How to Stay Safe

Passwords provide the first line of defence against unauthorised access to your organization.

It is now more common each and every day to hear reports of website breaches and leaks of customer data, often attacked are indirect crack a weaker system to get into another normally more secure subsystem, the role that passwords play in securing an organization's network both internal and external is often underestimated and overlooked.

Convenience as the Enemy of Security
Even with a complex, easy to remember the passphrase, we sometimes get tired of typing it in. Especially for accounts, we need to access regularly. In these cases, many people will opt to allow their browser to save their passwords for specific websites.

The problem with this is two-fold.
Firstly, if someone is able to open your browser, revealing all of your saved passwords takes only three mouse clicks. If you are using some browsers, which sync your account information across all devices you use, (including auto-filling your passwords…) then gaining access to your browser on one system could potentially give someone access to ALL devices you have synced to that account.

Secondly, we are also faced with the dilemma that we need to use passwords in so many different places, that most people end up using the same password for multiple accounts. So even if you only allow the browser to store one of your passwords, chances are pretty good that you’ve used the same password for at least three other accounts.

Try to
Use a different password for each of your important accounts, like your email, SQL database, Root, administrator passwords and so on, even the ones for your online banking accounts. Re-using passwords is risky. If someone figures out your password for one account, that person could potentially gain access to your email systems, admin accounts and much more.

Weak passwords provide attackers with easy access to your computers and network, while strong passwords are considerably harder to crack, even with the password-cracking software that is available today. Password-cracking tools continue to improve, and the computers that are used to crack passwords are more powerful than ever. 

Common methods of password cracking

Password-cracking software uses one of three approaches:
  • Intelligent guessing,
  • Dictionary attacks,
  • and Brute-force automated attacks,
that try every possible combination of characters. Given enough time, the automated method can crack any password. However, strong passwords are much harder to crack than weak passwords. A secure computer has strong passwords for all user accounts.. A Weak Password:
  • Is no password at all
  • Contains your user name, real name, or company name
  • Contains a complete dictionary word. For example, Password is a weak password.
A Strong Password:
  • Is at least eight characters long
  • Does not contain your user name, real name, or company name
  • Does not contain a complete dictionary word
  • Is significantly different from previous passwords. Passwords that increment (Password 1, Password 2, Password 3 ...) are not strong

Using numbers, symbols and mix of upper and lower case letters in your password makes it harder for someone to guess your password. For example, an eight-character password with numbers, symbols and mixed-case letters are harder to guess because it has 30,000 times as many possible combinations than an eight-character password with only lower case letters. Contains characters from each of the following four group

Upper Case Letters A, B, C …
Lower Case Letters a, b, c …
Numerals 0, 1,2, 3, 4, 5, 6, 7, 8, 9
Symbols ` ~ ! @ # $ % ^ & * ( ) _ + - = { } | \ : " ; ' < > ? , . /


Add an extra layer of security

Once you’ve created a password, you can add an extra layer of security by enabling 2-Step Verification. 2-Step Verification requires you to have access to your phone, as well as your username and password when you sign in to your Google Account. This means that if someone steals or guesses your password, they still can't sign in to your account because they don't have your phone. Now you can protect yourself with something you know (your password) and something you have (your phone). Keep your passwords secure
Don't leave notes with your passwords to various sites on your computer or desk. People who walk by can easily steal this information and use it to compromise your account. If you decide to save your passwords in a file on your computer the use a trusted password manager may be a good solution.

Having a Secure password is good practice to follow, and can save you time, money, data and maybe your life?

on Saturday July 14 by Peter Atkin
Was this helpful?

Virus and Malware removal and prevention that we use and why
This is what we use in on a day to day bases, I make no claim as to if this is the best or not, we find this works 99% of the time for us.

Some background on the various tools.

  1. Microsoft Security Essentials, this we have found to be almost unparalleled in finding those hard to find rootkits and malware that embed themselves deeply in the OS, make sense really after all Microsoft made the OS.
  2. G-Date, ok let’s be honest not the first choice for ease of use at the business end, and takes a fair amount of resources, however, if you’re willing to put some effort in configuring and have a reasonable machine this is the best first line defense we have come across, it’s a bit flaky with it AV updates and always has been so you need to make sure that both databases are updated without any issues.
  3. Hitman Pro, we can’t take credit for this a client came in with some issues and did a song and dance about Hitman Pro as a second defence, so we gave it a try and was to say the least impressed it is now part of our AV arsenal.
  4. ClamWin has been around for some time it's very good as an offline/call on-demand scanner nice to have a second opinion.
  5. Microsoft Safety Scanner, this is quite new to us and still very much in a test but so far all results indicate that this will join our AV arsenal.
  6. Panda seems to be very good at spotting and removing malware generally and good as the second option to MSS above.

For SMB prevention we use:

For Enterprise prevention we use:

For removal and checking we use:

There is plenty of information about all these products on their related sites I see no reason to duplicate the information here, so please do your due diligence and if you come across any good tools please let us know, we will test and if they make the grade we will add them here and to our AV arsenal.

If you want to know who is considered the best in the enterprise field look at the latest Gartner report: Magic Quadrant for Endpoint Protection Platforms.

It's easy to scaremonger however given today's hostile internet and lack of understanding of modern digital threats coupled with poor user practices, these treats are very real so the solutions should be too.

on Saturday July 14 by Peter Atkin
Was this helpful?

Windows Sandbox (Windows 10 version 1903)

One of the more interesting features of Windows 10 version 1903, otherwise known as the May 2019 Update, is the Windows Sandbox. The Windows Sandbox is a Windows 10 virtual machine that can be quickly launched so you can test downloaded programs, browsers extensions, and suspect sites without risk of infecting your normal Windows operating system.

For those who are security conscious and do not want to deal with installing a dedicated virtual machine program like VirtualBox, Hyper-V, or VMWare, you can instead install Windows Sandbox for a very basic Windows 10 virtual machine.

Installing the Windows Sandbox

Before you can install the Windows Sandbox, you first need to make sure your computer meets certain requirements. These are:

  • Windows 10 Pro or Enterprise build 1903 or later.
  • AMD64 architecture
  • Virtualization capabilities enabled in BIOS
  • At least 4GB of RAM (8GB recommended)
  • At least 1 GB of free disk space (SSD recommended)
  • At least 2 CPU cores (4 cores with hyper-threading recommended

To install Windows Sandbox, simply follow these steps:

  1. Make sure you are using Windows 10 Pro or Enterprise running version 1903 or later.
  2. Make sure CPU's virtualization is enabled in the computer's BIOS.
  3. Click the Start button and search for Windows Features. When it appears in the search results, click on the Turn Windows features on or off control panel result.
  4. Open Windows Features Control Panel When the Windows Features control panel opens, scroll down and put a check in the box next to Windows Sandbox and then press the OK button.
  5. After it has finished installing, Windows may ask you to reboot. Please allow it to do so.

The Windows Sandbox is now installed.

Using the Windows Sandbox

To use the Windows Sandbox, click on the Start button and search for Windows Sandbox. When it appears in the search results, click on it to launch the program.

When the Windows Sandbox loads for the first time, it may take a bit longer than normal as it generates the Windows 10 image it will use for the virtual machine. Once loaded, you will be presented with a Window that contains a fully functional base Windows 10 installation.

With the Windows Sandbox running, you can easily transfer files that you want to be tested or copy text to and from its clipboard. To transfer a file from your main Windows operating system (the Host), simply right-click on a file you want to transfer and select Copy and Copy file on the Host

Now, go in the Windows Sandbox (the Guest) and right-click on the desktop and click on Paste to transfer the file from your Host.

Transferring text between the Host machine and the Guest sandbox is easy as well, just copy text into the clipboard from either the main OS or the Sandbox and paste it into the other.

As an example of how the Windows Sandbox could be used, I just visited a site that stated I needed an Adobe Flash Player update. It looked a little fishy, so instead of running it on my main machine, I can fire up the Windows Sandbox and transfer the file there to test it.

The good news is that anything you try out in the Windows Sandbox has no effect on your normal computer. So you can just try any program you download, malware or otherwise, or visit a web site and close the Sandbox when done with nothing to fear.

The next time you start it again, the Sandbox will be reset back to its default state so you can test more programs.

Sources

https://www.bleepingcomputer.com/news/microsoft/using-the-windows-sandbox-to-stay-safe-online/

on Saturday May 25 by Peter Atkin
Was this helpful?

Good Advice never gets old!

Most of us have had to deal with a computer virus or some sort of malware by now. It wasn’t fun; it was annoying, time-consuming, and very frustrating.

When our computers start slowing down or behaving in an unusual way, we are often quick to suspect that we have a virus. It might not be a virus, but it is likely that you have some sort of malware. Some are malicious, and others are just annoying. The worst culprits are the hijackers—malware programs that take over your browser, or worse yet, your computer. I have had to remove these types of evil programs from personal computers and work computers in the past, and I’m sure you have, too. Here are 10 tips on how to prevent malware from infecting your computer, keeping your hardware safe.

  1. Install Anti-Virus/Malware Software.

    This tip may go without saying, and I almost just casually mentioned it in my opening paragraph. However, I have seen many computers—especially home computers—that don’t have anti-virus/malware protection. This protection is a must-have first step in keeping your computer virus free.
  2. Keep Your Anti-Virus Software Up to Date.

    Having protection software is the first step; maintaining it is the second. Free anti-virus software is better than nothing, but keep in mind that it’s not the best solution. Microsoft does provide a security package for “free.” It’s free in that if you have Windows on your machine, you are granted access, but you did pay for your Windows license. Many users aren’t aware of this program, but it’s actually decent protection.
  3. Run Regularly Scheduled Scans with Your Anti-Virus Software.

    This too may seem like a no-brainer, but many of us forget to do this. Set up your software of choice to run at regular intervals. Once a week is preferred, but do not wait much longer between scans. It’s difficult to work on your computer while your anti-virus software is running. One solution is to run the software at night when you aren’t using your computer. However, we often turn off our computers at night, and so the scan never runs. Set your anti-virus software to run on a specific night, and always leave your computer running on that day. Make sure it doesn’t shut off automatically or go into hibernation mode.
  4. Keep Your Operating System Current.

    Whether you are running Windows, Mac OS X, Linux, or any other OS, keep it up to date. OS developers are always issuing security patches that fix and plug security leaks. These patches will help to keep your system secure. Similarly, keep your anti-virus software up to date. Viruses and malware are created all the time. Your scanning software is only as good as its database. It too must be as up to date as possible.
  5. Secure Your Network.

    Many of our computers connect to our files, printers, or the Internet via a Wi-Fi connection. Make sure it requires a password to access it and that the password is strong. Never broadcast an open Wi-Fi connection. Use WPA or WPA2 encryption. WEP is no longer strong enough as it can be bypassed in minutes by experts. It’s also a great idea to not broadcast your SSID (the name of your Wi-Fi network). You can still access it with your device, you will just have to manually type in the SSID and the password. If you frequently have guests who use your Internet, provide a guest SSID that uses a different password, just in case your friends are evil hackers.
  6. Think Before You Click.

    Avoid websites that provide pirated material. Do not open an email attachment from somebody or a company that you do not know. Do not click on a link in an unsolicited email. Always hover over a link (especially one with a URL shortener) before you click to see where the link is really taking you. If you have to download a file from the Internet, an email, an FTP site, a file-sharing service, etc., scan it before you run it. Good anti-virus software will do that automatically, but make sure it is being done.
  7. Keep Your Personal Information Safe.

    This is likely the most difficult thing to do on the Internet. Many hackers will access your files not by brute force, but through social engineering. They will get enough of your information to gain access to your online accounts and will glean more of your personal data. They will continue from account to account until they have enough of your info that they can access your banking data or just steal your identity altogether. Be cautious on message boards and social media. Lockdown all of your privacy settings, and avoid using your real name or identity on discussion boards.
  8. Don’t Use Open Wi-Fi.

    When you are at the local coffee shop, library, and especially the airport, don’t use the “free” open (non-password, non-encrypted) Wi-Fi. Think about it. If you can access it with no issues, what can a trained malicious individual do?
  9. Back Up Your Files.

    The best thing you can do is back up your files—all of them. Ideally, you will have your files (your data) in at least three places: the place where you work on them, on a separate storage device, and off-site. Keep your files on your computer, back them up to an external hard drive, then back them up in a different location. You can use a backup service or simply get two external hard drives and keep one at work, at a friend’s house, at a family member’s house, or in a safe deposit box.
  10. Use Multiple Strong Passwords.

    Never use the same password, especially on the sensitive accounts. Typically, we use the same email address or username for all of our accounts. Use a strong password. Use lower case, upper case, numbers, and symbols in your password. Keep it easy to remember but difficult to guess. Do not use dates or pet names.

Source

https://www.autodesk.com/redshift/10-tips-on-how-to-prevent-malware-from-infecting-your-computer/

on Saturday May 25 by Peter Atkin
Was this helpful?