SlideShare une entreprise Scribd logo

SANS OUCH Newsletter April 2016

Gene Ferro
Gene Ferro

SANS OUCH Newsletter April 2016

Technologie
1  sur  3
Télécharger pour lire hors ligne
Guest Editor Samantha Davison (@sam_e_davison) is the Security Awareness and Education Program Manager at Uber, educating their employees in over 350 cities around the globe. Overview We know you care about protecting your computer and mobile devices and take steps to secure them. However, no matter how securely you use technology, you may eventually be hacked or “compromised.” In this newsletter, you will learn how to determine if your computer or mobile device has been hacked and, if so, what you can do about it. Ultimately, the quicker you detect something is wrong and the faster you respond, the more likely you can reduce the harm a cyber attacker can cause. Clues You Have Been Hacked hackers usually leave several clues, often called indicators. The closer your system matches any of these clues, the more likely it has been hacked: • Your anti-virus program has triggered an alert that your system is infected, particularly if it says that it was • Your browser’s homepage has unexpectedly changed or your browser is taking you to websites that you did not want to go to. • There are new accounts on your computer or device that you did not create, or new programs running that you did not install. • Your computer or applications are constantly crashing, there are icons for unknown apps, or strange windows keep popping up. • A program requests your authorization to make changes to your system, though you’re not actively installing or updating any of your applications. • Overview • Clues You Have Been Hacked • How to Respond IN THIS ISSUE... I’m Hacked, Now What? OUCH! | April 2016
Sooner or later, your computer or device may be compromised. The faster you detect an incident and the sooner you respond, the better. • Your password no longer works when you try to log into your system or an online account, even though you know your password is correct. • Friends ask you why you are spamming them with emails that you know you never sent. • Your mobile device is causing unauthorized charges to premium SMS numbers. • Your mobile device suddenly has unexplained very high data or battery usage. How to Respond If you believe your computer or device has been hacked, the sooner you respond the better. If the computer or device was provided to you by your employer or is used can you cause more harm than good, but you could also destroy valuable evidence that can be used for an investigation. Instead, report the incident to your employer right away, usually by contacting your help desk, security team, or supervisor. If for some reason you cannot contact your organization, or you are concerned about a delay, disconnect your computer or device from the network and then put it in sleep, suspend, or airplane mode. Even if you are not sure if you have been hacked, it is far better to report it just in case. If the computer or device is your own for personal use, here are some steps you can take: • Change Your Passwords: This includes not only changing the passwords on your computers and mobile devices, but for all of your online accounts. Be sure you do not use the hacked computer to change the passwords. Instead, use a different computer or device that you know is secure to change the passwords. • Anti-Virus is not possible, then delete it. • Rebuilding secure option is to rebuild it. For computers, follow your system manufacturer’s instructions. In most cases, this will mean using the built-in utilities to reinstall the operating system. If these utilities are missing, corrupted, I’m Hacked, Now What? OUCH! | April 2016
or infected, then contact your manufacturer for guidance or visit their website. Do not reinstall the operating system from backups; they may have the same vulnerabilities that allowed the hacker to originally gain access. Backups should only be used for recovering your data. For mobile devices, follow the instructions from your device manufacturer or service provider, these should be on their website. In many cases, this may be as simple as restoring your mobile device to factory default. If you feel uncomfortable with the rebuilding process, consider using a professional service to help you. Or, if your computer or device is old, it may be easier and even cheaper to purchase a new one. Finally, once you have rebuilt your computer or device (or purchased a new one) make sure it is fully updated and current and enable automatic updating whenever possible. • Backups: The most important step you can take to protecting yourself is to prepare ahead of time with regular backups. The more often you back up, the better. Some solutions will automatically back up any new being hacked. • Law Enforcement: If you feel in any way threatened, report the incident to local law enforcement. Tip of the Day Day. A new security tip is posted every day. https://www.sans.org/tip-of-the-day Resources Backups: https://securingthehuman.sans.org/ouch/2015#august2015 Passphrases: https://securingthehuman.sans.org/ouch/2015#april2015 What Is Malware?: https://securingthehuman.sans.org/ouch/2016#march2016 https://securingthehuman.sans.org/ouch/2016#january2016 License . You are free to share or distribute this newsletter as long as you do not sell or modify it. For past editions or translated versions, visit https://www.securingthehuman.org/ouch/archives. Editorial Board: Bill Wyman, Walt Scrivens, Phil Hoffman, Bob Rudis securingthehuman.org/blog /securethehuman @securethehuman securingthehuman.org/gplus I’m Hacked, Now What? OUCH! | April 2016

Recommandé

INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDS
Camille Hazellie
 
7 steps you can take now to protect your data
7 steps you can take now to protect your data7 steps you can take now to protect your data
7 steps you can take now to protect your data
Oregon Law Practice Management
 
Adult Internet Safety
Adult Internet SafetyAdult Internet Safety
Adult Internet Safety
reidcollins42
 
Security-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser AttacksSecurity-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser Attacks
Raghu Addanki
 
Taking care of your computers
Taking care of your computersTaking care of your computers
Taking care of your computers
Jean Ulpindo
 
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Akhil Sharma
 
Netgear router error codes
Netgear router error codesNetgear router error codes
Netgear router error codes
PPCChamp - Digital Marketing & Consulting Company
 
Computer safety
Computer safetyComputer safety
Computer safety
acarrizales531
 

Recommandé

INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDS
Camille Hazellie
 
7 steps you can take now to protect your data
7 steps you can take now to protect your data7 steps you can take now to protect your data
7 steps you can take now to protect your data
Oregon Law Practice Management
 
Adult Internet Safety
Adult Internet SafetyAdult Internet Safety
Adult Internet Safety
reidcollins42
 
Security-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser AttacksSecurity-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser Attacks
Raghu Addanki
 
Taking care of your computers
Taking care of your computersTaking care of your computers
Taking care of your computers
Jean Ulpindo
 
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Akhil Sharma
 
Netgear router error codes
Netgear router error codesNetgear router error codes
Netgear router error codes
PPCChamp - Digital Marketing & Consulting Company
 
Computer safety
Computer safetyComputer safety
Computer safety
acarrizales531
 
The Human Side of Security
The Human Side of SecurityThe Human Side of Security
The Human Side of Security
Randy Earl
 
Safe computing (circa 2004)
Safe computing (circa 2004)Safe computing (circa 2004)
Safe computing (circa 2004)
Azmi Mohd Tamil
 
Computing and ethics
Computing and ethicsComputing and ethics
Computing and ethics
Nikki Shree
 
Understanding security and safe computing
Understanding security and safe computingUnderstanding security and safe computing
Understanding security and safe computing
Mukul Kumar
 
10
10 10
10
Zachary Taylor
 
Spyware
SpywareSpyware
Spyware
norazokkar
 
Spyware
SpywareSpyware
Spyware
guest6fde72
 
Efective computing
Efective computingEfective computing
Efective computing
Naveen Sihag
 
Malware 10 minute presentation
Malware 10 minute presentationMalware 10 minute presentation
Malware 10 minute presentation
David Lombrozo
 
4 a module virus and spyware
4 a module virus and spyware4 a module virus and spyware
4 a module virus and spyware
Rozell Sneede
 
Safe Computing
Safe ComputingSafe Computing
Safe Computing
Dr. Dheeraj Mehrotra (National Awardee)
 
Lesson 1 computer safety and maintenance
Lesson 1 computer safety and maintenanceLesson 1 computer safety and maintenance
Lesson 1 computer safety and maintenance
School
 
IT Security Basics For Managers
IT Security Basics For ManagersIT Security Basics For Managers
IT Security Basics For Managers
Daniel Owens
 
How To Protect Yourself and Your Computer Online
How To Protect Yourself and Your Computer OnlineHow To Protect Yourself and Your Computer Online
How To Protect Yourself and Your Computer Online
Charles Anderson
 
W01p2virus wayman robert
W01p2virus wayman robertW01p2virus wayman robert
W01p2virus wayman robert
robsworld
 
Awesome Tips for Data Security
Awesome Tips for Data SecurityAwesome Tips for Data Security
Awesome Tips for Data Security
Millennium Systems International
 
Computer Investigation on Employees
Computer Investigation on EmployeesComputer Investigation on Employees
Computer Investigation on Employees
SwiftTech Solutions, Inc.
 
Bug bounty hunting
Bug bounty huntingBug bounty hunting
Bug bounty hunting
redteamacademypromo
 
Bug Bounty
Bug BountyBug Bounty
Bug Bounty
Hariprasad KA
 
How to Bulletproof Your Data Defenses Locally & In the Cloud
How to Bulletproof Your Data Defenses Locally & In the CloudHow to Bulletproof Your Data Defenses Locally & In the Cloud
How to Bulletproof Your Data Defenses Locally & In the Cloud
Nordic Backup
 
The 10 Commandments of Computer Security
The 10 Commandments of Computer SecurityThe 10 Commandments of Computer Security
The 10 Commandments of Computer Security
Techvera
 
Executive Directors Chat:It's easy to stay safe online.pdf
Executive Directors Chat:It's easy to stay safe online.pdfExecutive Directors Chat:It's easy to stay safe online.pdf
Executive Directors Chat:It's easy to stay safe online.pdf
TechSoup
 

Contenu connexe

Tendances

Efective computing
Efective computingEfective computing
Efective computing
Naveen Sihag
 
4 a module virus and spyware
4 a module virus and spyware4 a module virus and spyware
4 a module virus and spyware
Rozell Sneede
 
W01p2virus wayman robert
W01p2virus wayman robertW01p2virus wayman robert
W01p2virus wayman robert
robsworld
 

Tendances (19)

The Human Side of Security
The Human Side of SecurityThe Human Side of Security
The Human Side of Security
 
Safe computing (circa 2004)
Safe computing (circa 2004)Safe computing (circa 2004)
Safe computing (circa 2004)
 
Computing and ethics
Computing and ethicsComputing and ethics
Computing and ethics
 
Understanding security and safe computing
Understanding security and safe computingUnderstanding security and safe computing
Understanding security and safe computing
 
10
10 10
10
 
Spyware
SpywareSpyware
Spyware
 
Spyware
SpywareSpyware
Spyware
 
Efective computing
Efective computingEfective computing
Efective computing
 
Malware 10 minute presentation
Malware 10 minute presentationMalware 10 minute presentation
Malware 10 minute presentation
 
4 a module virus and spyware
4 a module virus and spyware4 a module virus and spyware
4 a module virus and spyware
 
Safe Computing
Safe ComputingSafe Computing
Safe Computing
 
Lesson 1 computer safety and maintenance
Lesson 1 computer safety and maintenanceLesson 1 computer safety and maintenance
Lesson 1 computer safety and maintenance
 
IT Security Basics For Managers
IT Security Basics For ManagersIT Security Basics For Managers
IT Security Basics For Managers
 
How To Protect Yourself and Your Computer Online
How To Protect Yourself and Your Computer OnlineHow To Protect Yourself and Your Computer Online
How To Protect Yourself and Your Computer Online
 
W01p2virus wayman robert
W01p2virus wayman robertW01p2virus wayman robert
W01p2virus wayman robert
 
Awesome Tips for Data Security
Awesome Tips for Data SecurityAwesome Tips for Data Security
Awesome Tips for Data Security
 
Computer Investigation on Employees
Computer Investigation on EmployeesComputer Investigation on Employees
Computer Investigation on Employees
 
Bug bounty hunting
Bug bounty huntingBug bounty hunting
Bug bounty hunting
 
Bug Bounty
Bug BountyBug Bounty
Bug Bounty
 

Similaire à SANS OUCH Newsletter April 2016

In computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfIn computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdf
anandanand521251
 
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Ron Pierce
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4
leahg118
 

Similaire à SANS OUCH Newsletter April 2016 (20)

How to Bulletproof Your Data Defenses Locally & In the Cloud
How to Bulletproof Your Data Defenses Locally & In the CloudHow to Bulletproof Your Data Defenses Locally & In the Cloud
How to Bulletproof Your Data Defenses Locally & In the Cloud
 
The 10 Commandments of Computer Security
The 10 Commandments of Computer SecurityThe 10 Commandments of Computer Security
The 10 Commandments of Computer Security
 
Executive Directors Chat:It's easy to stay safe online.pdf
Executive Directors Chat:It's easy to stay safe online.pdfExecutive Directors Chat:It's easy to stay safe online.pdf
Executive Directors Chat:It's easy to stay safe online.pdf
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from Ransomware
 
Secure End User
Secure End UserSecure End User
Secure End User
 
Internet security
Internet securityInternet security
Internet security
 
7 Signs that Tell your Computer has been Hacked
7 Signs that Tell your Computer has been Hacked7 Signs that Tell your Computer has been Hacked
7 Signs that Tell your Computer has been Hacked
 
Staying Safe on the Computer and Online
Staying Safe on the Computer and OnlineStaying Safe on the Computer and Online
Staying Safe on the Computer and Online
 
10 things to teach end users
10 things to teach end users10 things to teach end users
10 things to teach end users
 
Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield Cloud Security 101
Stackfield Cloud Security 101
 
Cyber Security Magazine
Cyber Security MagazineCyber Security Magazine
Cyber Security Magazine
 
Information security for health practitioners
Information security for health practitionersInformation security for health practitioners
Information security for health practitioners
 
In computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfIn computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdf
 
Limbtec Computer Security Presentation
Limbtec Computer Security PresentationLimbtec Computer Security Presentation
Limbtec Computer Security Presentation
 
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4
 
NCSC_A5_Small_Business_Guide_v4_OCT20.pdf
NCSC_A5_Small_Business_Guide_v4_OCT20.pdfNCSC_A5_Small_Business_Guide_v4_OCT20.pdf
NCSC_A5_Small_Business_Guide_v4_OCT20.pdf
 
5 Ways to Stay #CyberSecure
5 Ways to Stay #CyberSecure5 Ways to Stay #CyberSecure
5 Ways to Stay #CyberSecure
 
Document safer online for nonprofits guide
Document safer online for nonprofits guideDocument safer online for nonprofits guide
Document safer online for nonprofits guide
 
Cyber Security and GDPR Made Easy
Cyber Security and GDPR Made EasyCyber Security and GDPR Made Easy
Cyber Security and GDPR Made Easy
 

Plus de Gene Ferro

Ehrlich Case Study_SharePoint
Ehrlich Case Study_SharePointEhrlich Case Study_SharePoint
Ehrlich Case Study_SharePoint
Gene Ferro
 
Intranet Solutions_Sales & Marketing
Intranet Solutions_Sales & MarketingIntranet Solutions_Sales & Marketing
Intranet Solutions_Sales & Marketing
Gene Ferro
 
Intranet Solutions_IT
Intranet Solutions_ITIntranet Solutions_IT
Intranet Solutions_IT
Gene Ferro
 
Intranet Solutions_HR
Intranet Solutions_HRIntranet Solutions_HR
Intranet Solutions_HR
Gene Ferro
 
Intranet Solutions_Finance & Accounting
Intranet Solutions_Finance & AccountingIntranet Solutions_Finance & Accounting
Intranet Solutions_Finance & Accounting
Gene Ferro
 
Weidenhammer Billboards!
Weidenhammer Billboards!Weidenhammer Billboards!
Weidenhammer Billboards!
Gene Ferro
 
Weidenhammer Oktoberfest Hammer Happy Hour
Weidenhammer Oktoberfest Hammer Happy HourWeidenhammer Oktoberfest Hammer Happy Hour
Weidenhammer Oktoberfest Hammer Happy Hour
Gene Ferro
 
Business Transformation Consultant
Business Transformation ConsultantBusiness Transformation Consultant
Business Transformation Consultant
Gene Ferro
 
401Creative Website Launch!
401Creative Website Launch!401Creative Website Launch!
401Creative Website Launch!
Gene Ferro
 
.Net Developer - Solutions Delivery
.Net Developer - Solutions Delivery.Net Developer - Solutions Delivery
.Net Developer - Solutions Delivery
Gene Ferro
 
Technical Architect - Solutions Delivery
Technical Architect - Solutions DeliveryTechnical Architect - Solutions Delivery
Technical Architect - Solutions Delivery
Gene Ferro
 
Web Project Manager
Web Project ManagerWeb Project Manager
Web Project Manager
Gene Ferro
 
401! Creative Capabilities
401! Creative Capabilities401! Creative Capabilities
401! Creative Capabilities
Gene Ferro
 
Mobile Portfolio - 401! Creative, a division of Weidenhammer
Mobile Portfolio - 401! Creative, a division of WeidenhammerMobile Portfolio - 401! Creative, a division of Weidenhammer
Mobile Portfolio - 401! Creative, a division of Weidenhammer
Gene Ferro
 

Plus de Gene Ferro (20)

Lehigh Valley Business_Digital Transformation
Lehigh Valley Business_Digital TransformationLehigh Valley Business_Digital Transformation
Lehigh Valley Business_Digital Transformation
 
Business Continuity - Weidenhammer
Business Continuity - WeidenhammerBusiness Continuity - Weidenhammer
Business Continuity - Weidenhammer
 
Weidenhammer Digital Transformation Presentation
Weidenhammer Digital Transformation PresentationWeidenhammer Digital Transformation Presentation
Weidenhammer Digital Transformation Presentation
 
Weidenhammer Cloud Solution Infographic
Weidenhammer Cloud Solution InfographicWeidenhammer Cloud Solution Infographic
Weidenhammer Cloud Solution Infographic
 
Weidenhammer Consulting Booklet
Weidenhammer Consulting BookletWeidenhammer Consulting Booklet
Weidenhammer Consulting Booklet
 
Ehrlich Case Study_SharePoint
Ehrlich Case Study_SharePointEhrlich Case Study_SharePoint
Ehrlich Case Study_SharePoint
 
Intranet Solutions_Sales & Marketing
Intranet Solutions_Sales & MarketingIntranet Solutions_Sales & Marketing
Intranet Solutions_Sales & Marketing
 
Intranet Solutions_IT
Intranet Solutions_ITIntranet Solutions_IT
Intranet Solutions_IT
 
Intranet Solutions_HR
Intranet Solutions_HRIntranet Solutions_HR
Intranet Solutions_HR
 
Intranet Solutions_Finance & Accounting
Intranet Solutions_Finance & AccountingIntranet Solutions_Finance & Accounting
Intranet Solutions_Finance & Accounting
 
PHP Developer
PHP DeveloperPHP Developer
PHP Developer
 
Weidenhammer Billboards!
Weidenhammer Billboards!Weidenhammer Billboards!
Weidenhammer Billboards!
 
Weidenhammer Oktoberfest Hammer Happy Hour
Weidenhammer Oktoberfest Hammer Happy HourWeidenhammer Oktoberfest Hammer Happy Hour
Weidenhammer Oktoberfest Hammer Happy Hour
 
Business Transformation Consultant
Business Transformation ConsultantBusiness Transformation Consultant
Business Transformation Consultant
 
401Creative Website Launch!
401Creative Website Launch!401Creative Website Launch!
401Creative Website Launch!
 
.Net Developer - Solutions Delivery
.Net Developer - Solutions Delivery.Net Developer - Solutions Delivery
.Net Developer - Solutions Delivery
 
Technical Architect - Solutions Delivery
Technical Architect - Solutions DeliveryTechnical Architect - Solutions Delivery
Technical Architect - Solutions Delivery
 
Web Project Manager
Web Project ManagerWeb Project Manager
Web Project Manager
 
401! Creative Capabilities
401! Creative Capabilities401! Creative Capabilities
401! Creative Capabilities
 
Mobile Portfolio - 401! Creative, a division of Weidenhammer
Mobile Portfolio - 401! Creative, a division of WeidenhammerMobile Portfolio - 401! Creative, a division of Weidenhammer
Mobile Portfolio - 401! Creative, a division of Weidenhammer
 

Dernier

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Dernier (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

SANS OUCH Newsletter April 2016

  • 1. Guest Editor Samantha Davison (@sam_e_davison) is the Security Awareness and Education Program Manager at Uber, educating their employees in over 350 cities around the globe. Overview We know you care about protecting your computer and mobile devices and take steps to secure them. However, no matter how securely you use technology, you may eventually be hacked or “compromised.” In this newsletter, you will learn how to determine if your computer or mobile device has been hacked and, if so, what you can do about it. Ultimately, the quicker you detect something is wrong and the faster you respond, the more likely you can reduce the harm a cyber attacker can cause. Clues You Have Been Hacked hackers usually leave several clues, often called indicators. The closer your system matches any of these clues, the more likely it has been hacked: • Your anti-virus program has triggered an alert that your system is infected, particularly if it says that it was • Your browser’s homepage has unexpectedly changed or your browser is taking you to websites that you did not want to go to. • There are new accounts on your computer or device that you did not create, or new programs running that you did not install. • Your computer or applications are constantly crashing, there are icons for unknown apps, or strange windows keep popping up. • A program requests your authorization to make changes to your system, though you’re not actively installing or updating any of your applications. • Overview • Clues You Have Been Hacked • How to Respond IN THIS ISSUE... I’m Hacked, Now What? OUCH! | April 2016
  • 2. Sooner or later, your computer or device may be compromised. The faster you detect an incident and the sooner you respond, the better. • Your password no longer works when you try to log into your system or an online account, even though you know your password is correct. • Friends ask you why you are spamming them with emails that you know you never sent. • Your mobile device is causing unauthorized charges to premium SMS numbers. • Your mobile device suddenly has unexplained very high data or battery usage. How to Respond If you believe your computer or device has been hacked, the sooner you respond the better. If the computer or device was provided to you by your employer or is used can you cause more harm than good, but you could also destroy valuable evidence that can be used for an investigation. Instead, report the incident to your employer right away, usually by contacting your help desk, security team, or supervisor. If for some reason you cannot contact your organization, or you are concerned about a delay, disconnect your computer or device from the network and then put it in sleep, suspend, or airplane mode. Even if you are not sure if you have been hacked, it is far better to report it just in case. If the computer or device is your own for personal use, here are some steps you can take: • Change Your Passwords: This includes not only changing the passwords on your computers and mobile devices, but for all of your online accounts. Be sure you do not use the hacked computer to change the passwords. Instead, use a different computer or device that you know is secure to change the passwords. • Anti-Virus is not possible, then delete it. • Rebuilding secure option is to rebuild it. For computers, follow your system manufacturer’s instructions. In most cases, this will mean using the built-in utilities to reinstall the operating system. If these utilities are missing, corrupted, I’m Hacked, Now What? OUCH! | April 2016
  • 3. or infected, then contact your manufacturer for guidance or visit their website. Do not reinstall the operating system from backups; they may have the same vulnerabilities that allowed the hacker to originally gain access. Backups should only be used for recovering your data. For mobile devices, follow the instructions from your device manufacturer or service provider, these should be on their website. In many cases, this may be as simple as restoring your mobile device to factory default. If you feel uncomfortable with the rebuilding process, consider using a professional service to help you. Or, if your computer or device is old, it may be easier and even cheaper to purchase a new one. Finally, once you have rebuilt your computer or device (or purchased a new one) make sure it is fully updated and current and enable automatic updating whenever possible. • Backups: The most important step you can take to protecting yourself is to prepare ahead of time with regular backups. The more often you back up, the better. Some solutions will automatically back up any new being hacked. • Law Enforcement: If you feel in any way threatened, report the incident to local law enforcement. Tip of the Day Day. A new security tip is posted every day. https://www.sans.org/tip-of-the-day Resources Backups: https://securingthehuman.sans.org/ouch/2015#august2015 Passphrases: https://securingthehuman.sans.org/ouch/2015#april2015 What Is Malware?: https://securingthehuman.sans.org/ouch/2016#march2016 https://securingthehuman.sans.org/ouch/2016#january2016 License . You are free to share or distribute this newsletter as long as you do not sell or modify it. For past editions or translated versions, visit https://www.securingthehuman.org/ouch/archives. Editorial Board: Bill Wyman, Walt Scrivens, Phil Hoffman, Bob Rudis securingthehuman.org/blog /securethehuman @securethehuman securingthehuman.org/gplus I’m Hacked, Now What? OUCH! | April 2016