Categories
microsoft windows OS

Home network monitoring with Kaspersky Security Cloud

Getting connected has never been so easy. In the not-so-distant past, you might’ve needed technical certification to get a home Wi-Fi network up and running, but that hasn’t been the case for quite a few years. These days, home networking is practically plug-and-play.

Note that we haven’t mentioned security anywhere yet. Of course, any reader of this blog knows that’s a trap. The challenge of home and external networking is to get connected reliably and safely.

When it comes to home networking, we really don’t recommend skipping the few steps needed to get and stay connected in a safe, secure way. That means changing the default network name and password, cutting off remote access, and doing a few other things.

How Kaspersky Security Cloud improves your home network security

The first time you run the latest iteration our all-in-one home security solution, Kaspersky Security Cloud, it automatically gets to know your home network. In addition to protecting the devices you know you have connected to the network, it catalogues all networked devices in case something doesn’t belong.

An example of a network map in Kaspersky Security Cloud

An example of a network map in Kaspersky Security Cloud

In the utility’s Home Network interface, you can view the list of connected devices, add friendly names, and perform some light administration. Critically, the device list includes MAC addresses for all connected devices (as well as the device type and name, its operating system, and IP address, plus a note about which devices are running Kaspersky software). If you see something that doesn’t belong, you can then use your router’s administration software to kick it off the network and block it for good.

Information about a device connected to your network includes its MAC address, which you can use to kick the device off the network and block it in your router's settings

Information about a device connected to your network includes its MAC address, which you can use to kick the device off the network and block it in your router’s settings

Once you have your network mapped and have ensured that every device on it is a welcome one, then outsiders should not be able to help themselves to your network connection. That said, in the event a new device sneaks onto the network, Kaspersky Security Cloud alerts you so that you can quickly cut off its access.

In the event that you would prefer not to be notified about new devices joining your network, Windows users can disable the notifications — ad hoc, using the Disable notifications for this network link in the notification, or through the application’s preferences:

Open the main application window;
Click the network icon that corresponds to your connection type (e.g., wired or wireless) toward the bottom of the window;
In the “Devices in my network” window, click the menu icon (three dots);
Select Disable notifications.

You can also use the above instructions simply to confirm that your notification settings reflect your preferences.

What else is new in Kaspersky Security Cloud?

When we say that Kaspersky Security Cloud gets to know your home network, we should also mention that in its latest iteration, we’ve added wired connections to the map. Although most connections these days are wireless — smartphones, tablets, laptops — it’s also entirely likely you have a stationary device or two wired right to your router with an Ethernet cable.

As fast as Wi-Fi connections are, devices near enough to your router can still benefit from that ultrafast Ethernet connection; and many families still have a central desktop computer plugged in and acting as a household hub. Therefore, we added that visibility to the new Kaspersky Security Cloud.

We also added tools to simplify the process of adding protection to other users’ devices. They include the ability to generate QR codes and share links to help your family members add Kaspersky security to their devices.

You can easily share protection with your family using QR codes

You can easily share protection with your family using QR codes

Features such as automatic checking of e-mail addresses for potential data leaks have bene expanded as well. Account Check already let users know if data associated with their e-mail addresses leaks online; now the feature is substantially easier to use, automatically checking the e-mail addresses users enter when logging in to accounts and also providing the option for users to add e-mail addresses to the list of addresses the product checks.

The Account Check feature lets you know if data associated with your e-mail addresses is leaked online

The Account Check feature lets you know if data associated with your e-mail addresses is leaked online

To home network security and beyond

Securing your home network is also just one more reason to install and maintain the best security available. With just about everything in the world connected to just about everything else, and cybercriminals organized to pounce on everything from one person’s overused passwords to a vulnerability in a huge network, the one true security tip simply doesn’t exist.

It takes a product, ultimately to secure your network. Kaspersky Security Cloud‘s specialized module for home network security adds measures of control for home users.

Read more: kaspersky.co.in

Categories
microsoft windows OS

Ransom from Home – How to close the cyber front door to remote working ransomware attacks

Coronavirus has actually triggered a significant shift to our working patterns. In most cases these will long outlive the pandemic. Working from house has its own threats. One is that you might welcome ransomware attacks from a brand-new type of cyber-criminal who has actually formerly restricted his efforts to straight targeting the business network. Why? Since as a remote employee, you’’ re progressively considered as a soft target—– the open entrance to obtaining cash from your company.

So how does ransomware end up on your front doorstep? And what can a house employee do to shut that door?

The brand-new ransomware patterns

Last year, Trend Micro spotted over 61 million ransomware-related risks, a 10% boost from 2018 figures. Things have actually just gotten even worse from there. There has actually been a 20% spike in ransomware detections internationally in the very first half of 2020, increasing to 109% in the United States. And why is that?

At a standard level, ransomware look for and secures the majority of the files on a targeted computer system, so regarding make them unusable. Victims are then asked to pay a ransom within a set timespan in order to get the decryption secret they require to open their information. If they wear’’ t, and they’sanctuary ’ t backed-up this information, it might be lost permanently.

The pattern of late , nevertheless, has actually been to concentrate on personal and public sector companies whose personnel are working from house (WFH). The reasoning is that remote employees are less most likely to be able to safeguard themselves from ransomware attacks, while they likewise supply a helpful stepping-stone into high-value business networks. Cybercriminals are progressively looking to take delicate information prior to they secure it , even as they’’ re more most likely to bring a greater ransom for their efforts than they do from a common customer, particularly if the remote worker’’ s information is covered by cyber-insurance.

Home employees are likewise being more targeted for a variety of factors:

.They might be more sidetracked than those in the workplace.House network and endpoint security might not depend on business levels.House systems (routers, wise house gadgets, PCs, and so on,) might not be updated and for that reason are more quickly exposed to exploits.Remote employees are most likely to go to insecure websites, download dangerous apps, or share machines/networks with those who do.Business IT security groups might be overwhelmed with other jobs and not able to supply timely assistance to a remote employee.Security awareness programs might have been doing not have in the past, perpetuating bad practice for employees in the house.

What’’ s the attack profile of the remote working hazard?

.

In short, the bad people are now seeking to acquire entry to the business network you might be accessing from house through a VPN, or to the cloud-hosted systems you utilize for work or sharing files , in order to initially take and after that secure business information with ransomware as everywhere as possible into your company. The approaches are familiar. They’’ ll

. Attempt to fool you into harmful habits through e-mail phishing—– the typical method of getting you to click links that reroute you to bad sites that house malware, or getting you to download a bad file, to begin the infection procedure.Take or think your log-ins to work e-mail accounts, remote desktop tools (i.e., Microsoft Remote Desktop or RDP), and cloud-based storage/networks, and so on, prior to they provide the complete ransomware payload. This might occur by means of a phishing e-mail spoofed to look like if sent out from a genuine source, or they might scan for your usage of particular tools and after that attempt to think the password (called brute requiring). One brand-new Mac ransomware, called EvilQuest, has a keylogger developed into it , which might catch your business passwords as you type them in. It’’ s a one-two punch: take the information initially, then secure it. Target malware at your VPN or remote desktop software application, if it’’ s susceptible. Phishing is once again a popular method to do this, or they might conceal it in software application on gush websites or in app shops. This provides a grip into your company’’ s systems and network. Target clever house devices/routers through vulnerabilities or their easy-to-guess/crack passwords, in order to utilize house networks as a stepping-stone into your business network.

How can I avoid ransomware when working from house?

The great news is that you, the remote employee, can take some reasonably simple actions up front to assist reduce the cascading dangers to your business positioned by the brand-new ransomware. Attempt the following:

.Beware of phishing e-mails. If provided, take benefit of business training and awareness courses.Keep your house router firmware, PCs, Macs, mobile phones, software application, web browsers and running systems as much as date on the most recent variations –– consisting of remote gain access to tools and VPNs (your IT department might do a few of this from another location).Guarantee your house network, PCs, and mobile phones are secured with updated with network and endpoint AV from a trustworthy supplier. (The options must consist of anti-intrusion, anti-web danger, anti-spam, anti-phishing, and obviously, anti-ransomware functions.).If utilized and disable remote access to your house router, make sure remote gain access to tools and user accounts are safeguarded with multi-factor authentication (MFA).Disable Microsoft macros where possible . They’’ re a common attack vector.Back-up essential files frequently, according to 3-2-1 guideline

How Trend Micro can assist

In short, to close the cyber front door to ransomware, you require to secure your house network and all your endpoints (laptop computers, PCs, mobile phones) to be safe. Pattern Micro can assist through

.The Home Network: Home Network Security (HNS) links to your router to safeguard any gadgets linked to the house network —– consisting of IoT devices, laptop computers and mobile phones —– from ransomware and other risks.Desktop endpoints: Trend Micro Security (TMS) provides sophisticated security from ransomware-related risks. It consists of Folder Shield to protect important files from ransomware file encryption, which might be kept in your area or synched to cloud services like Dropbox®®, Google Drive ® and Microsoft ® OneDrive/OneDrive for Business.Mobile endpoints: Trend Micro Mobile Security (likewise consisted of in TMS) safeguards Android and iOS gadgets from ransomware.Protected passwords: Trend Micro Password Manager allows users to safely save and remember strong, distinct passwords for all their apps, sites and online accounts, throughout several gadgets.VPN Protection in your home and on-the-go: Trend Micro’’ s VPN Proxy One ( Mac | iOS ) option will assist guarantee your information personal privacy on Apple gadgets when working from house, while its cross-platform WiFi Protection service will do the exact same throughout PCs, Macs, Android and iOS gadgets when working from house or when linking to public/unsecured WiFi hotspots, as you venture out and about as the coronavirus lockdown relieves in your location.

With these tools, you, the remote employee, can assist shut the front door to ransomware, securing your work, gadgets, and business from information theft and file encryption for ransom.

The post Ransom from Home – – How to close the cyber front door to remote working ransomware attacks appeared initially on .

Read more: blog.trendmicro.com

Categories
microsoft windows OS

These free tools blur protesters’ faces and remove photo metadata

Millions have taken to the streets across the world to protest the murder of George Floyd, an unarmed black man killed by a white police officer in Minneapolis last month.

Protesters have faced both unprecedented police violence and surveillance. Just this week, the Justice Department granted the Drug Enforcement Administration, an agency typically tasked with enforcing federal drug-related laws, the authority to “conduct covert surveillance” on civilians as part of the government’s efforts to quell the protests. As one of the most tech savvy government agencies, it has access to billions of domestic phone records, cell site simulators, and, like many other federal agencies, facial recognition technology.

It’s in part because of this intense surveillance that protesters fear they could face retaliation.

But in the past week, developers have rushed to build apps and tools that let protesters scrub hidden metadata from their photos, and mask or blur faces to prevent facial recognition systems from identifying protesters.

Everest Pipkin built a web app that strips images of their metadata and lets users blur faces — or mask faces completely, making it more difficult for neural networks to reverse blurring. The web app runs entirely in the browser and doesn’t upload or store any data. They also open-sourced the code, allowing anyone to download and run the app on their own offline device.

i built a tool for quickly scrubbing metadata from images and selectively blurring faces and identifiable features. it runs on a phone or computer, and doesn't send info anywhere.

process your images so that you and others are safe:https://t.co/GbQu5ZweDq pic.twitter.com/jKjABTgPRX

— everest (@everestpipkin) May 31, 2020

Pipkin is one of a few developers who have rushed to help protesters protect their privacy.

“I saw a bunch of discourse about how law enforcement is aggregating videos of the protests from social media to identify protesters,” developer Sam Loeschen told TechCrunch. He built Censr, a virtual reality app that works on the iPhone XR and later, which masks and pixelates photos in real-time.

The app also scrubs images of metadata, making it more difficult to identify the source and the location of the masked image. Loeschen said it was an “really easy weekend project.” It’s currently in beta.

📣📣 Announcing censr: a simple camera app for protecting your identity!

available for iPhone XR and up

distributing to protestors and press through TestFlight. Send me a DM for the link! pic.twitter.com/J1Znd2ZKqN

— Sam Loeschen (@polygone_) June 5, 2020

Noah Conk built an iPhone Shortcut that uses Amazon’s facial recognition system and automatically blurs any faces it detects. Conk said in a tweet there was no way to blur images on the device but that he does not save the image.

The idea is smart, but it does mean any photos uploaded could theoretically (and if stored) be obtained by law enforcement with a legal order. You also need to “allow untrusted shortcuts”, which could open the door to potentially malicious shortcuts. Know the risks before allowing untrusted shortcuts, and keep it disabled when you don’t need it.

Helping protesters and others blur and anonymize photos is an idea that’s taking off.

Just this week, end-to-end encrypted messaging app Signal included its own photo blurring feature, one that couldn’t come soon enough as its user base spiked thanks to the massive adoption since the protests started.

Signal founder Moxie Marlinspike said in a blog post that the move was to help “support everyone in the streets,” including those protesting in the U.S. and around the world, in many cases defying social distancing rules by governments put in place to slow the spread of the coronavirus pandemic.

“One immediate thing seems clear: 2020 is a pretty good year to cover your face,” said Marlinspike.

Signal now has built-in face blurring for photos


Read more: feedproxy.google.com

Categories
microsoft windows OS

Public Computers Safety Tips: Interview with Cybersecurity Expert Ravi Bahethi

Read the complete story

.

Read more: hackernoon.com

Categories
microsoft windows OS

How Windows 7’s End of Life Affects Colleges and Universities

The day has actually gotten here: As of January 14, Microsoft is no longer providing assistance or updates for Windows 7. The most recent and most updated variation of the Windows os is Windows 10 . It includes more powerful integrated security, swifter performance, more stability —– and, more most importantly, continuous and active assistance from Microsoft.

If your greater education organization hasn’’ t made the switch from Windows 7 to Windows 10, here’’ s a fast rundown on why universities ought to accept Windows 10, how one university browsed the migration and what to do if you sanctuary’’ t began the shift.

MORE FROM EDTECH: Help your group handle the much faster updates in Windows 10.

.Get Institutional Security With Windows 10.

Instead of leaving security updates as much as the user, Windows 10 updates instantly with bug repairs, security spots and basic upgrades. While some private users might feel stymied by not having control, it provides organizations, at minimum, a broad kind of defense.

The security upgrades themselves are significant: Microsoft Defender Advanced Threat Protection provides more powerful preventative security, post-breach detection, and automated examination and action. This level of security maximizes IT groups to concentrate on requirements particular to their organizations rather of by hand examining every inbound danger. Security groups can likewise utilize Windows 10 to craft systems that fit their requirements.

Users will invite Windows 10’’ s increased compatibility with cloud computing along with increased searching security. Organizations that sanctuary’’ t yet made the shift will discover themselves susceptible to attacks and malware. Even if users are thorough about adhering to internally mandated security updates, the defenses themselves merely aren’’ t as strong as those in Windows 10.

Read more: feedproxy.google.com

Categories
microsoft windows OS

Microsoft Launches an Xbox Bounty Program

Microsoft has launched an Xbox Bounty Program designed to find and squash bugs in the Xbox network. And if you can find a vulnerability, whether by actively hinting for one or by stumbling across one, you can claim a reward worth up to $20,000.

Find a Bug and Earn (Potentially) Big Money

Bug bounty programs are everywhere, and can pay out big money. The bigger the vulnerability, the higher the reward, but even the minimum payouts are worthwhile. So, finding vulnerabilities in the products and services you use can earn you pocket money.

Microsoft already has a number of bounty programs actively seeking out vulnerabilities in the company’s products and services. Including the Windows operating system, Office, and Edge. And now, for the first time, Microsoft has launched an Xbox Bounty Program.

How Microsoft’s Xbox Bounty Program Works

In a post on the Microsoft Security Response Center, Microsoft explains that the program is for “gamers, security researchers, and technologists around the world to help identify security vulnerabilities in the Xbox network and services”.

We’re excited to announce the Xbox Bounty Program, which awards up to $20,000 for vulnerabilities in the Xbox network space. Find out more information: https://t.co/4Tsq17ocaH

— Security Response (@msftsecresponse) January 30, 2020

Anyone who finds a vulnerability needs to share it with the Microsoft Xbox team through “Coordinated Vulnerability Disclosure (CVD).” Bugs need to be submitted using the MSRC Submission portal and follow Microsoft’s submission guidelines.

Submissions are eligible for rewards of between $500 and $20,000. Bounties will be “awarded at Microsoft’s discretion based on the severity and impact of the vulnerability and the quality of the submission.” So, be sure to follow the Microsoft Bounty T&Cs.

The highest rewards are reserved for finding proof of a remote code execution or an elevation of privilege. Other bugs included are security feature bypasses, spoofing, and tampering. Some issues, such as denial of service, are listed as “Out of Scope”.

Other Bug Bounty Programs Worth Exploring

The Xbox Bounty Program is just the latest in a long line of bounty programs. And Microsoft is just one of the many big companies involved. With that in mind, we have previously listed some awesome bug bounty programs worth exploring.

Image Credit: Constantin Wiedemann/Flickr

Read the full article: Microsoft Launches an Xbox Bounty Program

Read more: makeuseof.com