A culture of cybersecurity is essential in today’s organizations to help ensure that they are able to successfully fend off cyberattacks.
The post Organizations advised to invest in a culture of cybersecurity appeared first on WeLiveSecurity.
Monthly Archives: October 2016
Protect Your Privacy in Windows 10 Anniversary Update
The Windows 10 Anniversary Update has arrived, marking the first birthday of Microsoft’s “last operating system”. As promised, the update contains a raft of new features, bug fixes and enhancements.
And taking their promise to improve security and privacy, Microsoft has been quick to emphasise advances in both areas.
Going biometric
One of the flashiest features of Windows 10 is Windows Hello – the biometric login protection system. Compatible devices allow you to log into your computer using a fingerprint – or by snapping a picture of your face using the built-in webcam.
These local security provisions are incredibly hard to crack, reducing the likelihood of someone cracking your password. The latest update is also supposed to have improved the speed of login, so you can start using your computer more quickly.
Behind the scenes
Windows Defender, an anti-virus scanner built directly into Windows, has also received some attention. The tool is intended to protect against software threats to your privacy from the web, the Cloud, or in your email.
According to Microsoft’s own advertising, Windows defender is the only anti-virus tool you need. But are they right?
There are gaps in Microsoft’s armour
According to reviews by independent news websites like CNet, Windows Defender performs relatively well in terms of identifying and removing malware. They do point out however that the tool lags behind specialist antivirus tools, allowing some malware to escape its detection routines.
Windows 10 is undeniably more secure than any of Microsoft’s previous operating systems. But on its own, Windows Defender cannot provide complete protection for your PC running the Windows 10 Anniversary Update. In the last laboratories test (Avtest.org, av-comparatives.org,…), Defender remains in the tail of the antivirus, with reallylow detection rates
There is also the issue of social engineering, where cybercriminals try and trick you into installing malware. Phishing emails from your bank are a classic example – click the links in a forged email and you will be prompted to install an application that is supposed to verify your account, or add online banking features. The reality is that you are being tricked into infecting your computer.
Which means that you really need a second, complementary security package in place to plug the gaps.
Choosing a security tool like Panda Antivirus for Windows allows you to protect against advanced threats, like malware hidden on websites. The parental controls settings allow you to prevent access to risky websites for instance, while the built-in scanner can detect and block viruses and malware as they try to install themselves.
And when the worst happens?
There is always a risk that a brand new virus infects your computer before anyone can release a patch to block it. With the all-new ransomware variants on the loose, it could be that your files are encrypted before the antivirus scanners detect the infection.
The only solution in this situation (other than paying the ransom) is to restore your files from backup. Sophisticated ransomware can also encrypt your Windows backups – so an add-on solution, like the backup function in Panda Antivirus can help. These backups offer additional protection against malware, even uploading critical information from the cloud where it is out of reach by the malware.
These additional backup tools offer a way to get your files back quickly and easily in the event of an infection.
And what about the rest of the devices we have at home?
Today a big danger is to forget to protect the rest of the dives we have at home like Mac, iMac, iphones, Adnroid devices. Windows Does not provide multiplatform security solutions and today is it mandatory to protect smartphones
Security has been tightened in Windows 10, and again in the Anniversary Update. But no platform is ever completely secure – you will always need a second tool to maintain security and privacy. To learn more about securing your PC after the Windows 10 Anniversary Update, click here to download a free trial of Panda Security Complete Protection.
The post Protect Your Privacy in Windows 10 Anniversary Update appeared first on Panda Security Mediacenter.
Can we trust our computers? Many have been tampered with during the manufacturing process.
How can you prevent a manufacturing sabotage from becoming an IT disaster? Securing your company’s network with the right protection measures isn’t always enough. Of course you should install an adequate protection system and ensure that your employees use robust passwords. However, there is something that we cannot control: the manufacturing process.
Did you know that your business’s computers can be manipulated during the manufacturing process? A cybercriminal’s network is very sophisticated. In fact, these hackers have accomplices allover the world, including in factories where parts are produced (like microchips). Since the products are tampered with before the computer is finished, no one really suspects that the pieces are infected after they’re installed.
Luckily, manufacturers have discovered a complex solution that can beat this scheme. A new system was proposed by Siddhard Garg, a computer engineering professor at NYU. He believes that for the tightest security the microchips should be strategically manufactured in different phases.
Garg’s proposal makes it so that cybercriminals never know exactly where the piece will be created, making it difficult or impossible to carry out their plans.
Math makes the difference
Garg’s proposal isn’t a new one. In fact, this idea of distributing the manufacturing process to various factories is already being practiced. However, this professor has gone a step further; his method requires advanced mathematics. Instead of randomly distributing the microchip production, this will ensure the greatest security without heavily increasing the production costs. Garg’s system doesn’t just aim to prevent microchip tampering, it will also stop the production of counterfeit parts that affects both manufacturers and buyers.
With this method, since you aren’t building an entire chip in a same factory, there is no finished design to steal and copy.
The post Can we trust our computers? Many have been tampered with during the manufacturing process. appeared first on Panda Security Mediacenter.
The force to be reckoned with: more crime-fighters join army against ransomware – Forbes
The force to be reckoned with: more crime-fighters join army against ransomware – Forbes
‘No More Ransom’ Goes Global: Another 13 Police Forces Join Fight Against Ransomware
Just three months after the successful launch of the No More Ransom project, law enforcement agencies from a further 13 countries have signed up to fight ransomware together with the private sector.
Vuln: PHP 'password_verify()' Function Out-of-Bounds Read Denial of Service Vulnerability
PHP ‘password_verify()’ Function Out-of-Bounds Read Denial of Service Vulnerability
Vuln: Microsoft Internet Explorer and Edge CVE-2016-3382 Remote Memory Corruption Vulnerability
Microsoft Internet Explorer and Edge CVE-2016-3382 Remote Memory Corruption Vulnerability
Vuln: Magento CMS Flash File Uploader Cross Site Scripting Vulnerability
Magento CMS Flash File Uploader Cross Site Scripting Vulnerability
Vuln: Magento CMS Multiple Cross-Site Request Forgery Vulnerabilities
Magento CMS Multiple Cross-Site Request Forgery Vulnerabilities
CVE-2015-3288
mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.