The views expressed in this blog are those of the owner and do not reflect the views or opinions of the owner’s employer. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information. This policy is subject to change at any time. The owner is not an attorney, and nothing posted on this site should be construed as legal advice. Litigation Support Tip of the Night does not provide confirmation that any e-discovery technique or conduct is compliant with legal, regulatory, contractual or ethical requirements.
The Center for Internet Security's Configuration Assessment Tool can be downloaded for free here: https://learn.cisecurity.org/cis-cat-landing-page
After downloading it simply click on the 'CIS-CAT.BAT' file to run the program.
The Center makes benchmarks available for a variety of operating systems and applications.
The software will generate a report showing whether or not a system passes security tests.
Kaspersky Lab has been widely regarded as a reputable cybersecurity firm, by security experts like Senseient and leading electronic discovery vendors like Kroll. In 2016 it had the largest market share in Europe of any cybersecurity vendor. Here on Litigation Support Tip of the Night, Kaspersky's password checker and anti-virus software has been recommended. I can no longer endorse their products.
As the New York Times has reported Kaspersky's antivirus software, which requires complete access to a PC's hard drive, has been used by Russian intelligence to gain access to government documents improperly stored on the home computers of government employees. On September 13, 2017, the Department of Homeland Security ordered all government agencies to uninstall Kaspersky software.
The Times report described findings by Israeli intelligence showing that Russian government agents were able to use Kaspersky software as a tool to search millions of computers.
As you can see from the patent posted here, Kaspersky uses a method called silent signatures to look for malware. Silent signatures let malware detention be deducted in stealth mode, but can also be used to search a hard drive for keywords.
You can easily audit the passwords you have saved in your Chrome browser with another great utility from NirSoft. ChromePass is a simple executable that you can download. Simply run it and a table will be generated showing URLs; User Name; Password, and more notably for security purposes a Password strength and for forensics purposes the time at which password were created.
Nirsoft also makes versions of this utility for FireFox, Opera, IE, and one ring to rule them all, WebBrowser PassView.