IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [documents]

41 questions
56
votes
11 answers

How to safely view a malicious PDF?

I have a PDF with important information that may contain malware. What would be the best way to view it?
user11101
36
votes
2 answers

Should I present forged documents in a Penetration Test/Red team engagement?

A previous question of mine lead to this discussion which mentioned the subject of Document forgery. I've seen many people (in videos) forge IDs and employee badges for such engagements so that seems fine as a test. However, if asked to present a…
ChocolateOverflow
  • 3,452
  • 4
  • 17
  • 34
30
votes
5 answers

Can FBI or government agencies get hold of my Google Docs files just by confiscating my laptop?

Assume the following: I am doing all my work, including the one with sensitive information on Google Docs. No documents are stored on local hard drive. I am not using the Google Drive App, just doing everything via web interface I am using…
Graviton
  • 905
  • 4
  • 12
  • 26
15
votes
3 answers

Would publishing a network diagram make the network less secure?

I have found some social networking sites that focus on sharing architecture (network maps and diagrams) and configuration. Does sharing this type of information decrease the security of my network? Examples: The idea of setting this site up was…
saber tabatabaee yazdi
  • 1,038
  • 5
  • 16
  • 26
8
votes
1 answer

CERT FOE Fuzzing Framework documentation

So I read another post here about fuzzing local standalone applications. I have understood how to exploit basic buffer overflow vulnerabilities in standalone applications and am now looking on how to find such vulnerabilities. I downloaded the CERT…
user2405966
  • 97
  • 1
  • 2
6
votes
3 answers

Which is a safe way to transfer a copy of a sensitive document?

A reputable and clearly identified institution asked me, for legitimate reasons, to e-mail a scan of the passport. However, I regard the passport as a sensitive document and am pretty reluctant to use the e-mail to that end, for generic/general…
XavierStuvw
  • 965
  • 2
  • 8
  • 15
5
votes
5 answers

Should I shred documents with only name and address details?

I routinely shred documents with any personal information on them to protect myself and others against identity theft. I have no doubts that shredding any documents with ID numbers, account details and the like is a good idea, however I am wondering…
GdD
  • 17,291
  • 2
  • 41
  • 63
5
votes
3 answers

Are document signature services violating any rule by exposing PII over clear email?

A company sent me a document to sign via CudaSign, I did. As soon as I completed the transaction, I got a PDF over email with the document attached. The document includes my SSN. I assume, the originator also got the document via PDF attachment.…
csmba
  • 151
  • 4
4
votes
1 answer

Need help collating resources for an information/cyber security audit document for an MSP

I am currently serving out an internship with a small MSP (4 employees, 50-100 clients with between a couple and 100 employees). My main project is to work on a information/cyber security audit document that is to be used by the employees to perform…
Vehicular IT
  • 41
  • 1
4
votes
1 answer

Does a dead person's SSN, etc need to be protected?

My parents died 10 years ago. I was the executor. The final return, etc was filed, no problems. I still have all their tax and financial records, which I'd like to get rid of. I believe I've extracted anything referring to myself or my…
George
  • 279
  • 2
  • 4
3
votes
1 answer

How to remove yellow tracking dots from a document?

Assume I have a document which I supspect to have yellow tracking dots. How can I remove them while keeping the actual information on the document? Is making a b&w copy enough? Is the copy machine adding its own tracking? Would JPEG compression of…
aggsol
  • 174
  • 1
  • 9
3
votes
1 answer

Hundreds of old MS Office files increased by about 10kb

We have most of our documents backed up and syncing in MS Sharepoint. That has worked very well for us. However, I just noticed an old folder I created on the C: drive at the time of setting all this up -- a duplicate of the all the files in…
kr37
  • 133
  • 3
3
votes
1 answer

How should we store and share information about our security protocols and plans?

I'm assuming that it's a good idea to document your security protocols, response plans, and attack surfaces. Of course, if you simply stick all of that information on GitHub (minus your secret of course), then it gives attackers a map of your system…
Wayne Werner
  • 1,755
  • 3
  • 15
  • 20
3
votes
2 answers

How to prevent manipulation of a chain of document? Specifically: medical records

This is hypothetical problem, so remarks about whether it is feasible in practice are are off topic. I have been designing a documentation system for medical records where the patient owns his/her own data (instead of how it currently works in most…
d-b
  • 449
  • 2
  • 8
3
votes
1 answer

Digitally signing a document with your public/private keypair without certificates?

I have generated a private/public key pair using gpg. Can I use this key pair to digitally sign a PDF without a digital certificate, but to still have the signature integrated into the PDF, instead of creating a separate signature file? To clear…
stanny
  • 161
  • 3
1
2 3