Latest News Latest News

Microsoft Issues Patches for Defender Zero-Day and 82 Other Windows Flaws

For the first patch Tuesday of 2021, Microsoft released security updates addressing a total of 83 flaws spanning as many as 11 products and services, including an actively exploited zero-day vulnerability.

Read More...

Ransomware Attackers Using SystemBC Malware With RAT and Tor Proxy

Cybercriminals are increasingly outsourcing the task of deploying ransomware to affiliates using commodity malware and attack tools.

Read More...

New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor

The investigation into how the attackers managed to compromise SolarWinds' internal network and poison the company's software updates is still underway, but we may be one step closer to understanding what appears to be a very meticulously planned and highly-sophisticated supply chain attack.

Read More...

US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor

State-sponsored actors allegedly working for Russia have targeted the US Treasury, the Commerce Department's National Telecommunications and Information Administration (NTIA), and other government agencies to monitor internal email traffic as part of a widespread cyberespionage campaign.

Read More...

Watch Out! Adrozek Malware Hijacking Chrome, Firefox, Edge, Yandex Browsers

Microsoft on Thursday took the wraps off an ongoing campaign impacting popular web browsers that stealthily injects malware-infested ads into search results to earn money via affiliate advertising.

Read More...

Zero-Click Wormable RCE Vulnerability Reported in Microsoft Teams

A zero-click remote code execution (RCE) bug in Microsoft Teams desktop apps could have allowed an adversary to execute arbitrary code by merely sending a specially-crafted chat message and compromise a target's system.

Read More...

WARNING — Critical Remote Hacking Flaws Affect D-Link VPN Routers

Some widely sold D-Link VPN router models have been found vulnerable to three new high-risk security vulnerabilities, leaving millions of home and business networks open to cyberattacks—even if they are secured with a strong password.

Read More...

Microsoft Releases Windows Update (Dec 2020) to Fix 58 Security Flaws

Microsoft on Tuesday released fixes for 58 newly discovered security flaws spanning as many as 11 products and services as part of its final Patch Tuesday of 2020, effectively bringing their CVE total to 1,250 for the year. Of these 58 patches, nine are rated as Critical, 46 are rated as Important, and three are rated Moderate in severity.

Read More...

Multiple Botnets Exploiting Critical Oracle WebLogic Bug — PATCH NOW

Multiple botnets are targeting thousands of publicly exposed and still unpatched Oracle WebLogic servers to deploy crypto miners and steal sensitive information from infected systems.

Read More...

Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies

An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar.

Read More...

Contact Us Contact Us

Free Call[OH]: 933

Phone Number: +251-993939270,

                            +251-936825343,

                            +251-944-33-68-02

E-mail: ethiocert@insa.gov.et

P.O.Box: 124498

Download PGP Keys


Report an Incident

Security Awareness Security Awareness

Back

How can I protect myself while online?

How can I protect myself while online?

Verify data is encrypted

When sending confidential information over the Internet such as usernames, passwords, or credit card numbers only send it securely. To verify this look for a small lock in the bottom right corner of your browser window or next to the address bar. If visible, this lock should also be in the locked position and not unlocked.

Internet Explorer 7 secure address bar

We also suggest making sure the URL begins with https as shown above.

While the lock is in the lock position, data is encrypted, which helps anyone from understanding the data if it's intercepted. When no lock is visible or in the unlocked position all information is plaintext and if intercepted could be read. If a webpage is not secure, such as an online forum, use a password you wouldn't use with protected sites such as your online banking website.

E-mail is not encrypted

Websites should not transmit confidential data over e-mail, such as passwords, credit card information, etc. E-mail is not encrypted and if intercepted by a third-party could be read.

Be aware of phishing scams

Familiarized yourself with phishing scams and techniques, which are used to trick you into divulging your account information. Online banking sites, Paypal, EBay, Amazon, and other popular sites that require logins are popular targets.

Use a safe password

Websites that store confidential data, such as an online bank site need to use strong passwords. Also, it is highly recommended that you use a different password for each website that requires a login. If you need help remembering your passwords consider using a password manager.

Use caution when accepting or agreeing to prompts

When prompted to install any program or add-on make sure to read and understand the agreement before clicking on the Ok button. If you do not understand the agreement or feel it is not necessary to install the program cancel or close the window.

Additionally, when installing any program watch for any check box that asks if it's ok to install a third-party program, toolbar, etc. These are never required and often cause more issues than good. Leave these boxes unchecked.

Be cautious where you're logging in from

Business

Your place of work can install key loggers or use other methods of monitoring the computer while online. Someone who has access to this information could read these logs and gather usernames and passwords. Also, do not store any passwords in your browser if your computer is shared with other coworkers.

Wireless network

When on a wireless network realize that all information being sent to and from your computer can be intercepted and read by someone nearby. Prevent this from happening by only logging into a secure network using WEP or WPA. If this is a home wireless network, make sure it is secure.

Friends house

Be concerned when logging into an account from a friends computer. A computer or network you are not familiar with could intentionally or unintentionally log usernames and passwords. Finally, when logging into any site on a friends computer never save the password information on their browser.

Be aware of those around you

While at work, school, library, or anywhere that has people around who could look at the monitor be cautious of anyone shoulder surfing. Someone could watch you type in your password, which would give them access to your account.

If you need everything displayed on the screen to remain private, consider a privacy filter for the display.

Update Internet browser plugins

Often many attackers find security vulnerabilities through browser plugins such as Adobe Flash. Make sure all installed Internet plug-ins are up-to-date.

Secure saved passwords

Make sure to store passwords and login information in a secure area. Never write login information on a sticky note or in a text file that is not encrypted.

To save your passwords we recommend using a password manager, which stores all login information and securely encrypts and password protects that information.

When saving password information in a browser, it may be visible by anyone who has access to your Internet browser. For example, without a master password setup in Firefox anyone can see all stored passwords. [Source: www.computerhope.com]


Values Values

  • Trustworthiness
  • Innovation
  • Scientific
  • Democracy
  • Synergy
  • Saving