DHS has an excellent resource: the US Computer Emergency Readiness Team (US-CERT). Their website has information ranging from Computer Security 101 to advanced information for IT professionals.
Remember: Scams, bots and viruses continue to proliferate. Use caution when opening email messages and take the following preventive measures to protect themselves from phishing scams and malware campaigns.
- Do not click on or submit any information to webpages.
- Do not follow unsolicited web links in email messages.
- Use caution when opening email attachments. Refer to the Security Tip Using Caution with Email Attachments for more information on safely handling email attachments.
- Maintain up-to-date antivirus software.
- Users who are infected should change all passwords AFTER removing the malware from their system.
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
- Refer to the Security Tip Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Other great information for non-techies from the US-CERT website.
- Top 10 Ways to Improve the Security of a New Computer Because our computers have such critical roles in our lives and we trust them with so much personal information, it’s important to improve their security so we can continue to rely on them and keep our information safe.
- Virus Basics Learn about viruses, what they can do to your systems, and how to avoid them and lessen their impact.
- Securing Wireless Networks In today’s connected world, almost everyone has at least one Internet-connected devices. With the number of these devices on the rise, it is important to implement a security strategy to minimize their potential for exploitation (see Securing the Internet of Things). Internet-connected devices may be used by nefarious entities to collect personal information, steal identities, compromise financial data, and silently listen to—or watch—users. However, taking a few precautions in the configuration and use of your devices can help prevent this type of activity.
- Staying Safe on Social Networking Sites The popularity of social networking sites continues to increase. The nature of these sites introduces security risks, so you should take certain precautions.
The hackings of 82 synagogue websites during Israel’s Operation Pillar of Defense by the “Moroccan Ghosts” brought appropriate responses from law enforcement agencies. The intrusions should remind us that cybersecurity is in our own hands. The following recommendations from the ADL make sense.
For those of you with websites.
There is a relatively new attack on websites hitting MySQL. If you don’t understand this, check with your techie or your ISP to confirm if your website is vulnerable.
How do you know that you’ve been compromised? Google is ever alert and will mark your site as “dangerous”. Websites/web hosting companies subscribe to “blacklists” of such sites. Firefox and Chrome check the blacklists before going to a site and will tell a user, “Warning – visiting this website may harm your computer!”.
Once your site is hacked it must be “cleaned”. After doing so, you can notify Google, request that it be removed from the blacklist and 3 to 24 hours later the site will be unblacklisted.
- Make regular backups of your website. Even if your ISP takes care of this it couldn’t hurt to have another.
- Your website probably has all kinds of access passwords (FTP, SQL administration, etc.). Make sure that you have strong passwords at every option. This usually includes multiple words, mixing capital and lower case letters and using numbers and symbols. See this Consumer Reports article for more explanations and tips.
The staffs of several organizations received emails that are distinctly anti-Zionist, if not anti-Semitic. If you receive such an email please report it to the NYPD at 1-888-NYC-SAFE and forward it to firstname.lastname@example.org.
|Pro-Palestinian Group Hacks Jewish Paper’s Site
By Adam Dickter
Pro-Palestinian hackers managed to deface the web site of The Jewish Chronicle in London, but didn’t make it into the newspaper’s file system. The cyberattack apparently protested Israel’s blockade of the Gaza Strip. The Chronicle said the attackers defaced a virtual file system that was cleared by rebooting. The attackers may be based in Turkey. more. . .