https://ssnetworks.net/8-securityadvisor 2024-04-29T00:47:40-07:00 Joomla! - Open Source Content Management 2010-06-03T14:46:40-07:00 2010-06-03T14:46:40-07:00 https://ssnetworks.net/8-securityadvisor/5-be-better-than-james-bond conticreative conticreative@gmail.com

<div class="feed-description"><p>In Casino Royale, Bond chooses a password to protect a multi-million pound money transfer. What does he choose? His girlfriend's name - doh! Why bother torturing him when you could just guess his cunning plans? We can all do better than that. For most situations a password should be 8 characters long and be a mixture of letters, numbers and other characters and it should conform to company policy. It should not be a word you would find in a dictionary, the name of your spouse, partner, child, pet, favorite band or any of these followed by a single digit. Use common sense - Razorlight1 isn't a good choice if you have a poster of the band behind your desk.</p></div>

<div class="feed-description"><p>In Casino Royale, Bond chooses a password to protect a multi-million pound money transfer. What does he choose? His girlfriend's name - doh! Why bother torturing him when you could just guess his cunning plans? We can all do better than that. For most situations a password should be 8 characters long and be a mixture of letters, numbers and other characters and it should conform to company policy. It should not be a word you would find in a dictionary, the name of your spouse, partner, child, pet, favorite band or any of these followed by a single digit. Use common sense - Razorlight1 isn't a good choice if you have a poster of the band behind your desk.</p></div> 2010-06-03T14:47:48-07:00 2010-06-03T14:47:48-07:00 https://ssnetworks.net/8-securityadvisor/3-be-skeptical-when-you-read-your-email conticreative conticreative@gmail.com

<div class="feed-description"><p>Keep asking Why should I believe that? It is important to remember that you can't trust the "from" address on e-mail from outside the organization, as it is often faked by fraudsters and viruses. If you didn't expect a message, link, or attachment from someone, ask yourself why you should trust that it really came from the apparent sender, and that it's safe. When in doubt, it's a good idea to call and verify that they sent you the message.</p></div>

<div class="feed-description"><p>Keep asking Why should I believe that? It is important to remember that you can't trust the "from" address on e-mail from outside the organization, as it is often faked by fraudsters and viruses. If you didn't expect a message, link, or attachment from someone, ask yourself why you should trust that it really came from the apparent sender, and that it's safe. When in doubt, it's a good idea to call and verify that they sent you the message.</p></div> 2013-04-04T23:52:11-07:00 2013-04-04T23:52:11-07:00 https://ssnetworks.net/8-securityadvisor/25-beware-of-clicking-the-web-translator-hyperlink mickeydata mickey@ssnetworks.net

<div class="feed-description"><p>Foreign languages are no longer as difficult to understand as they once were, thanks to improvements in web translation services, which instantly translate words and web pages. The website translator plug-in can expand your global world with an amazing and effortless approach by automatically recognizing foreign-language identifiers.</p> </div>

<div class="feed-description"><p>Foreign languages are no longer as difficult to understand as they once were, thanks to improvements in web translation services, which instantly translate words and web pages. The website translator plug-in can expand your global world with an amazing and effortless approach by automatically recognizing foreign-language identifiers.</p> </div> 2010-06-03T14:46:13-07:00 2010-06-03T14:46:13-07:00 https://ssnetworks.net/8-securityadvisor/6-beware-of-usb-flash-drive-s-autoplay-feature conticreative conticreative@gmail.com

<div class="feed-description"><ol> <li>If you find a USB token in the wild, don't plug it into your USB port as it could autoinstall software if your system is set to autoplay CDROMs.</li> <li>Though many organizations' standards call for disabling autoplay of CDROMs, you should check and set yours. To disable autoplay follow these instructions (for WinXP):</li> <li>Open My Computer</li> <li>Right click on your cdrom drive selecting "Properties"</li> <li>Select Autoplay page and set each menu option to "Select an Action to Perform" = "Take no action"</li> <li>Click Apply (you must apply each setting change one at a time!)</li> <li>Repeat for each item in the list (alternatively ensure that all are set to "Prompt me for action"</li> </ol></div>

<div class="feed-description"><ol> <li>If you find a USB token in the wild, don't plug it into your USB port as it could autoinstall software if your system is set to autoplay CDROMs.</li> <li>Though many organizations' standards call for disabling autoplay of CDROMs, you should check and set yours. To disable autoplay follow these instructions (for WinXP):</li> <li>Open My Computer</li> <li>Right click on your cdrom drive selecting "Properties"</li> <li>Select Autoplay page and set each menu option to "Select an Action to Perform" = "Take no action"</li> <li>Click Apply (you must apply each setting change one at a time!)</li> <li>Repeat for each item in the list (alternatively ensure that all are set to "Prompt me for action"</li> </ol></div> 2010-06-03T14:44:38-07:00 2010-06-03T14:44:38-07:00 https://ssnetworks.net/8-securityadvisor/8-don-t-click-on-links-in-pop-ups-or-banner-advertisements conticreative conticreative@gmail.com

<div class="feed-description"><p>In July 2007, when iPhones were scarce and strongly in demand, Botnet herders put software on already infected computers that redirected users browsing for iPhones to phony websites. The malware caused pop-ups and banner advertisements on infected computers; clicking on the provided links took users to the phony sites. People who attempted to buy iPhones from the sites were actually providing the Bad Guys with their personal and financial information. You can expect to see something similar for any fad that comes along. When your heart is tempted by the latest hot fad, don't throw caution to the wind.</p></div>

<div class="feed-description"><p>In July 2007, when iPhones were scarce and strongly in demand, Botnet herders put software on already infected computers that redirected users browsing for iPhones to phony websites. The malware caused pop-ups and banner advertisements on infected computers; clicking on the provided links took users to the phony sites. People who attempted to buy iPhones from the sites were actually providing the Bad Guys with their personal and financial information. You can expect to see something similar for any fad that comes along. When your heart is tempted by the latest hot fad, don't throw caution to the wind.</p></div> 2010-06-03T14:43:54-07:00 2010-06-03T14:43:54-07:00 https://ssnetworks.net/8-securityadvisor/9-don-t-trust-links-sent-in-email-messages conticreative conticreative@gmail.com

<div class="feed-description"><p>A common fraud, called "phishing", sends messages that appear to be from a bank, shop or auction, giving a link to a fake website and asking you to follow that link and confirm your account details. The fraudsters then use your account details to buy stuff or transfer money out of the account. These fake sites can be hard to spot, so no reputable organization will send a message requesting your confidential information.</p></div>

<div class="feed-description"><p>A common fraud, called "phishing", sends messages that appear to be from a bank, shop or auction, giving a link to a fake website and asking you to follow that link and confirm your account details. The fraudsters then use your account details to buy stuff or transfer money out of the account. These fake sites can be hard to spot, so no reputable organization will send a message requesting your confidential information.</p></div> 2010-06-03T14:42:33-07:00 2010-06-03T14:42:33-07:00 https://ssnetworks.net/8-securityadvisor/11-get-a-separate-email-address-for-postings conticreative conticreative@gmail.com

<div class="feed-description"><p>To secure your data and reduce SPAM sent to your business as well as to your private email account, get a dedicated address for internet postings. Never use your business email address for posting guestbook entries, votes, or questions and answers in forums and surveys. It's good to be reachable in these situations, but best to be anonymous.</p></div>

<div class="feed-description"><p>To secure your data and reduce SPAM sent to your business as well as to your private email account, get a dedicated address for internet postings. Never use your business email address for posting guestbook entries, votes, or questions and answers in forums and surveys. It's good to be reachable in these situations, but best to be anonymous.</p></div> 2010-06-03T14:43:00-07:00 2010-06-03T14:43:00-07:00 https://ssnetworks.net/8-securityadvisor/10-if-you-are-a-victim-of-identity-theft-report-it-immediately conticreative conticreative@gmail.com

<div class="feed-description"><p>Here are some things you should do.</p> <ol> <li>Contact the three major credit bureaus and have them place a fraud alert on your credit report.</li> <li>If a credit card was involved, contact the credit card company and close the account.</li> <li>Contact your local law enforcement agency and file a report.</li> <li>File a complaint with the Federal Trade Commission.</li> <li>Document all conversations so you know whom you spoke to and when.</li> </ol></div>

<div class="feed-description"><p>Here are some things you should do.</p> <ol> <li>Contact the three major credit bureaus and have them place a fraud alert on your credit report.</li> <li>If a credit card was involved, contact the credit card company and close the account.</li> <li>Contact your local law enforcement agency and file a report.</li> <li>File a complaint with the Federal Trade Commission.</li> <li>Document all conversations so you know whom you spoke to and when.</li> </ol></div> 2013-04-05T00:02:07-07:00 2013-04-05T00:02:07-07:00 https://ssnetworks.net/8-securityadvisor/27-inventory-of-authorized-and-unauthorized-devices mickeydata mickey@ssnetworks.net

<div class="feed-description"><h4>How do attackers exploit the absence of this control?</h4> <p>Many criminal groups and nation-states deploy systems that continuously scan address spaces of target organizations, waiting for new and unprotected systems to be attached to the network. The attackers also look for laptops not up to date with patches because they are not frequently connected to the network. One common attack takes advantage of new hardware that is installed on the network one evening and not configured and patched with appropriate security updates until the following day.</p> </div>

<div class="feed-description"><h4>How do attackers exploit the absence of this control?</h4> <p>Many criminal groups and nation-states deploy systems that continuously scan address spaces of target organizations, waiting for new and unprotected systems to be attached to the network. The attackers also look for laptops not up to date with patches because they are not frequently connected to the network. One common attack takes advantage of new hardware that is installed on the network one evening and not configured and patched with appropriate security updates until the following day.</p> </div>