Versions Compared

Old Version 2

changes.mady.by.user Stuart Tyne

Saved on

compared with

New Version Current

changes.mady.by.user Stuart Tyne

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Image Removed                          Image Removed                                    Image Removed

Overview

  • Common threats
  • Attacker Tactics
  • Simple things to protect your device

Basic Terminology

Before we continue, let's cover some basic terminology around device security:

  • Malware 
  • Phishing 
  • Software Vulnerability

Demo - Phishing Attack

<video here>Video!

Protecting Yourself - What you can do

Some simple things you can do to protect yourself








OS and Application Patching

Software companies push out security fixes to customers in the form of a patch. Applying software patches as they come out is a great way to protect yourself new threats.

Everyone should be familiar with these:

Image RemovedImage Removed

Limiting Admin Privileges

Image Removed

Accounts on a computer operating system will come it 2 varietiesUpdate your operating system and programs



These should be familiar

Image AddedImage Added







Don't Log in as Admin

Image Added








There are 2 types of accounts:

  • User
  • Administrator




Administrator accounts are like having the keys to the kingdom. Attackers love them.
Don't Ignore Warnings

Operating systems do there best to identify malware, but sometimes they need users to have the final say on what is good or bad...

Understand the Warnings


...but, warnings don't always make a lot of sense..

Do I?

...





Verified Publishers










Software signing a A way of checking who authored a piece of software.



Office Macros

Macros allow users to write and execute code snippets in Microsoft Office files

Image Added


And another one...


Image Added


Attackers try to trick victims into opening Office files with malicious macros inside

...

Luckily, Microsoft knows about this and has adding in some warnings

Image Removed

...



Basic Macro tips:
  1. Don't run macros from unknown sources
  2. If you're not sure why a document requires a macro, don't run it
  3. Just disable macros all together
  1. Disable Macros
  2. Only run a macro if you know who wrote it
Backups

The safest way to ensure you don't lose your data


How to Backup:
  • Storage Device - USB or External Hard Drive
  • Cloud - Dropbox, Google Drive, etc.


Ransomware: WannaCry[pt]




Background

...

  • May 2017 an exploit for Windows was released
  • Attackers used exploit to distribute ransomware
  • Microsoft had patched the vulnerability in April 2017

Victims of the ransomware would be locked out of their files and attackers demand payment to unlock them

...

  • one month before
What happened when you get ransomware'd
  • Can't access your files
  • Pay $300 to get them back
  • but, you never get them back
How to protect yourself:
  • Apply security patchesUpdate Windows
  • Backup your dataDon't pay the attackers


Thanks!

Questions welcome