OUCH! is the world’s leading, free security awareness newsletter designed for the common computer user. Published every month and in multiple languages, each edition is carefully researched and developed by the SANS Securing The Human team, SANS instructor subject matter experts and team members of the community. Each issue focuses on and explains a specific topic and actionable steps people can take to protect themselves, their family and their organization. OUCH! is distributed under the Creative Commons BY-NC-ND 4.0 license. You are free to distribute OUCH! within your organization or to your customers as part of your security awareness program, or share OUCH! with your family, friends and coworkers. The only limitation is you cannot modify nor sell OUCH!.
Click the link below to see the current Cyber Security Awareness Newsletter and Newsletter Archive.
Security Tip (ST15-002)
Home Network Security
The US Department of Homeland Security’s (DHS’s) US-CERT has released revised guidance for securing home networks. Apart from the standard advice of updating software regularly, creating strong passwords, and being wary of possible malicious links, users are advised to install a firewall and enable wireless security on routers.
Home network security refers to the protection of a network that connects devices to each other and to the internet within a home. Whether it’s staying in touch with friends and family, paying your bills electronically, or teleworking, the internet enables us to accomplish tasks more efficiently and conveniently from the comfort of our own homes. However, as we increasingly embed technology into our daily lives, the risk of security issues also increases. As a result, it’s imperative that home users understand and remain vigilant about the risks of being connected to the internet and the importance of properly securing home networks and systems.
…with home users and small businesses said to be vulnerable to these exploits, there are concerns that these individuals and organisations will remain vulnerable to attacks because the users don’t understand how to secure the devices.Even the NCSC advisory says the very reason attackers select these devices is they’re known to be vulnerable and are often not patched.”Network devices are often easy targets. Once installed, many network devices are not maintained at the same security level as other general-purpose desktops and servers,” said the advisory.It added how few of these devices run antivirus or security tools and that “manufacturers build and distribute these network devices with exploitable services, which are enabled for ease of installation, operation, and maintenance”.The report urges manufacturers not to design products to support legacy or unencrypted protocols and to design the devices so that users are required to change the default passwords before using the device.