CyberSecurity: Best Practices & Guide

Discussion in 'CYBER SECURITY awareness!' started by Trim, Oct 30, 2016.

  1. Trim

    Trim MTAC Moderator Staff Member

    Hello to all,

    today I will share with you this thread, which was created in collaboration with @revC0de to explain the best practices for security for everyone, and also a complete guide/tutorial/suggestions to have a strong and safe security configuration.
    I would want to start by saying that the security on the web is the first and most important priority. When we surf the web we must feel protected against new threats that are released every day and can be very dangerous. Overall nowadays ransomware threats are growing a lot respect before and we must prevent an infection like this on our system to protect our sensitive files and data.
    So today I want to start by explaining the main layers of a security configuration and how to cover them, with the best software for each section.
    We have these main layers of security:

    -Antivirus (Real-Time Protection) (Fundamental): There are a lot of free antivirus avalaible nowadays, but the software wich I recommend are: Avira Free 2017: https://www.avira.com/en/free-security-suite, Bitdefender Free (2017 version is still in BETA): http://www.bitdefender.com/solutions/free.html, Avast Free: https://www.avast.com/index (good technologies and heuristic system against stronger threats), AVG Free (good detection rate and great protection against new malware types): http://www.avg.com/gb-en/homepage, Panda Free Antivirus (good UI and good detection rate, USB protection very powerful): http://www.pandasecurity.com/usa/homeusers/solutions/free-antivirus/, ZoneAlarm Free Antivirus+ 2017: http://www.zonealarm.com/software/free-antivirus/.

    -AntiMalware (On-demand scanners) (Fundamental): Here I can suggest two security apps really powerful and freeware: Zemana AntiMalware Free(which is without real-time protection, but detection rate is really high):https://www.zemana.com/AntiMalware and MalwareBytes AntiMalware Free(it is very powerful, fast to scan and also always updated, really suggested): https://www.malwarebytes.com/, I want to recommend also another secure product:Kaspersky Security Scan (performance really good, fast to scan and detection rate very high, obviously also a good heuristic system): https://www.kaspersky.com/free-viru...kasp_leg_ona_dis__onl_b2c__lp-button_kl______.

    -Firewall (Really important): Firewalls are not always included with antivirus products, so here I want to suggest some free firewalls which I believe really good and necessary: Comodo Free Firewall (really suggested for Malware Analysis in virtual environment, HIPS are useful if the analyst make an error and execute the malware, but also powerful if the malware we are analyzing is attempting to establish a connection to a remote server): https://www.comodo.com/home/internet-security/firewall.php, GlassWire Free (and paid versions):https://www.glasswire.com/, a really amazing firewall, great UI and also an innovative graph which show us the network activity on our LAN or Wi-Fi network, you can find a review of this product by @revC0de here: http://tweakbytes.com/threads/glasswire-network-security-monitor-pro-edition-1-2-73-review.3872/
    Then I want to suggest also Evorim Free Firewall: http://www.evorim.com/en/free-firewall, which I made a review here: http://tweakbytes.com/threads/review-evorim-free-firewall-1-3-1-16244.3918/
    It is a new firewall product but very promising, interesting features, especially for who perform Malware Analysis and want to stay safe during the analysis process. The last firewall which I want to suggest is Tiny Wall: https://tinywall.pados.hu/, which is free and non-intrusive; and it can be used also in MTAC forum when doing testing, etc.

    -Virtualization and sandboxing (Really important): Some antivirus products bring this feature as an included feature in the software itself, like Qihoo 360 Internet Security, but I want to recommend for this section the best virtualization software in my opinion: SandBoxie, which is avalaible also in freeware version, really powerful and suggested: http://www.sandboxie.com/index.php?DownloadSandboxie. But there also other sandboxing softwares like the sandbox software included in Comodo Internet Security Premium (Free) which is also really safe for critical operations for security, like banking operations and online shopping: https://www.comodo.com/home/internet-security/free-internet-security.php.

    -Browser extensions (Fundamental): There are a lot of security browser extensions, but I already made a list of recommended extensions here:http://tweakbytes.com/threads/list-of-suggested-anti-phishing-anti-malware-extensions-updated.3772/
    The most important add-on to install to your browser is the adblocker extension: personally I recommend uBlock Origin: https://addons.mozilla.org/nn-NO/firefox/addon/ublock-origin/ - https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en, which is really light on resources and it has a good web filter. There are also other good extensions like Avira Browser Safety (suggested by @Der.Reisende ): https://www.avira.com/en/avira-browser-safety, WOT: https://www.mywot.com/, then I would suggest also HTTPS Everywhere:https://www.eff.org/HTTPS-EVERYWHERE and finally Disconnect: https://disconnect.me/.

    -Password Manager (Suggested):LastPass: https://chrome.google.com/webstore/...ord-ma/hdokiejnpimakedhajhdlcegeplioahd?hl=en - https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/

    -Backup software (Fundamental): Here I would suggest only two softwares: Macrium Reflect Free: http://www.macrium.com/reflectfree.aspx and AOMEI Backupper Free: http://www.backup-utility.com/free-backup-software.html, make sure you have always a backup plan really solid and secure in case of system errors or crashing.

    Finally I would want to suggest also CCleaner Free: https://www.piriform.com/ccleaner for privacy and optimization and also a defragger, such as Auslogics Disk Defrag Free: http://www.auslogics.com/en/software/disk-defrag/.

    Now we have the suggested points for best security practices to stay safe online.

    The protection of your computer against malware is complex, and works in layers.

    The malware can enter your computer in several different ways, then it is necessary to diversify the defense strategy.

    Here are some tips to protect your pc that are born from our experience, some are essential, others add some extra protection and you can choose whether to apply them, also because some advices add further protection, but maybe they can penalize the performance of your computer, the usability or browsing speed but according to us, safety first!!

    However, it is important to know that there is not a program or a unique system of protection against malware.

    Read the tips below careful as to your behavior!

    1. A lot depends on your behavior! Common sense and prudence, in particular when you use the computer for online activity, are fundamental to reduce the risk of malware infections or theft of your data. When you browse or when you use the computer is how would you act in real life situations. For example, would you leave open the door of the house when you leave? Would you give data of your credit card to the first person that passes by in the street? Would you accept gifts from strangers on the street?
    Remember that scams, malware, and hackers are always active, then use the best security programs.

    2. Use the right configuration of security programs by using an antivirus with real-time protection, an anti-malware for on-demand scans and a firewall, a good configuration (Windows Defender or Avast) + Zemana anti-Malware Free or paid + sure Windows Firewall.

    3. Performs regular scans of your system with different scanners; there are online scanners, portable scanners, cloud, and scanners to be installed (such as Zemana AM).

    4. Make full system scans with different scanners, as soon as you notice the symptoms of malware infections.

    5. Do not use two antivirus with real-time protection, risks, conflicts and malfunctions, consider that Windows Defender disables itself automatically if you install another antivirus, but in latest Windows 10 Build, it is possible to use WD as a scanner for periodic scans.

    6. For this reason, and so to avoid conflict with the antivirus that you go to install, when you uninstall a antivirus make sure you delete it completely from your computer, it is possible to use Geek Uninstaller to perform a thorough removal.

    7. If possible, scan any external drive when connected to your computer (for example USB sticks, external hard drives, etc), and also be careful about CD and DVD: all may contain malware.


    Keep your system and programs updated!


    8. Keep updated the protection programs that you use, every day thousands of new variants of malware are widespread and the signatures used by antivirus, is updated very often, even several times per day.

    9. Keep updated Windows, Office and all the programs that you use, Microsoft releases security updates frequently, to prevent malware and other computer attacks by closing possible security holes in Windows.

    10. Keep the programs and components, in particular browsers, PDF readers, Adobe Flash, Java, QuickTime, Silverlight, add-ons, plugins etc. updated. The hackers, in fact, often exploit the numerous security holes in these programs to enter your computer or install malware, for which you have on your computer the latest version.
    If you want to add an extra layer of security, you may set programs to update automatically.

    11. Some programs do not offer the features of auto-update, so you should manually check for updates.
    Java and Adobe Flash are among the programs that are most exploited by hackers to enter your computer: if you do not use these software it is better to uninstall them, otherwise it is necessary to keep them up to date.

    12. In short: the operating system, programs, browsers and their components should be always updated as soon as they are released.

    Use the security features of Windows.

    13. For daily tasks, create and use a standard user account as suggested by Microsoft.

    14. Use the User Account Control (UAC) Windows default settings. The User Account Control shows a message every time the computer changes that require administrator permissions are made. This avoids that a malware can make changes without you know.

    15. Protect the account with password: it is like closing the door of the house when you leave.

    16. Enable macro security in the security settings of the Office programs (Word, Excel and Access in particular). Malware code may be hidden in macros in the file that you download.


    Careful how you choose and use passwords.


    17. Use different passwords for each site or service that requires passwords. If someone steals you just one password, it will be harder for hackers to fully violate your identity online.

    18. If possible, use a password manager (a program of management of passwords) as KeePass, LastPass, or Password Safe. These programs also offer useful additional functions.

    19. Using programs of protection against keyloggers like Zemana Antilogger or SpyShelter, which encrypts what you type on the keyboard, preventing the malware can intercept this info. These programs are particularly useful when you have to enter passwords for access to online banking or account.

    20. Always choose passwords that: are long at least 8 to 10 characters; include upper and lower case letters, numbers, special symbols; do not repeat letters or series of letters; not to be obvious and easily guessed.

    21. Check carefully the validity of your passwords and use them only when you think that they are really safe.

    22. Do not spread never your passwords, not even by email: no legitimate service will ever ask you to send your password via email.

    23. Be careful when you type the passwords, especially in public places. Like when you type the code in the ATM, it would be best to make sure no one is watching what you type; they can also be hidden cam that record your movements.

    24. Change your passwords with regularity. If they are important passwords, such as online banking, the ideal is to change them every 1-2 months.


    What to do when you use e-mail programs, or chat.


    25. If you use a email client (Windows Mail or Thunderbird), always check for spam.

    26. If you can, set a maximum level of security in their options.

    27. Never open email clearly suspicious.

    28. Be careful to open email messages from unfamiliar senders.

    29. Never open suspicious attachments to email (or chat messages). Many malware are sent as attachments in email messages or chat, and infect when these attachments are opened. Malware can be hidden in the form of funny images, greeting cards, video and audio files. Do not trust to open attachments from unknown even if they come from known senders.
    Often, in fact, the attachments will travel with a email sent from accounts without the real sender's knowledge.

    30. If you need to open a suspicious attachment, do a scan with your antivirus before opening it and check it on VirusTotal.

    31. Do not click on the links in the email if you're not sure. The links in the email may redirect you to a fake login page, through which hackers can steal access data. If you're not sure if it is spam or not, instead of clicking on the link in the email and enter the url of the company to which the link should send you. For example, if there is a link to UPS, type www.ups.com/ in the browser instead of clicking on the link.

    32. In general, never respond to suspicious emails, especially if they ask for personal or financial information.
    The information that you must keep safe: your usernames, your passwords, your banking details, numbers of your credit card information or your family, your personal data.


    What to do when you download and install


    33. Before downloading anything, check the reputation of the site from which you're downloading, and read any comments about the file or program you want to download.

    34. Download programs and files only from authoritative sources. As far as the programs, we prefer to always download from the official site of the program, when available, otherwise from well known file containers like Softpedia, Majorgeeks, etc.

    35. Scan the downloaded software with an antivirus before installing it, if possible, use VirusTotal to scan the file before opening it.

    36. Never, never, never use cracked programs, very often they contain malware.

    37. Install only the components you need. Often programs (especially free versions) tend to install other useless programs, such as toolbars, PUPS and sometimes even malware.

    38. If you notice symptoms of infection in your computer immediately after you install a program, uninstall immediately it and launches a full system scan.

    39. Remember to uninstall the programs you don't use, and remove unnecessary add-ons and plugins from browser: are all potential channels of infection. The less programs you have, the more secure (and fast) will be your computer.

    40. If you're not sure of the program, you can test in a sandbox using Sandboxie. This is a free (and paid version) program that runs the program in a virtual environment (sandbox) that isolates it from the rest of the system and prevents any malware to spread and do damage on your system. Some antivirus or suites offer the function of sandbox, otherwise, use this program especially when you are on risky sites or download suspicious files.
     
    daljeet, LowcyGier, wwd and 13 others like this.
  2. Google Adsense

  3. Trim

    Trim MTAC Moderator Staff Member

    What do you do when you browse


    41. Use Sandboxie: the same program that I mentioned above also works well for browsing, preventing malware from malicious sites from entering and spreading in your system.

    42. Do not open unsavory and strange sites, or if suspicious.

    43. Do not download (fake) antivirus programs just because on your computer appeared a message that informs you that your computer is infected and to remove the infections you have to precisely click on a link or download or install or buy a program: this is one of the techniques used to spread malware.

    44. Do not click on suspicious Ads.

    45. Do not click on pop-ups or messages of winning (for example "discover how you can become rich in two days!"), Behave like in reality: would you leave your data to a person who will stop you in the street to tell you that you have won something?

    46. Check that the connection is encrypted with SSL. Before you enter sensitive information online (such as login data), check that the site uses an encryption system: the Url must begin with https:// instead of with http. In fact, https:// indicates that the connection to the site is encrypted and thus protected. Browsers also show a padlock or similar symbols next to https://. If the url does not begin with https, and you do not see the padlock, think well before you enter information: this may be a phishing site or scam.

    47. Use a safety add-on for navigation. Most of the browser can be integrated by extensions that show you the level of dangerousness of a site that you're seeing. For example, Bitdefender Trafficlight: a free extension for various browsers which helps avoid content and sites at risk.

    48. Use an AD blocker. They are often safe advertising pages, but some Ads or pop-ups can contain malicious or unsafe code. An AD blocker prevents the display of these ads pages.
    uBlock Origin is a very good choice.

    49. Clear the browser cache and your browsing history. Browsers normally store information on web sites visited and any data that you may require, in a folder on your computer. Even if it is normally useful to preserve this information to speed up browsing the Internet, sometimes even just as an extra measure of safety should delete all this information, so that any malware on the computer could not access them.
    You can delete the temporary Internet files manually, or with CCleaner;

    50. In general, never enter personal or financial information into suspicious websites. As in the email the information that you must keep: your usernames, your passwords, your banking details, numbers of your credit card information or your family, your personal data. Careful not to type this information in suspicious online forms; this can be enough for any hackers to gain possession of it, even if you do not click on the submit button of this information;

    51. Always use the exit button, signout or logout to exit from a service.


    Secure your Wi-Fi

    52. If you're using a wi-fi connection, set an appropriate type of encryption of the WLAN using WPA2-Personal (PSK).

    53. Use a complex password for access to your network, which is composed of several upper-and lowercase characters, symbols and numbers, in random order.



    This thread was made by @Trim and @revC0de
     
    daljeet, LowcyGier, wwd and 14 others like this.
  4. Der.Reisende

    Der.Reisende Malware Tester Silver Member

    Now that's a lot input, but it seems everything the common user should know is covered, great share @revC0de and @Trim! It's worth every second you spent on :)
     
    LowcyGier, wwd, artoor and 7 others like this.
  5. tonino

    tonino Guest

    Great work Trim. Thanks for your time to make all this advise!
     
    LowcyGier, wwd, jasonX and 3 others like this.
  6. jasonX

    jasonX Giveaways Moderator Staff Member

    This thread was made by @Trim and @revC0de -- THANK YOU VERY MUCH GUYS VERY NICE!!! VERY NICE INDEED!!!

    Maybe we can link it to the blog ;)
     
    LowcyGier, wwd, silversurfer and 5 others like this.
  7. BC2Tweak

    BC2Tweak Reviews Moderator Staff Member

    Indeed gentlemen...you have done splendidly!! :)
    :cool::laugh::joy::joy::joy::joy::clap::glad::laugh::cool:
     
    LowcyGier, wwd, guardian and 5 others like this.
  8. Trim

    Trim MTAC Moderator Staff Member

    Thank you everyone guys! I'm really glad that you like our thread!! :) :ohno:
     
    daljeet, LowcyGier, wwd and 5 others like this.
  9. revC0de

    revC0de MTAC Moderator Staff Member

    This thread is a general consideration, valid for everyone, simple and effective.

    But I plan to add more specific security configurations for different contexts, for example: online banking configuration if you often use your PC for banking transactions, it is necessary a specific tools set.
    Work and study configurations, it will have a different tools set and so on.
     
    LowcyGier, wwd, guardian and 4 others like this.
  10. guardian

    guardian Administrator Staff Member

    comprehensive and easy to understand... well done lads... well done!!
     
    LowcyGier, wwd, Trim and 3 others like this.
  11. artoor

    artoor Moderator Staff Member

    Wow! I can see thorough approach to security. Well done! Thank you :cool::clap:
     
    LowcyGier, wwd, guardian and 5 others like this.
  12. revC0de

    revC0de MTAC Moderator Staff Member

    Thanks guys, really appreciated your opinion! :joy::cool:
     
    LowcyGier, wwd, guardian and 3 others like this.
  13. jerzy6012.50

    jerzy6012.50 Valued Member Known Member

    interesting article understandable and clear take advantage of the comments that have been written and take advantage of them.
    thanks to Trim.:cool:
     
    LowcyGier, wwd, Trim and 4 others like this.
  14. Petrovic

    Petrovic Forum Addict Silver Member

    LowcyGier, revC0de, wwd and 5 others like this.
  15. guardian

    guardian Administrator Staff Member

    http://tweakbytes.com/portal/
     
    LowcyGier, revC0de, wwd and 5 others like this.
  16. wwd

    wwd Illustrator Silver Member

  17. Dhruv Gupta

    Dhruv Gupta Member

    THANKS FOR THE HARD WORK!!!TO THE POINT.
     
    revC0de, Trim and LowcyGier like this.

Share This Page