Security Awareness in The Home Office | Antivirus Software

There is still a deep gap between the importance and actual implementation of security awareness measures in the home office. The Corona period should be reason enough to finally anchor the issue of awareness centrally in the organization. In order to protect yourself against viruses and other attacks in the digital world, our protection formula helps to print out.

Need for Clarification in The Home Office

There's no telling yet when we'll be able to return to the office. The home office will continue to be normal. But what about cybersecurity? More recent studies speak for themselves : 81% of all employees complain that they have not received any specific guidelines or training on cybersecurity for working from home.

And that with increasing risk in the home office : According to a survey by OTRS among 500 IT managers, 80% have clearly increased concerns about IT security. Not only on the technical side such as IT configuration and support, missing incident response processes, but also on the human factor.

If there was no concept to sensitize employees before Corona, it cannot get better during Corona, or it takes time to be readjusted.

IT Security Has to Get out Of the Corner

Basically, it is essential to place IT security at different decision-making levels in the company and to establish these as elementary standard processes in the company. IT security is not exclusively part of the IT department of an organization, as long as the human factor is involved in the IT security process.

We need campaigns in organizations. Not only selectively, but as an established standard process that makes cybersecurity transparent and repeatedly addresses and values ​​the actions of people and the support of employees.

During the Corona period, we all saw: In times of crisis, all energy flows into coping with this special situation and there is little or no time to think carefully about the need to raise employee awareness.

If IT security does not “run along” subconsciously with people, nobody can be asked to act carefully in extreme situations. Only when awareness is subconsciously present can people fall back on these skills at any time in exceptional situations - but also in everyday life.

Knowing - Understanding - Acting

However, we do not achieve this status through individual employee training courses, but rather through specific, targeted campaigns that shape the everyday work of employees and become part of it. The following points play a key role for success and should be the subject of an awareness workshop :

§  Campaigns or programs identify the topics that have the greatest influence on the framework conditions and requirements of the organization.

§  The program goes beyond an annual measure and takes into account recurring awareness measures spread over the year .

§  The content of the measures is conveyed specifically to target groups and according to didactic standards , so that behavioral changes at work, at home and when traveling are encouraged.

The focus must be on strengthening the self-efficacy of people in companies and making it clear that everyone can make their contribution to IT security. There are no software updates or firewalls for social engineering, which is why the topic plays a special role in IT.

Security Awareness in The Home Office with PPAKMAS!

And this is where a “midnight formula” of IT security awareness can come into play. In the meantime we all know the “ AHA + AL formula ” against infections: distance, hygiene, everyday mask, as well as a warning app and regular ventilation. Together, these easy-to-implement measures have a major impact.

With the PPAKMAS formula we provide you with the counterpart for the digital world. So you are on the safe side in the home office!

P (1) Like Password Manager

Use secure passwords that are different for each account . A password manager supports you and prevents a dangerous "mess of paper".

P (2) for Patch Me if You Can

With regular security updates, you close possible gateways for attackers. Applying patches strengthens your digital s protective shield and should therefore be carried out promptly.

A for Hanging Up

Suspicious callers request information about sensitive data, apply pressure or even urge you to make transfers? Our colleague recently experienced a fraud attempt himself and reacted confidently. Take a deep breath and don't be caught off guard. Hang up if you feel uncomfortable.

K Like to Know Contacts

Do you even know your safety officer? Do you know where to report suspicious emails or calls? Do not wait until you get into an emergency situation, but find out about your contact person in advance.

M for Mails Pattern!

Warning signals such as a wrong sender address and other inconsistencies should sound the alarm bells for you. Scary corona mailings are currently circulating more and more. Put it in the trash and if possible: report it.

A for Distance or Switching Off!

There should be a strict distance requirement between third-party devices and company computers. Unknown USB devices such as sticks or gadgets are well-known sources of danger . But don't forget to switch off your new roommates and smart eavesdroppers Alexa & Co.

S for Lock

As trivial as it sounds, lock your screen when you move away. It should be clear to children that your company computer is neither a toy nor a charging station. The general rule is: If you separate personal and professional life, you are on the safe side.

Note: use authorised antivirus software to keep yourself safe.

Users of Hacked Online Services Are at Increased Risk | Free Antivirus

A new study by F-Secure, “The Walking Breached”, shows that people who use hacked services are at a significantly higher risk of falling victim to cybercrime. For users with children, the likelihood is even higher. Sadly, the number of "The Walking Breached" is growing every day.

The fact that user of hacked services, especially if they are parents, are affected by cybercrime far more often should be a wake-up call. Securing not just your own devices and accounts, but the devices and accounts of all family members should be an immediate priority.

Vulnerabilities Fuel Crime

In a recent survey by F-Secure, 18% of respondents - almost one in five - knew that they used one or more online services that had been hacked or had security breaches. * Although this is only a fraction of all Internet users It seems that cybercrime is much more prevalent among respondents who know they are using breached services: 60% of these respondents, or 3 in 5, said they had experienced one or more types of cybercrime in the 12 months before taking the survey compared to just 22% of the other respondents.

The dynamics of a phenomenon known as “ account takeover ” can help explain why injured users experience more crime. Once the credentials are known, attackers can begin a process called “ credential stuffing ” to try on tens of thousands of accounts with very little effort. If they manage to take over the account, they can then begin monetizing it through various forms of fraud known as identity theft.

People who reuse their credentials are at greater risk of account takeover. Each leaked credential becomes something that criminals can easily use to generate more and more profits. And by gaining access to less secure accounts, such as B. a photo editing site, criminals can use the exact same credentials to take control of much more valuable accounts, such as B. Online payment or streaming apps. For example, criminals are in the process of cramming much of the 1.9 million Pixlr user credentials from the Pixlr photo editing site that went online last month into every available online service and finding that many of these credentials are working perfectly.

Although good password advice has been around for nearly a century - use strong, unique passwords for all accounts stored in a trusted password manager - too many users make the cybercriminals' lives easy. 41% use the exact same passwords for different online services. 59% reuse passwords with slight variations.

Parents Suffer More from Data Breaches and Cybercrime

Unfortunately, one reason the risks associated with using the internet are increasing is having children, as the report shows.

People with children who participated in the survey were more likely to have been affected by a security breach, 22% compared to 19% in the general population. They were also more likely to have reported some type of cybercrime in the 12 months before taking the survey - 36% compared to 23% of those without children. People with children were more likely to experience almost every type of cybercrime addressed in the survey than their childless counterparts. And parents who knew of at least one broken account were 70% more likely to be victims of cybercrime than injured users in general (60%).

Some ways that put parents at higher risk include:

·              You have less time to worry about security measures, which include tactics like using a strong, unique password for all accounts and storing them in a trusted password manager or locker.
·         Parents simply have more things to secure - not just their own devices and accounts, but those of their children as well. And getting children to follow safety advice is often not easy.
·         With children, you have a larger digital footprint and are more likely to have personal information leaked online.

One of the challenges of being a good parent can be teaching a child to share their data. However, sharing online is not necessarily caring. This includes sharing passwords between accounts and between family members - or anyone else.

Use the best free antivirus to protect your device from the hacker.

How to Avoid Becoming One of The Walking Breached

The Walking Breached shows how internet users literally get stuck between tree and bark. They rely on online services for much of their lives and they need to trust that these services keep their personal information safe. The report includes several recommendations for protecting accounts before and after a break-in, including:

• 1.    Make an effort to use strong, unique passwords.
• 2.    Do not give out any private information.
• 3.    Whenever possible, go beyond passwords with 2-factor authentication.
• 4.    Monitor the integrity of your personal information by using a trusted service to track whether your information has been disclosed online.
• 5.    Keep track of your accounts by reviewing your bank statements and turning on any alerts offered by financial institutions.
• 6.    Don't underestimate the risk of threats, as accounts can be opened quickly and forgotten just as quickly.

Malware, Viruses and Trojans - the Most Important Threats, Routes of Infection and Signs

Protection against malware, Trojans and viruses is more important than ever given the sophisticated attack techniques used by hackers and cybercriminals. The various types of malware differ primarily in terms of the route of infection, malware technology and damage output. Here are the main types of malware:

• Viruses. They create themselves via duplicates in programs and documents, but do not actively spread.
• Computer worms. Malware number 1 since the triumph of the WWW. Worms actively infect other computers and systems and, unlike viruses, do not need a host.
• Trojan horse e, or Trojan for short. In addition to the “benign” part of the program, they also have a malware part that spreads camouflaged through the use of the useful part by the user.
• Backdoor malware. They are brought in via viruses, worms or Trojan horses and help third parties gain access to the computer. The best-known example: spam mail
• Spyware and adware. These are malicious programs that, in addition to the useful software, research user behaviour and forward the data obtained to third parties, mostly the advertising industry. The malware usually remains active even after the software has been uninstalled. Read more about spyware and adware
• Scareware. This malware manipulates the user by, for example, pointing out alleged dangers such as "virus risk" and luring them into installing or buying harmful software.

Who is actually responsible for malware? Who will circulate you? With what aim? The range of malware originators is wide:

·         Criminal groups: specialized in cybercrime.

·         State organizations: for example secret services.

·         Individuals: nerds and other freaks who want to get famous.

Learn how to stop malware, viruses and trojans with antivirus.

How do users catch computer malware - the most common routes of infection

Even if there are millions of malware types, Trojans, viruses & Co., they have one thing in common: They run camouflaged in the background. Therefore, users should always know the most important sources and routes of infection preventively:

1.    Via e-mail  - manipulated attachments and links, also in spam emails which, for example, smuggle the user onto infected websites. Awareness of this route of infection has increased, but many pests still spread this way. Malware systems combine millions of computers into " botnets ", which are then used as spam hitters.

2.    Via Office programs  - Resourceful programmers, for example, smuggle malware macros into Excel documents. Users often wrongly assume that Office programs cannot be malicious in principle.

3.    By downloading unknown software from the web. - malware is spread particularly frequently via peer-to-peer networks. So the pulled down horror movie from a sharing platform can have much larger, unwanted horror ready for the user.

4.    Via the web browser and plugins - the user surfs on a reputable website, but becomes the victim of cybercrime there. This path of infection, which is now very common, is called "drive-by infection". According to investigations by the Danish security company CSIS Security Group, the main infection routes in the "drive-by infection" are:

• Oracle Java at 37%
• Adobe / Acrobat Reader at 32%
• Adobe Flash at 16%
• Microsoft's Internet Explorer at 10%.

5.    Via social hacking methods such as phishing and pharming - they exploit the good faith of users.

6.    Via infected CD / DVDs and USB sticks  - the malware starts programs automatically as soon as the user inserts a data carrier into the drive. As of Windows 7, protection against this "auto-run" is activated by default.

According to Microsoft's semi-annual security report "Security Intelligence Report", security gaps in user programs (63.5 per cent), Windows and other operating systems (22 per cent) and browsers (14 per cent, see also 4. ) are the main entry points for malware.

How do I know that I have been hit by malware programs and that I am being hacked?

Even if there are now many types of computer malware - they have one thing in common: the malware camouflages its true intention and runs in the background. As a rule, Internet users initially do not notice that they are being attacked. The user should go into alarm mode if he notices the following changes:

• The computer shuts down for no apparent reason and may display a "blue screen".
• The computer does not start at all or only very slowly.
• Significantly reduced speed when starting up or opening files. The malware slows down the computer with its hunger for resources. For example, it is worth taking a look at the Task Manager using the key combination "Ctrl-Alt-Del".
• The mouse reacts much more slowly than usual.
• Programs start by themselves.
• Certain drives, hard disks or data carriers of the operating the system can no longer be accessed.
• Files cannot be edited or saved.
• The Internet browser homepage changed without any action by the user.
• Unwanted toolbars in the browser can be a common indicator of malware.
• Increase in unwanted, annoying popup windows on known, frequently visited websites.
• Unusually or conspicuously frequent password queries or unusual processes in online shopping or online banking.

The Most Wanted Malware | Free Antivirus Software

Trojans as Malware on The Rise - Emotet Is Back

The recently discovered malware agent Tesla is currently the Most Wanted Malware! He specializes in the theft of passwords, the reading of keystrokes and other espionage activities. Now it has become a widespread threat. This is, among other things, the result of the Global Threat Index for September 2019, which was published by Check Point Research, the threat intelligence department of Check Point® Software Technologies Ltd. has been published.

 

Note: Remove Trojan, Emotet, Malware with Free Antivirus Software

The Trojan Emotet Is Back

Also, the Emotet Trojan has returned from its hiatus and is spreading several spam campaigns. Numerous attacks came to light in Germany, including the Berlin Court of Justice, hospitals and a jeweller. Some of the spam campaigns contained emails containing a link to download an infected Word file; others even contained the fraudulent document themselves. When opening the file, victims are prompted to start the macro functions in the document, which then automatically install the Emotet malware.

Maya Horowitz is Director Threat Intelligence & Research Products at Check Point. - Photo: Check Point

“It is not known why the Emotet botnet was discontinued for three months, but we can assume that the inventors brought the features and capabilities up to the state of the art. It is therefore all the more important that companies warn their employees about the risks of phishing e-mails, opening unknown e-mail attachments or clicking dubious links that do not come from a trustworthy source or contact person. You should especially use the latest generation of anti-malware solutions that can automatically filter and check suspicious content from e-mails before they reach the user, ”explains Maya Horowitz, Director Threat Intelligence & Research Products at Check Point.

The Top 3 Most Wanted Malware in September:

In September, the RAT AgentTesla took over the lead with 19 per cent. The Trojan Emotet followed in second and third place with 13 per cent and the InfoStealer Lokibot with 4 per cent. Emotet has maintained its rank compared to the previous month - despite the three-month break.

 

Top 3 Most Wanted Mobile Malware in September:

This month, Lotoor was once again the most widely used malware against mobile devices, followed by AndroidBauts and Haddad. Locator exploits vulnerabilities in the Android operating system to gain root rights on these mobile devices.

 

Top 3 Exploited Vulnerabilities in September:

This month, the MVPower DVR Remote Code Execution vulnerability tops the list of the most exploited vulnerabilities with a global prevalence of 37 per cent. The vulnerability arises when executing remote code in MVPower DVR devices. An attacker can exploit this vulnerability remotely to execute arbitrary code in the affected router via an elaborated request. The Linux System Files Information Disclosure vulnerability follows in second place, closely followed by the Web Server Exposed Git Repository Information Disclosure, which affects 35 per cent of companies worldwide.

6 Tips to Protect Your Email from Internet Fraudster | Antivirus

6 Tips to Teach You About Protecting Your Email

When we were children, many of us learned from our families or teachers not to talk to strangers. Yet somehow, in the virtual world of the Internet, people seem to have forgotten this essential security lesson and willingly participate in information exchanges via email with "strangers." This puts your customers, your data, and your organization in general at risk.

It seems that every day a new type of phishing attack or malicious spam attack is making headlines. More recently, a new form of malware called German Wiper has primarily targeted German companies. Like most malicious programs, it messes with victims' files and demands payment for their safe return. However, instead of encrypting data like traditional ransomware, this non-traditional form of ransomware rewrites a user's files into zeros and ones, ultimately destroying the data.

So how can you help your business avoid being the next victim of a data breach due to phishing, malware, and other predatory tactics? Following the security practices for the use of your email.

1. Create a Comprehensive Cyber Security Plan that Has Email

Having a developed and comprehensive cybersecurity plan can help your business avoid or be prepared to face many of the threats lurking online. No matter how big or small your organization is, if you don't have a cybersecurity plan yet, you should get one now.

Your cybersecurity strategy should include guidelines, policies, recommendations, and requirements regarding the implementation and use of technology. This includes email communications.

2. Regularly Conduct Cyber Awareness Training for Your Employees

Cybersecurity awareness training is vital for every employee at every level in every organization. It doesn't matter if you are a multi-national company or a small family business, whether you work as a CEO, a middle manager or a personal assistant, you are still a potential target for cybercriminals. This means that you must be able to react appropriately to email-based threats.

When one of your employees receives a phishing email with some kind of attachment, there are two main ways to respond:

The end-user interacts with the attachment, allowing their computer or device to become infected with malware, which can lead to a breach of your network or even a ransomware attack.

They choose to mark the email as junk or spam, perhaps even taking a moment to send an email to your company's IT team to let them know what just happened.

As the example above shows, effective computer security training can help your employees learn to safely identify and handle spam and phishing emails. This includes training them to properly flag spam and other malicious emails. However, it is essential to emphasize that this training is not a one-size-fits-all solution. It is something that has to happen continually because email scam tactics have evolved. In fact, some phishing emails are so compelling that they can fool even seasoned IT, security experts.

The decision to implement the training is up to you: some companies prefer to offer self-training materials online or in print, others prefer face-to-face or an integration of the two methods. Do what works best for your company and your employees. Just be sure to continue to do so and to regularly test your employees with phishing simulations.

Cybersecurity awareness is like a muscle - the more you work it and keep it engaged, the stronger you get. If you become complacent, you will see your employees' sense of cyber awareness "warp" and become ineffective, leaving your organization defenceless against email-based cyber threats. I'd say no one wants that, but you'd be lying - cybercriminals expect exactly that.

3. Invest in Quality Antivirus

Many antivirus programs come equipped with many features such as mail filters, file scanning capabilities, etc. If so, put these capabilities to work now. These tools can help you identify some forms of malware and other threats by preventing your devices or network from being infected.

Take the time to familiarize yourself with all the functions of your antivirus program. This way, you are not paying for a system and you end up leaving some of its benefits unused. Also, be sure to include information about the antivirus program as part of your employee cyber training. After all, what good is having a solid antivirus program if your employees are just going to ignore it?

4. Create Email Blacklists and Whitelists

If you still don't maintain a current list of banned email addresses (a blacklist), what are you waiting for? This list helps prevent known spammers or cyber threats from reaching your inbox.

Almost as important is what is known as a whitelist, or the list of email addresses that are allowed through your filters and server. This list can also be maintained through those same three components (domain, email address, and IP address/range).

5. Use Strong, Hard-To-Guess Passwords

Cyber-attacks often involve credential compromise because it provides the greatest access for the attacker.

A strong password is one that:

Includes a mixture of uppercase and lowercase letters, numbers, and symbols.

Avoid using words that will be found within the dictionary.

It does not include the names of your pets, family members, favourite teams, or other information that you can easily find on your social media profiles.

Password guessing tools can send hundreds or even thousands of words per minute in brute force attacks.

6. Use the S/Mime Protocol for Encoding and Email Signing

What if there was a way to prove your identity to your email recipients while helping to protect the integrity of your data? That's the job of S / MIME, or the "Multipurpose / Secure Internet Mail Extensions Protocol (S / MIME)", an email security best practice.

This term refers to an email signature protocol that increases email security by:

Create a time-stamped digital signature to confirm the identity of the sender to the recipient;

Encrypt and decrypt the content of emails to provide protection of data at rest and in transit; and

Facilitate the secure exchange of documents over networks.

How to Protect Your Computer from Viruses and Other Dangers | Antivirus Software

Ways to Protect Your Computer from Viruses and Other Dangers

This article offers tips on ways to protect your computer from viruses, hackers, malware, spyware, and other unwanted guests that can lodge on your computer using Antivirus Software. Internet Security and the protection of your computer is something that should be treated with caution and care.

The number of viruses, worms and Trojans that affect computer systems is growing daily. These malicious code programs spread through the network at a speed that is difficult to control and it is difficult for a user to have an exhaustive control of the types and how they can affect us.

There is a growing need for PC protection software whose programs can help you and provide you with methods to prevent attacks on your system. As this demand for Antivirus Software grows, getting it has become easier than ever. Any security software manufacturer can sell their products over the Internet and one can be downloaded within minutes.

Antivirus software updates are available over the Internet that makes fighting the latest viruses simple and effective.

Apart from Antivirus, What Can I Do?

Installing an antivirus program on your PC is critical to computer security, but other practices can help as well. While today's programs are competitive in keeping viruses out as soon as they are discovered, new viruses are created as this article is being written, so you should be Care what you do and surf the net.

Until new viruses are discovered and the prevention measure is carried out, the best way to keep your computer safe is to avoid activities that will allow viruses to infect your computer. After all, prevention is the best cure.

Use a secure browser or browser, like Mozilla Firefox, one of the best browsers for many. Most of the attacks occur against the Internet Explorer has given its greater use. Therefore, the vulnerabilities of Firefox are minor although they also exist. Nor is it infallible. It is ideal for blocking those annoying advertising popups that annoy you so much.

And What About Hackers?

As mentioned before, proper browsing behaviour and a good antivirus program is the best prevention measure. We should not open all the emails with photos or added files that we see. Many of them contain Trojans which will allow a hacker to access our computer. We must not be fooled by these misleading emails.

You can have private information on your computer that should not be seen or stolen and that could cause great disruption if damaged.

If you receive an email with a document of any kind added to the email, scan it with your antivirus and find out if it is infected or not. If you still doubt it, don't open it.

Clean My Computer from Viruses - Which Is Recommended

Any PC can be infected with a computer virus if a good virus protection program is not used to monitor the system and the possible entries of these unwanted programs. Antivirus will scan all the files on your computer to see indications of possible infections. When it finds a virus, the software will try to clean the file or if it cannot, delete it.

It is important to keep your antivirus updated. It should be updated frequently - it is interesting that the manufacturer of your software, sends you news about these types of updates, and if not, visits their website to see us. It never hurts to be prepared. The most popular antivirus software are McAfee, Norton, Protegent360 Antivirus,  and Panda although there are a wide variety of programs available. Some of these companies offer to scan for viruses online.

It is worth installing a firewall called in English "firewall". With this, we will prevent external attacks while we are connected to the Internet and we will know what accesses our computer. A highly recommended free firewall is Zone labs, although it also has a paid professional version.

We also have to be aware of so-called spyware, which are small programs that are installed without our consent and that usually monitor our Internet browsing routines. We recommend for this, a free and very popular program called ad-aware.