Category Archives: data protection

What Is Deep Packet Inspection and How Does It Work?

Also known as DPI, deep packet inspection is a kind of packet filtering that evaluates the data and header of a packet that is transmitted through an inspection unit to weed out any control that is non-compliant; any viruses, spam, or intrusions; and any other defined criteria in order to block that packet from passing through the inspection point.

Deep packet inspection can also be used to redirect a packet to another destination. In other words, deep packet inspection can be used to detect, locate, categorize, reroute, or block any packets that have specific data payloads or code that was not done by conventional packet filtering. This goes beyond examining packet headers.

How Does Deep Packet Inspection Work?

Deep packet inspection is a filter for packets that is applied to Open Systems Interconnection’s application layer. It evaluates the content of a packet that goes through a specific checkpoint. It then uses the rules set up either by the organization, the service provider, or the systems administrator in order to determine what to do with the specific packet in real time.

Unlike other packet inspections that only check the header, deep packet inspection can check the contents of the packet and figure out where it came from. It can then determine what to do with it based on this information.

Deep packet inspection can also work with other applications to redirect network traffic.

Deep Packet Inspection Use Cases

Deep packet inspection can be useful in many ways. It can be used as an intrusion detection layer to help identify attacks that were able to get through the firewall.

For organizations that use laptops, deep packet inspection is an important layer for security in order to block malicious programs from entering the network. It can detect if the laptops are being used for prohibited applications.

Another great use of deep packet inspection for organizations is to identify and prioritize data coming through the network. There can be instances where there is a high volume of traffic within a network. Using DPI, it can identify high-priority messages or data, which will be passed on immediately. This feature is also useful for blocking malicious requests.

And of course, deep packet inspection can be used to prevent data leaks as well, such as from outgoing mail. It can inspect not only data coming into the network but also those leaving. By using particular rules, administrators can stop sensitive data from being transmitted out of the network.

Deep Packet Inspection Techniques

There are several techniques that an organization can use regarding deep packet inspection. These include:

  • Pattern and signature matching. It can analyze a packet using a database of known network attacks.
  • IPS Solutions. They can block detected attacks and unwanted data.
  • Protocol anomalies. Default deny can be used, where protocol definitions determine which content should be allowed through.

Challenges With Deep Packet Inspection

No technology is perfect. Although deep packet inspection has many benefits, it also carries a few challenges.

For one, while it can detect and prevent denial-of-service attacks and other similar situations, it can actually be used to carry out the same types of attacks as well.

Depending on the circumstances, deep packet inspection can actually make maintaining firewalls and other security layers of the network a bit more complicated due to the need to continuously revise and update policies for efficient use.

And since deep packet inspection dedicates resources to the firewall, it can slow down the entire network.

Also Read,

Overview of Network Security Vulnerability Assessment

Discussing Different Aspects of Next-Level Network Security

DOS Attacks and Free DOS Attacking Tools

The post What Is Deep Packet Inspection and How Does It Work? appeared first on .

Difference Between Data at Rest and Data in Transit

When data is actively moving from one location to another either via the internet or a private network, this is known as data in transit, or data in motion. At this state, data is considered to be less secure since it is not within your network. As such, data protection for transit is important to safeguard the data while it is moving from your storage to the cloud, for example.

Data at rest is the exact opposite of data in transit. This is data that is not actively moving and is safely stored somewhere such as a flash drive, laptop, hard drive, etc. Data protection at rest is designed to protect this data. While considered safer, it is still a high-value target for hackers and other people with malicious intent, so it is important to have proper safety measures in place.

Overall, the risk profile of data in transit and data at rest is dependent on what types of security measures are in place. Either way, it is imperative for enterprises and organizations to protect data whether it is at rest or in transit to avoid sensitive information falling into the wrong hands.

What Encryption Does for Data in Transit and Data at Rest

Data in transit and data at rest are both at risk from hackers and malicious programs, so they require protection in both states. There are several ways to protect the data, and encryption plays a major role. It is a popular tool used for data protection and for good reason, as it gets results. It is common practice to encrypt data before it is sent out, so the contents are protected. This can also be done for data at rest as well.

Best Practices

Whether in transit or at rest, if data is left unprotected, this will leave the organization at risk of an attack. There are available data protection systems and solutions to protect data at endpoints and networks.

In addition to encryption, here are other ways you can protect both data in transit and data at rest.

  • Create robust network security controls in order to help data in transit, such as firewalls that help secure networks used to transmit data.
  • Rely more on proactive security than a reactive one.
  • Make use of data protection solutions that have policies that enable user blocking, prompting, and automatic encryption for data in transit sent through email networks or moved from one storage to another.
  • Categorize and classify all types of data in the company. This helps ensure that the appropriate data protection systems and solutions are used on the right files.

When utilizing cloud storage services, it is important to evaluate the vendor to ensure that your data is protected and safe.

Data in transit, when compared to data at rest, may have different risk profiles, but that depends on t he sensitivity of the data and its value. They may then become primary targets of attackers and hackers. This is why a proactive approach to digital security is important to ensure your data’s security.

Also Read,

How to protect your sensitive data

Seven Steps to Data Loss Prevention

Common Sense Ways Of Handling Data, Digital Or Not

The post Difference Between Data at Rest and Data in Transit appeared first on .

Boost Your Bluetooth Security: 3 Tips to Prevent KNOB Attacks

Many of us use Bluetooth technology for its convenience and sharing capabilities. Whether you’re using wireless headphones or quickly Airdropping photos to your friend, Bluetooth has a variety of benefits that users take advantage of every day. But like many other technologies, Bluetooth isn’t immune to cyberattacks. According to Ars Technica, researchers have recently discovered a weakness in the Bluetooth wireless standard that could allow attackers to intercept device keystrokes, contact lists, and other sensitive data sent from billions of devices.

The Key Negotiation of Bluetooth attack, or “KNOB” for short, exploits this weakness by forcing two or more devices to choose an encryption key just a single byte in length before establishing a Bluetooth connection, allowing attackers within radio range to quickly crack the key and access users’ data. From there, hackers can use the cracked key to decrypt data passed between devices, including keystrokes from messages, address books uploaded from a smartphone to a car dashboard, and photos.

What makes KNOB so stealthy? For starters, the attack doesn’t require a hacker to have any previously shared secret material or to observe the pairing process of the targeted devices. Additionally, the exploit keeps itself hidden from Bluetooth apps and the operating systems they run on, making it very difficult to spot the attack.

While the Bluetooth Special Interest Group (the body that oversees the wireless standard) has not yet provided a fix, there are still several ways users can protect themselves from this threat. Follow these tips to help keep your Bluetooth-compatible devices secure:

  • Adjust your Bluetooth settings. To avoid this attack altogether, turn off Bluetooth in your device settings.
  • Beware of what you share. Make it a habit to not share sensitive, personal information over Bluetooth.
  • Turn on automatic updates. A handful of companies, including Microsoft, Apple, and Google, have released patches to mitigate this vulnerability. To ensure that you have the latest security patches for vulnerabilities such as this, turn on automatic updates in your device settings.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Boost Your Bluetooth Security: 3 Tips to Prevent KNOB Attacks appeared first on McAfee Blogs.

Lessons learned from Public Services Card

Today the DPC provided its 170 page long awaited findings into the validity of the Public Services Card (PSC) to the Department of Social Protection leading to calls for the Minister to resign – so how badly did the Irish Government violate our data protection rights?

Initial concerns were raised about the card some years ago as it was allowing the sharing of personal data between all government departments without the consent of the individual. The card was originally designed to combat welfare fraud and was to assist in identifying individuals in receipt of social welfare benefits but subsequent scope creep resulted in the use of the card and the data base of now 3.2 million users being shared with other government departments and the information being used for a number of completely different data processing purposes. Each data processing activity needs its own legal basis for processing, and this was lacking for the card.

The key findings we can learn from:

1. Transparency

Once again, one of the key findings we are getting from an investigation by a data protection authority is the lack of transparency – the fundamental pillar on which the GDPR is built. The investigation found the information being provided to people around the processing of their personal data was lacking, highlighting the importance of having a clear, concise, easy to read privacy notice.

2. Legality of data processing

The second takeaway relates to the legality of the data processing – it was upheld that there was only one legal basis available for the processing of data and that relates to the payment of social welfare payment and other benefits. This essentially means that the other much touted uses of the card, including first time passport applications and the driver theory test were essentially illegally processing personal data. The investigation concluded that the legislation which underpinned the card did not provide a legal basis for public service bodies to demand the card.

Another salient finding, there was little evidence that the impact of changes to the uses of the card over time had been considered by the department, in terms of the impact on a data subject’s rights. This indicated a lack of a data protection approach from the department.

3. Retention of data

And finally, there is the sticky topic of retention and the department’s inability to destroy data when it was no longer required. The department has been ordered by the DPC to delete all data held on the 3.2million citizens who applied for the card. The rule being if you have validated the identity, you no longer need the supporting documentation. This is a lesson all businesses can take note of, especially in our HR documents where we tend to hold a large amount of sensitive personal data.

So, what can we all take from this:

  1. Develop a clear, concise privacy notice to provide to all your service users detailing the purposes of processing, your legal basis and your retention policies.
  2. Be aware of the impact of any change in the processing of personal data within your business. Consider if a Data Protection Impact Assessment (DPIA) is required or indeed, if a previous DPIA should be revised in the event of a change in how you process personal data.
  3. Having a retention policy is not enough; you also need to implement it by deleting and destroying the data – so get the shredder serviced and start securely destroying data you no longer need. Stop being a personal data hoarder!

The post Lessons learned from Public Services Card appeared first on BH Consulting.

The Cerberus Banking Trojan: 3 Tips to Secure Your Financial Data

A new banking trojan has emerged and is going after users’ Android devices. Dubbed Cerberus, this remote access trojan allows a distant attacker to take over an infected Android device, giving the attacker the ability to conduct overlay attacks, gain SMS control, and harvest the victim’s contact list. What’s more, the author of the Cerberus malware has decided to rent out the banking trojan to other cybercriminals as a means to spread these attacks.

According to The Hacker News, the author claims that this malware was completely written from scratch and doesn’t reuse code from other existing banking trojans. Researchers who analyzed a sample of the Cerberus trojan found that it has a pretty common list of features including the ability to take screenshots, hijacking SMS messages, stealing contact lists, stealing account credentials, and more.

When an Android device becomes infected with the Cerberus trojan, the malware hides its icon from the application drawer. Then, it disguises itself as Flash Player Service to gain accessibility permission. If permission is granted, Cerberus will automatically register the compromised device to its command-and-control server, allowing the attacker to control the device remotely. To steal a victim’s credit card number or banking information, Cerberus launches remote screen overlay attacks. This type of attack displays an overlay on top of legitimate mobile banking apps and tricks users into entering their credentials onto a fake login screen. What’s more, Cerberus has already developed overlay attacks for a total of 30 unique targets and banking apps.

So, what can Android users do to secure their devices from the Cerberus banking trojan? Check out the following tips to help keep your financial data safe:

  • Be careful what you download.Cerberus malware relies on social engineering tactics to make its way onto a victim’s device. Therefore, think twice about what you download or even plug into your device.
  • Click with caution.Only click on links from trusted sources. If you receive an email or text message from an unknown sender asking you to click on a suspicious link, stay cautious and avoid interacting with the message altogether.
  • Use comprehensive security. Whether you’re using a mobile banking app on your phone or browsing the internet on your desktop, it’s important to safeguard all of your devices with an extra layer of security. Use robust security software like McAfee Total Protection so you can connect with confidence.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post The Cerberus Banking Trojan: 3 Tips to Secure Your Financial Data appeared first on McAfee Blogs.

Myki data release breached privacy laws and revealed travel histories, including of Victorian MP

Researchers able to identify MP Anthony Carbines’s travel history using tweets and Public Transport Victoria dataset

The three-year travel history of a Victorian politician was able to be identified after the state government released the supposedly “de-identified” data of more than 15m myki public transport users in a breach of privacy laws.

In July 2018, Public Transport Victoria (now the Department of Transport) released a dataset containing 1.8bn travel records for 15.1m myki public transport users for the period between June 2015 and June 2018.

Related: Major breach found in biometrics system used by banks, UK police and defence firms

See you about 05.24AM tomorrow at Rosanna to catch the first train to town. Well done all. Thanks for hanging in there. Massive construction effort. Single track gone. Two level crossings gone. The trains! The trains! The trains are coming! pic.twitter.com/kk2Cj3ey9T

Continue reading...

Major breach found in biometrics system used by banks, UK police and defence firms

Fingerprints, facial recognition and other personal information from Biostar 2 discovered on publicly accessible database

The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks.

Suprema is the security company responsible for the web-based Biostar 2 biometrics lock system that allows centralised control for access to secure facilities like warehouses or office buildings. Biostar 2 uses fingerprints and facial recognition as part of its means of identifying people attempting to gain access to buildings.

Related: The Great Hack: the film that goes behind the scenes of the Facebook data scandal

Related: Chinese cyberhackers 'blurring line between state power and crime'

Continue reading...

Dorms, Degrees, and Data Security: Prepare Your Devices for Back to School Season

With summer coming to a close, it’s almost time for back to school! Back to school season is an exciting time for students, especially college students, as they take their first steps towards independence and embark on journeys that will shape the rest of their lives. As students across the country prepare to start or return to college, we here at McAfee have revealed new findings indicating that many are not proactively protecting their academic data. Here are the key takeaways from our survey of 1,000 Americans, ages 18-25, who attend or have attended college:

Education Needs to Go Beyond the Normal Curriculum

While many students are focused on classes like biology and business management, very few get the proper exposure to cybersecurity knowledge. 80% of students have been affected by a cyberattack or know a friend or family member who has been affected. However, 43% claim that they don’t think they will ever be a victim of a cybercrime in the future.

Educational institutions are very careful to promote physical safety, but what about cyber safety? It turns out only 36% of American students claim that they have learned how to keep personal information safe through school resources. According to 42% of our respondents, they learn the most about cybersecurity from the news. To help improve cybersecurity education in colleges and universities, these institutions should take a certain level of responsibility when it comes to training students on how they can help keep their precious academic data safe from cybercriminals.

Take Notes on Device Security

Believe it or not, many students fail to secure all of their devices, opening them up to even more vulnerabilities. While half of students have security software installed on their personal computers, this isn’t the case for their tablets or smartphones. Only 37% of students surveyed have smartphone protection, and only 13% have tablet protection. What’s more, about one in five (21%) students don’t use any cybersecurity products at all.

Class Dismissed: Cyberattacks Targeting Education Are on the Rise

According to data from McAfee Labs, cyberattacks targeting education in Q1 2019 have increased by 50% from Q4 2018. The combination of many students being uneducated in proper cybersecurity hygiene and the vast array of shared networks that these students are simultaneously logged onto gives cybercriminals plenty of opportunities to exploit when it comes to targeting universities. Some of the attacks utilized include account hijacking and malware, which made up more than 70% of attacks on these institutions from January to May of 2019. And even though these attacks are on the rise, 90% of American students still use public Wi-Fi and only 18% use a VPN to protect their devices.

Become a Cybersecurity Scholar

In order to go into this school year with confidence, students should remember these security tips:

  • Never reuse passwords. Use a unique password for each one of your accounts, even if it’s for an account that doesn’t hold a lot of personal information. You can also use a password manager so you don’t have to worry about remembering various logins.
  • Always set privacy and security settings. Anyone with access to the internet can view your social media if it’s public. Protect your identity by turning your profiles to private so you can control who can follow you. You should also take the time to understand the various security and privacy settings to see which work best for your lifestyle.
  • Use the cloud with caution. If you plan on storing your documents in the cloud, be sure to set up an additional layer of access security. One way of doing this is through two-factor authentication.
  • Always connect with caution. If you need to conduct transactions on a public Wi-Fi connection, use a virtual private network (VPN) to keep your connection secure.
  • Discuss cyber safety often. It’s just as important for families to discuss cyber safety as it is for them to discuss privacy on social media. Talk to your family about ways to identify phishing scams, what to do if you may have been involved in a data breach, and invest in security software that scans for malware and untrusted sites.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Dorms, Degrees, and Data Security: Prepare Your Devices for Back to School Season appeared first on McAfee Blogs.

23M CafePress Accounts Compromised: Here’s How You Can Stay Secure

You’ve probably heard of CafePress, a custom T-shirt and merchandise company allowing users to create their own unique apparel and gifts. With a plethora of users looking to make their own creative swag, it’s no surprise that the company was recently targeted in a cybercriminal ploy. According to Forbes, CafePress experienced a data breach back in February that exposed over 23 million records including unique email addresses, names, physical addresses, phone numbers, and passwords.

How exactly did this breach occur? While this information is still a bit unclear, security researcher Jim Scott stated that approximately half of the breached passwords had been exposed through gaps in an encryption method called base64 SHA1. As a result, the breach database service HaveIBeenPwned sent out an email notification to those affected letting them know that their information had been compromised. According to Engadget, about 77% of the email addresses in the breach have shown up in previous breach alerts on HaveIBeenPwned.

Scott stated that those who used CafePress through third-party applications like Facebook or Amazon did not have their passwords compromised. And even though third-party platform users are safe from this breach, this isn’t always the case. With data breaches becoming more common, it’s important for users to protect their information as best as they can. Check out the following tips to help users defend their data:

  • Check to see if you’ve been affected. If you know you’ve made purchases through CafePress recently, use this tool to check if you could have been potentially affected.
  • Place a fraud alert. If you suspect that your data might have been compromised, place a fraud alert on your credit. This not only ensures that any new or recent requests undergo scrutiny, but also allows you to have extra copies of your credit report so you can check for suspicious activity.
  • Consider using identity theft protection. A solution like McAfee Identify Theft Protection will help you to monitor your accounts and alert you of any suspicious activity.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post 23M CafePress Accounts Compromised: Here’s How You Can Stay Secure appeared first on McAfee Blogs.

How to Get on the Dark Web: A Step-by-Step Guide

Dark web, deep web, clear web – just words or more? Well, in seeing just how many of you are interested in hearing all about the dark wonders of the internet, I’ve decided to make this small dark web guide. So, if you want to learn all about Tor Onion, Silk Road, secret, hush-hush Governmental ops, and how to get on the dark web, of course, you came to the right place. Welcome to the shadows, my friends! I will be your guide.

WTH is the dark web anyway?

Now, before we dig into it, we’ll need to stage a little show-and-tell about the differences between the deep web, dark web, and clear net. I’ll start with the later because writer’s privilege. So, the clear web is the very first and very visible layer of the Internet. Basically, it’s what we see when we do a Google or Bing search for things like cat videos or popular YouTube songs.

From a technical standpoint, clear web defines the content that it’s indexed, crawled, and displayed by the various search engines. Unfortunately, the clear web accounts for approximately 4 percent of the Internet. So, if the clear web is only a very tiny portion of the Internet, what happened to the rest?

Thor Foresight makes sure that link is safe!
Your parents and friends will click any suspicious link, so make sure they're protected.
Thor Foresight Home anti malware and ransomware protection heimdal security
Thor Foresight provides: Automatic and silent software updates Smart protection against malware Compatibility with any traditional antivirus.

SECURE YOUR ONLINE BROWSING!

Get Thor Foresight

Deep web vs. dark web

Welcome to the deep web, the part of the Internet that’s not indexed by search engines. There’s nothing spooky about the deep web; it contains stuff like scientific white papers, medical records, tax-related info, PayPal subscriptions, army communique, and much more. Although the deep web’s hiding behind HTTPS forms, its contents can be accessed if you know what you’re looking for.

Most of the websites hosted on the dark web can be access on a credential basis. For instance, if your health provider has a website capable of displaying bloodwork tests online, that particular section will be hosted on the deep web – it will not be indexed by Google or Bing and can only be accessed via password.

Oh, nearly forgot to mention that the deep web accounts for about 90 percent of all Internet.

That’s about it about the clear web and the deep web.

Remember: Clear, Deep, and Dark.

What’s the dark web then? Well, if the clear web is Google’s BFF and the deep web, its secret lover, then the dark web can only be the evil twin or the oddball.

Accounting for 6 percent of the Internet, the dark web is a most peculiar blend – on the one hand, it’s a cesspool, a rendezvous place for drug dealers, black hat hackers, hitmen, and human traffickers. On the other hand, due to its covert nature (I’ll get to that in a sec), this Internet fold acts like a liaison between  political outcasts and people the free world. It’s also used by people who want to submit anonymous tips (whistleblowers).

The dark web is favored by both groups because of its ability to render anyone and anything invisible. Privacy and anonymity are what you might consider the core values of the darknet. There’s no such thing as a mother-server that hosts the entire dark web, but rather a swarm of servers and nodes that can only be accessed through onion-type links. So, what are those?

More on Tor Onions

Since everything’s decentralized on the dark web, there are no crawlers to bring together the information. Even the URLs, if we can call them that, are infinitely different from what we’re used to.

For instance, if you want to access a site like YouTube, all you need to do is to write the URL in the address bar (i.e. https://youtube.com) or search for the website using google.com. Now, on the dark web, you’ll have to know the URL right to the last decimal and character to access it. All dark web addresses contain seemingly random strings comprised of numbers and letters, followed by a .onion extension.

Again, we shouldn’t lose sight of the fact that the dark web’s the place where the bulk of criminal activities take place. Everything little sordid detail you heard over the news about the dark web is painfully true.

This is the place where hackers come to purchase data stolen from users or companies or offer their services in exchange for Bitcoins or other forms of cryptocurrency. More than that, if you dare to dig deep enough, you can uncover other hair-raising activities such as human trafficking, child pornography, torture, or murder on demand.

Charming little spot, isn’t it? Well, that’s where we’re heading. Now, before you can access the dark web, there a couple of things you must do, security-wise. Ready? Set? Go!

Preparing to set sail

Source: WikiHow

#1. Install a VPN

VPNs are a must when you’re attempting to access the dark web. Why? Because of the long arm of the law, of course. Technically, you are free to surf on this Internet layer, provided that you don’t engage in any illegal activities. However, a recent ruling by the US Supreme Court deemed that even casually browsing the darknet can get you in a lot of hot water.

This means that if the authorities would intercept your darknet connection request, they would have had enough reason to search your house and confiscate the machine used for browsing. So, do yourself a favor and download a VPN before messing about on the dark web. Need a hand picking one? Check out this article written by one of my colleagues to narrow down your search.

#2. Install an adequate browser

The first rule of the dark web – never, ever use your default browser to search for stuff on the darknet. Popular browsers like Chrome, Opera, or Firefox have tracking technologies that make you very visible on the authorities’ radar. So, if you’re still willing to do this, I would recommend you download Tor, which is, by far, the safest and easy-to-use onion browser.

Of course, there are others who would argue that Tor being made by the military for covert communication makes it unreliable, privacy-wise since it’s believed to be watched. I wouldn’t take that one for granted, but, then again, there’s no smoke without fire. It’s all up to you.

Of Tor, VPNs and other demons

Anyway, going back to Tor – why use this particular browser over a regular one? Well, that’s a rather long story, but worth telling nonetheless. As you know, a regular browser mediates between the user’s search request and the site about to be accessed. Normally, your query will go through the ISP’s DNS, which in turn consults other resources to help you get the answer you were looking for.

Now, with Tor, the search request kind of bounces around multiple Tor relays before completing your search request. You’re probably wondering about what the heck are Tor relays. Well, what we call the clear web is, in fact, a conglomerate of servers, which are managed either by companies or on volunteer-basis.

The same principle applies more or less to what we call the dark web. Since it’s the dark side of the Internet we’re dealing with here, secrecy and untraceability become inherent. Thus, the info’s stored on Tor relays which are managed by volunteers.

So, what happens when you want to access a dark web onion? First of all, if you followed my advice and installed a VPN, the tunneling signal will be encrypted. This means that your ISP won’t have a clue about what you’re about to search for. Sure, it can still see that you want to access a Tor node, but other than it’s blinder than a mole.

From there, it will be redirected to another node and then another one. Why does it do that? For anonymity reasons, of course; no breadcrumbs means that there’s no way for someone to trace the signal back to you.

VPN Only? Unlikely.

Congrats! You just took the first steps of your dark web journey. Still, there are a couple of more precautions you must take before you can pop open Pandora’s box of dark Internet wonders. Getting back to Tor and VPN.  There’s no broad consensus on dark web safety.

However, everyone tends to agree that using only Tor is not enough. The two of them (Tor and VPN) work in tandem and, as it happens, there are several ways of tunneling your way all the way through the dark web using this dynamic duo. Here’s what you need to know.

Method I – Tor over VPN

Sounds very techie, doesn’t it? Well, it’s really not that complicated – using the Tor over VPN method means connecting to a VPN service before using the Tor browser. Have to say that this is the most popular and safest method to access onion links, and, on my part, a marriage made in Heaven: Tor’s an excellent ‘anonymizer’, while VPN safeguards your privacy.

When using this method, Tor will encrypt your request, which will pass through your ISP unhindered. From there, it will go through a VPN server which conceals your IP and wipes geo-locations tags and other elements your Government or ISP might use to track the request.

Next step – your request will be transferred to Tor entry nod which in turn transfers to one or more Tor relays. From there, it gets slingshot to several Tor exit nodes. Afterwards,  your request will be matched with the appropriate website. Tricky, but effective; that’s why it’s, by far, the best method to access dark web content.

Source: NordVPN

Pros of using Tor over VPN:
  • Session logs are not stored (metadata, IP address).
  • Traffic’s completely encrypted.
Con(s):
  • Doesn’t offer protection against malicious Tor exit nodes.

Method II – VPN over Tor

Not very safe, but it’s still useable. Recall how Tor oven VPN works? Well, VPN over Tor is basically its opposite – instead of going through the VPN first, the signal passes through the Tor network, before going through the VPN. Why is this method so unpopular? Because it’s not as safe as Tor over VPN.

If the signal goes through the Tor network first, your ISP will be able to see that you are attempting to connect to a Tor node. Though no one should bat an eye just because you’re attempting to access the dark web, keep in mind that in some countries, like the United States, even a simple foray can get you in trouble.

Pro(s) of using VPN over Tor:
  • Great if you trust your ISP, but not the VPN provider.
  • Can bypass blocked Tor nodes.
Con(s):
  • ISP can see you trying to access onion content.
  • Susceptible to end-to-end timing attacks.

Now, if you want to see what lurks in the dark corners of the Internet but don’t really trust Tor, there are alternatives. Here is a couple of them:

  1. I2P – great privacy protection and can access hidden onion links.
  2. Matrix.org – an open-source project just like Tor. Great for IoT data transfers, chats, and WebRTC signaling.
  3. Orbot – basically a Tor for Android.
  4. Globus Secure Browser – paid Tor alternative. VPN-powered. Allows the users to select preferred geolocation. If you want to take it for a spin, Globus features a five-day trial period.
  5. Comodo Ice Dragon – Firefox offspin. Employs multiple malware safeguards. Open-source project.
  6. FreeNet – open-source project. Sports the Darknet and OpenNet anonymous browsing technologies.

#3. Install a VM or disposable OS

I strongly recommend surfing on the dark web using virtual machine software instead of your locally installed Windows. Why? Because it’s easier to contain malware in a virtual environment, which can be fully controlled.

It’s like in those movies where the doctors are experimenting on deadly viral strains from behind the safety of a glass enclosure. And, as it happens, there are plenty of VMs to choose from:  Oracle VM Virtualbox, VMware Fusion and Workstations, QEMU, Red Hat Virtualization, Microsoft Hyper-V, Citrix XenServer, and Xen Project, just to name a few.

Now, if you really want to take the physical storage devices out of the equation, you can use what I like to call a disposable operating system – easy to deploy and to get rid of if you by chance you run into any trouble. All you’ll need is an 8GB thumb drive, an installation package, and a couple of minutes to get things up and running.

Let’s dig in.

How to install Tails OS

Source: TechSpot

Step 1. Get yourself a thumb drive; 8GB will do, but you can buy one with more space if you plan on using it for anything else. Nothing will happen to the stick (probably).

Step 2. Hop on the web and download the installation package for Tails OS.

Note: Tails is a Linux-based live operating system which can be booted from a USB stick or DVD. I recommend using a stick since DVDs have a read-only function after you’re done burning well and accessing the dark web required a bit of writing.

Chill, because nobody will ever find a record of you ever fiddling around the darknet. Note that Tails’ installation package is the .img format, which means that you’ll need software capable of burning images on your thumb drive.

My recommendation is Universal USB Installer, which is very intuitive. You can also go along with Rufus. The choice is yours. For this tutorial, I’ve used Universal.

Step 3. Insert the stick and do a quick format. Be sure to use FAT32 to root out any compatibility issues. Shouldn’t take longer than a few seconds.

Step 4. Download and install Universal USB Installer or Rufus.

Step 5. Fire up Universal USB or Rufus.

Step 6. Under “Step 1: Select a Linux Distribution from the dropdown to put on your USB” select Tails.

Step 7. Under “Step 2: Select your ubuntu*desktop*.iso”, click on the browse button and select the downloaded Tails .img file.

Step 8. Under “Step 3: Select your USB Flash Drive Letter Only”, use the dropdown box to select your thumb drive’s letter. If it doesn’t show up, check the “now showing all drives” option.

Step 9. Review the info and hit Create when you’re done.

Note that the process can take anywhere from 5 to 30 minutes depending on your machine. Sit back, relax, and wait until the installation’s done. When you’re ready, hit the Close button and you’re all set.

Now what? Well, now it’s time to fire up Tails and do a little bit of tinkering.

How to boot from USB and configure Tails

Bogged about your first boot? No worries. It always hurts the first time. Just follow these steps.

  1. Keep the thumb drive in the USB.
  2. Restart your computer.
  3. After the splash screen appears, press the appropriate Boot Menu key. If you’re tired of randomly pressing keys each time you perform this action, check out this article on hotkeys for the boot menu.
  4. Use your keyboard to select the corresponding drive letter. When you’re done, hit Enter.
  5. Wait for Tails OS to boot. Since this is the first time, it may take a while. Just be patient.
  6. Configure Tails and deploy Tor + VPN. Yes, the latest version of The Onion Router has an in-built VPN.
  7. Get ready to discover the dark and sometimes creepy wonders of the dark web.

So how do you get on the dark web?

All done installing and configuring Tor? Great! Fire it up and let’s surf. At first glance, Tor doesn’t look that different from your regular browser – it has a search bar, lots of quick-launch icons, the peeled onion icon smack in the middle of the screen. So, now what? Well, let’s start small.

Although content on the dark web is not as ‘indexed’ compared to the one on the clear web, you can still use search engines to find stuff. The Hidden Wiki and Grams are the heavyweights here.

Yay, now I found everything my heart longs for. Not quite: since the dark web relies on privacy and anonymity, search engines like the Wiki and Grams frequently return false results. No matter – good or not, the Hidden Wiki is a great place to start exploring.

The Hidden Wiki & Co.

Think of the Hidden Wiki as Wikipedia’s evil twin – looks more or less the same, but contains links to various dark web categories: editor’s picks, volunteer, introduction points, financial services, commercial services, email\messaging, drugs (yes, it’s the real deal), blogs & essays, hosting providers, hacking services, darknet radio (nothing shady about that; just some weird electronic tunes and, occasionally, a bit of jazz), literature (mostly resources on hacking, both ethical and black hat).

You can also find quick links here to the stuff that makes the dark web pitch-black dark: contract killers, rape, torture, or murder on demand, child pornography.

Fortunately, in Hidden Wiki, every website is followed by a brief description so that the user knows what to expect (or not). My advice to you would be to stick with the editor’s pick. You can also take a look at the blogs & essays section if you want to find some nifty coding resources.

If you’re feeling chatty, you can always access a chat room. Services like Random Chat connects you with random people using the same service. What happens after that, it’s all to you.

You should stay away from everything labeled “porn”, “card skimming services”, “PayPal hacks”, “firearms”, “real fake IDs and passports”. Believe me – there plenty to go around and each and every one of them are being kept under surveillance, not to mention the fact that you’ll get exposed to some stuff that will definitely make you take several cold showers.

Hidden Wiki’s not the only search engine online. Here are a couple of alternatives in case you get bored with Wiki.

  • DuckDuckGo – also available on the clear web. The best thing about DuckDuckGo is that it doesn’t track your searches. One can say that it’s the Google of the dark web.
  • Torch – considered the first dark web search engine, Torch boasts a database of several million onions links. Works just like Yelp. It even comes with recommendations, although most of them append websites like the infamous Silk Road.
  • WWW Virtual Library – if Torch and Hidden Wiki are old, the triple-W Virtual Library is Cthulhu-old; as in the elder god of search engines. What’s even better is the fact the WWW Virtual Library contains info dating back to the beginning of the Internet: logs, documents, pictures, and everything in between.

Fun fact: The Virtual Library was founded and, for a very long time, curated by none other than Tim Berners-Lee, the George Washington of the Internet. So, if you’re looking for obscure Internet facts, very old documents, Berners-Lee’s brainchild is the way to go.

  • Uncensored Hidden Wiki – think regular Hidden Wiki is bad? Wait till you see the uncensored version. As the name suggests, it emphasizes very illegal activities like human trafficking, drugs, pornography went wrong, and other things that fester in the dark corners of the human mind.
  • ParaZite – do you know the “want to get Lucky?” button in Google’s search engine? The one that takes you on a random clear web site? Well, ParaZite does the same thing. Sure, you can use it like any run-of-the-mill search engine, but if you’re feeling curious, you can also try the “feeling (un)lucky” feature. Proceed with caution and prepare to eject and torch the thumb drive.

Commercial Services

Believe it or not, the dark web even has online shops. And no, they don’t all sell drugs or firearms. Some of them are, reportedly, legit and have great bargains. For instance, if you want to buy a laptop or a smartphone, you can try your luck in one of these shops. Of course, all transactions are anonymous and Bitcoin-driven. Sure, you can use other cryptocurrencies if Bitcoin’s not your cup of tea.

The major issue with these websites is that a whopping 50 percent are fake, and there’s no way of telling for sure if they’ll deliver or not. By the way, most have shipping services.

Of course, you can’t use your home address for dark web drop-offs, but apparently, they can ship all over the world, minus some Middle Eastern countries and North Korea. To tell you the truth, I was tempted into purchasing a Samsung Galaxy S10 Plus; it was only 250 bucks. My advice: look, but don’t touch (buy).

Here are a couple of commercial services you can check out while you’re browsing the dark web:

  • CStore – any kind of electronics. You can make the purchases in cryptocurrency or gift cards. They even accept full escrow.
  • Apple Palace – everything Apple: laptops, desktops, phones, and accessories. All at ludicrously low prices.
  • EuroGuns – the name says it all: guns sold on the European market. The website even boasts that it’s the number one European arms dealer.
  • Kamagra for Bitcoins – if your boomstick ain’t working no more, you can try Kamagra, which is the dark web and cheap version of Viagra.
  • Gold & Diamonds – site offers ‘real’ diamonds and gold. (Un)fortunately, it only ships to Germany and the United States.
  • PirateSec – legit hackers, at your service!
  • Fake Passports – I think it’s self-explanatory.
  • SOL’s United States Citizenship – sells American citizenships; go figure.
  • Digital Gangster – the most gangsta way to hack someone’s computer. Apparently, these are Ronin hackers who can be hired for exploits, web hacking, password retrieval, and all-purpose espionage.
  • Onion Identity Services – summer discounts for IDs and passports. Bitcoins only.

Email clients

Always remember that the dark web is a people-centric community. So, it’s only natural to find ways to keep in touch with your darknet buddies and\or customers. There are several email and IM services which you can use, and it’s highly recommended to pick one if you want to step up your dark web game.

In terms of functionality, I don’t think there are too many differences between regular IMAP, POP3, and SMT services and the stuff you can use to communicate on the dark web. Let’s start with the email clients.

  • secMail – full-fledged email service. Pretty simplistic in design: you can compose, send, and receive emails. All the great things about an email client, minus the tracking, eavesdropping, and other privacy issues.
  • Lelantos- pay-to-use email service. Great security and privacy features, but it has one of the most unreliable and sidetrackable registration forms. Proceed at your own risk.
  • Bitmail.la – another pay-to-use email client. Has many features like IMAP, SMTP, and POP3 support, and a 500MB mailbox. Apparently, a lifetime membership costs $0.60.
  • Mail2Tor- a free email service which, reportedly, works on both dark and clear web.
  • Guerilla Mail – creates a disposable email address.
  • AnonInbox – pay-to-use email client. Supports IMAP, SMTP, and POP3; charges around 0.1 BTC per year.
  • Protonmail – has both paid and free subscriptions. Boasts the browser-encrypted email technology.

Chat\Social Media

Right. Let’s now talk about social media and instant messaging. Believe it or not, Zuckerberg’s Facebook has a darknet version. It’s mostly used for covert communication, anonymous tips submission, and stuff like that.

Sure, it’s not as secure as the clear web version, but it’s there and totally legal to use. Hidden Facebook is hardly the only social media client on the dark web. Check out the list below for the ‘hottest’ dark web clients.

  • BlackBook – works pretty much the same way as Facebook: you can chat, send pictures and friend requests, post status updates, and join groups. Though competing head-to-head with Facebook Onion, BlackBook’s prone to hacking. Reportedly, the client was disabled at least a couple of times in 2018.
  • Torbook – very similar to BlackBook. Some claim that both of them rose at around the same time, despite the creators not knowing each other.
  • The Campfire – gather around the campfire, folks to hear the tale of tales. The name’s rather suggestive – a big chatroom; everybody can join, and the topics can be anything from the latest trends in the music industry to how you can hide a human body.
  • Lucky Eddie’s Home – scripted chat room that sports one of the most efficient file-uploading system on the dark web. Just like any IM app, you can send or receive messages, join or create groups, and send files.
  • MadIRC Chat Server – if you’re over 30, you certainly remember the mIRC era. Surprisingly enough, IRC off-spins are still being used today, mostly for covert conversations or intranet communication. MadIRC Chat works just like a regular IRC – no or subscription required. Just pick a username and join in on the fun. I know sharing is caring, but in this case, I would advise you not to share any personal details because you may never know who’s on the other side of the line.
  • Chat with strangers – think Omegle, but on the dark web. Just fire up the client, connect to a chat room, and that’s it. You can’t send or receive files. Still, if you’re lucky, perhaps you can partake in a scintillating conversation.

Journalism and advocacy groups

As I’ve mentioned, the dark web isn’t just a place of eternal torment, teeming with drug dealers, human traffickers, and a hitman. It’s also used by journalists, advocacy group members, and political refugees in hiding. Reuters, Fox, NBC, CNN – all of them keep open dark web channels to receive anonymous tips from whistleblowers.

Advocacy groups are also reaping the advantages of the darknet because, here, the term of censorship is as popular as HTTPS. And finally, we have political outcasts, refugees, and people who want to get in touch with the outside world, being from a totalitarian country that suppresses all means of communication and information.

Of course, there are your run-of-the-mill congregations, which will worship anything from Lucifer to the flying spaghetti monster.

If you’re interested in subversive journalist, here are a couple of sites you can try visiting:

  • Soylent News – a trans spectrum darknet news aggregator. Features webmaster-moderated forums on which you can submit comments. You can also get involved by either submitting tips or writing news.
  • ProPublica – historically, ProPublica’s the first major news outlet to feature well, a darknet outlet. With an activity spanning almost four years, ProPublica managed to expose power abuses and blow the lid on covert activities conducted by governmental institutions. Although quite young compared to other darknet news outlets, ProPublica’s work was rewarded with five Pulitzer Prizes for Feature Writing, the last one being awarded to Hannah Dreier, the investigative journalist who covered the gangs of Los Angeles.

More on how to stay safe on the dark web

Already went through VPNs, anonymizing web browsers, and disposable operating systems, so I won’t bother reminding you about those. Here some other things you can try to bolster your security.

1. Minimize or rescale your Tor browsing window

Sounds rather off, doesn’t it? Well, there’s a reason why it’s recommended to browse with a minimized or rescaled window – you can be tracked based on your active window’s dimensions (yeah, they really can do that). So, do yourself a favor and rescale that Tor window as much as you can before proceeding.

2. Tweak the security settings

Tor has an in-build slider which lets you adjust the level of security. Just click on the onion icon and choose Security Settings. Adjust the slider until the cursor points to safest. This means that the JavaScript will be disabled by default on every website and some symbols and images will not be displayed.

3. Never use your credit and debit card for purchases

I’ll go farther than that and say stay away from darknet shops. Maybe some of them are legit, but are you really willing to take that chance? Still, if you’re really itching to purchase a new phone or God knows whatever, I would advise you to stick with Bitcoins or your favorite crypto coin. Using credit or debit cards for this sort of things is like painting a big bullseye on your bank account while yelling: “come here and take my money.”

4. Close Tails after finishing your session

When you’re done surfing or shopping on the dark web, don’t forget to shut down Tails. The major advantage of using a live OS such as Tails is that, on shut down, the OS wipes itself from the thumb drive you’ve installed it. That’s why it’s never a good idea to burn Tails on DVD.

5. Don’t stick your nose where it doesn’t belong

Great life advice, but it’s even more valuable where the darknet is concerned. Keep in mind that many criminal organizations are using the dark web to communicate or sell merchandise. Some of these channels are under watch. You may very well end up in the middle of a stakeout that could turn ugly. So, if the website looks fishy, close the tab, and forget about it.

Wrap-up

This is where I get off – been a long journey and I hope I’ve managed to at least change your perspective on the dark web. So, to wrap it up nice and tight, remember to take all the necessary precautions, refrain from using your debit or credit card, stay away from dubious groups, and have fun while you’re at it. As always, for comments, rants, ad-libs, or beer donations, shoot me a comment. Cheers!

The post How to Get on the Dark Web: A Step-by-Step Guide appeared first on Heimdal Security Blog.

Windows Defender Vulnerabilities: How the Latest Malware Can Disable It

Are you relying only on the built-in defenses in your Windows 10 operating system for security? This was never a good idea, but lately, it became even more dangerous. Windows Defender vulnerabilities were uncovered by researchers, far surpassing what users could have expected.

During the past months and even before that, the world of cybersecurity has held its breath over Trickbot updates. The banking Trojan has been around since 2016 and according to recent forensics of it, it has compromised over 265 million email accounts. While the malware is not exactly new, the trickiest part about it (pun intended) is how it manages to adapt.

The most worrisome part of its evolving trajectory is its ability to disable Windows Defender. The latest cybersecurity analysis has revealed that in its latest campaign, Trickbot has been targeting Windows 10 users. Especially in corporate environments (but also inside plenty of home devices), this is the operating system of choice.

How Does Trickbot Work?

Trickbot has been around since 2016 and managed to be a stressful threat ever since. Targeting both individuals and companies, it is a jack of many trades. Every time security has it pinned down and think that a permanent counter has been found, Trickbot resurfaces in an altered form.

Thor Foresight makes sure that link is safe!
Your parents and friends will click any suspicious link, so make sure they're protected.
Thor Foresight Home anti malware and ransomware protection heimdal security
Thor Foresight provides: Automatic and silent software updates Smart protection against malware Compatibility with any traditional antivirus.

SECURE YOUR ONLINE BROWSING!

Get Thor Foresight

This is not about the usual change all malware strains go through to evade detection by simple Antiviruses. Generally, malware developers (hackers) change just a few lines of code to make the malware appear different.

Trickbot’s History of Adapting to Defensive Software

Not so with Trickbot. In this case, whenever Trickbot got reinvented, it also resurfaced with a changed strategy. That’s the main reason for which it wasn’t yet completely eradicated. At the moment, small businesses are the most endangered by Trickbot’s activity.

Over its 3 years of activity, Trickbot wore many disguises and targeted various entities and systems, depending on what was deemed more vulnerable at the time. When it first emerged, it seemed to borrow heavily from Dyrezza, a previous banking Trojan. It also stole data from users via malicious spam.

From its initial emergence, Trickbot proved to be impressively adaptable. It changed tactics from scam emails sending warnings about unpaid bills to account update phishing emails. It could propagate either through infected URLs and malicious email attachments.

How Trickbot Operates Now

Once it manages to infect one endpoint, Trickbot quickly spreads through the entire organization, laterally. The malware uses an SMB vulnerability to propagate. It’s then notoriously difficult to detect (it requires network admins to intuitively guess something is wrong, just by monitoring traffic and resource footprints).

Trickbot is even more notoriously difficult to remove, once detected. It requires IT admins to manually go through every infected endpoint, isolate it, and clean it.

Unfortunately, because Trickbot spreads through the SMB vulnerability, any sanitized endpoint can quickly become re-infected once it joins the network again if there is at least one other infected machine.

It also becomes more persistent by creating Scheduled Tasks, which carry out its agenda while evading user (and security software) detection. This makes the clean-up process painstaking and the infection incredibly resilient.

How Can Malware Disable Windows Defender?

Advanced malware has gained ways to avoid being detected by Windows Defender, in the past few years. This isn’t really news. What makes Trickbot exceedingly dangerous is the way it is capable to not only fly under Windows Defender’s radar but disable it altogether.

In one of the most recent Trickbot developments, the malware surprised researchers by silently disabling Windows Defender. Once the default protection was out of the way, the malware then proceeded to carry out its agenda of data stealing and email compromising.

In its most recent data scraping, it’s estimated that over 265 million email addresses were exposed and compromised. These emails will now be used in phishing and scamming campaigns, poised to break into banking accounts and make away with funds.

Here is how Trickbot exploits Windows Defender vulnerabilities:

At the time of my writing this blog post, this is how the most recently detected Trickbot version behaves, as documented by MalwareHunterTeam and Vitali Kremez.

Step #1. Add policies to SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection for the following:

  • DisableBehaviorMonitoring: Disables behavior monitoring in Windows Defender.
  • DisableOnAccessProtection: Disables scanning when you open a program or file.
  • DisableScanOnRealtimeEnable: Disabled process scanning.

Step #2. Configures the following Windows Defender preferences via PowerShell:

  • DisableRealtimeMonitoring: Disables real-time scanning.
  • DisableBehaviorMonitoring: Same as above, except as a Windows Defender preference.
  • DisableBlockAtFirstSeen: Disables Defender’s Cloud Protection feature.
  • DisableIOAVProtection: Disables scans of downloaded files and attachments.
  • DisablePrivacyMode: Disables privacy mode so all users can see threat history.
  • DisableIntrusionPreventionSystem: Disables network protection for known vulnerability exploits.
  • DisableScriptScanning: Disables the scanning of scripts.
  • SevereThreatDefaultAction: Set the value to 6, which turns off automatic remediation for severe threats.
  • LowThreatDefaultAction: Set the value to 6, which turns off automatic remediation for low threats.
  • ModerateThreatDefaultAction: Set the value to 6, which turns off automatic remediation for moderate threats.

All the measures taken by Trickbot to make sure it can carry out infections undisturbed are meticulous and complex. It’s easy to see how easy it would be for most users to be unaware of anything wrong until it’s too late. After all, who manually checks the permissions in Windows Defender daily?

Other Malware Which Disables Microsoft Security Apps

Perhaps even more worrisome is that Trickbot seems to not be an isolated case. We’re not dealing with brilliant hackers, the likes of which the world has never seen. The disabling of built-in defenses is becoming a more and more common sight with the latest malware strains.

The most recent example is the DealPly adware, which turns off defensive software such as Microsoft Smartscreen, but also well-known commercial security software (McAfee’s WebAdvisor). The actual damages of DealPly are not severe yet, but even malvertising can have disastrous effects when paired with financial malware and others.

Even if the damages of the DealPly adware are not immediately visible at this moment, it’s nevertheless worrisome how it can disable security software. Apparently avoiding detection will remain a malware ambition of the past.


We’re likely heading into an era of third-gen malware, if I were to speculate.
Click To Tweet


More Windows Defender Vulnerabilities to Know about

All Windows Defender vulnerabilities can be checked in almost real-time on a dedicated CVE portal HERE. You can also check for fixes there, but be warned that it can be a hassle to do it manually.

Windows Defender Updates Which Are Somewhat Closing Vulnerabilities

To be fair, Microsoft is trying to patch some of these vulnerabilities and succeeds to close gaps somewhat. But in the long run, especially because Microsoft is a huge target of attackers worldwide, it’s impossible to stay afloat.

How to Stay Safe Beyond the Limited Protection of Windows Defender

Within the limited scope of built-in Windows defenses, what you can do is create a separate user account. Run most of your routine activities from this plain user account and only enter the administrator account when you need to do something very important. Even then, tread carefully.

The other thing to do in order to overcome the Windows Defender vulnerabilities is to invest in extra protection layers.

You clearly can’t rely on Windows Defender for keeping your PC or laptop safe. Not having a specialized cybersecurity suite to protect your device has always been a hazard. But now, with the recent developments, it’s revealed to be even more dangerous than previously thought.

My advice is to not postpone your cybersecurity or stick to the free, default versions such as Windows Defender. No matter how improbable you might think a malware infection is, it may be closer than you think. People who lost data, money, privacy or worse to malware all thought it couldn’t happen to them.

Don’t rely on built-in, default defenses, or on a single security product, for that matter. Stay vigilant and try to have solutions which keep up with the threatscape.

How much protection is enough?

In the cat and mouse cybersecurity game, hackers quickly find ways to overcome current defensive software. Then, the defensive software strives to redefine itself to overcome the new malware developments, and so on.

All this takes place with exhilarating speeds. So, to make sure you can’t become the next victim of malware, don’t stop at one defender. Have an active next-gen Antivirus, but also a threat detection layer on top of it. Also, update your software and apply patches as soon as they’re released.

A cybersecurity suite which contains all of the above is, of course, ideal, so I can recommend our Thor Premium Home. If you want to try it for free, here’s a month on the house. Just click on the ‘I want to try it free for 30 days’ option and follow the rest of the instructions for installing.

Final thoughts

Regardless of the brand of products you use, just know that you’re better off using at least something in addition to just Windows Defender. Preferably, your defenses should include a smart threat detection mechanism, like a DNS filter. As long as you do that, all should be well.

Good luck with your cybersecurity and don’t forget to check from time to time if your Windows Defender is still active and up to date. Check especially if you’re not 100% confident in the rest of your security software. If you stay vigilant, you may catch threats in time, before any significant damage is done.

The post Windows Defender Vulnerabilities: How the Latest Malware Can Disable It appeared first on Heimdal Security Blog.

5 Digital Risks That Could Affect Your Kids This New School Year

digital risks

digital risksStarting a new school year is both exciting and stressful for families today. Technology has magnified learning and connection opportunities for our kids but not without physical and emotional costs that we can’t overlook this time of year.

But the transition from summer to a new school year offers families a fresh slate and the chance to evaluate what digital ground rules need to change when it comes to screen time. So as you consider new goals, here are just a few of the top digital risks you may want to keep on your radar.

  1. Cyberbullying. The online space for a middle or high school student can get ugly this time of year. In two years, cyberbullying has increased significantly from 11.5% to 15.3%. Also, three times as many girls reported being harassed online or by text than boys, according to the U.S. Department of Education.
    Back-to-School Tip: Keep the cyberbullying discussion honest and frequent in your home. Monitor your child’s social media apps if you have concerns that cyberbullying may be happening. To do this, click the social icons periodically to explore behind the scenes (direct messages, conversations, shared photos). Review and edit friend lists, maximize location and privacy settings, and create family ground rules that establish expectations about appropriate digital behavior, content, and safe apps.Make an effort to stay current on the latest social media apps, trends, and texting slang so you can spot red flags. Lastly, be sure kids understand the importance of tolerance, empathy, and kindness among diverse peer groups.
  2. Oversharing. Did you know that 30% of parents report posting a photo of their child(ren) to social media at least once per day, and 58% don’t ask permission? By the age of 13, studies estimate that parents have posted about 1,300 photos and videos of their children online. A family’s collective oversharing can put your child’s privacy, reputation, and physical safety at risk. Besides, with access to a child’s personal information, a cybercriminal can open fraudulent accounts just about anywhere.
    Back-to-School Tip: Think before you post and ask yourself, “Would I be okay with a stranger seeing this photo?” Make sure there is nothing in the photo that could be an identifier such as a birthdate, a home address, school uniforms, financial details, or password hints. Also, maximize privacy settings on social networks and turn off photo geo-tagging that embeds photos with a person’s exact coordinates. Lastly, be sure your child understands the lifelong consequences that sharing explicit photos can have on their lives.
  3. Mental health + smartphone use. There’s no more disputing it (or indulging tantrums that deny it) smartphone use and depression are connected. Several studies of teens from the U.S. and U.K. reveal similar findings: That happiness and mental health are highest at 30 minutes to two hours of extracurricular digital media use a day. Well-being then steadily decreases, according to the studies, revealing that heavy users of electronic devices are twice as unhappy, depressed, or distressed as light users.
    Back-to-School Tip: Listen more and talk less. Kids tend to share more about their lives, friends, hopes, and struggles if they believe you are truly listening and not lecturing. Nurturing a healthy, respectful, mutual dialogue with your kids is the best way to minimize a lot of the digital risks your kids face every day. Get practical: Don’t let your kids have unlimited phone use. Set and follow media ground rules and enforce the consequences of abusing them.
  4. Sleep deprivation. Sleep deprivation connected to smartphone use can dramatically increase once the hustle of school begins and Fear of Missing Out (FOMO) accelerates. According to a 2019 Common Sense Media survey, a third of teens take their phones to bed when they go to sleep; 33% girls versus 26% of boys. Too, 1 in 3 teens reports waking up at least once per night and checking their phones.digital risks
    Back-to-School Tip:
    Kids often text, playing games, watch movies, or YouTube videos randomly scroll social feeds or read the news on their phones in bed. For this reason, establish a phone curfew that prohibits this. Sleep is food for the body, and tweens and teens need about 8 to 10 hours to keep them healthy. Discuss the physical and emotional consequences of losing sleep, such as sleep deprivation, increased illness, poor grades, moodiness, anxiety, and depression.
  5. School-related cyber breaches. A majority of schools do an excellent job of reinforcing the importance of online safety these days. However, that doesn’t mean it’s own cybersecurity isn’t vulnerable to cyber threats, which can put your child’s privacy at risk. Breaches happen in the form of phishing emails, ransomware, and any loopholes connected to weak security protocols.
    Back-to-School Tip: Demand that schools be transparent about the data they are collecting from students and families. Opt-out of the school’s technology policy if you believe it doesn’t protect your child or if you sense an indifferent attitude about privacy. Ask the staff about its cybersecurity policy to ensure it has a secure password, software, and network standards that could affect your family’s data is compromised.

Stay the course, parent, you’ve got this. Armed with a strong relationship and media ground rules relevant to your family, together, you can tackle any digital challenge the new school year may bring.

The post 5 Digital Risks That Could Affect Your Kids This New School Year appeared first on McAfee Blogs.

Android Malware: Your Mobile Device Isn’t Safe from Hackers

The evolution of mobile devices has certainly improved our lives, but yet, security threats are rising. Although malware can affect any mobile operating system (OS), in this article I’m going to look at Android malware specifically, since Android the most targeted OS. Actually, you may have already read a bunch of headlines around Android malware attacks.

Curious to find out how it all started? Would you like to avoid losing your security and privacy? If the answer to these questions is yes, keep on reading, as I will try to paint a clearer picture and answer some commonly asked questions.

Can You Really Get Malware On Your Android Device?

Are Android phones and tablets safe?

Long gone are the days when cybercriminals were only targeting computers. Now, they are likely to infect any piece of tech equipment you can imagine, starting from smart home ecosystems, to self-driving cars, drones, and AR/VR devices. And of course, your Android device is no exception.

How It All Started – The Early Days of Android Malware

First of all, let’s take a quick look at the origins of Android malware.

The first Android OS was released by Google back in 2008 and ever since has grown to be the most popular choice on the market. Currently, there are over 2.5 billion active Android devices worldwide.

At first, Android smartphones were not being targeted by malware since their popularity was growing gradually and attackers were mainly focusing on other widespread mobile operating systems of the time, such as Symbian. But as soon as its user base started developing more and more, by 2010, the platform was becoming a suitable environment for malware infections. Due to its open-source model, some illegal Android app stores were beginning to rise, and illicit apps were also starting to get included in Google’s official app store.

Spotted in 2010, AndroidOS.DroidSMS.A was the first Android Trojan. This was an SMS fraud app, which would subscribe your phone to various SMS services.

Back in the days of SMS subscription services, you could opt in to receive different alerts on your phone via text messages (i.e. ringtone of the week, joke of the day, etc.). Of course, you would also have to pay for each message you received. Once your phone got infected with this type of Android Trojan, it would automatically subscribe you to the service. And it would do it silently in the background without your prior approval, so you’d only notice it later on your phone bill.

During the same year, another Trojan was discovered posing as the TapSnake game. This particular Trojan would deliver the victims’ GPS location once their phones were infected over HTTP, which would then be identified by other phones that had the GPS Spy app installed.

In March 2011, yet another kind of malware, DroidDream, was added to the “collection”. Apparently, it was named due to the fact that it was programmed to run between 11:00 PM and 08:00 AM, when Android phone users were most likely to be asleep and not using their device. A dream turned into a nightmare, this was a mobile botnet type of malware, which could gain root access to Android devices and steal unique identification information. At the same time, it could download other malicious apps without the user being aware and allowed hackers to control the device.

Android Malware Toolkits Were Becoming Mainstream

Going forward, Android malware attacks were showing no signs of a slowdown and the mobile cybercrime market was thriving. This type of malware was being sold illegally on the dark web. Malware-spreading kits were becoming widely available to be used by virtually anyone willing to do harm.

For example, the MazelTov Toolkit, dubbed an “APK Download System”, was created and discovered back in 2015 to facilitate malicious actors into uploading and spreading malware to Android devices. Attackers were granted control and provided with statistics on how successful their malware campaigns were. These toolkits were being sold for the Bitcoin equivalent of $3,000 and “customers” would receive everything they needed to effectively infect mobile devices.

Perks and benefits included registered developer accounts for three reputable Android markets of your choice, two domains, templates for a landing page, Traffic Distribution System (TDS) to add bot filtering and ensure the malicious websites received unique visitors per each desired geolocations, etc.

Mazel Tov APK Android

Image source: Security Intelligence

Popular Types of Android Malware

In this article, I’ve already briefly mentioned the Android Trojan virus, yet there are many other forms of malware that can infect your device. So, below I’ll list the most frequent types of Android malware and explain how each of them works.

#1. Trojans

As you could probably already tell from the attacks I’ve already listed in the Early Days of Android Malware section above, Trojans are malware disguised as legitimate software and apps. They can be used to harvest your sensitive data, spy on your activity, delete files, gain access to your device, download other malware, and more.

#2. Keyloggers

Keyloggers are malware designed to record your keystrokes, or when it comes to mobile devices, the information you type on your device. The fact that you can also find keylogger software openly on the surface web (and not only the dark web!) readily available to the general public and indexed in the search engines is somewhat shocking and disturbing. Sadly, these apps are usually masquerading as parental control solutions, while other developers are openly encouraging the surveillance of your friends and partners.

android keylogger advertised on google

#3. Ransomware

Although this type of malware is more common on computers, this doesn’t mean your mobile device can’t get infected with Ransomware.

Through this kind of attack, all your files end up encrypted and sometimes even your screen gets locked too. A message gets displayed on your device which asks you for a payment in return for decrypting your device.

In the image below, you can see an example of a ransomware attack targeting Russian users. The message displayed on the phone’s screen urges them to pay 500 Russian rubles ($8-$10) while they are also being threatened with a text message that would be sent to their contacts to let them know the victim was caught watching illegal adult content.

Android Ransomware Screenshot

Image source: Bleeping Computer

#4. Spyware

Spyware is a highly common malware infection on mobile devices. You may have recently heard of it in the controversial WhatsApp Spyware attack when a discovered vulnerability found in the app could be exploited in order to make way for spyware on the victims’ devices.

So what is mobile Spyware? It’s malware that enables attackers to access all the information on your phone, including contacts, calls, texts, and other sensitive information and also hijack your microphone and camera. Next, you can watch a short documentary created by a student who installed spyware on his phone, which got stolen. He shows how easy it is to spy on people and learn different things about them.

#5. Adware

If annoying advertisements are randomly being displayed on your device (full screen), even when you’re not browsing the Internet or using apps that have ads enabled, this means your mobile device is infected with Adware.

Here is what an Android mobile adware infection looks like:

Notorious Android Malware Campaigns Spotted in 2019

The pieces of malware below have been discovered this year alone, so notice how frequent these attacks can happen.

#1. Android/Filecoder.C

Targeting devices running Android 5.1 and higher, the FileCoder ransomware spreads via text messages that contain a malicious link. These messages try to trick you into installing an app which promises to use your own photos to create sex simulation imagery. But what this app actually does is encrypt all of your local files in exchange for a ransom ranging between $94 and $188.

For the full picture, here you can read the Security Alert around the FileCoder ransomware strain that we’ve recently released.

#2. SimBad

This malware campaign discovered in March 2019 impacted almost 150 million users. It was an adware strain found in 210 Android apps available on the official Google Play store. It was masquerading as the advertising kit named RXDrioder, which allowed attackers to control what ads were being displayed to users. The majority of the corrupted apps were shooter or racing games. RXDrioder was able to conceal the apps’ icons so users would find it more difficult to uninstall them.

In this adware campaign, attackers were abusing the legitimate advertising kit for their own profit to display the ads they desired. What’s more, they could make users’ browsers open at a particular URL to show even more ads. Or worse, open the Google Play and 9Apps stores to certain apps, so users could choose to engage in pay-per-install app monetization schemes.

But the malicious features of SimBad didn’t end here. The adware’s code could also display custom notifications and install additional apps from a server without the users’ consent.

#3. Agent Smith

This year in July, another malware campaign that infected over 25 million devices, dubbed “Agent Smith” due to its ability to bypass detection, was brought to light. This malware hacked apps and made them display more ads or took credit for the ads that were already displayed. Also, this piece of malware could identify well-known apps, such as WhatsApp, and replaced parts of their code and impeded app updates.

The malware was hiding in certain apps, which after were downloaded, the malware would pose as a Google app under a name like “Google Updater”, and then the process of replacing code would begin.

It was found in the 9Apps third-party store and the malware’s developer was also trying to spread it into the official Google Play Store too, where 11 apps included code similar to a simpler version of the malware. However, the malware stayed dormant in this case.

#4. BianLian

BianLian had been previously known as the dropper that enabled Anubis, a banking Trojan spotted last year, to get installed on devices while being disguised as apps that were in high demand (think currency calculators, discounter apps, device cleaners, etc.). This malware strain would ask for permission to alter the device’s accessibility services and acted as a keylogger to steal banking login credentials. What’s even more frightening in this particular case is that the apps were actually working just fine, just like legitimate applications would, and they even had high ratings in the official Google Play Store.

Fast forward to July 2019, a brand new version of BianLian was discovered, which transitioned to a complex malware that brings new attack tactics. Now, it would actually record the devices’ screens so that users’ credentials could be stolen, allowing attackers to gain access to usernames, passwords, card details, and account numbers.

#5. Monokle

Android spyware known as Monokle and allegedly designed by one of the Russian government’s surveillance providers has been discovered this month as well. It has supposedly been out in the wild since 2016, and it’s been hiding in fake apps that look identical to highly popular Android applications, such as Pornhub, Evernote, Skype, or Signal. This spyware retrieves passwords and converts smartphones into listening devices. The tool is also able to record home screens when devices are locked to steal passwords, look at predictive-text dictionaries to understand the victim’s interests, record calls, and listen through the phone’s microphone.

#6. MobonoGram (Android.Fakeyouwon)

MobonoGram is a malicious app that used the open-source code of the original Telegram app. Its code was injected with malware and afterward published on the Google Play Store.

The fake app was targeting users in countries such as Iran, Russia, the UAE, and the US, where the official app is banned. The app could launch itself each time the devices were booted, or right after an app was updated or installed. Moreover, when the app was running, it was gaining access to a set of C&C servers to obtain malicious URLs, a browser user agent to hide the requests’ source and some JavaScript codes. These JavaScript codes were created to engage in click fraud and profit from fake ad revenues.

Also, some URLs caused an infinite loop of requests to a malicious website. Such activity can drain the device’s battery as well as also possibly making it crash.

Between January and May 2019, researchers detected and blocked 1,235 infections belonging to the Android.Fakeyouwon malware family. The MobonoGram was downloaded over 100,000 times, and its developer (RamKal Developers) released at least five updates before it was eventually removed by Google from the Play store. Another malicious app named “Whatsgram” was published by the same developer.

How to check for malware on Android

So, what are the warning signs that could be telling you your Android device is infected with malware?

If your Android smartphone or tablet starts acting in a weird way and there are no obvious signs why this is happening, this behavior may be due to malware. Here are some common signs of Android malware:

Your battery is draining faster than usual.

If you’ve been using your Android device for roughly the same amount of time each day, yet you notice your battery is suddenly draining without an explicable cause, this may be due to a malware infection. Sometimes, malicious apps are using a lot of power resources. You should go to Settings, open the Battery section on your phone and see exactly which apps are using the most power. Try to identify if the apps that are showing up in there are genuine.

Your device heats up and performs poorly.

If you’re certain you’re not overusing the device and it heats up quickly and becomes really slow or your screen often freezes, we may be talking about malware. You should check the data usage to see which apps are using a lot of data. Access Settings, go to Data and look at all the apps. Uninstall anything that looks fishy immediately.

Pop-ups and ads have started to appear randomly.

This is a clear sign of a malware infection, namely adware. No ads should be showing up on your screen for no particular reason. Remember: DO NOT click on any of these ads, no matter what they promise. You should identify which apps you’ve recently installed and remove all the suspicious ones ASAP.

You’ve noticed weird phone calls and texts.

If you see any unexplained messages or calls, they may be due to a malware infection, as this is a common way for it to replicate. For instance, if you receive strange text messages from friends, trying to lure you into clicking on suspicious links, their phones may be infected with malware that is trying to pass over on your device as well. Here you can see a clear example of a Ransomware attack (dubbed FileCoder), which spreads via text messages on Android. Whatever you do, DO NOT click on any fishy URLs or answer unknown calls.

Unknown apps have suddenly appeared on your phone.

Needless to say, if you notice any apps that you haven’t installed yourself, remove them promptly! And remember the “Google Updater” app I previously mentioned in this article? Some malicious apps will try to sound genuine or mimic other apps, so be extra careful.

Check for any hidden apps.

Some apps may not be visible on your Android device unless you know where to look for them. I know, this may sound scary, but here’s what you need to do. Just go to Settings – Applications, and look for any unwanted names on the list. From this menu, uninstall any suspicious apps right away!

Tips to Avoid Malware on Your Android Device

Here is how you can prevent your Android device from being attacked by cybercriminals.

#1. Set up a PIN/password/pattern or biometric authentication.

This should be the first security measure you apply on your Android device. Always make sure your phone can’t be accessed by someone who could, for instance, install spyware so they can monitor your activity.

#2. Turn your screen’s sleep timer to no more than 15-30 seconds.

Just in case you forget your device unsupervised, make sure any potential malicious actors have as little time as possible to gain access to it.

#3. Do not root your Android device.

Rooting is the Android equivalent of jailbreaking Apple’s iOS, which means you can unlock the operating system to customize it, install unofficial apps, apply OS updates by yourself, and so on.

However, keep in mind this practice involves serious security risks, so don’t do it, unless you are an expert or simply want to experiment and aren’t concerned with security.

#4. Never sideload apps.

In other words, do not install apps from third-party sources other than the official Google Play Store. Basically, when you do it, you bypass the security protocols from the Play Store. But it’s your choice if you want to take the risk.

#5. Delete any unnecessary apps.

Time for spring cleaning on your phone! If you’re not actually using an app, don’t just let it sit there and gather dust. It may someday be a security hole on your device.

#6. Be careful what apps you download (even from the official Google Play store).

As we’ve witnessed so many rogue apps evading malware detection and being introduced in the Google Play store, this means you can’t fully trust the tech giant’s official platform either. And imagine how many malicious apps could be hiding in third-party stores, so always make sure you download from reputable sources. Also, make sure you check the number of downloads and reviews.

#7. Pay close attention to the permissions requested by an app

For instance, an app may ask you to give it permission to identify your location, access your list of contacts, see your photos, etc. Here, Google explains how you can keep track of the permission rights requested by apps and how to enable and disable them.

#8. Update your system software and apps.

I can’t stress this enough – apply the latest updates as soon as possible. This is truly mandatory. Do not postpone the process. Here you can read a piece on the importance of software and apps patching.

#9. Encrypt your device.

An easy and obvious way to keep your data away from unwanted eyes is through encryption. How can you do this? Open Settings on your Android device. Under Security you’ll see the encrypt device option. This encryption process can take up an hour or even more. Keep in mind this will drain your battery and begin the process with a fully charged and plugged in device.

#10. Back up your device.

Always have a copy of your files handy in case you lose the ones stored directly on your gadget. You can either manually transfer files to your PC on your hard drive (or save them on external storage devices), or you can choose to back up your data in the Cloud. Of course, the latter is more convenient and saves you time, but it’s your choice to make. Some Android phones allow you to back up your app data, call history, contacts, photos, videos, settings, and text messages directly on Google Drive. But on other devices, you will have to use third-party backup options.

#11. Stay informed about the latest threats.

Continuous education is your safest bet when it comes to cybersecurity. You should be able to spot malicious cyber behavior and know how to defend yourself. If you’re a cyber-security newbie or if you’d simply like to learn more and stay on top of things, we recommend you subscribe to our newsletter and to our Cyber Security for Beginners course.

#12. Use an anti-malware security solution on your Android device.

For instance, Thor Mobile Security blocks any mobile threat before it gets the chance to infect your gadget. It makes sure all the URLs you end up on are safe (which means no phishing links, no ransomware, no credential-stealing or identity theft), and if they’re unsafe, they instantly get blocked.

Free Trial

How to Remove Malware from Your Android Device (A Quick and Easy Guide)

Well, you did your best to avoid malware on Android, but you’ve still ended up with a compromised device. Or you simply weren’t aware of the dangers lurking out there so you weren’t careful enough.

You may have clicked on a malicious link you received via text message or installed a rogue app. Now, your device has been acting weirdly and it’s clearly infected with a virus.

What can you do about it?

Obviously, if you don’t mind losing all your data, you can always perform a factory reset, which will bring your device to its initial state. But there are other steps you can take for a quick remedy.

Step #1. Restart your phone in safe mode.

Go to the Power Off options by pressing the power button on your phone. The power menu will appear. Tap and hold Power Off until the Reboot to Safe Mode option appears and choose OK.

Step #2. Uninstall any suspicious apps and the ones you don’t use.

You’re already aware of the importance of uninstalling apps that should not have been on your device in the first place or old ones that bring you no benefits whatsoever.

Step #3.  Install a reputable anti-malware solution.

Don’t rely solely on Google Play Protect. This is the built-in antivirus protection on Android, which in a test released by AV Comparatives in July 2019, scored a protection rate of only 83.2% and 28 false positives. We recommend you install Thor Mobile Security for continuous protection against advanced malware, phishing, ransomware, identity theft, and so much more.

Bottom Line

Most of these Android malware attacks are successful because they’re based on false promises which sound appealing. But keep in mind, the threats are real. Always stay alert, keep your apps and system software updated, and never download anything on your mobile device from dubious places.

Has your Android device ever been infected with malware? Share your stories in the comments section below.

The post Android Malware: Your Mobile Device Isn’t Safe from Hackers appeared first on Heimdal Security Blog.

Can a Smart TV Get a Virus?

Asking the real questions here – can a smart TV get a virus? We’re about to find out. If you’re into gaming or streaming, you’ve probably bought yourself a wide QLED.

Smart TVs are awesome since they give you access to tons of content without the need to use an intermediary – remember when you had to hook up your desktop or laptop to the TV just to see a movie?

Since most smart TVs out there run an OS akin to Android, the question about whether or not TVs can get viruses seems only natural. So, if you’re still worried about someone hijacking your smart during an epic streaming night, check out this guide. Enjoy!

It started with a tweet…

Like every ‘great’ Internet smash, the entire smart TV malware gig started with a tweet from Samsung. Try as I might, but I couldn’t get ahold of the said message since the company was kind enough to delete not long after it went live. However, it did not go away quietly (into the night) – pretty soon, people began wondering whether or not their TVs are safe.

Per Samsung’s statements, the tweet was part of their cybersecurity awareness campaign.

Awareness or not, it does pose a rather interesting question: can a smart TV get a virus? Everybody agrees to disagree that the answer is “no” since smarts do not tap into the same resources as PCs, Macs, tablets, or smartphones. True, but not very convincing.

So, I started poking around to seek the answer to this elusive question. Long story short – yes, your smart TV can get a virus if you download stuff that, well, you shouldn’t download. Android TVs are more vulnerable compared to the non-Android models since they have full access to Google Play’s apps library.

Yes, one wrong download and you can probably end up with a bricked set or even with a compromised router. Daunting as it may seem, the chances of this actually happening are slim to none.

Of course, many agree that any kind electronic device can be hacked, but is it really worth it? Think of it this way: if someone were to hack his way into your PC, he could steal precious stuff like financial info. That’s a prize worth having.

Thor Foresight makes sure that link is safe!
Your parents and friends will click any suspicious link, so make sure they're protected.
Thor Foresight Home anti malware and ransomware protection heimdal security
Thor Foresight provides: Automatic and silent software updates Smart protection against malware Compatibility with any traditional antivirus.

SECURE YOUR ONLINE BROWSING!

Get Thor Foresight

Stepping up the game

First of all, a wide-spread cyberattack should be capable of targeting several types of chipsets. It’s true that most smart TVs use ARM- or MIPS-based cores, but the tech itself used to bring the sets to life, differs from that employed to build PCs or smartphones.

That would be the first limitation. The second one would be the fact that all TV operating systems are written in ‘read-only’ form, which means that the set itself can view and read the code, but it cannot write or overwrite on its own accord.

So, what does that even mean? Well, it kind of translates to someone having to redo the whole code to change the attribute from ‘read-only’ to ‘read-and-write’. Sounds easy enough on paper, but reality says otherwise; no one’s going through that much trouble just to hack a TV set!

Another ‘countermeasure’ smart TV manufacturers use is the digital signature. Each time a new firmware update becomes available, it simply overwrites the old one. Being digitally-signed means that in the event that malware does find its way inside your TV, it will simply be picked up by the in-built antivirus and deleted.

Now, even if the malware manages to evade detection (and that’s a very big ‘if’), worst case scenario – it will gain access to the TV’s config & general settings sections. Not much damage it can do from there (maybe trigger a voltage overload in those CPU cores or something).

So can a smart TV get a virus?

Not quite – TVs, just like any other electronics, CAN become infected. Well, that’s a bummer – how can a device get and not get infected at the same time? Let me try to clear things up a bit. So, for a TV to get viruses, Trojans, or any kind of ransomware, you would need to perform a specific set of actions.

For instance, if you insert a USB flash stick that harbors a bug, then your smart TV gets infected. It’s as easy as that. There’s even a story to go along with that claim; several of them, actually.

Fishing for Trojans

Apparently, in 2015, a Tom’s Guide user reported that he unwillingly transformed his Samsung smart TV into a breeding pool for trojans. As the story goes, the user plugged a USB stick into the TV without knowing that the stick was infected with win32.waldek.ACL, a trojan notorious for its ability to reconfigure the affected machine’s DNS and to restrict access to some websites.

Nothing appears to have happened to the TV, but once the user inspected the thumb drive on a computer, he saw that it was indeed infected with that particular trojan. His AV managed to bust the win32 variant, without any issues.

However, each time he would plug the stick into his TV and then back into the PC, his AV would detect an infection. I don’t know how this story ends, but I guess returning the set to its factory setting can root out just about any kind of malware from the smart TV’s buffer.

There are other accounts of smarts getting bitten by the ‘love bug’.

When gaming turns…viral

During the same year, Candid Wueest, a cybersecurity researcher managed to prove what others couldn’t: that someone can hold your TV for ransom. In other words, ransomware’s universal. Now, keep in mind that Wueest’s ‘experiment’ worked because, well, he wanted it to work.

Here’s how it went down: in his demo, Wueest managed to infect a Sony Android TV with ransomware using a Man-in-the-Middle attack, by replacing a game installation file with ransomware. As a result, the TV locked itself up. What’s even worse is that you can’t do anything because there’s no way of actually clicking on the instructions’ link to see the payment details.

So, yes, it’s possible, but certain conditions must be met. First of all, the researcher was able to access the network path; IRL that could happen if the hacker was either on the same network as his victim or hijacks the victim’s DNS resolution.

Second, before starting this unlikely experiment, he enabled the TV’s Android ADB debugging feature, which granted him access to some pretty advanced features. Last, but not least, he knew where the experiment was headed and how it would end.

He eventually purged the ransomware by using the ADB shell. Lesson learned – it can happen, but there’s a boorishly long list of ifs to go along with that assumption.

Sis’s sys got pwned

The winter of 2016 brings us yet another case of what appears to be a ransomware infiltration. Lucky for us, this wasn’t another experiment, but the real McCoy. According to Reddit user u/tell_me_im_funny, his sister’s LG smart became infected while she was navigating on the TV’s web browser.

A couple of minutes later, the set got ‘bricked’, the only thing capable of displaying would be a message reading “Your computer has been infected, please gib money to fix it.”

This time, there was no ADB shell, no access to the network pathway, and no one to call for help. In a later ad-lib, the user said that he managed to ‘unbrick’ his sister’s TV by performing a hard-reset (returning the TV to the factory settings).

Netflix is so gauche

And in hoping I haven’t bored you to death with my cybersec ‘penny dreadfuls’, the last story comes all the way from Kansas. Darren Cauthon, the protagonist and a software dev in his spare time, said that back in 2015, his Google Android-powered smart tv picked up a bug during his attempt at downloading a movie-streaming application.

Cauthon recalled streaming some flick when all of a sudden, the screen froze. Naturally, he tried rebooting the TV. However, upon restart, instead of the familiar LG start screen, Cauthon was met by a message allegedly sent by the Federal Bureau of Investigation. Apparently, the software dev was informed that due to some “suspicious files”, the device has been locked. The full text reads:

Department of Justice
Federal Bureau of Investigation

FBI Headquarters

Washington DC Department, USA

As a result of full scanning of your device, some suspicious files have been found and your attendance of the forbidden pornographic sites has been fixed. For this reason, your device has been locked. Information on your location and snapshots containing your face have been uploaded on the FBI Cyber Crime Department’s Datacenter.

Of course, Cauthon’s first thought was ransomware. And yes, his hunch was right – after downloading the wrong movie-streaming app, his TV became infected with FLocker, otherwise known as Dogspectus or Frantic Locker, a Cyber.Police ransomware variant. Since the bug made it into his TV and not his PC or phone, Cauthon was able to get rid of it by returning the set to its factory settings.

What’s there to be done if your TV does get a virus?

For the sake of argument, let’s say your smart TV picks up a trojan or ransomware. What are you going to do then? Well, there are several ways to root out malware from your device. Check these out.

1. Force-scan the TV and attached storage devices

Most modern smart TVs have in-built antivirus software. Sure, it’s signature-based and wouldn’t make much of a difference in case of Advanced Persistent Threats, but still better than nothing.

Keep in mind that your TV’s AV is not as sophisticated as the one on your computer. Certain functions like auto-scan or scheduled scans may not be available. So, it’s up to you to conduct periodical scans of your device. Here’s what to do:

Step 1. Navigate to Settings using your remote.

Step 2. Go to General Settings.

Step 3. Head to System Manager.

Step 4. Under Smart Security, click on Scan.

Step 5. Enjoy a virus-free streaming experience!

(*) This method applies to Samsung smart TVs. For other brands, please consult the user’s manual. Look for things like “smart security”, “smart hub”, or “online security.

2. Return TV to factory settings

Just like Cauthon, you could return your smart TV to factory settings in case of a ransomware infection. Bear in mind that in a Denial-of-Service attack, some or all of your TV’s functions will be disabled. This means that you will need to find an alternative way to do that. My advice to you would contact your brand’s customer service for technical info.

Now, if you’re the ‘proud’ owner of Samsung smart just like I am, you can find the reset to the factory settings option in Support, under Self-Diagnosis. Keep in mind that you might be required to provide your PIN code to complete the operation (if you haven’t messed around with the security settings, the default PIN is 0000).  Bon chance!

3. Regular software updates

Yes, I know that this tip does not qualify as a fix, but you know how it goes with that proverbial ounce of prevention. Anyway, keep your TV’s firmware and all downloaded apps up to date. Almost all smart TVs have an auto-updater or, rather, semi-auto update feature since it will prompt you to install the latest version.

If you have an older set, try checking at least once per month for any updates. Do the same for your apps. Why keeping everything up to date? Because over 80 percent of malware infections occur due to outdated apps which turn into breach points.

4. Wired over wireless

If you can choose between a wired and a wireless connection, go with the first. Wired connections are harder to hack compared to the wireless ones. Of course, there’s the entire cable management issue, but everything can be solved with a bit of patience and some cable ties.

5. Avoid shady vendors

Now, if that TV really can’t wait, do yourself a favor and buy yours from a legit vendor. Don’t fall for bogus discounts, giveaways, or whatnots because that’s how you end up with rip-offs and malware-infected devices. Lesson learned – say YES to Samsung or LG and NO to Samysung or MG.

6. Refrain from plugging (infected) USB sticks into your TV

Seems pretty obvious, but I still need to say it: never, ever stick a malware-infected memory stick or portable hard-drive into your smart TV. It would be wise to run a quick scan on your PC or Mac before plugging in the stick. And I wouldn’t recommend using sticks other than your own.

7. Ditch generic web browsers

If you don’t have an Android smart TV, then you’ve no other choice but to use the in-built one. Now, if you really don’t like the default one, you should stick with the usual ‘suspects’ like Chrome, Mozilla, Firefox, Opera, or Brave. Why? Because they’re much more secure compared to generic ones.

Wrap-up

So, can a smart TV get a virus? That would be a “yes”. Still, you should take this with a grain of salt – sure, malware can brick your TV or whatever, but it’s still not nearly as dramatical compared to what would happen if the same bug got into your computer.

As always, keep your apps up to date, perform regular scans, avoid dubious memory sticks, and stick with the big brands. For any question, comments, rants, or suggestions, feel free to shoot me a comment. Cheers!

The post Can a Smart TV Get a Virus? appeared first on Heimdal Security Blog.

Capital One Data Breach: How Impacted Users Can Stay More Secure

Capital One is one of the 10 largest banks based on U.S. deposits. As with many big-name brands, cybercriminals see these companies as an ideal target to carry out large-scale attacks, which has now become a reality for the financial organization. According to CNN, approximately 100 million Capital One users in the U.S. and 6 million in Canada have been affected by a data breach exposing about 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, and 80,000 bank account numbers, and more.

According to the New York Post, the alleged hacker claimed the data was obtained through a firewall misconfiguration. This misconfiguration allowed command execution with a server that granted access to data in Capital One’s storage space at Amazon. Luckily, Capital One stated that it “immediately fixed the configuration vulnerability.”

This breach serves as a reminder that users and companies alike should do everything in their power to keep personal information protected. If you think you might have been affected by this breach, follow these tips to help you stay secure:

  • Check to see if you’ve been notified by Capital One. The bank will notify everyone who was affected by the breach and offer them free credit monitoring and identity protection services. Be sure to take advantage of the services and check out the website Capital One set up for information on this breach.
  • Review your accounts. Be sure to look over your credit card and banking statements and report any suspicious activity as soon as possible. Capital One will allow you to freeze your card so purchases can no longer be made.
  • Change your credentials. Err on the side of caution and change your passwords for all of your accounts. Taking extra precautions can help you avoid future attacks.
  • Freeze your credit. Freezing your credit will make it impossible for criminals to take out loans or open up new accounts in your name. To do this effectively, you will need to freeze your credit at each of the three major credit-reporting agencies (Equifax, TransUnion, and Experian).
  • Consider using identity theft protection. A solution like McAfee Identify Theft Protection will help you to monitor your accounts and alert you of any suspicious activity.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Capital One Data Breach: How Impacted Users Can Stay More Secure appeared first on McAfee Blogs.

4 Ways for Parents to Handle the Facebook Messenger Bug

9 out of 10 children in the U.S. between the ages of six and twelve have access to smart devices. And while parents know it’s important for their children to learn to use technology in today’s digital world, 75% want more visibility into their kids’ digital activities. This is precisely why Facebook designed Messenger Kids to empower parents to monitor their children’s safety online. However, the popular social media platform had to recently warn users of a security issue within this app for kids.

The central benefit of Messenger Kids is that children can only chat with other users their parents approve of. Yet one design flaw within the group chat feature prevented Facebook from upholding this rule. Children who started a group chat could include any of their approved connections in the conversation, even if a user was not authorized to message the other kids in the chat. As a result, thousands of children were able to connect with users their parents weren’t aware of via this flaw.

Luckily, Facebook removed the unauthorized group chats and flagged the issue to all affected users, promising that that potentially unsafe chats won’t happen again. While Facebook has not yet made a formal public response, they confirmed the bug to The Verge:

“We recently notified some parents of Messenger Kids account users about a technical error that we detected affecting a small number of group chats. We turned off the affected chats and provided parents with additional resources on Messenger Kids and online safety.”

Now, Facebook is currently working on still resolving the bug itself. However, there are still many actions parents can take to ensure that their child is safe on Facebook Messenger, and social media apps in general. Start by following these four best practices to secure your kid’s online presence:

  • Turn on automatic app updates on your child’s device. Updates usually include new and improved app features that your child will be excited to try. But more importantly, they tend to account for security bugs. Delaying updates can leave apps vulnerable to cybercriminals and turning on automatic app updates ensures that you don’t have to worry about missing one.
  • Get educated. Some parents find it helpful to use the same apps as their child to better understand how it works and what safety threats might be relevant. Facebook also offers resources online that provide guidance for staying safe, such as how and when to block a user and what kind of content is or isn’t risky to share. Additionally, it’s always a best practice to read the terms and conditions of an app before downloading to make sure you’re aware of what your child is signing up for.
  • Keep an open dialogue about online safety. It’s important to discuss your child’s online activities with them and walk them through best internet practices, such as changing passwords every so often and not clicking on links from unknown sources. That way, they’ll be better prepared for potential cyberthreats. Making the internet a part of the conversion will also help your child feel comfortable coming to you about things they might be skeptical about online.
  • Consider leveraging a security solution with parental controls. Depending on your child’s age and how much of a window you want into their online behaviors, you can leverage a solution such as McAfee Safe Family that can be helpful for creating a safe online environment. You can block certain websites and create predefined rules, which will help prevent your child from sharing comprising information.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post 4 Ways for Parents to Handle the Facebook Messenger Bug appeared first on McAfee Blogs.

Downloaded FaceApp? Here’s How Your Privacy Is Now Affected

If you’ve been on social media recently, you’ve probably seen some people in your feed posting images of themselves looking elderly. That’s because FaceApp, an AI face editor that went viral in 2017, is making a major comeback with the so-called FaceApp Challenge — where celebrities and others use the app’s old age filter to add decades onto their photos. While many folks have participated in the fun, there are some concerns about the way that the app operates when it comes to users’ personal privacy.

According to Forbes, over 100,000 million people have reportedly downloaded FaceApp from the Google Play Store and the app is the number one downloaded app on the Apple App Store in 121 different countries. But what many of these users are unaware of is that when they download the app, they are granting FaceApp full access to the photos they have uploaded. The company can then use these photos for their benefit, such as training their AI facial recognition algorithm. And while there is currently nothing to indicate that the app is taking photos for malicious intent, it is important for users to be aware that their personal photos may be used for other purposes beyond the original intent.

So, how can users enjoy the entertainment of apps like FaceApp without sacrificing their privacy? Follow these tips to help keep your personal information secure:

  • Think before you upload. It’s always best to err on the side of caution with any personal data and think carefully about what you are uploading or sharing. A good security practice is to only share personal data, including personal photos, when it’s truly necessary.
  • Update your settings. If you’re concerned about FaceApp having permission to access your photos, it’s time to assess the tools on your smartphone. Check which apps have access to information like your photos and location data. Change permissions by either deleting the app or changing your settings on your device.
  • Understand and read the terms. Consumers can protect their privacy by reading the Privacy Policy and terms of service and knowing who they are dealing with.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Downloaded FaceApp? Here’s How Your Privacy Is Now Affected appeared first on McAfee Blogs.

How to Prevent Insider Data Breaches at your Business

Guest article by Dan Baker of SecureTeam

Majority of security systems are installed to try and forestall any external threats to a business’ network, but what about the security threats that are inside your organisation and your network?

Data breaches have the potential to expose a large amount of sensitive, private or confidential information that might be on your network. Insider threats are a significant threat to your business and are increasingly being seen as an issue that needs dealing with.

SecureTeam are experts in cybersecurity and provide a variety of cybersecurity consultation solutions to a range of businesses. They have used their extensive knowledge of internal network security to write this handy guide to help businesses protect themselves from insider data breaches.

Who is considered an Insider Threat?

Insider threats can come from a variety of different sources and can pose a risk to your business that you might not have considered.

Malicious Insider 
This is when an employee who might have legitimate access to your network has malicious intentions and uses that access to intentionally leak confidential data. Employees who intentionally provide access to the network to an external attacker are also included in this threat.

Accidental Insider
This is when an employee makes an honest mistake that could result in a data breach. Something as simple as opening a malicious link in an email or sending sensitive information to the wrong recipient are all considered data breaches. The main cause of accidental insider data breaches is poor employee education around security and data protection and can be avoided by practising good security practices.

Third Party
There is a data protection risk that arises when third-party contractors or consultants are provided with permission to access certain areas of the network. They could, intentionally or unintentionally, use their permission to access private information and potentially cause a data breach. Past employees who haven’t had their security access revoked could also access confidential information they are no longer entitled too and could be seen as a threat.

Social Engineers
Although this threat is technically external a social engineers aim is to exploit employees by interacting with them and then attempting to manipulate them into providing access to the network or revealing sensitive information.

Data breaches from internal threats have the potential to cause the loss of sensitive or confidential information that can damage your business’ reputation and cost you a significant amount of money. There are some ways you can attempt to prevent insider data breaches, however. 

How to prevent Data Breaches

There are a few simple ways you can try to prevent an internal data breach, including:

Identify your Sensitive Data
The first step to securing your data is to identify and list all of the private information that you have stored in your network and taking note of who in your organisation has access to it. By gathering all of this information you are able to secure it properly and create a data protection policy which will help keep your sensitive data secure.

Create a Data Protection Policy
A data protection policy should outline the guidelines regarding the handling of sensitive data, privacy and security to your employees. By explaining to your staff what they are expected to do when handling confidential information you reduce the risk of an accidental insider data breach.

Create a Culture of Accountability
Both employees and managers should be aware of and understand their responsibilities and the responsibilities of their team when it comes to the handling of sensitive information. By making your team aware of their responsibilities and the consequences of mistakes and negative behaviour you can create a culture of accountability. This also has the more positive effect of highlighting any issues that exist before they develop into full problems which can then be dealt with training or increased monitoring.

Utilise Strong Credentials & Access Control
By making use of stronger credentials, restricting logins to an onsite location and preventing concurrent logins you can make your network stronger and remove the risk of stolen credentials being used to access the network from an external location.

Review Accounts and Privileged Access
It is important that you regularly review your user's privileges and account logins to ensure that any dormant accounts no longer have access to private information and that users don’t have unnecessary access to data. This helps to reduce the risks of both accidental and malicious insider data breaches.

Conclusion
The threat of an insider data breach continues to be an issue to businesses throughout a range of sectors. However, by putting a plan in place for these insider security threats it improves the speed and effectiveness of your response to any potential issues that arise.

It is sensible to assume that most, if not all, businesses will come under attack eventually and by taking the threat seriously and adhering to the best security practices then you can help to prevent an attack turning into a full-blown data breach.

Is Your Smart Home Secure? 5 Tips to Help You Connect Confidently

With so many smart home devices being used today, it’s no surprise that users would want a tool to help them manage this technology. That’s where Orvibo comes in. This smart home platform helps users manage their smart appliances such as security cameras, smart lightbulbs, thermostats, and more. Unfortunately, the company left an Elasticsearch server online without a password, exposing billions of user records.

The database was found in mid-June, meaning it’s been exposed to the internet for two weeks. The database appears to have cycled through at least two billion log entries, each containing data about Orvibo SmartMate customers. This data includes customer email addresses, the IP address of the smart home devices, Orvibo usernames, and hashed passwords.

 

More IoT devices are being created every day and we as users are eager to bring them into our homes. However, device manufacturers need to make sure that they are creating these devices with at least the basic amount of security protection so users can feel confident utilizing them. Likewise, it’s important for users to remember what risks are associated with these internet-connected devices if they don’t practice proper cybersecurity hygiene. Taking the time to properly secure your devices can mean the difference between a cybercriminal accessing your home network or not. Check out these tips to help you remain secure when using your IoT devices:

  • Research before you buy. Although you might be eager to get the latest device, some are made more secure than others. Look for devices that make it easy to disable unnecessary features, update software, or change default passwords. If you already have an older device that lacks these features, consider upgrading.
  • Safeguard your devices. Before you connect a new IoT device to your network, be sure to change the default username and password to something strong and unique. Hackers often know the default settings of various IoT devices and share them online for others to expose. Turn off other manufacturer settings that don’t benefit you, like remote access, which could be used by cybercriminals to access your system.
  • Update, update, update. Make sure that your device software is always up-to-date. This will ensure that you’re protected from any known vulnerabilities. For some devices, you can even turn on automatic updates to ensure that you always have the latest software patches installed.
  • Secure your network. Just as it’s important to secure your actual device, it’s also important to secure the network it’s connected to. Help secure your router by changing its default name and password and checking that it’s using an encryption method to keep communications secure. You can also look for home network routers or gateways that come embedded with security software like McAfee Secure Home Platform.
  • Use a comprehensive security solution. Use a solution like McAfee Total Protection to help safeguard your devices and data from known vulnerabilities and emerging threats.

And, as always, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home  on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Is Your Smart Home Secure? 5 Tips to Help You Connect Confidently appeared first on McAfee Blogs.

#Verified or Phishing Victim? 3 Tips to Protect Your Instagram Account

If you’re an avid Instagram user, chances are you’ve come across some accounts with a little blue checkmark next to the username. This little blue tick is Instagram’s indication that the account is verified. While it may seem insignificant at first glance, this badge actually means that Instagram has confirmed that the account is an authentic page of a public figure, celebrity, or global brand. In today’s world of social media influencers, receiving a verified badge is desirable so other users know you’re a significant figure on the platform. However, cybercriminals are taking advantage of the appeal of being Instagram verified as a way to convince users to hand over their credentials.

So, how do cybercriminals carry out this scheme? According to security researcher Luke Leal, this scam was distributed as a phishing page through Instagram. The page resembled a legitimate Instagram submission page, prompting victims to apply for verification. After clicking on the “Apply Now” button, victims were taken to a series of phishing forms with the domain “Instagramforbusiness[.]info.” These forms asked users for their Instagram logins as well as confirmation of their email and password credentials. However, if the victim submitted the form, their Instagram credentials would make their way into the cybercriminal’s email inbox. With this information, the cybercrooks would have unauthorized access to the victim’s social media page. What’s more, since this particular phishing scam targets a user’s associated email login, hackers would have the capability of resetting and verifying ownership of the victim’s account.

Whether you’re in search of an Instagram verification badge or not, it’s important to be mindful of your cybersecurity. And with Social Media Day right around the corner, check out these tips to keep your online profiles protected from phishing and other cyberattacks:

  • Exercise caution when inspecting links. If you examine the link used for this scam (Instagramforbusiness[.]info), you can see that it is not actually affiliated with Instagram.com. Additionally, it doesn’t use the secure HTTPS protocol, indicating that it is a risky link. Always inspect a URL before you click on it. And if you can’t tell whether a link is malicious or not, it’s best to avoid interacting with it altogether.
  • Don’t fall for phony pages. If you or a family member is in search of a verified badge for their Instagram profile, make sure they are familiar with the process. Instagram users should go into their own account settings and click on “Request on verification” if they are looking to become verified. Note that Instagram will not ask for your email or password during this process, but will send you a verification link via email instead.
  • Reset your password. If you suspect that a hacker is attempting to gain control of your account, play it safe by resetting your password.

And, as usual, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home  on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post #Verified or Phishing Victim? 3 Tips to Protect Your Instagram Account appeared first on McAfee Blogs.

Catch a Ride Via Wearable

More often than not, commuters and travelers alike want to get to their destination quickly and easily. The advent of wearable payments helps make this a reality, as passengers don’t have to pull out a wallet or phone to pay for entry. Adding to that, users are quickly adopting wearable technology that has this payment technology embedded, causing transportation systems to take notice and adopt corresponding technology as a result. Unfortunately, there’s a chance this rapid adoption may catch the eye of cybercriminals as well.

Just last month, the New York City Subway system introduced turnstiles that open with a simple wave of a wearable, like an Apple Watch or Fitbit. Wearables may provide convenience and ease, but they also provide an open door to cybercriminals. With more connections to secure, there are more vectors for vulnerabilities and potential cyberthreats. This is especially the case with wearables, which often don’t have security built-in from the start.

App developers and manufacturers are hard-pressed to keep up with innovation, so security isn’t always top of mind, which puts user data at risk. As one of the most valuable things cybercriminals can get ahold of, the data stored on wearables can be used for a variety of purposes. These threats include phishing, gaining access to online accounts, or transferring money illegally. While the possibility of these threats looms, the adoption of wearables shows no sign of slowing down, with an estimated 1.1 billion in use by 2022. This means developers, manufacturers, and users need to work together in order to keep these handy gadgets secure and cybercriminals out.

Both consumers and transport systems need to be cautious of how wearables can be used to help, or hinder, us in the near future. Rest assured, even if cybercriminals utilize this technology, McAfee’s security strategy will continue to keep pace with the ever-changing threat landscape. In the meantime, consider these tips to stay secure while traveling to your destination:

  • Always keep your software and apps up-to-date.It’s a best practice to update software and apps when prompted to help fix vulnerabilities when they’re found.
  • Add an extra layer of security. Since wearables connect to smartphones, if it becomes infected, there is a good chance the connected smartphone will be impacted as well. Invest in comprehensive mobile security to apply to your mobile devices to stay secure while on-the-go.
  • Clear your data cache. As previously mentioned, wearables hold a lot of data. Be sure to clear your cache every so often to ensure it doesn’t fall into the wrong hands.
  • Avoid storing critical information. Social Security Numbers (SSN), bank account numbers, and addresses do not need to be stored on your wearable. And if you’re making an online purchase, do so on a laptop with a secure connection.
  • Connect to public Wi-Fi with caution. Cybercriminals can use unsecured public Wi-Fi as a foothold into a wearable. If you need to connect to public Wi-Fi, use a virtual private network, or VPN, to stay secure.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Catch a Ride Via Wearable appeared first on McAfee Blogs.

3 Tips Venmo Users Should Follow to Keep Their Transactions Secure

You’ve probably heard of Venmo, the quick and convenient peer-to-peer mobile payments app. From splitting the check when eating out with friends to dividing the cost of bills, Venmo is an incredibly easy way to share money. However, users’ comfort with the app can sometimes result in a few negligent security practices. In fact, computer science student Dan Salmon recently scraped seven million Venmo transactions to prove that users’ public activity can be easily obtained if they don’t have the right security settings flipped on. Let’s explore his findings.

By scraping the company’s developer API, Salmon was able to download millions of transactions across a six-month span. That means he was able to see who sent money to who, when they sent it, and why – just as long as the transaction was set to “public.” Mind you, Salmon’s download comes just a year after that of a German researcher, who downloaded over 200 million transactions from the public-by-default app last year.

These data scrapes, if anything, act as a demonstration. They prove to users just how crucial it is to set up online mobile payment apps with caution and care. Therefore, if you’re a Venmo or other mobile payment app user, make sure to follow these tips in order to keep your information secure:

  • Set your settings to “private” immediately. Only the sender and receiver should know about a monetary transaction in the works. So, whenever you go to send money on Venmo or any other mobile payment app, make sure the transaction is set to “private.” For Venmo users specifically, you can flip from “public” to “private” by just toggling the setting at the bottom right corner of main “Pay or Request” page.
  • Limit the amount of data you share. Just because something is designed to be social doesn’t mean it should become a treasure trove of personal data. No matter the type of transaction you’re making, always try to limit the amount of personal information you include in the corresponding message. That way, any potential cybercriminals out there won’t be able to learn about your spending habits.
  • Add on extra layers of security. Beyond flipping on the right in-app security settings, it’s important to take any extra precautions you can when it comes to protecting your financial data. Create complex logins to your mobile payment apps, participate in biometric options if available, and ensure your mobile device itself has a passcode as well. This will all help ensure no one has access to your money but you.

And, as always, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post 3 Tips Venmo Users Should Follow to Keep Their Transactions Secure appeared first on McAfee Blogs.

Bargain or Bogus Booking? Learn How to Securely Plan Summer Travel

With summertime just around the corner, families are eagerly looking to book their next getaway. Since vacation is so top-of-mind during the summer months, users are bound to come across websites offering cheap deals on flights, accommodations, and other experiences and activities. With so many websites claiming to offer these “can’t-miss deals,” how do you know who to trust?

It turns out that this is a common concern among folks looking for a little summer getaway. According to our recent survey of 8,000 people across the UK, US, Canada, Australia, France, Germany, Spain, and Singapore, 54% of respondents worry about their identity being stolen while booking and purchasing travel and accommodation online. However, 27% don’t check the authenticity of a website before booking their vacation online. Over half of these respondents say that it doesn’t cross their minds to do so.

These so-called “great deals” can be difficult to pass up. Unfortunately, 30% of respondents have been defrauded thanks to holiday travel deals that were just too good to be true. What’s more, 46.3% of these victims didn’t realize they had been ripped off until they arrived at their holiday rental to find that the booking wasn’t actually valid.

In addition to avoiding bogus bookings, users should also refrain from risky online behavior while enjoying their summer holidays. According to our survey, 44.5% of respondents are putting themselves at risk while traveling by not checking the security of their internet connection or willingly connecting to an unsecured network. 61% also stated that they never use a VPN, while 22% don’t know what a VPN is.

Unfortunately, travel-related attacks aren’t limited to just travelers either; hotels are popular targets for cybercriminals. According to analysis conducted by the McAfee Advanced Threat Research team, the most popular attack vectors are POS malware and account hijacking. Due to these attacks, eager vacationers have had their customer payment, credit card data, and personally identifiable information stolen. In order for users to enjoy a worry-free vacation this summer, it’s important that they are aware of the potential cyberthreats involved when booking their trips online and what they can do to prevent them.

We here at McAfee are working to help inform users of the risks they face when booking through unsecured or unreliable websites as well as when they’re enjoying some summertime R&R. Check out the following tips so you can enjoy your vacation without questioning the status of your cybersecurity:

  • Always connect with caution. If you need to conduct transactions on a public Wi-Fi connection, use a virtual private network (VPN) to help keep your connection secure.
  • Think before you click. Often times, cybercriminals use phishing emails or fake sites to lure consumers into clicking links for products or services that could lead to malware. If you receive an email asking you to click on a link with a suspicious URL, it’s best to avoid interacting with the message altogether.
  • Browse with security protection. Use a comprehensive security solution, like McAfee Total Protection, which includes McAfee WebAdvisor that can help identify malicious websites.
  • Utilize an identity theft solution. With all this personal data floating around online, it’s important to stay aware of any attempts to steal your identity. Use an identity theft solution, such as McAfee Identity Theft Protection, that can help protect personally identifiable information from identity theft and fraud.

And, as always, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Bargain or Bogus Booking? Learn How to Securely Plan Summer Travel appeared first on McAfee Blogs.

1.1M Emuparadise Accounts Exposed in Data Breach

If you’re an avid gamer or know someone who is, you might be familiar with the retro gaming site Emuparadise. This website boasts a large community, a vast collection of gaming music, game-related videos, game guides, magazines, comics, video game translations, and more. Unfortunately, news just broke that Emuparadise recently suffered a data breach in April 2018, exposing the data of about 1.1 million of their forum members.

The operators of the hacked-database search engine, DeHashed, shared this compromised data with the data breach reference site Have I Been Pwned. According to the site’s owner Troy Hunt, the breach impacted 1,131,229 accounts and involved stolen email addresses, IP addresses, usernames, and passwords stored as salted MD5 hashes. Password salting is a process of securing passwords by inputting unique, random data to users’ passwords. However, the MD5 algorithm is no longer considered sufficient for protecting passwords, creating cause for cybersecurity concern.

Emuparadise forced a credential reset after the breach occurred in April 2018. It’s important that users of Emuparadise games take steps to help protect their private information. If you know someone who’s an avid gamer, pass along the following tips to help safeguard their security:

  • Change up your password. If you have an Emuparadise account, you should change up your account password and email password immediately. Make sure the next one you create is strong and unique so it’s more difficult for cybercriminals to crack. Include numbers, lowercase and uppercase letters, and symbols. The more complex your password is, the better!
  • Keep an eye out for sketchy emails and messages. Cybercriminals can leverage stolen information for phishing emails and social engineering scams. If you see something sketchy or from an unknown source in your email inbox, be sure to avoid clicking on any links provided.
  • Check to see if you’ve been affected. If you or someone you know has made an Emuparadise account, use this tool to check if you could have been potentially affected.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow me and @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post 1.1M Emuparadise Accounts Exposed in Data Breach appeared first on McAfee Blogs.

Say So Long to Robocalls

For as long as you’ve had a phone, you’ve probably experienced in one form or another a robocall. These days it seems like they are only becoming more prevalent too. In fact, it was recently reported that robocall scams surged to 85 million globally, up 325% from 2017. While these scams vary by country, the most common type features the impersonation of legitimate organizations — like global tech companies, big banks, or the IRS — with the goal of acquiring user data and money. When a robocall hits, users need to be careful to ensure their personal information is protected.

It’s almost impossible not to feel anxious when receiving a robocall. Whether the calls are just annoying, or a cybercriminal uses the call to scam consumers out of cash or information, this scheme is a big headache for all. To combat robocalls, there has been an uptick in apps and government intervention dedicated to fighting this ever-present annoyance. Unfortunately, things don’t seem to be getting better — while some savvy users are successful at avoiding these schemes, there are still plenty of other vulnerable targets.

Falling into a cybercriminal’s robocall trap can happen for a few reasons. First off, many users don’t know that if they answer a robocall, they may trigger more as a result. That’s because, once a user answers, hackers know there is someone on the other end of the phone line and they have an incentive to keep calling. Cybercriminals also have the ability to spoof numbers, mimic voices, and provide “concrete” background information that makes them sound legitimate. Lastly, it might surprise you to learn that robocalls are actually perfectly legal. It starts to become a grey area, however, when calls come through from predatory callers who are operating on a not-so-legal basis.

While government agencies, like the Federal Communications Commission and Federal Trade Commission, do their part to curb robocalls, the fight to stop robocalls is far from over, and more can always be done. Here are some proactive ways you can say so long to pesky scammers calling your phone.

  1. There’s an app for that. Consider downloading the app Robokiller that will stop robocalls before you even pick up. The app’s block list is constantly updating, so you’re protected.
  2. Let unknown calls go to voicemail. Unless you recognize the number, don’t answer your phone.
  3. Never share personal details over the phone. Unfortunately, there’s a chance that cybercriminals may have previously obtained some of your personal information from other sources to bolster their scheme. However, do not provide any further personal or financial information over the phone, like SSNs or credit card information.
  4. Register for the FCC’s “Do Not Call” list. This can help keep you protected from cybercriminals and telemarketers alike by keeping your number off of their lists.
  5. Consider a comprehensive mobile security platform. Utilize the call blocker capability feature from McAfee Mobile Security. This tool can help reduce the number of calls that come through.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Say So Long to Robocalls appeared first on McAfee Blogs.

4 Tips to Protect Your Information During Medical Data Breaches

As the companies we trust with our data become more digital, it’s important for users to realize how this affects their own cybersecurity. Take your medical care provider, for instance. You walk into a doctor’s office and fill out a form on a clipboard. This information is then transferred to a computer where a patient Electronic Health Record is created or added to. We trust that our healthcare provider has taken the proper precautions to safely store this data. Unfortunately, medical data breaches are on the rise with a 70% increase over the past seven years. In fact, medical testing company LabCorp just announced that it experienced a breach affecting approximately 7.7 million customers.

How exactly did this breach occur? The information was exposed as a result of an issue with a third-party billing collections vendor, American Medical Collection Agency (AMCA). The information exposed includes names, addresses, birth dates, balance information, and credit card or bank account information provided by customers to AMCA. This breach comes just a few days after Quest Diagnostics, another company who worked with AMCA, announced that they too experienced a breach affecting 11.9 million users.

Luckily, LabCorp stated that they do not store or maintain Social Security numbers and insurance information for their customers. Additionally, the company provided no ordered test, lab results, or diagnostic information to AMCA. LabCorp stated that they intend to provide 200,000 affected users with more specific information regarding the breach and offer them with identity protection and credit monitoring services for two years. And after receiving information on the possible security compromise, AMCA took down its web payments page and hired an external forensics firm to investigate the situation.

Medical data is essentially nonperishable in nature, making it extremely valuable to cybercrooks. It turns out that quite a few security vulnerabilities exist in the healthcare industry, such as unencrypted traffic between servers, the ability to create admin accounts remotely, and disclosure of private information. These types of vulnerabilities could allow cybercriminals to access healthcare systems, as our McAfee Labs researchers discovered. If someone with malicious intent did access the system, they would have the ability to permanently alter medical images, use medical research data for extortion, and more.

Cybercriminals are constantly pivoting their tactics and changing their targets in order to best complete their schemes. As it turns out, medical data has become a hot commodity for cybercrooks. According to the McAfee Labs Threats Report from March 2018, the healthcare sector has experienced a 210% increase in publicly disclosed security incidents from 2016 to 2017. The McAfee Advanced Threat Research Team concluded that many of the incidents were caused by failures to comply with security best practices or to address vulnerabilities in medical software.

While medical care providers should do all that they can to ensure the security of their patients, there are steps users can take to help maintain their privacy. If you think your personal or financial information might be affected by the recent breaches, check out the following tips to help keep your personal data secure:

  • Place a fraud alert.If you suspect that your data might have been compromised, place a fraud alert on your credit. This not only ensures that any new or recent requests undergo scrutiny, but also allows you to have extra copies of your credit report so you can check for suspicious activity.
  • Freeze your credit.Freezing your credit will make it impossible for criminals to take out loans or open up new accounts in your name. To do this effectively, you will need to freeze your credit at each of the three major credit-reporting agencies (Equifax, TransUnion, and Experian).
  • Consider using identity theft protection.A solution like McAfee Identify Theft Protection will help you to monitor your accounts, alert you of any suspicious activity, and help you to regain any losses in case something goes wrong.
  • Be vigilant about checking your accounts.If you suspect that your personal data has been compromised, frequently check your bank account and credit activity. Many banks and credit card companies offer free alerts that notify you via email or text messages when new purchases are made, if there’s an unusual charge, or when your account balance drops to a certain level. This will help you stop fraudulent activity in its tracks.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow me and @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post 4 Tips to Protect Your Information During Medical Data Breaches appeared first on McAfee Blogs.

Attention Graphic Designers: It’s Time to Secure Your Canva Credentials

Online graphic design tools are extremely useful when it comes to creating resumes, social media graphics, invitations, and other designs and documents. Unfortunately, these platforms aren’t immune to malicious online activity. Canva, a popular Australian web design service, was recently breached by a malicious hacker, resulting in 139 million user records compromised.

So, how was this breach discovered? The hacker, who goes by the name GnosticPlayers, contacted a security reporter from ZDNet on May 24th and made him aware of the situation. The hacker claims to have stolen data pertaining to 1 billion users from multiple websites. The compromised data from Canva includes names, usernames, email addresses, city, and country information.

Canva claims to securely store all user passwords using the highest standards via a Bcrypt algorithm. Bcrypt is a strong, slow password-hashing algorithm designed to be difficult and time-consuming for hackers to crack since hashing causes one-way encryption. Additionally, each Canva password was salted, meaning that random data was added to passwords to prevent revealing identical passwords used across the platform. According to ZDNet, 61 million users had their passwords encrypted with the Bcrypt algorithm, resulting in 78 million users having their Gmail addresses exposed in the breach.

Canva has notified users of the breach through email and ensured that their payment card and other financial data is safe. However, even if you aren’t a Canva user, it’s important to be aware of what cybersecurity precautions you should take in the event of a data breach. Check out the following tips:

  • Change your passwords. As an added precaution, Canva is encouraging their community of users to change their email and Canva account passwords. If a cybercriminal got a hold of the exposed data, they could gain access to your other accounts if your login credentials were the same across different platforms.
  • Check to see if you’ve been affected. If you’ve used Canva and believe your data might have been exposed, use this tool to check or set an alert to be notified of other potential data breaches.
  • Secure your personal data. Use a security solution like McAfee Identity Theft Protection. If your information is compromised during a breach, Identity Theft Protection helps monitor and keep tabs on your data in case a cybercriminal attempts to use it.

And, as always, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Attention Graphic Designers: It’s Time to Secure Your Canva Credentials appeared first on McAfee Blogs.

Game Golf Exposure Leaves Users in a Sand Trap of Data Concerns

Apps not only provide users with a form of entertainment, but they also help us become more efficient or learn new things. One such app is Game Golf, which comes as a free app, a paid pro version with coaching tools, or with a wearable analyzer. With over 50,000 downloads on Google Play, the app helps golfers track their on-course performance and use the data to help improve their game. Unfortunately, millions of golfer records from the Game Golf app were recently exposed to anyone with an internet connection, thanks to a cloud database lacking password protection.

According to researchers, this exposure consisted of millions of records, including details on 134 million rounds of golf, 4.9 million user notifications, and 19.2 million records in an activity feed folder. Additionally, the database contained profile data like usernames, hashed passwords, emails, gender, Facebook IDs, and authorization tokens. The database also contained network information for the company behind the Game Golf app, Game Your Game Inc., including IP addresses, ports, pathways, and storage information that cybercrooks could potentially exploit to further access the network. A combination of all of this data could theoretically provide cybercriminals with more information on the user, creating greater privacy concerns. Thankfully, the database was secured about two weeks after the company was initially notified of the exposure.

Although it is still unclear as to whether cybercriminals took a swing at this data, the magnitude of the information exposed by the app is cause for concern. Luckily, users can follow these tips to help safeguard their data:

  • Change your passwords. If a cybercriminal got a hold of the exposed data, they could easily gain access into other online accounts if your login credentials were the same across different platforms. Err on the side of caution and change your passwords to something strong and unique for each account.
  • Check to see if you’ve been affected. If you’ve used the Game Golf app and believe your data might have been exposed, use this tool to check or set an alert to be notified of other potential exposures.
  • Secure your online profiles. Use a security solution like McAfee Safe Connect to encrypt your online activity, help protect your privacy by hiding your IP address, and better defend against cybercriminals.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Game Golf Exposure Leaves Users in a Sand Trap of Data Concerns appeared first on McAfee Blogs.

The iOS Twitter Bug: 3 Tips to Protect Your Location Data

Many of us use social media to keep our family and friends up-to-date on our everyday lives. We don’t typically expect social media companies to keep their partners updated on our every move as well. But for some Twitter users, this is exactly the situation they’ve found themselves in. On Monday afternoon, the social media company disclosed a bug that resulted in some Twitter users’ locations being shared with an unnamed Twitter partner.

So, how exactly did this bug disclose the locations of certain Twitter users? The social network accidentally sent advertising partners location data for a process called real-time bidding. This process lets advertisers pay for space based on certain users’ locations. Twitter intended to remove the location data from what it sent to its partners but failed to do so. Affected users include those who had more than one Twitter account on an iOS device. If the user chose to share their precise location on one account, Twitter says it may have collected and shared data for the other account on the same mobile device even if that account had opted out of location sharing. Although the location data was “fuzzed” to only show a ZIP code or city, it is still unclear as to how long this location sharing took place.

According to Twitter, the location data was not retained by the partner and they have fixed the problem to ensure that it doesn’t happen again. And while affected users have already been notified by the social network, there are some steps users can take to help protect their data:

  • Turn off location services. While social media is meant for sharing, there is some information, like your location, that ought to be kept private. If a cybercriminal knows where you are at a specific point in time, they could potentially use that information to your disadvantage. Consider your overall privacy and opt out of sharing your location data with social media platforms.
  • Update, update, update. No matter what type of bug might be affecting a certain platform, it’s always crucial to keep your software up-to-date. Turning on automatic updates will ensure that you are always equipped with the latest patches and security fixes.
  • Use a comprehensive security solution. Using a solution like McAfee Total Protection helps to add an extra layer of security in case a bug does expose your device or data.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post The iOS Twitter Bug: 3 Tips to Protect Your Location Data appeared first on McAfee Blogs.

Privacy Awareness Week 2019 – Are You In The Dark About Your Online Privacy?

If you haven’t given your online privacy much attention lately then things need to change. In our era of weekly data breaches, the ‘I’ve got nothing to hide’ excuse no longer cuts it. In my opinion, ensuring your privacy is protected online is probably more important than protecting your home and car! A sloppy approach to online privacy can have devastating ramifications to your financial health, your career and even your physical wellbeing.

This week is Privacy Awareness Week in Australia – a great reminder to give our online privacy a ‘check-up’ and work out what we can do to ensure the information we share online (and who sees it) is locked down.

What Do We Need to Protect?

When we think about online privacy, we often think about protecting our password and financial data online. But it’s a little more complicated. There are 2 categories of information that we share in our online life that requires protection.

  1. Personally Identifying Information (PII) – this includes our name, birthdate, address and Medicare number
  2. Non-Personally Identifying Information – this includes the information about what we do online. It’s a combination of the websites we visit, what we buy online, our online searches and the pages we like on our social media profiles. Our online activity creates a digital folder about ourselves and many companies just love this data so they can send targeted ads your way. Ever wondered why you receive ads about holiday destinations after a few wishful holiday Google searches?

Without adequate online privacy, all the information about our online activities can be collected and analysed by third parties. In fact, data collected (legally) about you by websites can be very lucrative! Companies, known as data brokers, collect and maintain data on millions on people and charge handsomely for their services!

Why Do I Need To Worry About My Online Privacy?

Just think for a moment about some of the information that is stored about you online…

  • Your PII is stored in the background of probably every online account you have including social media, news and banking
  • Your online banking and superannuation sites contain details of all your accounts and your net worth
  • Your health and taxation records maybe accessible online which may contain sensitive information you would prefer not to be shared
  • If you haven’t disabled location services on your phone, your whereabouts can be tracked by clever parties on a daily basis
  • Your pictures and videos

While some of this information is stored without your control, there are steps you can take to tighten up access.

Now, think about your daily online activity…

  • Anything you order online via your web browser can be recorded
  • Anytime you send an email with sensitive information, there is a risk this will also be shared
  • Anytime you pay on the go using a facility like Apple Pay, your purchase will be tracked
  • Anything you search for, the articles you read, the movie tickets you buy and even your weekly online grocery order can be tracked

If this comes as a shock to you then you’re not alone. Many Aussies have been in the dark about what information is available about them online. But, don’t throw the towel in – there are strategies to tighten up your online privacy.

How To Get Your Online Privacy Under Control

There are a few simple steps you can take to lock down your valuable online information. So, make yourself a nice cuppa and let’s get to work:

  1. Manage Your Passwords

Your online passwords are as important as your house keys. In fact, in many cases, it is the only thing stopping cybercriminals from accessing our vital information that we have saved online. So, if you want to tighten up access to your online banking, your social media platforms and your favourite online shopping sites then you need to think carefully about how you manage your passwords.

Passwords need to be complex and unique with at least 8-10 characters and a combination of letters, numbers and symbols. And each of your online accounts should have a separate password which should be changed regularly. Too hard? Consider a Password Manager which creates and manages complex passwords for each of your online accounts – a complete no brainer!! McAfee’s Total Protection software includes a Password Manager which stores, auto-fills and generates unique passwords for all your online accounts. All you need to do is remember one master password! Easy!

And don’t forget, if one of your online accounts is affected by a data breach, then you need to change that password ASAP. If you have a password manager, simply have it generate another password for you.

  1. Use Public Wi-Fi With Caution

If you are serious about your online privacy then you need to use public Wi-Fi sparingly. Unsecured public Wi-Fi is a very risky business. Anything you share could easily find its way into the hands of cybercriminals. So, please avoid sharing any sensitive or personal information while using public Wi-Fi. If you travel regularly or spend the bulk of your time on the road then consider investing in a VPN. A VPN (Virtual Private Network) encrypts your activity which means your login details and other sensitive information is protected. McAfee has a great VPN product called Safe Connect. An excellent insurance policy!

  1. Use 2-Factor Authentication

Adding an additional layer of security to protect yourself when accessing your online accounts is another great way of guarding your online privacy. Turn on two-factor authentication for Google, Dropbox, Facebook and whatever other site offers it. For those new to this option, this means that in addition to your password, you will need to provide another form of identification to ensure you are who you say you are. Most commonly, this is a code sent to your mobile phone or generated by a smart phone app.

  1. Keep Your Software Updated

Software updates and patches are often designed to address a security vulnerability so ALWAYS install them so the bad guys can’t take advantage of security hole in your system. If it all becomes to hard, why not automate the updates?

  1. Invest in Security Software for ALL Your Devices

Installing comprehensive security software on all your devices including laptops, tablets and smartphones adds another layer of protection to your vital online information. Check out McAfee’s Total Protection software that will ensure you and your devices are protected against viruses, malware spyware and ransomware.

  1. Consider a Search Engine that Doesn’t Track Your Every Move Online

If you would prefer that your search engines didn’t collect and store the information you enter then consider an alternative ‘privacy focussed’ search engine. Check out DuckDuckGo that doesn’t profile users or track or sell your information to third parties.

  1. Delete All Cookies

Cookies are another way your online activity can be tracked. While some are harmless and used to simply remember things about you such as your login information and language, others known as  tracking cookies remain permanently constantly gathering information about your behaviour and what you click on. So, let’s get rid of them! Head into your web browser’s Privacy settings and clean them out.

So, let’s get our online privacy under control this Privacy Awareness Week. But don’t forget about your kids and elderly relatives too! Proactively managing one’s online privacy needs to be a priority for everyone. Why not start a conversation at the dinner table? Perhaps give the family a daily privacy related task every day during Privacy Awareness Week? For example:

Monday – Clean up your passwords or set up a Password Manager

Tuesday –  Research a VPN

Wednesday – Set up 2 factor authentication

Thursday – Ensure all your software is up to date and set up auto-updates where possible

Friday – Research privacy focussed search engines and delete all cookies

Over to you mums and dads. Would love to hear how you go.

Alex xx

 

 

The post Privacy Awareness Week 2019 – Are You In The Dark About Your Online Privacy? appeared first on McAfee Blogs.

Avoid a Security Endgame: Learn About the Latest “Avengers” Scam

Marvel Studio’s $2.2 billion box-office hit “Avengers: Endgame” has quickly risen to the second-highest grossing film of all time in its first two weekends. Not surprisingly, cybercriminals have wasted no time in capitalizing on the movie’s success by luring victims with free digital downloads of the film. How? By tempting users with security shortcuts so they can watch the film without worrying about spoilers or sold-out movie tickets.

When a victim goes to download the movie from one of the many scam sites popping up around the web, the streaming appears to begin automatically. What the user doesn’t know is that the footage being streamed is just from the movie’s trailer. Soon after, a message pops up stating that the user needs to create an account to continue with the download. The “free” account prompts the user to create a username and password in advance, which could potentially be useful for cybercriminals due to the common practice of password reuse. Once a victim creates an account, they are asked for billing information and credit card details in order to “verify location” and make sure the service is “licensed to distribute” the movie in the victim’s region. These crooks are then able to scrape the victim’s personal and financial data, potentially leading to online account hacks, stolen funds, identity theft, and more.

Luckily, Marvel fans can protect their online data to avoid a cybersecurity endgame by using the following tips:

  • Look out for potential scam activity. If it seems too good to be true, then it probably is. Be wary of websites promising free movie downloads, especially for movies that are still in theaters.
  • Shield your financial data. Be suspicious of “free downloads” that still require you to fill out billing information. If an unknown website asks for your credit card information or your bank account data, it’s best to avoid the site altogether.
  • Make sure your credentials are unique. With this scam, threat actors could use the login credentials provided by the victim to access their other accounts if they didn’t have a unique login. Avoiding username and password reuse makes it a lot harder for cybercriminals to hack into your other online accounts if they gain access to one.
  • Assemble a team of comprehensive security tools. Using a tool like McAfee WebAdvisor can help you avoid dangerous websites and links and will warn you in the event that you do accidentally click on something malicious.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Avoid a Security Endgame: Learn About the Latest “Avengers” Scam appeared first on McAfee Blogs.

Business Intelligence is the Key to Stronger Cybersecurity – Here’s Why

Cybersecurity has been moving further and further towards the top of the corporate agenda for a number of years now, and for very good reason. Yet, how much do we understand about the importance of analytics when staying protected?

According to a recent study by McAfee Labs, 480 new data security threats were discovered every minute in 2018 – and that figure will rise even further by the end of this year. Our growing reliance on mobile devices and public networks has created a staggering amount of new entry points and vulnerabilities, and many businesses are only just waking up to the sheer scale of the issue.

But it certainly isn’t just about quantity. Both the nature of cyber attacks, and approaches hackers use, are continually evolving, which poses a threat to a growing number of companies across a wider span of industries. Product managers, data engineers and business owners alike are facing an increasingly difficult challenge to safeguard their digital infrastructure and keep their data safe from any unwarranted breaches.

Those looking to maximise their defences must invest in every core method of protection in order to stay protected – but perhaps none more so than business intelligence and analytics.

How can analytics help?

 

Big Data Prob

Big_Data_Prob” (CC BY 2.0) by KamiPhuc

We hear a lot of talk about the risks of big data and potential issues with storing sensitive information. Many people don’t realise that companies who have a tight handle on their own data put themselves in a far better position to fend off cyber attacks than those who are not. Data itself isn’t the issue; it’s whether we are in full control of it.

Having access to large amounts of proprietary data can help businesses to analyse patterns, observe irregularities and spot potential weaknesses within a network. Analytics programmes can also help classify the severity and complexity of issues, which helps businesses prioritise the areas that require the most attention. This not only reduces the time it would normally take to detect and resolve an issue, but it’s also a massive advantage when it comes to catching issues ahead of time. Prevention is the best cure, after all.

Making data work for you

 

Data Security

Data Security” (CC BY 2.0) by Visual Content

So, how exactly do you begin to manage and deploy data as part of your cybersecurity strategy? The first step is to simplify BI management to make mining and visualising analytics as easy as possible.

A business intelligence platform is a good starting point if you’re struggling to develop a system that works for your business. Companies such as Sisense offer full-stack approaches that
help build flexible data models across a wide range of sources. This helps to bridge the gap between modern BI tools and any legacy software that you’re still using. The use of embedded analytics also enables companies to integrate reports, dashboards and visualisations with key applications and workflows.

Future-proofing your business

 

UK Gov

GOV.UK Team” (CC BY 2.0) by gdsteam

Of course, cybersecurity and data governance are both ongoing commitments that require continual attention and investment. The evolving nature of cybercrime poses many headaches for the modern business, but it’s also a huge motivation to keep their databases clean, secure and plugged into an efficient BI system at all times.

The task of keeping digital infrastructure safe is always better done ahead of time. It’s no good waiting until you’ve suffered the consequences of a major cyber attack to do something about it. Top companies understand the importance of avoiding major disruption to their operations at all costs – and that’s only possible by updating and improving every aspect of their cybersecurity strategy on a regular basis. If you keep your data protected, it will ultimately protect you.

The post Business Intelligence is the Key to Stronger Cybersecurity – Here’s Why appeared first on .

Is Pornhub Safe? How to Browse Adult Websites Securely

This is a question we get asked a lot and one which is floating all over the internet too, especially on discussion forums where people can stay anonymous if they want: Is Pornhub safe? Is it a safe site to enter? We decided to address it here since we’d rather let people get their facts straight on cybersecurity directly from the industry instead of scraping for half-truths around the web.

So, is Pornhub safe to browse? What should you do and not do when browsing Pornhub? What are the cybersecurity risks associated with browsing Pornhub? Can you get viruses into your computer? How about malware? What about other adult websites, how safe are those?

What can you do to protect your computer when accessing Pornhub or other adult content websites? How about your privacy, who can see what sites you are browsing and how can you hide your activity?

We’ll answer all these questions and more, right below. Keep scrolling and learn how to stay safe when browsing Pornub and other adult websites.

Is Pornhub safe to browse for your cybersecurity?

The short answer is that no, Pornhub is not completely safe to browse, however, whenever, without taking some necessary precautions. That doesn’t mean that Pornhub is a malware or cybercriminal hub bent on causing its users harm on purpose, quite the contrary. However, there can be risks associated with browsing Pornhub which go beyond the website’s control.

Given that its popularity is so high (there were over 33.5 billion visits to Pornhub last year, according to the website’s official data) and that in many cases its visitors are not necessarily tech-savvy, it’s no wonder that Pornhub can attract cybercriminals bent on using this opportunity.

As we said, Pornhub in itself is safe and strives to stay that way, as a huge business employing lots of tech people tasked to keep the website primed. But you can still become a target for cybercriminal groups and hackers while visiting Pornhub and other adult-themed websites (especially less popular ones, with less developed security policies). This is mostly due to the ads displayed on the porn website, over which the website has little control.

Unfortunately, the prevalence of malware on porn websites is very high. According to security researcher Conrad Longmore, there’s a 53% chance of encountering malware while browsing Pornhub. Of course, security employees from Pornhub and similar websites are doing their best to keep it safe for their users and catch malware as fast as possible. But the truth remains that porn sites are still one of the most popular destinations for hackers and uploaders of malicious code.

What Are the Main Cybersecurity Risks of Pornhub?

What can these cybercriminals targeting the visitors of porn sites be after? What are the main risks you are exposed to while browsing?

#1. Computer viruses (Trojans)

Well, for one, to infect your computer with viruses. While the vast majority of viruses you can contract this way are mostly harmless, they can still slow your system significantly, as well as serve as a gateway for more dangerous stuff. These very common viruses to be found on ads displayed on porn websites can be Trojans, for the most part.

Such viruses don’t pose a huge security risk but they can make your computer slower, as well as create more vulnerabilities into your system, which can then be exploited for more dangerous malware to enter.

#2. Adware

Other viruses you can get from the ads displayed on Pornhub or similar websites are adware. This means that once they take root into your computer, they will cause more ads and spammy content to be displayed to you even if you’re not browsing Pornhub anymore.

This is not just annoying since it can also slow down your system, but it can also be privacy-infringing since the ads can be adult content related. If you share your computer with other family members, you probably don’t want indecent ads popping up when other people are using the device.

#3. Malware or Spyware

Other types of malware which you can contract from clicking ads on Pornhub or similar sites are more dangerous. The cybercriminals behind them can be after your data, and considering the nature of the content you are browsing, this can be very sensitive data related to the type of adult content you are interested in, your online behavior and so on.

Sextortion scams are very common. This is when you get an email from hackers claiming to have installed spyware into your computer and filmed you while you were browsing adult websites, recording also everything you have watched and so on. They will also tell you that unless you send them money, they will send this data to your employer, family, friends and so on.

For the most part, these claims are bogus and the hackers are just fishing for the users gullible or scared enough in order to make some easy money. But in some cases, they may be real. Don’t take that chance and make sure you stay safe, first and foremost by having your device protected by a reliable anti-malware solution.

How Safe Are Other Adult Content Websites?

What about other adult websites, besides Pornhub? Are their security risks the same?

Well, for the most part, we should stress again that Pornhub is still overall safe-ish. It’s the content from third parties (ads) that you need to be wary of. The same risks from ads are also true for every other adult-themed site out there, especially those who allow publishers to stream their own content (the ‘tube’ type of porn websites).

This is because such websites make money from allowing advertisers to run embedded ads from traffic networks. In many cases, this embedded content has malicious code included in it. While the host website (the porn website running these ads) removes all ads containing malicious scripts, it can take a while for these risky ads to get detected.

But in the case of lesser-known websites, with fewer employees and less of a security network in place, the risks may actually be greater than with Ponhub. If another website you’d like to browse is also a huge one, well-known and with millions of users, the risks are probably about the same.

If we’re talking about obscure porn websites, then not only they are more likely to get infected with malware from third parties (advertisers) but they may be a front for cyber-criminality in themselves.

How to Protect Your Privacy when Browsing Pornhub?

The issue of safety has two aspects: protecting yourself from viruses, extortion, hackers, and so on, rounded up under the umbrella term ‘cybersecurity’ and the second issue of protecting your privacy from everyone around you.

Let’s start by addressing privacy first.

You may be tempted to browse Pornhub incognito to make sure no one but you knows about it. While this can be a partial solution (not to store search history, cookies and so on), incognito browsing is not really private.

Major browsers like Google Chrome and Mozilla are very upfront about it whenever you open up a new incognito browser window.

browser incognito message

If your main concern is to prevent the people you live with or share a computer with from finding traces of your online activity, then incognito browsing is ok. But your internet service provider or your employer (if you ever get the bright idea of accessing such websites from your workplace’s network) can still find out the list of domains which got accessed from your computer. If people with access to your home network are a bit tech-savvy, they can figure it out too.

Also, as mentioned above, ads are one of the main sources of malicious code on porn websites. While a Chrome extension that works like an ad blocker can keep some of the risk at bay, you should know that ad blockers tend to be automatically disabled once you enter incognito browsing mode. You can manually set exceptions to ensure ad blockers work for incognito browser tabs too, but you need to do a bit of tinkering with it.

What else should you remember about your privacy when browsing Pornhub or other porn websites?

Even while browsing incognito, the website you are browsing will still collect some data about you via cookies. This is entirely normal and, in theory, protects your anonymity (they just store data about user statistics but without personally identifiable information). But if they ever get hacked, or if you install malicious software by clicking on ads while browsing, this data could be at risk of being misused or used to identify you.

The only thing which can completely protect your anonymity while browsing Pornhub and other adult websites is a VPN service. Lots of users opt for one in order to stay more anonymous online.

As for the issue of cybersecurity on adult websites as a whole, beyond privacy, here’s how you can make Pornhub browsing safe.

How to Access Pornhub Safely: 5 Tips

First and foremost, learn more about the dangers of the internet and about strengthening your online safety as a whole. It’s never too late to start educating yourself in cybersecurity for laymen. Just being here and reading this guide to Pornhub safety is a great start.

But beyond being simply aware of online risks, here’s what else you can do to stay safe while browsing Pornhub or other adult websites.

#1. Up your protection with a good anti-malware solution

This should be obvious, but to make sure you stay safe from any malware danger, you need to have an active next-generation anti-virus software. A product like our Thor Vigilance is trained to prevent the latest type of intelligent threats and protect your privacy as well.

#2. Go for a traffic filter-based security product (it’s a must!)

Next, and definitely, more importantly, traffic filtering is the advanced type of protection you most definitely need. This is especially true if you sometimes browse potentially risky websites like adult-themed ones.

Thor Foresight makes sure that link is safe!
Your parents and friends will click any suspicious link, so make sure they're protected.
Thor Foresight Home anti malware and ransomware protection heimdal security
Thor Foresight provides: Automatic and silent software updates Smart protection against malware Compatibility with any traditional antivirus.

SECURE YOUR ONLINE BROWSING!

Get Thor Foresight

In today’s cybersecurity age, when the methods of hackers are getting more and more sophisticated, traditional anti-virus is not enough anymore. An anti-virus, no matter how good it is, reacts to known threats once they already reach your system. If you’re dealing with an APT (advanced persistent threat) this may be too late.

But a traffic filtering solution, like our Thor Foresight, is based on AI and can intelligently detect threats before they reach your system. Such protective software actively scans incoming traffic and blocks malicious code before it gets a chance to target you. This way, even if you accidentally click on a malicious ad while browsing Pornhub, you’re still safe.

#3. Don’t click on ads while browsing Pornhub

Speaking of ads on Pornhub or other adult websites, don’t click them. While some may be harmless, this is where the dangers associated with porn websites are usually hidden. If you really wish to support your favorite porn website, you can find other ways to do that (like signing up for a premium subscription, for example).

#4. Don’t download anything from adult websites or related pop-ups

If the ads displayed on Pornhub and porn websites, in general, are truly malicious, they will probably try to convince you to download something. They will promise you some more HD content completely free of charge or something similar, on condition that you install some no-name video player, etc. Don’t fall for this trap!

The software such ads are asking you to install is most likely spyware or malware. Don’t install anything and close all browser windows immediately if you are prompted to start a download.

#.5 Don’t buy anything (or enter credit card info) from 3rd parties

Under no circumstances should you enter your credit card info while browsing less-known, shady porn websites. You can buy a subscription from the major adult website you are browsing (like Pornhub and similar sites) if you want, this is safe.

But if you start browsing the independent websites of publishers or other websites you reached starting from your initial browsing, be mindful not to enter any sensitive information like credit card data. You may be tempted by a special access offer (either for a major discount or completely free, but only if you create a member account, which also asks for credit card info). Don’t fall for it!

The post Is Pornhub Safe? How to Browse Adult Websites Securely appeared first on Heimdal Security Blog.

Consumers care deeply about their privacy, security, and how their personal information is handled

65% of consumers are concerned with the way connected devices collect data. More than half (55%) do not trust their connected devices to protect their privacy and a similar proportion (53%) do not trust connected devices to handle their information responsibly, according to a survey by IPSOS Mori on behalf of the Internet Society and Consumers International. The survey was conducted in the United States, Canada, Japan, Australia, France and the United Kingdom. Connected devices … More

The post Consumers care deeply about their privacy, security, and how their personal information is handled appeared first on Help Net Security.

Fallout from Gavin Williamson sacking | Letters

Readers respond to the sacking of the defence secretary Gavin Williamson over accusations of leaking

While I am delighted that Gavin Williamson (May tells defence secretary: ‘You leaked, you are fired’, 2 May) has been removed from the government – remember he said that all British jihadists should be hunted down and killed in the Middle East rather than returned for trial here – I am sorry that as a result Rory Stewart no longer has responsibility for prisons. His is a deserved promotion, but as prisons minister he was the first member of the government to make any attempt to get to grips with the problems of our criminal justice system and offered to resign if things did not improve. How sad that there are not more of that ilk in public life these days.
Maureen Panton
Malvern, Worcestershire

• Is the Gavin Williamson who has just been sacked as defence secretary for allegedly leaking plans discussed in the National Security Council to allow Huawei to be involved in building the UK’s 5G network the same Gavin Williamson who told us last year that it’s Jeremy Corbyn that “cannot be trusted”?
Sasha Simic
London

Continue reading...

Only 55% of companies plan to be ready for CCPA implementation

While reputation and consumer privacy are the biggest drivers for CCPA compliance, only 55% of companies plan to be ready by the law’s Jan. 1, 2020 effective date, according to the OneTrust and the IAPP research. The CCPA is the first of its kind U.S. consumer privacy law which broadly expands the data protection and privacy rights of California residents. The law, inspired by the EU’s General Data Protection Regulation (GDPR), requires organizations that do … More

The post Only 55% of companies plan to be ready for CCPA implementation appeared first on Help Net Security.

It’s World Password Day – the Perfect Excuse to give your Passwords an Overhaul!

How much of your personal data is stored online? Well, if you are anything like the ‘average Jo’ – the answer is a lot! In 2019, the vast majority of us bank and shop online, have official documentation stored online, have all sorts of personal information stored in our emails and let’s not forget about our photos and videos.

And the scary thing – the only thing that is stopping cybercriminals from accessing our vital information that is saved online is our passwords.

Today is World Password Day – a perfect opportunity to give our password strategy a health check.  Because if we are serious about protecting our vital data that is stored online then we need to get SUPER serious about managing our passwords!

So, let’s give your passwords an overhaul. Why not schedule some time in your calendar to ensure your passwords are in the best shape? Here are my top tips on what you can do today to ensure you are doing all you can to protect your private online data.

How To Give Your Passwords A Health Check:

1. Check To See Whether Your Passwords Have Been Exposed

The first step is to see whether your passwords have been compromised in a data breach. Check out  www.haveibeenpwned.com.au to see whether cybercriminals have already discovered your passwords. If so, then they need to be changed wherever they are used ASAP.

2. Commit to Not Using Common Passwords

Using common passwords such as ‘password’, ‘123456’ or ‘qwerty’ is quite frankly, a waste of time. It would take cybercriminals a matter of seconds to unlock your online banking data. Also avoid using simple personal details within your passwords such as your birthday, name or kids and pet names as a quick scan of your social media accounts would allow cybercriminals to find this in just seconds. Always make your passwords random and obscure. Why not consider a nonsensical sentence?

3. Add Numbers and Symbols to Your Passwords

When you are setting up a new online account, many organisations will require you to add a number or symbol to your proposed password to give it additional ‘password strength’. Passwords that include a variety of capital and lowercase letters, numbers and symbols are far harder to crack so get creative and layer up your passwords.

4. Ensure Every Password Is Unique

Many people use the same password across all of their online accounts. And while this makes life easier, it increases your risk of your vital online data being compromised big time. Remember, if a hacker discovers just one of your passwords – and it’s the only one you use – all of your online personal information is at risk! Therefore, it is crucial to ensure all your passwords are different! I know, it sounds like a lot of work and brain power!

5. Simplify Your Life with a Password Manager

If the idea of creating individual complex passwords for each of your online accounts – oh, and changing them every 2 months, is giving you palpitations, then I have a solution – a password manager!

McAfee’s Total Protection includes Password Manager, which stores, auto-fills and even generates unique passwords. Creating and remembering (!) complex password for each online account is taken care off. All you need to do is remember one master password in order to access the rest of the passwords! And if there is a data breach, it’s super easy to quickly change a password too.

6. Set up Two-Factor Authentication Where Possible

If you have the option to enable two-factor or multi-factor authentication with any of your online accounts, then do it!! In simple terms, this will mean that you need to provide more than one way of identifying yourself before gaining access to your account. Often it is your password plus a code sent to your smartphone or even your fingerprint. It’s an absolute no-brainer as it adds another layer of security making it harder to cybercriminals to access your vital online data.

Now, if you are thinking about skipping out of your password overhaul, then please think again! Passwords are the first line of defence to protect your vital online data from cybercriminals. So, put the kettle on and make today the day!

Till next time!

Alex xx

 

The post It’s World Password Day – the Perfect Excuse to give your Passwords an Overhaul! appeared first on McAfee Blogs.

How much does the average employee know about data privacy?

With the impacts and repercussions of the looming California Consumer Privacy Act (CCPA) on the minds of many privacy professionals, new research from MediaPRO shows more work is needed to train U.S. employees of this first-of-its-kind privacy regulation. MediaPRO’s 2019 Eye on Privacy Report reveals 46 percent of U.S. employees have never heard of CCPA, which sets specific requirements for the management of consumer data for companies handling the personal data of California residents. Passed … More

The post How much does the average employee know about data privacy? appeared first on Help Net Security.

Companies face regulatory fines and cybersecurity threats, still fail to protect sensitive data

22% of a company’s folders are accessible, on average, to every employee, according to the new report from the Varonis Data Lab, which analyzed more than 54 billion files. The report shines a light on security issues that put organizations at risk from data breaches, insider threats and crippling malware attacks. Key findings from the 2019 Global Data Risk Report include: Out-of-control permissions expose sensitive files and folders to every employee: 53% of companies had … More

The post Companies face regulatory fines and cybersecurity threats, still fail to protect sensitive data appeared first on Help Net Security.

Wi-Fi Woes: Android Hotspot App Leaves 2 Million Passwords Exposed

Logging onto a free Wi-Fi network can be tempting, especially when you’re out running errands or waiting to catch a flight at the airport. But this could have serious cybersecurity consequences. One popular Android app, which allowed anyone to search for nearby Wi-Fi networks, was recently left exposed, leaving a database containing over 2 million network passwords unprotected.

How exactly were these passwords exposed? The app, which had been downloaded by millions of users, allowed anyone to search for Wi-Fi networks in their area. The app also lets users upload their Wi-Fi network passwords from their devices to its database for others to use. When the database was left exposed and unprotected, anyone could access and download its contents. Each record in the database contained the Wi-Fi network name, its precise geolocation, its basic service set identifier, and the network password in plaintext. Because the app didn’t require users to obtain permission from the network owner, it would be quite easy for a cybercriminal to modify router settings and point unsuspecting users to malicious websites. What’s more, a threat actor could also read unencrypted traffic that goes across a wireless network, allowing them to steal passwords and private data.

Thankfully, the web host was able to take down the database containing the Wi-Fi passwords within a day of being notified. But it’s important for users to be aware of the cybersecurity implications that free or public Wi-Fi presents. Check out the following tips to help protect your data:

  • Change your Wi-Fi password. If you think your password may have been affected by this exposure, err on the side of caution and reset it. Be sure to make your new password complex and unique.
  • Keep your network password private. Wi-Fi networks could be susceptible to a number of threats if their passwords are left in the wrong hands. Only share your passwords with family, friends, and those you trust, and never upload your password to a public database for strangers to use.
  • Safeguard your online privacy. Use a security solution like McAfee Safe Connect to encrypt your online activity, protect your privacy by hiding your IP address, and better defend against cybercriminals.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home  on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Wi-Fi Woes: Android Hotspot App Leaves 2 Million Passwords Exposed appeared first on McAfee Blogs.

Digital Parenting: ‘Eat Your Veggies, Brush Your Teeth, Strengthen Your Passwords’

strong password

strong passwordAs adults, we know the importance of strong passwords, and we’ve likely preached the message to our kids. But let’s rewind for a minute. Do our kids understand why strong passwords are important and why it needs to become a habit much like personal health and hygiene?

If we want the habit to stick, the reason why can’t be simply because we told them so. We’ve got to make it personal and logical.

Think about the habits you’ve already successfully instilled and the reasoning you’ve attached to them.

Brush your teeth to prevent disease and so they don’t fall out.
Eat a balanced diet so you have fuel for the day and to protect yourself from illness and disease.
Get enough sleep to restore your body and keep your mind sharp for learning.
Bathe and groom to wash away germs (and to keep people from falling over when you walk by). 

The same reasoning applies to online hygiene: We change our passwords (about every three months) to stay as safe as possible online and protect what matters. When talking to kids, the things that matter include our home address, our school name, our personal information (such as a parent’s credit card information, our social security number, or other account access).

Kids Targeted

We falsely believe that an adult’s information is more valuable than a child’s. On the contrary, given a choice, 10 out of 10 hackers would mine a child’s information over an adult’s because it’s unblemished. Determined identity thieves will use a child’s Social Security number to apply for government benefits, open bank, and credit card accounts, apply for a loan or utility service or rent an apartment. Also, once a child’s information is hacked, a thief can usually get to a parent’s information.

How to Stay Safe

It’s a tall task to prevent some of the massive data breaches in the news that target kids’ information. However, what is in our control, the ability to practice and teach healthy password habits in our home.

Tips for Families

strong passwordShake it up. According to McAfee Chief Consumer Security Evangelist Gary Davis, to bulletproof your passwords, make sure they are at least 12 characters long and include numbers, symbols, and upper and lowercase letters. Consider substituting numbers and symbols for letters, such as zero for “O” or @ for “A”.

Encourage kids to get creative and create passwords or phrases that mean something to them. For instance, advises Gary, “If you love crime novels you might pick the phrase: ILoveBooksOnCrime
Then you would substitute some letters for numbers and characters, and put a portion in all caps to make it even stronger, such as 1L0VEBook$oNcRIM3!”

Three random words. Password wisdom has morphed over the years as we learn more and more about hacking practices. According to the National Cyber Security Centre, another way to create a strong password is by using three random words (not birthdates, addresses, or sports numbers) that mean something to you. For instance: ‘lovepuppypaws’ or ‘drakegagacardib’ or ‘eatsleeprepeat’ or ‘tacospizzanutella’.

More than one password. Creating a new password for each account will head off cybercriminals if any of your other passwords are cracked. Consider a password manager to help you keep track of your passwords.

Change product default passwords immediately. If you purchase products for kids such as internet-connected gaming devices, routers, or speakers, make sure to change the default passwords to something unique, since hackers often know the manufacturer’s default settings.

When shopping online, don’t save info. Teach kids that when shopping on their favorite retail or gaming sites, not to save credit card information. Saving personal information to different accounts may speed up the checkout process. However, it also compromises data.

Employ extra protection. Comprehensive security software can protect you from several threats such as viruses, identity theft, privacy breaches, and malware designed to grab your data. Security software can cover your whole family as well as multiple devices.

Web Advisor. Keep your software up-to-date with a free web advisor that helps protect you from accidentally typing passwords into phishing sites.

strong password

Use unique passwords and MFA. This is also called “layering up.” 1) Use unique passwords for each of your accounts. By using different passwords, you avoid having all of your accounts become vulnerable if you are hacked (think domino effect). 2) MFA is Multi-Factor Authentication (also called two-step verification or authentication ). MFA confirms a user’s identity only after presenting two or more pieces of evidence. Though not 100% secure, this practice adds a layer of security to an account.

Keep it private. Kids love to show one another loyalty by sharing passwords and giving one another access to their social network accounts. DO NOT encourage this behavior. It’s reckless and could carry some serious privacy consequences. (Of course, sharing with parents, is recommended).

Credential Cracking

According to the Identity Theft Resource Center® (ITRC), the reported number of consumer records exposed containing sensitive personally identifiable information jumped 126 percent in 2018. The report explicitly stated password cracking as an issue: “The exploitation of usernames and passwords by nefarious actors continues to be a ripe target due to the increase in credential cracking activities – not to mention the amount of data that can be gleaned by accessing accounts that reuse the same credentials.”

May 2 is World Password Day and the perfect time to consider going over these password basics with your family.

The post Digital Parenting: ‘Eat Your Veggies, Brush Your Teeth, Strengthen Your Passwords’ appeared first on McAfee Blogs.

Consumers trust banks most with their personal data, 68% still fear identity theft

People trust banks and other financial entities to safeguard their personal data more than other organizations. New nCipher Security research also illustrates how easily that trust can be eroded, along with Americans’ personal data protection concerns relative to banking and digital payments. Consumers trust banks most The survey results show that people trust the financial sector in general and their banks in particular more than any other industry vertical or organizations that touch their data. … More

The post Consumers trust banks most with their personal data, 68% still fear identity theft appeared first on Help Net Security.

Data Loss Prevention for Social Media Channels in Enterprises

Data Loss Prevention is of crucial importance for social media channels in all enterprises today.

Social media channels, as we all know, play a key role in elevating businesses to great heights today. It’s not at all wise to avoid social media or underestimate the importance of social media and other digital channels- they are needed today at all levels of business operations. You’d have to rely on them for marketing-related activities, for internal collaboration, for public relations and customer support and for a range of other activities. But, never forget that there is another side of the picture as well- the security aspect!

The social media channels provide cybercriminals with a very potential and enormous attack surface, which they could try to breach so as to access enterprise networks and steal business data and sensitive customer data. It’s hence that data loss prevention becomes crucial for social media channels in all modern enterprises. Let’s examine various aspects related to this…

Businesses often tend to overlook the importance of DLP for social media

Though businesses give utmost importance to DLP (Data Loss Prevention) for all other things, they often tend to overlook the importance of DLP for social media channels. They often forget that social media happens to be one of the most publicly visible faces of any business today and hence cybercriminals would definitely target social media channels. This must change, enterprises must ensure that their social media channels too are covered when they plan their DLP strategies. They must customize their DLP rules to include social media channels too.

Targeted phishing attacks pose a great threat

Since social media channels are widely used in the enterprise world today, cybercriminals tend to plan targeted phishing attacks against social media. Through the social media channels, most of which are overlooked by many enterprises today as regards the security aspect, the hackers try to send links and files which would be containing malicious codes, and which would help them gain unauthorized access into the enterprise networks. Similarly, spear phishing attempts which involve attempts to dupe people within an enterprise into sharing confidential information (personal data as well as business data) are also carried out by cybercriminals over the social media. Thus, it’s highly important that businesses do all that’s needed to secure the social media and at the same time take steps to educate their employees on how to prevent phishing attacks. This helps greatly in ensuring data loss prevention.

Tackling insider threats is also important

There are always insider threats that tend to thwart the security of any business organization today. Such threats, which happen from within the organization could prove to be a real headache when employees have full and free access to social media channels. Here, it’s not just the security policies that are needed, it’s proper and continual security awareness training plus automatic detection/prevention techniques that need to be there to combat such issues. Otherwise malicious or dissatisfied employees could exchange confidential information to outsiders and cybercriminals through unsecured social media channels.

Staying protected against unknown threats is important

Protecting an enterprise against unknown threats is important. Comprehensive data security is not possible by just using traditional signature-based threat detection methods. DLP, for any enterprise today, must include capturing and monitoring all content, behavioral analysis, leveraging of AI and machine learning for data classification and risk management and such other unconventional methods and techniques that could prevent unknown threats from targeting social media channels.

Data sovereignty is a big issue for enterprises

Since we are discussing DLP and social media channels, it’s to be specially mentioned that data sovereignty is indeed a big issue for all enterprises today. Something that’s posted on the social media, either by insiders or by customers, could spread faster than most people imagine and within minutes any data thus shared or spread would go out of the control of the enterprise. This is an issue that poses a big threat to the reputation as well as data security of any enterprise today.

Prompt alerts and speedy remediation action are vital

DLP solutions should be constantly monitoring all communication and the alerts, whenever there is a violation of security policies, should be prompt. Similarly, whenever there is an issue of a data loss relating to the social media channels, the remediation should be speedy. These things are vital for the overall security and growth of any enterprise today. Quarantining of infected files and documents, takedowns of malicious posts/images on the social media, suspicion of accounts if needed, etc should be prompt and processes, as far as possible, need to be automated as well.

Also, Read:

Seven Steps to Data Loss Prevention

Key Factors for Data – Centric Data Protection

Data Loss Prevention Tips

An Introduction to Network Data Loss Prevention

Why Your Organization Needs Data Loss Prevention Policy?

The post Data Loss Prevention for Social Media Channels in Enterprises appeared first on .

Scranos: The Persistent Rootkit-Enabled Malware is Targeting Home Users and Organizations Worldwide

These past few days security researchers from the Bitdefender Cyber Threat Intelligence Lab have detected a new malware strain known as Scranos which aims at stealing passwords, financial information, and other sensitive data from home users and organizations across the globe.

First identified in November 2018, with a massive spike in December and January, specialists continued to track it and raised a red flag in the past months when it was extremely active.

This attack looks like a work in progress, with many components in the early stage of development,

researchers described it.

Dubbed “Scranos”, this newly rootkit-based malware appears to be continuously evolving, developing new components or making minor improvements to the old ones.

Unlike other types of malware, rootkits are notoriously difficult to detect in the first place, persistent and complex threats out there.

How does the infection process happen?

The attack vector is usually cracked, pirated software or Trojanized application disguised as legitimate software you may be tempted to download and install on your computers such as (video) drivers, software programs, or even security products.

One of the main components of rootkits is the dropper, which is an executable program or file that installs the rootkit. In this spam campaign, the dropper acts like a password stealer and installs a digitally-signed rootkit driver.

According to researchers, the digital signature of this driver seemed to be issued by a Chinese company, and hackers may have obtained the original digital code-signing certificate illegally or compromising it.

Once the dropper is installed, it tries to communicate with a malicious Command-and-Control (C&C) server (which is controlled by the attacker) and downloads one or more payloads.

The easy way to protect yourself against malware
Here's 1 month of Thor Foresight Home, on the house!
Use it to: Block malicious websites and servers from infecting your PC Auto-update your software and close security gaps Keep your financial and other confidential details safe

EASY AND RELIABLE. WORKS WITH ANY ANTIVIRUS.

Try Thor Foresight

The main targets are the popular browsers such as Chrome, Opera, Internet Explorer, or applications like Facebook, Amazon or Youtube. All data gathered from these locations are sent to the C&C server for additional instructions.

Then the dropper installs the rootkit which “registers a Shutdown callback to achieve persistence”, said security experts.

What happens is that Scranos rewrites itself to disk before the computer shuts down, and a start-up key is created in the Registry. After that, the rootkit injects a downloader into a svchost.exe process which will ping the C&C server, where all info is sent, and further payloads are executed.

The illustration below shows how the infection process works:

pngbase6495f36152682c43b9 Image credits: Bitdefender Labs

Security researchers from Bitdefender also shared some of the most important components of the Scranos malware and what can perform:

  • Steal users’ payment information from popular sites like Facebook, Amazon or Airbnb where the victim has shared sensitive data
  • Extract cookies and login credentials from Chrome, Chromium, Mozilla Firefox, Opera, Microsoft Edge, Internet Explorer, Baidu Browser and Yandex Browser
  • Inject JavaScript adware in browsers, as well as exfiltrating browser history
  • Install various Chrome and Opera extensions with the malicious purpose of launching adware
  • Send phishing messages to the victim’s Facebook friends containing malicious files.
  • Steal login and password data for the user’s account on Steam
  • Subscribe users to different YouTube channels
  • Installing and running malicious payloads

More technical details provided by security researchers can be found in the full paper.

Who’s been targeted?

While the spam campaign was originally spotted in China, according to the telemetry collected by the Romanian security researchers, in the last months, the Scranos malware started to spread to other countries too. However, it’s been “more prevalent in India, Romania, Brazil, France, Italy, and Indonesia.”

pngbase64a0f71618d33ae64f

This type of attack stands out because of its rootkit capabilities, and security experts pointed out that “rootkit-based malware is rare, and accounts for less than 1% of the malware they see daily.”

More than that, it is a dangerous and significant malware with multiple functionalities (rootkit, backdoor, info stealer, adware) which can provide cybercriminals lots of creative methods to spread infection.

How to remove the infection?

Rootkits are probably the most difficult types of malware to remove from a computer because these infections root themselves deep into the victim’s machine, are sneaky and can also bypass antivirus products.

Before you start the removal process, we highly recommend backup all your valuable data, because there’s no telling how the rootkit will react. Chances are it can have strong defensive measures that might wipe your computer or make it unfunctional.

If you’re a victim of Scranos, you should follow these steps that can help you remove the infection:

  • Kill processes running from the Windows temp folder path and delete those files which are detected as malicious. If you don’t know how to do it, use this guide to learn more.
  • Open Task Manager and stop the rundll32.exe process which represents a security risk and could harm your computer
  • Reboot your PC to Safe Mode to Networking to limit the access of the rootkit. This step-by-step guide will show you how to perform this action.
  • Install a rootkit removal tool like Malwarebytes Anti Rootkit which can scan, detect and eliminate the nasty rootkit.
  • Delete suspicious extensions from your browsers and clear your browsing history.

Also, make sure you follow the detailed removal instructions shown by the Romanian security researchers.

Apply these security measures to prevent the Scranos rootkit-enabled malware from infecting your computer

It goes without saying that prevention is always the best cure, so applying these actionable security measures might prevent a rootkit infection from happening.

Rootkit malware is one of the most challenging and nasty threats faced by home users and organizations, so we want to raise awareness about them, as well as to learn how to better detect and prevent these attacks.

Here’s what you should do right now:

  1.  Do not download or install pirated software, because this type of malware is mainly distributed via programs, which are at a high risk of infection. Instead, use valid and reliable software programs and install them from trusted sources.
  2. Change all your current passwords ASAP and make sure you use only strong and unique ones. We recommend reading this password security guide that will teach you how to manage passwords like a pro and make them hard to be hacked.
  3. Outdated software remains one of the biggest sources of malware infection, so we keep reminding you that software updates are critically important. Like many other security pros and companies, we advocate for applying updates as early and regularly as possible. You can use our Thor FREE security product to keep your apps up to date automatically and silently.
  4. Remember to do a backup of all your essential data on external sources such as a hard drive or in the cloud (Google Drive, Dropbox, etc.). You can learn how to do that by reading our guide.
  5. Be cautious about phishing attacks which continue to be a serious and risky threat, with more and more phishing emails flooding into users’ inbox and luring them to click on malicious files of attachments. Here’s a more in-depth look at how phishing works and what can you do to prevent it.
  6. Before you install any browser extension, pay attention to the rating and read the users’ reviews, because some extensions can compromise your safety and privacy. If you are using Chrome, you should check out this list of 10 Chrome extensions that will enhance your online safety.
  7. If you’re using an Antivirus solution, make sure is a reliable one. Better than that, consider adding multiple layers of protection, because new malware is getting more and more sophisticated and harder to be detected by traditional AV. Use proactive cybersecurity software like our Thor Premium Home, which provides complete and all-in-one protection.
  8. If you are an organization, it is safer to restrict admin rights on computers for employees and limit the access only to specific data they need and use. Also, restrain the authority to install software programs and encourage them to report back to you when they notice/receive suspicious emails from untrusted sources.
  9. Organizations NEED to start investing in cybersecurity training for their employees and help them become more resilient to all types of threats. The same thing applies to home users who should train themselves not to be an easy target for cybercriminals.
  10. We are strong believers that education is key to be safer on the Internet and protect your digital assets. If you want to learn how to better detect online threats and have a stronger defense against them, you can check our free educational resources such as the Cyber Security for Beginners course, or  The Daily Security Tip which offer actionable tips you can apply.

Stay safe!

The post Scranos: The Persistent Rootkit-Enabled Malware is Targeting Home Users and Organizations Worldwide appeared first on Heimdal Security Blog.

10 Chrome Extensions to Boost Your Online Safety in 2019

Chrome is the most popular internet browser nowadays, so we’ve decided to research extensions that increase your online safety. Even though it claims to automatically protect you from security issues, such as phishing attacks and dangerous websites, as the online threatscape evolves, it never hurts to add extra layers of protection.

pasted image 0 40

Web Browser Market Share, March 2019, according to W3Counter

In this guide, we’ll walk you through a variety of Chrome extensions, ranging from anti-tracking solutions, ad blockers, password managers, and VPN solutions, to name a few.

We hand-picked the add-ons from a wide palette of solutions, with the intention to help you browse safely on the internet.

So let’s jump in.

Here are some of the best privacy and safety-related Chrome extensions.

1. Privacy Badger

Privacy Badger is a browser add-on developed by The Electronic Frontier Foundation (EFF), that blocks advertisers and third-party trackers from tracking the web pages you visit. Essentially, whenever it detects advertisers who track you across different websites without your consent, it automatically stops them from inserting any more content into your browser.

image13 1

Keep in mind this isn’t a standard ad blocker, as it wasn’t created with the intention to completely block ads.

What it really does is focus on stopping any visible or invisible third-party scripts or images that seem to be tracking your activity despite the fact that you specifically refused to be tracked by sending a Do Not Track header. Most of these third-party trackers happen to be advertisements, so that’s why most of them will be blocked.

Does it make sense to simultaneously use Privacy Badger and a standard ad blocker? If you really despise ads, EFF advises on using a combination between Privacy Badger and uBlock Origin.

Download: Privacy Badger

2. Ghostery

Ghostery is similar to Privacy Badger – it detects and blocks third-party technologies which track you and it also markets itself as an ad blocker. Thus, it provides a clean and fast browsing experience, while preventing advertisers from tracking your activity.

image18 1

The Smart Blocking feature increases the pages’ loading speed, by automatically blocking and unblocking trackers.

image7 1

Download: Ghostery

3. HTTPS Everywhere

HTTPS Everywhere is an add-on created by the Electronic Frontier Foundation (EFF) and the Tor Project, that changes websites from insecure “HTTP” to secure “HTTPS”.

image10 1

Why use “HTTPS” instead of “HTTP?”

“HTTP” is not encrypted and can be vulnerable to threats, such as man-in-the-middle attacks. HTTPS should be used especially on insecure networks (such as public Wi-Fi), as these are most likely to be accessed by people on the same network who can steal your private information.

image2 2

Many websites do offer some support for encryption over HTTPS, but they make it difficult to use. For example, they can link unencrypted sites to encrypted pages.

HTTPS Everywhere takes care of those issues by rewriting requests to these sites to HTTPS.

Here you can access information about the project’s Git repository and also get involved in development if you are interested to do that.

Download: HTTPS Everywhere

4. LastPass

LastPass is a password manager which stores all of your passwords so you don’t have to remember them.

Using the same password for all your accounts is the worst thing you can do, so LastPass will contribute to your overall security hygiene.

image14 1

What you do need to remember is the master password used to guard the rest of your passwords. This tool uses strong encryption algorithms, so even the folks from LastPass don’t have access to your data.

image1 3

It integrates with a variety of two-factor authentication options so you can protect yourself with an extra layer of security. You should really turn on this feature just in case someone manages to steal your master password, and this way they can be stopped from accessing your account.

Download: LastPass 

5. Vanilla Cookie Manager

Vanilla Cookie Manager is an extension that allows you to delete unwanted cookies. It gives you the option to shut off cookies completely or just remove third-party cookies.

image11 1

Vanilla Cookie Manager allows you to whitelist the cookies that you would like to keep from websites trusted by you.

image20 1

Does it make sense to manage cookies?

Let’s start off by briefly explaining what they are and what they do.

Cookies are text strings stored on your computer in a directory. They are harmless, in the sense that they can’t infect your PC with malware. Yet, they can store information about your activity on websites.

So how do cookies work?

Web servers transmit cookies that are stored in your browser, and the next time a page is referenced, the browser returns the cookie to the server.

Obviously, it’s your choice if you want to alter cookies. Some users prefer to browse the internet without concerning too much about their information being collected, while others prefer to remain completely anonymous.

Download: Vanilla Cookie Manager

6. Perspective Guard

The Perspective Guard extension is based on a rather unique concept running on artificial intelligence, and its main purpose is to let you know if you might come across fake news.

image17 1

Its developers promise not to store your data so you can rest assured you are browsing the internet privately.

What it does is monitor the social networks and websites you access and gives you an overview of the type of content you encounter.

The content you see is classified as Negative, Neutral, or Positive.

image3 1

You also have the option to be notified if you are likely to become a victim of social engineering campaigns.

Download: Perspective Guard

7. minerBlock

minerBlock is an add-on used against those malicious hackers who try to steal your computer processing power to mine cryptocurrency without your consent.image19 1

This technique is called “crypto jacking”, short for “cryptocurrency hijacking”. For a full overview of the concept and a guide on how to avoid becoming a victim, access our article.

How does the minerBlock extension work?

It uses two different ways to stop crypto miners: by blocking requests/scripts loaded from a blacklist, and by detecting suspicious behavior inside loaded scripts and deleting them right away.

Download: minerBlock

8. uBlock Origin

For all of you out there who simply don’t want to see any ads, uBlock Origin is a great Chrome extension to help you block them all.

image22 1

This ad blocker also seems to be the easiest on CPU and memory, as per their comparison below:

image5 1

image6 1

Source: Google Chrome uBlock Origin Store

Download: uBlock Origin

9. CyberGhost VPN Free Proxy

VPN tools are a great way to access websites from countries that would otherwise not be available in your location. Not only that, but you are also protected against malicious actors and data miners since a VPN hides your real IP address and encrypts your connection.

image16 1

CyberGhost has all of these features in place and has been awarded the “Best Value” category at the BestVPN.com Awards in 2019, so we recommend you check it out.

image9 1

Download: CyberGhost VPN Free Proxy

10. Hotspot Shield VPN Free Proxy

Hotspot Shield VPN is another Chrome extension you should try out.

image12 1

It has both a free and paid version. The free one lets you access 95% of its features – hides your IP, prevents personal information theft, encrypts your activity on any network, and you can automatically secure popular websites or bypass unwanted ones.

image8 1

Download: Hotspot Shield VPN Free Proxy

Do Chrome extensions work in Incognito Mode?

Chrome extensions will not work in Incognito mode by default since this browsing alternative stops the browser from saving your history, cookies, and website data.

Yet, you do have the possibility to activate the Chrome add-ons manually so they run in Incognito as well.

Here is how:

Step #1: Open an Incognito window, and click on the Settings option.

image21 1

Step #2: The Extensions menu will open in a new Tab. Select the Details option from the add-on you would like to activate.

image23 1

Step #3: Activate Allow in incognito.

image15 1

And you’re all set. You can now use the add-ons you want in Incognito mode.

Are all Chrome extensions safe to use?

As a general rule, be careful when you browse the Chrome Web Store for extensions, as there are chances you run into add-ons that can compromise your security and privacy.

Here are some guidelines to keep in mind:

  • Always look at the extensions’ rating and try to choose the ones that have at least 4.3 out of 5 stars. And also make sure you read the user reviews.
  • Install extensions from trusted sources. You may want to look into who actually developed the add-on and see if the source looks suspicious or not.
  • Pay attention to what permissions the extensions require. If an extension you are already using suddenly asks you to grant another permission, this means it may have been compromised.
  • Never install too many extensions. Stick to the ones you really need. Too many of them can both slow down your browser and make it difficult to keep an eye on to notice if something fishy is going on.
  • Don’t rely on security browser extensions exclusively and also install an anti-malware solution on your computer.
The easy way to protect yourself against malware
Here's 1 month of Thor Foresight Home, on the house!
Use it to: Block malicious websites and servers from infecting your PC Auto-update your software and close security gaps Keep your financial and other confidential details safe

EASY AND RELIABLE. WORKS WITH ANY ANTIVIRUS.

Try Thor Foresight

What security and privacy add-ons have we missed? Are there any Chrome extensions that you would advise against? Share your thoughts in the comments section below.

The post 10 Chrome Extensions to Boost Your Online Safety in 2019 appeared first on Heimdal Security Blog.

The most Popular Free Encryption Software Tools to Protect Your Data

In this internet-connected world, it’s become more important than ever to keep our information safe. Whether it’s personal or work-related, our data is always at risk of falling into the wrong hands.

What is data encryption?

On a basic level, encryption is one of the best protection methods available to keep all your digital assets safe.

The encryption process uses a key and an algorithm to transform the accessible data into an encoded piece of information which can only be deciphered by authorized persons.

Public key encryption keys 1 1

Source.

Encryption helps you secure sensitive information from cyber criminals or other online threats and make access harder to them. At the same time, it’s a way that can be used to archive large amounts of data or to secure private communication over the Internet.

According to “The 2019 Global Encryption Trends Study” released by the Ponemon Institute, 45% of the organizations surveyed said they have an encryption policy in place to secure the most important data.

Both Internet users and organization can do that with the help of free encryption tools which can enhance protection by keeping valuable information hidden from malicious actors.

Encryption is essential to protect critical data, no matter if it is stored locally, on the PC, or sent over the Internet. So which are the encryption tools?

We’ve put together this list of free encryption software to choose from.

Before we jump to these encryption software products available for free, we outline the importance of always using strong and unique passwords for all your online accounts. When setting up your encryption process, you’ll be asked to choose a password as your decryption key.

Before you do that, make sure you apply these actionable security tips to manage passwords like an expert and make them more secure and unbreakable by cybercriminals.

  • Set unique and strong passwords, which contain different characters, like uppercase and lowercase letters and numbers, and are more than 15 characters long. There are several tools you can use to test if your passwords are strong enough.
  • Also, you’ll need to set passwords which are not easy to remember or guess, and aren’t used for more than one online account.
  • To enhance your online security, you should not keep your passwords saved in text files or browsers;
  • Never use/reuse the same password for more than one account;
  • Do not share your passwords in emails, instant messages or other online platforms.

We carefully curated and put together some of the best free encryption software tools you can use to keep your most valuable data safe and secure.

1. LastPass

Probably one of the most popular password manager tools out there, LastPass can be used for free with limited features, but will still secure your passwords and personal data. Using an encryption software tool like this one, you’ll no longer have to remember or note a password in a notebook or any other physical place.

LastPass comes with an easy-to-use and intuitive interface and can simplify things for you. There are extensions available for the main web browsers, such as Mozilla Firefox and Google Chrome. Also, you can use the mobile app available for both Android and Apple.

LastPass tool

When you create a new online account, it offers the option to save the new credentials.

This tool encourages you to set a unique and hard to break password and discourages users to reuse it. If you’re using the same password for multiple accounts, it simply recommends selecting a different password.

Other password management tools you can use Sticky Password or RoboForm come with an intuitive and easy-to-use interface and can provide good password security.

To safely manage passwords, we encourage users to follow these security steps included in this guide and use the use two-factor authentication system, whenever possible.

2. BitLocker

Bitlocker for Windows 10 1

Source: Windows Central

While there are many encryption tools available you can use to encrypt your data locally, most users prefer to use Microsoft’s BitLocker software. You can either use it to encrypt a particular disk partition or the entire hard disk.

BitLocker is a full-disk encryption tool built-in in the latest Windows operating systems (Windows 10), which uses AES (128 and 256-bit) encryption to encrypt data on the drives.

The Advanced Encryption Standard has been tested and improved and is now used worldwide by the most security vendors due to its high level of security and optimization.

Why you should choose BitLocker:

  • Easy to use and it’s already integrated into your Windows operating system, so there’s no need to add another encryption software;
  • It’s a free data encryption software tool you can use to prevent data breaches and data exfiltration from your hard disk.
  • It encrypts your entire drive, which makes it impossible for malicious actors stealing your laptop to remove the hard drive and access your files.
  • When BitLocker Drive Encryption is activated, and you add new files, BitLocker will encrypt them automatically.

However, as an encryption technology built into Microsoft, it’s been a target for researchers looking for flaws in popular tools used by people. That’s why a researcher was able to find a new and relatively simple way that Windows BitLocker encryption keys can be sniffed in less secure configurations as they travel from Trusted Platform Modules (TPMs) during boot.”

3. VeraCrypt

Another free encryption software tool you can use which is available for Windows, OS X and Linux operating systems.

Just like BitLocker, it supports Advanced Encryption Standard (AES) and can hide encrypted volumes within other volumes. It is an open source program which means developers and researchers can download and use the source code.

Veracrypt 1.24

Source: GHacks.net

This encryption software is a great alternative to TrueCrypt tool and is constantly getting improvements and security enhancements. VeraCrypt 1.24, the upcoming next version of VeraCrypt is currently available for beta tests and can be downloaded from here.

The new version is expected to come with lots of security and functionality improvements to better secure users’ data.

4. FileVault 2

Looking to encrypt your data stored on devices featuring macOS and Mac hardware? FileVault 2 is a free encryption software tool we recommend checking out.

Just like BitLocker and VeraCrypt tools, FileVault 2 (FileVault full-disk encryption) uses XTS-AES-128 encryption with a 256-bit key “to help prevent unauthorized access to the information on your startup disk”.

If you’re interested in installing it on your Mac computer, this guide will come in handy.

FileVault 1

5. DiskCryptor

Yet another open-source and free encryption software you can use to secure your internal and external drive, including system partition, and even ISO images, or USB flash drives or any other storage devices.

Just like BitLocker, it is a full-disk encryption tool for Windows OS and includes multiple encryption algorithms such as AES, Twofish, and Serpent. The interface is simple and intuitive,  all you need to do is select the drive and click on “Encrypt” to protect your data.

6. 7-Zip

Many users are not interested in encrypting the entire hard disk, but only specific files and documents that store sensitive information.

It’s a free and open source encryption software, as well as a lightweight solution known for its simplicity. This software tool is capable of extracting most archives and features strong AES-256 encryption.

7 zip encryption tool

Source: GHack.net

After the critical security vulnerability that affected all WinRAR versions and other programs, a  stable version of 7-Zip 19.00 has been released and can be downloaded from the 7-Zip site.

7. AxCrypt

Similar to 7-Zip, AxCrypt is an open source file encryption tool offering both a free solution and a premium version for Windows, macOS, Android, and iOS.

It features AES-256 file encryption and can efficiently encrypt one file, an entire folder or a group of files with a simple right-click. Files can be encrypted for a specific period of time or can be auto-decrypted later on when that file reaches the destination.

So, how can I increase my online security without creating too many barriers that may slow down my access to the information posted online?

See below a few simple tools you can use to access online content and stay safe from data breaches at the same time.

8. HTTPS Everywhere 

Encrypting your files is not enough. To be one step ahead of cybercriminals, you need to enhance online protection, you need to make sure no one can eavesdrop on your communication over the Internet.

To make sure you always access secure web pages that use encryption mechanisms, we recommend trying a browser extension like HTTPS Everywhere, which is compatible with Mozilla Firefox, Opera, and Google Chrome.

The extension was created as a collaboration between EFF and Tor Project, and automatically switches from unsecured sites using “HTTP” to secure “https”.

HTTPS Everywhere tool

Using an extension like HTTPS Everywhere, which encrypts your communication with major websites you access on a daily basis, will make your online activities more secure from multiple online threats.

9. Tor Browser

If you want to access the Internet anonymously, Tor browser can be a great option to encrypt your online traffic and keep your browsing activities from prying eyes.

Tor Browser will block popular browser plugins such as Flash, RealPlayer, Quicktime, and others which can be manipulated into finding out your IP address.

It is recommended not to install additional add-on or plugins into Tor Browser, because it may bypass Tor and compromise your privacy and security.

The special Tor browser has been designed to be used by anyone who wants to conceal any browsing activity from prying eyes.

The most recent version of this browser, Tor Browser 0.4.0.4, is in the release candidate available for download, and it fixes several bugs from previous versions.

Remember this is not a stable release yet, but “packages should be available over the coming weeks, with a new alpha Tor Browser release by early next week.”

For those who don’t know,  Tor is the short version of “The Onion Router” and directs your Internet traffic by encrypting the IP address from where it came.

Using encryption software like Tor will make it more difficult for your online activities to be traced by malicious actors.

10. CyberGhost

Another way to hide your online identity is to use a VPN (Virtual Private Network) which can encrypt your communication and keep it safe from constant interception attempts.

This private network is able to spread across the normal Internet space, using its resources to create an encrypted channel and protect your data from hackers or the prying eyes of others.

It uses strong encryption mechanisms to hide your IP address, secure banking transactions, or keep yourself and your information safe when accessing Wifi networks.

A VPN software program like Cyberghost can be used when trying to connect to unsafe public networks or when needed to access content whose distribution is restricted to a certain geographical area. You can browse in a private mode from another country and get access to more than 1,000 servers across 50+ countries.

Cyberghost

CyberGhost is a popular VPN solution to ensure that your web traffic and valuable information remain encrypted. It is the winner of the “Best Value” category at the BestVPN.com Awards 2019.

It includes a 30-day money-back guarantee for everything else and friendly support. A VPN service provider like Cyberghost helps you keep your data protected and secure your digital assets. Cyberghost works with Windows, macOS, iOS, Android, Linux or routers.

11. ExpressVPN

For privacy enthusiasts, here’s another VPN service you can use to encrypt your data and keep cybercriminals at bay.

Similar to CyberGhost, this one uses 256-bit AES encryption technology and the set-up is simple. Simply download, install and connect to ExpressVPN with a few clicks.

Compatible with multiple devices, it works on Windows, Mac, iOS, Android, or Linux and connects to more than 148 locations in 90+ countries. It’s not entirely free, but you can use it free of charge for up to one month and get a 30-day money back guarantee. Express VPN 1Source: VPNMentor.com

Apply these security measures to enhance your online safety

When it comes to securing your most important information, encryption is not enough. Oftentimes, in our blog articles and protection guides, we often emphasize the importance of using multiple layers of security to be one step ahead of hackers.

Since there are so many online threats out there and cybercriminals keep changing their tactics, we recommend following these actionable security measures to improve your online security:

  • Keep your browser and operating system updated with the latest security patches. Make sure you have the latest versions running on your system. Online criminals spread malicious tools by using security exploits to take advantage of your system’s vulnerabilities. Patching is key, as the experts said it again and again.
  • Use a reliable antivirus product, and consider adding multiple layers of protection and use proactive cybersecurity software like our Thor Premium Home, which provide complete, all-in-one protection for your digital life.
  • Be very careful when connecting to public and free wireless networks. One of the favorite methods used by online criminals to retrieve your credentials is to use wireless sniffers to access data you send over unprotected networks.
  • Education remains the main key to better secure your digital assets, so we recommend checking out our free educational resources and signing in for any course that will teach you more about online protection.

When you think about encryption, have in mind the entire picture and know how important its role is in the overall security strategy.

What about you? How do you see encryption in the bigger picture of Internet security? Are you using any type of encryption for your data at the moment?

Let us know your thoughts in a comment below.

The post The most Popular Free Encryption Software Tools to Protect Your Data appeared first on Heimdal Security Blog.

Parenting club Bounty fined £400,000 for selling users’ data

Company illegally shared 34.4m records with 39 companies, information commissioner finds

The parenting club Bounty has been fined £400,000 – one of the largest penalties possible – for sharing its data with marketing agencies without users’ permission.

Bounty offers support and advice to new parents who sign up through its website and mobile app, or are directly recruited on maternity wards. Without securing consent from those parents, the company sold their information to data brokers including Acxiom, Equifax and Sky, the Information Commissioner’s Office (ICO) said.

Continue reading...

Excited about the Final Season of Game of Thrones? Be Careful Where You Watch It!

All Game of Thrones fans know it by now – the long-awaited final season is starting on Sunday, April 14th. While you may be overly excited to watch it, you may also be tempted to stream it online for free or resort to torrent websites and download it illegally.

By turning to these resources you are not only breaking copyright laws but possibly your computer as well.

According to the anti-malware researcher Muso, almost 190 billion visits were made to illegal piracy websites in 2018. Nearly half of these people visited the websites in search for television shows, and almost one in five visitors were looking for the latest movie.

Two years ago, before Season 7 of Game of Thrones was released, over 10 million Americans were planning to watch it illegally, and it would be safe to assume the numbers would look equally shocking this year.

Winter is coming, but so is malware

We decided to take a look at what domains our users have tried to access in the past two weeks, to see what type of content Thor Foresight blocked. We investigated all the domains containing keywords related to TV and videos in general.

Below you can see the keywords we looked at. The percentages were calculated out of the total number of TV and video-related keywords.

Thor Blocked Domains April0

Source: Heimdal Security Threat Intelligence Data

According to another recent report, the number of users who ran into TV shows-related malware in 2018 is one-third less than in 2017. But the rest of the findings don’t fall on the bright side at all. Interestingly enough, although there was a one-year gap between Season 7 and Season 8, Game of Thrones was the top target for malware in 2018.

This show alone was accounted for 17% of all the infected pirated content in 2018, with almost 21,000 users attacked.

Where did malicious actors hide the largest number of infected files? Obviously, in the first and last episodes of each season of Game of Thrones, since you are most likely not to miss these.

The same research showed Trojan was the most frequent malware type.

So what can happen if you watch TV shows and movies illegally?

Let’s go through some of the recently discovered security threats in the realm of torrents.

At the beginning of January 2019, a malicious Windows shortcut file was discovered on The Pirate Bay torrent tracker. It injected content from the attacker into browsers and altered search results from Google and other search engines or Wikipedia, also trying to steal cryptocurrency. The malware was hiding in files for the movie The Girl in the Spider’s Web.

At first glance, it looked like just some annoying adware, but after taking a closer look, researchers found the malicious activity is extending to webpages and on Wikipedia entries. The attackers are monitoring websites for Bitcoin and Ethereum wallet addresses, looking to replace them with the ones of the attacker.

On Google, the malware creates fake ads on the top search results. And when searching for certain terms, such as “spyware”, the first two results take you to a cybersecurity solution called “Total AV”.

image1 2

Source: bleepingcomputer.com

What’s more, attackers have also created a Wikipedia donation scam, where they insert a fake banner that says Wikipedia now also accepts cryptocurrency donations. For more details, you can read the full story here.

The chain of recent malware events associated with torrent websites doesn’t stop here.

In March 2019, the “PirateMatryoshka” scheme was also brought to light.

What did the torrent files contain? Instead of the software you were hoping to download from The Pirate Bay, you would come across a Trojan, which was disguised as genuine software. If you were to install it onto your computer, you’d ended up buried in adware. This doesn’t stop here, as additional installers can be introduced to bring even more malware and wreak havoc into your PC.

The easy way to protect yourself against malware
Here's 1 month of Thor Foresight Home, on the house!
Use it to: Block malicious websites and servers from infecting your PC Auto-update your software and close security gaps Keep your financial and other confidential details safe

EASY AND RELIABLE. WORKS WITH ANY ANTIVIRUS.

Try Thor Foresight

Traps can be hidden anywhere

Unfortunately, malicious actors are finding more and more ways to attack you. It seems they are now also relying on popular search terms to infiltrate into your system.

Even searching for your favorite actor’s name could result in some unwanted results. For example, returns for “Emilia Clarke” are among those most likely to be infected with malware, according to a recent study. By clicking on these results, users are tricked into visiting malicious websites. What these websites can do is steal passwords or other personal info.

Malware could be hiding anywhere when you try to watch your favorite TV show illegally. To be one step ahead of cybercriminals, we recommend you also read our in-depth explanation:

Here are also a few key pieces of advice to keep in mind before watching Game of Thrones:

Never access suspicious links that promise you leaked episodes or exclusive early premieres.

Always look up the TV show’s episodes release dates. If something looks too good to be true, it probably is. Here is the Game of Thrones Season 8 complete schedule (the official US release dates):

  • Episode 1: April 14, 2019
  • Episode 2: April 21, 2019
  • Episode 3: April 28, 2019
  • Episode 4: May 5, 2019
  • Episode 5: May 12, 2019
  • Episode 6: May 19, 2019

Ditch the torrents and illegal streaming websites.

Here is what you can do instead:

  • Use subscription-based services, such as HBO Go or HBO Now, Hulu, Amazon, Playstation Vue, or Roku.
  • Download the episodes on iTunes, Google Play, or Amazon Prime. Yes, these options are pricier than using subscriptions, but if you don’t want to be committed to a subscription that’s perfectly fine.
  • If these services are not available in your current region, you can consider using a VPN. A VPN deals with these issues and on top of that, it’s crucial for online security. For instance, a VPN can provide good protection against man-in-the-middle attacks. In this case, someone could intercept your online traffic, and the data you think you share securely (for example, financial data) could be easily deciphered by hackers.
  • Beware of illegal streaming services that may look legit and could ask for your money just like a normal streaming service would!

Apply software updates constantly.

We can’t stress this enough – lack of updates create security holes that can be easily exploited by hackers.

Use an anti-malware solution to secure your digital life.

Thor Premium offers you protection in front of the most advanced malware threats and blocks them before they can reach your PC.

Final Words

Are the risks of watching TV shows and movies illegally actually worth it? We warned you, but it’s your decision to make.

Meanwhile, until the first episode of season eight is out, enjoy this version of GoT’s soundtrack, played by an old computer hardware orchestra:


What are your thoughts on online piracy? How are you planning to watch the final season of Game of Thrones? Share your comments in the section below.

The post Excited about the Final Season of Game of Thrones? Be Careful Where You Watch It! appeared first on Heimdal Security Blog.

The New EU Copyright Law and Its Security Risks: An Interview with Alex Lungu

The new EU copyright law was passed at the end of March, in a highly controversial move. There were many voices campaigning against it, with prominent critics foreseeing that although this initiative means to tackle many of today’s online copyright problems, it might end up doing more harm.

More than 5 million people signed a petition against the initiative. The vote itself was a close call, but, sadly, a lot of the representatives who had a right to vote on the new law failed to attend. The opposing voices say that at least two issues of the EU copyright law are problematic: the so-called link tax and the upload filter. Both have been under intense scrutiny and suspicion, as critics claim they could be the end of internet and online free speech as we know it.

It’s true that the old laws regarding relations between businesses and consumers need to be updated after the internet revolutionized everything. The EU has done everyone a solid with the updated law on private data collection, namely the GDPR. With the new EU copyright law, however, it seems to have been more of a miss.

alex lungu delivering his tedx talk

Alex Lungu delivering his TedTalk alongside his colleague, Ioana Pelehatai. Image source: TedXBucharest.

To help bring the voice of an expert to the table, I sat down (virtually) with Alex Lungu, one of the heads behind the Copy-Me web series, internet freedom campaigner and TedX speaker. Here’s what he had to say about the current concerns about the freshly passed copyright law.

Setting More Context for Discussing the EU Copyright Law

You can read more about the EU copyright law here, and more takes on why the new law is problematic on ZDNet, on the blog of Julia Reda, the German Member of EU Parliament who was among the most vocal critics of the law, and on the Electronic Frontier Foundation.

My Interview with Alex Lungu of Copy-Me: Does the New Law Bring Cybersecurity Risks?

Alex lungu copy me portrait

Image source: Animation Worksheep.

Miriam Cihodariu: What does the new copyright law actually affect for the regular citizen (not for journalists or professional publishers)?

Alex Lungu: Everything you post online in the EU will have to go through an automatic filtering system. Robots can’t read irony or humor. So a lot of what we now post online could be flagged as a copyright violation. And automatically be taken down the minute you hit that “post” or “upload” button.  It will essentially establish private censorship police, in which private, for-profit players get to decide what you can say online.

M.C.: How about small and medium companies, how will they get impacted by the new law?

A.L.: The new rules grant an exception for SMEs only for the first three years of an online service’s existence. You lose that privilege if you attain more than 5 million visitors or hit more than 10 million Euros in annual revenue. So if you want to grow, you will be forced to invest in an automatic filtering system sooner rather than later. Google spent 100 million dollars on YouTube’s ContentID, and it’s really inaccurate and prone to over-blocking. And you will prefer to over-block content in order to not risk being sued.

Thor Foresight makes sure that link is safe!
Your parents and friends will click any suspicious link, so make sure they're protected.
Thor Foresight Home anti malware and ransomware protection heimdal security
Thor Foresight provides: Automatic and silent software updates Smart protection against malware Compatibility with any traditional antivirus.

SECURE YOUR ONLINE BROWSING!

Get Thor Foresight

M.C.: From a cybersecurity point of view, will this make data better protected somewhat? Will the new law bring new cybersecurity risks?

A.L.: On the contrary, there are just a few filter companies out there, so an EU-wide filtering system is bad news for your private data. Germany’s Federal Data Protection Commissioner has already warned that the oligopoly of these filtering companies put people’s data at risk. There is a lot of data and internet habits to collect if you plan to filter everything that your users post on your website. Think of all the health data your app collects.

M.C.: Critics of the new copyright law say this will lead to a more centralized data management, in the hands of just a few companies. Will this mean more potential for hacking or for abuse?

A.L.: Of course. Fewer players on the market means that there is more data in a single place. There’s tons of information a bad actor can collect about you, and one place to get it all. From the private conversations with your close friends to the one nude photo you once sent to a friend by accident and immediately deleted.

M.C.: How about the voices that say this could negatively impact human rights in certain regimes?

A.L.: As far as I know, they are right to issue these warnings. A study from 2017 concluded that this filtering system is “incompatible with the Charter of Fundamental Rights of the EU”. These filters will certainly censor a film critic’s video if they use even a second of video from that movie. Or a political opinion if you use audio to illustrate the errors in a politician’s speech. These are unfortunate realities that people are already dealing with. An EU-wide adoption will only hinder free speech for the sake of protecting a very small percent of the industries out there.

M.C.: Does the new law inadvertently aid extra surveillance? Is that a good thing or a bad thing for cyber-security?

A.L.: In my book, any extra surveillance is bad. Most terrorists, for example, were already on watch lists and they even planned their attacks by communicating in plain text over unencrypted networks. The problem with today’s cyber surveillance isn’t that it doesn’t surveil enough. It’s that it casts a net which is way too wide. With such a big database, law enforcement doesn’t have the manpower or the capabilities to sift through all of it and detect the bad actors in time.

M.C.: Finally, how would you connect the new law to the risk of identity theft?

A.L.: Well, there’s plenty of evidence of maleficence already. Today’s filtering systems don’t call for any verification process for the person/company who claims a particular work. Anyone can claim that a video is theirs without any countermeasure. This leads to plenty of abuses. Music artists have had their music taken down from SoundCloud out of pure spite. Other bad actors have even tried to extort creators in exchange of releasing the copyright claim. We are just seeing the first wave of what can happen once you give people the power to censor someone else’s content.

M.C.: Thank you, Alex.

A few closing thoughts:

I guess we’ll all have to just wait and see how well the new EU copyright law will be implemented and how much of these pitfalls we will manage to avoid. Knowing how inertia in institutions works at a macro scale, I, personally, am not very optimistic.

But to make the best of the situation, I will follow-up this interview with more posts in which I’ll try to navigate with you how to protect your data, privacy and digital rights from the negative effects of this law. Whether you’re a small company, a blogger or a non-profit organization, I think I’ll manage to provide some actionable advice for everyone. Stay tuned by subscribing to our blog!

The post The New EU Copyright Law and Its Security Risks: An Interview with Alex Lungu appeared first on Heimdal Security Blog.

5 Common Myths about Software Updates You Need to Know

After every major data breach or ransomware attacks happens, you probably hear at least someone saying: “If they had applied software updates in time, maybe these attacks could have been prevented or avoided”.

When it comes to closing vulnerabilities found in computers and systems, the go-to solution is always patching the software, but how many of us really apply updates in a timely manner?

Many cybersecurity specialists and practitioners, ourselves included, keep focusing on raising awareness on this topic and urging both Internet users and organizations to update (or patch) their software as soon as they are available.

Besides constant, friendly warnings and all the efforts made to address this issue, software updating remains one of those things that no one does, ignore or postpone it as much as possible.

Patching is often considered challenging, and hard or, at least, that’s what most of us believe it is. But not applying software updates – especially the critical ones – quickly and regularly only makes everyone (Internet users and organizations) more vulnerable to ransomware, data breaches, and other online threats.

The cybersecurity risks of not keeping software up to date

Two of the most devastating and serious cyber attacks examples we can think of, were only possible because security updates weren’t installed in time. The Equifax data breach was caused by a security hole in the Apache Struts web application framework which wasn’t updated. The WannaCry ransomware attack of “unprecedented level” also did a lot of damage, but mainly affected those computers that were unpatched and unprotected.

In light of the recent Asus malware attack which was spread through software updates, Matt Blaze, a professor at Georgetown University, shared his thoughts on the topic of patching, in which he emphasized the importance of applying updated to be safer online.

To protect against the insidious threat of malicious updates, it might be tempting to immediately disable these mechanisms on your computers and smartphones. But that would be a terrible idea, one that would expose you to far more harm than it would protect against. In fact, now would be a fine time to check your devices and make sure the automatic system update features are turned on and running.

New research mentions the security risks caused by unpatched vulnerabilities, by stating that “55% of all programs installed on personal computers running Windows are outdated”.

The same thing applies to the mobile industry where one of the most concerning security threats is related to outdated software. The most frequent ones are found on the Android operating system, which is a targeted OS by cybercriminals.

But Google is investing all efforts in improving the ecosystem with its Android Security Improvement Program with the main goal to help Android developers built and release apps without known vulnerabilities. The company already helped more than 300,000 developers fix more than 1 million apps on Google Play and will probably continue doing it.

Today, any software is running, it is exposed to attacks and hackers don’t miss any opportunity to find security holes and exploit them.

Why it is important to apply software updates

Talking about software updates is like talking about whether you should go see a doctor or not. Some find it like being a precautionary measure, others just ignore it. Same goes with applying available updates: they are not only important for our online safety but software updates are hardly necessary.

To simply put it, applying available updates for operating systems and applications such as plugins, browsers, desktop apps (which include both security and feature patches) mean to fix and improve the software you are currently using.

Some of you may affirm that after finishing the updating process, there have been side (negative) effects, and something didn’t work as it did before, some features just vanished, or the interface of the app/software is different. And you need hours to figure out how it works or how to adapt, I understand.

Yes, we all find updates annoying sometimes, just by popping up when we try to work on a project, or watch a movie. But it doesn’t mean we don’t have to do it.

We have to make patching a top priority! Plus, you can always have the option to turn on the “automatic updates” feature (if available) or use a specialized security solution to handle software updates, automatically and silently, by saving time and energy.

Applying software updates is one of the most proactive things we can do to seriously enhance online protection and improve security. Also, we do it so we don’t get hacked and see our valuable data in the hands of cybercriminals. The faster we update it, the better it is.

While doing an expert roundup with cybersecurity professionals to get a more in-depth opinion on the topic of applying software updates, we found out that all of them advocate for installing security updates as early and regularly as possible. If you read carefully what these security experts have to say about software patching, next time you’ll not ignore or postpone another update.


Check out these myths about #softwareupdates that you need to know.
Click To Tweet


Also, it is important to apply patches because:

  •  They address a specific and critical vulnerability which can be fixed and closed in a timely manner before malicious actors can exploit it;
  • It is a proactive security measure that lower the risks for both home users and companies to be exposed to cyber attacks in which cybercriminals target their sensitive data;
  • They improve the operating system and make the app more stable, and also enhance the overall security posture;
  • Your data is more secure – Probably the most important docs, photos, or personal information are stored on the devices you use daily. They could get easier in the hands of cybercriminals which encrypt data and block access to it. Applying patches help keep malicious actors at bay;
  • They bring the latest features and improve the existing ones – Software updates not only close security vulnerabilities but also improve your OS or app, by adding the newest features and making your device work smoothly.
The easy way to protect yourself against malware
Here's 1 month of Thor Foresight Home, on the house!
Use it to: Block malicious websites and servers from infecting your PC Auto-update your software and close security gaps Keep your financial and other confidential details safe

EASY AND RELIABLE. WORKS WITH ANY ANTIVIRUS.

Try Thor Foresight

With all these strong reasons in mind to keep programs and apps up to date, there are still various security myths integrated into our general knowledge.

Whether it’s easier to believe different misconceptions or more comfortable to listen to “best practices” from others – even if they aren’t true – we still accept them and spread around as general beliefs.

That’s why we wanted to address some of the most common myths related to software patching that could help you and I better understand why applying updates for apps and OS is of utmost importance.

 5 frequent software updates myths you probably hear (but you need to forget about)

Let’s have a look at these myths and analyze them to better understand why action and proactivity are vital when it comes to keeping your software up to date.

Myth#1 – “This is not a priority, I can just skip the updating part for another time

Probably one of the most harmful thinking you need to forget about. And that “another time” decision may be too late if you want to better secure your digital assets.

Security specialists advise to make patching a priority and apply updates within the first hours of becoming available. Not tomorrow, not in one week or month. As soon as possible, because the speed of patching will make a difference.

If you spend more than one week (or even day) in getting up to date with your software, it might be late. Cybercriminals operate fast and find innovative ways to exploits software vulnerabilities. That’s why we have to keep applying these updates and begin with the most important service/app we’re using.

However, before prioritizing we first need to acknowledge what are the security risks and consequences and how big the impact is for your online safety.

It should not be only a priority, but a basic and standard cyber hygiene for everyone.

Myth#2 – “If I focus on apps that carry the most prevalent vulnerabilities I am safer”

Here’s another myth we recommend letting go and try seeing things from a different perspective.

We strongly recommend applying all available updates for all apps that you’ve installed and used. Focusing only on those apps with a higher risk doesn’t make you safer.

Every app will ask users for regular updates, and they’ll (probably) nag you with notifications until you patch it. As annoying as it may be, keeping your installed apps up to date is still important for security reasons.

You can also look for the “settings” section of your apps and select the option to receive apps update automatically when a new version is available.

Nevertheless, it is important to understand that installing updates will also make a difference in terms of performance (bringing new features), not only security wise (bug fixing).

At a business level, many organizations decide to focus on patching a specific pool of software products and apps which are considered to be among the most popular when it comes to vulnerabilities.

This is not entirely true. A Fortinet report concluded that “90% of organizations the company protects have experienced cyber-attacks during which intruders tried to exploit vulnerabilities that were three years or older. In addition, 60% of organizations were attacked with exploits ten years or older.”

It is easier for cybercriminals to find a working exploit in one vulnerability and launch an attack within a targeted organization.

Myth#3 – “If I apply only software updates for Microsoft apps is enough”

Here is another common myth that we’ve been hearing and reading about.

If you decide to patch only the Microsoft OS and applications it is not enough to keep your system protected from advanced forms of malware and hackers’ attempts to gain access to sensitive data.

Don’t forget about the third-party applications, such as Adobe Flash or Firefox, have become an attractive and major attack vectors for hackers.

Researchers at Recorded Future observed that Adobe Flash vulnerability still ranked as “the second most used exploit by hacking groups.”

If you want to dive deeper and know more Flash vulnerabilities, how to disable Adobe Flash and how you can avoid getting your data compromised, read our detailed article about it.

Here’s also some insights from Microsoft MVP Brien Posey explaining how to get third-party patches deployed.

Myth #4 – “Cybercriminals usually target and get in through perimeters, so it’s better to focus on keeping them up to date”

Rather than focusing on securing the perimeter, we encourage users and companies to have a broader security mindset and take into consideration all risks that could lead to malicious actors harvesting data and causing business disruption.

For those who don’t know, perimeter security means using traditional solutions such as firewalls or antivirus to build defenses and protect a defined boundary (system) from unauthorized physical intrusions.

Patching perimeters are just one part of securing your most valuable digital assets, but it’s not enough.

According to a 2018 report, 15 hours it took for most of the cybercriminals to breach a target system, identify critical data and exfiltrate it.

Here’s another point of view highlighting the idea of thinking beyond the security perimeter:

Focusing on a strong perimeter to keep the bad guys out seemed to work well enough for a while. But now that attackers routinely reuse credentials or low-tech phishing techniques to enter, and now that data is no longer kept within a perimeter, this outside-in approach is no longer practical.

Security specialists consider perimeter security just basic hygiene and the first line of defense, but we need to adopt a multi-layered security approach to enhance online protection.

Mikko Hypponen, one of the most known cybersecurity experts and Chief Officer at F-Secure recently underlines the importance of patching:

Patch your systems, use the automatic updates. The updates will make you safer. And here it was the update which burned them. Nobody expects to get hacked through automatic updates.

Myth#5 – “If I patch my software once, I can rest assured that my computer is secure”

Patching your operating systems and apps is vital to fix vulnerabilities and stop hackers from exploiting them. But it’s not enough to do it just once to protect your computer.

The best practice is that you need to patch constantly, as soon as new updates are available.

If we talk about critical vulnerabilities that have published exploit code, users and companies are urged to address patches immediately.

In terms of patching frequency, it’s worth mentioning that each OS vendor and application vendor releases updates at a specific frequency (see Microsoft Patch Tuesday) or in special cases, for newly discovered and critical vulnerabilities.

As we already said, the speed and timing of patching can be crucial, because if you don’t apply updated after they’ve been released, you leave an open window for cybercriminals to exploit them and launch new attacks.

Final thoughts

Software updates myths will probably continue to exist, as long as we look for easy solutions and basic answers to our most common security fears.

But we need to keep in mind that software patching remains an important issue to address if we want to maintain a high level of security. And, at the same time, a challenge for both users and companies.

This is why it’s essential to leverage the key advantages of patching as a proactive security measure and urge everyone to cultivate a healthy and constant habit of keeping their software up to date.

If they want to be less prone to cyber attacks, home users need to adopt the proactivity mindset and keep their software updated. And, when (if) possible, to enable automatic updates or search for alternatives that provide automatic updates.

At a corporate level, it is essential to spread a security culture within an organization and implement basic patch management practices that will help them better control and protect valuable data.

What’s your opinion on this topic? Do you believe in these myths and how much attention do you pay to software updates?

We are curious to know your thoughts, so feel free to share them in a comment below.

And remember! Next time you see the “we’ve got an update for you” message displayed on your computer’ screen, make sure you apply it immediately, not another time.

Stay safe!

The post 5 Common Myths about Software Updates You Need to Know appeared first on Heimdal Security Blog.

Are Hackers Threatening the Adoption of Self-Driving Cars?

Automotive manufacturers have realized the future lies in self-driving cars. We may be taking small steps, yet we would like to be headed to an autonomous driving utopia. Here, every road is safe, smart, connected, fast, reliable.

It may be just a dream right now, but how far are we from achieving this goal?

In this article, we will walk you through the current state of autonomous vehicles, and most importantly, examine how safe driverless cars actually are from a cybersecurity perspective.

A brief history of self-driving cars

Let’s start off with a little bit of history.

You may be amazed to hear people started working on driverless cars prototypes since the 1920s. Back then, a radio-controlled car was invented by Francis Houdina, which he controlled without a person behind the steering wheel on the streets of New York.

Impressive, right?

Throughout time, there have been multiple attempts to develop the industry and encourage driverless cars’ adoption. You can access this resource to go through a quick timeline of self-driving cars.

Fast forward to more recent days, Waymo, formerly known as Google’s self-driving car project, is the first commercial self-driving car and was launched in December 2018. Through an app, Waymo offers ride-hailing services to people in from the United States, Phoenix area.

Will 2019 be the year of self-driving cars?

Here are a few facts and predictions for 2019:

  • This year, companies such as General Motors, Uber, Volkswagen, and Intel are competing in the ride-hailing movement and are making promises regarding when their fully autonomous vehicles will be available. The general answer seems to be between 2019 and 2022.
  • Elon Musk, CEO of Tesla, is expecting to see Tesla’s self-driving feature fully available by 2020.
  • The UK government has announced its commitment to having completely autonomous vehicles on the roads by 2021.
  • 2019 will be the year of Level 4 autonomous vehicles.

Did you know a car can have six automation levels?

In the image below you can see exactly what Level 0 to Level 5 actually mean.

image4 1

Source

How do people view self-driving cars?

Autonomous vehicle manufacturers promise to deliver a safe, enjoyable, and fast experience, freeing the drivers of the stress of driving, while allowing them to fulfill other tasks.

But what is the general opinion towards autonomous cars?

According to Deloitte’s 2019 Global Automotive Study, consumer perception of the safety of autonomous cars has stalled in the last year. This attitude is predominantly influenced by media reports of accidents involving self-driving cars, many of which were fatal.

Here you can read a report on these type of accidents.

Source: Deloitte

The concern around safety is also reinforced by Perkincoie’s research, which shows that consumers’ perception of safety is the biggest roadblock to the development of self-driving vehicles in the next five years.

As per another study conducted by the American Automobile Association (AAA), almost 3 in 4 Americans are afraid of self-driving cars. According to the same research, only 19% would trust self-driving cars to transport their loved ones.

What’s more, there are some people who seem to despise the autonomous vehicle’s technology and even manifest violent behavior towards it. At least 21 attacks against Waymo cars have been reported. People have tried to run the vehicles off the road, thrown rocks at them, slashed the tires, or even yelled at them to leave the neighborhood. This behavior seems to be fueled by people’s concern with safety and even potential job losses.

Some also believe self-driving will most likely cause traffic congestions.

What is the reason for that, you may be wondering since they were created to simplify traffic movement in the first place?

The autonomous cars could be programmed to aimlessly drive on the streets, without parking, in order to avoid payments. Basically, the price for recharging an electric autonomous car would be much lower than the overall parking fee.

The concerns around data collection and privacy

The same Deloitte 2019 report shows most people are worried about biometric data being collected by self-driving car manufacturers through their connected vehicles and sent to other parties.

Source: Deloitte

In truth, data does need to be collected in order to improve functionalities, but this could also cause the invasion of your privacy.

So the question is where that data ends up and how it’s actually used. Some may argue that it could be shared with the government or used for marketing purposes.

Thus, authorities need to put strict rules and regulations in place.

Solving the cybersecurity question

Without a doubt, autonomous vehicles need state-of-the-art cybersecurity.

According to a recent study which surveyed auto engineers and IT experts, 84% of respondents were concerned that car manufacturers are not keeping pace with the industry’s constantly increasing cybersecurity threats.

Since self-driving cars have been involved in numerous accidents, this means they still have flaws, which can become exploited by malicious actors. Although taking care of aspects such as having proper navigation systems and avoiding collisions are obvious priorities for manufacturers, cybersecurity should also be top of mind.

According to Skanda Vivek, a postdoctoral researcher at the Georgia Institute of Technology, if people were to hack even a small number of internet-connected self-driving cars on the roads of the United States, the flow of traffic would be completely frozen. And emergency vehicles would not even be able to pass through.

image5

Source: Skanda Vivek/ Georgia Tech

“Compromised vehicles are unlike compromised data,” argues Vivek in the study’s press release. “Collisions caused by compromised vehicles present physical danger to the vehicle’s occupants, and these disturbances would potentially have broad implications for overall traffic flow.”

Around four years ago, researchers Charlie Miller and Chris Valasek remotely hacked a Jeep Cherokee as an experiment. They used a laptop to do it while being at a 10-mile distance and managed to take full control of the vehicle.

Watch below what happened:

This was not even a self-driving vehicle, but the same scenario can be applied to one. In fact, this can even be more plausible in the case of autonomous cars due to their increased internet connectivity.

Right now, you won’t find two identical automation systems in the industry. Yet, according to the University of Michigan’s report, as systems become more generic, or even using open-source software, one attack could spread across every car deploying the same system. Just like it happened with the WannaCry ransomware attack, which infected more than 300,000 computers in 150 countries during, at an estimated cost of $4 billion.

But are things really that bad?

On a more positive note, there are cybersecurity experts who believe in the future, fully-autonomous cars will be much harder to be hacked than we might think. This “fully-autonomous” technology (remember Level 5 we were talking about above?), will rely on multiple sensors and communication layers.

At the moment, self-driving cars are only using one or two sensors for object detection, according to Craig Smith, research director of cyber analytics group Rapid7.

In his view, since it’s already quite difficult to hack a single sensor, a malicious criminal will find it even harder to override a complex sensor system.

“If we’re having a discussion about what’s safe, it’s more likely that you’ll get into a car accident today than someone will hack into your car tomorrow”, Smith pointed out.

How can we stop self-driving cars from being hacked?

The good news is that experts are constantly working on developing better security systems.

For instance, just a few weeks ago, SK Telecom announced the launch of a solution based on Quantum Encryption.

image3

Source

How does it work?

As per SK Telecom, this is an “integrated security device that will be installed inside cars and protect various electronic units and networks in the vehicle”.

Also, the gateway, which was developed together with the controller maker GINT, will be used to secure the all the vehicle systems: Vehicle-2-Everything (V2X) and Bluetooth communication systems, car’s driver assistance, radar, and smart keys. Drivers will also be alerted of any suspicious behavior.

The gateway basically transfers a quantum random number generator and Quantum Key along with the vehicle’s data that will “fundamentally prevent hacking and make the cars unhackable”, according to SK Telecom. The company also added that this move was to facilitate security in the 5G era.

This is not the first initiative of this kind. In another project, the cyber-security group at Coventry University’s Institute for Future Transport and Cities (FTC) teamed up with the quantum experts at cybersecurity start-up Crypta Labs and they also reportedly worked on this quantum technology that can prevent hacking.

Here’s a bonus

We stumbled upon a great video that we’d like to share with you, in which Victor Schwartz, a partner at Shook, Hardy & Bacon, talks about the potential risks of driverless cars – privacy issues and cybersecurity.

You can watch the full video here:

Conclusion

At the moment, concerns around the self-driving technology clearly outweigh the benefits. It’s now crucial for manufacturers to focus on autonomous cars cybersecurity problems, employing dedicated staff to work on these issues. However, with proper security measures in place, hacking risks can be, in time, dramatically reduced.

Would you trust a self-driving car? What’s your opinion on the overall security of autonomous vehicles? We would love to hear your thoughts in the comments section below.

The post Are Hackers Threatening the Adoption of Self-Driving Cars? appeared first on Heimdal Security Blog.

Online Criminal Impersonation 101: Our Own Case of CEO Fraud

You’re probably familiar with the legal term of criminal impersonation, but how does this felony take place when it’s online?

What is the usual approach employed by hackers or someone with malicious intent towards you personally?

What can you expect from it?

Are the impersonators risking anything?

How can you find out and protect yourself from its effects?

All these questions and more will be addressed below. In the following story, I’ll share with you the key facts of online criminal impersonation, as well as show you what happened in our own organization.

Wondering what you will learn from this post?

First, the ground facts on what is criminal impersonation in general and online criminal impersonation in particular.

Then, the basics of what is CEO fraud, how it usually works, how to spot it and how to prevent becoming a victim of it.

Finally, a look inside a real-life example from our own company. A group of not very smart hacker wannabes tried to impersonate our CEO in a bad attempt at CEO fraud. As much as we were amused, we know this tactic can be successful if you’re not careful, so we decided to share the story with you all, as a cautionary tale.

Ready?

Here we go!

What Is Defined as Criminal Impersonation?

First of all, and this may be a bit of a surprise, you should know that it’s not always illegal to impersonate a person or business entity, or to claim you are them although you are not.

Shocked?

We understand.

One of the virtues and curses of the internet is that some degree of anonymity and creative falsehood are always allowed. If a strict forbiddance would be set in stone about this, people could never perform satire, fantasy humor, role-playing and so on. These are all quasi-harmless activities but crucial for nurturing a climate of free speech.

As much as it can be dismaying to discover that pictures of you or your family members are used by fake profiles and the like, it’s not a criminal offense.

Thor Foresight makes sure that link is safe!
Your parents and friends will click any suspicious link, so make sure they're protected.
Thor Foresight Home anti malware and ransomware protection heimdal security
Thor Foresight provides: Automatic and silent software updates Smart protection against malware Compatibility with any traditional antivirus.

SECURE YOUR ONLINE BROWSING!

Get Thor Foresight

At most, the platform where the fake profiles were created will take them down after you report the fraud. But the people who were behind it are not criminally liable (prosecutable).

There have been some attempts to redefine current laws in order to criminalize more hacking actions, such as breaking into IT systems, IP spoofing and the like. While it’s definitely on the table, it’s not a reality yet.

Ok… so what then counts as criminal impersonation?

Definition: Criminal impersonation refers to those cases of impersonation committed as part of an attempt to gain benefits, or to cause harm to their victim. For example, hackers could be looking to commit something illegal while posing as you or to gain financial benefits (such as obtaining a loan in your name).

In other cases, it’s not about what they can gain, but about what you can lose.

A disgruntled ex, or former employee, or simply someone out to get you can impersonate you just for the purpose of causing harm. Creating fake explicit profiles in your name (and with your pictures) on adult dating websites, or hacking into your social media accounts to post embarrassing updates are just a few examples of how this can go down.

Sometimes, it’s entirely offline, although this takes considerably more effort to pull off. In a very disturbing news story, it was reported that some men pose as police officers in order to coerce women. In other cases, real flesh-and-bone people pose as attorneys, accountants, private detectives, real estate agents and so on. They meet with you, offer preliminary consultation and charge you an advance fee. You’re convinced that it’s all legit. Nevertheless, they disappear with your money afterward.

What Is Online Criminal Impersonation and What Forms Can It Take?

While criminal impersonation, in general, includes all offline and online activities pertaining to this type of behavior, online criminal impersonation is obviously restricted to just the digital aspects.

For individuals:

There are many ways in which you can become a victim of online impersonation (criminal or not) as an individual.

If the hackers are impersonating you:

  • Financial loss (opening up credit or new accounts in your name);
  • Reputational loss (posting compromising things or using your faked identity to spread their operations further under its guise);
  • Hacking into your workplace using your identity (the target here is the company, but your credentials are used for the hack, so you could be held liable for any wrongdoing);

If the hackers are impersonating your conversation partner:

  • Catfishing (A type of social scam where a new romantic partner you’re chatting with is actually a hacker looking for financial gain);
  • Spear-fishing and BEC (business email compromise) attacks, where hackers are impersonating an entity you trust, like your bank or a business partner;
  • If hackers are impersonating your boss (like in the example of CEO fraud we’ll discuss below);
  • If hackers are impersonating a family member (by stealing their social accounts and phone, texting you that they’re in trouble and need a large sum of money right away, for example);

More examples can follow; to cut a long story short, the bottom line is that hackers are always creative about finding new ways to exploit identity theft and online criminal impersonation.

Here’s a crunch-down on the most common ways in which the information of victims was misused in 2017, according to iii.org.

types of identity fraud for 2017

 

For Businesses:

For business entities, online criminal impersonation can get much more sophisticated than for private persons, and the stakes are much higher, too. The impersonation is also almost always of a criminal nature since the attackers are aiming to gain a financial advantage or to harm the business.

This means that online criminal impersonation can take many forms.

One of them is for the malicious parties to claim they are another company with which you are already working with, and send invoices to your company. If you expect those invoices and if the virtual identity of the hackers is almost indistinguishable from the one of the real company they are impersonating, then you won’t be surprised by this.

The hackers may even send you invoices with the exact amounts you expected (if they managed to get into the systems of the company they are impersonating). Then, of course, after you pay up, the hackers disappear and you are left to deal with the real third party which still needs those invoices paid.

Do you think it sounds like something only rookies could fall for? Think again. A Lithuanian man has been caught (and pleaded guilty) for stealing 100 million from Google and Facebook using this method. If it can happen to tech giants such as Google and Facebook, it can happen to anyone.

Out of all these forms, business email compromise (also known as BEC) is one of the hacker’s favorite ways of causing mayhem.

What you need to understand is that this is a very lucrative business for hackers.

How lucrative?

Well, according to the FBI, malicious hackers managed to make over $3 billion from this type of B2B scam from October 2013 to May 2016. Since then, the numbers are probably much higher.

And you know what?

That’s just the amount of money with which they managed to get away with. As I said, it’s a very lucrative business, and if you’ve been following our blog you’re aware that malware is getting more and more creative.

What Is CEO Fraud?

CEO fraud is a particular type of BEC (business email compromise) and online criminal impersonation. It’s when you receive an email that seems to be from your top boss (or CEO), asking you to do something on their behalf and keep it secret.

If you’re not paying attention and you fall for it, hackers will be able to either gain access into the company’s systems or steal money from accounts and so on.

Surprise, surprise.

That email was not actually from the CEO. But sometimes, it can be difficult to tell and you don’t want to appear silly or to waste your boss’s time by asking for a confirmation or questioning the info.

Do you know what this is called?

Social hacking or social engineering.

It’s precisely because hackers are anticipating these all-too-human reactions (shame, fear, doubt, the desire to be helpful and ingratiate yourself with the boss) that they get their way. They are counting on our ability to be social (hence the name of social hacking).

But don’t fear and practice critical thinking. Educate yourself. Subscribe to our blog. Get a second opinion. It never hurts to be extra cautious.

How to Spot CEO Fraud: Tell-tale Signs

Here are a few ways in which you can immediately tell that you’re dealing with CEO fraud:

  • The email address is not the legitimate one, with the exact domain name. Be extra mindful of typos, since almost accurate domain names are a hackers’ favorite.
  • The CEO is asking you to handle something in secret. If it was really such a sensitive issue, wouldn’t they ask you this in person? Use your better judgment.
  • They are asking you to disclose a piece of particular informatio, or to install something on your computer.
  • The message is written with some mistakes since English is not really the strong suit of most cybercriminals.

Remember, sometimes the CEO fraud is a really good one, with perfect English and the right email address. It still doesn’t mean it’s legit and it never hurts to check with the boss in person.

What to Do If You’re a Target of CEO Fraud or Online Criminal Impersonation

First of all, do not engage with the fake account in any way. Do not give in to ransom attempts or do what they ask.

If it’s a simple matter of CEO fraud, just report it to your company executives and to the authorities.

If it seems to be a more serious matter of online impersonation, do your best to recover your accounts, and get in touch with all possible parties to alert them about this (your family, your employer, your bank, the police).

Here is where you can report identity theft:

The Heimdal Security Case: Hackers Pretended to Be Our CEO Morten Kjaersgaard

As I mentioned above, it recently happened to us too. Several of our employees received emails which seemed to come from our CEO, asking them to reply to them with some financial data. Of course, the text mentioned the urgency and secrecy of the project.

But upon a closer look, everyone could tell that even though the name of the sender is that of our CEO, the address it was coming in from was intern@phone-bosshq.com. That is in no way a legitimate address.

Furthermore, if you look carefully, the email contains several spelling mistakes which are tell-tale signs of foul play.

 

Good morning [employee name] ,

I need you to manage a high priority situation with my Attorney [lawyer name].
It’s about a prime concern deal for the group, regarding a foreign corporation bid acquisition.

[Lawfirm name] lawyers offices ordered me that do not treat this case from Headquarters but use a foreign subsidiary to avoid leaks and insiders trading.
I did choose you to take control this operation with my lawyer and I.

No one else except us must be informed at this time.
Regarding this case the Financial Markets Authority has warned us that we must communicate only by email until the public announcement should made within the next few weeks.

First of all [employee name] provide me immediately the available cashflow of our bank account in UK.
Also give me another phone number which on you are comfortable to talk with him.

As soon as I receive those information, I will share with you further instructions.

Best regards,

Morten Kjaersgaard

Take a look at the text we replaced in the brackets. The hackers were using the names of very prominent (and legitimate) attorneys and law firms, as a way of adding credibility to the claim.

In other wide-spread cases, hackers simply invent law firms to start with. This way, if you contact the so-called attorneys to verify the claim, you’re talking to the initial hackers and, of course, they will confirm their own story.

In our case, this attempt of CEO fraud was a poorly executed one. The email of our CEO was not correct, the text was full of mistakes and the pretext laughable. But attacks like these still manage to go through, and businesses lose money and sensitive data to such attackers every day. Stay vigilant, informed, and safe.

The post Online Criminal Impersonation 101: Our Own Case of CEO Fraud appeared first on Heimdal Security Blog.

Hidden & Fake Apps: How Hackers Could Be Targeting Your Connected Home

Like most parents, before you go to sleep each night, you take extra care to lock doors and windows to keep your family safe from any outside threats. The only thing you may have overlooked is the smartphone illuminated on your nightstand. And if you were to add up the smartphones humming all over your house, suddenly you’d have a number of unlocked doors that a determined criminal could enter through. Maybe not tonight — but eventually.

Digital Ecosystem

Over time you’ve purchased and plugged in devices throughout your home. You might have a voice assistant, a baby monitor, a thermostat, a treadmill, a gaming system, a fitness watch, smart TVs, a refrigerator, and many other fun, useful gadgets. Each purchase likely connects to your smartphone. Take stock: You now have a digital ecosystem growing all around you. And while you rarely stop to take notice of this invisible power grid around you, hackers can’t stop thinking about it.

This digital framework that pulsates within your home gives cybercriminals potential new entryways into your life and your data. Depending on your devices, by accessing your smartphone, outsiders may be able to unlock your literal doors while you are away (via your home security system), eavesdrop on your family conversations and collect important information (via your voice assistant), access financial information (via your gaming system, tablet, or laptop).

What you can do:

  • Change factory security settings. Before you fire up that smart TV, drone, or sound system, be sure to change each product’s factory settings and replace it with a bulletproof password to put a layer of protection between you and would-be hackers.
  • Protect your home network. We are connected people living in connected homes. So, part of the wired lifestyle is taking the lead on doing all we can to protect it. One way to do that is at the router level with built-in network security, which can help secure your connected devices.
  • Stay on top of software updates. Cybercrooks rely on consumers to ignore software updates; it makes their job so much easier. So be sure to install updates to your devices, security software, and IoT products when alerted to do so.

Smartphone = Front Gate

The most common entry point to all of these connected things is your smartphone. While you’ve done a lot of things to protect your phone — a lock screen, secure passwords on accounts, and system updates — there are hacking tactics you likely know nothing about. According to McAfee’s recent  Mobile Threat Report, you don’t know because the scope and complexity of mobile hacks are increasing at alarming rates.

Hidden Apps

The latest statistics report that the average person has between 60-90 apps installed on their phones. Multiply that between all the users in your home, and you are looking at anywhere from 200-500 apps living under your digital roof. Hackers gravitate toward digital trends. They go where the most people congregate because that’s where they can grab the most money. Many of us control everything in our homes from our apps, so app downloads are off the charts, which is why crooks have engineered some of their most sophisticated schemes specifically around app users.

Hidden apps are a way that crooks trick users into letting them inside their phones. Typically, hidden apps (such as TimpDoor) get to users via Google Play when they download games or customized tools. TimpDoor will then directly communicate with users via a text with a link to a voice message that gives detailed instructions to enable apps from unknown sources. That link downloads malware which will run in the background after the app closes. Users often forget they’ve downloaded this and go on with life while the malware runs in the background and can access other internal networks on the smartphone.

What you can do:

  • Stay alert. Don’t fall for the traps or click links to other apps sent via text message.
  • Stay legit. Only download apps hosted by the original trusted stores and verified partner sites.
  • Avoid spam. Don’t click on any email links, pop-ups, or direct messages that include suspicious links, password prompts, or fake attachments. Delete and block spam emails and texts.
  • Disable and delete. If you are not using an app, disable it. And, as a safety habit, remove apps from your phone, tablet, or laptop you no longer use.

Fake Apps

Again, crooks go where the most people congregate, and this year it is the 60 million+ downloaded game Fortnite. The Fortnite craze has lead hackers to design fake Fortnite apps masquerading as the real thing. The fraudulent app designers go to great lengths to make the download look legitimate. They offer enticing downloads and promise users a ton of free perks and add ons. Once users download the fake app, crooks can collect money through ads, send text messages with more bad app links, crypto jack users, or install malware or spyware.

What you can do:

  • Don’t install apps from unknown sources. Not all gaming companies distribute via Google Play or the App Store. This makes it even harder for users to know that the app they are downloading is legit. Do all you can to verify the legitimacy of the site you are downloading from.
  • Delete suspicious acting apps. If you download an app and it begins to request access to anything outside of its service, delete it immediately from your device.
  • Update devices regularly. Keep new bugs and threats at bay by updating your devices automatically.
  • Monitor bank statements. Check statements regularly to monitor the activity of the card linked to your Fortnite account. If you notice repeat or multiple transactions from your account or see charges that you don’t recognize, alert your bank immediately.
  • Be a savvy app user. Verify an app’s legitimacy. Read other user reviews and be discerning before you download anything. This practice also applies to partner sites that sell game hacks, credits, patches, or virtual assets players use to gain rank within a game. Beware of “free” downloads and avoid illegal file-sharing sites. Free downloads can be hotbeds for malware. Stick with the safer, paid options from a reputable source.

The post Hidden & Fake Apps: How Hackers Could Be Targeting Your Connected Home appeared first on McAfee Blogs.

You Rang? New Voice Phishing Attack Tricks Unsuspecting Users

In this digital day and age, the average user is likely familiar with the techniques and avenues cybercriminals use to get ahold of personal data and money. With this knowledge, we’ve become smarter and keen to the tricks of the cybercrime trade. However, cybercriminals have become smarter too, and therefore their attacks have become more complex. Take phishing, for example. There has been a dramatic shift in phishing attacks, from simple and general to complex and personalized. What was once spoofing emails or websites has now evolved into something more devious – vishing, or voice phishing. This method involves a cybercriminal attempting to gain access to a victim’s personal or financial information by pretending to be a financial institution via phone call. And now a new vishing attack is proving to be more difficult to detect than the typical phishing scams.

In April 2018, Min-Chang Jang, a manager at Korea Financial Security Institute and Korea University, made a breakthrough in his investigation into malicious apps designed to intercept calls to users from legitimate numbers. This tactic puts a new but troubling twist on the original voice phishing cyberattack. To be successful in this venture, a hacker must first convince a user to download a fake app. To do this, a link is sent to the victim, luring them in with an amazing offer around loan refinancing or something similar, which then prompts the user to download the faulty app. If the target takes the bait, calls will start to come in from the financial institution following up on the possible loan refinancing offer. The call, however, isn’t connected to the actual financial company, rather it is intercepted and connected to the bad actor.

We know that as we adjust to the world around us and become smarter about our security, cybercriminals will do the same with their thievery. Today it’s an advanced vishing attack, tomorrow it could be a different type of phishing vector. However, users can rest assured that companies like McAfee are working tirelessly to ensure our users can thwart any cyberattack that comes their way. While this voice phishing attack is hard to detect, here are some proactive steps you can take to ensure you don’t fall victim to cybercriminals’ schemes:

  • Only install apps from authorized sources. To avoid malicious apps getting ahold of your data, only download apps from authorized vendors. For Android users, use the Google Play Store. For iPhone users, use the Apple App Store. Never trust a third-party app with information that could be exploited in the wrong hands.
  • Turn on caller ID or other services. Numerous carriers now offer free services that notify users of possible scam calls. And a lot of phones come with call-identifying capabilities that can give the user a quick diagnostic of whether the call is legitimate or not. With this feature, users can report scam calls to a database too.
  • Always think twice. In addition to tips and apps, there’s no better judge than common sense so if an offer or deal sounds too good to be true, it most likely is.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post You Rang? New Voice Phishing Attack Tricks Unsuspecting Users appeared first on McAfee Blogs.

809 Million Records Left Exposed: How Users Can Protect Their Data

It’s no secret that technological advancements and online threats are directly proportional to each other. So now more than ever, it’s imperative that users prioritize the security of their digital presence, especially in the face of advanced malware attacks and massive data leaks. Speaking of the latter — less than two months after the Collection #1 data breach exposed 773 million email addresses, it seems we have another massive data dump in our midst. Last week, researchers discovered a 150-gigabyte database containing 809 million records exposed by the email validation firm, Verifications.io.

You may be wondering how Verifications.io had so much data left to be exposed. Most people have heard of email marketing, but very few realize that these companies often vet user email addresses to ensure their validity. Enter Verifications.io. This company serves as a way email marketing firms can outsource the extensive work involved with validating mass amounts of emails and avoid the risk of having their infrastructure blacklisted by spam filters. Verifications.io was entrusted with a lot of data provided by email marketing firms looking to streamline their processes, creating an information-heavy database.

This unusual data trove contains tons of sensitive information like names, email addresses, phone numbers, physical addresses, gender, date of birth, personal mortgage amounts, interest rates, social media accounts, and characterizations of people’s credit scores. While the data doesn’t contain Social Security Numbers or credit card information, that amount of aggregated data makes it much easier for cybercriminals to run new social engineering scams or expand their target audience. According to security researcher Troy Hunt, owner of HaveIBeenPwned, 35% of the data exposed by Verifications.io is new to his database. With that said, it was the second largest data dump added in terms of email addresses to Hunt’s website, which allows users to check whether their data has been exposed or breached.

Upon discovery, the firm was made aware of the incident. And while proper security measures were taken, users can take various steps themselves to protect their information in the event of largescale data exposure. Check out the following tips:

  • Be vigilant when monitoring your personal and financial data. A good way to determine whether your data has been exposed or compromised is to closely monitor your online accounts. If you see anything fishy, take extra precautions by updating your privacy settings, changing your password, or using two-factor authentication.
  • Use strong, unique passwords. Make sure to use complex passwords for each of your individual accounts, and never reuse your credentials across different platforms. It’s also a good idea to update your passwords on a consistent basis to further protect your data.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post 809 Million Records Left Exposed: How Users Can Protect Their Data appeared first on McAfee Blogs.

Don’t Let Thunderclap Flaws Strike Your Device

If you own a Mac or PC, odds are you’ve used your laptop’s Thunderbolt port to connect another device to your machine. Thunderbolt ports are convenient for charging other devices using your laptop or desktop’s battery power. However, a new flaw called Thunderclap allows attackers to steal sensitive information such as passwords, encryption keys, financial information, or run detrimental code on the system if a malicious device is plugged into a machine’s port while it’s running.

So, how can attackers exploit this flaw? Thunderbolt accessories are granted direct-memory access (DMA), which is a method of transferring data from a computer’s random-access memory (RAM) to another part of the computer without it needing to pass through the central processing unit (CPU). DMA can save processing time and is a more efficient way to move data from the computer’s memory to other devices. However, attackers with physical access to the computer can take advantage of DMA by running arbitrary code on the device plugged into the Thunderbolt port. This allows criminals to steal sensitive data from the computer. Mind you, Thunderclap vulnerabilities also provide cybercriminals with direct and unlimited access to the machine’s memory, allowing for greater malicious activity.

Thunderclap-based attacks can be carried out with either specially built malicious peripheral devices or common devices such as projectors or chargers that have been altered to automatically attack the host they are connected to. What’s more, they can compromise a vulnerable computer in just a matter of seconds. Researchers who discovered this vulnerability informed manufacturers and fixes have been deployed, but it’s always good to take extra precautions. So, here are some ways users can defend themselves against these flaws:

  • Disable the Thunderbolt interface on your computer. To remove Thunderbolt accessibility on a Mac, go to the Network Preference panel, click “OK” on the New Interface Detected dialog, and select “Thunderbolt Bridge” from the sidebar. Click the [-] button to delete the option as a networking interface and choose “Apply.” PCs often allow users to disable Thunderbolt in BIOS or UEFI firmware settings, which connect a computer’s firmware to its operating system.
  • Don’t leave your computer unattended. Because this flaw requires a cybercriminal to have physical access to your device, make sure you keep a close eye on your laptop or PC to ensure no one can plug anything into your machine without permission.
  • Don’t borrow chargers or use publicly available charging stations. Public chargers may have been maliciously altered without your knowledge, so always use your own computer accessories.

And, as always, stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Don’t Let Thunderclap Flaws Strike Your Device appeared first on McAfee Blogs.

How To Secure Your Smart Home

Do you live in a “smart” home? If you look around and see interactive speakers, IP cameras, and other internet-connected devices like thermostats and appliances, you are now one of the millions of people who live with so-called “smart” devices. They bring convenience and comfort into our lives, but they also bring greater risks, by giving cybercrooks new opportunities to access our information, and even launch attacks.

You may remember a couple of years ago when thousands of infected devices were used to take down the websites of internet giants like Twitter and Netflix by overwhelming them with traffic. The owners of those devices were regular consumers, who had no idea that their IP cameras and DVRs had been compromised. You may also have heard stories of people who were eavesdropped on via their baby monitors, digital assistants, and webcams when their private networks were breached.

Unfortunately, these are not rare cases. In recent months, the “Internet of Things” (IoT) has been used repeatedly to spy on businesses, launch attacks, or even deliver cryptojacking malware or ransomware.

Still, given the benefits we get from these devices, they are probably here to stay.  We just need to acknowledge that today’s “smart” devices can be a little “dumb” when it comes to security. Many lack built-in security protections, and consumers are still learning about the risks they can pose. This is particularly concerning since the market for smart devices is large and growing. There are currently 7 billion IoT devices being used worldwide, and that number is expected to grow to 22 billion by 2025.

Cybercrooks have already taken note of these opportunities since malware attacks on smart devices have escalated rapidly. In fact, McAfee reported that malware directed at IoT devices was up 73%in the third quarter of 2018 alone.

So, whether you have one IoT device, or many, it’s worth learning how to use them safely.

Follow these smart home safety tips:

  • Research before you buy—Although most IoT devices don’t have built-in protection, some are safer than others. Look for devices that make it easy to disable unnecessary features, update software, or change default passwords. If you already have an older device that lacks many of these features, consider upgrading it.
  • Safeguard your devices—Before you connect a new IoT device to your home network — allowing it to potentially connect with other data-rich devices, like smartphones and computers— change the default username and password to something strong, and unique. Hackers often know the default settings and share them online.Then, turn off any manufacturer settings that do not benefit you, like remote access. This is a feature some manufacturers use to monitor their products, but it could also be used by cybercrooks to access your system. Finally, make sure that your device software is up-to-date by checking the manufacturer’s website. This ensures that you are protected from any known vulnerabilities.
  • Secure your network—Your router is the central hub that connects all of the devices in your home, so you need to make sure that it’s secure. If you haven’t already, change the default password and name of your router. Make sure your network name does not give away your address, so hackers can’t locate it. Then check that your router is using an encryption method, like WPA2, which will keep your communications secure. Consider setting up a “guest network” for your IoT devices. This is a second network on your router that allows you to keep your computers and smartphones separate from IoT devices. So, if a device is compromised, a hacker still cannot get to all the valuable information that is saved on your computers. Check your router’s manual for instructions on how to set up a guest network. You may also want to consider investing in an advanced internet router that has built-in protection and can secure and monitor any device that connects to your network.
  • Install comprehensive security software –Finally, use comprehensive security software that can safeguard all your devices and data from known vulnerabilities and emerging threats.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post How To Secure Your Smart Home appeared first on McAfee Blogs.

How to Steer Clear of Tax Season Scams

*This blog contains research discovered by Elizabeth Farrell

It’s that time of year again – tax season! Whether you’ve already filed in the hopes of an early refund or have yet to start the process, one thing is for sure: cybercriminals will certainly use tax season as a means to get victims to give up their personal and financial information. This time of year is advantageous for malicious actors since the IRS and tax preparers are some of the few people who actually need your personal data. As a result, consumers are targeted with various scams impersonating trusted sources like the IRS or DIY tax software companies. Fortunately, every year the IRS outlines the most prevalent tax scams, such as voice phishing, email phishing, and fake tax software scams. Let’s explore the details of these threats.

So, how do cybercriminals use voice phishing to impersonate the IRS? Voice phishing, a form of criminal phone fraud, uses social engineering tactics to gain access to victims’ personal and financial information. For tax scams, criminals will make unsolicited calls posing as the IRS and leave voicemails requesting an immediate callback. The crooks will then demand that the victim pay a phony tax bill in the form of a wire transfer, prepaid debit card or gift card. In one case outlined by Forbes, victims received emails in their inbox that allegedly contained voicemails from the IRS. The emails didn’t actually contain any voicemails but instead directed victims to a suspicious SharePoint URL. Last year, a number of SharePoint phishing scams occurred as an attempt to steal Office 365 credentials, so it’s not surprising that cybercriminals are using this technique to access taxpayers’ personal data now as well.

In addition to voice phishing schemes, malicious actors are also using email to try and get consumers to give up their personal and financial information. This year alone, almost 400 IRS phishing URLs have been reported. Even back in December, we saw a surge of new email phishing scams trying to fool consumers into thinking the message was coming from the IRS or other members of the tax community. In a typical email phishing scheme, scammers try to obtain personal tax information like usernames and passwords by using spoofed email addresses and stolen logos. In many cases, the emails contain suspicious hyperlinks that redirect users to a fake site or PDF attachments that may download malware or viruses. If a victim clicks on these malicious links or attachments, they can seriously endanger their tax data by giving identity thieves the opportunity to steal their refund. What’s more, cybercriminals are also using subject lines like “IRS Important Notice” and “IRS Taxpayer Notice” and demanding payment or threatening to seize the victim’s tax refund.

Cybercriminals are even going so far as to impersonate trusted brands like TurboTax for their scams. In this case, DIY tax preparers who search for TurboTax software on Google are shown ads for pirated versions of TurboTax. The victims will pay a fee for the software via PayPal, only to have their computer infected with malware after downloading the software. You may be wondering, how do victims happen upon this malicious software through a simple Google search? Unfortunately, scammers have been paying to have their spoofed sites show up in search results, increasing the chances that an innocent taxpayer will fall victim to their scheme.

Money is a prime motivator for many consumers, and malicious actors are fully prepared to exploit this. Many people are concerned about how much they might owe or are predicting how much they’ll get back on their tax refund, and scammers play to both of these emotions. So, as hundreds of taxpayers are waiting for a potential tax return, it’s important that they navigate tax season wisely. Check out the following tips to avoid being spoofed by cybercriminals and identity thieves:

  • File before cybercriminals do it for you. The easiest defense you can take against tax seasons schemes is to get your hands on your W-2 and file as soon as possible. The more prompt you are to file, the less likely your data will be raked in by a cybercriminal.
  • Obtain a copy of your credit report. FYI – you’re entitled to a free copy of your credit report from each of the major bureaus once a year. So, make it a habit to request a copy of your file every three to four months, each time from a different credit bureau. That way, you can keep better track of and monitor any suspicious activity and act early if something appears fishy.
  • Beware of phishing attempts. It’s clear that phishing is the primary tactic crooks are leveraging this tax season, so it’s crucial you stay vigilant around your inbox. This means if any unfamiliar or remotely suspicious emails come through requesting tax data, double check their legitimacy with a manager or the security department before you respond. Be wary of strange file attachment names such as “virus-for-you.doc.” Remember: the IRS only contacts people by snail mail, so if you get an email from someone claiming to be from the IRS, stay away.
  • Watch out for spoofed websites. Scammers have extremely sophisticated tools that help disguise phony web addresses for DIY tax software, such as stolen company logos and site designs. To avoid falling for this, go directly to the source. Type the address of a website directly into the address bar of your browser instead of following a link from an email or internet search. If you receive any suspicious links in your email, investigating the domain is usually a good way to tell if the source is legitimate or not.
  • Consider an identity theft protection solution. If for some reason your personal data does become compromised, be sure to use an identity theft solution such as McAfee Identity Theft Protection, which allows users to take a proactive approach to protect their identities with personal and financial monitoring and recovery tools to help keep their identities personal and secured.

And, as always, stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post How to Steer Clear of Tax Season Scams appeared first on McAfee Blogs.

Why it’s too easy to manipulate voters – and steal the EU elections | Eleonora Nestola

It’s time to act, as personal data is being used to target voters – and the EU commission isn’t doing enough to stop this

On 11 July last year the UK Information Commissioner’s Office (ICO) published its first report on the Cambridge Analytica scandal. This is a date I will never forget, a date that substantially changed my vision of the current threats to our democratic society. It is a day that became a call to arms for me – and, for once, I had the understanding, the knowledge and the expertise to support the fight. I felt it was time to put all of this to good use for civil society, and so I set out to discover how online electoral campaigning works. And let me tell you, the system is not in good health and we Europeans should all be made more aware of that.

Related: This is Europe: stay close with the Guardian’s email updates

Voters become unaware they are receiving political messages based on bias. The risks are enormous

Related: Data protection laws are shining a needed light on a secretive industry | Bruce Schneier

Continue reading...

McAfee Partners With Telefónica To Help Secure Consumers Worldwide

These days, cyberattacks can feel relentless. Due to the interconnected nature of the world we live in, cybercriminals have managed to infiltrate our personal devices, our networks, and even our homes. That’s why we at McAfee believe it’s important now more than ever to secure every facet of the modern consumer lifestyle. And we’ve partnered with Telefónica to do just that.

This partnership first began back in February of last year, when ElevenPaths, Telefónica Cyber Security Unit, and McAfee announced we’re working together to reinforce the online security of Telefónica’s broadband and mobile customers across multiple markets. This partnership covers Europe and Latin America with plans to progressively roll out solutions in the different countries where Telefónica operates. It’s the first time a telecommunications company has delivered a security service to all of its customers, regardless of where they connect from. Fast forward to present day, and this partnership has only expanded. The global product developed by Telefónica and powered by McAfee was first launched in Spain as Movistar Conexión Segura, a service that protects home and mobile customers’ connectivity. Telefónica protects Fusión customers’ home connections with a smart router, thanks to the ElevenPaths solution powered by McAfee Secure Home Platform, which enables seamless security and easy activation. Conexión Segura is also available for Movistar mobile customers, including network protection and one license of Seguridad Dispositivo, a multi-device security protection. Only a few weeks after Spain, Movistar Argentina launched the solution for its fixed and mobile customers. These services help realize Telefónica’s “Security by Default” strategy, offering customers a more robust security solution that protects against threats like viruses, malware, phishing, and emerging IoT threats.

Telefónica and McAfee’s 360 partnership is dedicated to protecting the productivity of consumers everywhere. “This agreement gives customers current and contextual information on their cybersecurity status so they can stay connected with confidence,” said Pedro Pablo Pérez, Global Security VP of Telefónica and CEO of ElevenPaths, Telefónica Cybersecurity Unit.

ElevenPaths and Mcafee’s joint vision to create a more secure tomorrow brings us a step closer to stopping widespread cyberattacks. By joining forces to implement more robust security solutions around the world, we can ensure that our connectivity goes undisrupted. Because together is power.

To learn more about consumer security and our approach to it, be sure to follow us at @ElevenPaths and @McAfee.

The post McAfee Partners With Telefónica To Help Secure Consumers Worldwide appeared first on McAfee Blogs.

MWC 2019: The Key to Establishing Digital Trust with Intelligent Connectivity

These days, it’s rare to walk into a home that doesn’t have a smart device in use. From voice assistants, smart TVs, tablets, and more, these devices have greatly enhanced our way of life through intelligent connectivity. Intelligent connectivity is defined by the highly contextualized and personal experiences offered by the smart devices we utilize on a daily basis. However, as manufacturers continue to push out the latest technology to stay ahead of their competitors, device security isn’t always top-of-mind. As a result, the level of confidence consumers have in their devices is reduced. At McAfee, we understand that the notion of digital trust is imperative to the future of security as we adopt technologies shaped by the likes of 5G networks, the Internet of Things (IoT), artificial intelligence (AI), and big data. And as we head into Mobile World Congress 2019 (MWC), one can’t help but wonder, how will these advancements shape the future of mobile connectivity?

Almost every new device is built to connect, and as our 2019 Threats Predictions Report showed us, our dependence on technology is ubiquitous. Take your smartphone, for example. Everywhere you go, this minicomputer allows you to chat with your friends online, send emails, and look up new information with just the press of a button. Only upping the ante, 5G is set to roll out across the nation, bringing greater speed to handheld devices with more data and lower latency. These benefits will set the stage for more IoT devices, such as your smart refrigerator or smart plug, to connect to the network as well. The ability to control the temperature of your refrigerator from your smartphone is a pretty cool capability. But what happens if your smartphone gets hacked and a cybercriminal remotely disables your refrigerator? You may be left with a bigger problem than some spoiled food.

With all of your smart devices on the same 5G network, malicious actors can gain full access to the data that lives in your smart home technology through just your mobile phone. The increase in devices on the 5G network also increases the risk of Distributed Denial-of-service, or DDoS, attacks. These attacks are caused by cybercriminals flooding a network with so much traffic that it can’t operate or communicate as it normally would. And with more IoT devices operating on the 5G network, the consequences of such a cyberattack could be truly crippling. So, how can we continue to trust the devices we use on a daily basis despite the cybersecurity risks caused by greater connectivity?

Digital trust, or the level of confidence consumers have in their technology and mobile devices, is extremely delicate. And as our experiences with our devices become more and more personalized thanks to intelligent connectivity, it’s important to realize that it can’t be intelligent if there is no trust. That’s why consumers should embrace advancements in mobile technology but remember to keep cybersecurity practices at the forefront.

Whether you’re headed out to Barcelona for MWC 2019 or watching from afar, we here at McAfee are committed to helping you take the necessary precautions required in order to connect with confidence in a world where everything is built to connect.

Stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post MWC 2019: The Key to Establishing Digital Trust with Intelligent Connectivity appeared first on McAfee Blogs.

The Risks of Public Wi-Fi and How to Close the Security Gap

public wi-fi risksAs I write this blog post, I’m digitally exposed, and I know it. For the past week, I’ve had to log on to a hospital’s public Wi-Fi each day to work while a loved one recuperates.

What seems like a routine, casual connection to the hospital’s Wi-Fi isn’t. Using public Wi-Fi is a daily choice loaded with risk. Sure, I’m conducting business and knocking out my to-do list like a rock star but at what cost to my security?

The Risks

By using public Wi-Fi, I’ve opened my online activity and personal data (via my laptop) up to a variety of threats including eavesdropping, malware distribution, and bitcoin mining. There’s even a chance I could have logged on to a malicious hotspot that looked like the hospital network.

Like many public Wi-Fi spots, the hospital’s network could lack encryption, which is a security measure that scrambles the information sent from my computer to the hospital’s router so other people can’t read it. Minus encryption, whatever I send over the hospital’s network could potentially be intercepted and used maliciously by cybercriminals.

Because logging on to public Wi-Fi is often a necessity — like my situation this week — security isn’t always the first thing on our minds. But over the past year, a new normal is emerging. A lot of us are thinking twice. With data breaches, privacy concerns, the increase in the market for stolen credentials, and increasingly sophisticated online scams making the headlines every day, the risks of using public Wi-Fi are front and center.

Rising Star: VPNpublic wi-fi risks

The solution to risky public Wi-Fi? A Virtual Private Network (VPN). A VPN allows users to securely access a private network and share data remotely through public networks. Much like a firewall protects the data on your computer, a VPN protects your online activity by encrypting your data when you connect to the internet from a remote or public location. A VPN also conceals your location, IP address, and online activity.

Using a VPN helps protect you from potential hackers using public Wi-Fi, which is one of their favorite easy-to-access security loopholes.

Who Needs a VPN?

If you (or your family members) travel and love to shop online, access your bank account, watch movies, and do everyday business via your phone or laptop, a VPN would allow you to connect safely and encrypt your data no matter where you are.

A VPN can mask, or scramble, your physical location, banking account credentials, and credit card information.

Also, if you have a family data plan you’ve likely encouraged your kids to save data by connecting to public Wi-Fi whenever possible. Using a VPN, this habit would be secured from criminal sniffers and snoopers.

A VPN allows you to connect to a proxy server that will access online sites on your behalf and enables a secure connection most anywhere you go. A VPN also allows hides your IP address and allows you to browse anonymously from any location.

How VPNs work

To use a VPN you subscribe to VPN service, download the app onto your desktop or phone, set up your account, and then log onto a VPN server to conduct your online activity privately.

If you are still logging on to public Wi-Fi, here are a few tips to keep you safe until VPNs become as popular as Wi-Fi.

Stay Safe on Public Wi-Fi 

Verify your connection. Fake networks that mine your data abound. If you are logging on to Wi-Fi in a coffee shop, hotel, airport, or library, verify the exact name of the network with an employee. Also, only use Wi-Fi that requires a password to log on.public wi-fi risks

Don’t get distracted. For adults, as well as kids, it’s easy to get distracted and absorbed with our screens — this is risky when on public Wi-Fi, according to Diana Graber, author of Raising Humans in a Digital World. “Knowing how to guard their personal information online is one of the most important skills parents need to equip their young kids with today,” says Graber. “Lots of young people visit public spaces, like a local coffee shop or library, and use public Wi-Fi to do homework, for example. It’s not uncommon for them to get distracted by something else online or even tempted to buy something, without realizing their personal information (or yours!) might be at risk.”

Disable auto Wi-Fi connect. If your phone automatically joins surrounding networks, you can disable this function in your settings. Avoid linking to unknown or unrecognized networks.

Turn off Wi-Fi when done. Your computer or phone can still transmit data even when you are not using it. Be sure to disable your Wi-Fi from the network when you are finished using it.

Avoid financial transactions. If you must use public Wi-Fi, don’t conduct a sensitive transaction such as banking, shopping, or any kind of activity that requires your social security or credit card numbers or password use. Wait until you get to a secured home network to conduct personal business.

Look for the HTTPS. Fake or unsecured websites will not have the HTTPS in their address. Also, look for the little lock icon in the address bar to confirm a secure connection.

Secure your devices. Use a personal VPN as an extra layer of security against hackers and malware.

The post The Risks of Public Wi-Fi and How to Close the Security Gap appeared first on McAfee Blogs.

How To Sidestep Popular Social Scams

Each year, internet users lose billions of dollars to online scams, using clever ploys to trick us out of our information and money. By offering prizes, referencing current events, or just creating a sense of urgency, scammers know how to get us to click when we really shouldn’t. Check out these recent scams, so you know what to look out for.

Nosy Quizzes & Questionnaires

Quizzes circulating on Facebook, Twitter, and other social platforms may look like a fun way to win free stuff, but often they are phishing attacks in disguise. Many appear to be sponsored by big-name brands such as airlines and major retailers, offering free products or discount tickets if you just answer a few questions. The questions are designed to get you to reveal personal information that can be used to guess your passwords or security questions, such as your mother’s maiden name, or your hometown.

Creepy Crypto Scams 

While cryptocurrencies lost a lot of value over the last year, the same cannot be said for cryptocurrency scams. The majority of them center on distributing crypto mining malware, which allows hackers to access a person’s computer or device without their permission in order to mine for cryptocurrencies. In fact, these scams have been so prolific that at the end of 2018 McAfee reported that coin mining malware had grown more than 4000% in the previous year.

Many of these miners were distributed through phishing emails and websites, using “giveaway” scams on social media, or even via crypto mining chat groups on platforms such as Slack. Cybercrooks enter the chat rooms, pretending to be fellow miners, and encourage users to download malware disguised as “fixes” to crypto issues.

Romance & “Sextortion” Scams 

The meteoric rise of online dating has led to a similar increase in romance scams. These often involve bad actors preying on lonely people who are looking to connect. Scammers build up a sense of trust over online dating and social media platforms, before asking for money. They often claim the money is for an emergency, or a plane ticket to visit. This kind of manipulation works so well that the Better Business Bureau estimates that victims in the U.S. and Canada lost nearly $1 billion to romance scams between 2015 and 2018.

And while romance is one way to manipulate users, another driver is fear. This is certainly the case with the recent rise in so-called “sextortion” scams, which scare users into paying money to prevent incriminating pictures or videos of them from getting out. The bad guys claim that they obtained the embarrassing content by infecting the victim’s device with malware, and often send part of an old, leaked password as proof that they could have accessed their account.

Topical News Hooks

Whenever a major story sweeps the news, chances are the scammers are looking for ways to capitalize on it. This is exactly what happened during the recent U.S. government shutdown, which left 800,000 federal employees out of work for over a month. Since many of these workers were looking for extra income, job scams abounded. Some phony job ads asked workers to fill out detailed job application forms, in order to steal their Social Security numbers and other private information.

In another ruse, scammers sent out phony emails that appeared to be from the IRS, saying that the recipient could get a discount on their tax bills if they paid during the shutdown.

Tried-and-True Scams

Package Delivery— Phony package delivery emails usually spike around the holidays, but in the age of Amazon Prime delivery scams are circulating year-round. Be on the lookout for more recent Amazon scams that come in the form of a phishing email, asking you to review a product to get rewards. If you click on the link it could deliver malware, or even ransomware.

Tech Support— This is one of the oldest, but most persistent scams to date. Phishing websites and phony pop-up warnings that a computer or device is infected have led thousands of people to hand over personal and financial information to fix a problem they don’t really have.

Even though consumers have become savvier about these scams, a recent Microsoft survey found that 3 out of 5 people have been exposed to tech support scams over the last year.

So, now that you know what to look out for, here are our top tips for sidestepping the scammers:

  • Be careful where you click—Don’t open suspicious links and attachments, and never click on pop-up messages from an unknown source. If you get a suspicious login or payment request, go directly to the provider’s official website to see if the request is legitimate.
  • Know how to spot the fake—Phony messages or documents will often look like a simplified version of the real thing, with poor quality graphics, incorrect grammar and spelling, and a generic personal greeting.
  • Keep your personal information private—Avoid online quizzes, and never share personal or financial details with someone you don’t know in real life. Review your privacy and security settings on social sites to make sure that you aren’t leaking information.
  • Be a smart online shopper—Only buy from reputable websites, and steer away from deals that seem too good to be true. Be suspicious of unusual payment requests, such as buying gift cards or using virtual currency.
  • Become a password pro—Choose complex and unique passwords for all of your accounts. Consider using a password manager to help you create and store complicated passwords securely.
  • Protect your computers and devices—Use comprehensive security software that can safeguard you from the latest threats.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post How To Sidestep Popular Social Scams appeared first on McAfee Blogs.

Roses Are Red, Violets Are Blue – What Does Your Personal Data Say About You?

A classic meet-cute – the moment where two people, destined to be together, meet for the first time. This rom-com cornerstone is turned on its head by Netflix’s latest bingeable series “You.” For those who have watched, we have learned two things. One, never trust someone who is overly protective of their basement. And two, in the era of social media and dating apps, it’s incredibly easy to take advantage of the amount of personal data consumers readily, and somewhat naively, share online and with the cloud every day.

We first meet Joe Goldberg and Guinevere Beck – the show’s lead characters – in a bookstore, she’s looking for a book, he’s a book clerk. They flirt, she buys a book, he learns her name. For all intents and purposes, this is where their story should end – but it doesn’t. With a simple search of her name, Joe discovers the world of Guinevere Beck’s social media channels, all conveniently set to public. And before we know it, Joe has made himself a figurative rear-window into Beck’s life, which brings to light the dangers of social media and highlights how a lack of digital privacy could put users in situations of unnecessary risk. With this information on Beck, Joe soon becomes both a physical and digital stalker, even managing to steal her phone while trailing her one day, which as luck would have it, is not password protected. From there, Joe follows her every text, plan and move thanks to the cloud.

Now, while Joe and Beck’s situation is unique (and a tad dramatized), the amount of data exposed via their interactions could potentially occur through another romantic avenue – online dating. Many millennial couples meet on dating sites where users are invited to share personal anecdotes, answer questions, and post photos of themselves. The nature of these apps is to get to know a stranger better, but the amount of personal information we choose to share can create security risks. We have to be careful as the line between creepy and cute quickly blurs when users can access someone’s every status update, tweet, and geotagged photo.

While “You” is an extreme case of social media gone wrong, dating app, social media, and cloud usage are all very predominant in 2019. Therefore, if you’re a digital user, be sure to consider these precautions:

  • Always set privacy and security settings. Anyone with access to the internet can view your social media if it’s public, so turn your profiles to private in order to have control over who can follow you. Take it a step further and go into your app settings to control which apps you want to share your location with and which ones you don’t.
  • Use a screen name for social media accounts. If you don’t want a simple search of your name on Google to lead to all your social media accounts, consider using a different variation of your real name.
  • Watch what you post. Before tagging your friends or location on Instagram and posting your location on Facebook, think about what this private information reveals about you publicly and how it could be used by a third-party.
  • Use strong passwords. In the chance your data does become exposed, or your device is stolen, a strong, unique password can help prevent your accounts from being hacked.
  • Leverage two-factor authentication. Remember to always implement two-factor authentication to add an extra layer of security to your device. This will help strengthen your online accounts with a unique, one-time code required to log in and access your data.
  • Use the cloud with caution. If you plan to store your data in the cloud, be sure to set up an additional layer of access security (one way of doing this is through two-factor authentication) so that no one can access the wealth of information your cloud holds. If your smartphone is lost or stolen, you can access your password protected cloud account to lock third-parties out of your device, and more importantly your personal data.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Roses Are Red, Violets Are Blue – What Does Your Personal Data Say About You? appeared first on McAfee Blogs.

How Online Gamers Can Play It Safe

Online gaming has grown exponentially in recent years, and scammers have taken note. With the industry raking in over $100 billion dollars in 2017 alone[1], the opportunity to funnel some money off through fraud or theft has proven irresistible to the bad guys, leaving gamers at greater risk.

From malware and phishing scams, to phony game hacks, identity theft, and more, gamers of all stripes now face a minefield of obstacles online and in real life. So, if you’re going to play games, it’s best to play it safe.

Here’s what to look out for:

Dodgy Downloads

Gamers who play on their computer or mobile device need to watch out for dangerous links or malicious apps disguised as popular or “free” games. Hackers often use innocent-looking downloads to deliver viruses and spyware, or even sign you up for paid services, without your consent. In one prominent case, more than 2.6 million Android users downloaded fake Minecraft apps that allowed hackers to take control of their devices.

Researchers have even discovered a ransomware threat that targets gamers. TeslaCrypt was designed to encrypt game-play data until a ransom is paid. Originally distributed through a malicious website, it has since been circulating via spam.

And while it’s true that game consoles like PlayStation and Xbox aren’t as vulnerable to viruses, since they are closed systems, that doesn’t mean that their users don’t face other risks.

Social Scams

Players on any platform could wind up with malware, sent directly from other players via chat messages. Some scammers use social engineering tricks, like inviting other players to download “helpful” tools that turn out to be malware instead. When you consider that 62% of kids play games where they speak to others, the odds of a risky interaction with a stranger seems quite real.

Players of the Origin and Steam services, for instance, were targeted by hackers posing as other players, inviting them to play on their teams. Over chat message, they suggested the players download an “audio tool” that turned out to be a keystroke logger, aimed at stealing their access credentials for the game.

Other social scams include malicious YouTube videos or websites, offering game bonuses and currency, for free.

Another widespread social threat is account takeover, or ATO for short. This is when a scammer hacks a real account in order to post spammy links, and scam messages that appear to come from a trusted contact. Some accounts, for games like League of Legends, have even been stolen and sold online for money because they boasted a high level, or rare skins.

Phishing

Finally, be on the lookout for phishing websites, offering free games or bonuses, or phishy emails prompting you to login to your account, with a link leading to a copycat gaming site. Often, these are designed to steal your login credentials or distribute fake games that contain malware.

Players of the wildly popular Fortnite, for example, have been particularly targeted. The latest phishing scam is aimed at stealing the third-party sign-in tokens that allow cybercriminals to access a user’s account, and the payment details associated with it.

So now that you know about a little more about gaming threats, here’s how to win at playing it safe:

  1. Do Your Research—Before downloading any games from the Internet or app stores, make sure to read other users’ reviews first to see that they are safe. This also goes for sites that sell game hacks, credits, patches, or virtual assets typically used to gain rank within a game. Avoid illegal file-sharing sites and “free” downloads, since these are often peppered with malware. It’s always best to go for a safer, paid option from a reputable source.
  2. Play Undercover— Be very careful about sharing personal information, in both your profile information, and your chat messages. Private information, such as your full name, address, pet’s name, school, or work details, could be used to guess your account password clues, or even impersonate you. Consider playing under an alias.
  3. Be Suspicious—Since scammers use the social aspect of games to fool people, you need to keep your guard up when you receive messages from strangers, or even read reviews.
    Some YouTube and social media reviews are placed there to trick users into thinking that the game or asset is legitimate. Dig deep, and avoid looking for free hacks. Ask gamers you know in real life for recommendations that worked for them.
  4. Protect Yourself—Avoid using older versions of games, and make sure that games you do play are updated with patches and fixes. And if you think a gaming account may already have been compromised, change your passwords immediately to something unique and complex.Safeguard your computers and devices from known and emerging threats by investing in comprehensive security software, and keep yourself up-to-date on the latest scams.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

[1]According to The 2017 Year In Review Report by SuperData

The post How Online Gamers Can Play It Safe appeared first on McAfee Blogs.

Customer Support Scams Are Popping up in Social Media Ads: How to Stay Secure

Many of us rely on customer support websites for navigating new technology. Whether it’s installing a new piece of software or troubleshooting a computer program, we look to customer support to save the day. Unfortunately, cybercriminals are leveraging our reliance on customer support pages to access our personal information for financial gain. It appears that a malicious website is attempting to trick users into handing over their McAfee activation keys and personally identifiable information (PII) data by disguising themselves as the official McAfee customer support website.

So how exactly does this cyberthreat work? First, malicious actors advertise the fake website on Twitter. If a user clicks on the ad, they are presented with a “Download McAfee” button. When the user clicks on the download button, they are redirected to a screen prompting them to enter their name, email address, contact number, and product activation key to proceed with the download. However, when the user clicks on the “Start Download” button, they are redirected to a screen stating that their download failed due to an unexpected error.

 

At this point, the site owner has received the user’s personal data, which they could exploit in a variety of ways. And while this scheme may seem tricky to spot, there are a number of ways users can defend themselves from similar scams:

  • Be vigilant when clicking on social media links. Although it may be tempting to click on advertisements on your social media feed, these ads could possibly house sketchy websites developed by cybercriminals. Use caution when interacting with social media ads.
  • Go straight to the source. If you come across an advertisement claiming to be from a company and the link asks for personal data, it’s best to go directly to the company’s website instead. Use the official McAfee customer support page if you require technical support or assistance with your McAfee product.
  • Use security software. A security solution like McAfee WebAdvisor can help you spot suspicious websites and protect you from accidentally clicking on malicious links.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Customer Support Scams Are Popping up in Social Media Ads: How to Stay Secure appeared first on McAfee Blogs.

Sharing Isn’t Always Caring: 3 Tips to Help Protect Your Online Privacy

It’s 2019 and technology is becoming more sophisticated and prevalent than ever. With more technology comes greater connectivity. In fact, by 2020, there will be more than 20 billion internet-connected devices around the world. This equates to more than four devices per person. As we adopt new technology into our everyday lives, it’s important to consider how this emerging technology could lead to greater privacy risks if we don’t take steps to protect our data. That’s why the National Cyber Security Alliance (NCSA) started Data Privacy Day to help create awareness surrounding the importance of recognizing our digital footprints and safeguarding our data. To further investigate the impact of these footprints, let’s take a look at how we perceive the way data is shared and whose responsibility it is to keep our information safe.

The Impact of Social Media

Most of us interact with multiple social media platforms every day. And while social media is a great way to update your friends and family on your daily life, we often forget that these platforms also allow people we don’t really know to glimpse into our personal lives. For example, 82% of online stalkers use social media to find out information about potential victims, such as where they live or where they go to school. In other words, social media could expose your personal information to users beyond your intended audience.

Certain social media trends also bring up issues of privacy in the world of evolving technology. Take Facebook’s 10-year challenge, a recent viral trend encouraging users to post a side-by-side image of their profile pictures from 2009 and 2019. As WIRED reporter Katie O’Neill points out, the images offered in this trending challenge could potentially be used to train facial recognition software for age progression and age recognition. While the potential of this technology is mostly mundane, there is still a risk that this information could be used inequitably.

How to Approach Requests for Personal Data

Whether we’re using social media or other online resources, we all need to be aware of what personal data we’re offering out and consider the consequences of providing the information. While there are some instances where we can’t avoid sharing our personal data, such as for a government document or legal form, there are other areas where we can stand to be a little more conservative with the data that we divulge. For example, many of us have more than just our close family and friends on our social networks. So, if you’re sharing your location on your latest post, every single person who follows you has access to this information. The same goes for those online personality quizzes. While they may be entertaining, they put an unnecessary amount of your personal information out in the open. This is why it’s crucial to be thoughtful of how your data is collected and stored.

So, what steps can you take to better protect your online privacy? Check out the following tips to help safeguard your data:

  • Think before you post. Before tagging your friends on Instagram, sharing your location on Facebook, or enabling facial recognition, consider what this information reveals and how it could be used by a third-party.
  • Set privacy and security settings. If you don’t want the entire World Wide Web to be able to access your social media, turn your profiles to private. You can also go to your device settings and choose which apps or browsers you want to share your location with and which ones you don’t.
  • Enable two-factor authentication. In the chance your data does become exposed, a strong, unique password can help prevent your accounts from being hacked. Furthermore, you can implement two-factor authentication to stay secure. This will help strengthen your online accounts with a unique, one-time code required to log in and access your data.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Sharing Isn’t Always Caring: 3 Tips to Help Protect Your Online Privacy appeared first on McAfee Blogs.

How Safe is Your Child’s School WiFi?

School WiFi. For many of our digital natives, school WiFi may even be a more important part of their daily life than the canteen!! And that is saying something…

You’d be hard pressed to find a child who rocked up to school without a device in their backpack in our digital age. The vast majority of schools have embraced the many positive learning benefits that internet-connected devices offer our kids. The traditional blackboard and textbook lessons that were confined to the four walls of the classroom are gone. Instead our kids can research, discover, collaborate, create and most importantly, learn like never before.

But in order for this new learning to occur, our kids need to be internet connected. And this is where school WiFi comes into play.

Do Parents Need to Be Concerned About School WiFi?

As parents, we have a responsibility to ensure our kids are safe and not at risk – and that includes when they are using the WiFi at school. Ideally, your child’s school should have a secure WiFi network but unfortunately, that doesn’t mean that they do. School budgets are tight and top-notch secure WiFi networks are expensive, so in some cases, security maybe jeopardised.

The other factor we shouldn’t ignore is that our batch of digital natives are very tech literate. The possibility that one of them may choose to cause some mayhem to their school WiFi network should also not be ignored!!

At the end of the day, the security of a WiFi network is all about whether it has tight access controls. If it allows only approved devices and people to connect via a secure login then it is more secure than public WiFi. However, if it is open to anyone or easy for anyone to connect to it, then you need to treat it like public WiFi.

What Are the Risks?

An unsecured school WiFi network is as risky as public WiFi which, according to the Harvard Business Review, is as risky as rolling a dice,

Students and staff who use an unsecured WiFi network are at risk of receiving phishing emails, being the victim of a ransomware attack or even having their data or personal details stolen. There is also a risk that the entire school’s operations could be disrupted and possibly even closed down through a DDOS – a Denial of Service Attack.

What Can Parents Do to Ensure Their Kids Are Safe Using School WiFi?

There are several steps parents can take to minimise the risks when their offspring use school WiFi.

  1. Talk To Your School

The first thing to do is speak to your child’s school to understand exactly how secure their network is. I’d recommend asking who has access to the network, what security practices they have in place and how they manage your child’s private data.

  1. Install Security Software

Operating a device without security software is no different to leaving your front door unlocked. Installing security software on all devices, including smartphones, will provide protection against viruses, online threats, risky websites and dangerous downloads. Check out McAfee’s Total Protection security software for total peace of mind!

  1. Keep Device Software Up To Date

Software updates are commonly designed to address security issues. So ensuring ALL your devices are up to date is a relatively easy way of minimising the risk of being hacked.

  1. Schedule Regular Data Back Up

If you are the victim of a ransomware attack and your data is backed up then you won’t even have to consider paying the hefty fee to retrieve your (or your child’s) data. Backing up data regularly should be not negotiable however life can often get in the way. Why not schedule automatic backups? I personally love online backup options such as Dropbox and Google Drive however you may choose to invest in a hard drive.

  1. Public Wi-Fi Rules?

If after talking to your school, you aren’t convinced that your child’s school WiFi network is secure, then I recommend that your kids should treat it as if it was public WiFi. This means that they should NEVER conduct any financial transactions using it and never share any personal details. But the absolute best way of ensuring your child is safe using an unsecured WiFi network, is to use a Virtual Private Network (VPN). A VPN like McAfee’s Safe Connect creates an encrypted tunnel so anything that is shared over WiFi is completely safe.

As a mum of 4, I am very keen to ensure my kids are engaged with their learning. And in our digital times, this means devices and WiFi. So, let’s support our kids and their teachers in their quest for interactive, digital learning but please don’t forget to check in and ensure your kids are as safe as possible while using WiFi at school.

Take Care

Alex xx

The post How Safe is Your Child’s School WiFi? appeared first on McAfee Blogs.

5G Is Coming: Security Risks You Need to Know About

The future of connectivity is here ­– 5G. This new network is set to roll out across the nation this coming year and bring greater speed to our handheld devices, which means more data and lower latency. But perhaps one of the most anticipated and popular benefits is it will allow even more IoT devices to come online and encourage more connection between said devices. This would enable users to remotely connect to or monitor their IoT devices like kitchen or security gadgets. The promise of more connectivity, smoother IoT user experience, and even more devices online, means there are likely more opportunities and avenues for cyberattacks. 5G will no doubt shape the foreseeable future, let’s see how.

Today, interconnected devices operate on low-powered, low-data-rate networks, such as Cat-M and NB-IoT. With the introduction of 5G networks across the world, the capabilities of VR and AR, AI and ML, and automation and robotics will enhance immensely. Take self-driving cars, for example. These machines require close proximity to their computing to reduce the latency of decision making. The capabilities of 5G don’t end there either. From manufacturing, transportation and logistics, to public safety and the establishment of smart cities, industries are at the ready to take their business to the next level with 5G. With this newfound growing anticipation for the future of 5G, the question has to be asked, what are the security implications for smaller IoT devices?

From an innovation standpoint, 5G is a beacon of light, but from a cybersecurity standpoint, 5G is a “hotbed for a new era of intensified cyberwar.” Denial-of-service attacks, or DDoS, are particular causes of concern for cybersecurity researchers. Devices like refrigerators, thermometers, even light bulbs, will be able to come online because of 5G. Users will be able to remotely check on these appliances through a simple app, but these devices can also be usurped by malicious characters. This increased connectivity and power could see big name sites down for days, or even affect city utility capabilities. Government agencies and private entities are not immune either, but they do have plans in place in the event a DDoS attack occurs.

While consumers can only wait and see what happens with the rollout, industries across the board will want to harness the benefits of 5G. However, consumers and organizations alike need to be cautious in terms of how 5G could be used to help, or hinder, us in the future. Rest assured, even if malicious actors utilize this technology, McAfee’s security strategy will continue to keep pace with the ever-changing threat landscape.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post 5G Is Coming: Security Risks You Need to Know About appeared first on McAfee Blogs.

AI & Your Family: The Wows and Potential Risks

artificial intelligenceAm I the only one? When I hear or see the word Artificial Intelligence (AI), my mind instantly defaults to images from sci-fi movies I’ve seen like I, Robot, Matrix, and Ex Machina. There’s always been a futuristic element — and self-imposed distance — between AI and myself.

But AI is anything but futuristic or distant. AI is here, and it’s now. And, we’re using it in ways we may not even realize.

AI has been woven throughout our lives for years in various expressions of technology. AI is in our homes, workplaces, and our hands every day via our smartphones.

Just a few everyday examples of AI:

  • Cell phones with built-in smart assistants
  • Toys that listen and respond to children
  • Social networks that determine what content you see
  • Social networking apps with fun filters
  • GPS apps that help you get where you need to go
  • Movie apps that predict what show you’d enjoy next
  • Music apps that curate playlists that echo your taste
  • Video games that deploy bots to play against you
  • Advertisers who follow you online with targeted ads
  • Refrigerators that alert you when food is about to expire
  • Home assistants that carry out voice commands
  • Flights you take that operate via an AI autopilot

The Technology

While AI sounds a little intimidating, it’s not when you break it down. AI is technology that can be programmed to accomplish a specific set of goals without assistance. In short, it’s a computer’s ability to be predictive — to process data, evaluate it, and take action.

AI is being implemented in education, business, manufacturing, retail, transportation, and just about any other sector of industry and culture you can imagine. It’s the smarter, faster, more profitable way to accomplish manual tasks.

An there’s tons of AI-generated good going on. Instagram — the #2 most popular social network — is now using AI technology to detect and combat cyberbullying on in both comments and photos.

No doubt, AI is having a significant impact on everyday life and is positioned to transform the future.

Still, there are concerns. The self-driving cars. The robots that malfunction. The potential jobs lost to AI robots.

So, as quickly as this popular new technology is being applied, now is a great time to talk with your family about both the exciting potential of AI and the risks that may come with it.

Talking points for families

Fake videos, images. AI is making it easier for people to face swap within images and videos. A desktop application called FakeApp allows users to seamlessly swap faces and share fake videos and images. This has led to the rise in “deep fake” videos that appear remarkably realistic (many of which go viral). Tip: Talk to your family about the power of AI technology and the responsibility and critical thinking they must exercise as they consume and share online content.

Privacy breaches. Following the Cambridge Analytica/Facebook scandal of 2018 that allegedly used AI technology unethically to collect Facebook user data, we’re reminded of those out to gather our private (and public) information for financial or political gain. Tip: Discuss locking down privacy settings on social networks and encourage your kids to be hyper mindful about the information they share in the public feed. That information includes liking and commenting on other content — all of which AI technology can piece together into a broader digital picture for misuse.

Cybercrime. As outlined in McAfee’s 2019 Threats Prediction Report, AI technology will likely allow hackers more ease to bypass security measures on networks undetected. This can lead to data breaches, malware attacks, ransomware, and other criminal activity. Additionally, AI-generated phishing emails are scamming people into handing over sensitive data. Tip: Bogus emails can be highly personalized and trick intelligent users into clicking malicious links. Discuss the sophistication of the AI-related scams and warn your family to think about every click — even those from friends.

IoT security. With homes becoming “smarter” and equipped with AI-powered IoT products, the opportunity for hackers to get into these devices to steal sensitive data is growing. According to McAfee’s Threat Prediction Report, voice-activated assistants are especially vulnerable as a point-of-entry for hackers. Also at risk, say security experts, are routers, smartphones, and tablets. Tip: Be sure to keep all devices updated. Secure all of your connected devices and your home internet at its source — the network. Avoid routers that come with your ISP (Internet Security Provider) since they are often less secure. And, be sure to change the default password and secure your primary network and guest network with strong passwords.

The post AI & Your Family: The Wows and Potential Risks appeared first on McAfee Blogs.

The Collection #1 Data Breach: Insights and Tips on This Cyberthreat

As the cybersecurity landscape evolves to match new trends in technology, it’s important for consumers to prioritize the protection of their online presence. That means remaining aware of the internet’s more common cyberthreats, including malware, phishing, and data breaches, and how they could potentially affect you. And while most of us already know about the Equifax data breach, a new monster breach now has to become top of mind for us all. Say hello to Collection #1, a data set exposing 772,904,991 unique email addresses and over 21 million unique passwords.

Discovered by security researcher Troy Hunt, Collection #1 first appeared on the popular cloud service called MEGA. The Collection #1 folder held over 12,000 files that weigh in at over 87 gigabytes. When the storage site was taken down, the folder was then transferred to a public hacking site. What’s truly astonishing about this is that the data was not for sale; it was simply available for anyone to take.

You may be wondering, how was all this data collected? It appears that this data was comprised of a breach of breaches, aggregating over 2,000 leaked databases containing cracked passwords, in order to achieve maximum exposure. The sheer volume of this breach makes Collection #1 the second largest in size to Yahoo, and the largest public breach ever (given the data was openly exposed on the internet).

It appears that this data set is designed for use in credential-stuffing attacks, where cybercriminals will use email and password combinations to hack into consumers’ online accounts. The risks could be even greater for those who reuse credentials across multiple accounts. In order to help protect yourself from this threat, it’s vital that users act fast and use the following tips to help protect their data:

  • Use strong, unique passwords. In addition to making sure all of your passwords are strong and unique, never reuse passwords across multiple accounts. You can also enable a password manager to help keep track of your credentials.
  • Change your passwords. Even if it doesn’t appear that your data was breached, it’s better to err on the side of caution and change all of your passwords to better protect yourself.
  • Enable two-factor authentication. While a strong and unique password is a good first line of defense, enabling app-based two-factor authentication across your accounts will help your cause by providing an added layer of security.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post The Collection #1 Data Breach: Insights and Tips on This Cyberthreat appeared first on McAfee Blogs.

Children’s Charity or CryptoMix? Details on This Ransomware Scam

As ransomware threats become more sophisticated, the tactics cybercriminals use to coerce payments from users become more targeted as well. And now, a stealthy strain is using deceptive techniques to mask its malicious identity. Meet CryptoMix ransomware, a strain that disguises itself as a children’s charity in order to trick users into thinking they’re making a donation instead of a ransom payment. While CryptoMix has used this guise in the past, they’ve recently upped the ante by using legitimate information from crowdfunding pages for sick children to further disguise this scheme.

So, how does CryptoMix trick users into making ransom payments? First, the victim receives a ransom note containing multiple email addresses to contact for payment instructions. When the victim contacts one of the email addresses, the “Worldwide Children Charity Community” responds with a message containing the profile of a sick child and a link to the One Time Secret site. This website service allows users to share a post that can only be read once before it’s deleted. CryptoMix’s developers use One Time Secret to distribute payment instructions to the victim and explain how their contribution will be used to provide medical help to sick children. The message claims that the victim’s data will be restored, and their system will be protected from future attacks as soon as the ransom is paid. In order to encourage the victim to act quickly, the note also warns that the ransom price could double in the next 24 hours.

After the victim makes the payment, the ransomware developers send the victim a link to the decryptor. However, they continue to pretend they are an actual charity, thanking the victim for their contribution and ensuring that a sick child will soon receive medical help.

CryptoMix’s scam tactics show how ransomware developers are evolving their techniques to ensure they make a profit. As ransomware threats become stealthier and more sophisticated, it’s important for users to educate themselves on the best techniques to combat these threats. Check out the following tips to help keep your data safe from ransomware:

  • Back up your data. In order to avoid losing access to your important files, make copies of them on an external hard drive or in the cloud. In the event of a ransomware attack, you will be able to wipe your computer or device and reinstall your files from the backup. Backups can’t always prevent ransomware, but they can help mitigate the risks.
  • Never pay the ransom. Although you may feel that this is the only way to get your encrypted files back, there is no guarantee that the ransomware developers will send a decryption tool once they receive the payment. Paying the ransom also contributes to the development of more ransomware families, so it’s best to hold off on making any payments.
  • Use security software. Adding an extra layer of security with a solution such as McAfee Total Protection, which includes Ransom Guard, can help protect your devices from these types of cyberthreats.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Children’s Charity or CryptoMix? Details on This Ransomware Scam appeared first on McAfee Blogs.

How to Protect Three Common IoT Devices in 2019

It’s no secret – IoT devices are creeping into every facet of our daily lives. In fact, Gartner estimates there will be 20.4 Billion IoT devices by the year 2020. More devices mean greater connectivity and ease of use for their owners, but connectivity also means more opportunities for hacks. With CES 2019 kicking off this week, we turn our focus toward the year ahead, and take a look at some of the IoT devices that are particularly high-profile targets for cybercriminals: gaming systems, voice tech, routers, and smart cars.

Routers

Routers are very susceptible to attacks as they often come with factory-set passwords that many owners are unaware of or don’t know how to change, making these devices easy targets for hackers. That’s bad news, since a router is the central hub in a connected home. If a router is compromised and all of the devices share the same Wi-Fi network, then they could potentially all be exposed to an attack. How? When an IoT device talks to its connected router, the device could expose many of its internal mechanisms to the internet. If the device does not require re-authentication, hackers can easily scan for devices that have poorly implemented protocols. Then with that information, cybercriminals can exploit manufacturer missteps to execute their attacks. To help protect your router (and thus all your other devices), a best practice is to consider one with a layer of protection built-in, and be sure to use a long and complex password for your Wi-Fi network.

Gaming Systems

Over ten years ago, researchers found that many video gaming consoles were being distributed with major security issues involved with the Universal Plug and Play protocol (UPnP), a feature that allows IoT devices on a network to see each other and interact with one another. However, not much has been done to solve the problem. Through exploiting the UPnP weaknesses in gaming systems to reroute traffic over and over again, cybercriminals have been able to create “multi-purpose proxy botnets,” which they can use for a variety of purposes.  This is just the jumping-off point for malicious behavior by bad actors. With this sort of access into a gaming system, they can execute DDoS attacks, malware distribution, spamming, phishing, account takeovers, click fraud, and credit card theft. Our recent gaming survey found that 64% of respondents either have or know someone who has been directly affected by a cyberattack, which is an astonishing uptick in attacks on gamers. Considering this shift, follow our tips in the section above for routers and Wi-Fi, never use the same password twice, and be weary of what you click on.

Voice Tech

In 2018, 47.3 million adults had access to smart speakers or voice assistants, making them one of the most popular connected devices for the home. Voice-first devices can be vulnerable largely due to what we enable them to be connected with for convenience; delivery, shopping, and transportation services that leverage our credit cards. While it’s important to note that voice-first devices are most often compromised within the home by people who have regular access to your devices (such as kids) when voice recognition is not properly configured, any digital device can be vulnerable to outside attacks too if proper security is not set up. For example, these always-on, always-listening devices could be infiltrated by cybercriminals through a technique called “voice squatting.” By creating “malicious skills,” hackers have been able to trick voice assistants into continuing to listen after a user finishes speaking. In this scenario an unsuspecting person might think they’re connecting to their bank through their voice device, when unbeknownst to them, they’re giving away their personal information.  Because voice-controlled devices are frequently distributed without proper security protocol in place, they are the perfect vehicle in terms of executing a cyberattack on an unsuspecting consumer. To protect your voice assistants, make sure your Wi-Fi password is strong, and be on the lookout for suspicious activity on linked accounts.

While you can’t predict the future of IoT attacks, here are some additional tips and best practices on how to stay ahead of hackers trying to ruin your year:

  • Keep your security software up-to-date. Software and firmware patches are always being released by companies and are made to combat newly discovered vulnerabilities, so be sure to update every time you’re prompted to.
  • Pay attention to the news. With more and more information coming out around vulnerabilities and flaws, companies are more frequently sending out updates for smart cars and other IoT devices. While these should come to you automatically, be sure to pay attention to what is going on in the space of IoT security.
  • Change your device’s factory security settings. This is the single most important step to take to protect all devices. When it comes to products, many manufacturers aren’t thinking “security first.” A device may be vulnerable as soon as opening the box. By changing the factory settings you’re instantly upgrading your device’s security.
  • Use best practices for linked accounts.  For gaming systems and voice-first devices in particular, if you connect a service that leverages a credit card, protect that linked service account with strong passwords and two-factor authentication (2FA) where possible. In addition, pay attention to notification emails, especially those regarding new orders for goods or services. If you notice suspicious activity, act accordingly.
  • Setup a separate IoT network. Consider setting up a second network for your IoT devices that don’t share access to your other devices and data. Check your router manufacturer’s website to learn how. You might also consider adding in another network for guests and unsecured devices from others. Lastly, consider getting a router with built-in security features to make it easier to protect all the devices in your home from one place.
  • Use a firewall. A firewall is a tool that monitors traffic between an Internet connection and devices to detect unusual or suspicious behavior. Even if a device is infected, a firewall can keep a potential attacker from accessing all the other devices on the same network. When looking for a comprehensive security solution, see if a Firewall is included to ensure that your devices are protected.
  • Up your gaming security. Just announced at CES 2019, we’re bringing a sense of security to the virtual world of video games. Get in on the action with McAfee Gamer Security, Beta, it’s free!

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post How to Protect Three Common IoT Devices in 2019 appeared first on McAfee Blogs.

Kicking off CES 2019 with New Security Solutions and Collaborations

Today, we at McAfee are announcing some exciting new security solutions and integrations at CES in Las Vegas. For those of you who are unfamiliar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies. McAfee now delivers protection to more than 500 million customers worldwide, and we understand the importance of creating new solutions for those who want to live their connected lives with confidence. To help empower our customers to do this, we’ve added to our security lineup and are working with other tech innovators who understand the importance of protecting users’ online safety.

One addition to our lineup of security solutions is McAfee Gamer Security. In a recent gaming survey, we discovered that 75% of gamers are worried about the security of gaming as online threats continue to rise. To help combat these threats, we developed McAfee Gamer Security, which protects gamers while optimizing their gaming experience. Some of the product’s key features include Game Mode, a gamer-centric interface, and minimal security resource consumption. These features help optimize gamers’ computing resources, provide system status updates, and equip users with lightweight security protection.

In addition to our latest product advancements, we’ve also teamed up with other companies looking to better the cybersecurity landscape for consumers. The first is Google. In order to further simplify the process of securing today’s connected home, McAfee will provide McAfee Secure Home Platform voice commands for the Google Assistant. McAfee Secure Home Platform provides an extra layer of security to help automatically protect all of the connected devices on the user’s home network. Soon, Google Assistant users can easily manage their connected home security by just using their voice.

While it’s important to secure the connected home, it is also important to protect your mobile and IoT devices as well. According to McAfee Labs 2019 predictions, cybercriminals will leverage trusted devices like smartphones and tablets to try and access users’ IoT devices in the upcoming year. To help customers stay safeguarded from this threat, we’ve teamed up with Verizon to protect their home networks through Verizon Home Network Protection. This McAfee-powered solution helps Verizon Fios customers stay secured against malicious websites, provide parental controls, and protect all devices connected to their home network.

Furthermore, we at McAfee and Dell have teamed up to protect consumers and small businesses as they enjoy the benefits of today’s technology. To do this, we’ve expanded our collaboration to provide pre-installed McAfee software on PCs and laptops globally to both consumer and small business customers. Customers who purchase a new laptop or PC will also have the option to extend McAfee protection beyond their Dell device to their smartphones and tablets. This allows users to have a more robust security shield around all of their connected devices, creating a safer overall online experience. Dell consumer and small business customers who purchase Dell Inspiron, XPS, Vostro, and G-Series laptops will receive a 30-day or 1-year subscription. Customers who purchase Alienware, OptiPlex, Latitude, and Precision will have the option of adding a 30-day free subscription or purchasing a 1-year subscription.

Another one of our latest innovations is the addition of Cryptojacking Blocker to McAfee WebAdvisor. As we observed in our latest McAfee Labs report, coin mining malware is on the rise, growing more than  4000% in the last year. Cryptojacking Blocker helps protect users from having their devices hijacked without their knowledge or permission. The tool helps prevents websites from mining for cryptocurrency and is included in all McAfee suites that include McAfee WebAdvisor. Users can update their existing WebAdvisor software to get Cryptojacking Blocker or download WebAdvisor for free.

So far, CES 2019 has proven that innovation will continue to evolve, just as the cybersecurity landscape will continue to mature. By working together to improve the technology that protects connected devices, we can help users optimize their digital life without compromising their online safety.

To stay on top of McAfee’s CES news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Kicking off CES 2019 with New Security Solutions and Collaborations appeared first on McAfee Blogs.

What CES Can Show Us About Evolving Consumer Security Needs: A Timeline

Appropriately dubbed the ‘Global Stage for Innovation,’ it’s no wonder CES showcases the most cutting-edge consumer technologies coming out in the year ahead. No topic is off the table; Attendees will learn more about connected homes, smart cities and self-driving cars, try out shiny new digital health wearables, headsets, and other connected tech, explore AI-driven technologies, and so much more.

Although events like CES showcase breakthrough technologies, interestingly, they also highlight how rapidly new technology is replaced with the next new thing. The rate at which we are treading on new ground is shifting exponentially, and what we see at CES this January might be obsolete in just a few years.

This rapidly changing technological landscape poses a significant predicament to consumers, a ‘digital dilemma’ if you will: as new technologies accelerate and IoT devices that house them progress, new challenges arise with them. This is particularly the case when it comes to security and privacy. And, just as security and products change and adapt, so do our needs and wants as consumers. Those of a teen differ from those of a parent, from those of a baby boomer, and so on. Let’s see how those needs change over time.

A Digital Life Timeline

2015: The Teen Technologist

Born in the late ‘90s, this teen is an everyday gamer, who loves to play games online with friends. They also love their smartphone, mostly for the access to social media. A teen wouldn’t necessarily be concerned with security, so having a comprehensive system built in is crucial.

2021: The Young Professional

Entering the workforce for the first time, the young professional is finally able to buy the gadgets that were once luxuries. They might have two phones; one for work and a personal device. Additionally, they are bringing more connected devices into their home, so the need for a secure home network has become obvious. They are also always on the go and having to connect to public Wi-Fi, so a Virtual Private Network (VPN) should be considered.

2032: The Concerned Parent

Fast forward almost ten years, the young professional has become a worrying parent. Their kids are spending too much time on screens. Having a way to monitor what they are doing on the internet and limit their time online is crucial, and an application that could  provide parental controls would be welcomed. Also, as they bring larger, more connected devices into the home, like smart refrigerators and thermostats, they are excited about a platform that will bake in security through a home network.

2038: The Brand Loyalists

The concerned parent has found devices they like and those they do not like. But more importantly, they have found brands they love, and they may continue to purchase from to bring the latest technology into their family’s lives. A comprehensive security system that covers all types of devices is exactly what they would need to keep a layer of protection

2045: The Unacquainted User

At this point in a digital journey, our user has stopped keeping up with trends because things have changed so much. Almost to the point where they are unwilling to learn new tech, or are untrusting of it all together. But the need to maintain their security and privacy is still top of mind –especially as cybercriminals often prey on this demographic due to being an easy target. A person like this might worry about ransomware, viruses, and identity theft along with protecting their home network.

As you can see, a person’s security and safety needs, desires, and even their devices evolve depending on the moment in which they are within their life. With so much in flux, the last thing anyone wants to think about is security – but with constantly changing technology at an all-time high, it’s safe to bet that threats will evolve to keep pace, and so should the ways in which we protect devices. For these reasons, it’s important to leverage a security partner that will keep this in mind, and will grow with not only our evolving needs, but evolving technology, too.

To learn more about consumer security and our approach to it, be sure to follow us at @McAfee and @McAfee_Home.

The post What CES Can Show Us About Evolving Consumer Security Needs: A Timeline appeared first on McAfee Blogs.

Holiday Rush: How to Check Yourself Before Your Wreck Yourself When Shopping Online

It was the last item on my list and Christmas was less than a week away. I was on the hunt for a white Northface winter coat my teenage daughter that she had duly ranked as the most-important-die-if-I-don’t-get-it item on her wishlist that year.

After fighting the crowds and scouring the stores to no avail, I went online, stressed and exhausted with my credit card in hand looking for a deal and a Christmas delivery guarantee.

Mistake #1: I was under pressure and cutting it way too close to Christmas.
Mistake #2: I was stressed and exhausted.
Mistake #3: I was adamant about getting the best deal.

Gimme a deal!

It turns out these mistakes created the perfect storm for a scam. I found a site with several name brand named coats available lower prices. I was thrilled to find the exact white coat and guaranteed delivery by Christmas. The cyber elves were working on my behalf for sure!

Only the coat never came and I was out $150.

In my haste and exhaustion, I overlooked a few key things about this “amazing” site that played into the scam. (I’ll won’t harp on the part about me calling customer service a dozen times, writing as many emails, and feeling incredible stupidity over my careless clicking)!

Stress = Digital Risk

I’m not alone in my holiday behaviors it seems. A recent McAfee survey, Stressed Holiday Online Shopping, reveals, unfortunately, that when it comes to online shopping, consumers are often more concerned about finding a deal online than they are with protecting their cybersecurity in the process. 

Here are the kinds of risks stressed consumers are willing to take to get a holiday deal online:

  • 53% think the financial stress of the holidays can lead to careless shopping online.
  • 56% said that they would use a website they were unfamiliar with if it meant they would save money.
  • 51% said they would purchase an item from an untrusted online retailer to get a good deal.
  • 31% would click on a link in an email to get a bargain, regardless of whether they were familiar with the sender.
  • When it comes to sharing personal information to get a good deal: 39% said they would risk sharing their email address, 25% would wager their phone number, and 16% percent would provide their home address.

3 Tips to Safer Online Shopping:

  • Connect with caution. Using public Wi-Fi might seem like a good idea at the moment, but you could be exposing your personal information or credit card details to cybercriminals eavesdropping on the unsecured network. If public Wi-Fi must be used to conduct transactions, use a virtual private network (VPN) to help ensure a secure connection.
  • Slow down and think before you click. Don’t be like me exhausted and desperate while shopping online — think before you click! Cybercriminal love to target victims by using phishing emails disguised as holiday savings or shipping notification, to lure consumers into clicking links that could lead to malware, or a phony website designed to steal personal information. Check directly with the source to verify an offer or shipment.
  • Browse with security protection. Use comprehensive security protection that can help protect devices against malware, phishing attacks, and other threats. Protect your personal information by using a home solution that keeps your identity and financial information secure.
  • Take a nap, stay aware. This may not seem like an important cybersecurity move, but during the holiday rush, stress and exhaustion can wear you down and contribute to poor decision-making online. Outsmarting the cybercrooks means awareness and staying ahead of the threats.

I learned the hard way that holiday stress and shopping do not mix and can easily compromise my online security. I lost $150 that day and I put my credit card information (promptly changed) firmly into a crook’s hands. I hope by reading this, I can help you save far more than that.

Here’s wishing you and your family the Happiest of Holidays! May all your online shopping be merry, bright, and secure from all those pesky digital Grinches!

The post Holiday Rush: How to Check Yourself Before Your Wreck Yourself When Shopping Online appeared first on McAfee Blogs.

12 Days of Hack-mas

2018 was a wild ride when it came to cybersecurity. While some hackers worked to source financial data, others garnered personal information to personalize cyberattacks. Some worked to get us to download malware in order to help them mine cryptocurrency or harness our devices to join their botnets. The ways in which they exact their attacks are becoming more sophisticated and harder to detect. 2019 shows no sign of slowing down when it comes to the sophistication and multitude of cyberattacks targeted toward consumers.

Between the apps and websites we use every day, in addition to the numerous connected devices we continue to add our homes, there are a more ways than ever in which our cybersecurity can be compromised. Let’s take a look at 12 common, connected devices that are vulnerable to attacks –most of which our friends at the “Hackable?” podcast have demonstrated– and what we can do to protect what matters. This way, as we move into the new year, security is top of mind.

Connected Baby Monitors

When you have a child, security and safety fuels the majority of your thoughts. That’s why it’s terrifying to think that a baby monitor, meant to give you peace of mind, could get hacked. Our own “Hackable?” team illustrated exactly how easy it is. They performed a “man-in-the-middle” attack to intercept data from an IoT baby monitor. But the team didn’t stop there; next they overloaded the device with commands and completely crashed the system without warning a parent, potentially putting a baby in danger. If you’re a parent looking to bring baby tech into your home, always be on the lookout for updates, avoid knockoffs or brands you’re not familiar with, and change your passwords regularly.

Smart TVs

With a click of a button or by the sound of our voice, our favorite shows will play, pause, rewind ten seconds, and more – all thanks to smart TVs and streaming devices. But is there a sinister side? Turns out, there is. Some smart TVs can be controlled by cybercriminals by exploiting easy-to-find security flaws. By infecting a computer or mobile device with malware, a cybercriminal could gain control of your smart TV if your devices are using the same Wi-Fi. To prevent an attack, consider purchasing devices from mainstream brands that keep security in mind, and update associated software and apps regularly.

Home Wi-Fi Routers

Wi-Fi is the lifeblood of the 21st century; it’s become a necessity rather than a luxury. But your router is also a cybercriminal’s window into your home. Especially if you have numerous IoT devices hooked up to the same Wi-Fi, a hacker that successfully cracks into your network can get ahold of passwords and personal information, all of which can be used to gain access to your accounts, and launch spear phishing attacks against you to steal your identity or worse. Cybercriminals do this by exploiting weaknesses in your home network. To stay secure, consider a comprehensive security solution like McAfee® Secure Home Platform.

Health Devices and Apps

Digital health is set to dominate the consumer market in the next few years. Ranging from apps to hardware, the ways in which our health is being digitized varies, and so do the types of attacks that can be orchestrated. For example, on physical devices like pacemakers, malware can be implanted directly on to the device, enabling a hacker to control it remotely and inflict real harm to patients. When it comes to apps like pedometers, a hacker could source information like your physical location or regular routines.  Each of these far from benign scenarios highlight the importance of cybersecurity as the health market becomes increasingly reliant on technology and connectivity.

Smart Speakers

It seems like everyone nowadays has at least one smart speaker in their home. However, these speakers are always listening in, and if hacked, could be exploited by cybercriminals through spear phishing attacks. This can be done by spoofing actual websites which trick users into thinking that they are receiving a message from an official source. But once the user clicks on the email, they’ve just given a cybercriminal access to their home network, and by extension, all devices connected to that network too, smart speakers and all. To stay secure, start with protection on your router that extends to your network, change default passwords, and check for built-in security features.

Voice Assistants

Like smart speakers, voice assistants are always listening and, if hacked, could gain a wealth of information about you. But voice assistants are also often used as a central command hub, connecting other devices to them (including other smart speakers, smart lights or smart locks). Some people opt to connect accounts like food delivery, driver services, and shopping lists that use credit cards. If hacked, someone could gain access to your financial information or even access to your home. To keep cybercriminals out, consider a comprehensive security system, know which apps you can trust, and always keep your software up to date.

Connected Cars

Today, cars are essentially computers on wheels. Between backup cameras, video screens, GPS systems, and Wi-Fi networks, they have more electronics stacked in them than ever. The technology makes the experience smoother, but if it has a digital heartbeat, it’s hackable. In fact, an attacker can take control of your car a couple of ways; either by physically implanting a tiny device that grants access to your car through a phone, or by leveraging a black box tool and  your car’s diagnostic port completely remotely. Hacks can range anywhere from cranking the radio up to cutting the transmission or disabling the breaks. To stay secure, limit connectivity between your mobile devices and a car when possible, as phones are exposed to risks every day, and any time you connect it to your car, you put it at risk, too.

Smart Thermostats

A smart thermostat can regulate your home’s temperature and save you money by learning your preferences. But what if your friendly temperature regulator turned against you? If you don’t change your default, factory-set password and login information, a hacker could take control of your device and make it join a botnet

Connected Doorbells

When we think high-tech, the first thing that comes to mind is most likely not a doorbell. But connected doorbells are becoming more popular, especially as IoT devices are more widely adopted in our homes. So how can these devices be hacked, exactly? By sending an official-looking email that requests that a device owner download the doorbell’s app, the user unwittingly gave full access to the unwelcome guest. From there, the hackers could access call logs, the number of devices available, and even video files from past calls. Take heed from this hack; when setting up a new device, watch out for phishing emails and always make sure that an app is legitimate before you download it.

Smart Pet Cameras

We all love our furry friends and when we have to leave them behind as we head out the door. And it’s comforting to know that we can keep an eye on them, even give them the occasional treat through pet cameras. But this pet-nology can be hacked into by cybercriminals to see what’s get an inside look at your home, as proven by the “Hackable?” crew. Through a device’s app, a white-hat hacker was able to access the product’s database and was able to download photos and videos of other device owners. Talk about creepy. To keep prying eyes out of your private photos, get a comprehensive security solution for your home network and devices, avoid checking on your pet from unsecured Wi-Fi, and do your research on smart products you purchase for your pets.

Cell Phones

Mobile phones are one of the most vulnerable devices simply because they go everywhere you go. They essentially operate as a personal remote control to your digital life. In any given day, we access financial accounts, confirm doctor’s appointments and communicate with family and friends. That’s why is shocking to know how surprisingly easy it is for cybercriminals to access the treasure trove of personal data on your cell phone. Phones can be compromised a variety of ways; but here are a few: accessing your personal information by way of public Wi-Fi (say, while you’re at an airport), implanting a bug, leveraging a flaw in the operating system, or by infecting your device with malware by way of a bad link while surfing the web or browsing email.  Luckily, you can help secure your device by using comprehensive security such as McAfee Total Protection, or by leveraging a VPN (virtual private network) if you find yourself needing to use public Wi-Fi.

Virtual Reality Headsets

Once something out of a science fiction, virtual reality (VR) is now a high-tech reality for many. Surprisingly, despite being built on state of the art technology, VR is quite hackable. As an example, though common and easy-to-execute tactics like phishing to prompt someone to download malware, white-hat hackers were able to infect a linked computer and execute a command and control interface that manipulated the VR experience and disorientated the user. While this attack isn’t common yet, it could certainly start to gain traction as more VR headsets make their way into homes. To stay secure, be picky and only download software from reputable sources.

This is only the tip of the iceberg when it comes to hackable, everyday items. And while there’s absolutely no doubt that IoT devices certainly make life easier, what it all comes down to is control versus convenience. As we look toward 2019, we should ask ourselves, “what do we value more?”

Stay up-to-date on the latest trends by subscribing to our podcast, “Hackable?” and follow us on Twitter or Facebook.

The post 12 Days of Hack-mas appeared first on McAfee Blogs.

Businesses Beware: Top 5 Cyber Security Risks

Hackers are working hard to find new ways to get your data. It’s not surprising that cyber security risk is top of mind for every risk owner, in every industry. As the frequency and complexity of malicious attacks persistently grows, every company should recognize that they are susceptible to an attack at any time—whether it comes as an external focused attack, or a social engineering attack. Let’s take a look at the top 5 risks that every risk owner should be preparing for.

  1. Your Own Users. It is commonly known, in the security industry, that people are the weakest link in the security chain. Despite whatever protections you put in place from a technology or process/policy point of view, human error can cause an incident or a breach. Strong security awareness training is imperative, as well as very effective documented policies and procedures. Users should also be “audited” to ensure they understand and acknowledge their role in policy adherence. One area that is often overlooked is the creation of a safe environment, where a user can connect with a security expert on any issue they believe could be a problem, at any time. Your security team should encourage users to reach out. This creates an environment where users are encouraged to be part of your company’s detection and response. To quote the Homeland Security announcements you frequently hear in airports, “If you see something, say something!” The biggest threat to a user is social engineering—the act of coercing a user to do something that would expose sensitive information or a sensitive system.
  2. Phishing. Phishing ranks number three in both the 2018 Verizon Data Breach Investigation Report Top 20 action varieties in incidents and Top 20 action varieties in breaches. These statistics can be somewhat misleading. For example, the first item on the Top 20 action varieties in breaches list is the use of stolen credentials; number four is privilege abuse. What better way to execute both of those attacks than with a phishing scam. Phishing coerces a user through email to either click on a link, disguised as a legitimate business URL, or open an attachment that is disguised as a legitimate business document. When the user executes or opens either, bad things happen. Malware is downloaded on the system, or connectivity to a Command and Control server on the Internet is established. All of this is done using standard network communication and protocols, so the eco-system is none the wiser—unless sophisticated behavioral or AI capabilities are in place. What is the best form of defense here? 1.) Do not run your user systems with administrative rights. This allows any malicious code to execute at root level privilege, and 2.) Train, train, and re-train your users to recognize a phishing email, or more importantly, recognize an email that could be a phishing scam. Then ask the right security resources for help. The best mechanism for training is to run safe targeted phishing campaigns to verify user awareness either internally or with a third-party partner like Connection.
  3. Ignoring Security Patches. One of the most important functions any IT or IT Security Organization can perform is to establish a consistent and complete vulnerability management program. This includes the following key functions:
  • Select and manage a vulnerability scanning system to proactively test for flaws in IT systems and applications.
  • Create and manage a patch management program to guard against vulnerabilities.
  • Create a process to ensure patching is completed.

Most malicious software is created to target missing patches, especially Microsoft patches. We know that WannaCry and Petya, two devastating attacks, targeted systems that were missing Microsoft MS17-010. Eliminating the “low-hanging-fruit” from the attack strategy, by patching known and current vulnerabilities or flaws, significantly reduces the attack-plane for the risk owner.

  1. Partners. Companies spend a lot of time and energy on Information Security Programs to address external and internal infrastructures, exposed Web services, applications and services, policies, controls, user awareness, and behavior. But they ignore a significant attack vector, which is through a partner channel—whether it be a data center support provider or a supply chain partner. We know that high-profile breaches have been executed through third partner channels, Target being the most prominent.The Target breach was a classic supply chain attack, where they were compromised through one of their HVAC vendors. Company policies and controls must extend to all third-party partners that have electronic or physical access to the environment. Ensure your Information Security Program includes all third partner partners or supply chain sources that connect or visit your enterprise. The NIST Cyber Security Framework has a great assessment strategy, where you can evaluate your susceptibility to this often-overlooked risk.
  2. Data Security. In this day and age, data is the new currency. Malicious actors are scouring the Internet and Internet-exposed corporations to look for data that will make them money. The table below from the 2018 Ponemon Institute 2018 Cost of a Data Breach Report shows the cost of a company for a single record data breach.

Cost for a Single Record Data Breach

The Bottom Line

You can see that healthcare continues to be the most lucrative target for data theft, with $408 per record lost. Finance is nearly half this cost. Of course, we know the reason why this is so. A healthcare record has a tremendous amount of personal information, enabling the sale of more sensitive data elements, and in many cases, can be used to build bullet-proof identities for identity theft. The cost of a breach in the US, regardless of industry, averages $7.9 million per event. The cost of a single lost record in the US is $258.

I Can’t Stress It Enough

Data security should be the #1 priority for businesses of all sizes. To build a data protection strategy, your business needs to:

  • Define and document data security requirements
  • Classify and document sensitive data
  • Analyze security of data at rest, in process, and in motion
  • Pay attention to sensitive data like PII, ePHI, EMR, financial accounts, proprietary assets, and more
  • Identify and document data security risks and gaps
  • Execute a remediation strategy

Because it’s a difficult issue, many corporations do not address data security. Unless your business designed classification and data controls from day one, you are already well behind the power curve. Users create and have access to huge amounts of data, and data can exist anywhere—on premises, user laptops, mobile devices, and in the cloud. Data is the common denominator for security. It is the key thing that malicious actors want access to. It’s essential to heed this warning: Do Not Ignore Data Security! You must absolutely create a data security protection program, and implement the proper policies and controls to protect your most important crown jewels.

Cyber criminals are endlessly creative in finding new ways to access sensitive data. It is critical for companies to approach security seriously, with a dynamic program that takes multiple access points into account. While it may seem to be an added expense, the cost of doing nothing could be exponentially higher. So whether it’s working with your internal IT team, utilizing external consultants, or a mix of both, take steps now to assess your current situation and protect your business against a cyber attack. Stay on top of quickly evolving cyber threats. Reach out to one of our security experts today to close your businesses cyber security exposure gap!

The post Businesses Beware: Top 5 Cyber Security Risks appeared first on Connected.