Throughout this post we'll refer to our subject as Malware, since we're not just referring to computer viruses but all sort of harmful software which is itself Malware. So here are some myths about Malware that either you've heard, or you already believe with.
1. Malware spreads in Hardware. This is entirely crazy for me. Malware are software, and they can only affect software. No malware can eat your GPU nor make your processor break its pins, so if your computer gets infected, transferring some of your hardware peripherals and parts won't matter. They cannot infect other computers, except for your hard disk drive, for this is where the malware is saved. Actually nowadays some malware developers have included their works of art in some specific hardware such as printers and other removable media. Now this rarely happens as those who do this aim on targeting only specific systems. They do not really intend to cause so much ruckus but mostly focus on breaking into systems.
2. Once you get infected, Malware will spread, even with your system off. Just as mentioned before, every malware is a piece of software, so it requires a functional operating system to propagate. It cannot run with just itself and infect your hard drives without your fake Windows operating systems installed and more obviously, it will not work if your computer's power is off. This is the same with your removable storage devices such as flash drives. The phase of infection starts when your device is plugged in. So no matter how fast you transfer your data into your device or into your computer, if the host computer is infected with a removable-media-spreading malware, it will get a copy of the malware even before you start what you will do. Moreover, malware do not actually run on the flashdrive, but on the host computer itself. If you ever find your device attached with something like a malware and whenever you delete it, it just comes back, then you probably have that one running in your system.
3. I have one or more Anti-virus (AV) software, so I am protected. This is never true. No matter how expensive nor whoever created your AV, you still have a chance of catching a malware in some way. Everyday, tens of thousands of new variants of malware are created. Even if these AV companies get a hold with most of these, there are still some malware out there in the wild that are still unrecognized by your AV. Even installing all of those AVs that you know won't make you invulnerable and actually, that is a big waste of your computer resources. Practically, you only need one AV Software. These AV Software are almost the same with their services, though some of them offer some other feature that are not present with the other ones. So generally, if you want malware protection, grab only one AV software and always have it updated. No AV is good without an update.
4. Viruses can destroy any sort of file. Viruses, also known as file-infecting malware, are also coded or made by humans, not computers themselves, so they only have specific and limited features. Most viruses spread by infecting .exe, .com and .scr files in a system, while some target only specific files such as .doc and other ones. There is a very rare sort of malware that encrypt a lot of types of files, rendering them unusable without the aid of the creator of the malware itself. This sort of malware is also known as Ransomware, where the malware encrypts files, making it only reusable with the use of a certain password, which can only be obtained from the maker of the malware himself. However, these ransomware do not encrypt all sort of files
5. You cannot catch malware from image files. These malware folks have already made a way for you to catch their pets by just opening a simple image. These images, when opened, executes a set of commands which initiates the malware, or just downloads the malware itself.
6. AV Companies create malware. If you are in the Infosec industry, you probably already understand this. These companies are already busy coping up with the battalion of malware that are created every minute, and the developers of these malware already outnumber them. I do not work for any AV Company and this one may sound possible, but it is not.
7. You won't catch malware if you don't download or transfer files from removable storage devices. Another falsity. There are hundreds of ways on how you can catch malware, such as simply browsing webpages, or being connected over a local network or the internet itself, depending on your level of security.
There are a lot of other funny myths out there that I might have possibly missed in this post. Whatever those are, it's up for you to decide whether they are true or not. Just always remember, Vigilance is the best protection.
Read more...
One of the basic issues about passwords is simplicity. The simpler a password is, the more it is prone to being compromised. Imagine your password for example is a series of numbers, say 416352, normally you would type it in the numpad since it is easier there. With this, anyone with the intent of stealing your password does not have to memorize the sequence of characters, but instead look at the pattern of how you type them through the numpad. Now this seem too simple of a scenario, but it always happen, and some are even worse, where the victim's password is as simple as his nickname. 