RSS Feed
Latest Updates
Aug
13
Tips from Virsage: Backup and Recovery - August 2018
Posted by Andrea Montgomery on 13 August 2018 10:20 AM

Tips from Virsage: Backup and Recovery

August 2018

[**This article is intended for informational purposes and is especially helpful for your personal data and personal devices that are not business related.  Your company data is backed up as required by your company as long as it is saved according to your company policies.  If you have questions about your company’s back up policies feel free to ask Virsage at support@virsage.com **]


Backup & Recovery

If you use a computer or mobile device long enough, sooner or later something will go wrong, resulting in you losing your personal files, documents, or photos. For example, you may accidentally delete the wrong files, have a hardware failure, lose a device, or become infected with malware, such as ransomware. At times like these, backups are often the only way you can rebuild your digital life. In this newsletter, we explain what backups are, how to back up your data, and how to develop a simple strategy that’s right for you.

Backups: What, When, and How

Automated, reliable backups are often your last line of defense in protecting your data.

Backups are copies of your information stored somewhere other than on your computer or mobile device. When you lose valuable data, you can recover that data from your backups. Unfortunately, too many people fail to perform regular backups, even though they are simple and inexpensive. The first step is deciding what you want to back up. There are two approaches: (1) backing up specific data that is important to you; or (2) backing up everything, including your entire operating system. Many backup solutions are configured by default to use the first approach. They back up data from the most commonly used folders. In many cases, this is all you need. However, if you are not sure what to back up or want to be extra careful, back up everything.

Second, you must decide how frequently to back up. Built-in backup programs, such as Apple’s Time Machine or Microsoft Windows Backup and Restore, allow you to create an automatic, “set it and forget it” backup schedule. Common options include hourly, daily, weekly, etc. Other solutions offer “continuous protection,” in which new or altered files back up immediately each time you save a document. At a minimum, we recommend automated daily backups.

Finally, you need to decide how you are going to back up. There are two ways to back up your data: physical media or Cloud-based storage. Each approach has advantages and disadvantages. If you are not sure which approach to use, you can use both at the same time. Physical media are devices you control, such as external USB drives or Wi-Fi accessible network devices. The advantage of using your own physical media is it enables you to back up and recover large amounts of data very quickly. The disadvantage of such an approach is if you become infected with malware, such as ransomware, it is possible for the infection to spread to your backups. Also, if you have a disaster, such as fire or theft, it can result in you losing not only your computer, but the backups as well. As such, if you use external devices for backups, you should store a copy of your backup off-site in a secure location. Make sure backups you store off-site are properly labeled.

Cloud-based solutions are online services that store your files on the Internet. Typically, you install an application on your computer. The application then automatically backs your files, either on a schedule or as you modify them. An advantage of Cloud solutions is their simplicity--backups are often automatic and you can usually access your files from anywhere. Also, since your data resides in the Cloud, home disasters, such as fire or theft, will not affect your backup.  Finally, Cloud backups can help you recover from malware infections, such as ransomware, as many Cloud solutions allow you to recover from pre-infected versions. The disadvantages are it can take a long time to back up or recover very large amounts of data. Also, privacy and security is important. Does the backup service provide strong security controls, such as encrypting your data and two-step verification?

Finally, don’t forget your mobile devices. With mobile devices, most of your data, such as email, calendar events, and contacts, is already stored in the Cloud. However, your mobile app configurations, recent photos, and system preferences may not be stored in the Cloud. By backing up your mobile device, not only do you preserve this information, but it is easier to transfer your data when you upgrade to a new device. An iPhone/iPad can back up automatically to Apple’s iCloud. Android, or other mobile devices depend on the manufacturer or servicer provider. In some cases, you may have to purchase a mobile app designed specifically for backups.

Recovery

Backing up your data is only half the battle; you must be sure that you can recover it. Check periodically that your backups are working by retrieving a file and making sure it is the same as the original. Also, be sure to make a full system  backup before a major upgrade (such as moving to a new computer or mobile device) or a major repair (like  replacing a hard drive) and verify that it is restorable.

Key Points

Regardless of what solution you use to back up your data, make sure you automate your backups and check them periodically.

When rebuilding a system from backup, be sure you reapply the latest security patches and updates before using it again.

Outdated backups that are no longer needed are a liability; destroy them to prevent access by unauthorized individuals.

If you are using a Cloud solution, research the policies and reputation of the provider and make sure they meet your requirements. For example, do they encrypt your data? Do they support strong authentication, such as two-step verification?

License

OUCH! newsletter is under the Creative Commons license.  You are free to share / distribute it but may not sell or modify it.

Find this article online:  https://www.sans.org/security-awareness-training/ouch-newsletter/2017/backup-recovery


Read more »



Jul
16
Tips from Virsage: Stop that Phish - July 2018
Posted by Andrea Montgomery on 16 July 2018 12:56 PM

Tips from Virsage: Stop that Phish

July 2018

 

Stop That Phish

Overview

Email and messaging services (such as Skype, Twitter, or Snapchat) are one of the primary ways we communicate. We not only use these technologies every day for work, but also to stay in touch with friends and family. Since so many people around the world depend on these technologies, they have become one of the primary attack methods used by cyber attackers. This attack method is called phishing. Learn what phishing is and how you can spot and stop these attacks, regardless if you are at work or at home.

What Is Phishing

Phishing is a type of attack that uses email or a messaging service to fool you into taking an action you should not take, such as clicking on a malicious link, sharing your password, or opening an infected email attachment. Attackers work hard to make these messages convincing and tap your emotional triggers, such as urgency or curiosity. They can make them look like they came from someone or something you know, such as a friend or a trusted company you frequently use. They could even add logos of your bank or forge the email address so the message appears more legitimate. Attackers then send these messages to millions of people. They do not know who will take the bait, all they know is the more they send, the more people will fall victim.

Protecting Yourself

In almost all cases, opening and reading an email or message is fine. For a phishing attack to work, the bad guys need to trick you into doing something. Fortunately, there are clues that a message is an attack. Here are the most common ones:

  • A tremendous sense of urgency that demands “immediate action” before something bad happens, like threatening to close an account or send you to jail. The attacker wants to rush you into making a mistake.
     
  • Pressuring you to bypass or ignore your policies or procedures at work.
     
  • A strong sense of curiosity or something that is too good to be true. (No, you did not win the lottery.) 
     
  • A generic salutation like “Dear Customer.” Most companies or friends contacting you know your name. 
     
  • Requesting highly sensitive information, such as your credit card number, password, or any other information that a legitimate sender should already know. 
     
  • The message says it comes from an official organization, but has poor grammar or spelling or uses a personal email address like @gmail.com. 
     
  • The message comes from an official email (such as your boss) but has a Reply-To address going to someone’s personal email account. 
     
  • You receive a message from someone you know, but the tone or wording just does not sound like him or her. If you are suspicious, call the sender to verify they sent it. It is easy for a cyber attacker to create a message that appears to be from a friend or coworker.

Ultimately, common sense is your best defense. If an email or message seems odd, suspicious, or too good to be true, it may be a phishing attack. Subscribe to OUCH! and receive the latest security tips in your email every month!

Resources

Social Engineering
Helping Others Secure Themselves
Email Do’s and Don’ts
CEO Fraud
OUCH! Translations and Archives

License

OUCH! newsletter is under the Creative Commons license.  You are free to share / distribute it but may not sell or modify it.

 

Find this article online:  https://www.sans.org/security-awareness-training/resources/stop-phish


Read more »



Jun
12
Tips from Virsage: Stop That Malware- June 2018 Newsletter
Posted by Andrea Montgomery on 12 June 2018 11:23 AM

Tips from Virsage: Stop that Malware

 

June 2018

Stop That Malware

Overview

You probably have heard of terms such as virus, Trojan, ransomware, or rootkit when people talk about cyber security. These are different types of malicious programs, called malware, that cyber criminals use to infect computers and devices. Once installed, they can do whatever they want. Learn what malware is, what danger it poses, and most importantly, what you can do to protect yourself from it.

What Is Malware?

Simply put, malware is software--a computer program--used to perform malicious actions. This term is a combination of the words malicious and software. Cyber criminals install malware on your computers or devices to gain control over them. Once installed, malware can enable criminals to spy on your online activities, steal your passwords or files, or use your system to attack others. Malware can even take control of your own files, demanding that you pay a ransom to get them back. Many people believe that malware is a problem only for Windows computers. Unfortunately, malware can infect any device, from Mac computers and smartphones to DVRs and security cameras. The more computers and devices cyber criminals infect, the more money they can make. Therefore, everyone is a target, including you.

Protect Yourself - Stop Malware

You may think that all you have to do is install a security program like anti-virus software and you are safe from getting infected. Unfortunately, anti-virus cannot stop all malware. Cyber criminals are constantly developing new and more sophisticated malware that can evade detection. In turn, anti-virus vendors are constantly updating their products with new capabilities to detect malware. In many ways it has become an arms race, and the bad guys are usually one step ahead. Since you cannot rely on anti-virus alone, here are additional steps you should take to protect yourself:

  • Cyber criminals often infect computers or devices by exploiting vulnerabilities in your software. The more current your software is, the fewer vulnerabilities your systems have and the harder it is for cyber criminals to infect them. Make sure your operating systems, applications, browser and browser plugins, and devices are always updated and current. The easiest way to ensure this is to enable automatic updating whenever possible.
  • A common way cyber criminals infect computers or mobile devices is by creating fake computer programs or mobile apps, posting them on the Internet, and then tricking you into downloading and installing one. Only download and install programs or apps from trusted online stores. Also, stay away from mobile apps that are brand new, have few positive reviews, are rarely updated, or have been downloaded by a small number of people. No longer using a computer program or mobile app? Delete it.
  • Cyber criminals often trick people into installing malware for them. For instance, they might send you an email that looks legitimate and contains an attachment or a link. Perhaps the email appears to come from your bank or a friend. However, if you were to open the attached file or click on the link, you would activate malicious code that installs malware on your system. If a message creates a strong sense of urgency or seems too good to be true, it could be an attack. Be suspicious, common sense is often your best defense.
  • Regularly back up your system and files to Cloud-based services, or store your backups offline, such as on disconnected external drives. This protects your backups in case malware attempts to encrypt or erase them. Backups are critical. They are often the only way you can recover from a malware infection.

Ultimately, the best way to defend against malware is to keep all your software and devices up-to-date, install trusted anti- virus software when possible, and be alert for anyone attempting to trick you into infecting your own system. When all else fails, regular backups are often the only way you can recover.

Subscribe to OUCH! and receive the latest security tips in your email every month - www.sans.org/security-awareness/ouch-newsletter.

Online Article:  https://www.sans.org/security-awareness-training/resources/stop-malware

Resources:

Ransomware          
Backups                  
Stop That Phish      

License

OUCH! is published by SANS Security Awareness and is distributed under the Creative Commons BY-NC-ND 4.0 license. You are free to share or distribute this newsletter as long as you do not sell or modify it. Editorial Board: Walt Scrivens, Phil Hoffman, Cathy Click, Cheryl Conley

 


Read more »



Apr
12
Tips from Virsage: Social Engineering - April 2018
Posted by Andrea Montgomery on 12 April 2018 10:03 AM

Tips from Virsage: Social Engineering - April 2018

 

Social Engineering

A common misconception most people have about cyber attackers is that they use only highly advanced tools and techniques to hack into people’s computers or accounts.  This is simply not true. Cyber attackers have learned that often the easiest way to steal your information, hack your accounts, or infect your systems is by simply tricking you into making a mistake. In this newsletter, you will learn how these attacks, called social engineering, work and what you can do to  protect yourself.

 

What Is Social Engineering?

Social engineering is a psychological attack where an attacker tricks you into doing something you should not do. The concept of social engineering is not new; it has existed for thousands of years. Think of scammers or con artists, it is the very same idea. What makes today’s technology so much more effective for cyber attackers is you cannot physically see them; they can easily pretend to be anything or anyone they want and target millions of people around the world,  including you. In addition, social engineering attacks can bypass many security technologies. The simplest way to understand how these attacks work and protect yourself from them is to take a look at two real-world examples.

You receive a phone call from someone claiming to be from a computer support company, your ISP, or Microsoft Tech Support. The caller explains that your computer is actively scanning the Internet. They believe it is infected and have been tasked with helping you secure your computer. They then use a variety of technical terms and take you through confusing steps to convince you that your computer is infected. For example, they may ask you to check if you have certain files on your computer and walk you through how to find them. When you locate these files, the caller assures you that these files prove that your computer is infected, when in reality they are common system files found on almost every computer in the world. Once they have tricked you into believing your computer is infected, they pressure you into buying  their security software or giving them remote access to your computer so they can fix it. However, the software they are selling is actually a malicious program. If you purchase and install it, not only have they fooled you into infecting your computer, but you just paid them to do it. If you give them remote access to your computer, they are going to take it over, steal your data, or use it for their bidding. 

Common sense is your most powerful defense in identifying and stopping most social engineering attacks.

 

Another example is an email attack called CEO Fraud, which most often happens at work. This is when a cyber attacker researches your organization online and identifies the name of your boss or coworker. The attacker then crafts an email pretending to be from that person and sends the email to you. The email urgently asks you to take an action, such as conducting a wire transfer or emailing sensitive employee information. Quite often, these emails pretend there is an emergency that urgently requires you to bypass standard security procedures. For example, they may ask you to send the highly sensitive information to a personal @gmail.com account. What makes targeted attacks like these so dangerous is the cyber attackers do their research beforehand. In addition, security technologies like anti-virus or firewalls cannot detect or stop these attacks because there is no malware or malicious links involved.

Keep in mind, social engineering attacks like these are not limited to phone calls or email; they can happen in any form, including text messages on your phone, over social media, or even in person. The key is to know what to look out for--you are your own best defense.

 

Detecting/Stopping Social Engineering Attacks

Fortunately, stopping such attacks is simpler then you may think—common sense is your best defense. If something seems suspicious or does not feel right, it may be an attack. The most common clues of a social engineering attack include:

  • Someone creating a tremendous sense of urgency. They are attempting to fool you into making a mistake.
  • Someone asking for information they should not have access to or should already know, such as your account numbers.
  • Someone asking for your password. No legitimate organization will ever ask you for that.
  • Someone pressuring you to bypass or ignore security processes or procedures you are expected to follow at work.
  • Something too good to be true. For example, you are notified you won the lottery or an iPad, even though you never even entered the lottery.
  • You receive an odd email from a friend or coworker containing wording that does not sound like it is really them. A cyber attacker may have hacked into their account and is attempting to trick you. To protect yourself, verify such requests by reaching out to your friend using a different communications method, such as in person or over the phone.
  • If you suspect someone is trying to trick or fool you, do not communicate with the person anymore. If the attack is work related, be sure to report it to your help desk or information security team right away. Remember, common sense is often your best defense.

https://www.sans.org/security-awareness-training/ouch-newsletter/2017/social-engineering


Read more »



Apr
10
Tips from Virsage: Securely Using Mobile Apps - March 2018
Posted by Andrea Montgomery on 10 April 2018 09:43 AM

Tips from Virsage: Securely Using Mobile Apps

March 2018

Securely Using Mobile Apps

 

Overview

Mobile devices, such as tablets, smartphones, and watches, have become one of the primary technologies we use in both our personal and professional lives. What makes mobile devices so versatile are the millions of apps we can choose from. These apps enable us to be more productive, instantly communicate and share with others, train and educate, or just have more fun. However, with the power of all these mobile apps comes risks. Here are some steps you can take to securely use and make the most of your mobile apps.

 

Guest Editor

Joshua Wright is the technical director at Counter Hack and a senior instructor with the SANS Institute. He is the author of SEC575: Mobile Device Security and Ethical Hacking and Hacking Exposed: Wireless. Reach Josh on Twitter @joswr1ght.

 

Obtaining Mobile Apps

The first step is making sure you always download mobile apps from a safe, trusted source. Cyber criminals have mastered their skills at creating and distributing infected mobile apps that appear to be legitimate. If you install one of these infected apps, criminals can take complete control of your mobile device. By downloading apps from only well-known, trusted sources, you reduce the chance of installing an infected app. What you may not realize is the brand of mobile device you use determines your options for downloading apps.

For Apple devices, such as an iPad or iPhone, only download mobile apps from the Apple App Store. The advantage to this is Apple does a security check of all mobile apps before they are made available. While Apple cannot catch all the infected mobile apps, this managed environment helps to dramatically reduce the risk of installing an infected app. In addition, if Apple does find an app in its store that it believes is infected, it will quickly remove the mobile app. Windows Phone uses a similar approach to managing applications. 

Android  mobile  devices  are  different. Android  gives  you more flexibility by being able to download a mobile app from anywhere on the internet. However, with this flexibility comes more responsibility. You have to be more careful about which mobile apps you download and install, as not all of them are reviewed. Google does maintain a managed mobile app store similar to Apple’s, called Google Play. The mobile apps you download from Google Play have passed some basic security checks. As such, we recommend you download your mobile apps for Android devices only from Google Play. Avoid downloading Android mobile apps from other websites, as anyone--including cyber criminals--can easily create and distribute malicious mobile apps and trick you into infecting your mobile device. As an additional protection, install anti-virus on your mobile device when possible.

Regardless of which device you are using, an additional step you can take is to avoid apps that are brand new, that few people have downloaded, or that have very few positive comments. The longer an app has been available, the more people that have used it, and the more positive comments it has, the more likely that app can be trusted. In addition, install only the apps you need and use. Ask yourself, do I really need this app? Not only does each app potentially bring new vulnerabilities, but also new privacy issues. If you stop using an app, remove it from your mobile device. (You can always add it back later if you find you need it.) Finally, never jailbreak or root your mobile device. This is the process of hacking into it and installing unapproved apps or changing existing, built-in functionality. This not only bypasses or eliminates many of the security controls built into your mobile device, but often also voids warranties and support contracts.

 

Permissions

Once you have installed a mobile app from a trusted source, make sure it is safely configured and protecting your privacy. Always think before allowing a mobile app access: do you want to grant the app the permission it asks for, and does the app really need it? For example, some apps use geo-location services. If you allow an app to always know your location, you may be allowing the creator of that app to track your movements, even allowing the app author to sell that information to others. If you do not wish to grant the permissions, deny the permission request or shop around for another app that meets your requirements. Remember, you have lots of choices out there.

 

Updating Apps

Mobile apps, just like your computer and mobile device operating system, must be updated to stay current. Criminals are constantly searching for and finding weaknesses in apps. They then develop attacks to exploit these weaknesses. The developers that created your app also create and release updates to fix these weaknesses and protect your devices. The more often you check for and install updates, the better. Most devices allow you to configure your system to update mobile apps automatically. We recommend this setting. If this is not possible, then we recommend you check at least every two weeks for updates to your mobile apps. Finally, when your apps are updated, always make sure you verify any new permissions they might require.

 

Subscribe To OUCH!

Receive OUCH! monthly in your email inbox. Join the community and subscribe to the OUCH! security awareness newsletter at  https://securingthehuman.sans.org/ouch.

 

Resources

Social Engineering:                                  https://securingthehuman.sans.org/ouch/2017#january2017

Disposing Your Mobile Device:                https://securingthehuman.sans.org/ouch/2016#december2016

Securing Your New Tablet:                      https://securingthehuman.sans.org/ouch/2016#january2016

OUCH Archives & Translations:               https://securingthehuman.sans.org/ouch/archives

Mobile Device Security Course:               https://sans.org/sec575

License

OUCH! is published by SANS Securing The Human and is distributed under the  Creative Commons BY-NC-ND 4.0 license. 

You are free to share or distribute this newsletter as long as you do not sell or modify it. For past editions or translated versions,

visit securingthehuman.sans.org/ouch/archives. Editorial Board: Bill Wyman, Walt Scrivens, Phil Hoffman, Bob Rudis, Cheryl Conley

 

securingthehuman.sans.org/blog          /securethehuman           @securethehuman       securingthehuman.sans.org/gplus

 

 

Find this article online at:  https://securingthehuman.sans.org/newsletters/ouch/issues/OUCH-201703_en.pdf



Read more »