hello and welcome to P C Security Intermediate Course.
In this lesson, I will be talking about a tax collectors directed to programs,
especially what are the specific attack directors, that they're aiming only applications and how to protect against its attacks. So problems and such are less interesting to cybercriminals. And unless it's a special case, so programs are usually used only in targeted attacks,
because what we what we have as, ah, focus off cyber criminals is to use exploits to create backdoors, to create loaders and thieves and those programs that you already have in your PC. Unless, uh,
remember when I was talking about non petty attack,
which was delivered through soft after update, then these programs are not so interesting for for cybercriminals.
So is it mentioned Right now? The attacks on the programs are through program, I updates. And then we have viruses which are spreading in most different ways, like USB fishing or some kind of shady APS that user might download for whatever reason.
Uh, there are no special ways to protect
your programs, which is compared to rest of your PC. So you need anti malware software, and I spoke about that in detail ing in previous module. So you know how to choose one how to make
work and that you need to constantly check it for efficiency.
The second thing is to
make sure that all the updates off all the software is that your
users are employees air using in your company. They're not installed automatically, so you block all these features they don't install automatically. So whenever updates appears, you create isolated environment. Or like it's usually called an island,
which is separated from the rest of the network in which you have couple of PCs. And then you do update a one PC, and then you start waiting to see if something is going to happen
to the other machines or just to that machine. So if if this thing is happening,
then uh, then you see that something is wrong on everything. If everything is clear, if it gets clearance, then you can push the update toe the all the other pieces in the network.
It's usually done through some a regular update. Or if you have some desktop management software in your company applied, then you can use it to push the update of this after
uh, prevent and to help you with the whole idea off you're doing updates in isolated environment
is that you prevent users from being get mons toe their accounts
so that no program installation or update can around automatically. It has to be
pushed from the above.
So this is all about protecting programs. And, uh, so let's do the short learning check. So the question for you is how do you protect from update attacks?
Is it to prohibit users from updating programmes easy to use only their based application? Or is it to install updates in an island environment?
And the correct answer is to install updates in island environment, prohibiting users from updating programs.
It still is okay, but it's not enough. You have to install the update actually and tested in isolated environment, because if it's not isolating environment and it contains some kind of Mallory can still spread through the entire network, it doesn't matter that you have
you're doing it just for testing.
Okay, This video have learned about the tax collectors and programs and the method of prevention. So as a
mentioned there just to essentially one is toe have a good downtime. Our soft around your machine and the other one is to prevent updates from being run automatically.
Next lesson. I will be talking about limiting users rights, which is very important thing for protecting your programs in your PC in general.