computing security
play

Computing Security @ Carnegie Mellon University John K. Lerchey - PowerPoint PPT Presentation

Feb 09, 2024 •209 likes •301 views

Computing Security @ Carnegie Mellon University John K. Lerchey Information Security Office lerchey@andrew.cmu.edu Start with the Basics Patching Antivirus and anti-malware software Strong passwords Be aware of Theft

  1. Computing Security @ Carnegie Mellon University John K. Lerchey Information Security Office lerchey@andrew.cmu.edu

  2. Start with the Basics • Patching • Antivirus and anti-malware software • Strong passwords • Be aware of Theft – (Computer, Account) • Back up your data • Read our Policies and Guidelines • Take advantage of our tools: – Identity Finder, Anti-Phishing Phil, Anti-Phishing Phyllis, ISO Patch-Check

  3. What’s infecting the Campus now • Fake A/V – fake antivirus that ties up the system with pop-ups, sometimes installs backdoors or other malware. • Zbot/Zeus - acquired from phish messages, causes spamming, steals banking credentials. • Torpig – identity stealer, reboots the computer, lodges in the MBR, hidden.

  4. Why are computers getting compromised? • Unpatched Java, Adobe Reader and Adobe Flash. • Rotating web-ads are often involved. • Downloading exploits with P2P. • Clicking on e-mail objects. • Clicking on pop-up windows • Passing around infected USBs.

  5. Be Afraid • CMU is a big target (reputation). • People inside are always trying out new hacker tools on this network. • People from other countries want your credentials to get Library/other resources. • 51% of students participating in a phish study fell for phishing attempts on day one (IDtheft study, 4/2009).

  6. A Few Words About Phishing… • Computing Services will NEVER ask for your password • Notices from Computing Services will always come from a valid Carnegie Mellon email address • General announcements can be verified at: http:www.cmu.edu/computing/news

  7. What ISO Sees • Signatures, flows, logs. • Only the most egregious stuff, and not all of it. • Events and incidents reported to us. • We pay much more attention to administrative systems.

  8. What you can do • Take advantage of the antivirus/anti-malware software on Computing Services’s site: http://www.cmu.edu/computing/software/all/index.html • Take advantage of the ISO Patch-Check tool https://www.cmu.edu/iso/patch-check/ • Follow the polices and guidelines • Be careful with “course software” and projects • Register your computer with the CMU Police http://www.cmu.edu/police/programsandservices/crime- prevention.html

  9. Questions? Information Security Office (ISO) iso@andrew.cmu.edu www.cmu.edu/iso Computing Services Help Center: 412-268-4357

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Com puter Security Part One Security as a subject Security is an old problem in the

Com puter Security Part One Security as a subject Security is an old problem in the

Com puter Security Part One Security as a subject Security is an old problem in the computing world, and are parallel to even older problems outside computing Required level of security is always related to what you protect

237 views • 23 slides
1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

Agenda Related Polices to Cloud Computing I. Guidelines for Information Security of Cloud II. Computing Cloud Security Certification Scheme in KOREA Cloud Security Certification Program in Korea III. April. 11, 2017 Jungduk (JD) KIM, Ph.

403 views • 5 slides
www.unique-project.eu Exchange of security-critical data Computing Device Computing Device

www.unique-project.eu Exchange of security-critical data Computing Device Computing Device

www.unique-project.eu Exchange of security-critical data Computing Device Computing Device generates, stores and processes security-critical information 2 PUFs: Myth, Fact or Busted? CHES 2012 However: Cryptographic secrets can be leaked

443 views • 26 slides
Chapter 10 Trusted Computing Trusted Computing Chapter 10 and Multilevel Security and

Chapter 10 Trusted Computing Trusted Computing Chapter 10 and Multilevel Security and

Computer S ecurity: Principles and Practice Chapter 10 Trusted Computing Trusted Computing Chapter 10 and Multilevel Security and Multilevel Security First Edition by William S tallings and Lawrie Brown Lecture slides by Lawrie

636 views • 40 slides
Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing Storage Computation High availability No maintenance Decreased Costs Elasticity & Flexibility Security and Privacy for Cloud

529 views • 36 slides
Computing Security @ Carnegie Mellon University Allison MacFarlan Wiam Younes & Training

Computing Security @ Carnegie Mellon University Allison MacFarlan Wiam Younes & Training

Computing Security @ Carnegie Mellon University Allison MacFarlan Wiam Younes & Training and Awareness Information Security Coordinator Engineer Five Computing Security Tips Back to the Basics Patching Antivirus and

342 views • 11 slides
Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc

Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc

Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc Langheinrich Institute for Pervasive Computing Institute for Pervasive Computing ETH Zurich, Switzerland Approaches to Security & Privacy in

749 views • 39 slides
Security for Pervasive Computing CS239 Kevin Eustice V. Ramakrishna 4/24/06 What is Pervasive

Security for Pervasive Computing CS239 Kevin Eustice V. Ramakrishna 4/24/06 What is Pervasive

Security for Pervasive Computing CS239 Kevin Eustice V. Ramakrishna 4/24/06 What is Pervasive Computing? One Vision of Pervasive Computing PHYSICAL INTEGRATION Coffee Shop Personal Network Change route! My location? L o c a t i

318 views • 20 slides
SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson

SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson

SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson Research Security / Lund University 1 2019-03-01 B. Smeets LiTH course Goal of this lecture Understand trusted computing and its purpose Threats

794 views • 66 slides
SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson

SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson

SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson Research Security / Lund University 1 2020-02-28 B. Smeets LiTH course Goal of this lecture Understand trusted computing and its purpose Threats

1.42k views • 65 slides
Computer Security environment, without compromising functionality or security? Three parts

Computer Security environment, without compromising functionality or security? Three parts

9/7/2013 Some topics Im working on Computing on encrypted data Information flow: Dynamic IFC in Haskell, web Sandboxing Untrusted JavaScript Third party web tracking and other web security stories Practical web security

572 views • 21 slides
Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud Computing model. Presented By: Marissa Hollingsworth Overview What is Cloud Computing? Unique Security Concerns in the Cloud

556 views • 34 slides
Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The

Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The

Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The Open University, GB http://www.umlsec.org Challenge: Security Security is holistic property: Attackers often circumvent (not: break) mechanisms.

639 views • 36 slides
Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a

Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a

Cloud Security & Cryptography I Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a vital resource Enterprises, governments, scientists, consumers, Computing is manageable at small

955 views • 51 slides
Security 101 Definition of Information Security Information security is the protection of

Security 101 Definition of Information Security Information security is the protection of

Computing Services Information Security Office Security 101 Definition of Information Security Information security is the protection of information and systems from unauthorized access, disclosure, modification, destruction or disruption. The

469 views • 22 slides
Security Service Challenge & Security Monitoring Jinny Chien Academia Sinica Grid Computing

Security Service Challenge & Security Monitoring Jinny Chien Academia Sinica Grid Computing

Enabling Grids for E-sciencE Security Service Challenge & Security Monitoring Jinny Chien Academia Sinica Grid Computing OSCT Security Workshop on 7 th March in Taipei www.eu-egee.org 1 Jinny Chien, ASGC Training and Dissemination

1.05k views • 39 slides
New Zealand Consumers Price Index: Retrospective superlative index and impact of alternative

New Zealand Consumers Price Index: Retrospective superlative index and impact of alternative

New Zealand Consumers Price Index: Retrospective superlative index and impact of alternative housing weights Overview This paper presents: results of a retrospective superlative CPI index between the June 2002 and 2006 quarters a

476 views • 26 slides
Classy Niners HANDICAP PRESENTATION Hanna Davey, Handicap Chair Briefing Topics HANDICAP

Classy Niners HANDICAP PRESENTATION Hanna Davey, Handicap Chair Briefing Topics HANDICAP

Sun City Shadow Hills Classy Niners HANDICAP PRESENTATION Hanna Davey, Handicap Chair Briefing Topics HANDICAP What is a Golf Handicap Establishing a Handicap Index vs. Handicap Posting Scores Equitable Stroke Play What is

144 views • 13 slides
2018 BFG Q2 Webinar Equity Market Divergence with Tariff Headlines 2nd Quarter Market

2018 BFG Q2 Webinar Equity Market Divergence with Tariff Headlines 2nd Quarter Market

2018 BFG Q2 Webinar Equity Market Divergence with Tariff Headlines 2nd Quarter Market Recap 2 nd Quarter Divergence 2 nd QTR YTD 2017 Stock Markets Domestic Large Cap Equity Index 1 3.43% 2.65% 21.83% Domestic Small Cap Equity

516 views • 27 slides
Counting is Hard: Probabilistically Counting Views at Reddit Krishnan Chandra, Data Engineer

Counting is Hard: Probabilistically Counting Views at Reddit Krishnan Chandra, Data Engineer

Counting is Hard: Probabilistically Counting Views at Reddit Krishnan Chandra, Data Engineer What is probabilistic counting? How did probabilistic counting help us scale? Overview What issues did we face along the way? What is

826 views • 38 slides
The measurement of PPPs and the measurement of poverty AN GU S D E ATON W OR LD B AN K J U N

The measurement of PPPs and the measurement of poverty AN GU S D E ATON W OR LD B AN K J U N

The measurement of PPPs and the measurement of poverty AN GU S D E ATON W OR LD B AN K J U N E 16 , 2 0 14 Two topics ICP 2011 The new PPPs, why are they so different from what was anticipated? Work jointly with Bettina Aten,

658 views • 27 slides
Job Order Contract (JOC) Audit Laura L. Doud Long Beach City Auditor What Is a Job Order

Job Order Contract (JOC) Audit Laura L. Doud Long Beach City Auditor What Is a Job Order

Independence you can rely on Job Order Contract (JOC) Audit Laura L. Doud Long Beach City Auditor What Is a Job Order Contract (JOC) Program? Meant to maintain competitive pricing and move along small-scope construction projects

462 views • 15 slides
was quite a good presenter before, the improvement was dramatic. Your workshop has been

was quite a good presenter before, the improvement was dramatic. Your workshop has been

1 Ace that presentation How to define, di ff erentiate and distinguish yourself This was a breakthrough for me. Even though I felt I was quite a good presenter before, the improvement was dramatic. Your workshop has been the

434 views • 16 slides
modeling rules for HRVs and ERVs PHIUS Technical Committee John Semmelhack Stuart Fix 9 th

modeling rules for HRVs and ERVs PHIUS Technical Committee John Semmelhack Stuart Fix 9 th

Changes to PHIUS+ energy modeling rules for HRVs and ERVs PHIUS Technical Committee John Semmelhack Stuart Fix 9 th Annual North American Passive House Conference (2014) Which one is the best HRV? Unit #1: PHI N-eff = 80%, 0.42 W/cfm

692 views • 55 slides

More recommend