Tips to use Email

I welcome all my readers in my second blog. I will start this blog with a small story. One of my friends is looking for a job and every week he has to attend interview sometimes in the city and sometimes outside the city and it’s really difficult for him to carry all the documents with him. It has become more difficult because each company has its own requirements, few wants education certificate, few wants personal documents too and few company has other requirements, so it is really difficult for him to carry all his documents with him everywhere so he decided to keep all his document's scan copy in his email inbox and he takes print out of whatever documents he required. This is a very easy and effective way to carry documents anywhere without any physical file.

But just think what will happen when some unauthorized person has access of your email. It may go worst than our expectation; an unauthorized person can see your data, your education qualification, your contact details, passport details and many more. How can we protect our email from such an unauthorized access, we are going to discuss it today. I will give you basic idea to protect your device or email from an unauthorized person. 

Create your email password strong:

A strong password protects your email from Brute-Force attack (I will write a separate blog for Brute-Force attack), We suppose to use upper case, lower case, numbers and special characters in our password together to avoid someone from guessing our password, never use your name, date of birth or mobile number as your password because it can be easily guessed by anyone.

(i) Use Multi factor Authentication:

It is an authentication method in which user has to pass more than one authentication to complete any task. Nowadays all banks transaction systems has adopted this method but when we talk about the general public I saw only few people who use this technology to protect his/ her email or personal device.

(ii) How Multi factor Authentication works:

Take an example when you enter your ATM card in the ATM machine you cannot withdraw the money just by entering your ATM card you need to enter your ATM PIN also to do any transaction this is an example of 2 factor Authentication because it has two layers of protection, one is ATM card and the other is ATM PIN  similarly, we have one more example and that is OTP ( one time Password ) when we do any online transaction by net banking we have to enter our password to login and then we have to enter OTP also to complete the transaction, similarly we can do 2 steps verification in our mail also. I will share a good example of Gmail here because it is used by many people and very common in general public. In Gmail we have option for Voice or Text Message so, whenever anyone will try to login in the Gmail account it will send a text or voice message on phone and we have to enter that to login in Gmail account.

(iii) Never share your password with anyone:

I was travelling in a taxi and the taxi driver requested me to reset his Paytm password because he was not much educated and he did not know how to use that application, nowadays people are using data much more and they had started using many money transfer application but they do not know how to use that. It's very common to share password with friends and relatives.

(iv) Do not use same password everywhere:

This is the common mistake I find with people they use same passwords for all application. They use same password for computer login, emails and for banks also and they share the password with friends without knowing that they are sharing passwords of all his application. All security applications, software and tools are useless if someone knows your password so we need to think about it. 

  

 Public Place email access (Use of public Wi-Fi or computer)

Today internet is available everywhere in the metro cities, railway stations, airports, etc. and it’s very common practice to use public internet to check ticket details when we are travelling, watching your favorite shows online, when we are waiting for someone or while waiting for flight, and to save our data we use free public Wi-Fi which is not a good practice, we do not know who manage it and since it’s for common purpose and many people use same network and subnet so it’s easy for an unauthorized person to access your phone from the same network.

(i) Look over your shoulder

Generally people don’t think much on small things which might come out like a disaster, when we use our PC or mobile at public place we don’t see what other people are doing around.  Suppose you are entering the password and someone saw that from your back side, in such case he can login in your email, so we have to be careful whenever we enter our password. Always check behind your shoulder is there anyone looking at your device (phone, PC)

Use VPN:

This is something that people use mostly in companies, but we can protect our computer or emails by using it, it provides a virtual private network so, other people need permission to enter in your network, apart from this we can avoid extra unwanted ads while browsing, we can access 

out home network from anywhere or public internet more effectively and securely with the help of VPN.

Use internet carefully:

We use internet but only few of us check the links that we open, we suppose to open only those links which are secured, and the best method to know about it is to see at the URL: if it is HTTPS then it is secured and if it is without “s” ( HTTP) then it is not secured so please try to use those websites which are secured and which starts with HTTPS.

 (i) Don’t click on any link in the email if you are not sure

Clicking on any link can put you in trouble, because you can allow someone to encrypt your data, or you can give permission to install any software in background which can be a spyware. Do not click on any link or attachment if it is not from an authorized person.

Fake call or email:

Few days back a person called my brother on behalf of Paytm, and told that he will help him in KYC process, since my brother is not from technical background he was not able to understand the process then that guy shared my brothers mobile screen by using team viewer ( A software used to share the screen of computer with other person) and he saw his user ID, password, bank details everything and my brother did not even noticed it and after that, that person tried to login in his email and bank account.

Like this you may get an email or call for technical support or for a lucky draw, always be careful and contact police cyber sell for such issue.

Use antivirus:

Always use antivirus in your phone and laptop, it will protect your device from unauthorized access and apart from this there is many other benefits of using antivirus and we suppose to use it every time.

Always update your operating system and other software in your device 

We suppose to update our operating systems as well as all the software that we use in our device, because whenever a company find any malware or any security related issue in its products they issue a new patch or issue a new updated version of that software which will help to protect our device, avoid to use free or unwanted software or websites that is not from an authorized source.

I hope the above information will help my readers to protect his/her computer from an unauthorized access, Please share it with your friends and put your questions related to this post, suggestions and advice are most welcome.  

Conficker and Rogue System Detection

This is my first blog, and my aim is to share real-world experiences from cybersecurity experts. I’ll cover prominent cyber-attacks and how professionals protect their environments from such threats. Additionally, I’ll provide tutorials on various cybersecurity technologies and tools.

Today, I’m starting with a very well-known cyber-attack that first surfaced in November 2008. It affected government organizations, private sectors, and even home computers across over 190 countries, making it the largest known computer worm infection since 2003. If you’re a cybersecurity professional, you’ve likely guessed it—I'm talking about Conficker.

Conficker targeted Microsoft Windows operating systems, and its initial detection was in 2008. In 2011, Ukrainian police arrested Mikael Sallnert, who was sentenced to 48 months in prison for his role in the attack.

 

How Conficker affect your machine ?

 

Conficker used dictionary attacks on administrator passwords to propagate itself while forming a botnet. It could execute arbitrary code via a crafted RPC request that triggered a buffer overflow during canonicalization. Once on a system, Conficker copied itself with a random name into the system directory (%systemroot%\system32) and registered itself as a service.

After gaining access to a machine, Conficker set up a small HTTP server and began scanning for other vulnerable machines. When a target was identified, the infected machine would send a URL with the payload to the target, which would then download the worm and continue the infection cycle.

                                   

Why Do Such Attacks Happen?

Attacks like Conficker often succeed due to unmanaged or unprotected machines within a network. These “rogue” machines can be a gateway for attackers to infiltrate your environment.

What Is a Rogue Machine?

A rogue machine is any unprotected system within a network. If a machine lacks antivirus software or doesn’t adhere to security policies, it becomes a rogue system. These machines pose a significant risk because they can be exploited by attackers to spread infections throughout an entire network.

How Can We Protect Our Environment?

Using antivirus software is crucial, but it’s not always enough—especially if some machines don’t have antivirus installed. Identifying rogue systems is challenging but essential for comprehensive network protection.

For example, consider a car manufacturing company with several business units—manufacturing, design, dealerships, and showrooms. The company manages its manufacturing and design units directly, but it may not manage the dealer’s computer systems. However, dealers may need access to the company’s network. An attacker could target a dealership’s unprotected machine and, through it, gain access to the more secure manufacturing unit.

To protect against such threats, it’s important to monitor all machines in your network, regardless of whether they are directly managed. This is where Rogue System Detection (RSD) comes into play.

How Does Rogue System Detection Work?

Rogue System Detection involves placing sensors within your network, often using a DHCP server. These sensors detect all devices connected to the subnet—laptops, desktops, IP phones, printers, etc.—and send the information to an endpoint management tool that cybersecurity professionals use.

Rogue System Detection works by employing tools like WinPcap to monitor network traffic and protocols such as ARP and DHCP to identify all systems on the network. The sensor sends details about every device to the antivirus management tool, which filters out the rogue machines.

You can also configure exceptions for devices like printers or IP phones that you don’t want to monitor. Additionally, you can block specific machines as needed to tighten security.

By using Rogue System Detection, you can ensure that all machines in your network—whether directly managed or not—are monitored, reducing the risk of attacks from unmanaged systems. This approach would have been effective in mitigating the spread of infections like Conficker, which took advantage of such weaknesses.

In this post, we’ve explored the Conficker worm and the dangers posed by rogue machines. By implementing Rogue System Detection, organizations can safeguard their networks from such threats. Stay tuned for more tutorials and insights into how cybersecurity professionals defend against real-world attacks!