Daily Archives: April 10, 2019

You Can Now Get This Award-Winning VPN For Just $1/month

If you use the internet (which you clearly do), you likely know how important it is to protect your data in an increasingly dangerous cyber environment. But like other essential tasks that tend to be tedious (like filing taxes early and brushing your teeth for the full two minutes), most installing and running a VPN can sound unappealing to many: sure, they encrypt your internet traffic and hide your location — but they can also run frustratingly slowly, delaying the way you’d usually use the internet for entertainment and work.

That’s where Ivacy VPN is different: not only will the speedy service let you browse and stream lag-free, it also offers real-time threat detection technology, removing malware and viruses at the server level. It ensures that all your downloads and devices stay totally secure, so you can stay safe online without being inconvenienced.

To read this article in full, please click here

Gmail making email more secure with MTA-STS standard



We’re excited to announce that Gmail will become the first major email provider to follow the new SMTP MTA Strict Transport Security (MTA-STS) RFC 8461 and SMTP TLS Reporting RFC 8460 internet standards. Those new email security standards are the result of three years of collaboration within IETF, with contributions from Google and other large email providers.

SMTP alone is vulnerable to man-in-the-middle attacks

Like all mail providers, Gmail uses Simple Mail Transfer Protocol (SMTP) to send and receive mail messages. SMTP alone only provides best-effort security with opportunistic encryption, and many SMTP servers do not prevent certain types of malicious attacks intercepting email traffic in transit.

SMTP is therefore vulnerable to man-in-the-middle attacks. Man-in-the-middle is an attack where communication between two servers is intercepted and possibly changed without detection. Real attacks and prevention were highlighted in our research published in November 2015. MTA-STS will help prevent these types of attacks.

MTA-STS uses encryption and authentication to reduce vulnerabilities

A MTA-STS policy for your domain means that you request external mail servers sending messages to your domain to verify the SMTP connection is authenticated with a valid public certificate and encrypted with TLS 1.2 or higher. This can be combined with TLS reporting, that means your domain can request daily reports from external mail servers with information about the success or failure of emails sent to your domain according to MTA-STS policy.

Gmail is starting MTA-STS adherence. We hope others will follow

Gmail the first major provider to follow the new standard, initially launching in Beta on April 10th 2019. This means Gmail will honor MTA-STS and TLS reporting policies configured when sending emails to domains that have defined these policies. We hope many other email providers will soon adopt these new standards that make email communications more secure.

Email domain administrators should set up DNS records and web server endpoint to configure MTA-STS and TLS reporting policies for incoming emails. Use our Help Center to find out how to set up an MTA-STS policy with your DNS server. G Suite admins can use the G Suite Updates blog to see what MTA-STS means for G Suite domains.

5 Most Common Types of Threats You Need to Know About

Cyber threats sometimes feel unrelenting and are becoming more dangerous every day. While the internet presents users with lots of information and services, it also includes several risks. Cyberattacks are increasing in sophistication and volume, with many cybercriminals using a combination of different types of attacks to accomplish a single goal. Though the list of potential threats is extensive, below you’ll see the most common security threats you should look out for.

1.  Malware

Short for “malicious software,” malware comes in several forms and can cause serious damage to a computer or corporate network. There are various forms of malware ranging from viruses and worms to Trojans and beyond. Malware is often seen as a catch-all term that refers to any software designed to cause damage to a computer, server, or network.

Antivirus software is the most known product to protect your personal devices against malware and is a great start to prevent potential threats. While for enterprises, protecting your endpoint is essential to quickly detect, prevent, and correct advanced threats to your business.

2. Computer Worm:

The distinctive trait of a worm is that it can self-replicate and doesn’t require human interaction to create copies and spread quickly and in great volume. Most worms are spread though tricking internet users and are designed to exploit known security holes in software. Since many employees use their phones for work-related tasks when they are not within the perimeter of their corporate firewall, businesses are at a high risk for potential worms. If a machine is infected, the worm can: corrupt files, steal sensitive data, install a backdoor giving cybercriminals access to your computer, or modify system settings to make your machine more vulnerable.

3. Spam:

Spam refers to unsolicited messages in your email inbox. From the sender’s perspective, spam is a great way to get their message across in an efficient and cost-effective way. While spam is usually considered harmless, some can include links that will install malicious software on your computer if the recipient clicks on it.

How do you recognize malicious spam? First off, if you don’t recognize the sender’s address, don’t open it. Also, if the email addresses you in a generic way, i.e. “Dear customer”, “Hi there” etc., don’t engage. Be aware of the embedded links and check if they have odd URL’s by hovering over them to see where it wants to direct you and if the destination URL matches the destination site you expect.

4. Phishing

Created by cybercriminals attempting to solicit private or sensitive information, phishing schemes tend to be the starting point of nearly all successful cyberattacks. Phishing schemes can disguise itself in many forms, whether its posing as your bank or a common web service, with the sole purpose to lure you in by clicking links and asking you to verify account details, personal information, or passwords. Many people still associate phishing threats with emails, but the threat has evolved beyond your inbox. Hackers are now employing text messages, phone calls, phony apps, and social media quizzes to trick an unwitting victim.

5. Botnet:

Botnet malware is a network of computers that have been hijacked or compromised, giving hackers the ability to control infected computers or mobile devices remotely. When the malware is launched on your computer or mobile device, it recruits your infected device into a botnet, and the hacker is now able to control your device and access all your data in the background without your knowledge.

A botnet can consist of as few as ten computers or hundreds of thousands, and when bots come together, they are a force to be reckoned with. If a botnet hits your corporate website, it can make millions of requests at once ultimately overloading the servers knocking the website offline, slow web traffic, or affect performance. As many businesses are aware, a website that is offline or has a long lag time can be very costly, resulting in a loss of customers or a damaged reputation.

 

For more information check out our Security Awareness Resources and Reports.

The post 5 Most Common Types of Threats You Need to Know About appeared first on McAfee Blogs.

Upcoming cybersecurity events featuring BH Consulting

Here, we list upcoming events, conferences, webinars and training featuring members of the BH Consulting team presenting about cybersecurity, risk management, data protection, GDPR, and privacy. 

Tech Connect Live 2019: Dublin, 30 May

BH Consulting COO Valerie Lyons will be presenting at this event which takes place at the RDS in Dublin on Thursday 30 May. The conference is a business and technology event, with talks on a range of related subjects happening throughout the day. The event is free to attend, and more than 5,000 delegates are expected on the day. To find out more and to register for a free pass, visit here

Data Protection Officer certification course: Vilnius/Maastricht June/July

BH Consulting contributes to this specialised hands-on training course that provides the knowledge needed to carry out the role of a data protection officer under the GDPR. This course awards the ECPC DPO certification from Maastricht University. Places are still available at the courses scheduled for June and July, and a link to book a place is available here

IAM Annual Conference: Dublin, 28-30 August

Valerie Lyons is scheduled to speak at the 22nd annual Irish Academy of Management Conference, taking place at the National College of Ireland. The event will run across three days, and its theme considers how business and management scholarship can help to solve societal challenges. For more details and to register, visit the IAM conference page. 

The post Upcoming cybersecurity events featuring BH Consulting appeared first on BH Consulting.

On World Health Day, Give Your Children the Key to Good Digital Health

My morning walk route takes me past a school that usually has its assembly at 7:00 am. I catch glimpses of students praying, reading out the news, teachers giving talks and often stop to watch them do their morning drill. It’s an arresting sight – 500 kids in bright uniforms moving in a synchronized manner to drumbeats. The school is doing it right; light exercises before the start of the academic day helps to enhance positivity, concentration power, alertness and readiness to learn. After all it’s an age-old saying, ‘A healthy mind resides in a healthy body.’

Perhaps you are wondering why McAfee Cybermum is discussing health. Well, 7th April was World Health Day and what better time than this to have a heart-to-heart on good health, especially, good digital health?

Let’s accept it- we are parents, first and foremost, and our focus is always (even when we are sleeping or partying or just chilling) on our kids. All we want is to raise happy, well-adjusted kids who will be able to think rationally and act for themselves and know how to stay safe- both in the real and in the digital world.

When we were kids, outdoors was the place to be! Life centered around our gardens, parks and roads outside our houses; where we spent hours playing, chatting or just hanging around. Today’s digital kids also play and socialize a lot, but the bulk of it happens online. They have their favourite hanging out zones, gaming sites, digital libraries, social media etc. We all are quite tech-savvy and so, we are well aware how addictive digital activities can be as well as how the long hours spent online can have adverse effects on health and mind. This is why we worry when our kids prefer digital lives to the real one; we take measures like setting device-use rules and see red if the rules are breached.

But losing our cool isn’t the solution- we need to promote a balanced digital life, right from the day the little tykes mark their initiation into the digital world and educate them and act as their digital role models.

Here’s how you can ensure a healthy digital life for your kids:

Health is wealth

Play games, swim, run, exercise, go for treks! It’s also a good opportunity to show them that devices can be put to other uses besides gaming and socializing, viz; tracking activity and monitoring health statistics. When they are using devices, teach them the right postures so that they don’t strain their back or eyes.

Balance is the keyword

Often, we forget to practice what we preach- which, in this case, is to have some device-free hours. Keep your device away (a) when with family, (b) when there’s company, and (c) during bedtime. Children will protest and perhaps bawl, but will also learn a valuable lesson, rather two lessons – There are other sources of entertainment besides devices, and a NO means NO. While the first lesson is important to lead a balanced digital life, the second one is important for them in the real world too.

Fix up an activity schedule that includes household chores

Not only will this help to maintain digital balance, it will also give the child the first lesson in responsibility. Whether it is making their own beds, cleaning out their wardrobes or helping to wash the car or set the table, these are values you are teaching kids non-verbally. Even little tykes can do small tasks and trust me, it will make them feel proud. Just take care that the daily timetable doesn’t start resembling an army cadet’s training schedule.

Set clear-cut rules

This helps kids learn discipline. Stress on how excessive use is akin to misuse. Their daily schedule should specify timings for device use. If they breach the timings, bring it up immediately. Repeated breaches need to be tackled firmly. Maybe the privilege of using the device needs to be surrendered for a few days. This, you as a parent need to decide.

Let them know you will be remotely monitoring their activities

It’s recommended that you mentor kids in the digital world till they are mature enough to handle matters responsibly themselves. Use parental controls that come with comprehensive security tools like McAfee Total Protection or McAfee LiveSafe and keep the admin password a secret. BUT LET YOUR KIDS KNOW you would be supervising them online. Explain it’s similar to how you keep an eye on them at public places. Remember to set internet timings and filters.

Have purposeful family activity time

Use that evening hour before or after dinner to chat, play board games, tell stories or discuss the news. Share, play, connect- the perfect ingredients for a close-knit family! And of course, all devices, including the digital assistant, is off-limit during this time.

Teach kids to be upstanders

Online abuse can lead to emotional disturbances in vulnerable kids. Even adults are negatively affected by cyberbullying and trolling and so you can understand the impact of such behavior on kids. Give your kids the security of your love and trust so that they grow up to be strong and confident and can stand up against bullies.

Discuss cybersafety often and with due seriousness

Living in the connected age, where we all use the same router for our devices along with other smart devices like CCTV, digital assistants etc., it is important to reinforce how the carelessness of one can affect the safety and privacy of all other family members. A safe and secure net connection is needed for mental wellness.

So, what are you waiting for? Start working on your family’s digital health today!

The post On World Health Day, Give Your Children the Key to Good Digital Health appeared first on McAfee Blogs.