Author Archives: Ioana Rijnetu

How to Keep Your Kids Safe on the Internet (10 Actionable Tips)

These 10 actionable tips will improve Internet safety for your kids and we recommend you follow them right now.

Safer Internet Day 2019 is an international event happening on the 5th of February and is aimed at raising awareness on online safety by promoting safer and positive use of technology for children.

This year’s main theme was “Together for a better Internet” calling everyone to take action and join the movement for creating a better Internet for kids and young people.

For the past years, technology has evolved beyond our control and has improved many aspects of our lives and kids knowledge base, but what about its risks?

According to one report from US-based PCMag, 76% of parents are worried about their kids’ online safety and have major concerns over the danger they are exposed to.

Kids nowadays grow with technology and parents’ core challenges are to find the best ways to limit and control their access on the Internet.

With so many information flooding on the Internet today, there’s an increasing danger for children to become an easy target for malicious actors trying to take advantage of their lack of knowledge.

From falling for online scams, sharing too much personal data to cyberbullying or meeting online sexual predator, these are some of the biggest risks that children face online.

Online protection for children is difficult to be detailed in just one article, as we can approach different aspects of it, but our main focus is to highlight the most actionable tips parents can apply to protect kids when navigating online.

Apply these 10 actionable tips to improve Internet safety for your children

1. Educate your kids about cybersecurity and online threats

You want your kids to spend time on the Internet and take advantage of the learning opportunities, but you also want them to be safe. To do that, you need to explain in simple and kid language about online threats and how to identify them.

When it comes to cybersecurity, education plays a vital role during the learning process,  and parents need to talk to their children about safe browsing on the Internet, malicious sites they can access, explain about different forms of cyberbullying, and other necessary topics that help them have a bigger picture of what’s going on.

The more you speak openly about online threats with your kids about their activity on the Internet, the easier is for them to understand what they see or hear online.

The following questions could prove useful for you and your kids and family. You’ll also find helpful information on key topics that will help you enhance your online safety:

These are just a few key topics you and your family should address and focus on to improve online safety.

2. Set usage limits and time spend on the Internet for your kids

The Internet might be a fascinating world for kids, but most parents become really concerned about the time spent there. If you notice your kid is developing an addiction to staying up all night to be on the Internet, it could be a sign to set usage limits and time spend on the Internet. Make sure you clearly tell them about the time they can spend on their computer or laptop.

Parents should also clarify what their kids can and can’t do when they navigate online.

3. Be patient and listen to your kids. Let them teach you

Staying online can be a daunting task and we cannot always predict where a discussion or comment will go or what type of people we find on social media networks.

You may check your kids’ computers, their smartphones or any other Internet-connected devices on a daily basis, but it really helps listen to them.

But how much do we actually know about our children?

In just a few words…not very much, because there will always be methods to evade our attention.

So, we strongly advise you to be patient and listen to your kids. Let them teach you about the social media platforms they use or the latest video that went viral on Youtube.

This is by far the easiest way to get information about their online habits, instead of losing time on spying their computers and trying to understand their browsing history.

So, just listen to them. Pretend that you don’t know too much about this Internet thing and let them start talking. There’s nothing more exciting for children than pretending to be teachers. Not to mention the trust they gain in themselves and finally, in you, as a parent.

4. Use parental control software to monitor your child’s online activities

Given the increasing number of devices kids use to connect on the Internet, it’s difficult for parents to supervise every time they’re online. Parental control apps can help. They are a great way to track your children online behavior and control what they are doing on their smartphones or other devices.

These software solutions act as an online guardian and help parents better monitor kids’ Internet usage, keep track of visited sites, control the Internet connection time, or block malicious websites and report any unusual online activity.

If you want to monitor your kids’ activity and are looking for free parental control software tools, this list comes in handy.

5. Install an antivirus solution on your kids’ devices

We all know that kids are naturally curious and attracted to new things, and they can easily access malicious links from untrusted websites or download video games from unknown web locations.

Thus, you need to consider installing a good antivirus solution from a reliable company that packs a real-time scanning engine, firewall and automatic update.

To help you decide what is the best solution for you and your family, whether you need free or paid antivirus, this in-depth security guide might help.

6. Keep your child’s software up-to-date

Here’s another Internet safety tip every parent should follow. Make sure you check if the Windows operating system used on your child device has all the latest and available security patches installed, such as browsers, plugins, desktop apps, etc. These updates include both security and feature patches and are meant to fix or improve the software you use.

If you aren’t aware of the importance of software patching, please read what security experts have to say about this topic.

Throughout our security alerts, we’ve learned that cybercriminals usually gain access to networks and systems by exploiting security flaws found in popular software tools like Adobe Flash, Java or browsers like Internet Explorer, Mozilla Firefox and Google Chrome.

That’s why you need to verify the device your children are using and make sure all necessary security patches are installed.

For monitoring your kid’s computer apps and securely deploying updates as soon as they’re available, you can use our Thor Free security solution which does an excellent job.

7. Don’t let kids navigate online without installing an anti-malware solution

If you hear your child complaining about slow-down issues, pop-ups all over the screen, new toolbars, a different default engine or random error messages, these could be warning signs of a malware infection.

An antivirus solution is no longer enough to protect you and your family against next-gen malware. To keep your kids safe on the Internet, we recommend using an anti-malware solution as an extra layer of protection to secure your digital assets.

8. Secure your Home Wireless network from prying eyes

The home Wi-Fi network is usually accessed only by members of the same house, but that doesn’t mean that malicious actors can’t get unauthorized access.

To better secure your home wireless network from prying eyes, the first thing to do is set up a strong and unique password so neighbors or other people can’t take control over your personal data.

But we have to take security seriously and do more than just adding a strong password. Online criminals might exploit your poor Wi-fi security measures and “listen” to your traffic in order to retrieve sensitive information or take advantage of your network to launch attacks such as Man-in-the-Middle attacks, network sniffing or data theft.

We recommend checking out this 12 simple, and essential steps guide we’ve included enhancing the security of your home wireless network.

9. Do NOT connect to unsecured WiFi networks outside your home

Your children may be safe at home, but with so many Wi-Fi public networks they connect to, how can we be sure they will remain safe?

We often go to public places and enjoy a coffee or tea, without even thinking about the online dangers or hackers that could wait for our connection to start.

Even if we can’t be anywhere, there are still a few things we can do to greatly improve their online security.

First, make sure the smartphone, laptop or tablet they use has some sort of protection, like anti-spyware or antivirus protection to keep the software protected against exploits and security breaches.

Secondly, information is the secret for your kids’ online safety, no matter where they are, so read these actionable measures on how you can improve the public Wi-Fi network.

10. Online habits have real-life consequences

As challenging as might be for children to understand the risks of being online, cybersecurity awareness is vital these days. We should teach them to avoid talking to strangers online, how to distinguish between fake and real news, and explain about the most frequent security risks out there.

Various choices and decisions should be made to increase our family’s security strategy, but we need to establish what is it that we are afraid of. The limits we set may increase our online security strategy, but at the same time, we could risk blocking the naturaldevelopment of our children being surrounded by tech gadgets.

Children need to acknowledge that online actions lead to real-life consequences and have cyber hygiene on how to use the Internet safely.

We put together these 4 resources to learn how to increase your kids’ online privacy and  secure your most valuable data:

Online Privacy in Under 1 Hour: Improve your Security Fast

Here are the Top Online Scams You Need to Avoid Today [Updated 2018]

The ABCs of Detecting and Preventing Phishing

Best free security and privacy tools in 2019

Final thoughts 

We need to teach children about cyber threats that put in danger their online safety. But we also need to “preach” online protection from malware threats and phishing attempts that usually target unaware or uneducated minds.

How do you keep your kids safe from online threats today? What methods are you using? Feel free to share your thoughts in a comment below.

The easy way to protect yourself against malware
Here's 1 month of Thor Foresight Home, on the house!
Use it to: Block malicious websites and servers from infecting your PC Auto-update your software and close security gaps Keep your financial and other confidential details safe

EASY AND RELIABLE. WORKS WITH ANY ANTIVIRUS.

Try Thor Foresight

*This article was initially published by Andra Zaharia in March 2015 and updated by Ioana Rijnetu in February 2019.

The post How to Keep Your Kids Safe on the Internet (10 Actionable Tips) appeared first on Heimdal Security Blog.

Heimdal Security Supports the ROC Leeuwenborgh Capture the Flag (CTF) Challenge

We, at Heimdal Security, are focused on educating both our readers and customers through actionable and useful blog articles, security alerts, protection guides, online courses, and other helpful resources designed to enhance cybersecurity awareness.

Through every project, education remains a core focus. Our goal is to make online security and privacy simple and accessible to anyone, and we think this starts with understanding the basics.

We also believe in the power of the cybersecurity community and being actively involved in it.

Every time we have the chance to support young and passionate students with their educational endeavors, encourage them to develop security skills and dive deeper into the world of cybersecurity, we do it without hesitation.

With that in mind, we are happy to announce that we are supporting the students from ROC Leeuwenborgh in the Netherlands by providing security software during their upcoming CTF competition.

A Capture the Flag (CTF) competition is usually hosted at cybersecurity conferences and aims to challenge participants to use their security skills and solve problems by capturing “flags” from the compromised computer networks.

This type of event requires players to register with the red or a blue team and includes a series of challenges that vary in terms of difficulties.

Students from the ROC Leeuwenborgh are competing for the blue team by trying to build their own CTF network with several “flags” and defend them against attacks of the red team.

They will present the network at the Security Congress called “The Journey of the Digital Experience over cybersecurity” in Brightlands, Netherlands, which takes place on the 1st of February. During this event, there will be security talks held by students, consisting of different workshops, presentations, and demonstrations.

How the Capture the Flag network works

The Dutch students have built their own network using components and resources from their education center, which includes a Ubiquiti Access Point, a router, switches, the RedSocks Malicious Threat Detector (MTD), Network-attached storage (NAS) and 7 servers.

The Capture the Flag environment will be divided into three different levels: beginner, advanced and expert, and will focus on cracking the passwords of the Access Points (which will be encrypted) to get access to the network.

There will be two dedicated servers for the beginner level in which attendees (participants) will have to use the “EternalBlue” exploit used as part of the massive WannaCry ransomware in 2017.

During the CTF competition, participants will solve puzzles of different levels of difficulty (cryptographic, steghide, and others) to get a password that will help them unlock password-protected Word documents placed on the desktop. These docs will give them access to “flags” that will break two more servers in the beginner network. Participants will face more challenges trying to solve more puzzles before they access the advanced network.

Same methods apply for the “expert” level, but at this point, students will use the Heimdal Security’s security solution, Thor Premium Home, to monitor networks and make the challenge more competitive.

During this event, participants will have to prove knowledge of offensive and defensive skills for hacking and protecting networks, cryptography, exploitation, etc, and they will work in the team to face challenges and capture all the flags in the specified timeframe.

The best team will win a substantial amount of money and other attractive prizes.

The Dutch Police also joins the CTF competition

It’s worth mentioning that an important partner of this event is the Dutch Police which will have a separate Capture the Flag network. Given the rise of advanced online threats, phishing, or DDoS attacks, the role of the Police and the IT specialists is indispensable for raising awareness about the importance of cybersecurity.

This CTF competition offers participants the opportunity to “become” IT specialists within the Dutch Police and use their hacking skills to collect as many flags as possible ahead of other competitors. It is mainly focused on cryptography and forensics, and participants are encouraged to bring their own device to join the competition. They will compete in the same environment and the winners will be rewarded with attractive prizes.

This is a great way for students, or professional and amateur hackers from the Dutch region and other places to learn hacking techniques, improve their problem-solving skills, and, most important, gain hands-on practice.

Bottom line, every Capture the Flag competition is a huge opportunity for students and people passionate about cybersecurity to think out of the box and test their team player skills.

If you have all these, take the leap and join the competition on the 1st of February!

More details about the event can be found here and information about the registration is here.

If you are interested in cybersecurity, or you want to embark on a career in infosec, you can always check out our free educational resources and learn how to better protect yourself against cybercriminals attacks.

Thor Foresight makes sure that link is safe!
Your parents and friends will click any suspicious link, so make sure they're protected.
Thor Foresight Home anti malware and ransomware protection heimdal security
Thor Foresight provides: Automatic and silent software updates Smart protection against malware Compatibility with any traditional antivirus.

SECURE YOUR ONLINE BROWSING!

Get Thor Foresight

The post Heimdal Security Supports the ROC Leeuwenborgh Capture the Flag (CTF) Challenge appeared first on Heimdal Security Blog.

Here are The Internet Security Blogs You Should Follow Today [Updated 2019]

If you are concerned about your online security (and you should), it’s essential to know which are the best cybersecurity blogs that could help you stay informed about the most recent trends in the threat landscape.

The question then arises: Where can you find the best security blogs to learn and to gain more knowledge in the cybersecurity field? What security experts to follow so you can stay abreast of changes in this industry and how to better protect your digital assets? How can you make the difference between the real experts and the false ones?

That’s why we want to help and we’ve put together this list with all the cybersecurity blogs and websites that are worth following.

We’re aware that it isn’t perfect and will never be, so we’ll continue to keep this list updated as much as we can. There are probably so many other security blogs and experts that we have not included. More and more are launching every day.

Can you tell what other blogs should we add to this list and what you think about the current ones?

From small, independent researchers and experts, to the big names: security vendors, media giants, organizations or cybersecurity communities and organizations. The main criteria were how much can we benefit from their insights and knowledge.

Therefore, if you need best practices, how-to articles, online safety research or the latest security news and insights from researchers, start with this guide. Feel free to bookmark our article and access the following blogs/websites whenever you feel it’s necessary.

CYBER SECURITY BLOGS TO FOLLOW

1. Krebs on Security

Brian Krebs is the man behind Krebs on Security. Being hacked himself in 2001, he starts to be personally interested in online security. He’s one of the well-known names in today’s security landscape. Krebs covers topics from the latest threats, privacy breaches, and cyber-criminals, as well as major security news and alerts. He’s also a book author.

2. Schneier on Security

Another cybersecurity blog that is worth reading on a daily basis is the one belonging to Bruce Schneier which is an internationally renowned security technologist, called a “security guru” by The Economist. He wrote books, hundreds of articles, essays and security papers on cybersecurity. At the same time, he is a known figure in the media.

The press recognizes him as an important voice for online security, not only for his knowledge on the matter but also because of how he expresses his opinions.

3. Tao Security

Tao Security is run by Richard Bejtlich, which is an advisor to the security ecosystem for the Treat Stack company and a former Chief Security Strategist at FireEye. He’s also an author of many books on the security topic. He started his career as a military intelligence officer at the Air Force Computer Emergency Response Team, Air Force Information Warfare Center and Air Intelligence Agency.

With an extensive background in the cyber-criminal world and familiar with malicious attacks on enterprise networks, he shares his experience on digital defense and network monitoring. Since a great number of network attacks come from China, he is specialized in Chinese online criminals.

4. Graham Cluley

Graham Cluley is one of the most known independent computer security analysts and public speakers. He’s been working in the industry since the early ‘90s. Started as a programmer, writing the first ever version of Dr. Solomon’s Anti-Virus Toolkit for Windows. Afterward, he had senior roles in Sophos and McAfee.

5. Troy Hunt

Troy Hunt is an Australian Microsoft Regional Director and Most Valuable Professional (MVP) for Developer Security. He travels the world speaking at events and giving training and advice to tech security professionals. He’s also an author of many top-rating courses on web security.

You surely heard about his project Have I Been Pwned?”, a free service that tells you if you’ve been compromised in a data breach.

6. Daniel Miessler

Daniel Miessler is a well-known cybersecurity expert and writer with 20 years in information security. His blog includes a collection of technical knowledge, industry insights, and opinions shared by Daniel on various topics. We recommend adding his blog on your reading list for valuable insights, and also follow him on Twitter.

7. Security Affairs

Security Affairs is a security blog written by Pierluigi Paganini, an ethical hacker, researcher, security evangelist, and analyst. On his blog, among the articles on security, you’ll also find regular interviews with hackers, useful cybersecurity In 2016, this blog was awarded as Best European Personal Security Blog

8. Architect Security 

This cybersecurity blog belongs to April C. Wright which is a speaker, teacher, community leader and hacker with more than 25 years experience in the information security industry. She teaches others how to use simple actions that can lead to a better and safer place.

9. Dark Reading

Dark Reading is a widely-read cyber security website that addresses professionals from the IT industry, security researchers, and technology specialists. They use their experience and knowledge to provide articles, recommendations, news and information on IT cybersecurity landscape.

10. CIO

CIO is the place where you find news, information technology articles, insights and analysis on major data breaches and online threats that put your online security at risk. Covering multiple aspects of world wide web, it provides in-depth, content-rich information for IT professionals and regular users.

11. CSO Online

CSO focuses on offering users the latest information and best practices in both technology and business, loss prevention, cybercriminal threats, and software vulnerabilities, malware and data breaches and many other useful tips and advice about cybersecurity.

12. PCMag’s Security Watch

Known for his direct and witty style, Neil Rubenking is PC Magazine’s Lead Analyst. He’s the man you have to listen if you search for technical advice on the main security solutions, from firewalls, antivirus, and antispam products to full security suites. You’ll also read in this cybersecurity blog detailed reports and sharp analysis of security programs, which should place him on your follow “cybersecurity blogs” list if you look for this type of information. He has also written several books.

13. Paul’s Security Weekly

This security blog was founded by Paul Asadoorian and brings you a wide range of topics from security news, useful technical articles, research studies to valuable information on hacking and cybercrime through different channels, from blog posts, videos to podcasts.

14. Forbes

This is one of the leading media company in the online environment and provides strong analysis, reliable tools, real-time reports for cybersecurity news and information on the latest online vulnerabilities.

15. SC Magazine

SC Magazine comes in the IT environment with technical information and data analysis to fight the present online security threats. Their site provides testing results for email security, mobile devices, cloud, and web security.

16. PCMag

Probably one of the most popular tech sites in the software industry, PC Mag offers readers lots of reviews and studies on the latest products for online security. For an objective analysis of a particular product you may be interested in, don’t forget to search for the dedicated article on this website.

17. The Hacker News

It is one of the biggest information security blogs and we recommend following it for the latest resources about hacking, technology, and security.

18. Security Week 

It’s one of those information security blogs you need to follow to stay informed about the latest security news, insights and analysis. You’ll also read opinions and insights from IT security experts around the world.

19. Ars Technica

Probably one of the oldest and top publications on technology. Its editorial mission is to be “technically savvy, up-to-date and more fun” than what was popular at the moment when it was founded.

20. Softpedia

Softpedia is a popular destination for software downloads but also covers tech topics and news. It was founded in 2001 by SoftNews NET SRL, a Romanian company.

21. The Last Watchdog 

It is one of those security blogs founded by the Pulitzer-winning journalist Byron V. Acohido which is a respected cybersecurity influencer, and The Last Watchdog is considered to be one of the top cybersecurity blogs. You’ll find personal opinions on cybersecurity, Q&A, useful podcasts or videos. 

22. Wired

One of the classical American online magazines reporting on technology and its role in culture, economy and politics, Wired approaches various topics on online privacy, cybercriminal threats, systems security and the latest security alerts.

23. Motherboard Vice

Vice’s Motherboard is an online magazine dedicated to technology, science, and humans. Lots of the data breaches in the past years were firstly announced by Motherboard and you should follow it.

24. Mashable

Mashable is a global media company, founded in 2005. They aim to be the leading media company for the Connected Generation and the voice of digital culture. We recommend following their cybersecurity category to read about all the latest news related to this field.

25. Techcrunch

TechCrunch is another leading media company focused on technology and breaking tech news, founded in the same year as Mashable and owned by AOL.

26. IT Pro Portal

It Pro Portal is one of the first tech websites from the UK, launched in 1999 and has grown to become one of UK’s leading resources on technology information. Here you’ll find tech products reviews, market analysis, cyber security news and many more.

27. Privacy Paradox from Lawfare

When law meets privacy – this is how we’d sum up “Privacy Paradox”, the subsection of The Lawfare Blog. Its authors take an unorthodox look at the law and policy of contemporary privacy.

28. The Register

The Register is another top online tech publication, with more than 9 million monthly unique visitors. You’ll find here independent news, views, and reviews on the latest in the IT industry and its security section brings the latest news from the industry.

29. TechRepublic

TechRepublic provides large resources for the online industry, such as blog articles, forums, technical papers, and security data. All the valuable information available on this cybersecurity blog will help IT professionals and technology leaders to come with the best decisions on their business processes. There are also useful resources such as white papers, eBooks, tools and more.

30. Zero Day

The Zero Day security blog is important for all the people part of the IT industry. This information security blog belongs to ZDNet and you should follow it to stay on top of the latest security analysis, software vulnerabilities, malware attacks, and network threats.

31. The Guardian Information Security Hub

Known for its quality articles on world news, Guardian also provides a section dedicated to information security for both companies and individuals. To stay up-to-date with the most recent articles and news on cybersecurity, make sure you follow this cybersecurity blog.

32. Help Net Security

Help Net Security is a popular independent site, focused on information security since 1998. You’ll find here the latest information and articles related to the IT industry, including experts’ opinion on the hottest topics, reviews, security events, and many more.

33. Techworld Security

Techworld is an industry leader in business technology publishing, published by IDG (International Data Group). The Security section is dedicated to analyzing the latest malware threats and zero-day exploits, including analysis and tutorials. You can find here other important topics and subjects, such as security articles, how-to documents or software reviews.

34. IT Security Guru

It is a site for cybersecurity community which offers daily and breaking IT security news, with opinions and analysis of this industry.

35. Network Computing

The content of the Network Computing cybersecurity blog focuses on cloud technology and enterprise infrastructure systems. Its published articles cover security solutions on how to deliver applications and services for an increasingly large threat environment in the business world, news and expert advice.

36. Infosecurity Magazine

With more than 10 years of experience, Infosecurity Magazine is an online magazine which covers not only security articles on popular topics but is also focused on security strategy and valuable insights for the online industry. You should follow it for its educational approach.

37. SANS Institute AppSec Blog

SANS Software Security provides training, certification, research and community initiatives that help IT specialists build secure applications.

38. Peerlyst

Peerlyst is a community for where cybersecurity professionals gather to discuss hot topics and exchange opinions on key subjects. As part of the community’s mission, the team is “working with people like you to help transcend the fragmented security market and create transparency”.

39. Europol 

While it’s not actually a cybersecurity blog, it is worth following and reading the newsroom section from the European Union Agency for Law Enforcement Cooperation (EUROPOL) and stay up to date with the latest press releases, news articles, blog entries, videos, and other content.

40. Electronic Frontier Foundation (EFF) 

The Electronic Frontier Foundation is the leading nonprofit organization defending civil liberties in the digital world which was founded in 1999. Its work is mainly focused on ensuring that rights and freedoms are enhanced and protected as our use of technology grows. You should read their information security blog for its high-quality content, comprehensive analysis, educational guides, and more.

41. Virus Bulletin

The Virus Bulletin blog is a must-read online source of reference for anyone concerned with computer security and online threat landscape. It covers the latest threats, new developments, and techniques in the security landscape, opinions from well-known members of the industry, and more.

42. StaySafeOnline

This security blog is powered by the National Cyber Security Alliance (NCSA)  organization and is a reliable online source that provides valuable information on how you can stay safe online, how to keep your business secure and many other useful tips and insights on privacy.

43. Security Boulevard

It is the home of the Security Bloggers Network (SBN) and an online community where you can find plenty of useful resources from fresh cybersecurity news, threats and data breaches to webinars, a library of security-related resources, and many other educational resources.

44. Bleeping Computer

Another fantastic resource is Bleeping Computer, a technical support website, and a self-education tool. Do read their cybersecurity guides, forums, tutorials and more.

45. IT Security

Here’s another useful information security resource where you can read about cybersecurity news, insights and experts’ opinions on topics related to the cybersecurity landscape.

46. GBHackers on Security

It is another great online resource where you can read about the latest hacking news, cybersecurity, technology updates, ransomware or malware. There’s also the place where you can find useful online courses and other interesting infosec resources.

47. BetaNews

Here’s another leading source of technology news and analysis you can follow to stay up to date with everything happening in cybersecurity.

INFORMATION SECURITY BLOGS FROM SECURITY VENDORS TO FOLLOW

48. State of Security

TripWire delivers advanced threat, security and compliance solutions to companies. State of Security is TripWire’s blog on cybersecurity and the place where you can read about the latest cybersecurity news, podcasts, videos, and many more useful resources. Multiple authors write on it about the constantly changing landscape of cybersecurity.

49. Naked Security

Naked Security is an award-winning newsroom that offers us news, opinions, advice, and research on computer security issues and the latest cyber threats. The blog belongs to the security company SOPHOS and there are topics from mobile security threats to operating systems or malware articles.

50. F-Secure Safe & Savvy Blog

Safe & Savvy is a cybersecurity blog from F-Secure, a company focused on online content and privacy protection issues. On this security blog you will find plenty of handy tips and tricks on security issues, how to keep your data safe and many other resources such as videos, infographics or reports.

51. Hot For Security

Another information security blog you should add to your list is the Hot For Security which belongs to Bitdefender security company. Bitdefender is one of the leading and most-known companies on online security solutions. On their blog, they cover various subjects related to cybersecurity and privacy, from Internet scams, online spam, and phishing detection, to malware and data-stealing software.

52. Malwarebytes Labs

The Malwarebytes cybersecurity blog includes articles that cover the latest malware threats and cybercriminal attempts from the online world. You can find their articles on categories, from cybercrime, exploits, hacking and malware analysis.

53. We Live Security

We Live Security, the Eset blog, is an online resource for cybersecurity articles and probably one of the best cybersecurity blogs providing a large network of security topics from emerging online threats to zero-day exploits.

54. ThreatPost

Threatpost is an independent news site where you can read a plethora of cybersecurity news and analysis to stay informed and safe, including useful videos, feature reports and many more.

55. Kaspersky Lab’s Securelist

Securelist is a security blog run by Kaspersky Lab which addresses a large audience, providing some of the best security subjects on cyber criminal activities and data-stealing malware. There is plenty of great cybersecurity information you’ll read here from malware, spam and phishing to statistics and an encyclopedia to search for definitions and learn new cyber sec terms.

56. Symantec Blogs

Symantec Blogs is an expanded blogging platform which belongs to one of the biggest providers of security solutions worldwide, Symantec. This information security blog offers users the latest security news, unparalleled analysis from experts on the online threats affecting businesses today,  articles on security threats, online criminals, data-stealing malware, system vulnerabilities, and many others.

57. Fox IT Security Blog

Fox-IT’s security blog is a very good source of information on online security, technology news and cybercrime defense. This security blog is owned by Fox-IT, a Dutch security firm that works with trusted partners in more than 35 countries.

58. Securosis

Securosis is a security research and advisory company that offers security services for companies and organizations. At the same time, you can find on their security blog some useful articles and insights on how you can better manage and protect your online data.

59. Google Online Security Blog

We couldn’t miss this one from our list! We are surrounded by Google products and services every day, from their search engine to web browser, so it’s normal to include their cybersecurity blog here. It is more than a reliable information security blog; it’s also a reference point on online security and privacy we need to acknowledge. Here you can also read the latest news and insights on how to keep users safe.

60. ZoneAlarm Cyber Security Blog

This cybersecurity blog is from ZoneAlarm, which is one of the well-known vendors of security products providing valuable information on malware defense and online security to protect millions of PC users. Using their experience on malware, this security blog publishes malware alerts, practical security tips and the latest news in the IT industry.

61. McAfee security blog

McAfee information security blog provides the latest tips and techniques from various security experts to keep you up-to-date with the latest malware trends in the online environment.

62. Microsoft Secure Blog

Starting January 2018, this is the place where you’ll find all the blogs from Microsoft. Here you’ll find technical information for Office 365, Microsoft Azure, and Windows, alongside product updates, cybersecurity guidance, industry trends, and more. You’ll also read great cybersecurity stories from the global team of Windows Defender researchers, engineers, and experts.

63. SpiderLabs Security Blog

Investigators and researchers at Trustwave cover the latest technology news on this cybersecurity blog. Gathering information from research and testing, they publish articles and security studies to fight online hackers and cyber-criminal threats.

64. Dell SecureWorks

SecureWorks is a company that provides information security services and became part of Dell in 2011 and branched off as a public organization in April 2016. Their cybersecurity blog provides the latest news and information for IT professionals and users that need to stay up-to-date with online threats and malware attacks.

65. Trend Micro Simply Security

Trend Micro Simply Security information security blog offers expert insights on cloud security, data safety, privacy protection, and threat intelligence. You’ll also find research and analysis, and the latest news on the cybersecurity industry.

66. ThreatTrack Security

ThreatTrack security blog keeps you up-to-date with the latest innovations and developments in the IT industry, from security exploits to software vulnerabilities and cyber-criminal attempts.

67. Sucuri Security 

This information security blog is held by the security company called Sucuri, which is managed by two highly passionate individuals in this industry, Daniel and Tony. It is a great online resource where you can learn about site security, emerging vulnerabilities, and web malware infections.

68. Comparitech 

This information security blog is from the company Comparitech Limited, which has the mission to help consumers make more savvy decisions when they subscribe to tech services such as VPNs, antivirus and security products, cloud backup, password managers and more. Read their blog to read more about VPN, privacy, information security and more.

69. AlienVault

It is a company security company focused on enabling all organizations to better detect and manage cyber attacks in the cloud. Their blog offers cybersecurity fresh news on the latest emerging global threats and actionable advice to simplify threat management and compliance.

70. Sensors Tech Forum

Another information security blog you should add on your list is Sensors Tech Forum, which is both an online security blog and a forum. Here you can read daily PC security news, ransomware and virus removal guides. The Sensors Tech team publishes useful guides that could help users get through the removal process of malware.

71. IT Governance UK

IT Governance is a leading global provider of IT governance, risk management and compliance solutions, with a focus on cyber resilience, data protection, and cybersecurity. On its cybersecurity blog, you’ll read plenty of useful articles on GDPR, online privacy,  as well as podcasts and toolkits.

72. Quick Heal Blog

This security blog belongs to Quick Heal TechnologiesmLtd., which is a pioneer of antivirus research and development in India. On the blog, you will find the latest IT security news, alerts and other useful tips.

73. ScienceSoft Blog

Another security blog that you should check out is this one from Science Soft, a US-based provider of IT consulting services and custom software development with over 29 years experience in information technology. The blog approaches a variety of security topics from Artificial Intelligence, Penetration Testing, Internet of Things, and many more.

Conclusion

Since the security and privacy landscape is changing constantly, so must we. That’s why we’re asking you to help us improve this article.

Let us know your thoughts in a comment below.

P.S. You can also follow our blog’s weekly roundup or our social profiles (especially Twitter), where we share the latest cybersecurity news.

Spend time with your family, not updating their apps!
Let THOR FREE Silently and automatically update software Close security gaps Works great with your favorite antivirus

INSTALL IT, FORGET IT AND BE PROTECTED

Download Thor FREE

The post Here are The Internet Security Blogs You Should Follow Today [Updated 2019] appeared first on Heimdal Security Blog.

10+ Cyber Security Decisions You (and Me) Will Regret in The Future [Updated]

We may not realize it, but our daily routine habits have long-term effects. Some of them are positives, others could be on a negative note, but there is always at least one lesson to be learned. If you choose to eat healthy regularly, this habit will surely impact your lifestyle for the next years. If you read only a few pages of one book every day, you’ll see the world from different angles, enrich your vocabulary, and better understand people and the world we live in.

This applies to cybersecurity (decisions) as well. And let’s say that”within every decision, comes great responsibility.” Our daily habits we use in the digital landscape can impact greatly our future. If you are like me, you probably want to know that all your valuable digital assets such as photos, work-related documents, and files, apps, emails are in a safe and secure place.

I really hope you don’t have the widely-spread mindset “It can’t happen to me”, and assume you can’t become a victim. Cybercriminals don’t target only large organizations or institutions, everyone is exposed and can be vulnerable to all kind of cyber attacks. Is wrong to think that. We should take precautions to better secure our online identity.

With wise security choices come no regrets.

Did you know a recent report found that cyber attacks are in the top three risks for the society, along with natural disaster and extreme weather? 

Source: Reactiongifs.com

You shouldn’t be surprised! The digital landscape doesn’t provide safety as we’d want it, or as we think it should (the “security by default” mentality). There are online threats with every click we take and we need to think about our online behavior seriously. It is essential to adjust our habits so that we can become our own layer of protection.

Don’t expose yourself and your valuable data out there and take security choices you’ll regret in the upcoming years.  Learn how to be resilient and easily detect online threats.

Apply these actionable security tips to enjoy safer digital experiences

  1. Do not share too much personal information on the Internet, because you can expose yourself to identity theft and imposter scams. For security reasons, it is better not to give full information such as birth date, address, the city of birth, phone number, share location when you are on vacation, or other sensitive and personal details that could expose your data.
  2. You may not realize it, but each time you check-in at home, at the airport, restaurant or any other public place, you become an easy target for malicious hackers. Who knows when you might get a visit from potential thieves? Once you expose your current location, attackers will know you’re on vacation and (most likely) rob you. For security and privacy matters, do not share your current location and provide as little information as possible about it while on the go.
  3. Also, don’t share photos of your credit card details on social channels, because hackers can find different ways to get access to your financial accounts. Food for thought: read these stories of people who share images of their credit cards on Twitter or Instagram.  You can easily get ripped off. “Sharing a picture online of your credit/debit card is a surefire way to have your details hacked.”
  4. Make sure that you don’t reveal your passwords to other people. Not even with your best friend or family members! The password is the key to access all your sensitive data stored on the email or other online accounts. Same applies to the working environment. You never know, but an insider threat could be next to you and can easily access sensitive data of your company. Make sure you block your computer each time you leave the office desk.
  5. We highly recommend changing your passwords regularly and set strong and unique passwords for your online accounts. Use this password guide to manage your passwords like an expert.
  6. Be careful when accepting random friends requests on FB from people you don’t know. You may be targeted by online scammers who want to collect data about users by creating fake Facebook profiles. If one of your friends send you a suspicious link, don’t click it, because it may redirect you to a malicious site and infect the PC with malware.
  7. Most of the spam campaigns usually take place via email, so we strongly advise you not to click or download any file or document attached that looks suspicious to you. Online criminals will always find innovative methods (like spoofing) to steal users’ sensitive data. Here’s how online scams work and how you can easily detect them.
  8. Don’t post private conversations without asking for permission in advance. Social media is a great place to interact and work with others, but many of us still have problems understanding how to use these platforms properly. Follow and use these specific netiquette rules. Remember that all messages you post on FB or other social media channels will remain there forever, because they store and collect data, and might affect you at some point. Always check your privacy and security settings for every social media platform you use and think twice before choosing how much data you want to make publicly accessible or keep it private.
  9. When you browse the Internet and search for something specific, you are not completely safe and you can infect your PC with malware or other online threats. Every browser has vulnerabilities that need to be fixed, so it is important to keep your browser up to date all the time and apply all patches available. This applies to all your plugins, add-ons or operating system. This step-by-step guide will show you how to get solid browser security.
  10. Education is always the key to stay safe online and be protected, and we strongly remind you to stay informed and learn from free educational resources.

We thought it might be useful to compile a list of 10 security decisions that can have an impact in the future. It can harm us more than we realize, so read them carefully. 🙂

Later edit: The list isn’t complete and we’ll keep updating it with more useful recommendations about security decisions that impact our lives.

Decision 1: Allowing someone else to dictate your security priorities

Here’s a piece of friendly advice: Don’t let someone else tell you how to prioritize your security problems! Make sure you understand your own needs and decide what security measures you should follow, in order to enhance online protection.

When it comes to cybersecurity priorities, it’s better (and wiser) not to rely on everyone who shares their views and opinions on digital safety. Do not be influenced by someone who tells you how to approach security matters. Instead, think of your own security challenges and prioritize them to better protect your valuable online assets.

Decision 2: Not focusing on educating yourself about cybersecurity

Probably one of the best investments for each of us is education. I sincerely believe that cybersecurity education is our best weapon to fight against today’s wave of cyber attacks. Education should be our core belief and main concern in keeping our valuable assets secure.

Cybersecurity education is the key to unlock a safer future and minimize the impact of cyber security incidents. Make sure you focus on spending more time and effort to learn as much as possible about the cybersecurity environment.

Why? Because the most successful cyber attacks aren’t just about technology but tied to the human error.

If you don’t know where to begin your learning path, have a look at these free educational resources that apply to anyone, no matter the background or skills level.

Decision 3: Reading cybersecurity resources with no actionable insights for you (and myself included)

What’s the point of reading cyber security online resources if you don’t apply the information found there? I know that a quick search on Google can generate lots of blogs and websites in this field. The big challenge comes when you need to filter and choose those valuable resources that can teach us actionable stuff.

I think we should start with a simple idea: your reading should be useful and actionable all the way through the journey in cybersecurity. You need it. We all need it. More than that, it’s essential to be ready for the future.

“Practical application of what you read reinforces what you’ve learned because you’re forced to integrate it into your life. If all you do is consume, you’re much more likely to forget what you read” said Srinivas Rao on Medium

As the author says, reading things we don’t actually apply to lead us to a “vicious cycle of excessive consumption which limits the creativity and prevents you from consuming less and creating more”.

If you want to read actionable cybersecurity resources, we’ve curated a list of Internet blogs and websites that could help you become savvier in info security.

Also, we asked security experts about books, and they’ve recommended some of the best educational cybersecurity books out there to read.

Decision 4: We don’t think of the security implications beyond our devices

After purchasing a device, – whether it is a desktop or mobile-, we don’t think of all the security implications too much. We are probably too excited about the cool features (and apps) included, and we miss this part.

We expose ourselves and our data by becoming more vulnerable to cyber attacks and easily prone to malware infection.

Everyone (myself included) believe that security is by default, and we don’t take the time to check all the existing settings.


I learned how my security decisions have a great impact on my future.
Click To Tweet


Here are some hands-on and actionable guides you may want to read for keeping your devices safe:

Smartphone security guide

Windows 10 Security Guide

How to Protect your PC with Multiple Layers of Protection

Decision 5: Not paying enough attention to the security software you install

When you look for a security software program, you’ll probably choose based on a recommendation from friends and family. This is a wise decision showing you care about your data. It is essential to add an extra layer of security to lower the risks of seeing your files and documents being stolen by hackers.

Depending on your budget, you could choose a free or paid security software to protect your digital assets. Also, make sure you pay enough attention to the product you’ll install, so you don’t have regrets afterward.

Why? Because in general we install software products on our devices with a few clicks and this is it. We forget about them. What we don’t do is:

  • Check for all the necessary system requirements;
  • Change default passwords;
  • Choose carefully and not investing in quality and legitimate products;
  • Check for built-in apps and all the software package included.

Independent software programs usually are packed with modules that constantly check for updates. Some have the auto-update feature built-in, while other program lets you do it manually. I recommend performing these updates that deliver revisions to your device (fixing major security vulnerabilities, removing and including new features).

Here’s what security experts say about the importance of software patching and why it’s an essential key factor for your online safety. Cultivate this healthy habit of checking and installing for updates as a part of your daily digital routine.

Also, remember that the longer your devices run without updates, the more exposed you are to data leakage and other cybersecurity threats.

Decision 6: Postponing data backups

I am sure you’re concern about your data like me, but postponing to backup of all your critical data is a choice we might regret in the future.

The longer we postpone this action, the more our data is vulnerable to attacks and prone to be lost unexpectedly. That’s why it is essential to have a copy of all your valuable data on external sources like a hard drive or in the cloud (Google Drive or Dropbox).

Here are the golden rules of data backup you should follow right now:

1. Keep at least 2 copies of your data.

2. Have backups on different external devices.

3. Maintain a constant, automated backup schedule of your files and documents.

4. Secure your backups with strong passwords and keep those passwords safe.

Therefore, for people like you and I, who can’t really spare that much time when it comes to backing up data, here’s a simple and actionable guide to follow.

Several security solutions offer backups for your computer data, and many of them will do this automatically and periodically. You can also create your own backups (and it won’t hurt to have multiple backups anyway). Just be disciplined in making sure you regularly do the backups so that if something should happen, the minimum amount of data is lost.

Decision 7: Not using two-factor authentication

A Google software engineer said during a security conference that less than 10 percent of active Google accounts use two-step authentication to enhance protection for their devices.

You may not give it too much importance now, but its main purpose is to make malicious actors’ life harder and reduce potential fraud risks. It will make it more difficult for cybercriminals to breach your account.

It’s nothing wrong with facing difficulties to understand new technologies. It’s wrong trying to ignore or postpone them because it will affect your online safety in the long run.

3 main reasons why should you use/activate two-factor authentication (2FA):

  • Passwords on their own aren’t as powerful as we believe they are, and can’t fully protect us. Cyber attackers have the power to try billions of passwords combinations and crack them instantly.
  • People tend to use the same password on different accounts and when online criminals succeed to crack it (via brute force attack), all your data will be exposed. Don’t do it! Set unique and strong passwords and consider using a password manager tool.
  • 2FA offers an extra layer of security and reduces cybercriminals’ chances to launch an attack. It’s hard for them to get through the second authentication factor.

Enabling two-factor authentication method is a must-have for all our email accounts, social media accounts, apps or online banking accounts. You can use this step-by-step guide to help you activate it for various online accounts. As for the passwords, do not reuse them for different online accounts.

Decision 8: Sharing too much personal information on social media

This is one of those security decisions you will definitely regret in the future. For privacy matters, do not to share your full personal data (birth date, address, the city of birth, phone number, or any other details on social accounts).

This way, you expose yourself to identify threats and most likely become more vulnerable to all types of online scams. Cybercriminals use social engineering techniques to exploit your data and get quick access to them.

Nothing beats learning from personal experience, but sometimes it’s better to learn from others’ experience rather than having a negative one. These true Internet stories could be an inspiration for you to take cyber security very seriously. Also, it doesn’t harm to be a little bit paranoid and protect your digital assets as everyone wants them.

Decision 9: Connecting to unprotected Wi-Fi networks

There is no news that Wi-fi networks come with a set of security issues. This allows malicious hackers to use Wifi sniffers and other methods to intercept almost all the data (such as emails, passwords, addresses, browsing history and even credit card data).

Before I started working in cybersecurity, I used to connect to every public and free Wi-fi network when visiting a coffee shop or restaurant. I learned not to do this anymore.

I realized (and understood) the security risks I was exposing myself and all my data by relying on Wi-fi networks. Now I turn it off :-).

This is one of those security decisions you’ll regret one day, so do your best and avoid Wi-fi connections that don’t provide password encryption when you’re enabling it. Cybercriminals can hack into a public Wi-Fi, just like this 7-year-old kid did.

To be extra safe on public Wi-fi, make sure you:

  • Visit and use only secure websites with the HTTPS protocol while browsing the Internet and, mostly, while doing various banking operations.
  • Consider using a Virtual Private Network (VPN) and block malicious actors’ attempt to access sensitive data sent over the unsecured Wi-Fi network.
  • Keep your operating system up to date and patch everything
  • Do not connect to a public Wifi without having antivirus software installed on your device.

Decision 10: Giving up on cybersecurity because it seems too complicated

For many of us, cybersecurity seems to be way too technical and difficult to approach, and for this reason, most users give up on understanding the basics of cybersecurity.

It gets confusing for regular users, but also for business owners, journalists, or people working or involved in cybersecurity. At some point, all parties involved think “why can’t security be simpler?”

Cybersecurity is complicated because life is complicated and there is no perfection. We can’t be a hundred percent secure – so the rhetoric and fear monger of vendors and security professionals has given in to a feeling of helplessness and disparity among the 80%. said Ian-Thornton-Trump on an expert roundup.

Decision 11: You do not check for reliable and trustworthy (re)sources 

We live in a world where we are overwhelmed with lots of information from every social network. We consume and have access to so much free content that it gets difficult (and challenging) to distinguish between fake and real news.  

While fake news is nothing new, disinformation can play a significant role in spreading and creating a fake reality that people (will) believe in. 

Every time we look for something and doing research on a specific topic, the information is right there, at one click distance. But how many of us are willing to go over the process of filtering and checking data? How do you know if it comes from trusted, high-quality sources? 

PRO TIP:  We strongly recommend to always fact-check other resources, and not rely solely on the first (re)source you find. Here are some useful tips that can provide actionable information on how you can better spot fake news. Also, it is important to combat them through user education, high-quality journalism, and always double-checking other resources. 

Each of us should be more aware of the long-term consequences of fake news, combat them, and invest in education to know how to better detect disinformation.

You can easily tackle it by attending a (free) cybersecurity course for beginners that will teach you how to improve your online safety. Once again, I emphasize the importance of education that can open and save digital lives.

The more we have a proactive cybersecurity defense, the safer we’ll be on the Internet where we can better combat the alarming wave of online threats. Cybercriminals don’t cease to surprise us with the various methods used during their cyber attacks.

Is any of these security decisions on your list to follow? What key factors influence your security decisions making? We are curious to know what you think of it, so feel free to share your thoughts.

The post 10+ Cyber Security Decisions You (and Me) Will Regret in The Future [Updated] appeared first on Heimdal Security Blog.

13+ Warning Signs that Your Computer is Malware-Infected [Updated 2019]

Here’s one of the scenarios you may not like, but it could happen every day because it’s always viruses season for computers. You’re working on an important project and suddenly you start seeing annoying pop-ups displayed on your computer. Also, it takes too long for your files or computer apps to load. You wait and wait until you start asking yourself:

 “Does my computer have a virus?”

Unfortunately, the answer might be “yes” and your PC could be already compromised with viruses or next-gen malware that are slowing down its activity and performance.

This is one of the many warning signs that show your PC might suffer from a malware infection. There are more of them you need to be aware of and understand, so you can quickly take action.

In this article, we’ll show you the most frequent warning signs of malware infection and what can you do about it.

Use these quick links to easily navigate and see some of the most common warning signs displayed on a computer:

1. Your computer is slowing down
2. Annoying adds are displayed
3. Crashes
4. Pop-up messages
5. Internet traffic suspiciously increases
6. Your browser homepage changed without your input
7. Unusual messages show unexpectedly.
8. Your security solution is disabled
9. Your friends say they receive strange messages from you
10. Unfamiliar icons are displayed on your desktop
11. Unusual error messages
12. You can’t access the Control Panel
13. Everything seems to work perfectly on your PC
14. You get the error on the browser
15. You get suspicious shortcut files

Scenario 1: “My computer applications run slow lately and it takes longer than usual to start”

If you’re dealing with this scenario, it could mean you have viruses on your computer. We know, it’s so frustrating to see it loading slowly. It is a known fact that one of the malware’s main activity is to slow down your operating system, whenever you’re navigating on the Internet or simply accessing your local applications.

What can you do?

First off, you need to check out for causes and issues and try to understand what is going on.

Here are some of the most common causes that slow down your PC:

  • Your system’s RAM memory is low and might be caused by the number of high apps you’re currently using. Windows Task Manager is a great tool to look for programs which use the most of your RAM memory. Press CTRL+ALT+DELETE simultaneously on your PC, choose Task Manager and will open a list of your current apps you have open;
  • There is no storage space on your hard disk, so you need to check out all your files and documents stored there and do a cleaning;
  • This behavior is particularly happening when you’re browsing the Internet, so you need to check out your browser’s Settings, then clear your browsing data;
  • A fragmented system which means that the storage space is used inefficiently and reduces your PC’s performance;
  • Your Windows OS hasn’t been updated or you’re using outdated drivers.

If you have already thoroughly verified these possible causes and all seems to work just fine, you can start considering a potential malware infection. Use these tips to help you optimize and speed up your Windows operating system.  This article shows 5 ways to keep an eye on those programs accessing your drives.

Scenario 2: “I keep getting annoying ads that are opening randomly or strange messages on my computer’s screen”

Unexpected pop-ups which appear on your screen are a typical sign of a malware infection that wreak havoc on your computer. This form of malware is known as spyware and is designed to collect and steal users’ sensitive data without their knowledge.

In this particular case, the main issue is created not only by the numerous pop-up windows that affect your Internet browsing but also because it is quite difficult to remove them from the system.

These pop-ups are not only frustrating, but they usually come bundled with other concealed malware threats and could be far more destructive for our systems. They could be disguised as legitimate programs and actually track your web browsing data or monitor your online activity to collect passwords and other personal information.

We strongly recommend to NEVER CLICK on a suspicious pop-up!

Source: FastRemoveVirus.com

A good idea would be to try one of these free spyware removal tools to get rid of those annoying pop-ups or strange messages.

Also, to better keep your computer away from malicious threats, make sure you apply these security measures:

  1. Do not click on pop-up windows
  2. Don’t answer unsolicited emails or messages
  3. Be very careful when you are trying to download free applications from various websites

Use this guide that includes useful steps that will make the removal process easier and more effective, as well as your Internet navigation hassle-free.

Scenario 3: “My laptop keeps crashing when I watch Youtube videos or play games. It simply freezes, then a blue screen shows up”

Oh, I know this one. It happened to me with my previous laptop so many times and was quite frustrating. It crashed so many times and got that popular BSOD (Blue Screen of Death). Then it started and “told” me Windows was recovering from an unexpected shutdown.

You are probably familiar with this error too, right?

There might be two things causing this type of issue:

  1. You could be dealing with a technical issue caused by a potential incompatibility between your software and/or hardware
  2. Or it may be a malware issue.

If you suspect any technical problem, it may lead to this:

Are different programs running on your PC that are in conflict? Are there any orphaned registry keys which have not been removed that could eventually crash your system?

Orphaned registry keys are pieces of data information that have been left behind during the process of uninstalling several programs from your computer. They don’t only take up unnecessary space on the PC but can cause a serious issue for its proper functionality.

How to fix this:

Use the Registry Editor (Regedit.exe) that can be opened in the search bar of Windows. From there, you select the run command, but it could be a daunting part of this process because you have to manually remove orphaned keys.

Our recommendation is to run an automated cleaning session using a specialized program like CC Cleaner which is free (Two versions of this tool have been compromised by malicious actors who spread malware inside it, but CCleaner is safe now) and will  automatically scan missed and unused keys while doing a backup of your data before the actual cleaning.

First of all, install the CCleaner program, click the Registry icon (as displayed in the image below), select the items you want to delete, then Scan for issues and a list of potential issues will be generated. After the scanning is done, you can review this list and click on Fix selected issues to solve the outstanding Registry issues. You will be asked to backup changes.

CC Cleaner Program 1024x423 1

  • For malware infection: run a complete scan on the system with a good antivirus product. If you have a dilemma about which antivirus is the best one, we wrote this useful guide on how you can find the right one for your needs. It is also important to rely on another layer of security on top of your antivirus solution to better fight against online threats and proactively block them.

If your programs or system crash constantly or the infamous BSOD (Blue Screen of Death) appears often, it’s a clear warning that your system is not working properly and you should look into it.

There are two things that can cause this issue:

  1. You could be dealing with a technical issue caused by a potential incompatibility between your software and/or hardware
  2. Or it may be a malware issue.

If you suspect a technical issue, multiple software problems may lead to this.

Scenario 4: “ I started getting this popup message <you’re running out of disk space on Windows (C:)”

If you are receiving this warning message, it means that there’s no free space left on a particular partition (in this case, C) on the main hard drive in your computer. More and more users are reporting this issue.

The cause? Here’s what Microsoft has to say about this:

This behavior can occur if the free disk space on your computer has dropped below the low disk space notification threshold associated with the Disk Cleanup utility.

low disk space 1

How do I fix this?

First of all, you need to check if your physical storage space has been increasing lately or if some of your files disappeared or changed their names. Also, make sure, you delete all those old or unnecessary files that can lower your PC’s performance.

This could be another sign of malware infection since there are so many types of malicious programs which use different methods to fill up all the available space in the hard drive and cause it to crash.

Scenario 5: “For quite some time, every time I start my PC, I notice that the Internet traffic suspiciously increases”

If this message was displayed on your computer, chances are there is an unusually high network activity happening on your PC that could lead to a malware infection.

There are cases when the user is not connected to the Internet through his browser, and there is no program that may connect to online servers to download or upload any data, but high network activity can still be observed.

What can I do?

Have you checked for one of the followings:

  • the last Windows update for your computer?
  • is there any program or application that’s downloading any data?
  • is there any update for a certain app running at this moment?
  • is there a large download that you started and forgot about, which may still be running in the background?

If the answer to all these questions is NO, then you should check out where all that traffic is going. Here’s how to do this:

  • Monitor your network and detect hidden threats by using one of these programs: GlassWire, Little Snitch or Wireshark.
  • Check for a malware infection, by using a good antivirus product to fully scan your system.
  • If you suspect your computer has been infected by a dangerous financial malware, we recommend using a specialized security suite designed to address advanced and new online threats.

Scenario 6: “My homepage has changed and I don’t remember doing it myself”

If you spotted this unusual behavior or a new toolbar showing out of nowhere, or you’ve been redirected to a different web address than the one you’ve initially accessed, they could be signs of malware infection.

It usually happens when you visit a website and you accidentally click on a link or a pop-up window. This triggers the unwanted software to download and install on your device. The effects are not only annoying but also malicious, and can compromise your data.

What to do?

Run a complete scan with your security solution (an antivirus or proactive security solution) as soon as possible. Why? Because these type of threats don’t go away easily.


I just learned to easily detect malware infection on my PC.
Click To Tweet


Scenario 7: “My PC is acting weird because I get unusual messages that appear unexpectedly.”

I get this! That’s usually the type of warning message that makes you wonder “What’s going on with my computer?”

Here are some frequent warning signs to watch out!

  • Suddenly you see programs opening and closing automatically
  • your Windows OS is shutting down unexpectedly, without any reason
  • you’ve noticed strange windows when your PC tries to boot
  • Windows tells you that you’ve lost access to some of your drives.

Although the root cause may be a technical issue, it could also be a warning sign that malware has taken over your computer and is slowing down its activity.

CHECK YOUR CYBER SECURITY HABITS
Has your computer suffered a malware infection lately?

How to mitigate the impact of a malware infection?

Follow these steps:

1. Keep your Windows system up to date

2. Scan your computer with an antivirus solution

3. Install a proactive security program to enhance your computer’s protection

4. Consider reinstalling your operating system. This 13-step guide will show you how to secure your PC after a fresh (re)installation.

Scenario 8: “I use an antivirus product and keep getting the message that <Protection is disabled>”

If you noticed your antivirus solution doesn’t seem to work anymore or the Update module is disabled, then you should check out immediately for ways to fix this.

Did you know that some types of malware are sneaky and can disable your security solution?

 Well, yes, they are designed to leave users without any defense and making difficult to detect them. If you already tried to reboot your computer, closed and opened the security solution and all your troubleshooting efforts seemed useless, you could take into consideration the malware infection scenario.

Source: Nod32Helpmax.net

This is especially the case, because it’s a known fact that traditional antivirus solutions can’t easily detect, block or remove next-gen and advanced malware (such as ransomware, adware or financial malware). Thus, you can get exposed to all kind of attacks, and we strongly recommend enhancing your protection by adding multiple layers of protection.

Read these 10 reasons why second-generation  malware evades antivirus detection.

Scenario 9: “My friends tell me they’re getting strange random messages from me on Facebook, which I didn’t send”

If your friends recently got several strange messages/emails or suspicious links from you, and you didn’t send them, it’s likely that you’ve been infected with malware. Here’s a good example of malware spreading via Facebook Messenger and tricking users into clicking on links they’ve received from one of their friends.

But first, check out your online accounts and see if those random messages were actually sent from one of your accounts. If something like this happened, take immediate action by following these security measures:

  • Log out from all your accounts. For most of our online accounts, we log into multiple devices and we often forget to log out. So make sure to log out from your online accounts on all connected devices.
  • Use unique and strong passwords for all your online accounts. Always remember to change passwords for your online accounts! NEVER use the same password(s) for multiple accounts, because if you are hacked, all your accounts will be exposed and lose valuable data stolen. This password security guide will help you master passwords like an expert.
  • Start using two-factor authentication RIGHT NOW. Do you want to increase your control over your accounts’ security? Then add this second security layer that will ask for an extra authentication step in the login process, along with your credentials.

Scenario 10: “There are these new, yet unfamiliar icons on my desktop that I don’t recognize”

If you’ve been noticing unknown and new icons on your PC, you most likely downloaded by accident these sneaky programs called PUPs (Potentially Unwanted Programs). They are malicious programs that can do a lot of damage and expose you to data leakage, displaying annoying ads or pop-ups on the screen, or adding toolbars on your browser.

If you’re infected with PUPs, have a look at this guide showing how to avoid these unwanted programs and remove them from your computer.

Scenario 11: “Sometimes I see unusual error messages displayed on my computer”

An error message like this one could indicate that there’s a bug in your system that needs to be fixed, or it could be a warning sign of malware infection. These types of error messages showing missing or corrupt files folders suggest that your PC has been compromised and its performance is affected, which makes it run slowly.

How to fix this:

Do a full scan of your PC and see if any viruses are detected. Also, make sure you have the latest updates installed on your operating system and regularly check for security patches, applications patches, and drivers.

error messageSource: Microsoft Windows Dev Center

Scenario 12: “It seems that I can’t access my Control Panel by clicking on the button”

If you are facing this issue and your Control Panel does not open, it means that your computer is having a technical problem and is not functioning correctly.

How to fix this?

The first thing to do is run a full scan with your antivirus software. Then, see if you can open Control Panel in Safe Mode and follow these steps described here. It could also be another sign that your computer is vulnerable and exposed to potential cyber attacks. After running a full scan with your antivirus product, use also a proactive security solution to keep your confidential information properly safe.

Source: GeForceForums

Scenario 13: “Everything seems to work perfectly on my PC. Are any chances to be paranoid and still check out for malware?”

When it comes to data protection, it is essential to be a little bit paranoid and very careful, even if everything seems to look normal. Why? Because cybercriminals are creative and they can hide malware in the most unexpected places, leaving no visible marks and still infecting your computer.

Everything may seem to work perfectly normal on your PC until a boot on your system could silently wait for instructions to access and collect your most valuable data.

Scenario 14: “My laptop working very slow and sometimes it gives the <Flash not working> error on the browser”

We received the above message from one of our readers. 

If you get this message too on your laptop or PC, it might be a good idea to disable Flash and try another alternative. Flash has lots of vulnerabilities that we talked about in this article, showing all the security risks users are exposed to. 

Regardless of your browser used, (Firefox, Opera, Chrome) this could be a warning sign that your computer is malware-infected.   

Here are a few useful tips that could come in handy: 

  • Keep your Windows system up to date, and consider reinstall your OS, if this issue persists.  
  • Have a full scan of all your files and apps installed on your PC using an AV solution, to see if it detects any malware 
  • Consider installing a proactive security solution to enhance protection for your computer and keep malware and other online threats at bay.  
  • Also, make sure you reboot your PC if you haven’t performed this task in a while.  
  • Have a look at the Task Manager function and see what programs run in the background that could slow down your PC performance. It helps you get an overview of what apps and program take space and how much.  
  • Make sure you have the latest version of Adobe Flash installed, but if you don’t have it, download it from here and follow the instructions. Remember to restart the computer after this procedure. 
  • If you no longer want to have the Flash Player app on your computer, you can follow these easy steps and uninstall it. 

Scenario 15: “I used an external USB drive and when I connected it to my computer, it was infected by a virus and suddenly all the files turned into shortcuts.”  

Here’s another warning sign showing your computer could be infected with malware. If you used an external USB drive or another external flash drive to copy information without scanning it before, this could explain the appearance of those shortcut files.  

If all your images, files, and other documents show up as shortcut files and are not accessible, they could be infected with malware. These malicious files can compromise all your data from the computer, rename your files and create a lot of chaos and hassle.  

How to fix this? 

If your files have been compromised, here are some useful tips and security measures to take: 

  • Have a full scan of your USB drive and check out for possible viruses and malware. If the antivirus solution doesn’t detect them on your external drive, maybe you should try to format it and clean the space. 
  • Use the Command Prompt (cmd) on a Windows machine, while the USB drive is plug into your device. To access it, go to the Start menu, type in “Cmd”, press “enter”, and you’ll see the “cmd.exe” under a list of programs. Click on it and you will be directed to the Windows command line from where you can recover the virus-infected files and get repair. The process may take a while, but it will clean up your More details can be found here 
  • Make sure you add multiple layers of security and consider using a proactive security solution to strengthen your protection. 

Can you avoid malware infections?

Yes, you definitely can, if you’re paying close attention to these early malware infection signs and prevent them from happening. Make sure your operating system, browsers, and plugins are always up to date, because keeping your software patched can keep online criminals at bay.

Also, here’s a list of recommended articles: to help you better survive a malware infection:

How to Easily Remove Malware from Your PC [Updated]

How to Protect Your PC with Multiple Layers of Security

32 Go-To Security Forums for Free Malware Removal Help

Make sure your network is safe and secure, and always think before you click on something. Also, remember to practice safe browsing and always access trusted online sources to easier prevent potential online threats.

Reminder: Knowledge and long-lasting education are our best weapons to fight against online threats, so it’s vital to learn and educate yourself and others to better understand how malware works on our system, and how we can mitigate its impact.

Thor Foresight makes sure that link is safe!
Your parents and friends will click any suspicious link, so make sure they're protected.
Thor Foresight provides: Automatic and silent software updates Smart protection against malware Compatibility with any traditional antivirus.

SECURE YOUR ONLINE BROWSING!

Get Thor Foresight

The post 13+ Warning Signs that Your Computer is Malware-Infected [Updated 2019] appeared first on Heimdal Security Blog.

Here Are The Most Common Cyber Security Threats That Occur in The Healthcare Sector

Cyber attacks are growing at alarming rates with no signs of slowing down. Actually, a new attack can unfold right now, as we write this article.

What’s worrying is that these types of threats target almost everything and everyone from large and small organizations, to home users,  various industries and sectors.

The worst part is the impact and the damages caused. Recovering after a major cyber attack – whether it’s an organization, institution, or home user – it requires a mix of resources: time, money, qualified people, to get back on track.

The healthcare sector is no exception.

Last year, when the devastating WannaCry ransomware happened, healthcare was among the most affected sectors. The National Health Service (NHS) in England and Scotland was a prime target for cybercriminals with more than 40 NHS medical organizations and practices having their services disrupted.

Recently, the same institution unveiled details about a data breach in which confidential and sensitive data of 150,000 NHS patients have been disclosed. The incident was a result of a coding error by healthcare software supplier TPP.

According to a study from IBM Security, “healthcare organizations had the highest costs associated with data breaches – costing them $408 per lost or stolen record – nearly three times higher than the cross-industry average”.

The  2018 Thales Data Threat Report (Healthcare edition) stated that 77% of healthcare organizations have been breached, with some of the most valuable personal data about their patients and customers being exposed.

These numbers show only a part of the reality, but there’s more to discover. If these statistics and findings didn’t raise your blood pressure, let’s see find out:

Why cybercriminals target the healthcare system

Money isn’t the prime motivator for malicious actors to target patients’ records, and manipulate data in ways that will determine doctors and other medical professionals to provide wrong diagnostics for different diseases.

All the protected healthcare information is valuable and attractive for cybercriminals knowing that these sensitive data is a matter of “life and death” and they can create chaos in institutions.

In many cases, the IT infrastructure used in hospitals and other medical institutions is vulnerable, because most of the medical devices used by doctors and nurses don’t have the latest updates. Cybercriminals take advantage of software vulnerabilities, exploit them and hack hospitals, wreaking havoc.

The human nature is also vulnerable (and untrained) to spot such attacks, which lead to people getting easily lured into clicked on a malicious link or attachment send via email. Key findings from the 2018 Annual Healthcare Cybersecurity Report by Proofpoint pointed out that malicious actors “trick healthcare workers into opening an unsafe attachment, impersonate members of the executive team, instructing staff to wire money or send sensitive information.”

As we all know, in many countries, the healthcare system is viewed as critical and vital for the entire population along with electricity or transportation which makes it even more attractive to cybercriminals.

The growing number of healthcare IoT devices used by medical personnel to diagnose, monitor, and treat complicated disease cases represent another attractive target for malicious actors to exploit. After these devices are installed in a hospital, doctors and nurses don’t focus on the security and privacy aspects, but on its main purpose: to provide a better experience for patients and improve the medical workflow.

While cybersecurity, in general, isn’t a top priority for medical institutions, if all the products used are built to be “secure by default”, there will be less cyber threats to expose and compromise personal information.

Here are the main cybersecurity threats in healthcare

Any type of cyber threats can occur on a small or large scale for the healthcare sector, but what are the most frequent ones? And how can we prevent them from exposing our most valuable data?

Ransomware and advanced malware attacks 

These popular cyber threats remain lucrative for malicious actors which will continue to use it during their campaigns. Malware is a serious issue for all industries, but “ransomware exploded between Q2 and Q4 of 2017, dwarfing all other types of cyber attacks against healthcare companies combined”, said the report from Proofpoint. Also, the WannaCry ransomware is one of the best examples.

According to Verizon’s 2018 Breach Investigations report, 92 percent of malware is still delivered by email. Of all the malware attacks out there, phishing emails will continue to be a persistent threat and “plague the healthcare sector”, say security experts.

There are a few reasons why this will not be going away. One is the evolving nature of the types of emails the hackers are sending, and another is not keeping the [warnings] to employees fresh,

added Susan Lucci, Senior privacy and security consultant.

Cybercriminals will not stop turning their attention to healthcare, but they will evolve their tactics with more sophisticated and targeted attacks to steal and compromise sensitive information.

How to protect yourself:

  • Train your employees about security awareness and teach them how to easily spot phishing emails, so they are not tempted to click on suspicious links or attachments received on the email.
  • Periodically check if your main email address shows up in Have I Been Pwned or Firefox Monitor to find out if your account is part of a data breach.
  • Don’t forget to secure every login on your online accounts with the two-factor authentication system.
  • We put together this actionable guide in which you will find the safety checklist to follow and prevent ransomware attacks.
  • Carefully consider how much personal information you share on social media, and consider revise your privacy settings for each social account.

Insider threats

According to the 2018 Protected Information Data Breach Report by Verizon, healthcare is the only industry in which internal actors represent the biggest risk to an organization. Moreover, key findings show that 58% of all healthcare data breaches and security threats are caused by insiders, people who have access to healthcare resources and important data.

When these individuals perform current medical tasks in a way that negatively affect an organization or institution, a lot of damage is caused: bad image for the organization, loss of patients’ trust, possible lawsuits and others.

How to mitigate them:

  • Educate and train your employees and other persons with access to critical medical resources about the top risks associated with certain behaviors, data protection of patients, or privacy. Focus on improving employees’ cyber resilience and learn them to adopt the mindset of working with security in mind.
  • Teach employees and medical personnel to use browser add-ons and extensions and always keep them enabled on browsers.
  • Rely on technology and implement solutions that allow decision-makers to detect healthcare data breaches quickly or even prevent them.
  • When data breaches are detected, the authorized persons need to respond effectively by initiating an investigation to reduce or limit the impact.

Cryptojacking attacks

These cyber threats have been one of the most popular attacks in 2018, almost surpassing ransomware, and they’re constantly evolving. The healthcare sector is also targeted by crypto jacking attacks, as malicious actors can target a vulnerable website and inject a script. Then, unprotected visitors on that website had their computers enslaved in order to mine cryptocurrency.

Mining software can be also installed on IoT medical devices and networks, and the rule is simple: the longer your computer runs, the more cybercriminals can use it to secretly mine cryptocurrencies.

How to stay safe:

  • Use a reputable antivirus product, coupled with an anti-malware solution that periodically scans your online traffic and blocks infected websites you could access.
  • Scan your system and see if you observe unusual activities at your computer, especially an increase at the CPU usage.
  • On any browser, use an Adblocker that has can stop cryptocurrency-mining scripts. One example is uBlock but you can also use an Adblock extension for your browser.
  • Remember to always keep your systems, networks, and software patched, especially your browser which is the direct target for some malicious actors.

IoT healthcare attacks

IoT continues to evolve and still be a hot topic. The adoption of the Internet-connected medical devices has proven to have great benefits for hospitals focused on improving infrastructure and keeping employees and patients’ data secure.

However, keep in mind that there’s no such thing as 100% secure software, so the medical personnel needs to practice precaution.

New research demonstrated that “hackers can <trick> or induce medical devices into sharing detailed information about the device’s inner workings.” Moreover, malicious actors can target specific devices to get error messages, gather information to customize a potential attack to be tailored to the target device.

Most of the IoT devices and software used in hospitals aren’t checked for updates and existing vulnerabilities are immediately exploited by cybercriminals. And from here we can unfold a scenario in which an upcoming cyber attack happens.

This is why more attention to the safety aspect is required, in order to protect patients’ personal information stored on these devices.

How to protect IoT medical devices:

  • Make sure you check for updates and apply them immediately, to prevent exposing your IoT medical devices to cyber attacks;
  • Remember to always use a secure Internet network and protect this network with a unique and strong password.
  • Medical institutions need to demand from manufacturers that software products are “secure by default” or/and improve devices security.
  • To reduce the impact of these attacks, manufacturers SHOULD take security seriously and work on providing transparency about devices security.
  • Decision-makers need to be aware of the importance of protecting these devices after deployment and put all efforts into keeping patients’ personal data secure.

Healthcare supply chain attacks

The supply-chain attack involves exploiting vulnerabilities in a supply network used by specific organizations. It could be a medical institution, such as a private or public hospital which is targeted by this type of attack.

These attacks happen when cybercriminals intercept a delivery from a supplier and inject malicious code directly into the medical devices delivered, without anyone being aware of the risks. Basically, hackers look for backdoors in the systems of a trusted partner/business that provide software for medical devices.

The worst part is that these products (considered legitimate) from medical devices makers “arrive at the destination” after being injected with malware and can compromise patients personal information.

How to mitigate supply chain attacks

  • To avoid such attacks and ensure the protection of medical records, medical institutions should require all third-parties to have certification (HIPAA) and meet the standards they need to meed and be compliant.
  • Have clear terms and conditions of established business agreements with suppliers and make sure they are fully met.
  • Limit employees access to specific data which is absolutely needed to perform their daily tasks.
  • As the old saying goes, prevention is the best medicine, so it’s for the best to have a crisis management plan in place and use it accordingly.
  • In case of a supply chain attack, ensure employees are trained to follow the company’s policy and procedure and lower the impact of data breaches.

These main cybersecurity threats will challenge healthcare organizations/institutions to find the best defense and protect patients and employees the most valuable data.

It’s worth reminding that the costs of these cyber threats in healthcare are too expensive to be ignored, so organizations need to allocate wisely budget for cybersecurity, educate employees with security in mind, and know the importance of securing health data.

During an interview for DefCamp 2018, Jelena Milosevic, Pediatric nurse and Independent researcher, emphasizes the importance of building a safe and secure environment in healthcare:

“Healthcare without (basic) security is like surgery without sterile instruments / The operation was (technically) a success, but the patient died from sepsis.”

Have you applied any of these security measures? Do you have others we should add? What about the security threats targeting healthcare? What else should we include in the list? Let us know, we’d love to know your thoughts!

The post Here Are The Most Common Cyber Security Threats That Occur in The Healthcare Sector appeared first on Heimdal Security Blog.