Personal Device Security

Owned by Stuart Tyne
Last updated: Jul 13, 2017
3 min read


Overview

  • Common threats
  • Attacker Tactics
  • Simple things to protect your device

Basic Terminology

  • Malware 
  • Phishing 
  • Software Vulnerability

Demo - Phishing Attack

Video!

Protecting Yourself - What you can do








OS and Application Patching

Update your operating system and programs



These should be familiar







Don't Log in as Admin








There are 2 types of accounts:

  • User
  • Administrator




Administrator accounts are like having the keys to the kingdom. Attackers love them.

Understand the Warnings


...but, warnings don't always make a lot of sense..





Verified Publishers










A way of checking who authored a piece of software



Office Macros

Macros allow users to write and execute code snippets in Microsoft Office files


And another one...



Attackers try to trick victims into opening Office files with malicious macros inside



Basic Macro tips:
  1. Disable Macros
  2. Only run a macro if you know who wrote it
Backups

The safest way to ensure you don't lose your data


How to Backup:
  • Storage Device - USB or External Hard Drive
  • Cloud - Dropbox, Google Drive, etc.


Ransomware: WannaCry[pt]




Background
  • May 2017 an exploit for Windows was released
  • Attackers used exploit to distribute ransomware
  • Microsoft had patched the vulnerability one month before
What happened when you get ransomware'd
  • Can't access your files
  • Pay $300 to get them back
  • but, you never get them back
How to protect yourself:
  • Update Windows
  • Backup your data


Thanks!

Questions welcome