Restricting administrator privileges
User accounts have fewer privileges than administrator accounts. User accounts deny malware escalated permissions. Admin privileges should only be enabled on devices when absolutely necessary.
Malware installed using an “Administrator” account can have escalated privileges.It will be able to cause more damage to data and devices.
Using an “User” account as default can help prevent damage to systems should an infection occur.
Behaviours in SebDB are ranked by their impact on risk. Tier 1 behaviours have the biggest impact, Tier 4 behaviours the least.
Malware infections occur when malicious software makes its way on to a device or network.
Data theft is the intentional stealing of data.
https://www.maketecheasier.com/why-you-shouldnt-use-admin-account/ https://www.howtogeek.com/124950/htg-explains-why-you-shouldnt-log-into-your-linux-system-as-root/ https://www.ncsc.gov.uk/collection/10-steps-to-cyber-security?curPage=/collection/10-steps-to-cyber-security/the-10-steps/managing-user-privileges https://www.ncsc.govt.nz/assets/NCSC-Documents/NCSC-Restricting-Admin-Priviledges-Explained.pdf