Computer viruses are rapidly growing in the World Wide Web as numerous hackers unleash them on internet in the hope of stealing private financial information. To protect yourself completely, it is important to have a set of tools hardware and software on your network and pc so that you can safeguard it from any possible virus, malware,worm, trojan threat.
Although hackers are hunting for unprotected networks and systems, the best antivirus software programs provide complete protection so that you don’t become one of the vulnerable…still! There is a lots then can be done…
To prevent your data from being compromised it is important to minimize the damaging effects by taking some compulsory measures to safeguard your system from online viruses. A Few tips to protect your system from viruses and spyware are mentioned below:
Use a Dynamic Firewall Protection: Download antivirus software in conjunction with an effective firewall that can successfully protect against hackers from breaking into your PC. A firewall filters information passed through internet to your network and prevents hackers from attacking your computer.
Best bet is to use a firewall embedded in a router . The best ones are to open source firmware ones on linux base. Constantly updated and full of configurations.
Software ones are ok , but you’ll need a copy on every pc,tablet and phone connected to your network.
Use WPA/ WPA2 Encryption: It is essential to use WPA or WPA2 encryption to protect against hackers from attacking your PC over a wireless network. Encrypted wireless transmissions are not impossible to break, although it takes considerable amount of time and effort for hackers to get information. The weaker your wireless network the less time would it take for a hacker to access your PC.
That mean a strong password.
Additionally set up you wireless router with a guest network , so your visitors are not going to connect on your main network with their , surely , less protected devices.
Open Attachments from Trusted Sources: Attachments that are from trusted and known sources can be opened, and everything else must be deleted immediately. Even though they are many types of file attachments that you may be curious about, it is best that you don’t compromise your PC safety by opening them if they are not from a trusted source.
This is an human thing , use an email service with a strong antivirus detection , do not skimp on that.
Still make sure you never click on weird attachment.
Install a sandbox system on your pc to test and check these attachment.
Maybe a Linux virtual machine!
Active Antivirus Program: Choosing an effective computer virus protection is essential as it gives guaranteed protection against malicious code and other harmful online virus threats. If you accidently download a virus infected file, your antivirus download will provide protection and quarantine the file.
Which antivirus the best…difficult they are all good and bad, even the Windows defender does work fine.
It all about prevention.
Following the above mentioned essential steps will help you to safeguard your PC and keep your private and confidential information safe. Stay vigilant and choose a dynamic antivirus program to safeguard your system.
Again use a crypted DNS server like cloudfare 220.127.116.11, check before you use them and check if the traffic is spied by them.
Use a VPN service for untrusted or in need of security sites( Northvpn served me well to the current day)
Keep you router password strong and keep your router updated.
With more following articles I’ll show some brands able to help you around.😎
However the weakest link in the chain is you with you curiosity and weakness in clicking on anything!😃
1 second click days of pain!😭
Reporting and technical details surrounding the malware used in the March 20, 2013, attack on
South Korean assets have been varied and inconsistent. However, there are some commonalitie reported across multiple organizations that provide some level of insight into the malware, dubbed DarkSeoul.
The common attributes of the attack campaign are the following:
•The malicious file wipes the master boot record (MBR) and other files.
•The malware was hard coded with a specific execution date and time and searches
machines for credentials with administrative/root access to servers.
•The malware is written to specifically target South Korean victims.
•The attack is effective on multiple operating systems.
•The design is low sophistication – high damage.
When assessing the potential risk to U.S. Critical Infrastructure and Key Resources (CIKR), it isimportant to understand that DarkSeoul appears to have been coded for a specific target in this case and designed to evade typical South Korean antivirus processes. As this malware is currently packaged, it is a low risk to U.S. CIKR, however, the concepts underpinning this attack would likely succeed in many common enterprise environments. For this reason, U.S. CIKR owners and operators should continue the best standard security practices to avoid infection and propagation of a wiper or other type of malware that may impact their systems.
Defensive Measures Based on the common attributes detailed above, US‐CERT reminds users and administrators of the importance of best practices to strengthen the security posture of their organization’s systems.
CIKR owners and operators should work toward a resilient network model that assumes such an attack will occur against their enterprise.
The goal is to minimize damage, and provide pathways for restoration of critical business functions in the shortest amount of time possible.
•Encourage users to transfer critical files to network shares, to allow for centralized
backups. Leverage technical solutions to automate centralized storage where possible to
reduce reliance on end-user voluntary compliance.
•Execute daily backups of all critical systems, including offline and offsite copies of
•Periodically execute a practice data restoration from backups, including key databases to
ensure integrity of existing backups and processes.
•Establish emergency communications plans should network resources become
•Isolate any critical networks (including operations networks) from business systems, and
where possible segment the business networks.
•Identify critical systems and evaluate the need to have on-hand spares to quickly restore
•Recognize that without proper internal monitoring, an organization’s “Enterprise Trust
Anchors” (Active Directory, PKI, two-factor authentication,
etc.) and centralized management services (remote helpdesk access, patch management and asset inventory suites,etc.) could be compromised and used to subvert all other security controls.
•Maintain up‐to‐date antivirus signatures and engines.
•Restrict users’ ability (permissions) to install and run unwanted software applications
through Microsoft Software Restriction Policy (application directory whitelisting) or
AppLocker, application whitelisting products, or host-based intrusion prevention software.
•Enforce a strong password policy and implement regular password changes.
•Keep operating system patches up to date.
•Disable unnecessary services on workstations and servers.
•Scan for and remove suspicious email attachments; ensure the scanned attachment is its
‘true file type’ (i.e., the extension matches the file header).
•Exercise caution when using removable media (e.g., USB thumb drives, external drives,CDs).
•Scan all software downloaded from the Internet prior to executing by properly authorized
•Disable credential caching for all desktop devices with particular importance on critical
systems such as servers and restrict the number of cached credentials for all portable
devices to no more than three, if possible. This can be accomplished through a Group Policy Object (GPO).
Some of the common web server attack tools include;
- Metasploit– this is an open source tool for developing, testing and using exploit code. It can be used to discover vulnerabilities in web servers and write exploits that can be used to compromise the server.
- MPack– this is a web exploitation tool. It was written in PHP and is backed by MySQL as the database engine. Once a web server has been compromised using MPack, all traffic to it is redirected to malicious download websites.
- Zeus– this tool can be used to turn a compromised computer into a bot or zombie. A bot is a compromised computer which is used to perform internet based attacks. A botnet is a collection of compromised computers. The botnet can then be used in a denial of service attack or sending spam mails.
- Neosplit – this tool can be used to install programs, delete programs, replicating it etc.