SamSam Ransomware

2019-11-17T22:03:51-08:00

The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In addition, this report provides recommendations for prevention and mitigation.

Microsoft Operating Systems BlueKeep Vulnerability

2019-11-17T21:58:47-08:00

Please note, a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions:

Microsoft Ending Support for Windows 7 and Windows Server 2008 R2

2019-11-17T21:53:19-08:00

On January 14, 2020, Microsoft will end extended support for their Windows 7 and Windows Server 2008 R2 operating systems.[1] After this date, these products will no longer receive free technical support, or software and security updates. Organizations that have regulatory obligations may find that they are unable to satisfy compliance requirements while running Windows 7 and Windows Server 2008 R2.

Inventory of Authorized and Unauthorized Devices

2013-04-05T00:02:07-07:00

How do attackers exploit the absence of this control?

Many criminal groups and nation-states deploy systems that continuously scan address spaces of target organizations, waiting for new and unprotected systems to be attached to the network. The attackers also look for laptops not up to date with patches because they are not frequently connected to the network. One common attack takes advantage of new hardware that is installed on the network one evening and not configured and patched with appropriate security updates until the following day.

Malware Defenses

2013-04-05T00:00:56-07:00

How do attackers exploit the absence of this control?

Malicious software is an integral and dangerous aspect of Internet threats, targeting end-users and organizations via web browsing, e-mail attachments, mobile devices, the cloud, and other vectors. Malicious code may tamper with the system's contents, capture sensitive data, and spread to other systems. Modern malware aims to avoid signature-based and behavioral detection, and may disable anti-virus tools running on the targeted system. Anti-virus and anti-spyware software, collectively referred to as anti-malware tools, help defend against these threats by attempting to detect malware and block its execution.

Beware of Clicking the Web Translator Hyperlink

2013-04-04T23:52:11-07:00

Foreign languages are no longer as difficult to understand as they once were, thanks to improvements in web translation services, which instantly translate words and web pages. The website translator plug-in can expand your global world with an amazing and effortless approach by automatically recognizing foreign-language identifiers.

New Hire / New Hardware

2013-04-04T23:45:44-07:00

A common challenge for an effective security awareness program is continuously reaching out to employees/staff in a fun and engaging manner. Training people once a year may keep auditors happy but will not change behavior. As such, you always want to be thinking of different ways you can reach out to people. The new hire process is a great place to start. While "new hire" training is the first thing that comes to mind, there are other options to consider.

Use a password in only one place.

2010-06-03T14:48:36-07:00

Reusing passwords or using the same password all over the place is like carrying one key that unlocks your house, your car, your office, your briefcase, and your safety deposit box. If you reuse passwords for more than one computer, account, website, or other secure system, keep in mind that all of those computers, accounts, websites and secure systems will be only as secure as the least secure system on which you have used that password. Don't enter your password on untrusted systems. One lost key could let a thief unlock all the doors. Remember: Change your passwords on a schedule to keep them fresh.

Be Skeptical When You Read Your Email

2010-06-03T14:47:48-07:00

Keep asking Why should I believe that? It is important to remember that you can't trust the "from" address on e-mail from outside the organization, as it is often faked by fraudsters and viruses. If you didn't expect a message, link, or attachment from someone, ask yourself why you should trust that it really came from the apparent sender, and that it's safe. When in doubt, it's a good idea to call and verify that they sent you the message.

Shh! Don't say it out loud. The cubes have ears

2010-06-03T14:47:16-07:00

Office workspaces seem to be smaller and smaller. It is therefore harder to keep secrets when everyone is within earshot. When necessary use handwritten notes for transferring confidential information, and then shred the papers when done.