Category Archives: Network Security

How to Build Your 5G Preparedness Toolkit

5G has been nearly a decade in the making but has really dominated the mobile conversation in the last year or so. This isn’t surprising considering the potential benefits this new type of network will provide to organizations and users alike. However, just like with any new technological advancement, there are a lot of questions being asked and uncertainties being raised around accessibility, as well as cybersecurity. The introduction of this next-generation network could bring more avenues for potential cyberthreats, potentially increasing the likelihood of denial-of-service, or DDoS, attacks due to the sheer number of connected devices. However, as valid as these concerns may be, we may be getting a bit ahead of ourselves here. While 5G has gone from an idea to a reality in a short amount of time for a handful of cities, these advancements haven’t happened without a series of setbacks and speedbumps.

In April 2019, Verizon was the first to launch a next-generation network, with other cellular carriers following closely behind. While a technological milestone in and of itself, some 5G networks are only available in select cities, even limited to just specific parts of the city. Beyond the not-so widespread availability of 5G, internet speeds of the network have performed at a multitude of levels depending on the cellular carrier. Even if users are located in a 5G-enabled area, if they are without a 5G-enabled phone they will not be able to access all the benefits the network provides. These three factors – user location, network limitation of certain wireless carriers, and availability of 5G-enabled smartphones – must align for users to take full advantage of this exciting innovation.

While there is still a lot of uncertainty surrounding the future of 5G, as well as what cyberthreats may emerge as a result of its rollout, there are a few things users can do to prepare for the transition. To get your cybersecurity priorities in order, take a look at our 5G preparedness toolkit to ensure you’re prepared when the nationwide roll-out happens:

  • Follow the news. Since the announcement of a 5G enabled network, stories surrounding the network’s development and updates have been at the forefront of the technology conversation. Be sure to read up on all the latest to ensure you are well-informed to make decisions about whether 5G is something you want to be a part of now or in the future.
  • Do your research. With new 5G-enabled smartphones about to hit the market, ensure you pick the right one for you, as well as one that aligns with your cybersecurity priorities. The right decision for you might be to keep your 4G-enabled phone while the kinks and vulnerabilities of 5G get worked out. Just be sure that you are fully informed before making the switch and that all of your devices are protected.
  • Be sure to update your IoT devices factory settings. 5G will enable more and more IoT products to come online, and most of these connected products aren’t necessarily designed to be “security first.” A device may be vulnerable as soon as the box is opened, and many cybercriminals know how to get into vulnerable IoT devices via default settings. By changing the factory settings, you can instantly upgrade your device’s security and ensure your home network is secure.
  • Add an extra layer of security.As mentioned, with 5G creating more avenues for potential cyberthreats, it is a good idea to invest in comprehensive mobile security to apply to all of your devices to stay secure while on-the-go or at home.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post How to Build Your 5G Preparedness Toolkit appeared first on McAfee Blogs.

SSH In Nutshell : A protocol for secured network communication

Estimated reading time: 4 minutes

Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. A widely used Transport Layer Protocol, SSH is used to secure connections between clients and servers. SSH was basically designed as a replacement for conventional Telnet and for unsecured remote shell protocols such as the Berkeley rlogin, rsh, and rexec protocols. These protocols send critical information, such as passwords, in plain text format, and are susceptible to interception and disclosure using methods like packet analysis or deep packet inspection. The encryption used by SSH provides confidentiality and integrity of data over an unsecured network, such as the Internet.

                                         Fig. 1: SSH Protocol Stack

How Does SSH Work?

The SSH protocol employs a client-server model for authentication and encryption of data transferred between them.

Negotiating Encryption for the Session

  • Version Exchange: When a TCP connection is made by a client, the server responds with the protocol versions it supports. If the client can match one of the acceptable protocol versions, the connection continues.
  • Key Exchange Initialization: To kick off the key exchange, both sides send a SSH_MSG_KEX_INIT message to each other, with a list of cryptographic primitives they support with their preference. These primitives are basic building blocks, used to perform key exchange and bulk data encryption. The following table (Tab.1) shows some examples of cryptographic primitives.
                                                                                          Tab.1: Cryptographic Primitives

 

  • Diffie-Hellman Initialization: The key exchange begins by the client, generating an ephemeral key pair (private and associated public key) and sending its public key to the server in a, SSH_MSG_KEX_ECDH_INIT message (Fig. 2). The server checks the authorized_keys file of the account that the client is attempting to log into for the key ID. If strict key checking is enabled, and key is not found to be correct, the connection is rejected by the server thereby safeguarding the server from connecting with unknown clients. The key pair created will only be used during the key exchange and disposed afterwards. So, for an attacker it is extremely difficult to steal a private key while passively recording encrypted traffic. This property is called forward secrecy.
                                                   Fig. 2 Generation of the key exchange initialization message

 

  • Diffie-Hellman Reply: On receiving SSH_MSG_KEX_ECDH_INIT message, server generates its own ephemeral key pair. The shared secret key K is generated by server, with its own key pair and client’s public key. After successful generation of shared secret an exchange hash H is generated (Fig. 3). The exchange hash is signed by server to generate its signature HS (Fig. 4).
                                                                 Fig. 3: Generation of the exchange hash H

 

The exchange hash and its signature serve several purposes:

•  The signature or verification loop, of the exchange hash and its signature enables the client to verify whether the server has ownership of the host private key. If yes, the client is connected to the correct server.

• A faster handshake is achieved by signing the exchange hash instead of input to exchange hash.

                                                                  Fig. 4: Generation of the ECDH KEX reply

 

The exchange hash is generated by taking the hash (either SHA256, SHA384 or SHA512, as per the key exchange algorithm) of the following fields:

• Magics M

• Server host public key (or certificate) HPub

• Client public key A

• Server public key B

• Shared secret K

Magics consists of client version, server version, clients SSH_MSG_KEXINIT message and server SSH_MSG_KEXINIT message. With this information in hand, the SSH_MSG_KEX_ECDH_REPLY message can be constructed by the server from the following:

ephemeral public key of the server B,

the host public key of the server HPub,

and the signature on the exchange hash HS.

After SSH_MSG_KEX_ECDH_REPLY is received by client, the client can calculate the secret K and the exchange hash H.

The client extracts the host public key (or certificate) from SSH_MSG_KEX_ECDH_REPLY and verifies the signature of exchange hash HS, hence proving the ownership of the host private key.

In order to prevent Man-in-the-Middle (MITM) attacks, after the signature is validated, the host public key (or certificate) retrieved is checked against a local database of the trusted hosts; if this key (or certificate) is not trusted the connection is terminated.

If you have ever seen a message like below (Fig. 5), it means that the key presented is not in your local database of known hosts.

                                                                          Fig. 5: Prompt for Authentication of Server

Authenticating the User’s Access to the Server

The next stage involves authenticating the user and deciding access. There are various mechanisms for authentication but which mechanism to use depends upon what purpose the server is configured for.

The simplest is password authentication, but this is highly not recommended due to complexities and automated password breaking scripts.

The most popular and recommended alternative is the use of SSH key pairs. SSH key pairs are asymmetric keys. The public key is used to encrypt data that can only be decrypted with the private key. The public key can be freely shared, because, although it can encrypt for the private key, there is no method of deriving the private key from the public key.

Summary

SSH provides a secured encrypted channel for configuration of remote servers, established by agreed cryptographic primitives, and user authentication by symmetric key pairs.

The following diagram shows various stages of SSH handshake in establishing a secured channel that uses a password authentication mechanism.

                                                      Fig. 6: Stages of SSH Handshaking with user Password Authentication

The post SSH In Nutshell : A protocol for secured network communication appeared first on Seqrite Blog.

Protect against BlueKeep

Worms are the cause of many cyber headaches. They can easily replicate themselves to spread malicious malware to other computers in your network. As the field responders providing Microsoft enterprise customers with onsite assistance to serious cybersecurity threats, our Detection and Response Team (DART) has seen quite a few worms. If you’ve met the DART Team, then you know your worms are our concern and that’s why we keep an eye out for BlueKeep.

Protect against BlueKeep

This summer, the DART team has been preparing for CVE-2019-0708, colloquially known as BlueKeep, and has some advice on how you can protect your network. The BlueKeep vulnerability is “wormable,” meaning it creates the risk of a large-scale outbreak due to its ability to replicate and propagate, similar to Conficker and WannaCry. Conficker has been widely estimated to have impacted 10- to 12-million computer systems worldwide. WannaCry was responsible for approximately $300 million in damages at just one global enterprise.

To protect against BlueKeep, we strongly recommend you apply the Windows Update, which includes a patch for the vulnerability. If you use Remote Desktop in your environment, it’s very important to apply all the updates. If you have Remote Desktop Protocol (RDP) listening on the internet, we also strongly encourage you to move the RDP listener behind some type of second factor authentication, such as VPN, SSL Tunnel, or RDP gateway.

You also want to enable Network Level Authentication (NLA), which is a mitigation to prevent un-authenticated access to the RDP tunnel. NLA forces users to authenticate before connecting to remote systems, which dramatically decreases the chance of success for RDP-based worms. The DART team highly recommends you enable NLA regardless of this patch, as it mitigates a whole slew of other attacks against RDP.

If you’re already aware of the BlueKeep remediation methods, but are thinking about testing it before going live, we recommend that you deploy the patch. It’s important to note that the exploit code is now publicly and widely available to everyone, including malicious actors. By exploiting a vulnerable RDP system, attackers will also have access to all user credentials used on the RDP system.

Why the urgency?

Via open source telemetry, we see more than 400,000 endpoints lacking any form of network level authentication, which puts each of these systems potentially at risk from a worm-based weaponization of the BlueKeep vulnerability.

The timeline between patch release and the appearance of a worm outbreak is difficult to predict and varies from case to case. As always, the DART team is ready for the worst-case scenario. We also want to help our customers be prepared, so we’re sharing a few previous worms and the timeline from patch to attack. Hopefully, this will encourage everyone to patch immediately.

Chart showing vulnerability, patch release, and outbreak. Vulnerability: MS08-067; Patch release: October 23, 2008; Outbreak: late December 2008. Vulnerability: MS17-010; Patch release: March 14, 2017; Outbreak: May 12, 2017. Vulnerability: CVE-2019-0708; Patch release: May 13, 2019; Outbreak column shows three question marks.

Learn more

To learn more about DART, our engagements, and how they are delivered by experienced cybersecurity professionals who devote 100 percent of their time to providing cybersecurity solutions to customers worldwide, please contact your account executive. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

This document is for informational purposes only and Microsoft makes no warranties, express or implied, in this blog.

The post Protect against BlueKeep appeared first on Microsoft Security.

Don’t put the network visibility of your enterprise at risk

Estimated reading time: 3 minutes

We live in a connected world – thanks to the rise of new trends and concepts like Internet of Things (IoT) or Bring Your Own Device (BYOD), enterprise networks can’t restrict themselves to a specific set of predefined devices. Hence, the number of devices that now exist on enterprise networks are rapidly multiplying.

Obviously, this would mean that the importance of network visibility has grown by multifold. Just a few years back, it was far simpler to get an outline of a business network, but courtesy to the ever-expanding number of devices that connect to business networks now, it is a whole new ball game.  From a cybersecurity perspective, network visibility is extremely important – it is important to monitor what an enterprise is trying to secure.

How does network visibility help an enterprise? Here are some ways:

Identifying anomalies in network activity

Network visibility enables cybersecurity administrators to observe network activity. This can allow them to spot and benchmark patterns, leading to easy identification of anomalies. Normal activity is thus easily detected and anything which stands out can be sent for investigation.

User activity

Are employees following their information security policy seriously? Proper network visibility will provide answers to this question with detailed information on how employees are using confidential and sensitive data. Network administrators can also readily find out if their policies are being followed and if there are backdoors in the network.

Secure Remote Connectivity

A secure connection from an endpoint to the company’s network for its remote users is very important and a virtual private network (VPN) does just that. It also helps build site-to-site connections to ensure protected and seamless connectivity. Typically, Secure Sockets Layer or IPsec is used to verify the communication between the endpoint and the network.

Ease of use and operational benefits

A single centralized solution offering network visibility helps provide an easy snapshot to understand what is happening in an enterprise network. It allows for operational benefits by eliminating the need to have multiple security solutions to perform the task.

Sensitive assets

Network visibility allows administrators to understand their network’s weak points. What part of the network gets attacked the most and what kind of attack vectors are used? Through these trends, network administrators stay up-to-date on the everyday changes happening in a fairly massive enterprise network.

Seqrite’s Unified Threat Management (UTM) solution offers a one-stop solution for network visibility. UTM reduces security complexities by integrating key IT security features in one integrated network security product. The platform brings network security, management, backup and recovery of UTM data and many other critical network services together under a single unified umbrella, tailored to suit the complexity of emerging threat scenarios.

A few benefits of the UTM solution are:

  • All traffic through the firewall is tracked and logged and pre-defined business rules are applied to block all threats and non-business traffic. This improves productivity and ensures security. The antivirus built into it scans all inbound and outbound traffic for malware at the gateway level. The IPS system can detect and prevent attacks from a wide range of DoS and DDoS attacks before they infiltrate the network.
  • It validates and encrypts every IP packet of communication using Perfect Forward Secrecy (PFS) and NAT traversal. VPN compression, Multiple Subnet Support, and DNS Setting for PPTP Server as well as SSL VPN, Remote Access VPN, Site-to-Site VPN, dead peer detection are some of the other features of this tool to ensure secure remote connectivity.
  • It includes mail antivirus and anti-spam as well as keyword blocking for emails and HTTP(S) traffic fortifying your email communication. Website category and custom web lists based filtering are also provided.
  • It boasts of a revamped ISP load balance and failover feature including policy-based failover routing and automatic divert of data traffic from inactive ISP to active ISPs. IPv6, VLAN, USB Internet support for 3G/4G and NTP support, configurable LAN/WAN/DMZ ports, and Layer 2 bridging and link aggregation are also provided.
  • A user-friendly web-based logging and reporting console gives a complete view of the network. Configurable scheduling of diagnostic tools and monitoring CPU/RAM/Disk usage with timely reports and alerts through SMS or email. Stronger access control with enhanced user/group bandwidth and quota management is also provided.

 

Seqrite UTM is a one-stop network security solution for your enterprise ensuring round-the-clock security for your network.

The post Don’t put the network visibility of your enterprise at risk appeared first on Seqrite Blog.

FOMO: How to Help Digital Kids Overcome the Feeling of Missing Out

What happens when you give hundreds of teenagers smartphones and unlimited access to chat apps and social networks 24/7? A generation emerges with a condition called Fear of Missing Out, or, FOMO. While feelings of FOMO have been around for centuries, social media has done its part to amplify it, which can cause some serious emotional fallout for teens today.

What is FOMO

FOMO is that uneasy and often consuming feeling you’re missing out on something more interesting, exciting or better than what you are currently doing. FOMO affects people of all ages in various ways since 77% of humans now own phones. However, for uber-digital teens, FOMO can hit especially hard. Seeing a friend’s Paris vacation photos on Instagram or watching friends at a party on Snapchat can spark feelings of sadness and loneliness that can lead to anxiety and even depression.

As one mom recently shared with us: “My daughter called me a few months ago saying she wanted to drop out of college and travel the world. When I asked her what sparked this and how she planned to finance her adventure, she said, ‘everyone else is doing it, so I’m sure I’ll figure it out.'”

After further discussion, the mom discovered that her daughter’s idea to drop out was a combination of intense FOMO and lack of sleep. It was exam week, the pressure was high, and scrolling Instagram made her daughter question her life choices. When exams ended, her daughter got some sleep and took a few days off of social media and remains in school today.

Signs of FOMO

  • Constantly checking social media (even while on vacation, out with friends, or attending a fun event)
  • Constantly refreshing your screen to get the latest updates and to see people’s responses to your posts
  • Feeling you need to be available and respond to your friends 24/7
  • Obsessively posting your daily activities online
  • Feeling of needing new things, new experiences, a better life
  • Feeling sad, lonely, or depressed after being on social media for extended periods of time
  • Feeling dissatisfaction with one’s life
  • Making life choices or financial decisions based on what you see online

Coaching Kids through FOMO

Nurture JOMO. The Joy of Missing Out, JOMO, is the opposite of FOMO. It’s the feeling of freedom and even relief that we’ve unplugged and are fully present in the moment. To encourage more JOMO and less FOMO, parents can help guide kids toward personal contentment with more phone-free activities such as reading, journaling, face-to-face conversations, outdoor activities, and practicing mindfulness.

Other ways to encourage JOMO: Remind kids they have choices and don’t have to say “yes” to every invitation and to ask themselves, “Is this something I really want to do?” Also, consider challenging them to turn off their phone notifications, try a digital cleanse for a day or even a week, and read and discuss this great JOMO Manifesto together. A big perk of embracing JOMO is also “missing out” on some of the digital risks such as oversharing and risks to reputation and privacy.

Keep a thought journal. Changing your thinking is hard work. Experts suggest that kids suffering from anxiety, depression, or FOMO keep a thought journal to track, analyze, and reframe negative thoughts in more realistic, honest ones. For example, an initial thought might be: “I can’t believe my friends went to the concert without me. They must not want me around.” After thinking honestly about the situation, that thought might change to: “I don’t even like that band, wouldn’t spend money to see them, and my friends know that. Anyway, I had a blast with Ashley at the movies tonight.”

Cut back on social media. Cutting back sounds like an obvious fix, right? That’s the thing about unhealthy habits — they can be very tough to break and sometimes we need help. Most kids will be quick to argue that the amount of time they spend online doesn’t impact their emotions at all but numerous studies and common sense contradict that reasoning. They say this because the thought of cutting back on their social media habits can strike panic. It’s a love-hate routine they don’t quite know how to stop and it is their go-to remedy for boredom. So persist in helping your child reduce screen time. Be creative by offering alternate activities and helping them stay on track with their goals.

Curate for quality. This tip will, no doubt, challenge your kids. You may even get a flat “no way” when you suggest it. When it comes to photo-based platforms like Instagram and Snapchat, challenge your child to think about why they follow certain friends or accounts. Challenge them to delete feeds that are not encouraging, useful, or post quality content. They may not want to reduce their friends’ list (follower and friend counts matter) but they can mute accounts so they don’t have to see content that triggers FOMO feelings.

FOMO is a very real feeling so if your child shows signs of it be sure to validate their feelings. Periodic feelings of exclusion and hurt are part of being human. Don’t, however, allow faulty, streaming perceptions to push out the true joys of real-life experiences. Be the bridge of reason for your kids reminding them that social media spotlights the best versions of people’s lives — the filtered versions — but that nothing compares to showing up and living the real adventure.

The post FOMO: How to Help Digital Kids Overcome the Feeling of Missing Out appeared first on McAfee Blogs.

Is Your Smart Home Secure? 5 Tips to Help You Connect Confidently

With so many smart home devices being used today, it’s no surprise that users would want a tool to help them manage this technology. That’s where Orvibo comes in. This smart home platform helps users manage their smart appliances such as security cameras, smart lightbulbs, thermostats, and more. Unfortunately, the company left an Elasticsearch server online without a password, exposing billions of user records.

The database was found in mid-June, meaning it’s been exposed to the internet for two weeks. The database appears to have cycled through at least two billion log entries, each containing data about Orvibo SmartMate customers. This data includes customer email addresses, the IP address of the smart home devices, Orvibo usernames, and hashed passwords.

 

More IoT devices are being created every day and we as users are eager to bring them into our homes. However, device manufacturers need to make sure that they are creating these devices with at least the basic amount of security protection so users can feel confident utilizing them. Likewise, it’s important for users to remember what risks are associated with these internet-connected devices if they don’t practice proper cybersecurity hygiene. Taking the time to properly secure your devices can mean the difference between a cybercriminal accessing your home network or not. Check out these tips to help you remain secure when using your IoT devices:

  • Research before you buy. Although you might be eager to get the latest device, some are made more secure than others. Look for devices that make it easy to disable unnecessary features, update software, or change default passwords. If you already have an older device that lacks these features, consider upgrading.
  • Safeguard your devices. Before you connect a new IoT device to your network, be sure to change the default username and password to something strong and unique. Hackers often know the default settings of various IoT devices and share them online for others to expose. Turn off other manufacturer settings that don’t benefit you, like remote access, which could be used by cybercriminals to access your system.
  • Update, update, update. Make sure that your device software is always up-to-date. This will ensure that you’re protected from any known vulnerabilities. For some devices, you can even turn on automatic updates to ensure that you always have the latest software patches installed.
  • Secure your network. Just as it’s important to secure your actual device, it’s also important to secure the network it’s connected to. Help secure your router by changing its default name and password and checking that it’s using an encryption method to keep communications secure. You can also look for home network routers or gateways that come embedded with security software like McAfee Secure Home Platform.
  • Use a comprehensive security solution. Use a solution like McAfee Total Protection to help safeguard your devices and data from known vulnerabilities and emerging threats.

And, as always, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home  on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Is Your Smart Home Secure? 5 Tips to Help You Connect Confidently appeared first on McAfee Blogs.

Bargain or Bogus Booking? Learn How to Securely Plan Summer Travel

With summertime just around the corner, families are eagerly looking to book their next getaway. Since vacation is so top-of-mind during the summer months, users are bound to come across websites offering cheap deals on flights, accommodations, and other experiences and activities. With so many websites claiming to offer these “can’t-miss deals,” how do you know who to trust?

It turns out that this is a common concern among folks looking for a little summer getaway. According to our recent survey of 8,000 people across the UK, US, Canada, Australia, France, Germany, Spain, and Singapore, 54% of respondents worry about their identity being stolen while booking and purchasing travel and accommodation online. However, 27% don’t check the authenticity of a website before booking their vacation online. Over half of these respondents say that it doesn’t cross their minds to do so.

These so-called “great deals” can be difficult to pass up. Unfortunately, 30% of respondents have been defrauded thanks to holiday travel deals that were just too good to be true. What’s more, 46.3% of these victims didn’t realize they had been ripped off until they arrived at their holiday rental to find that the booking wasn’t actually valid.

In addition to avoiding bogus bookings, users should also refrain from risky online behavior while enjoying their summer holidays. According to our survey, 44.5% of respondents are putting themselves at risk while traveling by not checking the security of their internet connection or willingly connecting to an unsecured network. 61% also stated that they never use a VPN, while 22% don’t know what a VPN is.

Unfortunately, travel-related attacks aren’t limited to just travelers either; hotels are popular targets for cybercriminals. According to analysis conducted by the McAfee Advanced Threat Research team, the most popular attack vectors are POS malware and account hijacking. Due to these attacks, eager vacationers have had their customer payment, credit card data, and personally identifiable information stolen. In order for users to enjoy a worry-free vacation this summer, it’s important that they are aware of the potential cyberthreats involved when booking their trips online and what they can do to prevent them.

We here at McAfee are working to help inform users of the risks they face when booking through unsecured or unreliable websites as well as when they’re enjoying some summertime R&R. Check out the following tips so you can enjoy your vacation without questioning the status of your cybersecurity:

  • Always connect with caution. If you need to conduct transactions on a public Wi-Fi connection, use a virtual private network (VPN) to help keep your connection secure.
  • Think before you click. Often times, cybercriminals use phishing emails or fake sites to lure consumers into clicking links for products or services that could lead to malware. If you receive an email asking you to click on a link with a suspicious URL, it’s best to avoid interacting with the message altogether.
  • Browse with security protection. Use a comprehensive security solution, like McAfee Total Protection, which includes McAfee WebAdvisor that can help identify malicious websites.
  • Utilize an identity theft solution. With all this personal data floating around online, it’s important to stay aware of any attempts to steal your identity. Use an identity theft solution, such as McAfee Identity Theft Protection, that can help protect personally identifiable information from identity theft and fraud.

And, as always, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Bargain or Bogus Booking? Learn How to Securely Plan Summer Travel appeared first on McAfee Blogs.

What is DNS Security? Why is it Important?

DNS, like Border Gateway protocol, Network Time Protocol etc, is one of the utility protocols that keep the Internet up and running. Hence securing such protocols is important, but it’s mostly seen that security teams tend to get a bit indifferent regarding the security of such utility protocols.

Well, if you ask us the question “What is DNS security?”, the answer would be straight and simple. It’s all about providing security against DNS exploits like DNS hijacking, DNS Spoofing and Denial of Service attacks.

Well, after having answered the question “What is DNS security?”, let’s move on to answering another very relevant question, namely “Why is DNS security important?”.

As we know, standard DNS queries are required for almost all kinds of web traffic and hence hackers do look for opportunities to carry out DNS exploits. Such attacks, which are quite common these days, would redirect inbound traffic to a website to a fake copy of the website, which could be used to collect sensitive data pertaining to users and which could also expose businesses to great security risks.

Common attacks involving DNS

So now, after answering the questions “What is DNS security?” and “Why is DNS security important”, let’s discuss some of the very common kinds of attacks that cybercriminals carry out by targeting and exploiting DNS servers…

DNS hijacking – A hacker redirects, using a malware or with unauthorized modification of a DNS server, queries to a different domain name server. Traffic is diverted to a malicious website or server, which can be used to gather sensitive personal data or to distribute malware.

DNS spoofing/ DNS cache poisoning A hacker introduces forged DNS data into a resolver’s cache. The resolver thus returns an incorrect IP address for a domain and the user is taken to a malicious website that’s used to collect sensitive data or for malware infiltration.

DNS tunneling – A hacker encodes the data of other programs or protocols (SSH, TCP etc) in DNS queries and responses and uses the same to add data payload to any DNS, thereby gaining command and control or carrying out data exfiltration.

NXDOMAIN attack – A hacker inundates, using sophisticated tools, a DNS server with requests for records that don’t exist, thereby causing a denial-of-service for all legitimate traffic.

Phantom Domain attack – A hacker sets up a bunch of ‘phantom’ domain servers that either don’t respond or if at all they respond, respond slowly, to requests. The resolver then gets hit with a flood of requests to these phantom domains. Since the resolver gets tied up waiting for responses to these requests, it leads to slow performance and eventual denial-of-service.

Random subdomain attack – A hacker sends DNS queries for random non-existent subdomains of a website, thereby causing denial-of-service.

Adopting DNSSEC protocol helps protect against DNS threats

Adopting DNSSEC (DNS Security Extensions) protocol is one of the most effective ways to ensure protection against DNS attacks.

The DNS system has many design limitations, which help hackers hijack DNS lookups for all kinds of malicious purposes. For example, they could divert users to fraudulent websites and gather sensitive personal data or else distribute malware through these websites. The DNSSEC protocol helps in mitigating such security issues by digitally signing data so as to ensure its validity. This digital signing, done at all levels of the DNS lookup process, is almost akin to someone signing a document with a unique signature and helps ensure a secure lookup. DNSSEC works with other security measures like SSL/TLS and maintains backward compatibility. The digital signing is done using public-key cryptography and the correct DNSKEY record is authenticated via a chain of trust that travels all the way up to the root zone. Domain owners generate their own keys, which are uploaded using the DNS control panel at the domain-name registrar. The keys are then pushed via secDNS to the zone operator for signing and publishing in DNS.

Other ways to prevent DNS-based attacks

The other ways to prevent DNS-based attacks, besides DNSSEC, include over-provisioning of infrastructure (letting your nameserver handle several times more traffic than expected thereby making it impossible for a DDoS attack to overwhelm the server), anycast routing (allowing multiple servers to share a single IP address) and using a DNS firewall. (A DNS firewall, which sits between a user’s recursive resolver and the authoritative nameserver of a website or service that’s being accessed, performs different functions. It can shut down denial-of-service attacks by providing rate limiting services to the server and also can keep websites or servers up by serving DNS responses from the cache whenever there is a server downtime due to an attack).

Configuring DNS resolvers to provide security

DNS resolvers, on being configured to provide security to end-users, can offer features like content filtering (identifying and blocking spam), identifying malware infected websites, providing protection from botnets etc. DNS resolvers can very easily be configured to perform such functions by simply changing a single setting in their local routers.

Related Resources:

Hacker Group Has Been Hacking DNS Traffic on D-Link Routers

Man-in-the-Middle (MITM) Attacks: An Introduction

How To Deal With DNS Vulnerabilities?

DNS-Hijacking Malware Bypasses Antivirus and Infects Apple MacOS

The post What is DNS Security? Why is it Important? appeared first on .

Kodi Hardware Add-on Users, Mostly At Risk With Malware

Kodi used to be a software-only solution that provides a user seeking to share media in a certain geographic area seamless, but the people behind the software went ahead and supplied their patrons with hardware version. This lessened the need for someone to have the technical expertise in setting up a separate PC for media consumption and sharing for the home/neighborhood. Making Kodi just like any other appliance for the home, commoditization brings a bad problem of malware infection, however.

More and more security and privacy organizations distrust the makers of Kodi the software, let alone its appliance counterpart. The Digital Citizen Alliance (DCA) has nothing but the bad comment about Kodi’s hardware, especially of it allegedly being the centerpiece of piracy in the neighborhood. As per their study, Kodi Box, they gray market $100 machine is a dream piracy device of the 270 Americans they have surveyed, but at the same time at risks with a malware infection.

The Kodi software itself, open-source software is not designed for piracy but rather just a tool for sharing content. But most of the users were not keen on checking if the content being shared and used through the software is legal or not.

“By plugging the device into a home network, [users] are enabling hackers to bypass the security designed to protect their system. If apps on the box or that are later downloaded have malware, the user has helped the hacker past network security. (We) uncovered a clever scheme that enabled criminals to pose as well-known streaming sites, such as Netflix, to facilitate illegal access to a legitimate subscription of an actual Netflix subscriber,” explained a Digital Citizens Alliance representative.

DCA has partnered with an IT Security firm, Group sense to monitor black market sales. The latter found evidence of hacker group discussing amongst themselves the feasibility of tapping to Kodi in order to propagate their malware, expand their botnet and the chances of successfully planting a crypto jacking malware to the computers of the victims while sharing content.

Kodi is an open-source software can be extended beyond the features the authors provided it by default. Some versions of Kodi were deliberately rebuilt to include capabilities to attempt a DoS attack against a certain target chosen by the hacking groups. XBMC, the developers of Kodi strongly deny the accusation that their creation is the culprit for helping expand malware infection. XBMC also highlighted the fact that they do not support platform expansion to original Kodi. Such add-on products are creations of their respective vendors and XBMC was not in any way involved with the development of those add-ons, hardware or software.

“If you are selling a box on your website designed to trick users into thinking broken add-ons come from us and work perfectly, so you can make a buck, we’re going to do everything we can to stop you,” said an XBMC representative.

The bottom line, the choice of using Kodi’s unofficial extensions and hardware add-ons is the responsibility of the user. If they purchase those unsupported products, XBMC cannot be blamed for any issue arising for the use of those products.

Also, Read:

BabyShark Malware Targeting Nuclear and Cryptocurrency Industries

Static Malware Analysis Vs Dynamic Malware Analysis

Game of Thrones Downloads Widely Used to Spread Malware

The post Kodi Hardware Add-on Users, Mostly At Risk With Malware appeared first on .

Wi-Fi Woes: Android Hotspot App Leaves 2 Million Passwords Exposed

Logging onto a free Wi-Fi network can be tempting, especially when you’re out running errands or waiting to catch a flight at the airport. But this could have serious cybersecurity consequences. One popular Android app, which allowed anyone to search for nearby Wi-Fi networks, was recently left exposed, leaving a database containing over 2 million network passwords unprotected.

How exactly were these passwords exposed? The app, which had been downloaded by millions of users, allowed anyone to search for Wi-Fi networks in their area. The app also lets users upload their Wi-Fi network passwords from their devices to its database for others to use. When the database was left exposed and unprotected, anyone could access and download its contents. Each record in the database contained the Wi-Fi network name, its precise geolocation, its basic service set identifier, and the network password in plaintext. Because the app didn’t require users to obtain permission from the network owner, it would be quite easy for a cybercriminal to modify router settings and point unsuspecting users to malicious websites. What’s more, a threat actor could also read unencrypted traffic that goes across a wireless network, allowing them to steal passwords and private data.

Thankfully, the web host was able to take down the database containing the Wi-Fi passwords within a day of being notified. But it’s important for users to be aware of the cybersecurity implications that free or public Wi-Fi presents. Check out the following tips to help protect your data:

  • Change your Wi-Fi password. If you think your password may have been affected by this exposure, err on the side of caution and reset it. Be sure to make your new password complex and unique.
  • Keep your network password private. Wi-Fi networks could be susceptible to a number of threats if their passwords are left in the wrong hands. Only share your passwords with family, friends, and those you trust, and never upload your password to a public database for strangers to use.
  • Safeguard your online privacy. Use a security solution like McAfee Safe Connect to encrypt your online activity, protect your privacy by hiding your IP address, and better defend against cybercriminals.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home  on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Wi-Fi Woes: Android Hotspot App Leaves 2 Million Passwords Exposed appeared first on McAfee Blogs.

Difference Between VPN, Firewall and the Antivirus Software

People often get confused with difference between VPN, firewall and antiviruses; they seem to be always wondering which of these security solutions they should use to ensure maximum security. Well, the answer is- use them all since they work best in unison. To understand this better, it’s necessary to know in detail how these different software function and what their uses are.

The VPN

VPN, or Virtual Private Network, helps users protect their privacy when they are online. This is done by encrypting users’ online traffic and thus protecting sensitive data and the entire communication from being seen by hackers or even surveillance agencies. The VPN, which works even when a user is on public Wi-Fi, masks the IP address, thereby giving the user some online anonymity. It also helps the user bypass geo-restrictions; thus, a user can browse websites/services that are restricted in his country or area if he uses a VPN.

The Firewall

The firewall, which is a must for any computing device, secures the system by monitoring and filtering incoming and outgoing traffic. A firewall could be a hardware device or a software device and helps block malicious programs, restrict access to unsecured websites etc. This is done by inspecting and blocking (or allowing) packets based on a certain set of predetermined rules. In fact, most OSs (operating systems) come with pre-installed firewall; if the user wants, he can configure the firewall to suit his needs. He should also remember that a firewall allows or restricts programs, services etc based on predetermined rules and hence it doesn’t have the capability to determine, by itself, what is malicious and what not. Thus, malicious files, programs or websites that are not included to be blocked wouldn’t be blocked and hence a firewall alone won’t work to secure a system. Still, firewall security is a must, for any computer system.

The Antivirus

The antivirus software, which is the very basic security software for any computing device, works by detecting, identifying and removing malicious software. In fact, though we often use the word antivirus, we’d be speaking about the antimalware software, which blocks not just viruses, but all kinds of malware- viruses, worms, trojans, spyware, adware etc. Based either on signature/code analysis or on behavior analysis, antiviruses identify, quarantine, analyze and remove all malware. Antivirus tools are provided by third party providers and these software need to be updated; they can, in fact, be set to update automatically. Without being updated regularly to include the latest of viruses too in its database, an antivirus tool cannot work effectively to protect a system/network against threats and attacks.

VPN Vs. Firewall Vs. Antivirus – The differences

  • A VPN, which prevents monitoring of a user’s traffic and secures data, doesn’t allow the user to establish restrictions (packet restrictions or network port restrictions) on the system in the way that a firewall does.
  • While VPNs help bypass geo-restrictions, firewalls don’t.
  • VPNs, unlike antiviruses, don’t help detect and stop malware or malicious links.
  • Antiviruses don’t help encrypt online traffic or bypass geo-restrictions the way VPNs do.
  • Firewalls can be used to block websites or programs that are already known to be malicious, but antiviruses block or identify (and then quarantine) all suspicious or malicious files or programs or websites after doing a full scan.

So, which one to use?

The answer is simple. VPNs, firewalls and antiviruses have different functions to perform and hence these tools complement each other as regards securing a computing environment. So, the best decision would be to always use a properly configured firewall plus a robust, advanced firewall, and whenever a user wants his traffic to go unmonitored, it’s best to use a VPN to protect his privacy or secure all data.

Also, Read:

5 Of The Best Free VPN Services

Free Open-Source Solution for Firewall

How to Choose a Firewall [Infographic]

Top Five Antivirus Apps for Your Android Smartphone

The post Difference Between VPN, Firewall and the Antivirus Software appeared first on .

Hotspot Finder App Exposes 2 M Wi-Fi Network Passwords

A highly popular hotspot finder App for Android has exposed over two million Wi-Fi network passwords.

WiFi Finder, the popular hotspot finder app that’s downloaded by thousands of users and used to locate and connect with Wi-Fi hotspots, has exposed more than two million Wi-Fi network passwords from its unprotected database. Security researcher Sanyam Jain, who is a member of the GDI Foundation, has found the database and has then reported his findings to TechCrunch.

TechCrunch reports, “The app, downloaded by thousands of users, allowed anyone to search for Wi-Fi networks in their nearby area. The app allows the user to upload Wi-Fi network passwords from their devices to its database for others to use…That database of more than two million network passwords, however, was left exposed and unprotected, allowing anyone to access and download the contents in bulk.”

Attempts that were made to contact the developer, who is believed to be based in China, proved futile. However, the host, DigitalOcean, on being informed of the data exposure, acted promptly and took down the database within a day of reaching out.

The exposed database contains Wi-Fi networks-related records like the names of the Wi-Fi networks, their precise geolocation details, the BSSID (Basic Service Set Identifier) and the Wi-Fi network passwords stored in plaintext.

The TechCrunch report observes, “Although the app developer claims the app only provides passwords for public hotspots, a review of the data showed countless home Wi-Fi networks. The exposed data didn’t include contact information for any of the Wi-Fi network owners, but the geolocation of each Wi-Fi network correlated on a map often included networks in wholly residential areas or where no discernible businesses exist.”

Users of the WiFi Finder app don’t have to obtain permission from the network owners for accessing the networks. This means that as a result of the data exposure, the Wi-Fi networks were exposed to unauthorized access. Any attacker who accesses such a Wi-Fi network could modify router settings, change the DNS settings and thus point unsuspecting users to malicious websites. The attackers, upon accessing a Wi-Fi network, would also be able to read the unencrypted traffic transmitted across the network, thereby making it possible for them to steal passwords and other confidential data.

The TechCrunch report points out that tens of thousands of Wi-Fi passwords that were exposed are for U.S-based Wi-Fi networks.

Related Resources:

How to Know If Someone Is Stealing your Wi-Fi

The Wi-Fi security flaw ‘Krack Attack’

Ten Best Network Scanning Tools for Network Security

The post Hotspot Finder App Exposes 2 M Wi-Fi Network Passwords appeared first on .

Artificial Intelligence Makes its Way to Front-line Security

As a long-promised feature of the digital age, artificial intelligence is finally making real strides into many aspects of mainstream security. From personal computing systems to vast online casino networks, this is a development long promised. Offering considerable advantages over traditional methods, these specially-designed systems will indisputably become a pronounced form of protection going forward, but how do they work, and what exactly makes them special?

While understanding the coding basics behind this technology requires a degree’s worth of knowledge, the concepts behind these systems are quite simple. Artificial intelligence security technology works to recognize patterns in attacks and security flaws, and then either implements steps to mitigate these flaws, or hands off relevant information to human security staff.

Defending against DDoS Attacks

081111-bbc-ddos-attack” (CC BY 2.0) by pingdom One of the more common types of attacks which are seen today are DDoS attacks. This is the effective flooding of a server with bogus connections, taking up all possible bandwidth and processor power in order to prevent service to legitimate users. A security system as led by artificial intelligence could work by taking account of large spikes of traffic and comparing it against standard levels of use.

From here, it could run a system to cancel incomplete connections or block a range of addresses if they were found to come from a central source. From streaming sites to online casinos, high-traffic services that must provide consistent and reliable connectivity can make a great deal of use of AI protection.

Combatting Phishing Scams

A similar example of implementation can be seen with how we already deal with issues of phishing scams. Most commonly, these come in the form of mass emails which attempt to trick a small number of users by sheer volume and taking advantage of the few most unlucky or computer illiterate.

Artificial intelligence could work to identify common phrases in these emails, cross-referencing them with user reports of scams. Following this action, the AI could automatically delete the messages, block the addresses where they originated and spread information of that particular scam into the wider internet.

High-Traffic Industries Expanding Protection

System Lock” (CC BY 2.0) by Yu. Samoilov With all this potential, it is little surprise that many of the biggest industries on the web are looking to expand their protection into this new era. As previously mentioned, online casinos are a perfect example of this, as most of their users are paying with visa in an online casino, they stay safe by utilizing whatever cutting-edge technology they can. From accreditation to high-level SSL encryption, these stand as some of the most likely to lead the way to mass adoption.

It’s important to note that while the actions which are performed by AI are possible through human means, the primary advantage here comes from the reliability and efficiency of digital systems. Without the need for direct human input, the constant threat of human error on a case-by-case basis is mitigated, though this will naturally mean a high level of QA testing of the AI itself.

Efficiency on this front is born through the ability of AI to operate far faster and at a far lower cost than even a team of highly trained security specialists. This doesn’t remove the need of these specialists completely, as they will still be needed to oversee the program and make high-level decisions, but the digital processing means that experts can focus more on the things that matter, leaving the grunt-work to the machines.

AI Analyzing Patterns Benefits and Other Services

Again turning to the online casino example, consider how many websites receive thousands or even millions of clicks a day. Sorting through all of this data for such a wide range of slots and other casino games would not realistically be possible for humans. Allowing AI to understand the basic rules and point out breaks in the patterns, however, make this not only possible but also routine and reliable.

After making significant strides recently, expect AI security to soon become commonplace for professional and personal use. While not impervious, this does at least mean a greater level of internet security all-around, making it a valuable addition to an age of growing digital dangers.

 

The post Artificial Intelligence Makes its Way to Front-line Security appeared first on .

How To Secure Your Smart Home

Do you live in a “smart” home? If you look around and see interactive speakers, IP cameras, and other internet-connected devices like thermostats and appliances, you are now one of the millions of people who live with so-called “smart” devices. They bring convenience and comfort into our lives, but they also bring greater risks, by giving cybercrooks new opportunities to access our information, and even launch attacks.

You may remember a couple of years ago when thousands of infected devices were used to take down the websites of internet giants like Twitter and Netflix by overwhelming them with traffic. The owners of those devices were regular consumers, who had no idea that their IP cameras and DVRs had been compromised. You may also have heard stories of people who were eavesdropped on via their baby monitors, digital assistants, and webcams when their private networks were breached.

Unfortunately, these are not rare cases. In recent months, the “Internet of Things” (IoT) has been used repeatedly to spy on businesses, launch attacks, or even deliver cryptojacking malware or ransomware.

Still, given the benefits we get from these devices, they are probably here to stay.  We just need to acknowledge that today’s “smart” devices can be a little “dumb” when it comes to security. Many lack built-in security protections, and consumers are still learning about the risks they can pose. This is particularly concerning since the market for smart devices is large and growing. There are currently 7 billion IoT devices being used worldwide, and that number is expected to grow to 22 billion by 2025.

Cybercrooks have already taken note of these opportunities since malware attacks on smart devices have escalated rapidly. In fact, McAfee reported that malware directed at IoT devices was up 73%in the third quarter of 2018 alone.

So, whether you have one IoT device, or many, it’s worth learning how to use them safely.

Follow these smart home safety tips:

  • Research before you buy—Although most IoT devices don’t have built-in protection, some are safer than others. Look for devices that make it easy to disable unnecessary features, update software, or change default passwords. If you already have an older device that lacks many of these features, consider upgrading it.
  • Safeguard your devices—Before you connect a new IoT device to your home network — allowing it to potentially connect with other data-rich devices, like smartphones and computers— change the default username and password to something strong, and unique. Hackers often know the default settings and share them online.Then, turn off any manufacturer settings that do not benefit you, like remote access. This is a feature some manufacturers use to monitor their products, but it could also be used by cybercrooks to access your system. Finally, make sure that your device software is up-to-date by checking the manufacturer’s website. This ensures that you are protected from any known vulnerabilities.
  • Secure your network—Your router is the central hub that connects all of the devices in your home, so you need to make sure that it’s secure. If you haven’t already, change the default password and name of your router. Make sure your network name does not give away your address, so hackers can’t locate it. Then check that your router is using an encryption method, like WPA2, which will keep your communications secure. Consider setting up a “guest network” for your IoT devices. This is a second network on your router that allows you to keep your computers and smartphones separate from IoT devices. So, if a device is compromised, a hacker still cannot get to all the valuable information that is saved on your computers. Check your router’s manual for instructions on how to set up a guest network. You may also want to consider investing in an advanced internet router that has built-in protection and can secure and monitor any device that connects to your network.
  • Install comprehensive security software –Finally, use comprehensive security software that can safeguard all your devices and data from known vulnerabilities and emerging threats.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post How To Secure Your Smart Home appeared first on McAfee Blogs.

What MWC 2019 Shows Us About the Future of Connectivity

The time has come to say goodbye to Barcelona as we wrap up our time here at Mobile World Congress (MWC). Although it’s hard to believe that the show is already over, MWC 2019 managed to deliver a slew of showstoppers that captured our attention. Here are some of my main takeaways from the event:

Foldable Phones Are the Future

 MWC is an opportunity for telecommunications companies, chipmakers, and smartphone firms to show off their latest and greatest innovations, and they sure delivered this year. One particular device that had the show floor buzzing was the Huawei Mate X, a 5G-enabled smartphone that folds out to become an 8-inch tablet. Additionally, Samsung revealed its plans to hold a press event in early April for its foldable smartphone, the Galaxy Fold. Unlike Huawei’s Mate X, the Galaxy Fold bends so that it encloses like a book. Although neither of these devices are available at to the public yet, they’ve definitely made a bold statement when it comes to smartphone design.

Smart Home Technology Goes Mobile

 Google is one company taking advantage of smartphone enhancements by putting its Google Assistant into the Android texting app. Assistant for Android Messages allows slices of Google search results to be laid out for users based on their text messages. For example, if one user texted another asking to grab some lunch, a bubble would pop up authorizing Assistant to share suggestions for nearby restaurant locations. While Assistant for Android currently only works for movies and restaurants, we can imagine how this technology could expand to other facets of consumer lives. This addition also demonstrates how AI is slowly but surely making its way onto almost every high-end phone through its apps and other tools.

Enhancing the Gaming Experience with 5G, VR, and AR

Not to be shown up, gaming developers also made a statement by using 5G technology to bring gamers into a more immersed gaming environment. Mobile game developer Niantic, creator of Pokémon Go and the upcoming Harry Potter: Wizards Uniteapp, is already working on games that will require a 5G upgrade. One such prototype the company showcased, codenamed Neon, allows multiple people in the same place to play an augmented reality (AR) game at the same time. Each players’ phone shows them the game’s graphics superimposed on the real world and allows the players to shoot each other, duck and dodge, and pick up virtual items, all in real-time.

Niantic wasn’t the only one looking to expand the gaming experience with the help of 5G. At the Intel and Nokia booths, Sony set up an Oculus Rift VR game inspired by Marvel and Sony’s upcoming film Spider-Man: Far From Home. Thanks to the low latency and real-time responsiveness of 5G, one player in the Nokia booth was able to race the other player in the Intel booth as if they were swinging through spiderwebs in Manhattan. Players were able to experience how the next-generation of wireless technology will allow them to participate in a highly immersive gaming experience.

Bringing 4G and 5G to the Automotive Industry

Gaming isn’t the only industry that’s getting a facelift from 5G. At the show, Qualcomm announced two new additions to their automotive platform: the Qualcomm Snapdragon Automotive 4G and 5G Platforms. One of the main features of these platforms is vehicle-to-everything communication, or C-V2X, which allows a car to communicate with other vehicles on the road, roadside infrastructure, and more. In addition, the platforms offer a high-precision, multi-frequency global navigation satellite system, which will help enable self-driving implementations. The platforms also include features like multi-gigabit cloud connectivity, high bandwidth low latency teleoperations support, and precise positioning for lane-level navigation accuracy. These advancements in connectivity will potentially help future vehicles to improve safety, communications, and overall in-car experience for consumers.

Securing Consumers On-the-Go

The advancements in mobile connectivity have already made a huge impact on consumer lifestyles, especially given the widespread adoption of IoT devices and smart gadgets. But the rise in popularity of these devices has also caught the interest of malicious actors looking to access users’ networks. According to our latest Mobile Threat Report, cybercriminals look to trusted devices to gain access to other devices on the user’s home network. For example, McAfee researchers recently discovered a vulnerability within a Mr. Coffee brand coffee maker that could allow a malicious actor to access the user’s home network. In addition, they also uncovered a new vulnerability within BoxLock smart padlocks that could enable cybercriminals to unlock the devices within a matter of seconds.

And while consumers must take necessary security steps to combat vulnerabilities such as these, we at McAfee are also doing our part of help users everywhere remain secure. For instance, we’ve recently extended our partnerships with both Samsung and Türk Telekom in order to overcome some of these cybersecurity challenges. Together, we’re working to secure consumers from cyberthreats on Samsung Galaxy S10 smartphones and provide McAfee Safe Family protection for Türk Telekom’s fixed and mobile broadband customers.

While the likes of 5G, bendable smartphones, and VR took this year’s tradeshow by storm, it’s important for consumers to keep the cybersecurity implications of these advancements in mind. As the sun sets on our time here in Barcelona, we will keep working to safeguard every aspect of the consumer lifestyle so they can embrace improvements in mobile connectivity with confidence.

To stay on top of McAfee’s MWC news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post What MWC 2019 Shows Us About the Future of Connectivity appeared first on McAfee Blogs.

McAfee Partners With Telefónica To Help Secure Consumers Worldwide

These days, cyberattacks can feel relentless. Due to the interconnected nature of the world we live in, cybercriminals have managed to infiltrate our personal devices, our networks, and even our homes. That’s why we at McAfee believe it’s important now more than ever to secure every facet of the modern consumer lifestyle. And we’ve partnered with Telefónica to do just that.

This partnership first began back in February of last year, when ElevenPaths, Telefónica Cyber Security Unit, and McAfee announced we’re working together to reinforce the online security of Telefónica’s broadband and mobile customers across multiple markets. This partnership covers Europe and Latin America with plans to progressively roll out solutions in the different countries where Telefónica operates. It’s the first time a telecommunications company has delivered a security service to all of its customers, regardless of where they connect from. Fast forward to present day, and this partnership has only expanded. The global product developed by Telefónica and powered by McAfee was first launched in Spain as Movistar Conexión Segura, a service that protects home and mobile customers’ connectivity. Telefónica protects Fusión customers’ home connections with a smart router, thanks to the ElevenPaths solution powered by McAfee Secure Home Platform, which enables seamless security and easy activation. Conexión Segura is also available for Movistar mobile customers, including network protection and one license of Seguridad Dispositivo, a multi-device security protection. Only a few weeks after Spain, Movistar Argentina launched the solution for its fixed and mobile customers. These services help realize Telefónica’s “Security by Default” strategy, offering customers a more robust security solution that protects against threats like viruses, malware, phishing, and emerging IoT threats.

Telefónica and McAfee’s 360 partnership is dedicated to protecting the productivity of consumers everywhere. “This agreement gives customers current and contextual information on their cybersecurity status so they can stay connected with confidence,” said Pedro Pablo Pérez, Global Security VP of Telefónica and CEO of ElevenPaths, Telefónica Cybersecurity Unit.

ElevenPaths and Mcafee’s joint vision to create a more secure tomorrow brings us a step closer to stopping widespread cyberattacks. By joining forces to implement more robust security solutions around the world, we can ensure that our connectivity goes undisrupted. Because together is power.

To learn more about consumer security and our approach to it, be sure to follow us at @ElevenPaths and @McAfee.

The post McAfee Partners With Telefónica To Help Secure Consumers Worldwide appeared first on McAfee Blogs.

Kicking Off MWC 2019 with Insights on Mobile Security and Growing Partnerships

We’ve touched down in Barcelona for Mobile World Congress 2019 (MWC), which is looking to stretch the limits of mobile technology with new advancements made possible by the likes of IoT and 5G. This year, we are excited to announce the unveiling of our 2019 Mobile Threat Report, our extended partnership with Samsung to protect Galaxy S10 smartphones, and our strengthened partnership with Türk Telekom to provide a security solution to protect families online.

Mobile Connectivity and the Evolving Threat Landscape

These days, it’s a rare occurrence to enter a home that isn’t utilizing smart technology. Devices like smart TVs, voice assistants, and security cameras make our lives more convenient and connected. However, as consumers adopt this technology into their everyday lives, cybercriminals find new ways to exploit these devices for malicious activity. With an evolving threat landscape, cybercriminals are shifting their tactics in response to changes in the market. As we revealed in our latest Mobile Threat Report, malicious actors look for ways to maximize their profit, primarily through gaining control of trusted IoT devices like voice assistants. There are over 25 million voice assistants in use across the globe and many of these devices are connected to other things like thermostats, door locks, and smart plugs. With this increase in connectivity, cybercriminals have more opportunities to exploit users’ devices for malicious purposes. Additionally, cybercriminals are leveraging users’ reliance on their mobile phones to mine for cryptocurrency without the device owner’s knowledge. According to our Mobile Threat Report, cybersecurity researchers found more than 600 malicious cryptocurrency apps spread across 20 different app stores. In order to protect users during this time of rapid IoT and mobile growth, we here at McAfee are pushing to deliver solutions for relevant, real-world security challenges with the help of our partners.

Growing Partnerships to Protect What Matters

Some cybersecurity challenges we are working to overcome include threats like mobile malware and unsecured Wi-Fi. This year, we’ve extended our long-standing partnership with Samsung to help secure consumers from cyberthreats on Samsung Galaxy S10 smartphones. McAfee is also supporting Samsung Secure Wi-Fi service by providing backend infrastructure to protect consumers from risky Wi-Fi. In addition to mobile, this partnership also expands to help protect Samsung smart TVs, PCs, and laptops.

We’ve also strengthened our partnership with Türk Telekom, Turkey’s largest fixed broadband ISP. Last year, we announced this partnership to deliver cross-device security protection. This year, we’re providing a security solution to help parents protect their family’s digital lives. Powered by McAfee Safe Family, Türk Telekom’s fixed and mobile broadband customers will have the option to benefit from robust parental controls. These controls will allow parents to better manage their children’s online experience and give them greater peace of mind.

We’re excited to see what’s to come for the rest of MWC, and how these announcements will help improve consumers’ digital experiences. It is our hope that by continuing to extend our relationships with technology innovators, we can help champion built-in security across devices and networks.

To stay on top of McAfee’s MWC news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Kicking Off MWC 2019 with Insights on Mobile Security and Growing Partnerships appeared first on McAfee Blogs.

MWC 2019: The Key to Establishing Digital Trust with Intelligent Connectivity

These days, it’s rare to walk into a home that doesn’t have a smart device in use. From voice assistants, smart TVs, tablets, and more, these devices have greatly enhanced our way of life through intelligent connectivity. Intelligent connectivity is defined by the highly contextualized and personal experiences offered by the smart devices we utilize on a daily basis. However, as manufacturers continue to push out the latest technology to stay ahead of their competitors, device security isn’t always top-of-mind. As a result, the level of confidence consumers have in their devices is reduced. At McAfee, we understand that the notion of digital trust is imperative to the future of security as we adopt technologies shaped by the likes of 5G networks, the Internet of Things (IoT), artificial intelligence (AI), and big data. And as we head into Mobile World Congress 2019 (MWC), one can’t help but wonder, how will these advancements shape the future of mobile connectivity?

Almost every new device is built to connect, and as our 2019 Threats Predictions Report showed us, our dependence on technology is ubiquitous. Take your smartphone, for example. Everywhere you go, this minicomputer allows you to chat with your friends online, send emails, and look up new information with just the press of a button. Only upping the ante, 5G is set to roll out across the nation, bringing greater speed to handheld devices with more data and lower latency. These benefits will set the stage for more IoT devices, such as your smart refrigerator or smart plug, to connect to the network as well. The ability to control the temperature of your refrigerator from your smartphone is a pretty cool capability. But what happens if your smartphone gets hacked and a cybercriminal remotely disables your refrigerator? You may be left with a bigger problem than some spoiled food.

With all of your smart devices on the same 5G network, malicious actors can gain full access to the data that lives in your smart home technology through just your mobile phone. The increase in devices on the 5G network also increases the risk of Distributed Denial-of-service, or DDoS, attacks. These attacks are caused by cybercriminals flooding a network with so much traffic that it can’t operate or communicate as it normally would. And with more IoT devices operating on the 5G network, the consequences of such a cyberattack could be truly crippling. So, how can we continue to trust the devices we use on a daily basis despite the cybersecurity risks caused by greater connectivity?

Digital trust, or the level of confidence consumers have in their technology and mobile devices, is extremely delicate. And as our experiences with our devices become more and more personalized thanks to intelligent connectivity, it’s important to realize that it can’t be intelligent if there is no trust. That’s why consumers should embrace advancements in mobile technology but remember to keep cybersecurity practices at the forefront.

Whether you’re headed out to Barcelona for MWC 2019 or watching from afar, we here at McAfee are committed to helping you take the necessary precautions required in order to connect with confidence in a world where everything is built to connect.

Stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post MWC 2019: The Key to Establishing Digital Trust with Intelligent Connectivity appeared first on McAfee Blogs.

The Risks of Public Wi-Fi and How to Close the Security Gap

public wi-fi risksAs I write this blog post, I’m digitally exposed, and I know it. For the past week, I’ve had to log on to a hospital’s public Wi-Fi each day to work while a loved one recuperates.

What seems like a routine, casual connection to the hospital’s Wi-Fi isn’t. Using public Wi-Fi is a daily choice loaded with risk. Sure, I’m conducting business and knocking out my to-do list like a rock star but at what cost to my security?

The Risks

By using public Wi-Fi, I’ve opened my online activity and personal data (via my laptop) up to a variety of threats including eavesdropping, malware distribution, and bitcoin mining. There’s even a chance I could have logged on to a malicious hotspot that looked like the hospital network.

Like many public Wi-Fi spots, the hospital’s network could lack encryption, which is a security measure that scrambles the information sent from my computer to the hospital’s router so other people can’t read it. Minus encryption, whatever I send over the hospital’s network could potentially be intercepted and used maliciously by cybercriminals.

Because logging on to public Wi-Fi is often a necessity — like my situation this week — security isn’t always the first thing on our minds. But over the past year, a new normal is emerging. A lot of us are thinking twice. With data breaches, privacy concerns, the increase in the market for stolen credentials, and increasingly sophisticated online scams making the headlines every day, the risks of using public Wi-Fi are front and center.

Rising Star: VPNpublic wi-fi risks

The solution to risky public Wi-Fi? A Virtual Private Network (VPN). A VPN allows users to securely access a private network and share data remotely through public networks. Much like a firewall protects the data on your computer, a VPN protects your online activity by encrypting your data when you connect to the internet from a remote or public location. A VPN also conceals your location, IP address, and online activity.

Using a VPN helps protect you from potential hackers using public Wi-Fi, which is one of their favorite easy-to-access security loopholes.

Who Needs a VPN?

If you (or your family members) travel and love to shop online, access your bank account, watch movies, and do everyday business via your phone or laptop, a VPN would allow you to connect safely and encrypt your data no matter where you are.

A VPN can mask, or scramble, your physical location, banking account credentials, and credit card information.

Also, if you have a family data plan you’ve likely encouraged your kids to save data by connecting to public Wi-Fi whenever possible. Using a VPN, this habit would be secured from criminal sniffers and snoopers.

A VPN allows you to connect to a proxy server that will access online sites on your behalf and enables a secure connection most anywhere you go. A VPN also allows hides your IP address and allows you to browse anonymously from any location.

How VPNs work

To use a VPN you subscribe to VPN service, download the app onto your desktop or phone, set up your account, and then log onto a VPN server to conduct your online activity privately.

If you are still logging on to public Wi-Fi, here are a few tips to keep you safe until VPNs become as popular as Wi-Fi.

Stay Safe on Public Wi-Fi 

Verify your connection. Fake networks that mine your data abound. If you are logging on to Wi-Fi in a coffee shop, hotel, airport, or library, verify the exact name of the network with an employee. Also, only use Wi-Fi that requires a password to log on.public wi-fi risks

Don’t get distracted. For adults, as well as kids, it’s easy to get distracted and absorbed with our screens — this is risky when on public Wi-Fi, according to Diana Graber, author of Raising Humans in a Digital World. “Knowing how to guard their personal information online is one of the most important skills parents need to equip their young kids with today,” says Graber. “Lots of young people visit public spaces, like a local coffee shop or library, and use public Wi-Fi to do homework, for example. It’s not uncommon for them to get distracted by something else online or even tempted to buy something, without realizing their personal information (or yours!) might be at risk.”

Disable auto Wi-Fi connect. If your phone automatically joins surrounding networks, you can disable this function in your settings. Avoid linking to unknown or unrecognized networks.

Turn off Wi-Fi when done. Your computer or phone can still transmit data even when you are not using it. Be sure to disable your Wi-Fi from the network when you are finished using it.

Avoid financial transactions. If you must use public Wi-Fi, don’t conduct a sensitive transaction such as banking, shopping, or any kind of activity that requires your social security or credit card numbers or password use. Wait until you get to a secured home network to conduct personal business.

Look for the HTTPS. Fake or unsecured websites will not have the HTTPS in their address. Also, look for the little lock icon in the address bar to confirm a secure connection.

Secure your devices. Use a personal VPN as an extra layer of security against hackers and malware.

The post The Risks of Public Wi-Fi and How to Close the Security Gap appeared first on McAfee Blogs.

How Safe is Your Child’s School WiFi?

School WiFi. For many of our digital natives, school WiFi may even be a more important part of their daily life than the canteen!! And that is saying something…

You’d be hard pressed to find a child who rocked up to school without a device in their backpack in our digital age. The vast majority of schools have embraced the many positive learning benefits that internet-connected devices offer our kids. The traditional blackboard and textbook lessons that were confined to the four walls of the classroom are gone. Instead our kids can research, discover, collaborate, create and most importantly, learn like never before.

But in order for this new learning to occur, our kids need to be internet connected. And this is where school WiFi comes into play.

Do Parents Need to Be Concerned About School WiFi?

As parents, we have a responsibility to ensure our kids are safe and not at risk – and that includes when they are using the WiFi at school. Ideally, your child’s school should have a secure WiFi network but unfortunately, that doesn’t mean that they do. School budgets are tight and top-notch secure WiFi networks are expensive, so in some cases, security maybe jeopardised.

The other factor we shouldn’t ignore is that our batch of digital natives are very tech literate. The possibility that one of them may choose to cause some mayhem to their school WiFi network should also not be ignored!!

At the end of the day, the security of a WiFi network is all about whether it has tight access controls. If it allows only approved devices and people to connect via a secure login then it is more secure than public WiFi. However, if it is open to anyone or easy for anyone to connect to it, then you need to treat it like public WiFi.

What Are the Risks?

An unsecured school WiFi network is as risky as public WiFi which, according to the Harvard Business Review, is as risky as rolling a dice,

Students and staff who use an unsecured WiFi network are at risk of receiving phishing emails, being the victim of a ransomware attack or even having their data or personal details stolen. There is also a risk that the entire school’s operations could be disrupted and possibly even closed down through a DDOS – a Denial of Service Attack.

What Can Parents Do to Ensure Their Kids Are Safe Using School WiFi?

There are several steps parents can take to minimise the risks when their offspring use school WiFi.

  1. Talk To Your School

The first thing to do is speak to your child’s school to understand exactly how secure their network is. I’d recommend asking who has access to the network, what security practices they have in place and how they manage your child’s private data.

  1. Install Security Software

Operating a device without security software is no different to leaving your front door unlocked. Installing security software on all devices, including smartphones, will provide protection against viruses, online threats, risky websites and dangerous downloads. Check out McAfee’s Total Protection security software for total peace of mind!

  1. Keep Device Software Up To Date

Software updates are commonly designed to address security issues. So ensuring ALL your devices are up to date is a relatively easy way of minimising the risk of being hacked.

  1. Schedule Regular Data Back Up

If you are the victim of a ransomware attack and your data is backed up then you won’t even have to consider paying the hefty fee to retrieve your (or your child’s) data. Backing up data regularly should be not negotiable however life can often get in the way. Why not schedule automatic backups? I personally love online backup options such as Dropbox and Google Drive however you may choose to invest in a hard drive.

  1. Public Wi-Fi Rules?

If after talking to your school, you aren’t convinced that your child’s school WiFi network is secure, then I recommend that your kids should treat it as if it was public WiFi. This means that they should NEVER conduct any financial transactions using it and never share any personal details. But the absolute best way of ensuring your child is safe using an unsecured WiFi network, is to use a Virtual Private Network (VPN). A VPN like McAfee’s Safe Connect creates an encrypted tunnel so anything that is shared over WiFi is completely safe.

As a mum of 4, I am very keen to ensure my kids are engaged with their learning. And in our digital times, this means devices and WiFi. So, let’s support our kids and their teachers in their quest for interactive, digital learning but please don’t forget to check in and ensure your kids are as safe as possible while using WiFi at school.

Take Care

Alex xx

The post How Safe is Your Child’s School WiFi? appeared first on McAfee Blogs.