50%. Half of the cyber security professionals under age 30 who participated in the survey started their careers in IT and then moved to cyber security. Both vendor-neutral certifications (e.g., (ISC)2, ISACA or CompTIA)…

Source…