Login
Working with a slow PC is always annoying and frustrating. Enduring sudden frozen windows and stuttered animations can make you want to throw the machine out the window.
Take a deep breath, and consider these 8 tips on how to fix a slow PC running Windows.
Why is my Windows Running Slow?
First, here is a general analysis on why your Windows PC is running slow:
|
|
1. Restart your Computer
Many users are accustomed to keeping their computers running for several weeks. Their PC is either running or sleeping with the processes saved all the time. This means the running programs are occupying and filling up their RAM continuously, which can lead to the PC running extremely slowly. In addition, the computer might suffer from some bugs, which trigger programs to eat up much more RAM than they should. To avoid these troubles, restart your PC by clicking on the Windows button, selecting the ‘Power’ button, and choosing the ‘Restart’ button at least once a week.
A small hint: make sure you have saved your ongoing work before you shut down your computer.
2. Adjust setting modes
This is a very simple but often overlooked way to boost your PC’s performance. However, it sacrifices a bit of standby time. When you are not worrying about the state of charge and just pursuing maximum efficiency, you can consider opening Advanced System Setting in Windows for this trick.
Enter “Control Panel” in the Cortana search box in the taskbar. In the pop-up window, click “System,” and then click “Advanced system settings” in the left window, as shown below:
Click “Settings” in the performance bar, as shown in the following figure:
In the pop-up window, you can see that there are four setting modes, set “Adjust for best performance,” and then click OK, as shown in the following figure:
3. Disable Startup Programs
Startup items are programs that the system will run in the foreground or background once your computer is ON. When you download and install software, the “start-up” is usually a default choice. Therefore, if the software is not commonly used and you do not need to use it every time you start your PC, you can remove the check because it can slow down system speed. If you forgot to remove the check when installing the application, you can also make changes using the Task Manager.
To check and manage your startup programs, open the Task Manager (Ctrl + Alt + Del), then switch to the ‘Startup’ tab. You’ll also see the “Startup impact” of each startup program — either Low, Medium, or High. If you see “Not measured,” that’s because it was recently added and Windows hasn’t had a chance to observe the program’s behavior yet.
To prevent a program from launching on startup just right-click and choose “Disable.”
If you are not sure whether you can safely disable some programs, you can search the program online and learn about its function. If you are a little worried, you can download a PC cleaner app, which can automatically identify and classify these items and help you delete the unnecessary ones in batches. Remember to choose those apps without pop-up advertisements and hidden fees.
In addition, you can see the first tab named “Processes” in the picture above. Too many programs running simultaneously can slow down the system speed as well. Some programs may continue running in the background even after you have closed them. Under the “Processes” tab, you can select them and click ‘End task’ at the bottom right. However, be careful about this action because you might close some important processes needed to run Windows.
4. Turn off windows tips and tricks
When searching ways to speed up your PC online, your PC will ask you to disable the “Visual Effects” feature as they use up your PC’s performance. However, this operation needs you to balance the operating speed and the appearance of your PC, and even adjust those settings many times to achieve satisfying visual effects. Instead, here is an item that you can change without a hitch.
When you use a windows PC, Windows will always pay attention to what you are doing and provide tips on what you may want to do with your computer. You may find these tips unhelpful and even feel offended by its constant virtual viewing over your shoulders.
If you want to speed up your PC, you can ask Windows to stop giving you advice. To do this, click the START button, select the Settings icon, and then go to Systems > Notification & actions. Scroll down to the notifications section and uncheck the box labeled “Get tips, tricks, and suggestions as you use Windows.”
5. Run Disk Cleanup
Do not let that “Disk space is almost full” message pop up and stop your work. Too many junk files, useless big files and duplicate files usually cause insufficient disk space. To save gigabytes of disk space for things you really need, you should clean them regularly to free up space.
Here are steps on how to use the built-in Windows utility to run disk cleanup:
Press “WINDOWS + R” and enter the cleanmgr command with parameters:
cleanmgr /sageset
In the Disk Cleanup Settings window, you can find items you can clean.
Note that this operation is only the setting operation of the checked item. It has not been actually cleaned. After clicking OK, you need to press “WINDOWS + R” and enter “cleanmgr /sagerun:99”, and then it can execute specific cleanup operations.
You can also turn ON the storage sense function to remove unnecessary files automatically.
Enter Settings > System > Storage, and then turn ON the Storage sense function to allow Windows to clean up temporary files automatically. It can be set to run automatically every day, every fortnight, every month, or every two months.
Definitely, some cleanup apps can help you do the work more quickly and accurately. Besides useless files, they can even retrieve and delete similar photos. You can evaluate and download them according to your own needs.
6. Clean out your Registry
Registry is an important database, which is used to store the setting information of system and application program running in Windows. As early as Windows 3.0 introduced OLE technology, the registry has appeared. Windows NT was the first operating system to make extensive use of the registry at the system level. However, since the beginning of the Microsoft Windows 95 operating system, the registry has been a critical database that will continue to play a role in the subsequent operating systems.
The command to open the registry is:
Regedit or regedit.exe, regedt32 or regedt32.exe
Under normal circumstances, you can click the operation in the START menu (WINDOWS + R), and then enter regedit or regedit.exe and click OK to open the registry editor of Windows operating system.
The registry is a very messy thing. For example, when a program is uninstalled, the program’s settings are not always cleared in the registry. So over time, it will be filled with various outdated settings. This may lead to poor performance of your PC system.
A word of caution: Editing the registry manually is risky. A mistake can lead to system-level interruptions. Therefore, to clean the registry, it is recommended that a professional registry cleaner is used.
7. Malware and Virus Infection
As we all know, malware and viruses will infect the computer and make it run more sluggishly. There are a large number of antivirus apps in the marketplace. Trend Micro offers several options to consider.
8. Disable third-party services
If you installed a lot of software on your PC, the system may become chaotic and some unexpected problems might occur. For example, several security applications are running at the same time can create conflicts that make the system misbehave. You can disable all third-party software services and only keep the system itself. The system status will also be called “Clean Boot.”
Here is how to perform a clean boot of Windows:
Press “WINDOWS + R” and type “msconfig”, then click OK. Open System Configuration, go to the Services tab and put a tick in the “Hide all Microsoft services” box at the bottom left before choosing the items and hitting Disable all.
We hope the listed solutions can help you boost your PC performance conveniently. Manually checking what is wrong with your Windows can be time-consuming and painstaking. When those irritating system messages pop up and interfere with your work, it is time to turn to a trusted all-in-one system care utility like Cleaner One. By employing this productive worker, you can retrieve and delete unnecessary items, have less clutter, make your computer more efficient, and optimize your Windows OS with just a few clicks. Why not give it a go?
The post How to Speed Up a Slow PC Running Windows OS appeared first on .
The gap in trained, experienced cybersecurity workers is one of those perennial problems: much ink is spilled every year in assessing the scale of the problem, and what can be done about it. We have recently pointed out, for instance, the importance of stopping attacks before they happen, and the fact that you can’t hire your way out of the skills shortage.
As we move into 2020, it's apparent that despite this focus on the problem, it has not been solved. There is still a huge skills gap when it comes to cybersecurity, and in many ways, it is getting worse. According to Cyber Crime Magazine, there may be as many as 3.5 million unfilled cybersecurity jobs by 2021, and recent high-profile cyber breaches provide further evidence that the problem is already becoming acute.
That said, there are some new trends emerging when it comes to managing this crisis. In this article, we'll take a look at some of the innovative ways that companies are getting around the problem.
The Widening Gap
First, some context. At the most basic level, the skills gap in cybersecurity is the product of a simple fact: there are more cybersecurity positions that need to be filled than there are qualified graduates to fill them. This is despite colleges encouraging students to study cybersecurity, and despite companies encouraging their existing employees to retrain.
Look a little deeper, however, and some other reasons for the shortage becomes apparent. One is that a worrying number of qualified professionals are leaving the cybersecurity sector. At cybersecurity conferences, it’s not uncommon to see entire tracks about managing mental health, addiction, and work stress. As these experienced professionals leave the sector, this puts more pressure on younger, less experienced colleagues.
Secondly, a major source of stress for cybersecurity professionals is that they are often assigned total (or at least partial) responsibility for the losses caused by data breaches. In many cases, this is unfair, but persists because many companies still see "security" as a discrete discipline that can be dealt with in isolation from other IT tasks, corporate processes, and reputation management.
Training and Development
Addressing these issues requires more than just increasing the number of qualified graduates. Instead, businesses need to take more innovative approaches to hire, train, and retain cybersecurity staff.
These approaches can be broken down into three types. The first is that cybersecurity training needs to change from an event into a process. Some have argued that traditional, classroom-based cybersecurity training doesn’t reflect the field and that this training needs to be delivered in a more vocational way. Instead of hiring one cybersecurity expert, companies should look to train all of their employees in the basics of cybersecurity.
In fact, even cybersecurity professionals might benefit from this type of training. Despite companies being resistant to spending more on employee training, investing in training has one of the highest ROI that investors can make. In addition, recent developments have made it clear that continuous training is needed – concerns about the security implications of 5G networks, for example, are now forcing seasoned professionals to go back to school.
Secondly, dramatic gains in cybersecurity can be achieved without employing dedicated staff. One of the major positive outcomes of the cybersecurity skills gap, in fact, has been the proliferation of free, easy to use security tools (like VPNs and secure browsers), which aim to make cybersecurity "fool-proof", even for staff with little or no technical training. These tools can be used to limit the risk of cyberattacks without the necessity of complex (and expensive) dedicated security solutions.
Third, the rise of "security as a service" suggests that the cybersecurity sector of the future is one that relies on outsourcing and subcontracting. Plenty of companies already outsource business processes that would have been done in-house just a few years ago – everything from creating a website to outsourcing pen testing – and taking this approach may provide a more efficient way to use the limited cybersecurity professionals that are available.
AI Tools: The Future?
Another striking feature of the cybersecurity skills debate, and one which is especially apparent as we move into 2020, is the level of discussion around AI tools.
Unfortunately, assessing the level of efficacy of AI tools when it comes to improving cybersecurity is difficult. That's because many cybersecurity professionals are skeptical when it comes to AI is a useful ally in this fight. In some ways, they are undoubtedly correct: in a recent study, one popular AI-powered antivirus was defeated with just a few lines of text appended to popular malware.
On the other hand, it must be recognized that cybersecurity pros have a vested interest in talking down how effective AI tools are. If AIs were able to protect networks on their own, after all, cybersecurity pros would be out of a job. Or rather they would be if there were not so many unfilled cybersecurity vacancies.
Ultimately, given the lack of qualified or trained professionals, AI tools are likely to continue to be a major focus of investment for companies from 2020 onwards. This, in turn, entails that IT professionals overcome some of their reticence about working with them, and begin to see AIs less as competitors and more as collaborators.
The Bottom Line
It's also worth pointing out that the individual trends we've mentioned can be seen as working against each other. In some cases, companies have attempted to overcome the skills gap by training large numbers of employees to perform cybersecurity roles. Others have gone in the other direction – outsourcing specific aspects of their cybersecurity to hyper-specialized companies. Others are taking a gamble that AI tools are going to eventually replace the need for (at least some of their) cybersecurity professionals.
Which of these trends is eventually going to dominate the market remains to be seen, but one thing is clear: 2020 is a critical juncture for the entire cybersecurity sector.
Copyright 2010 Respective Author at Infosec IslandIn today’s 24/7 internet access world, network administrators need next-generation web filtering to effectively allow access to the internet traffic they do want, and stop the traffic they don’t want. How does this affect the education vertical, with students in K-12? Well, for starters, a lot has changed since the Children’s Internet Protection Act (CIPA) was enacted in 2000. Adding on to dated Acts, let’s not forget that almost two-decades later, the landscape in academics has shifted drastically. We are no longer working from computer labs on a single-network, we are in the world of various personal devices expecting consistent wi-fi and cloud access.
The internet is insurmountable - and as it continues to rapidly evolve, so should the filtering tactics used to keep students safe. But while the law requires schools and public libraries to block or filter obscene and harmful content, that still leaves room for interpretation.
How Much Web Filtering is Too Much?
A 2017 survey shows that 63% of K-12 teachers regularly use laptops and computers in the classroom, making the topic of web filtering in K-12 environments crucial. With the rise of tech-savvy students and classroom settings, precautions must be taken, however, there is such a thing as ‘over-filtering’ and ‘over-blocking.’
Current laws and guidelines that prevent students from accessing crucial learning and research materials, have become a rising issue that schools and parents are constantly battling with the FCC. As mentioned on the Atlantic, excessive filtering can limit students research on topics that can be useful to, for example, debate teams or students seeking anti-bullying resources. Instead of enforcing the same rules across the entire school or district, network administrators need to develop a solution that offers flexibility and customizable options, pinpointing specific websites, applications and categories that each grade level may access.
Working Together to Clearly Define Web Access
In the past, schools practiced the over-zealous “block everything” approach. Now, it is important for school administrators and IT departments to collectively work together to define web-access by grade, age, project duration and keyword search. This allows students access to educational resources while administrators maintain acceptable parameters in-place - blocking inappropriate content from sites or applications
Assessing Network Necessities
Academic boards can take it one-step further putting access controls on all school networking, including wi-fi networks to control the use of personal devices during school hours.
In addition to Web Filtering, adding controls such as enforcing safe search on popular search engines, and using restricted mode on YouTube will increase productivity, limit cyberbullying, and deny access to students searching for ways to inflict self-harm or perform other acts of violence.
Why limit students education by blocking crucial learning and research materials? By custom-configuring a network to meet the needs of each grade-level and classroom, educators are encouraging students to become academically resourceful. IT departments and school administrators must form a partnership to generate a solution that will allow students, teachers, and administrators access to the educational tools they need.
It’s time to break down the glass wall and acknowledge the presence of educational materials and information that is now available through various media channels and platforms. The internet which was once a luxury accessible to only a few, is now an amenity available to almost anyone - including young students - signifying the importance of fine-tuned web filters and content security across K-12 networks.
Copyright 2010 Respective Author at Infosec IslandWhether you’re trying to inform purchasing decisions or just want to better understand the cybersecurity market and its players, industry analyst reports can be very helpful. Following our recent accolades by Forrester and IDC in their respective cloud security reports, we want to help customers understand how to use this information.
Our VP of cybersecurity, Greg Young, taps into his past experience at Gartner to explain how to discern the most value from industry analyst reports.
The post How To Get The Most Out Of Industry Analyst Reports appeared first on .
This week, we welcome Dave Ferguson, Director of Product Management and WAS at Qualys! Dave will discuss the issue of latent vulnerabilities and how they may linger in your custom-coded web applications and APIs, presenting an enticing target for attackers. In the Application Security News, GitLab Doles Out Half a Million Bucks to White Hats, How can we integrate security into the DevOps pipelines?, Go passwordless to strengthen security and reduce costs - and design your app to support these types of workflows, including account recovery.
Show Notes: https://wiki.securityweekly.com/ASWEpisode89
To learn more, visit: https://securityweekly.com/qualys
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jorge Salamero, Director of Product Marketing at Sysdig, to talk about Runtime Protection for Containers! In our second segment, we welcome back the Legend himself John Strand, to talk about Backdoors & Breaches, an Incident Response Card Game! In the security news, Your Smart Christmas Lights Are Safer Than They Were Last Year, Intels SGX coughs up crypto keys when scientists tweak CPU voltage, Hackers Can Block iPhones and iPads Via AirDrop Attack, How hackers are breaking into Ring Cameras, and Bloomberg accidentally created an Alexa Fleshlight!
Show Notes: https://wiki.securityweekly.com/PSWEpisode630
To learn more about BHIS, visit: https://securityweekly.com/bhis
To learn more about Sysdig, visit: https://securityweekly.com/sysdig
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Laura Jones, Author of a children's book titled Cyber Ky & Tekkie Guy Manage the Risk of Being Online. She focuses on children being as 'appropriately informed' as they are comfortable with using technology! In the Security and Compliance News, Equifax nears 'historic' data breach settlement that could cost up to $3.5B, Maryland Again Amends its Data Breach Notification Law, Hidden Complexity is Biggest Threat to Compliance, Data Security Remains Top IT Concern for Small Businesses and Others, A Compliance Carol: A visit from the Ghost of Compliance Past, and more!
Show Notes: https://wiki.securityweekly.com/SCWEpisode10
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the threat campaign Waterbear and how it uses API hooking to evade security product detection. Also, read about December Patch Tuesday updates from Microsoft and Adobe.
Read on:
Waterbear is Back, Uses API Hooking to Evade Security Product Detection
Previously, Waterbear has been used for lateral movement, decrypting and triggering payloads with its loader component. In most cases, the payloads are backdoors that can receive and load additional modules. However, recently Trend Micro discovered a piece of Waterbear payload with a brand new purpose: hiding its network behaviors from a specific security product by API hooking techniques.
Microsoft December 2019 Patch Tuesday Plugs Windows Zero-Day
Microsoft has released today the December 2019 Patch Tuesday security updates. This month’s updates include fixes for 36 vulnerabilities, including a zero-day in the Windows operating system that has been exploited in the wild.
(Almost) Hollow and Innocent: Monero Miner Remains Undetected via Process Hollowing
Recently, Trend Micro found a cryptomining threat using process hollowing and a dropper component that requires a specific set of command line arguments to trigger its malicious behavior, leaving no trace for malicious activity detection or analysis to reference the file as malicious.
2020 Predictions: Black Hats Begin to Target Facial Recognition Technology
Research interest in defeating facial recognition technology is booming. Adversaries are likely taking notice, but don’t expect widespread adoption overnight. Jon Clay, director of threat communication at Trend Micro, points out that techniques ranging from deep fakes to adversarial machine learning are likely still in an early stage.
US, UK Governments Unite to Indict Hacker Behind Dreaded Dridex Malware
Maksim Yakubets, who allegedly runs Russia-based Evil Corp, the cybercriminal organization that developed and distributed banking malware Dridex, has been indicted in the United States by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC).
Trend Micro, McAfee and Bitdefender Top Cloud Workload Security List
Trend Micro, McAfee and Bitdefender were named among the leaders in a new report from Forrester Research on cloud workload security that covered 13 vendors.
BEC Scam Successfully Steals US $1 Million Using Look-Alike Domains
A Chinese venture capital firm lost US $1 million to scammers who successfully came between a deal the firm had with an Israeli startup. The business email compromise (BEC) campaign used by the attackers consisted of 32 emails and look-alike domains to trick both parties of their authenticity.
Retail Cyberattacks Set to Soar 20% in 2019 Holiday Season
As cybercriminals grow more sophisticated and holiday shoppers continue to flock online, researchers warn internet-based retailers could face a 20 percent uptick in cyberattacks this holiday season compared to last year.
Bug in Ryuk Ransomware’s Decryptor Can Lead to Loss of Data in Certain Files
Ryuk’s decryptor tool could cause data loss instead of reinstating file access to users. According to a blog post from Emsisoft, a bug with how the tool decrypts files could lead to incomplete recoveries, contrary to what the decryptor is meant to achieve.
Hacker Hacks Hacking Platform, Gets Paid $20,000 By the Hacked Hackers
HackerOne operates as a conduit between ethical hackers looking for vulnerabilities, and organizations like General Motors, Goldman Sachs, Google, Microsoft, Twitter, and the U.S. Pentagon, want to patch those security holes before malicious threat actors can exploit them. One of the hackers registered with the platform hacked HackerOne instead and was paid $20,000 (£15,250) by HackerOne as a result.
Trickbot’s Updated Password-Grabbing Module Targets More Apps, Services
Researchers from Security Intelligence have reported on a sudden increase of Trickbot’s activities in Japan, and Trend Micro researchers have found updates to the password-grabbing (pwgrab) module and possible changes to the Emotet variant that drops Trickbot.
Ransomware Recap: Snatch and Zeppelin Ransomware
Two ransomware families with noteworthy features – Snatch and Zeppelin –were spotted this week. Snatch ransomware is capable of forcing Windows machines to reboot into Safe Mode. Zeppelin ransomware, on the other hand, was responsible for infecting healthcare and IT organizations across Europe and the U.S.
Brian Krebs is the CISO MAG Cybersecurity Person of the Year
For the first time, CISO Mag named a Cybersecurity Person of the Year, who is defined as someone who been committed to bringing awareness into the realm of cybersecurity. In addition to recognizing Brian Krebs of KrebsOnSecurity.com, two other individuals were recognized: Trend Micro’s Rik Ferguson, VP of security research, and web security expert Troy Hunt.
Do you think retail cyberattacks will soar higher than 20 percent this holiday season? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: December Patch Tuesday Updates and Retail Cyberattacks Set to Soar 20 Percent During 2019 Holiday Season appeared first on .
This week, we talk Enterprise News, to talk about Barracuda launching Cloud Security Guardian integration with Amazon Detective, Sophos launches new cloud-based threat intelligence and analysis platform, Accenture launches Cloud Native solution to help clients, and 10 notable Cybersecurity acquisitions of 2019, Pt. 2! In our second segment, we welcome James Carder, Chief Security Officer & Vice President at LogRhythm, to discuss Measuring and Maturing Security Operations Maturity! In our final segment, we welcome Jamie Butler, Tech Lead at Elastic Security, to talk about how improving security requires reducing complexity!
Show Notes: https://wiki.securityweekly.com/ESWEpisode165
To learn more about Elastic, visit: https://securityweekly.com/elastic
To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome John Ramsey, Chief Information Security Officer at National Student Clearinghouse, to discuss Security in Education! In the Leadership and Communication Segment, In-depth protection is a matter of basic hygiene, 4 strategies to find time for yourself, Enterprises muddled over cloud security responsibilities, and Screw Productivity Hacks: My morning routine is getting up late!
Show Notes: https://wiki.securityweekly.com/BSWEpisode155
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, How Panasonic is using internet honeypots to improve IoT device security, A new Windows 10 ransomware threat?, 'Hackable' karaoke and walkie talkie toys found by Which?, Linux Bug Opens Most VPNs to Hijacking, New Office 365 Feature Provides Detailed Information on Email Attack Campaigns, and Google Confirms Critical Android 8, 9 And 10 Permanent Denial Of Service Threat! In the expert commentary, we welcome Tyler Robinson, Managing Director of Network Operations at Nisos, Inc, to discuss Sophos Uncovering New Version of Snatch Ransomware!
Show Notes: https://wiki.securityweekly.com/HNNEpisode245
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Allan Friedman, Director of Cybersecurity Initiatives at the NTIA US Department of Commerce, to talk about the Software Bill of Materials! In the Application Security News, GitHub Seeks Security Dominance With Developers, IoT and Agile Framework Partners in Efficacy, WhiteSource acquires & open sources Renovate dependency update toolset, and Java vs. Python: Which should you choose?
Show Notes: https://wiki.securityweekly.com/ASWEpisode88
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Eric Brown, Senior Security Analyst at LogRhythm, to talk about the Outlook on Phishing in 2020! In our second segment, we welcome back Micah Hoffman, Principal Investigator at Spotlight Infosec, to discuss OSINT in Cyber! In the Security News, HackerOne breach lets outside hacker read customers private bug reports, Two malicious Python libraries caught stealing SSH and GPG keys, Smash-and-grab car thieves use Bluetooth to target cars containing tech gadgets, and If You Bought a Smart TV on Black Friday, the FBI Has a Warning for You!
Show Notes: https://wiki.securityweekly.com/PSWEpisode629
To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about stalkerware and why it’s on the rise. Also, read about Trend Micro’s selection as a launch partner for the new Amazon Virtual Private Cloud (Amazon VPC) Ingress Routing service, announced during AWS re:Invent 2019.
Read on:
You’re in Safe Hands with Trend Micro Home Network Security
Your home should be a haven that protects you. In the cyber age, however, your router, computers, TVs, game consoles and smart devices are continuously connected to the internet and run the risk of being hacked—usually when you least expect it. This blog is the first of a three-part series outlining how to implement Home Network Security to protect your home.
Amazon Web Services Recognizes Trend Micro as Launch Partner for New Service
With Amazon VPC Ingress Routing, Trend Micro customers will gain benefits which include more flexibility and control traffic routing with transparent deployment and no need to re-architect. Deploying in-line allows customers to be proactive in their network security, which in turn can prevent and disrupt attacks before they can be successful.
What Worries CISOs Most In 2019
Trend Micro’s VP of infrastructure strategies, Bill Malik, recently sat down with a dozen senior IT security leaders to discuss challenges they are currently facing in light of considerable changes in their business environments. These include the high pace of acquisitions balancing executive and team focuses, bring-your-own-device (BYOD) policies and ransomware infections.
Ransomware Attack Hits Major U.S. Data Center Provider
CyrusOne, one of the biggest data center providers in the U.S., has suffered a ransomware attack and is currently working with law enforcement and forensics firms to investigate the attack. CyrusOne is also helping customers restore lost data from backups.
Stalkerware is government-style surveillance software used by individuals to spy on others, which is usually someone you know. With smartphone usage continuing to rise, a whole mini industry has appeared over the past couple of years selling monitoring software, or more treacherously, trojan spyware and code that can hide itself so that you don’t even know it’s on your device.
The California DMV Is Making $50M a Year Selling Drivers’ Personal Information
The California Department of Motor Vehicles is generating revenue of $50,000,000 a year through selling drivers’ personal information, according to a DMV document obtained by Motherboard. This information includes names, physical addresses, and car registration information.
Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK
Trend Micro has followed cyberespionage group TICK (a.k.a. “BRONZE BUTLER” or “REDBALDKNIGHT”) since 2008 but noticed an unusual increase in malware development and deployments towards November 2018 as part of a campaign dubbed “Operation ENDTRADE.”
Iran Targets Mideast Oil with ZeroCleare Wiper Malware
A freshly discovered wiper malware dubbed “ZeroCleare” has been deployed to target the energy and industrial sectors in the Middle East. According to IBM’s X-Force Incident Response and Intelligence Services (IRIS), ZeroCleare was involved in a recently spotted APT attack on an oil and gas company, in which it compromised a Windows machine via a vulnerable driver.
Trend Micro has found a new spyware family disguised as chat apps on a phishing website. Trend believes that the apps, which exhibit many cyberespionage behaviors, are initially used for a targeted attack campaign.
Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign
In November 2019, Trend Micro analyzed an exploit kit named Capesand that exploited Adobe Flash and Microsoft Internet Explorer flaws. During an analysis of the indicators of compromise (IoCs) in the deployed samples that were infecting the victim’s machines, we noticed that these samples were making use of obfuscation tools that made them virtually undetectable.
Trend Micro More Than Doubles Commitment to Underrepresented Persons in Cybersecurity
This week at AWS re:Invent, Trend Micro announced plans to further strengthen its commitment to underrepresented persons by more than doubling its annual time and financial investments to alleviate the skills and diversity gaps in cybersecurity.
Mobile Security: 80% of Android Apps Now Encrypt Network Traffic by Default
Three years ago, Google started its push to tighten network traffic protection from Android devices to web services. The company has provided an update stating that 80% of Android apps have adopted the HTTPS standard by default. HTTPS encrypts network traffic, preventing third parties from intercepting data from apps.
Magecart Sets Sights on Smith & Wesson, Other High-Profile Stores
After incidents in the past few months that saw the threat actor go after customers of online shops and hotel chains, threat actors from the infamous card-skimming group once again took action, this time on Black Friday on a new set of targets: high-profile stores, including firearms vendor Smith & Wesson (S&W).
Out on a Highway Run: Threats and Risks on ITS and Smart Vehicles
The research firm Counterpoint predicted that by 2022, the number of vehicles with embedded connectivity will grow by 270%. The expected increase in technology adoption, however, does not come without risks — from petty showcases of hacks to possibly bigger threats to safety and financial losses.
StrandHogg Android Vulnerability Allows Malware to Hijack Legitimate Apps
Researchers discovered a vulnerability in Android devices that allows malware to hijack legitimate apps. Using this vulnerability (StrandHogg), cybercriminals could trick users into granting permissions to their malicious apps and provide openings for phishing pages.
Ginp Trojan Targets Android Banking App Users, Steals Login Credentials and Credit Card Details
Counterfeit apps were found carrying a new version of the Android banking trojan Ginp (detected by Trend Micro as AndroidOS_Ginp.HRXB) to steal user login credentials and credit card details. ThreatFabric’s analysis of recent Ginp samples showed that it reused some code from Anubis, an Android malware family notorious for its use in cyberespionage activities before being re-tooled as a banking trojan.
What AWS re:Invent announcement did you find the most interesting? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Trend Micro Selected as Launch Partner for AWS Ingress Routing Service and Stalkerware on the Rise appeared first on .
This week, we talk Enterprise Security News, discussing How Mimecast Challenges Shadow IT for Cloud App Usage on Mobile and Desktop Devices, CloudKnox Security Announces Integration with AWS IAM Access Analyzer, Morphisec Achieves AWS Security Competency Status for Cloud Server Workload Protection, and more! In our second segment, we welcome back Ferruh Mavituna, CEO and Founder at Netsparker, as he'll be talking about how to start building a web security program and a realistic approach to starting a web security program in enterprises! In the final segment, we welcome Heather Paunet, VP of Product at Untangle, to talk about how Untangle will be releasing an SD-WAN Router, which has advanced routing capabilities and provides the ability for a business to build a comprehensive, secure Software-Defined Networking!
Show Notes: https://wiki.securityweekly.com/ESWEpisode164
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter Visit https://www.securityweekly.com/esw
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Mathieu Gorge, CEO at Vigitrust for an interview! In the Security and Compliance News, Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains, Sentara Hospitals to pay $2.2M HIPAA settlement for undisclosed data breaches, Privacy Regs Changing the Face of Cybersecurity, TrueDialog Leaks 600GB of Personal Data, Affecting Millions, CFTC Fines Goldman Sachs $1 Million for Failing to Record Calls, Global Cops Shut 31,000 Domains in IP Crackdown, and more!
Show Notes: https://wiki.securityweekly.com/SCWEpisode9
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Your home should be a haven that protects you. In the cyber age, however, your router, computers, and TVs, your game consoles and smart devices, are continuously connected to the internet and run the risk of being hacked—usually when you least expect it and often without your knowledge. Not only can cybercriminals invade your privacy, they can steal your data, your money and even your identity—if you don’t put the appropriate security measures in place.
Trend Micro Home Network Security (HNS) is specifically designed to be that key security measure for your home network. Attach the HNS station to your router, download and install the management app, pair them up, and HNS immediately begins protecting all the connected devices in your home against a wide variety of threats. These include network intrusions, risky remote connections, phishing, ransomware, harmful websites and dangerous downloads.
Though setup, configuration, monitoring, and maintenance are pretty straightforward, to get the most out of HNS, we’ve written a three-part series to teach you how to maximize its use:
|
|
Sound good? Let’s get started with Part 1!
Once you take the Home Network Security Station out of its box, setup and connection is quick and easy:
|
|
Configuration Modes
Trend Micro’s Home Network Security station is designed to be a Plug-n-Protect device. Upon being connected to your router, it will attempt to automatically sense and enable the optimal Mode.
However, if you are experiencing network instability or connection issues, you can also choose the Mode manually from one of four Modes available for the best performance with your particular router. In order to select the correct Mode, you should first determine your router’s optimal Mode. Go to the HNS eSupport website to check the compatibility of your router or to search for its brand and model. The optimal Mode is indicated for tested routers.
While most routers support the default setting automatically, a small number may require manual setup. An even smaller number are not compatible with Trend Micro Home Network Security.
Some additional information about HNS’s station Modes:
|
|
If you change the mode, run a Test Status check 5 minutes after changing the settings.
Off to a Good Start
As mentioned, after the initial setup, Trend Micro Home Network Security automatically does a network check to see what devices are on your network. (As part of its improved device recognition in version 2.5, released in November 2019, HNS offers more than 150 device icons to help make managing your devices even easier.) If you tap the View Devices button in the resulting popup, HNS provides you with a list of All Devices on the network. By default these online devices are Unassigned. You can create family member profiles, then assign specific devices to each family member later on. (Further information regarding Family Profiles will be discussed in Part 2 of this article series.)
At any time, tap Check Devices to initiate a manual security scan. Once the scan ends, you may see Action Required items displayed in the Dashboard indicator. Tap them to review them. The Action Required screen indicates any security issues that have been discovered. When you tap the panel, you will be able to obtain the Issue Details and read the Potential Risk description to better understand the issue and what you can do to resolve it—or you can also tap Skip for Now to skip the remediation process.
If you decide to proceed with remediation, the HNS App loads your mobile browser and takes you to the Trend Micro eSupport site, which provides more details on the issue. You can scroll through the page to learn more about the possible risks it poses, what you can do to prevent the problem from happening in the future, and places to go for more answers to any questions you may have.
Back in the Dashboard, you can review the HNS Summary protection results in the Security, Parental Controls, Family Members, Top Attacked Devices, and Network Usage panels. You can either tap individual items—e.g., Vulnerability Found, Network Attacks, Web Threats Blocked, etc.—to reveal information on the various threats by device; or you can tap individual panels to show additional details about particular attacks or threats. For a more detailed look, you can check the Timeline to review individual events, which can be filtered by type, such as Security, Parental Controls, Connections, Action Required and System.
Recommended Network and Security Settings
There are a number of useful features that are disabled by default. You can enable these features to heighten your home network protection and maximize user convenience.
|
|
For now, this should be enough to get you off to a good start with Trend Micro Home Network Security. Watch for Part 2 of our HNS Series, where we help you create profiles for family members and set up Parental Controls.
For more information about HNS, go to Trend Micro Home Network Security. For more online support, go to Trend Micro Home Network Security eSupport.
The post You’re In Safe Hands with Trend Micro Home Network Security appeared first on .
This week, we welcome Ward Cobleigh, Senior Product Manager at VIAVI Solutions! In the Leadership and Communications segment, Companies Need to Rethink What Cybersecurity Leadership Is, What Companies That Are Good at Innovation Get Right, Staff in smaller businesses bogged down by poor communications, Why You Should Be Sending More Video Emails And How To Record Them, Enterprises muddled over cloud security responsibilities, and Top tech conferences to attend in 2020!
Show Notes: https://wiki.securityweekly.com/BSWEpisode154
To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Microsoft OAuth Flaw Opens Azure Accounts to Takeover, Vulnerabilities Disclosed in Kaspersky, Trend Micro Products, Critical Code Execution Vulnerability Found in GoAhead Web Server, and StrandHogg Vulnerability Allows Malware to Pose as Legitimate Android Apps! In the expert commentary, we welcome back Adam Gordon from ITPro.TV, to discuss DevSecOps and the Culture Clash in Organizations!
Show Notes: https://wiki.securityweekly.com/HNNEpisode244
To learn more about ITPro.TV, visit: https://securityweekly.com/itpro
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Today, Amazon Web Services (AWS) announced the availability of a powerful new service, Amazon Virtual Private Cloud (Amazon VPC) Ingress Routing. As a Launch Partner for Amazon VPC Ingress Routing, we at Trend Micro are proud to continue to innovate alongside AWS to provide solutions to customers—enabling new approaches to network security. Trend Micro TippingPoint and Trend Micro Cloud One integrate with Amazon VPC Ingress Routing deliver network security that allows customers to quickly obtain compliance by inspecting both ingress and egress traffic. This gives you a deployment experience designed to eliminate any disruption in your business.
Cloud network layer security by Trend Micro
A defense-in-depth or layered security approach is important to organizations, especially at the cloud network layer. That being said, customers need to be able to deploy a solution without re-architecting or slowing down their business, the problem is, previous solutions in the marketplace couldn’t meet both requirements.
So, when our customers asked us to bring TippingPoint intrusion prevention system (IPS) capabilities to the cloud, we responded with a solution. Backed by industry leading research from Trend Micro Research, including the Zero Day Initiative, we created a solution that includes cloud network IPS capabilities, incorporating detection, protection and threat disruption—without any disruption to the network.
At AWS re:Invent 2018, AWS announced the launch of Amazon Transit Gateway. This powerful architecture enables customers to route traffic through a hub and spoke topology. We leveraged this as a primary deployment model in our Cloud Network Protection, powered by TippingPoint, cloud IPS solution, announced in July 2019. This enabled our customers to quickly gain broad security and compliance, without re-architecting. Now, we’re adding a flexible new deployment model.
Enhancing security through partnered innovation
This year we are excited to be a Launch Partner for Amazon VPC Ingress Routing, a new service that allows for customers to gain additional flexibility and control in their network traffic routing. Learn more about this new feature here.
Amazon VPC Ingress Routing is a service that helps customers simplify the integration of network and security appliances within their network topology. With Amazon VPC Ingress Routing, customers can define routing rules at the Internet Gateway (IGW) and Virtual Private Gateway (VGW) to redirect ingress traffic to third-party appliances, before it reaches the final destination. This makes it easier for customers to deploy production-grade applications with the networking and security services they require within their Amazon VPC.
By enabling customers to redirect their north-south traffic flowing in and out of a VPC through internet gateway and virtual private gateway to the Trend Micro cloud network security solution. Not only does this enable customers to screen all external traffic before it reaches the subnet, but it also allows for the interception of traffic flowing into different subnets, using different instances of the Trend Micro solution.
Trend Micro customers now have the ability to have powerful cloud network layer security in AWS leveraging Amazon VPC Ingress Routing. With this enhancement, customers can now deploy in any VPC, without any disruptive re-architecture and without introducing any additional routing or proxies. Deploying directly inline is the ideal solution and enables simplified network security without disruption in the cloud.
What types of protection can customers expect?
When you think of classic IPS capabilities, of course you think of preventing inbound attacks. Now, with Amazon VPC Ingress Routing and Trend Micro, customers can protect their VPCs in even more scenarios. Here is what our customers are thinking about:
Trend Micro Cloud One – Network Security
Amazon VPC Ingress Ingress Routing will be available as a deployment option soon for Cloud Network Protection, powered by TippingPoint, available in AWS Marketplace. It will also be available upon release of our recently announced Trend Micro Cloud One – Network Security, a key service in Trend Micro’s new Cloud One, a cloud security services platform.
The post Network security simplified with Amazon VPC Ingress Routing and Trend Micro appeared first on .
This week, we welcome Sandy Carielli, Principal Analyst at Forrester Research, to discuss the impact of good and bad bots on enterprises and how it is both a security and customer experience problem! In the Application Security News, Analysis of Jira Bug Stresses Impact of SSRF in Public Cloud, DevSecOps Adoption and the Web Security Myth, Facebook, Twitter profiles slurped by mobile apps using malicious SDKs, Firefox gets tough on tracking tricks that sneakily sap your privacy, and Decoding the Modern Enterprise Software Spaghetti!
Show Notes: https://wiki.securityweekly.com/ASWEpisode87
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
We recently held a valuable conversation (and a great dinner) with about a dozen senior IT security leaders in Atlanta, Georgia. I was fortunate to attend and discuss what plagues them most.
Here are some of their concerns.
Many face considerable change in their business environments – one third of the companies called out the high pace of acquisitions as a source of risk.
Acquisitions draw down information security resources disproportionately. First, IT security must participate in the due diligence phase, prior to the actual acquisition. Under significant time pressure, and strictly bound by the terms of the governing NDA, the InfoSec team must verify the integrity of the target environment’s IT infrastructure. It must render a judgment on the trustworthiness of the underlying procedures, the competence of the support team, the appropriateness of funding and staffing, the effectiveness of policy and awareness training, the fitness of the security technology judged against the changing mission of the target firm, and the accessibility of crucial information. In regulated industries, the acquirer has to review past certifications, audit findings and recommendations, and earlier security events, including how they were handled, and how the organization effectively integrated lessons learned into its updated way of doing business. Some of the attendees reported an acquisition every six weeks over the past two years or more. This pace requires efficient process maturity and open communication among the team members, and ample trust.
Some CIOs reported the challenge of balancing the executive team’s need to know with the managerial desire to optimize team focus on critical initiatives. In the Boardroom and among the C-suite, IT remains a hot topic and IT security is a known vulnerability. This leads some organizations toward micromanaging the IT security team. As we all know, this inappropriate focus has two costs: first, it distracts the Board and the C-suite from their primary missions. Second, it distracts the people doing the job from their task. One effective tactic some adopted is the weekly – or even daily – newsletter. This document provides the status for ongoing projects, notes about top performers, assessment of newly discovered vulnerabilities, and pointers towards effective risk mitigation the leadership team can bring to their respective operational areas. When a Board member has a question for the team, the CISO can intercept it and post a response through the newsletter.
Many CISOs discussed their challenges with BYOD policies. Some mentioned concerns with GDPR impeding their ability to wipe corporate applications and information from employee-owned devices. It’s unclear how to balance that business requirement with privacy concerns for smart phones. With laptops, one approach is to limit corporate access through a locked-down virtual desktop image accessed through a secure VPN. An evil-minded employee could take a picture of the screen, but that attack works on a corporate laptop just as well.
BEC remains a concern, along with phishing attacks leading to possible ransomware infections. One approach is to ignore emails from new domains – those that are less than two months old. This would exclude email from nearly all attackers; anyone legitimately trying to reach an employee will try again in time.
The meeting was quite open and convivial. It was an honor to participate in the discussion, and I look forward to similar meetings in the future. My thanks to the participants!
What do you think? Let me know in the comments below, or message me @WilliamMalikTM!
The post What Worries CISOs Most In 2019 appeared first on .
This week, we talk Enterprise News, to talk about how Cloudflare Open-Sources its Network Vulnerability Scanner, Qualys brings its Market Leading Vulnerability Management Solution to the next level, and some acquisition and funding updates from Palo Alto, Cymulate, Detectify, and Perimeter 81! In our second segment, we welcome Ken Belva, CEO, and Founder of OpCode41, to talk about IoT Crusher, Testing for Default & Weak Credentials! In our final segment, we air a Pre-Recorded interview with Brenden O'Conner, Information Security Program Manager at Root Insurance, to discuss Patch Management!
Show Notes: https://wiki.securityweekly.com/ESWEpisode163
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Russell Mosley and Jim Nitterauer, to discuss security and compliance specifically for small businesses where they have been involved with audit and compliance including NIST 800-171, 800-53 (FISMA) and SOC, and how to achieve decent security and meet compliance requirements with limited staff and resources!
Show Notes: https://wiki.securityweekly.com/SCWEpisode8
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Ever get the feeling you’re being followed? Unfortunately, when it comes to our digital lives, this is increasingly the case. But while we’re all keen to boost our followers on social media, it’s a different matter when it comes to anonymous third parties secretly stalking us online. Yes, we’re already tracked by ISPs every time we go online, or by web providers like Google and social sites like Facebook and Twitter. But in these cases, we do get a little back in return: more streamlined, personalized services, and at the least, more relevant (if annoying) advertising. In the best scenario, though, we’d never be tracked without our consent.
With a phenomenon known as stalkerware, however, there’s zero gain for the victim. This is nothing short of government-style surveillance software used by individuals to spy on others – usually someone you know.
What is stalkerware?
We’re all spending more time on our smartphones. For the first time ever this year, time spent on mobile devices exceeded that spent in front of the TV. By 2021, it’s predicted that Americans will be glued to their handsets for nearly four hours per day. We chat and flirt with friends on social media. We post our photos and status updates. We email, text, IM and call via our devices. We also shop, hail taxis, or navigate around town, listen to music or watch YouTube or TV, and even bank online – all from the mini-computer in the palm of our hands.
Unfortunately, for some of us, there are people out there that want to know what we’re doing and who we’re with at all times. It could be a jealous partner, a jilted ex, over-protective parents, or even a suspicious employer. For them, a whole mini-industry has appeared over the past couple of years selling monitoring software, or more treacherously, trojan spyware and code that can hide itself, so you don’t even know it’s on your device. For just a few dollars, individuals can get their hands on an app which can monitor everything you do on your device. This includes
|
|
Breaking the law
Let’s be clear: it’s when monitoring software—and certainly, spyware—is used for stalking that it really becomes stalkerware. That means firms selling monitoring software may be operating in a grey area ethically and legally, depending on how the software is used. While they’re technically legitimate, the surveillance software is usually branded in such a way as to keep them just this side of the law. Think of concerned parents who want to ensure their children are safe, or of employers who want to ensure their staff are where they should be during work hours. That said, those who use such software to spy on individuals without their knowledge or consent are violating ethical standards and breaking the law. And if the software or code is specifically designed to hide itself, as with trojan spyware or spying code—then a line has certainly been crossed. You’re now neck deep in the shady gumshoe world of stalkerware.
There’s a huge range of “spyware” or “monitoring” apps available on the market today, including Retina-X, FlexiSpy, Mobistealth, Spy Master Pro, SpyHuman, Spyfone, TheTruthSpy, Family Orbit, mSpy, Copy9, Spyera, SpyBubble, and Android Spy. Given the often covert nature of the industry, it’s hard to get an accurate picture of exactly how widespread the use of such software for stalking is, although the number of titles on the market should give some indication. Reports from 2017 suggested 130,000 people had an account with Retina-X or FlexiSpy, while it was claimed a few years prior that mSpy had as many as two million users.
Stalkerware, or the use of monitoring software for stalking, represents not only a gross intrusion into your privacy, but also a possible security concern if the companies running these apps are themselves hacked or accidentally leak data belonging to victims of their customers.
How do I know if my phone has been hit?
It can be quite difficult for users of stalkerware to install the spying app on your device without physical access to it. However, malicious links in emails, texts, on websites, or even on social media could represent a potential threat vector if attackers manage to trick you into clicking through to an unwanted install. Although iOS devices are difficult to tamper with unless they’re jailbroken—and jailbreaking itself is trickier than it used to be—Android users are more exposed.
While ‘legitimate’ GPS trackers and the like (such as Life360 and other monitoring apps) are available on Google Play and can be installed as visible apps, stalkerware is typically available on 3rd-party app stores, is installed without the user’s consent, and will do its best to stay hidden on your device, potentially disguising itself under different app or process names. So here are a few things you can do to spot the tell-tale signs something is not quite right:
|
|
How do I keep my device secure?
By its very nature, stalkerware is designed to stay hidden, so it can be hard to spot. But here are a few ideas to keep your device, and life, free from unwarranted snooping:
|
|
How Trend Micro can help
Trend Micro can help you fight against stalkerware on your Android device with Trend Micro Mobile Security. It can scan your device before, during, and after a download to detect for:
|
|
Depending on the type of stalkerware, it could fall into any of the above categories—but Trend Micro Mobile Security can help fight against all of them. Below are typical test examples of the protection processes it provides against Android malware, PUAs, and stalkerware.
Trend Micro also offers protection from PUAs on PCs and Macs via Trend Micro Security, to deal with the broader threat of stalkerware across multiple fixed as well as mobile platforms. Trend Micro Antivirus for Mac also provides protection against webcam hacks, which can be used for stalking.
Together, both solutions can help protect you—and your Windows and Mac desktops and Android mobile devices—against stalkerware.
Tags: Stalkerware, Antimalware, Antivirus, Endpoint Security, Mobile Security
The post Stalking the Stalkerware appeared first on .
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about recent skimming and phishing scams as we head into the holidays and how you can protect yourself and your organization. Also, read about how the p4 hacking team from Poland won Trend Micro’s Capture the Flag (CTF) competition in Tokyo.
Read on:
Skimming Scams and Redirection Schemes Phish Consumers Credentials Days Before Black Friday
Ahead of Black Friday, cybercriminals are busy rolling out schemes to trick consumers into sharing their card credentials. In one skimming operation, threat actors faked a retailer’s third-party payment service platform (PSP), resulting in a hybrid skimmer-phishing page. Another campaign used redirection malware on WordPress websites so that users would land on their malicious phishing page.
Polish Hacking Team Triumphs in Trend Micro CTF Competition
Machine learning, reverse engineering, and unearthing mobile and IoT vulnerabilities were among the disciplines tested during Trend Micro’s latest international capture the flag (CTF) competition. The fifth Raimund Genes Cup final pitted 13 teams of young hackers against one another. The winning team, p4 from Poland, claimed a ¥1 million prize (US $9,000) and 15,000 Zero Day Initiative points per player at the Tokyo event.
Patched GIF Processing Vulnerability CVE-2019-11932 Still Afflicts Multiple Mobile Apps
CVE-2019-11932, a vulnerability in WhatsApp for Android, was patched with version 2.19.244 of WhatsApp, but the underlying problem lies in the library called libpl_droidsonroids_gif.so, which is part of the android-gif-drawable package. While this flaw has also been patched, many applications still use the older version and remain at risk.
Don’t Overlook the Security of Your Supply Chain
In its 2020 Predictions report, Trend Micro states that organizations will face a growing risk from their cloud and the supply chain. The reliance on open source and third-party software and the introduction of modern workplace practices all present immense risks.
Trickbot Appears to Target OpenSSH and OpenVPN Data in Upgraded Password-Grabbing Module
Trickbot, which was a simple banking trojan when it arrived in 2016, has since mutated into a constantly evolving malware family that includes information theft, vulnerability exploitation, and rapid propagation among its capabilities. In Trend Micro’s recent blog, learn more about how to combat Trickbot and other similarly sophisticated threats.
Stranger Hacks into Baby Monitor, Tells Child, ‘I Love You’
A stranger hacked a Seattle couple’s baby monitor and used it to peer around their home remotely and tell the pair’s 3-year-old, “I love you,” the child’s mother said. It’s not the first time the monitor brand in question, Fredi, made by Shenzhen Jinbaixun Technology Co., Ltd., according to its website, has come under fire for being comparatively easy to access.
Microsoft Says New Dexphot Malware Infected More Than 80,000 Computers
Microsoft security engineers detailed today a new malware strain that has been infecting Windows computers since October 2018 to hijack their resources to mine cryptocurrency and generate revenue for the attackers. Named Dexphot, this malware reached its peak in mid-June this year when its botnet reached almost 80,000 infected computers.
How are you protecting yourself from skimming and phishing scams during this holiday season? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Skimming and Phishing Scams Ahead of Black Friday and Polish Hacking Team Wins Capture the Flag Competition appeared first on .
This week, we welcome Nate Fick, GM of Elastic Security and former CEO of Endgame, to discuss Elastic's resource-based pricing! In the Leadership and Communications segment, Why Business Leaders Need to Understand Their Algorithms, How to Do a Digital Detox: 3 Easy Steps for Success, How Remote Workers Make Work Friends, and more!
Show Notes: https://wiki.securityweekly.com/BSWEpisode153
To learn more about Elastic Security, visit: https://securityweekly.com/elastic
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
FreshRSS 