Patch your workstation
If a patch is available to the public, there is a good chance an exploit is already available to cyber criminals.
- Set up your computer for automatic software and operating system patching.
- Exploits are more likely to attack known vulnerabilities in both software and operating systems.
- Remove old software and operating system (eg. Windows XP) that is no longer receiving patches.
- Verify software patching for web browsers, Adobe products, Flash, Java, and more.
Protective software is very helpful in preventing known attack methods.
- Install anti-virus or malware protection for your computer and enable active scanning.
- Intrusion detection software is available for all operating systems as well.
- Microsoft now has protection software pre-installed (Microsoft Security Essentials, Windows Defender ) verify they are active and working.
- Enable firewall protection: most modern operating systems now have firewalls.
- Enable firewall logging, see Windows Logging for more information.
A common method for cyber criminals to gain access to computer systems by just asking/tricking users for credentials.
- Stay informed about the latest phishing scams and tactics - phishing Link
- Don't click on embedded links in emails, chat programs or social media software without verifying destination.
- Be aware that phishing attempts will spoof sender email addresses to make it appear to come from important people or people you know and trust.
- Attackers may want your account information or to have you install malware on your workstation, don't give it to them
- If you think you were tricked into giving up your credentials - change your password
- If you think you mistakenly installed a virus please visit our page regarding what to do now: Link to hacked article
Email scams have been around a long time and this is still a means of installing malware and phishing for information.
- Remember, email is usually in plain text and information in an email is potentially available to the world.
- Do not store or send passwords in email. This is not a safe way to store or send passwords.
Your password is the only thing between Bad Guys and your account.
A common malware attack encrypts files on your computer until you pay a fee, an easy way around this is backups.
- Perform regular backups of your data files.
- Perform regular backups of your entire OS.
- Store backups media on a different device or location.
- Consider encrypted your backups files.
Logging tracks events on a computer allowing one to track what happened on the machine.
- Firewall logging - allow and denies
- System Logging
- Application Logging
Below are some thinks to site you can use to help get information about web sites and the latest trends in cyber security.