TW:
The world is full of shenanigans right now. Here are some things that you SHOULD do.
1) Go here to to a basic router check
F-Secure Router Checker — Is your Internet connection safe? | F-Secure
2) Go here and check your e-mail address(es)
https://haveibeenpwned.com/
3) Update your OS / Security patches
4) Run a decent AV package like
Free:
Download Free Antivirus and Web Scanner | Sophos Home
Malwarebytes Cybersecurity for Home and Business | Malwarebytes
AVG 2021 | FREE Antivirus, VPN & TuneUp for All Your Devices
Although the free Microsoft software has gotten better, do yourself a favor and get protection from malicious websites
Change your passwords on occasion.
Do not use the same account name, e-mail addresses and passwords across sites.
Upgrade your firewall/router/wireless system. Look for something that has "stealth" mode for your wireless.
Look into creating an ACL for your internal network. Change vendor supplied accounts/PWs. Turn off any sort of outside web management. Make a little DMZ for your pals/guests that is totally segregated from your home network.
You know, all the basic shit you should already be doing.
OK - now onto some current advice.
1) PRINTNIGHTMARE Turn off your windows print spooler service if you aren't using it. You will find out if you are but there is likely no reason to use it if you don't have a printer attached. Even if you do, you are unlikely to be sharing it. If you are? Make sure you are patching asap.
2) HIVENIGHTMARE -New. No patch
To see if your computer is susceptible to the flaw, CERT suggests opening a command prompt and typing the following:
If the output includes an entry for
then your system is vulnerable.
icacls | Microsoft Docs
Anyway - this is not meant to be a fix everything thread. It is just a couple of things you can do to keep your system safer and to see if you have already been compromised.
Ad blockers can really help as well since some malware is being delivered directly through ads.
Here is a password stealer "MosaicLoader" that is delivered through paid search results...
Password-stealing Windows malware spreads via ads in search results | TechRadar
Even LINUX has a new identified flaw
Two-for-Tuesday vulnerabilities send Windows and Linux users scrambling | Ars Technica
Anyway - good luck. Getting ugly.
The world is full of shenanigans right now. Here are some things that you SHOULD do.
1) Go here to to a basic router check
F-Secure Router Checker — Is your Internet connection safe? | F-Secure
2) Go here and check your e-mail address(es)
https://haveibeenpwned.com/
3) Update your OS / Security patches
4) Run a decent AV package like
Free:
Download Free Antivirus and Web Scanner | Sophos Home
Malwarebytes Cybersecurity for Home and Business | Malwarebytes
AVG 2021 | FREE Antivirus, VPN & TuneUp for All Your Devices
Although the free Microsoft software has gotten better, do yourself a favor and get protection from malicious websites
Change your passwords on occasion.
Do not use the same account name, e-mail addresses and passwords across sites.
Upgrade your firewall/router/wireless system. Look for something that has "stealth" mode for your wireless.
Look into creating an ACL for your internal network. Change vendor supplied accounts/PWs. Turn off any sort of outside web management. Make a little DMZ for your pals/guests that is totally segregated from your home network.
You know, all the basic shit you should already be doing.
OK - now onto some current advice.
1) PRINTNIGHTMARE Turn off your windows print spooler service if you aren't using it. You will find out if you are but there is likely no reason to use it if you don't have a printer attached. Even if you do, you are unlikely to be sharing it. If you are? Make sure you are patching asap.
2) HIVENIGHTMARE -New. No patch
To see if your computer is susceptible to the flaw, CERT suggests opening a command prompt and typing the following:
Code:
icacls %windir%\system32\config\sam
Code:
BUILTIN\Users:(I)(RX)
Here is the link to info on icaclsNo patch is yet available for this flaw, prompting Microsoft and CERT to suggest the following workarounds for any individual or organization worried about this hole being exploited.
Open a Command Prompt as an administrator. Type the following command:
Delete any System Restore points and Shadow volumes that you created before restricting access to %windir%\system32\config. To delete the shadow volumes, type the following command: vssadmin delete shadows /for=c: /QuietCode:icacls %windir%\system32\config\*.* /inheritance:e
Finally, create a new System Restore point (if desired).
icacls | Microsoft Docs
Anyway - this is not meant to be a fix everything thread. It is just a couple of things you can do to keep your system safer and to see if you have already been compromised.
Ad blockers can really help as well since some malware is being delivered directly through ads.
Here is a password stealer "MosaicLoader" that is delivered through paid search results...
Password-stealing Windows malware spreads via ads in search results | TechRadar
Even LINUX has a new identified flaw
Two-for-Tuesday vulnerabilities send Windows and Linux users scrambling | Ars Technica
Anyway - good luck. Getting ugly.
Last edited: