El director de la Agencia de Seguridad de Infraestructura y Seguridad Cibernética (Cybersecurity and Infrastructure Security Agency - CISA) de EE.UU., Christopher C. Krebs, ha emitido una declaración en respuesta al reciente aumento de la actividad cibernética maliciosa, incluidos los ataques de phishing y la fuerza bruta, por parte de actores y representantes del régimen iraní.

CISA alienta a los usuarios y administradores a revisar la Declaración de CISA sobre las Amenazas de la Ciberseguridad y los consejos y las mejores prácticas para mantenerse a salvo en línea, incluidos los siguientes:

• Evitar la ingeniería social y los ataques de phishing
• Spray de contraseñas y ataques de fuerza bruta
• Cómo elegir y proteger contraseñas
• Suplemento a las contraseñas

La lista completa incluye...

Threats

• Protecting Against Ransomware
• Protecting Against Malicious Code
• Securing Voter Registration Data
• Handling Destructive Malware
• Understanding Hidden Threats: Rootkits and Botnets
• Dealing with Cyberbullies
• Avoiding the Pitfalls of Online Trading
• Identifying Hoaxes and Urban Legends
• Understanding Hidden Threats: Corrupted Software Files
• Recognizing Fake Antiviruses
• Recognizing and Avoiding Spyware
• Understanding Denial-of-Service Attacks
• Avoiding Social Engineering and Phishing Attacks
• Preventing and Responding to Identity Theft
• Recovering from Viruses, Worms, and Trojan Horses

General Security Information

• Proper Disposal of Electronic Devices
• Defending Against Illicit Cryptocurrency Mining Activity
• Securing Network Infrastructure Devices
• Securing the Internet of Things
• Before You Connect a New Computer to the Internet
• Home Network Security
• IRS and NCCIC Caution Users: Prepare for Heightened Phishing Risk This Tax Season
• International Mobile Safety Tips
• Keeping Children Safe Online
• Debunking Some Common Myths
• Real-World Warnings Keep You Safe Online
• Understanding Anti-Virus Software
• Understanding Firewalls for Home and Small Office Use
• Good Security Habits
• Coordinating Virus and Spyware Defense
• Safeguarding Your Data

Network Defense and Enterprise Security

• Best Practices for Securing Election Systems
• Questions Every CEO Should Ask About Cyber Risks
• Website Security
• Securing Enterprise Wireless Networks

Email and Communication

• Staying Safe on Social Networking Sites
• Understanding Your Computer: Email Clients
• Understanding Digital Signatures
• Using Instant Messaging and Chat Rooms Safely
• Using Caution with Email Attachments
• Benefits of BCC
• Reducing Spam
• Benefits and Risks of Free Email Services

General Information

• Understanding ISPs
• What is Cybersecurity?
• Guidelines for Publishing Information Online

Mobile Devices

• Protecting Portable Devices: Physical Security
• Holiday Traveling with Personal Internet-Enabled Devices
• Cybersecurity for Electronic Devices
• Using Caution with USB Drives
• Securing Wireless Networks
• Protecting Portable Devices: Data Security
• Defending Cell Phones and PDAs Against Attack

Privacy

• Supplementing Passwords
• Effectively Erasing Files
• How Anonymous Are You?
• Understanding Encryption
• Protecting Your Privacy
• Choosing and Protecting Passwords

Safe Browsing

• Shopping Safely Online
• Understanding Bluetooth Technology
• Understanding Website Certificates
• Avoiding Copyright Infringement
• Understanding Your Computer: Web Browsers
• Understanding Internationalized Domain Names
• Evaluating Your Web Browser's Security Settings
• Browsing Safely: Understanding Active Content and Cookies

Software and Applications

• Understanding Voice over Internet Protocol (VoIP)
• Risks of File-Sharing Technology
• Reviewing End-User License Agreements
• Understanding Your Computer: Operating Systems
• Understanding Patches and Software Updates 

Fuente: US-CERT