Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Why Cyber Security Starts At Home
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
Marilyn Cohodas
Marilyn Cohodas,
User Rank: Strategist
11/17/2014 | 3:49:37 PM
Re: Trying to do their part...
It's really important to get that message out..in a way that empowers people and not makes them feel intimidated or lectured to. It's a tricky balance...
GonzSTL
GonzSTL,
User Rank: Ninja
11/17/2014 | 3:25:14 PM
Re: Trying to do their part...
I agree. I share information and provide some "IT advice" among my family and small circle of friends and encourage them to "spread the word", as it were. The tips aren't very technical, and mostly involve what we in the security community would call "common sense", at least so it may seem to those of us who are more informed than the lay person. I especially encourage people to talk to their children about safe computing practices, given the prevalence of connected technology and the availability of connected devices to the young. It certainly is a much different world than 20 years ago.
CNACHREINER981
CNACHREINER981,
User Rank: Author
11/17/2014 | 1:52:34 PM
Re: Trying to do their part...
Robert, 

You make a great point, and I actually thought a bit about this in re-reading my article this morning. In light of the "DarkHotel" campaign, I read the patching advice where I said, "say yes to auto-updates," and thought that might help people fall for fake updates, like the Adobe flash one used in DarkHotel... granted, that attack actually also required a man-in-the-middle attack, but there are all kinds of other ways (hijacked websites) to pop up fake update windows. 

I don't think there is a perfect or easy answer for this, but I'd recommend two things. 1) If you don't have time to go into more specifics, I think the patching advice stands. I think the value of having more people fully patched would totally outweight the occasional user that falls for a fake update. Statistically, even if everyone said yes to updates, I think the result of patched systems would vastly outweigh the people that stumbled onto a fake one (but that is only a gut feel). 2) HOWEVER, if you have a bit more time, and the user is attentive, you could simply add a caveat to the advice, by sharing that they should beware that sometimes update mechanisms are faked. You could then share a few ways they might recognize a fake update mechnism, or rather train them that if they get an update poppup, not do say yes right away, but to close the pop-up, manually open the adobe update that you know you can trust, and then if it says updates are really ready, say yes to them there...

I don't know if this is a perfect answer, but I still want to shoot for more eductated consumers since I think it would make our jobs easier and our organizations more protected.

In any case, thanks for the comment. If you have any tips on having end users avoid fake update scams, be sure to share them. ^_^

 

Cheers,

Corey
Robert McDougal
Robert McDougal,
User Rank: Ninja
11/17/2014 | 1:33:44 PM
Trying to do their part...
I would like to hear other's opinion on this topic, but in my experience one of the ways most likely to catch an end user off guard is to pretend to be something good.  This could be a pop up claiming to be an AV update, or an email claiming your email account has run out of space.  People who work in IT can spot these things a mile away but that is because we are intimately familiar with the way it should look.  End-user's often are not aware what a Java, Flash or AV update is supposed to look like, so they often mistakenly install a virus or give out their credentials by attempting to do the right thing.
<<   <   Page 2 / 2


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-26135
PUBLISHED: 2022-06-30
A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0 be...
CVE-2017-20122
PUBLISHED: 2022-06-30
A vulnerability classified as problematic was found in Bitrix Site Manager 12.06.2015. Affected by this vulnerability is an unknown functionality of the component Contact Form. The manipulation of the argument text with the input &lt;img src=&quot;http://1&quot;; on onerror=&quot;$(&acirc;&euro;&tra...
CVE-2017-20123
PUBLISHED: 2022-06-30
A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. ...
CVE-2017-20124
PUBLISHED: 2022-06-30
A vulnerability classified as critical has been found in Online Hotel Booking System Pro Plugin 1.0. Affected is an unknown function of the file /front/roomtype-details.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...
CVE-2017-20125
PUBLISHED: 2022-06-30
A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected by this vulnerability is an unknown functionality of the file /roomtype-details.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has bee...