Category: Security

Factors of Authentication

Factors of Authentication

Why aren’t passwords sufficient? Passwords are a good first layer of protection, but attackers can guess or intercept passwords. Additional security measures can protect you even if an attacker does obtain your password. You can strengthen that first layer of protection by avoiding passwords based on personal information; using the longest password or passphrase possible(8–64

Read More
Choosing and Protecting Passwords

Choosing and Protecting Passwords

Why do you need strong passwords? You probably use personal identification numbers (PINs), passwords, or passphrases every day: from getting money from the ATM or using your debit card in a store, to logging in to your email or into an online retailer. Tracking all of the number, letter, and word combinations may be frustrating,

Read More
Using Caution with USBs

Using Caution with USBs

What are the risks associated with using USBs? USB drives, sometimes known as thumb drives, are small, readily available, inexpensive, and portable, so they are popular for storing and transporting files from one computer to another. However, these same characteristics make them appealing to attackers. Attackers can use USB drives to infect other computers with

Read More
Securely Erasing Files

Securely Erasing Files

Where do deleted files go? When you delete a file, depending on your operating system and your settings, it may be transferred to your trash or recycle bin. This “holding area” essentially protects you from yourself —if you accidentally delete a file, you can easily restore it. However, you may have experienced the panic that

Read More
Proper Disposal of Electronic Devices

Proper Disposal of Electronic Devices

Why is it important to dispose of electronic devices safely? In addition to effectively securing sensitive information on electronic devices, it is important to follow best practices for electronic device disposal. Computers, smartphones, and cameras allow you to keep a great deal of information at your fingertips, but when you dispose of, donate, or recycle

Read More
Understanding Malware

Understanding Malware

What is malware? Malware is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malware exist; including, but not limited to: Viruses have the ability to damage or destroy files on a computer system and are spread by sharing an already infected removable media,

Read More
Understanding Denial-of-Service (DoS) attacks

Understanding Denial-of-Service (DoS) attacks

What is a denial-of-service attack? A denial-of-service (DoS) attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor. Services affected may include email, websites, online accounts (e.g., banking), or other services that rely on the affected computer or network.

Read More
Ransomware

Ransomware

What is ransomware? Ransomware is a type of malware threat actors use to infect computers and encrypt computer files until a ransom is paid. (See Understanding Malware for more information on malware.) After the initial infection, ransomware will attempt to spread to connected systems, including shared storage drives and other accessible computers. If the threat

Read More
Spyware

Spyware

What is spyware? Despite its name, the term “spyware” doesn’t refer to something used by undercover operatives, but rather by the advertising industry. In fact, spyware is also known as “adware.” It refers to a category of software that, when installed on your computer, may send you pop-up ads, redirect your browser to certain web

Read More
Recovering From Malware

Recovering From Malware

How do you know your computer is infected? Unfortunately, there is no particular way to identify that your computer has been infected with malware. Some infections may completely destroy files and shut down your computer, while others may only subtly affect your computer’s normal operations. Be aware of any unusual or unexpected behaviours. If you

Read More
Phishing

Phishing

What is Phishing? Phishing is a way for criminals to attempt to steal sensitive information, such as credit card details, online banking credentials, business passphrases or passwords. This is done by sending fraudulent messages, usually via electronic mail, which are sometimes referred to as ‘lures’. Phishing emails are designed to appear that they come from

Read More
Avoiding Social Engineering Attacks

Avoiding Social Engineering Attacks

What is a social engineering attack? In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that

Read More
Defending Against Illicit Cryptocurrency Mining

Defending Against Illicit Cryptocurrency Mining

What is cryptocurrency? Cryptocurrency is a digital currency used as a medium of exchange, similar to other currencies. Bitcoin, Litecoin, Monero, Ethereum, and Ripple are just a few types of the cryptocurrencies available. Unlike other currencies, cryptocurrency operates independently of a central bank and uses encryption techniques and blockchain technology to secure and verify transactions.

Read More
Physical Security of Mobile Devices

Physical Security of Mobile Devices

What is at risk? Only you can determine what is actually at risk. If a thief steals your laptop or mobile device, the most obvious loss is the machine itself. However, if the thief is able to access the information on the computer or mobile device, all of the information stored on the device is

Read More
Securing a New Computer

Securing a New Computer

Why is computer security important? Because computers play such critical roles in our lives, and because we input and view so much personally identifiable information (PII) on them, it’s imperative to implement and maintain computer security. Strong computer security ensures safe processing and storage of our information. How can I improve my computer’s security? The

Read More
Data Security of Mobile Devices

Data Security of Mobile Devices

Why do you need another layer of protection? Although there are ways to physically protect your laptop, PDA, or other portable device, there is no guarantee that it won’t be stolen. After all, as the name suggests, portable devices are designed to be easily transported. The theft itself is, at the very least, frustrating, inconvenient,

Read More
Understanding Patches and Software Updates

Understanding Patches and Software Updates

What are patches? Patches are software and Operating System (OS) updates that address security vulnerabilities within a program or product. Software vendors may choose to release updates to fix performance or security bugs, as well as to provide enhanced security functionality. How do you find out what software updates you need to install? When software

Read More
Website Security

Website Security

What is website security? Website security refers to the protection of personal and organisational public-facing websites from cyberattacks. Why should I care about website security? Cyberattacks against public-facing websites —regardless of size —are common and may result in: Website defacement, Loss of website availability or denial-of-service (DoS) condition, Compromise of sensitive customer or organizational data,

Read More
Browsing Safely

Browsing Safely

Why are security settings for web browsers important? Your web browser is your primary connection to the rest of the internet, and multiple applications may rely on your browser, or elements within your browser, to function. This makes the security settings within your browser even more important. Many web applications try to enhance your browsing

Read More
Securing the Internet of Things (IoT)

Securing the Internet of Things (IoT)

The Internet of Things refers to any object or device that sends and receives data automatically through the Internet. This rapidly expanding set of “things” includes tags (also known as labels or chips that automatically track objects), sensors, and devices that interact with people and share information machine to machine. Why Should We Care? Cars,

Read More
Risks of P2P File Sharing

Risks of P2P File Sharing

What is P2P file sharing? P2P File sharing involves using technology that allows internet users to share files that are housed on their individual computers. Peer-to-peer (P2P) applications, such as those used to share music files, are some of the most common forms of file-sharing technology. However, P2P applications introduce security risks that may put

Read More
Securing Wireless Networks

Securing Wireless Networks

In today’s connected world, almost everyone has at least one internet-connected device. With the number of these devices on the rise, it is important to implement a security strategy to minimize their potential for exploitation. Internet-connected devices may be used by nefarious entities to collect personal information, steal identities, compromise financial data, and silently listen

Read More
Exercising Caution With Email Attachments

Exercising Caution With Email Attachments

Why can email attachments be dangerous? Some characteristics that make email attachments convenient and popular also make them a common tool for attackers: Email is easily circulated – Forwarding email is so simple that viruses can quickly infect many machines. Most viruses do not even require users to forward the email—they scan a users’ mailbox

Read More