2017 and Ahead | The 29th World "Computer Security Day"

[Parsh]

The 30th of November marks the 29th Computer Security Day ━ an unofficial holiday used to raise awareness of Cybersecurity issues that affect us all. At the most basic level, people across the world are encouraged to take the opportunity to create new strong passwords (a major and neglected factor in multiple hacks) and employ better security tools, policies and practices. The annual Computer Security Day is also a useful chance to assess wider cybersecurity implications, and how well industry and individuals are protecting themselves.

Dear fellow forumers, we all can pledge to make efforts towards

• continuing to improve our cybersecurity knowledge and gain a better conscience over the myths and facts of the said subject
• bring one's knowledge into everyday practice and
• aim to educate our immediate (offline) fellows too ━ be it family, friends or co-workers. This chain may be proliferated by them resulting into a bigger benefited cyber-educated society, gradually.

I wish to link a few interesting articles picturing the present (2017) and the predicted state of cyber security ahead:
Predictions for 2018: Cyberthreats in the financial sector | Kaspersky blog
Key Takeaways for Consumers From Our 2018 Threats Predictions Report | McAfee blog
5 things we learned at the Kaspersky Cybersecurity Summit
Supply Chain Cybersecurity: Experts on How to Mitigate Third Party Risk
Equifax had patch 2 months before hack and didn’t install it, security group says
New Research: Mobile Malware Hits Every Business | Check Point blog
Malware That Can’t Clean Its Tracks: CCleaner and Ongoing Supply-Chain Attacks | Carbon Black
Fileless malware: Invisible threat or scaremongering hype | Emsisoft blog
National cybersecurity awareness month: simple steps to online safety | Malwarebytes blog
Smart devices pose security threats | Kaspersky blog
How Deception is Going to Reshape Endpoint Security | Symantec blog
What your business needs to know about GDPR

A few consolidated security articles both beginners and the knowledgeable ones can brush up on:
Answers to common security questions - Best Practices - Anti-Virus, Anti-Malware, and Privacy Software | BleepingComputer
Here Is The Ultimate Guide to Cyber Security to Stay Safe Online
10 ways different Virtualization & Isolation techniques can protect us
Protect your PC with multiple layers of security
Firewall, IPS and IDS, what you should know
How to prevent Identity Theft in 20 steps
Top 10 Security MYTHS debunked
Counter Spoofing Measures to keep you safe
10 Steps to Maximize your Home Wireless Network Security
A Guide to Shopping Online Safely
How Cybercriminals Change Tactics during cyber-attacks
10 Critical Steps over a Data Security Breach
Corporate Security checklist
Built-in Security (Fall Creators Update) | Microsoft
The "NoMoreRansom Project"
Follow with caution: Full Guide to Windows 10 Hardening
Not to forget our wonderful MalwareTips sections harboring quality knowledge & discussions on various matters: Tutorials & Guides
General Security Discussions

Take an initiative for yourself and others:
Unified Network of Instructors and Trusted Eliminators, and how to apply for
50 Cybersecurity Courses you could benefit from
10 Information Security websites to follow

What are your thoughts?

 

[Deleted member 65228]

Going for the basics I am, hopefully I finally won't be a beginner then

 

[bribon77]

I recommend MT and they read. @Opcode @Umbra @Andy Ful, @Windows_Security @cruelsister @Lockdown. etc.

 

[Deleted member 65228]

.I recommend MT and they read. @Opcode @Umbra, @andy full, @Windows_Security, @Cruel sister, @Lockdown. etc.

We should just make one mash-up thread with different chapters which just links the reader to each individual thread/informative post about X subject by all us members here... Setting up configurations, security/privacy awareness, general security/malware research, the most interesting security news in the past X duration, informative but healthy and interesting debates, etc.

It'd be like taking a 5 year course where you'll learn so much and cover things I doubt you would in normal education systems hahahahah

 

[SecretKeeper]

I'm going to dig deep with the Built-In security features of Windows. I mean, I don't visit dodgy sites, I'm careful with where I navigate to, what I click, ads are blocked, etc. I mean, do I really need a free third party anti-virus that eats up resources?

 

[Deleted member 65228]

I'm going to dig deep with the Built-In security features of Windows. I mean, I don't visit dodgy sites, I'm careful with where I navigate to, what I click, ads are blocked, etc. I mean, do I really need a free third party anti-virus that eats up resources?

You could use a suite which feels lightweight and toggle a few features to make it a bit more convenient. For example, real-time scanning only for on-execution instead of for all file read/write requests and maybe some form of dynamic protection.

I mean it is really up-to-you, but my advise would be to have some form of real-time protection as a backup. I don't think it would be wise to not have any real-time security but then again I am in no position to judge you and I am definitely not doing this - remember that you don't know what is around the corner so for all you know tomorrow could be the day a mistake happens. Whatever you do, please make sure you have a backup!

 

[SecretKeeper]

You could use a suite which feels lightweight and toggle a few features to make it a bit more convenient. For example, real-time scanning only for on-execution instead of for all file read/write requests and maybe some form of dynamic protection.

That is true, although getting pestered with mini-ads based on my anti-virus saying my "PC is slow due to junk files" (which is a pack of lies) and constantly reminding me that "My internet activity is public and should use a vpn blah blah" is pushing me to use the Windows-Own stuff.

I mean it is really up-to-you, but my advise would be to have some form of real-time protection as a backup. I don't think it would be wise to not have any real-time security but then again I am in no position to judge you and I am definitely not doing this - remember that you don't know what is around the corner so for all you know tomorrow could be the day a mistake happens. Whatever you do, please make sure you have a backup!

I'll probably use MalwareBytes as a backup. I mean, I'll have Windows' built in Antivirus in the background so I'm not vulnerable.

 

[Deleted member 178]

Learning curve:

so true.

Hazard type are often non-professional resident members in security forums, some often think "they know" but in fact, know very few.

Then, generally, it is when you start working professionally in the field, like in infosec companies,(researcher, etc...), you realize you know even less...and you have to "re-think/re-learn" everything (by yourself or via colleagues) and with a new point of view.

Take my example, in 3 months working in Emsisoft, i learned more than 7 years in various security forums...
The only things that didn't changed much was the knowledge i acquired via testing security softwares. It just get improved.

 

[Parsh]

We should just make one mash-up thread with different chapters which just links the reader to each individual thread/informative post about X subject by all us members here... Setting up configurations, security/privacy awareness, general security/malware research, the most interesting security news in the past X duration, informative but healthy and interesting debates, etc.
It'd be like taking a 5 year course where you'll learn so much and cover things I doubt you would in normal education systems hahahahah

Well that's always a good idea Each section can have a collection of interesting and well-educating threads in that section.. and then a master thread pointing to these ones as an index again. Might as well be a monthly and yearly candidate for the MT blog.

I'm going to dig deep with the Built-In security features of Windows. I mean, I don't visit dodgy sites, I'm careful with where I navigate to, what I click, ads are blocked, etc. I mean, do I really need a free third party anti-virus that eats up resources?

I'll probably use MalwareBytes as a backup. I mean, I'll have Windows' built in Antivirus in the background so I'm not vulnerable.

There are many other options if those advertises are an issue. And as @Opcode has mentioned, you can customize the performance aspect, alerts and verbose level in different security suites.
The basic protection MS is adding is something more than a seat-belt - the ABS, ESC, traction control and more. Windows is now increasingly coming integrated with protection for various vulnerable areas. True, learning and implementing the built-in provisions will be helpful, but maximizing the benefits of the available protection will need digging and testing.
The need for a good supplementary protection to Built-ins doesn't totally depend on your online habits unlike generalized. There are ways in which safe methods can be compromised or affected directly OR us humans can make mistakes at some point.

Learning curve:
View attachment 175032

so true.

Hazard type are often non-professional resident members in security forums, some often think "they know" but in fact, know very few.

Then, generally, it is when you start working professionally in the field, like in infosec companies,(researcher, etc...), you realize you know even less...and you have to "re-think/re-learn" everything (by yourself or via colleagues) and with a new point of view.

Take my example, in 3 months working in Emsisoft, i learned more than 7 years in various security forums...
The only things that didn't changed much was the knowledge i acquired via testing security softwares. It just get improved.

A good graph you shared. There's a distinction between the usual security enthusiasts and the serious security professional-wannabes.