Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Securing your Windows machine and files

  1. #11
    Join Date
    Nov 2004
    Posts
    5,192
    Rep Power
    25

    Default

    Quote Originally Posted by owen View Post
    This whole thing about email link clicking has got to be dispelled. Clicking the link cannot infect the computer (major browser or email client hole). A download then execution of the payload must occur. Its probably a 2 step process. An infected Word, PDF, Excel or ZIP might be easily downloaded then opened by a user but I remember seeing office showing so warnings on possible infected files - not sure what libre office does. If a user gets a exe directly in a email and is somehow convinced to run it for a prize then the fact that they are not an admin user should be enough of a hurdle. Unless of course its kids that want to install roblox (never give kids admin rights).
    Thanks for spelling it out. But you're right. It's not just clicking a link. It's allowing a script to run or opening a file. However, persons that click the link are usually the weakest link. I had a customer get ransomware twice from the same user. They clicked phishing links and opened the files. I had backups in place so the office was fine. But as I said. It just takes one. Or as Linkin Park said. It starts with one.
    Knowing the solution doesn't mean knowing the method. Yet answering correctly and regurgitation are considered "learning" and "knowledge".

  2. #12
    Join Date
    Jan 2005
    Posts
    2,007
    Rep Power
    22

    Default

    Quote Originally Posted by owen View Post
    This whole thing about email link clicking has got to be dispelled. Clicking the link cannot infect the computer (major browser or email client hole). A download then execution of the payload must occur. Its probably a 2 step process. An infected Word, PDF, Excel or ZIP might be easily downloaded then opened by a user but I remember seeing office showing so warnings on possible infected files - not sure what libre office does. If a user gets a exe directly in a email and is somehow convinced to run it for a prize then the fact that they are not an admin user should be enough of a hurdle. Unless of course its kids that want to install roblox (never give kids admin rights).
    its quite a distance before a system is compromise - but like domino effect - it just needs the first stage to be initialize
    _ _ _ _________ _ _ _ _______ _ _ _
    *Intelligent people can take hints
    Preferred Phone OS: Android

  3. #13
    Join Date
    Nov 2005
    Posts
    2,575
    Rep Power
    21

    Default

    Some software can be installed without Admin rights as it only needs to run as the same permissions that user has. So it can keylog that same user and get access to all their passwords. Also it doesn't take Admin rights to encrypt all the documents/files belonging to the same user. Just like how I can as a normal user encrypt or password protect a document the malware can do the same.

    These same user based applications can also exploit other applications if it has a hole. Its the same cat and mouse game mentioned before. I have learned that applications in general are not safe which is why there are patches. Privilege escalation is a real thing and occurs on both Windows and Unix.

    I have personally seen companies hit in Jamaica with ransomware and the source did not have Admin rights to their machine. Emails should just be banned in general but its so easy and convenient. Users unfortunately just click on anything.

  4. #14
    Join Date
    Feb 2003
    Posts
    3,184
    Rep Power
    0

    Default

    I have seen blame put on XP or Windows 7 or HTTP, whatever thing is the flavour of the week - most times people just dont know how they got hacked. But in reality the problem is often a issue of too many admins, not enough attention to detail and not enough control over our own networks. For all we know our very own service providers could be hosting a botnet hacking our networks. Windows keeps adding new holes into my operating system to expand adobe's/microsoft's need to turn everything in a service. These new services are often the best place to attack.

    make your software libraries read only. viruses could be lurking in your executables/dlls.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •