Posts

Showing posts from September, 2018

ST18-004: Protecting Against Malicious Code

Image
National Cyber Awareness System:ST18-004: Protecting Against Malicious Code09/28/2018 11:17 AM EDTOriginal release date: September 28, 2018What is malicious code?Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses.Viruses have the ability to damage or destroy files on a computer system and are spread by sharing an already infected removable media, opening malicious email attachments, and visiting malicious web pages.Worms are a type of virus that self-propagates from computer to computer. Its functionality is to use all of your computer’s resources, which can cause your computer to stop responding.Trojan Horses are computer programs that are hiding a virus or a potentially damaging program. It is not uncommon that free software contains a Trojan horse making a user think they are using legitimate software, instead the program is pe…

ST18-004: Protecting Against Malicious Code

Image
National Cyber Awareness System:ST18-004: Protecting Against Malicious Code 09/28/2018 11:17 AM EDT Original release date: September 28, 2018What is malicious code?Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses.Viruses have the ability to damage or destroy files on a computer system and are spread by sharing an already infected removable media, opening malicious email attachments, and visiting malicious web pages.Worms are a type of virus that self-propagates from computer to computer. Its functionality is to use all of your computer’s resources, which can cause your computer to stop responding.Trojan Horses are computer programs that are hiding a virus or a potentially damaging program. It is not uncommon that free software contains a Trojan horse making a user think they are using legitimate software, instead the program is pe…

IC3 Issues Alert on RDP Exploitation

Image
National Cyber Awareness System:IC3 Issues Alert on RDP Exploitation 09/28/2018 09:54 AM EDT Original release date: September 28, 2018The Internet Crime Complaint Center (IC3), in collaboration with DHS and the Federal Bureau of Investigation, has released an alert on cyber threat actors maliciously using legitimate remote administration tools, such as Remote Desktop Protocol (RDP). Threat actors identify and exploit vulnerable RDP sessions to facilitate credential theft and ransomware infection.NCCIC encourages users and administrators to review the IC3 Alert and the NCCIC Tips on Securing Network Infrastructure Devices and Choosing and Protecting Passwords. If you believe you are a victim of cybercrime, file a complaint with IC3 at www.ic3.gov.

The best location for your router for actually good Wi-Fi

Image

If Facebook logged you out, your account was likely attacked

Image

Meltdown and Spectre Vulnerabilities (Update I) | ICS-CERT

Meltdown and Spectre Vulnerabilities (Update I) | ICS-CERT
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-18-011-01

Meltdown and Spectre Vulnerabilities (Update I)1. EXECUTIVE SUMMARYThis updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update H) that was published July 10, 2018, on the NCCIC/ICS-CERT website.NCCIC is referencing CERT/CC's vulnerability note VU#584653 CPU hardware vulnerable to side-channel attacks to enhance the awareness of critical infrastructure asset owners/operators and to identify affected product vendors that have contacted ICS-CERT for help disseminating customer notifications/recommendations to mitigate the risk associated with cache side-channel attacks known as Meltdown and Spectre. Exploitation of these vulnerabilities may allow unauthorized disclosure of information.CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 have been assigned to these vulnerabilities.The following pr…

Understanding Firewalls for Home and Small Office Use

Image
Understanding Firewalls for Home and Small Office UseNational Cyber Awareness System:Understanding Firewalls for Home and Small Office Use Original release date: September 10, 2018When your computer is accessible through an internet connection or Wi-Fi network, it is susceptible to attack. However, you can restrict outside access to your computer—and the information on it—with a firewall.What do firewalls do?Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary network traffic. Firewalls can also prevent malicious software from accessing a computer or network via the internet. Firewalls can be configured to block data from certain locations (i.e., computer network addresses), applications, or ports while allowing relevant and necessary data through. (See Understanding Denial-of-Service Attacks and Understanding Hidden Threats: Rootkits and Botnets for more information.)What type of firewall is best?Categories of f…

5 things you may have missed from the Facebook and Twitter hearings

Image

US charges N. Korean hacker in Sony, WannaCry cyberattacks

Image

Apple is building a site to handle data requests from law enforcement agencies worldwide

Image

Securing Enterprise Wireless Networks

Image
What is enterprise network security?Enterprise network security is the protection of a network that connects systems, mainframes, and devices―like smartphones and tablets―within an enterprise. Companies, universities, governments, and other entities use enterprise networks to help connect their users to information and people. As networks grow in size and complexity, security concerns also increase.What security threats do enterprise wireless networks face?Unlike wired networks, which have robust security tools—such as firewalls, intrusion prevention systems, content filters, and antivirus and anti-malware detection programs—wireless networks (also called Wi-Fi) provide wireless access points that can be susceptible to infiltration. Because they may lack the same protections as wired networks, wireless networks and devices can fall victim to a variety of attacks designed to gain access to an enterprise network. An attacker could gain access to an organization's network throu…

Everything You Should Do Before You Lose Your Phone

Apple's Biggest iPhone Launch Ever: What to Expect