Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Why Cyber Security Starts At Home
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
Marilyn Cohodas
Marilyn Cohodas,
User Rank: Strategist
11/17/2014 | 3:49:37 PM
Re: Trying to do their part...
It's really important to get that message out..in a way that empowers people and not makes them feel intimidated or lectured to. It's a tricky balance...
User Rank: Ninja
11/17/2014 | 3:25:14 PM
Re: Trying to do their part...
I agree. I share information and provide some "IT advice" among my family and small circle of friends and encourage them to "spread the word", as it were. The tips aren't very technical, and mostly involve what we in the security community would call "common sense", at least so it may seem to those of us who are more informed than the lay person. I especially encourage people to talk to their children about safe computing practices, given the prevalence of connected technology and the availability of connected devices to the young. It certainly is a much different world than 20 years ago.
User Rank: Author
11/17/2014 | 1:52:34 PM
Re: Trying to do their part...

You make a great point, and I actually thought a bit about this in re-reading my article this morning. In light of the "DarkHotel" campaign, I read the patching advice where I said, "say yes to auto-updates," and thought that might help people fall for fake updates, like the Adobe flash one used in DarkHotel... granted, that attack actually also required a man-in-the-middle attack, but there are all kinds of other ways (hijacked websites) to pop up fake update windows. 

I don't think there is a perfect or easy answer for this, but I'd recommend two things. 1) If you don't have time to go into more specifics, I think the patching advice stands. I think the value of having more people fully patched would totally outweight the occasional user that falls for a fake update. Statistically, even if everyone said yes to updates, I think the result of patched systems would vastly outweigh the people that stumbled onto a fake one (but that is only a gut feel). 2) HOWEVER, if you have a bit more time, and the user is attentive, you could simply add a caveat to the advice, by sharing that they should beware that sometimes update mechanisms are faked. You could then share a few ways they might recognize a fake update mechnism, or rather train them that if they get an update poppup, not do say yes right away, but to close the pop-up, manually open the adobe update that you know you can trust, and then if it says updates are really ready, say yes to them there...

I don't know if this is a perfect answer, but I still want to shoot for more eductated consumers since I think it would make our jobs easier and our organizations more protected.

In any case, thanks for the comment. If you have any tips on having end users avoid fake update scams, be sure to share them. ^_^



Robert McDougal
Robert McDougal,
User Rank: Ninja
11/17/2014 | 1:33:44 PM
Trying to do their part...
I would like to hear other's opinion on this topic, but in my experience one of the ways most likely to catch an end user off guard is to pretend to be something good.  This could be a pop up claiming to be an AV update, or an email claiming your email account has run out of space.  People who work in IT can spot these things a mile away but that is because we are intimately familiar with the way it should look.  End-user's often are not aware what a Java, Flash or AV update is supposed to look like, so they often mistakenly install a virus or give out their credentials by attempting to do the right thing.
<<   <   Page 2 / 2

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-12-05
Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASK...
PUBLISHED: 2022-12-05
Stored cross-site scripting vulnerability in Kyocera Document Solutions MFPs and printers allows a remote authenticated attacker with an administrative privilege to inject arbitrary script. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKa...
PUBLISHED: 2022-12-05
OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product.
PUBLISHED: 2022-12-05
Plaintext storage of a password vulnerability exists in +F FS040U software versions v2.3.4 and earlier, which may allow an attacker to obtain the login password of +F FS040U and log in to the management console.
PUBLISHED: 2022-12-05
Cross-site request forgery (CSRF) vulnerability in +F FS040U software versions v2.3.4 and earlier, +F FS020W software versions v4.0.0 and earlier, +F FS030W software versions v3.3.5 and earlier, and +F FS040W software versions v1.4.1 and earlier allows an adjacent attacker to hijack the authenticati...