Overview
- Common threats
- Attacker Tactics
- Simple things to protect your device
Basic Terminology
Before we continue, let's cover some basic terminology around device security:
- Malware
- Phishing
- Vulnerability
Demo - Phishing Attack
<video here>
Protecting Yourself - What you can do
Some simple things you can do to protect yourself
OS and Application Patching
Software companies push out security fixes to customers in the form of a patch. Applying software patches as they come out is a great way to protect yourself new threats.
...
Everyone should be familiar with these:
Limiting Admin Privileges
Accounts on a computer operating system will come it 2 varieties:
...
Administrator accounts are like having the keys to the kingdom. Attackers love them.
Don't Ignore Warnings
Operating systems do there best to identify malware, but sometimes they need users to have the final say on what is good or bad...
...
...but, warnings don't always make a lot of sense..
Do I?
Software Signing
Software signing a way of checking who authored a piece of software.
Office Macros
Macros allow users to write and execute code snippets in Microsoft Office files
...
- Don't run macros from unknown sources
- If you're not sure why a document requires a macro, don't run it
- Just disable macros all together
Backups
The safest way to ensure you don't lose your data
Ransomware: WannaCry[pt]
Background:
- May 2017 an exploit for Windows was released
- Attackers used exploit to distribute ransomware
- Microsoft had patched the vulnerability in April 2017
...
- Apply security patches
- Backup your data
- Don't pay the attackers
Thanks!
Questions welcome