COVID-19- Working from Home

Published by Nick on

In the workplace, we face a constant threat from cyber attackers trying to trick us to further their malicious operations. Now that many users are working from home, the remote worker needs to keep their guard up. Most of us are off of our normal routine and performing remote work for the first time. This article will provide some advice as well as some items to watch out for as hacking and phishing increase in these crazy times.

The nasty payload is right behind the link

Be careful of links in emails and on websites, attackers can provide you with a link that can compromise your system with just one click. New malicious links are being sent out with COVID-19 Coronavirus themes that lead to device compromise. Some of the Coronavirus maps have already been identified as malicious.

Get your information from a credible source

Social media can be full of misinformation campaigns designed to trick you into believing fake information. If you are looking for information on Coronavirus check with the Centers for Disease Control and Prevention at cdc.gov.

Be aware of Phishing emails

The most common phishing email will get you to click on a link, the link will take you to a page that asks for your username and password. Attackers make this page look the same as your organization’s login page, your bank account login, or your email login. If you enter your username and password, the information gets sent to the attacker.

Keep your devices up to date

It is very important to keep your devices up to date and use antivirus software. This will ensure that security patches are applied, and your device is free of malware. These steps should be handled by your IT department if you are using an organization provided device. If you are using a device that is owned by you, this is your responsibility.

These items just scratch the surface when it comes to cyber security, constant education with layered security also known as defense in depth is the best way to secure operations. Contact us with any questions or comments.

Categories: Cybersecurity

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Cybersecurity

Administrator- Hackthebox lab

This lab came with Active Directory creds to simulate an assumed breach assessment. I started by checking the credentials with Netexec to confirm they worked. Next I ran Bloodhound-ce-python to collect Active Directory data for Read more

Cybersecurity

Support- Hackthebox lab

I started with an nmap scan for all TCP ports and the top UDP ports. This one looks like an Active Directory Domain Controller. Added target hostnames to /etc/hosts Looking through the SMB shares, I Read more

Cybersecurity

ServMon- Hackthebox lab

This box took a ton of troubleshooting and resets for the privilege escalation. The web server kept crashing but after many attempts, I finally got it finished. I start things off with a port scan Read more