ON SECURITY By Susan Bradley On March 21, the US president issued a warning about the possibility of Russian cyberattacks against American businesses,
[See the full post at: Check your defenses]
Susan Bradley Patch Lady/Prudent patcher
|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
-
Check your defenses
- This topic has 19 replies, 9 voices, and was last updated 3 years, 2 months ago.
AuthorViewing 10 reply threadsAuthor-
ON SECURITY By Susan Bradley On March 21, the US president issued a warning about the possibility of Russian cyberattacks against American businesses,
[See the full post at: Check your defenses]On the brink of a very possible global disaster, it is strange that there is no active thread here for this urgent letter from the US Government =>
“https://www.whitehouse.gov/briefing-room/statements-releases/2022/03/21/fact-sheet-act-now-to-protect-against-potential-cyberattacks/ “* _ ... _ *1 user thanked author for this post.
-
You’re posting a reply in it.
-
-
-
-
In the post Germany warns against Russian anti-virus use I wrote,
According to BLEEPINGCOMPUTER, HackerOne has kicked Kaspersky’s bug bounty program off its platform.
The action follows the German Federal Office for Information Security’s (BSI) warning against using Kaspersky anti-malware products due to Russian threats against the EU, NATO, and Germany earlier this month.
In addition, since September 2019, all US government agencies and their contractors have been prohibited from using cybersecurity products provided by or using software made by Kaspersky.
The US ban on agencies and their vendors/contractors is comprehensive and covers the, “contracting for hardware, software and services developed or provided by Kaspersky Lab or its related entities, or using any such hardware, software or services in the development of data or deliverables first produced in the performance of the contract”.
In short, if you do work for the US federal government you are restricted from using Kaspersky products on any IT system that directly or indirectly touches government work. So, the way we see it, if one of your employees uses a Kaspersky product on their personal computer and uses the computer to check their office email you are in violation of the federal ban.
Or if you maintain computers for a firm that does work for the federal government you are also prohibited from using Kaspersky products on any device that may interface with your client’s hardware or software.
1 user thanked author for this post.
-
Over recent weeks we have seen an increase of email spam with heading like:
- Processed _ invoice #94851
- Your email delivery has been delayed
In each case the email had an attachment – opening the attachment represented a threat.
Some do’s and don’ts.
Do’s:
- Use a subscription email service that provides a high level of security.
- Make sure that your email service’s virus filter is activated.
- Screen your email on the service’s webmail interface before downloading it to Outlook or similar software.
- Make sure that you are running anti-virus software (other than the Russian owned Kaspersky anti-malware products) and keep it updated.
- Disable the message preview option in Outlook and similar software to prevent malicious programs from sneaking into your system.
- Ignore or delete messages containing attachments that are from unknown senders.
- Think twice before opening graphics and media attachments, they may carry viruses.
- Keep several independent email accounts so that if one goes down you have an alternative.
- Back up your email on a scheduled basis. In Outlook go to File, Open & Export, Import/Export, and follow the directions from there. We export to an external drive using the Outlook Data File PST format.
- Use dedicated computers that are isolated from your network to screen email and browse the internet so that if a virus sneaks through it can be isolated and not attack production workstations.
Don’ts
- Do not open an email attachment from an unknown sender/address.
- Do not open any executable files, documents, spreadsheets, etc. from email addresses that you do not recognize.
- Do not download executable files or documents from the internet.
- Do not open files with a double file extension such as filename.txt.vbs.
- Make sure that your virus software screens all incoming and outgoing email.
-
-
BBC News just now: More must reconsider Russian anti-virus software use, UK warns – BBC News
National Cyber Security Centre blog: Use of Russian technology products and services following… – NCSC.GOV.UK
1 user thanked author for this post.
-
Screen your email on the service’s webmail interface before downloading it to Outlook or similar software.
Does that actually provide any safety?
Just because you don't know where you are going doesn't mean any road will get you there.
1 user thanked author for this post.
-
-
-
OscarCP
I have no idea if anyone else screens their email prior to downloading it.
We do it at the recommendation of our email service provider.
In addition, our employees and guests are prohibited from using company hardware or internet services to view personal email or scan the internet.
1 user thanked author for this post.
-
-
-
-
This partial banning of Kaspersky’s applications, in this case by the US government, is as necessary as it is unfortunate. I wonder how many more things like this are still waiting in the wings, getting ready to come on stage.
As Eugene Kaspersky said, in closing his much criticized for being cautious declaration (*) in the early days of the conflict: “War is not good for anyone.”
No, it’s not. Unfortunately knowing this about war is not enough to prevent it.
(*) Criticism that was not well applied, in my opinion, as people that sleep safe at home, in their own beds at night, were really criticizing him for what? Not being a sort of kamikaze hero and attacking Putin openly? Not considering the trouble he could get in his working associates and his own family? Maybe he should have been that heroic, but in my book I have no call for asking someone to do something possibly dangerous, perhaps to the point of heroism that I know I won’t have to do myself. His critics must have different books.
Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).
MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV1 user thanked author for this post.
-
-
Please see my recent post on Kaspersky and Ukraine at
https://www.askwoody.com/forums/topic/kaspersky-and-ukraine/
It concludes, “In short, we do not feel comfortable doing business with Kaspersky and recommend that other computer users find alternative antivirus tools in order to ensure their safety while on line, due in part to:
- Kaspersky Lab being a Moscow-based company,
- Eugene Kaspersky’s failure to speak out against the invasion and occupation of the Ukraine,
- Eugene Kaspersky’s historic ties to the KGB, Russian military, and the Communist Party of the Soviet Union, and
- The history of the Russian governments intrusion into the operations of the “private sector” organizations.
1 user thanked author for this post.
-
Unfortunately, Kaspersky is damned no matter what position he takes, either by Putin or the West. From my perspective, his background was an asset, not a liability, especially in the war against state actors. In the past, he’s been a valuable contributor in the cyber community. Let’s not forget that Kaspersky Labs builds an excellent product and it’s never good for consumers when a major competitor exits the market.
As I stated a month back or so, I notified my clients that I could no longer recommend Kaspersky as an option going forward. I’ve since recommended that business clients remove Kaspersky A-V from even their home devices. I always thought of Kaspersky as one of the good guys, but now the risk of compromise is simply too great. Sadly, Putin has essentially destroyed the integrity of the entire Russian tech sector for the foreseeable future.
Don’t know how I missed this FCC press release (yeah I do, it was Friday):
Carr Welcomes Expansion of FCC’s National Security Blacklist (pdf)
1 user thanked author for this post.
-
-
Viewing 10 reply threads
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Microsoft : Edge is better than Chrome
by 4 hours, 48 minutes ago
-
The EU launched DNS4EU
by 10 hours, 21 minutes ago
-
Cell Phone vs. Traditional Touchtone Phone over POTS
by 42 minutes ago
-
Lost access to all my networked drives (shares) listed in My Computer
by 15 hours, 48 minutes ago
-
Set default size for pasted photo to word
by 21 hours, 49 minutes ago
-
Dedoimedo tries 24H2…
by 9 hours, 56 minutes ago
-
Windows 11 Insider Preview build 27871 released to Canary
by 1 day, 20 hours ago
-
Windows 11 ad from Campaign Manager in Windows 10
by 1 day, 18 hours ago
-
Small desktops
by 11 hours, 28 minutes ago
-
Totally disable Bitlocker
by 14 hours, 21 minutes ago
-
Phishers extract Millions from HMRC accounts..
by 1 day, 18 hours ago
-
Windows 10 22H2 Update today (5 June) says up-to-date but last was 2025-04
by 3 days ago
-
Thoughts on Malwarebytes Scam Guard for Mobile?
by 19 hours, 30 minutes ago
-
Mystical Desktop
by 3 days, 4 hours ago
-
Meta and Yandex secretly tracked billions of Android users
by 2 days, 9 hours ago
-
MS-DEFCON 2: Do you need that update?
by 1 day, 1 hour ago
-
CD/DVD drive is no longer recognized
by 3 days, 19 hours ago
-
Windows 11 24H2 Default Apps stuck on Edge and Adobe Photoshop
by 3 days, 22 hours ago
-
North Face and Cartier customer data stolen in cyber attacks
by 3 days, 20 hours ago
-
What is wrong with simple approach?
by 1 day, 18 hours ago
-
Microsoft-Backed Builder.ai Set for Bankruptcy After Cash Seized
by 4 days, 7 hours ago
-
Location, location, location
by 2 days, 22 hours ago
-
Cannot get a task to run a restore point
by 4 days, 9 hours ago
-
Frustrating search behavior with Outlook
by 3 days, 23 hours ago
-
June 2025 Office non-Security Updates
by 4 days, 19 hours ago
-
Secure Boot Update Fails after KB5058405 Installed
by 8 hours, 36 minutes ago
-
Firefox Red Panda Fun Stuff
by 4 days, 19 hours ago
-
How start headers and page numbers on page 3?
by 5 days, 6 hours ago
-
Attack on LexisNexis Risk Solutions exposes data on 300k +
by 4 days, 8 hours ago
-
Windows 11 Insider Preview build 26200.5622 released to DEV
by 5 days, 14 hours ago
Remembering Woody
