El director de la Agencia de Seguridad de Infraestructura y Seguridad Cibernética (Cybersecurity and Infrastructure Security Agency – CISA) de EE.UU., Christopher C. Krebs, ha emitido una declaración en respuesta al reciente aumento de la actividad cibernética maliciosa, incluidos los ataques de phishing y la fuerza bruta, por parte de actores y representantes del régimen iraní.
CISA alienta a los usuarios y administradores a revisar la Declaración de CISA sobre las Amenazas de la Ciberseguridad y los consejos y las mejores prácticas para mantenerse a salvo en línea, incluidos los siguientes:
- Evitar la ingeniería social y los ataques de phishing
- Spray de contraseñas y ataques de fuerza bruta
- Cómo elegir y proteger contraseñas
- Suplemento a las contraseñas
La lista completa incluye…
Threats
- Protecting Against Ransomware
- Protecting Against Malicious Code
- Securing Voter Registration Data
- Handling Destructive Malware
- Understanding Hidden Threats: Rootkits and Botnets
- Dealing with Cyberbullies
- Avoiding the Pitfalls of Online Trading
- Identifying Hoaxes and Urban Legends
- Understanding Hidden Threats: Corrupted Software Files
- Recognizing Fake Antiviruses
- Recognizing and Avoiding Spyware
- Understanding Denial-of-Service Attacks
- Avoiding Social Engineering and Phishing Attacks
- Preventing and Responding to Identity Theft
- Recovering from Viruses, Worms, and Trojan Horses
General Security Information
- Proper Disposal of Electronic Devices
- Defending Against Illicit Cryptocurrency Mining Activity
- Securing Network Infrastructure Devices
- Securing the Internet of Things
- Before You Connect a New Computer to the Internet
- Home Network Security
- IRS and NCCIC Caution Users: Prepare for Heightened Phishing Risk This Tax Season
- International Mobile Safety Tips
- Keeping Children Safe Online
- Debunking Some Common Myths
- Real-World Warnings Keep You Safe Online
- Understanding Anti-Virus Software
- Understanding Firewalls for Home and Small Office Use
- Good Security Habits
- Coordinating Virus and Spyware Defense
- Safeguarding Your Data
Network Defense and Enterprise Security
- Best Practices for Securing Election Systems
- Questions Every CEO Should Ask About Cyber Risks
- Website Security
- Securing Enterprise Wireless Networks
Email and Communication
- Staying Safe on Social Networking Sites
- Understanding Your Computer: Email Clients
- Understanding Digital Signatures
- Using Instant Messaging and Chat Rooms Safely
- Using Caution with Email Attachments
- Benefits of BCC
- Reducing Spam
- Benefits and Risks of Free Email Services
General Information
- Understanding ISPs
- What is Cybersecurity?
- Guidelines for Publishing Information Online
Mobile Devices
- Protecting Portable Devices: Physical Security
- Holiday Traveling with Personal Internet-Enabled Devices
- Cybersecurity for Electronic Devices
- Using Caution with USB Drives
- Securing Wireless Networks
- Protecting Portable Devices: Data Security
- Defending Cell Phones and PDAs Against Attack
Privacy
- Supplementing Passwords
- Effectively Erasing Files
- How Anonymous Are You?
- Understanding Encryption
- Protecting Your Privacy
- Choosing and Protecting Passwords
Safe Browsing
- Shopping Safely Online
- Understanding Bluetooth Technology
- Understanding Website Certificates
- Avoiding Copyright Infringement
- Understanding Your Computer: Web Browsers
- Understanding Internationalized Domain Names
- Evaluating Your Web Browser’s Security Settings
- Browsing Safely: Understanding Active Content and Cookies
Software and Applications
- Understanding Voice over Internet Protocol (VoIP)
- Risks of File-Sharing Technology
- Reviewing End-User License Agreements
- Understanding Your Computer: Operating Systems
- Understanding Patches and Software Updates
Fuente: US-CERT