Tools: How to identify and clean up Windows computers infected with malware and bots

Solution: Follow the steps below in the given order: Step 1: Disconnect the computer from the network and notify the user that the computer cannot be re-connected until all malware has been successfully removed. Step 2: Find out if the user is familiar with the destination or action that the malware or bot is trying … Continue reading Tools: How to identify and clean up Windows computers infected with malware and bots

Infographics: Targeted victim – Spearphishing Attack

SPEAR-PHISHING Spear-phishing is a targeted attempt to steal sensitive information such as account credentials or financial information from a specific victim, often for malicious reasons. This is achieved by acquiring personal details on the victim such as their friends, hometown, employer, locations they frequent, and what they have recently bought online. The attackers then disguise … Continue reading Infographics: Targeted victim – Spearphishing Attack

Infographics: Most Common Forms of Phishing Attacks

Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication. Bad guys are trying to phish in more than more ways to get the information they want. The core takeaway is be careful on what to entertain (whether … Continue reading Infographics: Most Common Forms of Phishing Attacks

Set up connectors for secure mail flow with a partner organization

Enforce TLS to a partner organization. You can create connectors to apply security restrictions to mail exchanges with a partner organization or service provider. A partner can be an organization you do business with, such as a bank. It can also be a third-party cloud service that provides services such as archiving, anti-spam, and filtering. … Continue reading Set up connectors for secure mail flow with a partner organization

Send discrete, self-destructing notes via Privnote

Discovered a really cool tool to send notes that will self-destruct after being read. Good for sending passwords or information across discretely and securely. No log-ins or identity involved. All you need to do is generate a link to the note and has the option to notify you via email if it has been read. … Continue reading Send discrete, self-destructing notes via Privnote

Fortigate 5.2 Vulnerability: SSH/SSL – Weak Encryptions

Known issue to: FortiOS 5.2.x (can also apply to higher versions). But 5.4.x and later has already disabled weaker ciphers DES, RC4 and SSLv3, so Firewalls running on later version are less-prone to vulnerabilities.     Recommendations/Mitigations:  What does strong encryption do? Enabling the use of strong encryption will only allow strong ciphers such as: AES … Continue reading Fortigate 5.2 Vulnerability: SSH/SSL – Weak Encryptions

Facebook adds Google Authenticator for Two-Factor Authentication

Good news! Facebook now makes Two-Factor Authentication (2FA) easier to set up by allowing common third-party apps like Google Authenticator or Duo Security on both desktop and mobile. 2FA adds layer of security to your Facebook login by requiring you to provide a passcode or from “something that you have” (which is the 2FA generated … Continue reading Facebook adds Google Authenticator for Two-Factor Authentication