16 OctThreats Protect yourself from phishing in Outlook: creating a category and setting up a rule Create a category and rule in Outlook to help you distinguish fraudulent emails from legitimate ones.
3 OctThreats Protect yourself from phishing: set up anti-phishing in INET Phishing is the most common form of cyberattack targeting users and does not spare Masaryk University. Attackers are increasingly imitating official communications from university systems, which can be difficult to recognize. For this reason, INET offers an anti-phishing feature that helps you distinguish legitimate emails from fraudulent ones.
6 May Malware on your device: how to detect and safely remove it This guide provides a practical overview of how to detect and remove malware from various types of devices (Windows, Android, macOS, iOS). It takes into account the specifics of each platform and highlights common mistakes users make during malware removal. In addition to the step-by-step process, it also emphasizes preventive measures that can help avoid reinfection.
5 MarThreats Infostealers in the device: how to recognize them and what to do? Infostealer is malware that steals passwords and sensitive data. Whether you want to find out if you have it on your device or were referred to this page by members of the MU Cybersecurity Team, learn how to detect it and what to do next.
1 Oct 2024Threats Device Security: Antivirus and Everything Around It Why should we use antivirus software? And is it worth splashing out on premium features? In this article, we'll delve into the world of antivirus programs, which are more crucial than ever in today's online landscape. We'll uncover how these programs combat ever-evolving threats and safeguard your personal data. We'll explore how antivirus actually works and what other options you can employ against malicious files.
Passwords Password Manager Are you not using a password manager yet? In this article, you will learn why it is important, which one to choose, and also how to start using it.
Threats What if it catches fire? We often write that preventing a fire is much better than fighting it. It is still valid. But what to do if a fire does break out? That’s the topic of the last part of the Cybersecurity series from CSIRT-MU.
Passwords Take a moment to examine your passwords Your passwords should be as important to you as your house keys.
29 SepIT Admins Exposure Reduction Guideline The guideline provides opinionated recommendations on exposure reduction of the infrastructure.
1 JulIT Admins Incident Response at MU: How to collect data from a compromised device This guide outlines procedures for the effective collection of forensically relevant data from a compromised device in the context of security incident response. The guide applies exclusively to physical servers and workstations. It focuses on Windows and Unix-like operating systems. This is not a general methodological document – the guide is specifically tailored to the internal processes and technical requirements of CSIRT-MU.
7 Aug 2024IT Admins Updates: why they are important and what are the risks Updates are an essential part of any secure system. They prevent incidents and ensure the smooth operation of IT systems and services. This article compares the benefits and risks of manual and automatic updates, primarily in Linux distributions. To complement this, it provides an example of automatic updates for the current LTS versions of Ubuntu 24.04 and 22.04.
IT Admins Recommendations for securing devices on the MUNI network Do you have multiple services running on your device for different user groups? A report from our team warns of a vulnerability in an application under your management that cannot be updated or disabled for specific reasons? These are not the only cases that pose a serious security risk that need to be addressed proactively.
IT AdminsE-mail How to prevent the spread of backscatter emails by email servers of MU How do these types of malicious emails originate? Why do we need to prevent their spread and how?
25 SepDevOps How to start with Dependency Scanning This guide explores several approaches to dependency scanning.
30 Oct 2024DevOps Secrets Management In a Software Development Lifecycle Secrets management is the process of storing and distributing passwords, API keys, certificates, or other sensitive information that should not be publicly available. This guide is an introduction to the subject. We present reasons and options for how to implement it.
29 Oct 2024DevOps How to automate secrets detection In this tutorial, we will expand our knowledge of detecting secrets using GitLab hooks and its CI/CD pipeline.
29 Oct 2024DevOps How to Start with Secrets Detection Secrets are not secret if everyone knows them - especially hackers. Accidentally storing a password or access key in a remote repository can happen to even the most experienced developers. In this guide, we'll look at how to easily detect this problem using Gitleaks and TruffleHog.
25 Oct 2024DevOps How to Start with Static Application Security Testing of Infrastructure as Code Wondering how to get started with static application security testing (SAST)? Maybe this article will help you, presenting selected tools and examples of their integration into the CI/CD pipeline in IaC (Infrastructure as Code).
14 Aug 2024DevOps How to start with SAST pipelines In this guide for developers we describe how to easily run static application security testing (SAST) as part of GitLab CI/CD.