Watering hole attack prevention

Watering hole attack prevention

A watering hole attack is an indirect attack on a victim. Rather than directly attacking the victim’s network, the attacker attacks a web site that the victim’s employees are likely to visit. Then the attacker attacks the victim’s network, via its own workstations, from that web site. A former colleague asked me how you protect against watering hole attacks, and I thought this was a good exercise. So here are some strategies for watering hole attack prevention.

Read more

Common security attacks and countermeasures

As a security professional, I talk to a lot of people about common security attacks and countermeasures. I’m not always certain the people I’m talking to know what these things mean. I am almost certain they aren’t willing to ask.

I know it’s more complicated than it was when I took my Security+ exam a decade ago. The stakes are much higher now. The attacks I had to identify caused inconvenience, but someone conducting a successful smurf attack on your printer won’t get you in the headlines. Today’s attacks will.

Read more

Dangers of public wifi — and how to stay safe

When it comes to the dangers of public wifi, many people tend to take one of two extreme approaches. Some don’t give it a thought at all. Some refuse to use it at all. Neither approach is completely practical. So what are the dangers of public wifi, and how can you avoid them?

Here are the dangers and the precautions to take against them.

Read more

Migrate Windows 7 to SSD or install fresh?

Here’s a good question. Should you migrate Windows 7 to SSD or install fresh? And what about Windows 10? This is likely to be controversial and everyone has an opinion. I’ll weigh the pros and cons of each, as a guy who knows  a little about optimizing Windows, and who has been using SSDs since 2009.

Read more

Chrome says your file may have been moved or deleted

Chrome says your file may have been moved or deleted

When opening locally stored PDFs in Chrome, sometimes Chrome says the file may have been moved or deleted. More specifically, the error message says “Your file was not found. It may have been moved or deleted. ERR_FILE_NOT_FOUND.” But nobody moved or deleted the file, because I just clicked on it. In fact, I could still see it sitting right there in Windows Explorer.

Oddly enough, I had other files in the very same folder that opened fine. No errors. Here’s how I found the problem, fixed it, and avoided it in the future.

Read more

I read Microsoft’s site to a “Microsoft” scammer

“Daniel” from “Microsoft” called me the other day. The number looked halfway legit so I picked up. He out and out claimed to be from Microsoft and said he was getting alerts from my computer. His voice sounded familiar–I think I’d talked to him before.

“Which computer?” I asked.

“Your Microsoft computer,” he said.

Read more

A guide for safe and private web browsing

Continuing in the theme I’ve been following for the last couple of days, here’s a guide to security and privacy with web browsers. Like the guide I linked to yesterday, I’m not sure I agree with it 100%–I think saying never use Internet Explorer is too absolute–but I do agree with the overwhelming majority of it, and if everyone did all of this instead of what they’re doing now, we’d be in a much better state.

And, on a somewhat related note, here’s a rundown of what Windows 10 changes in the way of privacy, and some recommendations, but here’s a hint: You’re going to want to type privacy into your Windows search bar, pull up everything related, and start shutting stuff off. Use your discretion, but chances are there will be several things. If nothing else, there are things that are appropriate for a Windows tablet that aren’t appropriate for a desktop PC.

Let’s get back to privacy and safety in general, whatever OS you’re running. Here are some highlights.

Read more

Application whitelisting on Windows, even home editions

One of the very best things security measures you can take is application whitelisting–limiting the apps that are allowed to run on your computer.

The Australian Signals Directorate–the Australian counterpart to the NSA–says doing four things cuts security incidents by a whopping 85 percent. You probably do three of the things. The fourth is application whitelisting.

  • use application whitelisting to help prevent malicious software and unapproved programs from running
  • patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office
  • patch operating system vulnerabilities
  • restrict administrative privileges to operating systems and applications based on user duties.

Read more

Browser extensions are the new adware, and sometimes comes with surprises

I sometimes show my age by making jokes about Bonsai Buddy and Gator and Hotbar, but ads injected in browsers are a problem that’s coming back. And sometimes these ads come with malicious payloads, installing unwelcome software on your computer to maintain persistence.

Problems like this are the reason I tend not to load my browsers down with lots of extensions. Sometimes the functionality is cool, but I’ve always found ways to get what I need done with a stock browser, and then I have a better idea of what I’ve gotten myself into. I’m beholden enough to the agendas of Microsoft, Mozilla, or Google as it is; I don’t need third parties injecting their agendas into the mix, especially when they may be malicious.

And besides that, a lot of extensions tend to be very memory- or CPU-hungry. I have enough memory on most of my machines that I can dedicate 2 GB of RAM to a web browser, but I’m not sure why I should have to.

The fewer extensions you load onto your web browsers, the safer you’ll be, and in the long term, I’d wager the happier you’ll be as well.

WordPress Appliance - Powered by TurnKey Linux