15 Apr

8 Computer Security Tips

8 computer security tips

The weekend is only in 2 days and summer is approaching … So why not review your Computer Security and gives yourself the best gift possible, the peace of mind?

It is good to do a safety check on a regular basis to ensure that you have all the chances on our side to stop malicious attacks viruses or other intrusions.

Let’s see some computer security tips, which you may choose to add to your “check list” :

 

1. Passwords

The rule is to change your passwords frequently and give them a high level of security. Avoid using the same password for all access in different systems: Banking, Website, Email, Facebook, etc.

You must absolutely never write down your password list in a file on your computer because you will undermine all your security efforts. Either you remember your complex passwords, or you use a software or external security service. Internet Cloud Canada does not recommend a software or an external service, as safety is a personal matter.

How to remember passwords? First forget what is a passwords. Instead, think of sentences or a unique situation which marked you. Personally, I have a few sentences of my childhood (out of my imagination and some life situations). These sentences, becames little jokes and word games.

These little stories have became too, my personal passwords for various levels of security. I have a sentence with regard to finance, another for what I use for personal access, another for web browsing etc. I have accumulated enough to create a level of security that no supercomputer will never guess because my sentences are long, absurd, illogical and silly!

However, this is the best protection and I recommend it. At worst, invent them, repeat them and you will see how they make excellent passwords!

 

2. Use different email addresses

It is easy to get free emails on the Internet. Use them to build your access in different services. So, have a different email for Facebook, Twitter and another for your web ite, it is best to use for websites a generic email as: infos@yoursite.com, sales@yoursite.com etc.

This way, it’s easy to target a possible security breach and if you receive a lot of “spam” on a free email, you can change it quickly and eliminate them without hassle.

Access to your bank accounts must be on protected emails (not free ones like hotmail, gmail or others). These emails should only be used for your finances, do not use them for regular email exchanges.

 

3. Virtualize your Internet navigation

There are plenty of free solutions to virtualize a web environment. This allows you to load and use a resource on your computer that is confined to the virtual block. During a virus attack your computer is completely safe, you only have to destroy the virtualized space and create another one if you are under attack. Your computer will never get severe infections due to this one little security tip!

 

4. Credit cards

Use with confidence your credit cards on the internet, if the website you are purchasing is recognized and includes security features such as an https address and a valid security certificate. You can test if a website has a security certificate by going to the free tool offered by GEOTRUST.

Never buy with your Debit Card online because the bank protections are not the same and they give too much information / access to your real accounts.

 

5. Logout of websites

You have to disconnect persistent “logins”. Obviously, it’s faster and easier to stay connected by cookies, but it is exploitable by an attacker if the site shows programming deficiencies or if an “exploit” is perceived.

 

6. Enter your own addresses

Often the emails contain links that we need to click to access a service. These links can be modified in order to direct you to a phishing site. It is best to write your own links or create your list of favorites. You’ll be sure to be at the right place!

 

7. Updates

You need to install all your updates. From the operating system, your browser, your software, your programs and extensions. ALL OF THEM !

 

8. Be informed

Join US-CERT and be informed of threats in real time.

You can add these tips to your checklist if they are not already there!

Share this
14 Apr

Ransomware protection, keep the malwares out!

Ransomware protection, keep the malwares out!
Ransomware protection, keep the malwares out!

We often hear of viruses and in the category of “malwares”, there is “ransomwares”. These viruses are specifically designed to infiltrate your computer, create a unique encryption key and lock your files.

The release key is obviously available only from the pirate who infected you. He asks a ransom to unlock your files.

Encryption keys are usually impossible to submit to Brute force attacks by passwords software. Some solutions may be developed by reputable companies in the field of computer security, but these solutions are rare and can take time to be available or to process your particular situation.

So you find yourself in front of a dead end, pay or not to pay the ransom?

 

A phenomenon that affects even the police departements!

Recently, the Sheriff’s Office in the towns of Damariscotta, Waldoboro, Wiscasset and Boothbay Harbor in Lincoln County (Maine, United States), have been a target. They shared one server and one of their employees has possibly opened a file received by email which spread and block all their files.

 

To pay or not pay the ransom?

The rule is DO NOT PAY ransom. Although the police departement mentionned earlier, have paid  the $ 300 requested in bitcoins. They tried everything to get their files back but without luck. An embarrassing situation for a public protection service.

Obviously, this is the goal of cybercriminals to take you by surprise. So to make sure you’ll not be in the same situation as those peace officers, we must see how to prepare for this type of attack.

 

Ransomware Protection

These few basic rules will adequately prepare you to handle the situation:

1. Make backups, more backups. In several places, on several machines and preferably on a server that does not share the same accounts or departments. Each backups servers must rely on a private sub system, out of eventual breaches.

2. Have two separate software solutions, which operate in a common effort for the verification of virus threats in emails.

3. Block all addresses to Darkweb (Tor network), inbound and outbound. A good hardware and / or a computer technician can certainly help you in this process.

4. Establish with your family or colleagues / employees, a small training to recognize phishing attacks, these fraudulent emails / email scams on the Internet. Be aware that in most cases:

– An unexpected email;

– An offer too good to be true;

– A file attached to an unknown transmitter into an email;

– An extension .EXE or attached image file;

– An email in a language other than your own;

– The demand almost mandatory to click a link in the email;

Contains SURELY A SCAM OR A POSSIBLE ATTACK, or at least, should awake you to stay alert.

 

In terms of hardware, software and staff

I personally use a technique that help me so far be out of any threats. I open all my emails on an old iPad. Even if I adopt a preventive approach, I do not take any risks.

Even if a malware existed for IPad and locks my files, I lose nothing. In addition, it allows me to destroy suspicious emails before synchronizing my other devices.

If however, you are not able to follow the same path as me, you can always personally or in your company:

A) Activate the option on your computer to show all file extensions in visible mode. This will inform you of a suspicious file that will have a “.EXE” extension. As an image: Clown.jpg.exe

B) If you have aan ntivirus software and / or hardware that enables filtering of your files, make sure to block the extension “.exe”. “BIN” and “.ZIP”

C) If you use Windows, you can set rules to prevent the execution of files in the folder: AppData / LocalAppData.

D) Disable the “Remote Desktop Protocol” on your machine.

E) Have an approved version of a recognized antivirus and keep it updated.

F) Limit data access to a small group of people if you are in business

G) Keep all departments on different servers to guard from a global attack.

 

 

The damage is done?

Despite all the good attention , the inevitable can happen. If you end up with a threat of malware in your computer, do these steps:

1. If you notice in time or have doubts and no blocking window is displayed that your files are blocked, immediately disconnect your internet connection.

2. Restart in “safe” mode under Windows. If an equivalent solution exists for the operating system you use, do it or go into terminal mode. Change the BIOS date and time to an earlier state, it may play a role on viruses that triggers themselves on a precise date and time.

3. Restore your computer to a date you are sure not to be infected with anything.

4. Copy your critical data to an external media.

5. Format your disk, reinstall a new copy of the operating system with all the required software protection.

6. Perform a “scan” of your external media before putting your files back on your new installation.

7. Keep this copy of your data in a secure place.

Nothing is better than a good analysis of the situation. Do not click without read, evaluate and understand!

Share this
10 Apr

Portect WordPress with the WORDFENCE Plugin

Wordfence plugin to counter attacks from hackers. Fbi has posted some warnings this week

Secure your WordPress installation

The FBI (Federal Bureau of Investigation, USA), has issued press releases this week mentioning that some supporters of the Islamists cause are working to identify vulnerabilities in WordPress websites and extensions of this CMS.

It has become a trend to hack everything and as such, you must be sure to protect your WordPress Website. We have already published many articles about it, but prevention and some addition of safety is always appropriate.

If your website is difficult to hack and request a tremendous job for the hacker to bypass all the defenses in place, he will give up and go for an easier target. Same observation for the criminals breaking in houses. Unless been exceptional the culprit is lazy and search the maximum impact with the least possible effort made.

wordfence plugin . Complete security for your wordpress installation

Raise the bar high

We will in this article, use WORDFENCE PLUGIN. a FREE extension, that will raise the bar so high that your WordPress site will be protected.

Before setting an alarm in a house, we make sure that doors and windows are closed and locked. You should make sure before installing a security extension like WORDFENCE that WordPress is updated and all other extensions you have, even commercial ones. Otherwise, it is useless!

 

Complete security

Obviously WORDFENCE is a all inclusive security plugin but it will not replace an experienced technician. It’s a convenient solution to secure a wordpress installation.

Once the extension is enabled, tying a “security scan” , then you will have a list of things to fix. You can also enter your email to receive security alerts, or you can like us, sign up directly at:  US-CERT.

 

Addons

WORDFENCE also offers live view of your traffic on your website, allowing you to see the current situation. It verifies the internal files by comparing the original files to target any malicious code. You will also get 2 very fast cache engines that will increase the performance and speed of your site.

An really valuable tool to secure your data.

Share this

© 2018-2023 Internet Cloud Canada.Tous droits réservés. (Sitemap).