Security, as it relates to computers and the Internet, is also known as IT security or cybersecurity; it refers to the techniques that ensure that data stored on a computer, or a network, cannot be compromised or read by anyone lacking the authorization.
Two things that individuals need to be concerned about are their money and their privacy.
Common threats to your money and your privacy include credit card fraud, scams, phishing, viruses and malware, identity theft, e-mail hacking, and tracking.
People are commonly worried about their credit card information being stolen online. This does occur, but it is one of the least scary scenarios. As long as you report fraudulent charges promptly, you won't be held liable for them. Thus, while credit card fraud is a major problem for the credit card companies, it's not usually a major problem for the cardholders.
As for scams, the Internet is the scam artist's dream. Scammers no longer have to meet with their targets one on one, but they can meet millions of gullible people with almost no cost, and low risk, through email. Somewhere from 60-90% of the email appearing in someone's inbox is spam or junk mail. Correctly maintained junk mail filters catch a large portion of it, and most of the rest is deleted or ignored. But if a scammer sends a million emails out, at no cost, and only 0.1% of these emails are read, he has still reached a thousand people. If only one percent of these people are taken in by the scam, he has found ten clients.
Using email as a delivery mechanism, scammers will try to trick people into signing up for expensive services, sending them money, or divulging personal financial information. Some of these scams are illegal, while others are merely unethical.
Phishing is a scheme in which scammers try to get people to divulge sensitive information by pretending to represent the individual's bank, a creditor, a popular online retailer, or even a government agency, doing this by email or through a website that has been made to look legitimate, and which may even have a web address that appears plausible. They might try to entice the individual with good stuff, such as the promise of a free prize or a special opportunity, or they might try to scare the person with bad stuff, like freezing their bank account, or they might tell the person that their account has been hacked. Whatever the pretense, the goal is to get the individual to give up information like passwords, credit card numbers or other financial details.
Emails are also used to trick people into accessing websites that use malicious code to secretly download and install malware or viruses to their computer. This malware may be used to steal information, cause senseless harm to the computer, or to use the resources of that computer to attack a third-party computer or network.
When someone uses private information about another party in order to impersonate that other party, which is known as identity theft. When they use this information to steal from the victim, it is known as identity fraud. This is the most serious threat that the average Internet user is likely to face. When someone has all of the information necessary in order to pretend to be another person, they can drain that person's bank accounts, open credit cards in the other person's name, and even take out loans in the other person's name. In extreme cases, people have even lived as another person. When the bills come due, it is up to the victim to persuade the banks, credit card companies, and creditors that they had been defrauded, and they are likely to be left with an insurmountable black mark in their credit history.
Identify theft is sometimes made possible through email hacking, which is when someone manages to access another person's email account. When a password is forgotten, access is usually regained by email. The hacker can use automated password resets to change bank and credit card passwords, locking out the actual account holder, giving themselves full access. The hacker might also use the email accounts of their victims to get money from the victim's friends and family members. Often, the email hacker sells this information to another party.
Of course, there is also the fact that our movements, online and in real life, are being tracked by government agencies, corporations, and others. People freely give away bits of personal information for the promise of a free service.
These are some of the direct attacks that may be waged against you through your computer or Internet connection, although your personal information is more likely to be obtained through large-scale hacking of corporate or government websites. We cannot secure these websites, but we can reduce the amount of information we give them or change this information regularly.
Security and antivirus software will be listed in that category, linked below.
Categories
@Security & AntivirusFirewalls | Virtual Private Network |
Recommended Resources
Headquartered in Portland, Oregon, Anitian can deploy a complete cloud environment, preconfigured to meet compliance requirements, including systems, controls, and policies. Its products feature its Compliance Automation (CA) platform, which builds, configures, and monitors cloud environments to accelerate compliance for standards like FedRAMP, PCI, ISO/GDPR, and CJIS. Its products, services, and other resources are highlighted, including case studies, videos, and podcasts.
http://www.anitian.com/
Arcade Cow is a guide to computer and Wi-Fi security, suggesting a list of things that can be done to keep a Wi-Fi network secure, including how to choose the best antivirus. Various antivirus options are reviewed, and the structure of a wireless Internet network is discussed, including inherent weaknesses that can be avoided, as far as things not to do as well as things that should be done in order to enhance the likelihood of a secure network. Contacts are posted.
http://www.arcadecow.com/
The site features free online tools intended to help discover security flaws, uncover privacy leaks, and spot website errors. These include an online firewall test, a check for a digital footprint, Internet speed test, an anti-spam tool, a sitemap generator, a free website monitoring tool, and a test that will trace a user’s current IP, reporting what is known as the IP address assigned to the user’s router, along with an account of what information is publicly available.
https://www.auditmypc.com/
Founded in 2010, and headquartered in London, the company is active internationally, offering a wide variety of cybersecurity and reputation management services, software and hardware solutions, training and capacity building services, consultancy, and client-based services for private and public sector clients. Its cybersecurity products, national cybersecurity platform, active cyber-defense platform, digital opinion mapping, and analysis services, and protection services are highlighted.
https://www.awesomeresources.co.uk/
Active throughout the United Kingdom, specializing in cloud security for businesses and organizations, the company offers Hybrid Web Security, a Web filtering platform, as well as CensorNet Professional, an on-premises Web filtering and security proxy that allows users to control various aspects of Web access, and CensorNet Desktop Surveillance, a client-server solution that monitors, records, and analyzes real-time activity on desktops, virtual desktops, terminal services, and remote desktops.
https://www.censornet.com/
Check Point Software Technologies Ltd.
Headquartered in Israel, Check Point is an international provider of hardware and software products for IT security, distributed largely through software-as-a-service (SaaS) or infrastructure-as-a-service (IaaS) models. The company provides cloud services, network security products and services, security management, threat prevention, and consolidated security solutions, each of which is highlighted here, along with its support services and partnerships.
https://www.checkpoint.com/
Comodo is a cybersecurity company founded in the United Kingdom in 1998 but now based in New Jersey, focusing on computer and Internet security products and services, including the issuance of SSL certificates, and participation in the Internet Engineering Task Force (IETF) DNS Certification Authority Authorization (CAA) Resource Record. Its products, services, SSL certificate services, partnership program, and home and business offerings are included.
https://www.comodo.com/
Part of the Colorado State University system, CSU Global was the first independent, regionally accredited, 100% online state university in the country. The CSU Global Undergraduate Certificate in Cyber Security is designed for the IT professional or someone interested in the IT field, offering a standalone, transcribable, nationally recognized certificate for completion of the course, which is eligible for Title IV financial aid. Other courses offered by CSU Global may also be viewed.
https://learn.csuglobal.edu/undergrad-certificate-cyber-security
The purpose of this site is to provide coverage of cybersecurity educational opportunities and information, including articles providing guidance and detailed research into the various degree programs in cybersecurity fields, including associates, bachelors, masters, and doctorate degree programs, as well as graduate certificates in cybersecurity. Informational resources include tips on preparing for a job in the field, finding a job in the field, and transitioning from IT to cybersecurity.
https://cybersecuritydegrees.com/
Cybersecurity & Infrastructure Security Agency
Established in 2018, CISA is a standalone US federal agency, under Department of Homeland Security oversight, responsible for cyber protection, infrastructure resilience, emergency communications, and the operations of its National Risk Management Center, which plans, analyzes, and collaborates with other agencies and the private sector to identify and address the most significant risks to the nation’s critical infrastructure. Reports, informational articles, and other media are included.
https://www.cisa.gov/
Cybersecurity Talent Initiative
The Cybersecurity Talent Initiative is the first public-private partnership aimed at recruiting and training a world-class cybersecurity workforce, and a selective opportunity for students in cybersecurity-related fields to gain vital public and private sector work experience while receiving student loan assistance. Selected participants are guaranteed a two-year placement at a federal agency with cybersecurity needs. Applicant information and program requirements are stated.
https://cybertalentinitiative.org/
Beginning in 1993, DEF CON (DEFCON, Defcon, DC) began as a BBS convention but quickly evolved into one of the largest hacking conventions. Held annually in Las Vegas, attendees today include computer security professionals, journalists, lawyers, government employees, security researchers, hackers, and students with an interest in software, computer architecture, hardware modification, and related topics. Archives, schedules, groups, and forums are featured.
https://www.defcon.org/
The company helps security analysts to turn threat data into threat intelligence by taking indicators from clients’ websites, including domains and IPs, and connecting them with nearly every active domain on the Internet, which informs risk assessments, helps to profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Its products, solutions, and partners are noted, and user guides, white papers, survey reports, and case studies are included.
https://www.domaintools.com/
Among other things, the Federal Bureau of Investigation investigates cybercrime. The FBI is the lead federal agency for investigating cyber attacks by criminals, overseas adversaries, and terrorists. Currently, its key priorities are computer and network intrusions and ransomware attacks, each of which is highlighted here, along with related priorities, initiatives, and partnerships. Tips on protecting your computer from intrusion, and to safe online surfing, are given.
https://www.fbi.gov/investigate/cyber
Operated by Paul Graham’s investment fund and startup incubator, Y Combinator, Hacker News is a social news aggregator. According to its guidelines, anyone can submit a story to the site, the criteria for inclusion being anything that gratifies one's intellectual curiosity, but probably not stories about politics, crime, or sports, the primary focus being computers, the Internet, and technology. Comments may also be added. Rules are posted and members may also receive karma points.
https://news.ycombinator.com/
Integrated within the McAfee Personal Firewall, HackerWatch is an online community in which users of the McAfee Personal Firewall can report and share information to identify and block online security threats and unwanted traffic, allowing for notification of the appropriate ISPs and removal of the offender’s Internet access. Its website features event statistics and recent port activity, as well as answers to frequently asked questions (FAQs) about the service, and other information.
http://www.hackerwatch.org/
IBM Security develops intelligent enterprise security solutions and services to help businesses prepare for the security threats of the future, to prepare businesses for addressing risk and uncovering threats, proving compliance with industry standards, and to make security an integral part of the organization. Artificial intelligence, orchestration, cloud cybersecurity, and crowd-sourced cybersecurity solutions are discussed. IBM solutions are highlighted.
https://www.ibm.com/security
The site offers free technical training for IBM Security products. Interested persons may explore the course catalog and build their own curriculum by enrolling in courses. Featured product areas include Security Intelligence QRadar, Guardium, Access Manager, Identity Governance, Resilient Systems’ Incident Response Platform, Mobile Security: IBM MaaS360, Identity Manager, and IBM Trusteer. Various IBM user groups may also be joined, and a calendar of events is posted.
https://www.securitylearningacademy.com/
The website of ICSA Labs, a division of Verizon, that sets the standards for information security products and the security industry's central authority for product certification, research and intelligence within the company. The website also provides the latest news and events on the security industry, certification goals and objectives, certification programs and products on anti-spyware, firewall and others. The website also provides employment opportunities.
http://www.icsalabs.com/
Based in Valencia, California, InnovaSafe is a veteran-owned, independent management organization that specializes in intellectual property risk management services to clients throughout the world. Featured is a corporate profile, an overview of its services, benefits, disaster recovery co-location, source code deposit verification services, and storage facilities. Links to articles referencing the corporation are posted, along with a list of intellectual property and software associations.
https://www.innovasafe.com/
Created in 2001, the ISC provides a free analysis and warning service to Internet users and organizations, while actively cooperating with Internet Service Providers to fight back against malicious Internet attackers. News and alerts related to cybersecurity issues are published to the site, including a threat level. Other resources include podcasts, employment opportunities, and links to various tools that may be of use to protect against online threats. Interactive forums are included.
https://dshield.org/
Affiliated with Iomart, Netintelligence can protect a single office, branch offices, and even mobile workers simply and cost-effectively, delivering Internet security to all of the PCs and laptops in a system, regardless of their physical location or type of network they are connected to. Through the control panel, different levels of protection can be chosen, depending on departments, groups, or locations. Its features, services, and options are listed, and a quote may be requested.
https://www.iomart.com/netintelligence/
Founded in 1998, Neustar acquired Verisign’s security services customer contracts in 2018, including DDoS protection, DNS firewall, and managed and recursive DNS services customer contracts, as well as security and customer intelligence services, each of which are highlighted here, along with a client list, client testimonials, an overview of the types of industries that the company serves, and contacts. Also included are white papers, infographics, and product literature.
https://www.home.neustar/
Founded in 2017, Private Proxy Guide is independently owned and operated, offering informational articles and instructions for setting up and using a virtual private network, information on proxy servers, and other ways to keep browsing history safe and private, as well as other security concerns. A guide to proxy services is included, with reviews and details of various proxy services, payment options, and discount coupons for premium proxy services.
https://www.privateproxyguide.com/
Created by Google, reCAPTCHA is a free service that protects websites from spam and abuse, using an advanced risk analysis engine and adaptive challenges to prevent automated software from gaining access to a website for the purpose of engaging in abusive activities, while allowing valid users to pass with ease. An introduction, guides, and full documentation are featured, with instructions for frontend integration, placement on the website, and interpreting scores.
https://www.google.com/recaptcha/
Maintained by Kaspersky Lab, Secure List offers information about viruses, malware, and other online threats, including mobile threats, financial threats, spam and phishing, industrial threats, vulnerabilities and exploits, and web threats, as well as APT reports, research reports, incident reports, security bulletins, malware reports, and publications. Other information includes cybersecurity statistics, an encyclopedia of cybersecurity topics, descriptions, and solutions.
https://securelist.com/
The UK-based company has a team of cybersecurity consultants, each trained to a high level within the ethical hacking field, having obtained CEH, OSCP/Kali, CREST, Tiger, and SANs certifications, as well as Microsoft/Cisco/Linux qualifications. The company offers managed security services and penetration testing to an international clientele, as well as website security audits, security consulting services, and related services. An informational blog is included.
https://www.security-audit.com/
SecurityFocus is the web's most trusted source of security information and the largest community of security professionals. The website offers security related news and provides information on vulnerabilities for all platforms and services as well as in depth security related feature articles covering areas that includes foundations, Microsoft, Unix, IDS, incidents, virus, pen-test and firewalls. The website also provides helpful tools and features job opportunities.
http://www.securityfocus.com
The cybersecurity software company, based in New Jersey, offers products to protect an organization’s sensitive data and the credentials attackers use to steal that data. By removing inappropriate data access, the enforcement of sound security policies, and the detection of advanced threats, the company reduces security risks, fulfills compliance requirements, and decreases operational expenses. Its products, services, partners, and customers are highlighted.
https://www.stealthbits.com/
SearchSecurity is a source of knowledge in the security industry, with access to free online information security training courses in its Security School, offering courses in cloud security, data protection, identity access management, compliance, and others, many featuring video seminars and review quizzes eligible for CPE credits. SearchSecurity also offers a CISSP Certification Essentials Security School, with access to relevant training materials and practice exam questions.
https://searchsecurity.techtarget.com/
Thawte is a global certification authority that issues SSL and code signing digital certificates that are used to globally secure servers, provide data encryption, authenticate users, protect privacy, and assure the safety of online identities through stringent authentication and verification processes. Its SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates, SGC SuperCerts, and Extended Validation SSL Certificates. Guides are available for download.
https://www.thawte.com/
Founded in 1997, and headquartered in Colorado, Webroot is a global Internet security company. In 2019, the company was acquired by Carbonite, which was itself acquired by OpenText, and offers cybersecurity products that include endpoint protection and disaster recovery for businesses of any size, as well as products for home computers. Offered through SaaS, its products include antivirus protection, WiFi security, DNS protection, and others.
https://www.webroot.com/
Powered by XenForo, the online discussion forum is focused on topics related to cybersecurity, such as mobile device security, firewalls, anti-virus software, anti-malware software, update alerts, privacy technologies, encryption, and other issues of privacy, as well as security issues and news, and various discussions relating to software, hardware, and general services. Product discussions include Biniware, BrightFort, and Leapfrog Software. Registration is required for participation.
https://www.wilderssecurity.com/
