Login
Working with a slow PC is always annoying and frustrating. Enduring sudden frozen windows and stuttered animations can make you want to throw the machine out the window.
Take a deep breath, and consider these 8 tips on how to fix a slow PC running Windows.
Why is my Windows Running Slow?
First, here is a general analysis on why your Windows PC is running slow:
|
|
1. Restart your Computer
Many users are accustomed to keeping their computers running for several weeks. Their PC is either running or sleeping with the processes saved all the time. This means the running programs are occupying and filling up their RAM continuously, which can lead to the PC running extremely slowly. In addition, the computer might suffer from some bugs, which trigger programs to eat up much more RAM than they should. To avoid these troubles, restart your PC by clicking on the Windows button, selecting the ‘Power’ button, and choosing the ‘Restart’ button at least once a week.
A small hint: make sure you have saved your ongoing work before you shut down your computer.
2. Adjust setting modes
This is a very simple but often overlooked way to boost your PC’s performance. However, it sacrifices a bit of standby time. When you are not worrying about the state of charge and just pursuing maximum efficiency, you can consider opening Advanced System Setting in Windows for this trick.
Enter “Control Panel” in the Cortana search box in the taskbar. In the pop-up window, click “System,” and then click “Advanced system settings” in the left window, as shown below:
Click “Settings” in the performance bar, as shown in the following figure:
In the pop-up window, you can see that there are four setting modes, set “Adjust for best performance,” and then click OK, as shown in the following figure:
3. Disable Startup Programs
Startup items are programs that the system will run in the foreground or background once your computer is ON. When you download and install software, the “start-up” is usually a default choice. Therefore, if the software is not commonly used and you do not need to use it every time you start your PC, you can remove the check because it can slow down system speed. If you forgot to remove the check when installing the application, you can also make changes using the Task Manager.
To check and manage your startup programs, open the Task Manager (Ctrl + Alt + Del), then switch to the ‘Startup’ tab. You’ll also see the “Startup impact” of each startup program — either Low, Medium, or High. If you see “Not measured,” that’s because it was recently added and Windows hasn’t had a chance to observe the program’s behavior yet.
To prevent a program from launching on startup just right-click and choose “Disable.”
If you are not sure whether you can safely disable some programs, you can search the program online and learn about its function. If you are a little worried, you can download a PC cleaner app, which can automatically identify and classify these items and help you delete the unnecessary ones in batches. Remember to choose those apps without pop-up advertisements and hidden fees.
In addition, you can see the first tab named “Processes” in the picture above. Too many programs running simultaneously can slow down the system speed as well. Some programs may continue running in the background even after you have closed them. Under the “Processes” tab, you can select them and click ‘End task’ at the bottom right. However, be careful about this action because you might close some important processes needed to run Windows.
4. Turn off windows tips and tricks
When searching ways to speed up your PC online, your PC will ask you to disable the “Visual Effects” feature as they use up your PC’s performance. However, this operation needs you to balance the operating speed and the appearance of your PC, and even adjust those settings many times to achieve satisfying visual effects. Instead, here is an item that you can change without a hitch.
When you use a windows PC, Windows will always pay attention to what you are doing and provide tips on what you may want to do with your computer. You may find these tips unhelpful and even feel offended by its constant virtual viewing over your shoulders.
If you want to speed up your PC, you can ask Windows to stop giving you advice. To do this, click the START button, select the Settings icon, and then go to Systems > Notification & actions. Scroll down to the notifications section and uncheck the box labeled “Get tips, tricks, and suggestions as you use Windows.”
5. Run Disk Cleanup
Do not let that “Disk space is almost full” message pop up and stop your work. Too many junk files, useless big files and duplicate files usually cause insufficient disk space. To save gigabytes of disk space for things you really need, you should clean them regularly to free up space.
Here are steps on how to use the built-in Windows utility to run disk cleanup:
Press “WINDOWS + R” and enter the cleanmgr command with parameters:
cleanmgr /sageset
In the Disk Cleanup Settings window, you can find items you can clean.
Note that this operation is only the setting operation of the checked item. It has not been actually cleaned. After clicking OK, you need to press “WINDOWS + R” and enter “cleanmgr /sagerun:99”, and then it can execute specific cleanup operations.
You can also turn ON the storage sense function to remove unnecessary files automatically.
Enter Settings > System > Storage, and then turn ON the Storage sense function to allow Windows to clean up temporary files automatically. It can be set to run automatically every day, every fortnight, every month, or every two months.
Definitely, some cleanup apps can help you do the work more quickly and accurately. Besides useless files, they can even retrieve and delete similar photos. You can evaluate and download them according to your own needs.
6. Clean out your Registry
Registry is an important database, which is used to store the setting information of system and application program running in Windows. As early as Windows 3.0 introduced OLE technology, the registry has appeared. Windows NT was the first operating system to make extensive use of the registry at the system level. However, since the beginning of the Microsoft Windows 95 operating system, the registry has been a critical database that will continue to play a role in the subsequent operating systems.
The command to open the registry is:
Regedit or regedit.exe, regedt32 or regedt32.exe
Under normal circumstances, you can click the operation in the START menu (WINDOWS + R), and then enter regedit or regedit.exe and click OK to open the registry editor of Windows operating system.
The registry is a very messy thing. For example, when a program is uninstalled, the program’s settings are not always cleared in the registry. So over time, it will be filled with various outdated settings. This may lead to poor performance of your PC system.
A word of caution: Editing the registry manually is risky. A mistake can lead to system-level interruptions. Therefore, to clean the registry, it is recommended that a professional registry cleaner is used.
7. Malware and Virus Infection
As we all know, malware and viruses will infect the computer and make it run more sluggishly. There are a large number of antivirus apps in the marketplace. Trend Micro offers several options to consider.
8. Disable third-party services
If you installed a lot of software on your PC, the system may become chaotic and some unexpected problems might occur. For example, several security applications are running at the same time can create conflicts that make the system misbehave. You can disable all third-party software services and only keep the system itself. The system status will also be called “Clean Boot.”
Here is how to perform a clean boot of Windows:
Press “WINDOWS + R” and type “msconfig”, then click OK. Open System Configuration, go to the Services tab and put a tick in the “Hide all Microsoft services” box at the bottom left before choosing the items and hitting Disable all.
We hope the listed solutions can help you boost your PC performance conveniently. Manually checking what is wrong with your Windows can be time-consuming and painstaking. When those irritating system messages pop up and interfere with your work, it is time to turn to a trusted all-in-one system care utility like Cleaner One. By employing this productive worker, you can retrieve and delete unnecessary items, have less clutter, make your computer more efficient, and optimize your Windows OS with just a few clicks. Why not give it a go?
The post How to Speed Up a Slow PC Running Windows OS appeared first on .
Variety is welcome in most walks of life, but not when it comes to the threat landscape. Yet that is unfortunately the reality facing modern cybersecurity professionals. As Trend Micro’s 2019 roundup report reveals, hackers have an unprecedented array of tools, techniques and procedures at their disposal today. With 52 billion unique threats detected by our filters alone, this is in danger of becoming an overwhelming challenge for many IT security departments.
In response, many CISOs are rightly re-examining how they approach threat defense. Rather than create potential security gaps and risk budget shortfalls through best-of-breed investments, they’re understanding that it may be better to consolidate on one provider that can do it all.
The state of play
Our report provides an alarming snapshot into a threat landscape characterized by volatility and chaos. Financially motivated cybercriminals collaborate and compete with each other on a daily basis to elicit profits from their victims. And there are plenty of those, thanks to increased investments in cloud and digital platforms that have broadened the corporate attack surface.
Three trends in the report stand out:
Ransomware is on the rise: Although the number of new families fell, the number of detected ransomware components jumped by 10% to top 61 million during the year. Attacks have been causing chaos across the US, particularly among under-funded public sector authorities and schools. The recent outage at Redcar council could be ominous for UK local authorities. As if service downtime wasn’t enough, several groups have also begun stealing sensitive data before they encrypt, and releasing it if victims don’t pay up — which will require organisations to evolve their threat defense strategies.
Phishing is evolving: As always, email-borne attacks accounted for the vast majority (91%) of threats we blocked last year, and increased 15% in volume from 2018. What does this mean? That phishing remains the number one vector for attacks on organisations. Although we noted an overall decline in total attempts to visit phishing sites, there were some spikes. Fraudsters appear to be targeting Office 365 in an attempt to bypass security filters: the number of unique phishing URLs that spoofed the Microsoft cloud platform soared by 100% from the previous year. BEC attacks, which the FBI has claimed cost more than any other cybercrime type last year, grew 5%.
The supply chain is exposed: At the same time, the digital supply chain has rapidly expanded in recent years, exposing more organisations to risk. This was particularly notable in the e-commerce space last year, as Magecart gangs managed to compromise an estimated two million sites. Many of these attacks focused on attacking supply chain partners, which provide JavaScript libraries to the victim sites. We also observed an increase in attacks focused on compromising DevOps tools and deployments, such as misconfigured versions of Docker Engine – Community and unsecured Docker hosts.
What happens now?
This is just the tip of the iceberg. We also detected a 189% brute force IoT logins, an increase in mobile malware, and much more. To regain the initiative in the face of such a wide-ranging set of threats, CISOs may find more value in taking a connected threat defence approach. This would consolidate protection onto a single provider across gateways, networks, servers and endpoints, with underlying threat intelligence optimizing defense at each layer.
Here’s a quick checklist of elements to consider:
|
|
To find out more, read Trend Micro’s 2019 roundup report here: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/the-sprawling-reach-of-complex-threats.
The post Hackers Expand Their Repertoire as Trend Micro Blocks 52 Billion Threats in 2019 appeared first on .
The Mac has always been pretty easy to use, but even the most ardent Mac supporters know there comes a time when their Mac is no longer new and they notice slowdowns in its performance, particularly after intensive use. They’d like a handy one-stop tool to help them optimize memory and CPU performance, free up disk space, and generally speed up their Mac, since they don’t want to dig around in the MacOS for buried utilities they don’t know how to use. Fortunately, Trend Micro has a solution for that.
Trend Micro Cleaner One Pro is an easy-to-use, all-in-one disk cleaning and optimization utility that can help you boost your Mac’s performance. Cleaner One Pro includes a number of Mac housecleaning tools such as a Memory Optimizer, a Junk Files cleaner, a Big Files scanner, a Duplicate Files finder, an App Manager, a File Shredder, and a Disk Map. These functions are all rolled into an easy-to-use interface that helps you visualize your Mac’s usage, while freeing up memory and storage on your Mac.
In this two-part blog, we will show you how you can use Cleaner One Pro to make your Mac run faster, walking you through its features. In Part 1, we focus on Quick Optimizer, the Main Console, and the Cleaning Tools. In Part 2, we’ll focus on System and Application Management, Privacy Protection, and some Other Options.
Once you’ve installed Cleaner One Pro, its Quick Optimizer appears in the Apple Menu, with handy tools to speed up your Mac. Click the icon and it displays a Console that monitors your Memory, Junk Files, CPU, and Network Usage, while letting you Optimize your Memory Usage and Clean your Junk Files with just one click. System Optimizer opens a Window onto the contents of your Mac for more detailed management.
Memory Optimizer
There are applications running in the background of your Mac that take up physical memory and affect its performance. The Memory Optimizer gives you control over how your computer consumes its memory resources—and you can free up your Mac’s memory in seconds with just one click on the Optimize button. If you want to see which apps are taking up significant memory, you can click the three-dot icon next to Memory Usage. It will show your Mac’s memory usage by app, in descending order. Click the Information (i) icon in the Memory Usage window for a breakdown of the types of memory being used.
Junk files, temporary files, system files and other non-essential items will accumulate on your Mac over time. These files take up a lot of space on your hard drive and may degrade the performance of your Mac as you reach higher disk usage. Click the Clean button and the Junk Files cleaner quickly removes application cache, system log files, update files, temporary files and hidden leftover files. You can also see the details of the identified Junk Files by clicking the three-dot icon next to Junk Files.
When your computer starts to run slowly it’s helpful to have a snapshot of its CPU usage. With this feature, you can see which apps are using significant CPU resources and how much percentage they’re using. It also let you know how long your computer has been up and running, since system reliability can degrade if it’s been awhile since you restarted your Mac.
If you want to keep an eye on your bandwidth consumption and avoid exceeding data caps, it’s useful to know the real-time download and upload speeds on your Mac. The Network Usage Monitor also provides a view of other network related information such as your Wi-Fi signal quality.
The Main Console is the core workplace in Trend Micro Cleaner One Pro and provides the following features, which are presented here grouped by purpose:
|
|
To access the Main Console, click System Optimizer in the Cleaner One Pro Apple Menu. The first time you do, you’ll need to authorize full access to your disk, so Cleaner One Pro can access more junk files. Simply click Grant Access in the System Optimizer window and watch the video or follow the written instructions. Complete the steps by closing Cleaner One Pro, then reload it. You’re now ready to begin optimizing.
The hard drive on your Mac holds the entire Mac operating system and important files including your data. As you use your Mac, over time its hard drive will accumulate junk files. These junk files are generated by the system and other programs. Cleaner One Pro is equipped with advanced and efficient algorithms that scan and remove junk files within seconds. Click Scan to scan for Junk Files and when the scan is done, either check a whole category or individual items in the category, then click Remove.
You may have a lot of clutter on your Mac in the form of big or old files that you probably no longer need and may have just forgotten about. Removing big unused files can recover a lot of disk space, but it could be time-consuming to delete them if done manually. Also, it is hard to select files for deletion if you don’t know the proper context— where the files are stored or how important they may be.
Big Files scanner provides a big file collector where you can easily spot and remove these files if you don’t need them anymore. Additionally, if you hover your mouse on a file, you’ll see a magnifier and a lock icon. Once you click the magnifier icon, you’ll locate the actual file. If you click the lock icon, the file will be added to the Ignore List, which will be locked.
Disk Map is a significant tool that helps you analyze the usage of your storage in a visual and interactive map. It quickly scans your drive and builds a visualization of files on the target folder of your Mac, allowing you to easily navigate the system. With Disk Map, you can find out the date when the file/folder was created, modified, and last opened. Furthermore, hovering your mouse on a folder then clicking the magnifier icon will direct you to the file’s location.
Another practice that you are probably comfortable doing is backing-up important files, photos, program installation files and apps on your hard drive. While this is a good practice, it creates duplicate files on your Mac that eventually add clutter and consume disk space. It’s also hard to find files in name searches when you have too many of them.
The Duplicate Files function lets you select a source folder where it will inspect and identify duplicate files on your Mac. In the scan results, an option called “Auto Select” helps you automatically select duplicate files. The information provided by “Auto Select” is listed below:
|
|
You can choose Remove to Trash or Delete Permanently on the confirmation page.
Often, you organize pictures of travels and life events, and also keep a copy to ensure you don’t lose those captured moments. But as digital photos pile up, often similar to others on your drive, they take up a lot of space. To assist you cleaning these up, use Similar Photos, and then choose your photo library to scan the photos on your Mac.
The result will display similar photos and you can choose the ones you don’t need, and the files will be added in the selected list. Click the Remove button to completely delete them from your hard drive.
That’s it for now! The second part of this blog will take up the remaining toolsets of Trend Micro Cleaner One Pro.
Go to Cleaner One Mac for more information or to purchase the app.
The post Cleaner One Pro Speeds Up Your Mac: Part 1 appeared first on .
In Part 1 of this blog, we introduced Trend Micro Cleaner One Pro, a one-stop shop to help you speed up your Mac, highlighting the Quick Optimizer, the Main Console, and the Cleaning Tools. In Part 2, we resume the discussion of how to make your Mac run faster with the remaining Cleaner One Pro features: System and Application Management, Privacy Protection, and Other Options.
Your Mac may get sluggish after a year or two of usage and you may find that booting up takes a lot longer. Doing a Startup Manager scan can help you reduce slowdown due to unwanted startup programs and services, to help your Mac boot faster.
Upon completing the scan, Startup Manager will identify apps under two categories: Login Items and Launch Agents.
Login Items are apps that run automatically upon login. You can manage these apps by enabling them to run automatically or disabling them to make your Mac more efficient. If you don’t need autorun, you can remove the apps from the list.
Launch Agents are background services that run automatically on System startup for the extension features of apps. You can manage these services by letting them run automatically or by disabling them to make your Mac boot faster. Similarly, you can remove these agents if you don’t need them or they’re broken.
When a user installs an app that doesn’t meet their expectations, they’ll never use it again. In many cases, they remove the app by simply dragging it into the trash, assuming the action completely removes the app, but this is not always true. When you uninstall an app, there are often associated files left on your Mac, even after you have emptied the Trash. They’re known as leftovers.
Leftovers are an app’s associated files and folders that can include different languages, log files, agents, or processes that might try to start an application. App Manager aims to resolve this and helps you clean up your Mac by completely removing app leftovers. App Manager detects all app leftovers automatically so you can remove them with just one click.
Data security and privacy are especially important and managing these applies to anyone collecting and keeping data. Data that has reached its retention limit needs to be permanently removed from your file system and to be sure it can’t be recovered you need to overwrite the file with random series of binary data multiple times. This process is often referred to as shredding. With File Shredder, you can remove sensitive files from your hard disk without worrying that they can be recovered.
Preferences allows you to manage how the Cleaner One Pro app performs. In Preferences, you’ll see General, Notifications, Memory, Duplicates, Whitelists and Auto Select.
On the General tab, you can choose Auto start at login and other options according to how you would like Cleaner One Pro to behave during startup.
On the Notifications tab, you can disable the notification about smart memory optimization.
Cleaner One Pro is also equipped with a Smart Memory Optimization feature on the Memory tab. This feature uses artificial intelligence. You can set auto clean when your available memory is low or when an app is closed.
The Duplicates, Whitelists and Auto Select tabs work when you use the Duplicate Files feature on the main console. When there are too many duplicate files on your Mac, you can set the rules on the minimum file size, as well as which files to exempt or prioritize during deletion.
If you need technical assistance about Cleaner One Pro, click the robot icon either in the Apple Menu window or on the Main Console.
A chat support person will attend to your concerns or suggestions when using Cleaner One Pro. In case there is no available support engineer, you can send an email by clicking Send Email. Make sure to provide the correct email address.
Aside from Cleaner One Pro for Mac, we offer Antivirus One for Mac—as well as Cleaner One for iPhone, which you can download by scanning the QR Code. You can also submit your ideas for Other Tools by clicking the panel.
As you use your Mac over time, you need to maintain it to keep it running smoothly. Trend Micro Cleaner One Pro can clean up your disk space, help boost performance, and solve other Mac issues you might encounter during your daily work. As you consider it for your Mac, you may have remaining questions:
What’s the difference between the Free version and the Paid version? The Free version of Cleaner One Pro includes the Memory Optimizer, basic CPU and Network Monitoring, a Junk Files Cleaner, a Big Files Scanner, a Disk Map, and the Startup Manager. The Paid upgrade of Cleaner One Pro unlocks more features, including more Advanced CPU/Network Monitoring, a Duplicate Finder, a Similar Photos Scanner, an App Manager, and a File Shredder.
Is it safe to use Cleaner One Pro? Cleaner One Pro is notarized by Apple, which assures its users both security and privacy.
How can I download Cleaner One Pro? Cleaner One Pro is distributed via the official Trend Micro website and other authorized channels. Note that Cleaner One Pro is also available for Windows. To make it easy for the readers of this blog series, we’ve provided the download links here: Download Mac Version – Download Windows Version
Go to Cleaner One Windows or to Cleaner One Mac for more information or to purchase the apps.
The post Cleaner One Pro Speeds Up Your Mac: Part 2 appeared first on .
When we published our 2020 Predictions report in December, we didn’t realize there was a global pandemic brewing that would give cybercriminals an almost daily news cycle to take advantage of in their attacks against people and organizations around the world. Malicious actors have always taken advantage of big news to use as lures for socially engineered threats, but these events tend to be fairly short news cycles.
When Covid-19 started making headlines in early 2020, we started seeing new threats using this in the attacks. As you see below, April was the peak month for email-based Covid-19 related threats.
The same was true for phishing URLs related to Covid-19, but for files using Covid-19 in their naming convention, the peak month in the first half was June.
Impact on Cybercrime
The constant 24×7 news around cases, cures and vaccines makes this pandemic unique for cybercriminals. Also, the shift to remote working and the challenges posed to supply chains all gave cybercriminals new content they could use as lures to entice victims into infecting themselves.
As we’ve seen for many years now, email-based threats were the most used threat vector by malicious actors, which makes sense as the number one infection vector to penetrate an organization’s network is to use a socially engineered email against an employee.
We even saw malicious mobile apps being developed using Covid-19 as a lure, as you see below.
In this case it was supporting potential cures for the virus, which many people would have wanted.
Other Highlights in 1H 2020
While Covid-19 dominated the threat landscape in the 1H 2020, it wasn’t the only thing that defined it. Ransomware actors continued their attacks against organizations, but as we’ve been seeing over the past year, they’ve become much more selective in their victims. The spray and pray model using spam has been shifted to a more targeted approach, similar to how nation-state actors and APT groups perform their attacks. Two things showcase this trend:
|
|
Home network attacks are another interesting aspect of the threat landscape in the first half of this year. We have millions of home routers around the world that give us threat data on events coming into and out of home networks.
Threat actors are taking advantage of more remote workers by launching more attacks against these home networks. As you see below, the first half of 2020 saw a marked increase in attacks.
Many of these attacks are brute force login attempts as actors try to obtain login credentials for routers and devices within the home network, which can allow them to do further damage.
The above are only a small number of security events and trends we saw in just six months of 2020. Our full roundup of the security landscape so far this year is detailed out in our security roundup report – Securing the Pandemic-Disrupted Workplace. You can read about all we found to help prepare for many of the threats we will continue to see for the rest of the year.
The post 1H 2020 Cyber Security Defined by Covid-19 Pandemic appeared first on .
Today, there are so many different avenues where we receive information.
Personally, I prefer finding out what’s going on in the world by scanning my favorite news channels’ websites and by receiving personalized feeds and notifications to my phone. My wife, however, scans social media platforms – from Facebook to Twitter to Instagram – to discover the latest happenings. My teenage daughter spends 2+ hrs a day on social media platforms engaging with her friends.
While were initially meant to help us stay connected, they come with their own handful of security implications. Let’s explore what these threats are and how to stay protected.
Users rely on social media to feel connected. So while the world was social distancing, social media grew more popular than ever before – as of March 2020, people are on social media 44% more worldwide. However, with these platforms being so popular, they’ve become a hotspot for cybercriminal schemes.
There’s a variety of potential threats on social platforms, including misinformation, account takeovers, and phishing scams. The latter threat is all too common, as these platforms have become a popular avenue for cybercriminals to spread troublesome links and websites.
To lure unsuspecting users into clicking on these links, hackers often tap into what consumers care about. These topics have ranged from fake tech support scams to getting verified on Instagram.
At McAfee, we want users to enjoy a safe online social life. That’s why we created a new McAfee® WebAdvisor feature that scans for dangerous links across six major social media sites – Facebook, Twitter, YouTube, Instagram, Reddit, and LinkedIn – so users can scroll their feeds with confidence. To do this, McAfee WebAdvisor now color codes links across these social platforms, as it has always done for online searches, to show which ones are safe to visit.
It’s important to take advantage of new technologies that help us adapt and grow into security superstars. My family and I are excited to see this new feature roll out across our existing McAfee® Total Protection subscription. That way we can keep up with the latest news and trends, as well as stay connected with family and friends without worrying about any potential threats. I can sleep much better at night knowing that my whole family will be both connected and protected.
To stay updated on all things McAfee and for more resources on staying secure from home, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Stay Connected & Protected: Weaving Security Into Our Social Media Habits appeared first on McAfee Blogs.
To live our digital lives to the fullest, we rely on a variety of technologies to support our online activities. And while some apps and devices are meant to make certain tasks more convenient or provide us with greater security, others simply offer a false sense of security and could potentially lead to online misfortune. One such platform is SuperVPN. While users may applaud themselves for using a VPN to protect their privacy, this Android app is unfortunately spilling their secrets without their knowledge.
Let’s unpack how SuperVPN works and its recent involvement in a data breach.
VPNs (virtual private networks) are intended to create a secure tunnel between your device and the internet, offering you privacy and freedom from IP-based tracking. It protects your identity and financial information by encrypting, or scrambling, the data that flows through the tunnel, and can mask your true location, making it appear as though you are connecting from somewhere else. VPN apps have become much more popular in recent years as our awareness around privacy and security has grown. But, such is the case with all apps, it’s important to do your research before you select one to install on your phone.
According to Forbes, critical security warnings around the app SuperVPN surfaced last year. They reported research stating that 105 million people might have had their credit card details stolen, and that hackers could intercept messages between the user and provider. As of last Friday, someone leaked three databases on a popular hacking forum that purportedly contained user credentials and device data stolen from three different Android VPN services: SuperVPN, considered one of the most dangerous VPNs on Google Play with 100 million installs, GeckoVPN (10 million installs), and ChatVPN (50,000 installs). This breach exposed the data of 21 million users, including names, email addresses, usernames, payment data, device information, and even location data logs — a major red flag for a VPN.
Although a free VPN might seem like an ideal solution at first, there are multiple consequences that could potentially put your online safety in jeopardy. Since free VPNs are not making money directly from their users, many make revenue indirectly, through advertising. This means that not only will you be bombarded with ads, but you’re also exposed to tracking and malware. In fact, one study of 283 free VPN providers found that 72% included trackers. Beyond the frustration of ads, slowness, and upgrade prompts is the fact that some free VPN tools include malware that can put your sensitive information at risk. The same study found that 38% of the free VPN applications in the Google Play Store were found to have malware and some even stole the data off of users’ devices, similar to SuperVPN.
If you choose a verified, paid VPN service, however, you’ll enjoy a plethora of benefits including unlimited bandwidth, speedy performance, protection across multiple devices, and much more. Aside from choosing a premium VPN service, following these tips will help you stay secure against SuperVPN and others like it and protect your daily online communications:
Delete SuperVPN from your device as soon as possible. There are at least six other apps like SuperVPN, with identical descriptions and logos from different creators on Google Play Store. Steer clear of downloading these apps altogether to avoid any cyber misfortune.
While some malicious apps do make it through the app store screening process, most attack downloads appear to stem from social media, fake ads, and other unofficial app sources. Before downloading an app to your device, do some quick research about the origin and developer.
Reviews and rankings are still a suitable method of determining whether an app is legitimate. However, watch out for assessments that reuse repetitive or straightforward phrases, as this could be a sign of a fraudulent review.
If you suspect that your data might have been compromised, place a fraud alert on your credit. This not only ensures that any new or recent requests undergo scrutiny, but also allows you to have extra copies of your credit report so you can check for suspicious activity.
A comprehensive security suite like McAfee Total Protection includes our McAfee® Safe Connect standalone VPN with auto-renewal and takes the worry out of connecting, so you can focus on what’s important to you.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our email, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Attention Android Users: This Free VPN App Leaked the Data of 21 Million Users appeared first on McAfee Blogs.
Throw open the windows and let in some fresh air. It’s time for spring cleaning.
And that goes for your digital stuff too.
Whether it’s indeed spring where you are or not, you can give your devices, apps, and online accounts a good decluttering. Now’s the time. Cleaning them up can protect your privacy and your identity, because when there’s less lying about, there’s less for hackers to scoop up and exploit.
The reality is that we accumulate plenty of digital clutter that needs cleaning up from time to time. Think about it:
Together, these things take up space on your devices and, in some cases, can open you up to security hazards. Let’s take a look at how you can clean up in a few steps.
1. Review your accounts and delete the ones you don’t use. Look through your bookmarks, your password manager, or the other places where you store your passwords and usernames. Review the sites and services associated with them critically. If you haven’t used an account in some time, log in one last time, remove all personal info, and deactivate it.
Doing so can keep your email address, usernames, and passwords out of unnecessary circulation. Major breaches like this one happen with unfortunate regularity, and the sad thing is that you may not even be aware that a site you’ve used has been hit. Meanwhile, your name, password, and info associated with that account (such as your credit card) are in the hands of hackers. Limit your exposure. Close those old accounts.
2. Get organized, and safer too, with a password manager. While creating strong, unique passwords for each of our accounts is a must nowadays, it can be quite the feat, given all of the accounts in our lives. Here’s where a password manager comes in. It can create those strong, unique passwords for you. Not only that, but it also stores your passwords on secure servers, away from hackers and thieves.
Along those lines, never store your passwords on your computer or device, like a text document or spreadsheet. Should your device ever get compromised, lost, or stolen, having passwords stored on them are like handing over the keys to your digital life.
3. Clean your PC to improve your performance (and your security). Let’s face it, so many of us are so busy with the day-to-day that cleaning up our computers and laptops is way down the list. However, doing so once a month can keep our devices running stronger for longer and even give you that “new computer feeling,” particularly if you haven’t cleaned it up for some time. Check out or guide for improving PC performance. It’ll walk you through some straightforward steps that can make a marked difference.
Moreover, part of this process should entail bolstering your operating system and apps with the latest updates. Such updates can not only improve speed and functionality, but they also often include security upgrades as well that can make you safer in the long run. If your operating system and apps feature automatic updates, enable them, and they’ll do the work for you.
4. Organize and store your photos. Photos. Now there’s a topic all unto itself. Here’s the thing: Estimates show that worldwide we took somewhere around 1.2 trillion photos in 2018. And you certainly have your share.
However, your photos may be just sitting there, taking up storage space on your computer or phone, instead of becoming something special like an album, greeting cards, a wall hanging, or popping them into a digital picture frame for your kitchen or living room. And this is where a little spring cleaning can be a bit of fun. For tips on cleaning up your photos, backing them up, and making something special with them, check out my earlier blog.
5. Delete old apps and the data associated with them. Let’s say you have a couple of apps on your phone for tracking your walks, runs, and exercise. You’ve since stopped using one altogether. Go ahead and delete the old one. But before you do, go in and delete your account associated with the app to ensure that any data stored off your phone, along with your password and user id are deleted as well.
For your computers and laptops, follow the same procedure, recognizing that they also may have account data stored elsewhere other than on your device.
In short, many apps today store information that’s stored and maintained by the app provider. Make sure you close your accounts so that data and information is taken out of circulation as well.
6. Shred your old files and encrypt the important files you’re holding on to. This bit of advice calls for using comprehensive security software on your devices. In addition to protecting you from viruses, malware, and other cyberattacks on your privacy and identity, it can help you protect your sensitive information as well. Such security software can offer:
7. Throwing away old computers and tech—dispose of properly. When it comes time to say goodbye to an old friend, whether that’s a computer, laptop, phone, or tablet, do so in a way that’s friendly to the environment and your security.
Consider this … what’s on that old hard drive of yours? That old computer may contain loads of precious personal and financial info on it. Same thing goes for your tablets and phones. The Federal Trade Commission (FTC) offers some straightforward advice in their article about protecting your data before you get rid of your computer. You don’t want those old tax returns ending up in the trash unprotected.
When it comes time for disposal, you have a few options:
Enjoying the benefits of your work—that’s what spring cleaning is all about, right? With this little list, you can end up with a digital life that’s safer and faster than before.
The post Digital Spring Cleaning: Seven Steps for Faster, Safer Devices appeared first on McAfee Blog.
Microsoft has shipped an emergency security update affecting most Windows users. This update partially addresses a security vulnerability known as PrintNightmare that could allow remote hackers to take over your system.
PrintNightmare could allow hackers to gain control of your computer. This means hackers could perform malicious activities like installing their own apps, stealing your data, and creating new user accounts.
Microsoft recommends Windows 10, 8.1, and 7 users update their computers through Windows Update as soon as possible. Note that an additional patch will likely be required to fully fix the issue, so expect another update prompt from Microsoft in the days to come.
For extra protection against malware that may result from a hack like this one, we recommend an all-in-one security solution, like McAfee Total Protection or McAfee LiveSafe. If a hacker takes advantage of the exploit and tries to install additional malware, McAfee Total Protection/LiveSafe can help protect against those attempts. Learn more about our online security products here.
PrintNightmare exploits a vulnerability in the Windows Print Spooler service. The step-by-step instructions below will guide you through turning off the service to ensure hackers can no longer exploit the security flaw. The Print Spooler will remain off until the PC is rebooted.
Step 1: Press the Windows key, and type Services, clicking on the Services App
Step 2: Scroll down to the Print Spooler Service
Step 3: Right-click on the Print Spooler Service and click Stop.
The post Microsoft Urges Customers to Update Windows as Soon as Possible appeared first on McAfee Blogs.
This news has been some time in the making, and I’m terrifically excited to share it.
As of July 27th, we take a decisive step forward, one where McAfee places its sole focus on consumers. People like you. This marks the day we officially divest our enterprise business and dedicate ourselves to protecting people so they can freely enjoy life online.
This move reflects years of evolution, time spent re-envisioning what online protection looks like in everyday life—how to make it stronger, easier to use, and most importantly, all the ways it can make you feel safe and help you stay that way.
In the coming days, you’ll see your experience with us evolve dramatically as well. You’ll see advances in our online protection that look, feel, and act in bold new ways. They will put you in decisive control of your identity and privacy, all in a time where both are so infringed upon. And you’ll also see your protection get simpler, much simpler, than before.
Today, I’d like to give you a preview of what’s ahead.
First, these changes are inspired by you. From feedback, research, interviews, and even having some of you invite us into your homes to show us how you live life online, you’ve made it clear what’s working and what isn’t. You’ve also shared what’s on your mind—your thoughts on technology’s rapid growth, the concerns you have for your children, and the times where life online makes you feel vulnerable.
We’re here to change things for the better. And here’s why …
Our lives are more fluid and mobile than ever before. From the palm of our hand, we split the cost of dinner, purchase birthday gifts, dim the lights in our living room, warm up the car on a winter morning, and far more. In many ways, our smartphones are the remote control for our lives. From managing our finances to controlling our surroundings, we’re increasing our use of technology to get things done and make things happen. Could any of us have imagined this when the first smartphones rolled out years ago?
Without question, we’re still plenty reliant on our computers and laptops too. Our recent research showed that we’re looking forward to using them in addition to our phones for telemedicine, financial planning, and plenty of personal shopping—each representing major upticks in usage than in years before, up to 74 percent more in some cases.
Yet what’s the common denominator here? You. Whatever device you’re using, at the center of all that activity is you. You’re the one who’s getting things done, making things happen, or simply passing some time with a show. So, while the device remains important, what’s far more important is you—and the way you’re using your device for ever-increasing portions of your life. Safely. Confidently. Easily.
Taken together, the time to squarely focus on protecting people is now. A new kind of online security is called for, one that can protect you as you go online throughout your day in a nearly constant and seamless fashion. We’ve dedicated ourselves to making that happen. And you’ll soon see what that looks like.
So how can you expect this evolution to take shape? You’ll see it in three significant ways:
1. Personalized experience. We’re building security that protects you effortlessly wherever your day takes you. From device to device, place to place, and all the experiences online in between. Think of our approach to online protection like Netflix, which used to be a physical service where you waited in queue for that next episodic DVD of Lost to get mailed to you. Now your shows follow you and stream anywhere, no matter what device you’re on. It’s the same thing with our security. It will recognize you and protect you whether you’re at home or by the pool on vacation, on your laptop, or your phone, with one consistent experience. Again, it’s all about you. Keeping you protected as you enjoy every perk and convenience of life online.
2. Intelligent experience. The next evolution builds on personalization and takes it a step further. This is security that understands when you and your personal info is at risk and then takes intelligent steps to protect you. This could be your smartphone automatically connecting to VPN when you’re at the airport, keeping you safe from prying eyes on public networks. It could also be alerts to you if your personal info is compromised so you can take steps to protect it. Or it could be a simple suggestion to help keep you safe while browsing, shopping, or banking online. In all, it’s intelligence that helps you stay safe and make safe choices.
3. Simpler experience. With this personalization and intelligence in place, you can protect everyone in your family far more easily than ever. It becomes practically automatic. Regardless of their age, interests, or how much they know about technology, this simplified approach to online security makes smart choices for you and your family wherever possible, steering them clear of threats and keeping everyone safer as a result.
Us at your side. New and existing customers alike will still benefit from McAfee’s award-winning technology as you always have. Further advances and features will roll out to you as part of the regular updates as they become available for your subscription. In all, you’ll always have the latest and greatest benefits of your product with us.
As for our future, expect more to come. Your confidence in us both fuels and informs these leaps ahead. Thank you as always for choosing us for your protection. It allows us to invest in breakthroughs that keep you safe against new and evolving threats, just as we have as a market leader for years.
The new McAfee is focused on you. It’s a bold new world of protection online, where you are in control of your identity and privacy, where you have intelligence that offers right protection in the right moment, where you can simply feel safe, and where you’re ultimately free to enjoy your life online at every turn.
Here’s to what’s next. And I can’t wait for you to experience it.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our newsletter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post The New McAfee: A Bold New World of Protection Online appeared first on McAfee Blogs.
We all know the frustration. A new piece of tech isn’t working the way it should. Or maybe setting it up is simply turning into a royal pain. Grrr, right? Just make sure that when you go on the hunt for some help, you don’t let a tech support scam get the better of you.
Like so many scams out there, tech support scams play on people’s emotions. Specifically, the frustration you feel when things don’t work right. You want that problem fixed right now. So much so that you may not pay close enough attention to that tech support link you found in a search or came across in an ad. Tech support that looks legitimate but isn’t.
Tech support scams make good money for bad actors. In fact, the larger tech support scam operations organize and run themselves like a business, with call centers, marketing teams, finance groups, and so forth—and can rack up some serious profits to boot.
They make their money in several ways. Sometimes they’ll charge large fees to fix a non-existent problem. Other times, they’ll install information-stealing malware under the guise of software that’s supposed to correct an issue. In some cases, they’ll ask for remote access to your computer to perform a diagnosis but access your computer to steal information instead.
Fortunately, these scams are rather easy to spot. And avoid. If you know what to look for.
Let’s start with a quick overview of tech support scams. They tend to work in two primary ways.
This could be a phone call that comes from someone posing as a rep from “Microsoft” or “Apple.” The scammer on the other end of the line will tell you that there’s something wrong with your computer or device. Something urgently wrong. And then offers a bogus solution to the bogus problem, often at a high cost. Similarly, they may reach you by way of a pop-up ad. Again telling you that your computer or device is in need of urgent repair. These can find you a few different ways:
These are phony services and sites that pose as legitimate tech support but are anything but. They’ll place search ads, post other ads in social media, and so forth, ready for you to look up and get in touch with when you have a problem that you need fixed. Examples include:
While tech support scammers can and do prey on older computer users, they’re not the only ones. An apparent lack of computer savviness certainly makes older users an attractive target, yet it also seems that an apparent overconfidence in one’s savviness makes younger victims susceptible to tech support scams too. Turns out that the growing majority of victims worldwide are between 18 and 35 years old, a group that has known the internet for most, if not all, of their lives. That’s according to research from Microsoft’s Digital Crimes Unit, which found the 1 in 10 of people between the ages of 18 and 35 who encountered a tech support scam fell for it and lost money.
Whatever the age group, the U.S. Federal Trade Commission (FTC) says that the reported losses in the U.S. are into the millions, which of course does not account for the assumedly millions more that do not go reported.
Lastly, a good piece of general advice is to keep your devices and apps up to date. Regular updates often include security fixes and improvements that can help keep scammers and hackers at bay. You can set your devices and apps to download them automatically. And if you need to get an update or download it on your own, get it from the company’s official website. Stay away from third-party sites that may host malware.
This will provide protection if the scammer was able to access your account passwords in some form. While this can be a big task, it’s a vital one. A password manager that’s part of comprehensive online protection can make it much easier.
Delete files or apps that the software says is an issue. Do the same for other devices on your network too. Experienced and determined scammers can infect them as well simply by gaining access to one device on your network.
Contact your bank, credit card company, online payment platform, or wire transfer service immediately to reverse the charges. File a fraud complaint as well. The sooner you act, the better chance you have of recovering some or all your money. (Note that this is a good reason to use credit cards for online purchases, as they afford extra protection that debit cards and other payment services do not.)
In the U.S., you can contact https://www.ftc.gov/complaint, which reports the claim to thousands of law enforcement agencies. While they cannot resolve your individual issue, your report can help with broader investigations and build a case against scammers—which can make the internet safer for others. Their list of FAQs is particularly helpful too, answering important questions like “how do I get my money back?”
Here’s to holiday tech that works. And to quick fixes when things don’t go as planned. In all, if you find yourself staring down a technical issue, go straight to the source for help as we’ve outlined above. As you can see, scammers have burrowed themselves alongside otherwise legitimate ads, search results, and forums online, ready to take advantage of you when you need to get things working right.
Likewise, keep an eye and ear open for those scammers who’ll reach out to you, particularly this time of year when so many people are getting so many new devices. Realizing that legitimate tech support won’t call you out of the blue is a great place to start. In all, go with the pros you know—the ones you can reach at the companies you trust.
The post New tech for the holidays? Watch out for these tech support scams. appeared first on McAfee Blog.
Editor’s Note: This is the first in a series of articles about how we can help our elder parents get the most out of digital life—the ways we can help them look after their finances and health online, along with how they can use the internet to keep connected with friends and family, all safely and simply.
Online banking is for everyone. Or at least it should be.
The benefits of online banking are many for our moms, dads, and grandparents, just as they are for us. Elder adults can deposit checks, pay bills, transfer money to and from investments, and so on, all without needing to leave home. However, our parents and the older people in our lives may face a few hurdles that are holding them back. As a son, daughter, or loved one, there are things you can do to help them clear those hurdles so they can enjoy the convenience of online banking, safely and securely.
What do some of those hurdles look like?
Meanwhile, the digital world continues to evolve apace, particularly with regard to online banking. Between 2018 and 2022, the number of people in the U.S. who use online banking steadily rose to more than 65%, and more than three-quarters of Americans used a mobile device the last time they checked their balance. And as of 2020, nearly two billion people worldwide used online banking, a number that only continues to increase.
This rise in online banking has implications for the elders in our lives. Even if they aren’t active in online banking themselves, their financial information is part of this digital mix. The banks and financial institutions where they keep their savings and funds are digitally connected and digitally accessible. At a minimum, this means that they should take steps to protect themselves and their finances. Yet the upside is here is that we can help them do much more than that—that we can actually help them take advantage of online banking and enjoy its benefits.
Depending on their comfort level, you may want to start by reviewing some basic digital literacy before diving right into online banking. As mentioned above, there’s so much about the internet that we take for granted, and the elders in your life may benefit a little 101-level introduction to the internet.
When you’re both confident that their comfort level with the internet is in the right place, you can move on to the next step—making sure mom and dad have solid online protection in place. This is square one before going online, particularly when you’re banking online. Some basic digital hygiene will help protect their banking and finances. Moreover, it will help protect the other things they do online as well.
The following quick list is a great way to make them far more secure:
That includes the operating system of their computers, smartphones, and tablets, along with the apps that are on them. Many updates include security upgrades and fixes that make it tougher for hackers to launch an attack.
Computers, smartphones, and tablets will have a way of locking them using a PIN, a password, a fingerprint, or the owner’s face. Take advantage of that protection, which is particularly important if that device is lost or stolen.
This is important should they lose their smartphone or believe it’s been stolen. Have them turn on device tracking so that they can locate their phone or even wipe its data and contents remotely if they need to. Apple provides iOS users with a step-by-step guide for remotely wiping devices, and Google offers up a guide for Android users as well.
Protecting your devices with comprehensive online protection software will defend them against the latest virus, malware, spyware and ransomware attacks plus help steer them clear of phishing attacks and malicious websites designed to steal personal and financial information. Also, make sure it offers a password manager like ours does, which can create and store strong, unique passwords for each of their accounts—alleviating the burden of mom and dad remembering them.
With all the personally identifiable information (PII) we create simply by using the internet, tracking and monitoring your PII is essential for preventing identity fraud and theft. The same is true for mom and dad. A strong identity theft protection package will offer cyber monitoring that can detect the misuse of your PII. Our identity protection service takes that protection a step further if the unfortunate happens with $1M coverage for lawyer fees, travel expenses, lost wages, and more.
With their devices and PII more secure, you can move on to the banking portion itself. While there’s so much you can do with online banking, it’s a good idea to take things one at a time. Some elders aren’t sure how to sign up for online banking with their financial institution, so you can start there. Take them through the setup process (using that strong, unique password as mentioned above) and simply get them going.
From there, they can familiarize themselves with the layout of banking site or app they’re using. A straightforward task like checking account balances is a great way to do just that. After their comfort level with the site or app tales root, you can move on to other things they can do online, like pay bills online, deposit a paper check with their phone, and review their statements for any discrepancies.
Another thing that may help put your folks at ease is to let them know you’re there to help. Questions will inevitably come up, and it’ll be a great comfort to them knowing that you’re around to lend them a quick answer as needed.
For example, let’s talk about spotting possible discrepancies in their statements. Some account entries may look a little strange because the name of a business does not always match the way it appears in a bank or credit card statement. This may lead to questions about the purchase—was it something they made? Is it a legitimate charge? These are answers you can help them track down.
Related, online banking provides our parents with a powerful tool against identity theft and fraud. By reviewing account statements closely, they can potentially spot bogus charges and purchases before they become a larger, and more costly, problem. (For a great primer on the topic, read and share this article that covers identity theft and fraud, along with steps to prevent it.)
Several different banks offer resources specifically for elder bankers. The offerings will of course vary from bank to bank, yet you may find that they have videos and information on their websites designed to make online banking easier. Likewise, they may offer special services that mom and dad may qualify for. In all, feel free to lean on their bank for assistance as needed. They’re there to help.
You can also look into independent resources as well, such as the AARP and “Ready, Set, Bank,” which both provide a wealth of videos and articles about online banking.
As kids, grandkids, and younger loved ones, there’s plenty we can do to help the elders in our lives enjoy online banking with confidence. Shoring up their security, starting them easy, and then being there to answer questions can help them clear the hurdles of familiarity and trust they face.
Just as they’ve guided you through the ins and outs of life, here’s a chance to return the favor. What’s more, it’s yet another way you can spend time together, whether in person or over a call. And that’s a good thing.
The post Helping Mom & Dad: Online Banking appeared first on McAfee Blog.
The humble internet browser. Dutifully taking you the places you want to go online, whether that’s the bank, the store, the movies, or even to work. All the more reason to make sure your browser gets every last bit of protection it can.
It’s easy to fire up your browser without a second thought. Arguably, it’s one of the first things many of us do when we hop on our computers. And because it’s often our literal window into important tasks like managing our finances, making payments, and so forth, hackers will absolutely target browsers in order to conduct their attacks. Whether it’s through vulnerabilities in the code that runs the browser, injecting malicious code into a browser session or any one of several other attack vectors, hackers will try to find a way to compromise computers via the browser.
What’s one of the best ways to keep your browser safe? In a word, update. By updating your browser, you’ll get the latest in features and functionality in addition to security fixes that can keep you safer out there.
Let’s take a closer look at what a safer browser is all about, how to update yours, and check out some additional things you can do to stay safer still.
Just as long as there have been browsers, there have been security vulnerabilities and issues. Among the first documented cases, one of the most noteworthy goes back to 1995 when researchers at the University of California, Berkeley uncovered a security issue with the way the Netscape browser handled online payments. Today, news of potential browser exploits and follow-on security measures to remedy them still make the headlines all across several types of popular browsers.
The reality of the issue is that browsers, humble as they may seem to us, are complex applications made up of myriad smaller applications to handle all manner of tasks that create your overall web browsing experience. And where there’s code, there’s room for error. Errors that hackers will look to exploit until an update comes along and fixes them.
Adding further functionality to your browser, and potentially further opportunities for hackers, are browser plug-ins and extensions. These are small apps that give your browser additional capabilities, like opening and editing documents, blocking ads, finding coupons, and even playing tabletop role-playing games in a browser as well. In short, there are thousands of them, often available in the various stores run by different browser developers.
Likewise, browser plug-ins and extensions can be prone to security issues just like the browser they’re installed in. Errors in their code may lead to exploits that hackers can take advantage of. Further, not all plug-ins and extensions are safe and secure to use. It’s not uncommon for malicious ones to turn up on third-party sites that steal user information, introduce malware, or that end up serving ads on a person’s computer, just to name a few of the nasty things they can do. Even official browser stores have had malicious plug-ins and extensions slip onto their shelves.
Lastly, even seemingly legitimate plug-ins and extensions can introduce privacy issues. Given that they’re on your browser and have been granted permissions to work with it, they could be collecting data—data which the developer may use, share, or resell. And it may be tough to know exactly what’s being collected and what’s being done with it. Yet like many smartphone app stores, browser stores are including links to developer privacy statements on the download page for the plug-ins and extensions they offer, giving people more insight into how their data is used. However, sometimes plug-ins and extensions get sold from one company to another where they not only change owners but privacy policies as well. In other words, that plug-in or extension on your computer may get sold to another company without your knowledge and subsequently decide to use your data in an entirely new way.
Given this landscape, there’s a clear case for updating your browser regularly, along with your plug-ins and extensions as well. Moreover, you might want to take a look at what plug-ins and extensions you’re running as well to ensure they’re secure and that they’re something you actually have use for.
Let’s take a look at how you can do all that.
Set up your browser to update automatically. This is relatively straightforward, and browser developers have pages that show you how it’s done. For example, sampling a few of the browsers out there:
As for updating your extensions, the browser developers have put together quick guides to help you what that too. The good news is that when you update your browser, your browser typically updates its associated plug-ins and extensions as well. However, note that your browser’s update cycle may not be in sync with the update cycle for your various plug-ins and extensions, so you may want to go in and update them on their own. These guides can help:
<h2>Take a look at your browser extensions—and see if you want them in the first place
What extensions am I even running? Now that’s a great question. And it’s not too tough to get the answer. In short, your browser’s menu will have an option that will give you an overview of what you have installed and which ones are enabled for use. Once more, each browser developer has their own way of going about this:
This is a good opportunity to give your extensions a hard look. Are they something you use? Are they something you want? Who developed that extension? What might they be doing with my data? Answering these questions may take a little work on your part—like searching for news, information, or reviews about the various extensions you have installed. If you don’t like what your research turns up, you can simply uninstall the extension in question.
A good general rule is this—the fewer apps and extensions you have, the fewer you have to update. Likewise, that’s ultimately fewer lines of code that may turn up a possible exploit. If it’s something you’re not using, consider getting rid of it.
<h2>Make your browser safer with web protection
Many browser-based attacks find their way to you through sketchy websites and downloads. Even ads that look legit but are not. As said before, hackers will try and find a way. One tool you can use to beat them at their game is browser protection, which helps prevent you from making that one wrong click that leads to malware.
In our case, we offer McAfee WebAdvisor, a lightweight app that helps keep you safe from threats while you browse and search the web. Specifically, it includes three types of protection that can help steer you clear of those sketchy websites and downloads.
It’s a free download, and it’s also included with our comprehensive online protection software. Either way, this provides you with yet another line of defense when it comes to browser-based attacks.
That’s the big reason to update right there. Updates give you one more way to prevent attacks by fixing known security issues. It’s true for your operating systems, your apps, your games, what have you. All of them rely on sometimes complex code, code which can sprout exploits, ones that hackers will use. Count your browser in that mix as well. Updating your browser, plus its plug-ins and extensions will help keep you safer online.
The post The Big Reason Why You Should Update Your Browser (and How to Do It) appeared first on McAfee Blog.
We’re excited to announce the release of McAfee’s Personal Data Cleanup, a new feature that finds and removes your personal info from data brokers and people search sites. Now, you can feel more confident by removing personal info from data broker sites and keeping it from being collected, sold, and used to: advertise products to you, fill your email box with spam, and can even give criminals the info they need to steal your identity. Let’s look at why we’re offering McAfee Personal Data Cleanup, how it protects your privacy, and why it’s a great addition to the online protection we already offer.
There’s so much to enjoy when you live a connected life – free email, online stores that remember what you like, social media that connects you to friends and influencers. It’s a world of convenience, opportunity, and incredible content. It’s also a world where your data is constantly collected.
That’s right, companies are collecting your personal data. They’re called data brokers and they make money by selling information that specifically identifies you, like an email address. They sell this information to marketers looking to target you with ads. Criminals can also use it to build profiles in service of stealing your identity and accessing your accounts. This activity takes place behind the scenes and often without consumers’ knowledge. There are also data brokers known as people search sites that compile and sell info like home addresses, emails, phones, court records, employment info, and more. These websites give identity thieves, hackers, stalkers, and other malicious actors easy access to your info. Regardless of how your data is being used, it’s clear that these days a more connected life often comes at the cost of your privacy.
In a recent survey of McAfee customers, we found that 59% have become more protective of their personal data over the past six months. And it’s no wonder. Over the past two years, trends like telehealth, remote working, and increased usage of online shopping and financial services have meant that more of your time is being spent online. Unsurprisingly, more personal data is being made available in the process. This leads us to the most alarming finding of our survey – 95% of consumers whose personal information ends up on data broker sites had it collected without their consent.
We created Personal Data Cleanup to make it easy for you to take back your privacy online. McAfee’s Personal Data Cleanup regularly scans the riskiest data broker sites for info like your home address, date of birth, and names of relatives. After showing where we found your data, you can either remove it yourself or we will work on your behalf to remove it. Here’s how it works:
Ready to take back your personal info online? Personal Data Cleanup is available immediately with most of our online protection plans. If you have an eligible subscription, you can start using this new feature through McAfee Protection Center, or you can get McAfee online protection here.
The post Introducing Personal Data Cleanup appeared first on McAfee Blog.
Let’s play a game. Go to the Photos app on your phone and look at the total number of videos and images on your device – all those precious memories of family vacations, clips from your favorite concert, and countless snapshots of your furry companion. Next, open your laptop or desktop and check to see how many documents you have saved — perhaps all the research reports you have saved to defend your graduate thesis or an important slideshow you’re presenting to your boss on Monday. If you had to guess, would you say the total number of these various pieces of data is into the thousands? Now imagine if all this data was suddenly gone. What would you do?
You might be thinking, “That will never happen to me.” However, this situation is more common than you think. More than 60 million computers will fail worldwide this year, and over 200,000 smartphones are lost or stolen every year. That’s why we’re celebrating World Backup Day by sharing how you can properly back up your files and find peace of mind knowing that your data is safe and sound.
A backup is a separate copy of your important and sentimental digital files and information. Storing all that data in one place, like a personal computer or smartphone, can prove unsafe. Creating another copy of that data through a backup will ensure that it’s stored and kept safe somewhere else should your device get wiped or stolen.
It’s important to recognize that data loss isn’t something that only happens to huge corporations or unsuspecting victims in spy movies. Everyone is susceptible to data loss or theft and backing up that data is an easy step to protect all your information and prevent cybercriminals from taking what isn’t theirs.
Data is one of the most important assets in the modern world. As we illustrated earlier, people collect countless files that contain valuable information they want to keep safe. Luckily, there are two common and inexpensive ways that a user can store their data and their ever-important backups.
Although “the cloud” became a major buzzword years ago, its definition is still cloudy for some folks. The cloud exists in remote data centers that you can access via the internet. Any data you’ve uploaded to the cloud exists on dedicated servers and storage volumes housed in distant warehouses, often situated on campuses full of such warehouses. Data centers are owned by cloud service providers, who are responsible for keeping the servers up and running.
To keep your data physically safe from theft and destruction, and to make sure it’s available whenever you want to access it, data centers run extensive cooling systems to keep the electronics from overheating and have at least one backup generator in case of power outages. But how do they make sure that this data is secure in the cybersphere? Cloud systems use authentication processes like usernames and passwords to limit access, and data encryption to protect data that is stolen or intercepted. However, it’s important to remember that passwords can be hacked. Typically, the service provider holds the encryption keys to your data, meaning that rogue employees could, theoretically, access it. Likewise, your data could also potentially be searched and seized by government entities.
This begs the question: Trust or don’t trust? Because cloud storage companies live and die by their reputation, you can rest assured knowing that they go to great lengths to use the most advanced security techniques and provide the most reliable service possible. To help ensure the security of your data should you choose to store or back it up to the cloud, keep anything truly sensitive in a private cloud behind a firewall.
With an external hard drive, you can manually back up all your data and files yourself onto a physical device that you can access anytime. These drives are a reliable way to achieve data redundancy. An external hard drive doesn’t rely on internet access like cloud-based services and is an easy fix when transferring data to a new device. However, using external hard drives requires a more hands-on approach to backing up your data. It’s your responsibility to regularly perform backups yourself and store your hard drive in a safe location. While cloud solutions offer huge amounts of storage, storage space on hard drives are limited, so you may have to purchase more than one device. Look for an external drive with at least a terabyte of space to accommodate all your data, which tends to accumulate quickly.
As you’re cleaning out your garage and tidying up your home, take the same care to do some digital spring cleaning this World Backup Day. Give your devices, apps, and online accounts a good decluttering and gain more peace of mind knowing that all your valuable data is stored in a safe, secure place … and that you have a backup in case something goes awry. Remember, proactivity goes a long way toward shoring up your cybersecurity and protecting your information.
The post It’s World Backup Day! Here’s How You Can Preserve Your Files appeared first on McAfee Blog.
Well that was an unusual ending. Both my mouse and keyboard decided to drop off right at the end of this week's video and without any control whatsoever, there was no way to end the live stream! Wired devices from kids borrowed, I eventually got back control and later discovered that all things Bluetooth had suddenly decided to die without any warning whatsoever. I certainly wasn't updating drivers mid-live stream or anything like that so... 🤷♂️
Anyway, other than that it's business as usual this week, enjoy!
Didn't get a lot done this week, unless you count scuba diving, snorkelling, spear fishing and laying around on tropical sand cays 😎 This week is predominantly about the time we just spent up on the Great Barrier Reef which has very little relevance to infosec, IoT, 3D printing and the other usual topics. But as I refer to in the guitar lessons blog post referenced below, I share what I do pretty transparently and organically and this week, that's what I want to talk about. So, either enjoy it or skip it until next week when I'll back to business as usual 😊
It's back to business as usual with more data breaches, more poor handling of them and more IoT pain. I think on all those fronts there's a part of me that just likes the challenge and the opportunity to fix a broken thing. Or maybe I'm just a sucker for punishment, I don't know, but either way it's kept me entertained and given me plenty of new material for this week's video 😊
ruby-1200
A short one this week as the previous 7 days disappeared with AusCERT and other commitments. Geez it was nice to not only be back at an event, but out there socialising and attending all the related things that tend to go along with it. I'll leave you with this tweet which was a bit of a highlight for me, having Ari alongside me at the event and watching his enthusiasm being part of the industry I love 😊
At #AusCERT with Ari for “take your son to work” day 🙂
— Troy Hunt (@troyhunt) May 12, 2022
I’m up next on stream 2 at 14:45 talking about Pwned Passwords, the FBI, the NCA and giving the whole thing over to the community, come say hi! https://t.co/PqSgb1AjMS pic.twitter.com/Z88xIrrHYW
Data breaches, 3D printing and passwords - just the usual variety of things this week. More specifically, that really cool Pwned Passwords downloader that I know a bunch of people have been waiting on, and now we've finally released. It hits the existing k-anonymity API over 1 million times and that API is already going on 2 billion requests a month so I'm kinda curious to see what happens if everyone starts running the downloader at the same time... 🤔
So I basically spent my whole day yesterday playing with Ubiquiti gear and live-tweeting the experience 😊 This was an unapologetically geeky pleasure and it pretty much dominates this week's video but hey, it's a fun topic. Still, there's a bunch of data breach stuff up front and as I write this, 25M more records courtesy of the MGM breach are making their way up into HIBP. Get ready for a bunch of notification emails going out on that one. Here's this week's video:
I somehow ended up blasting through an hour and a quarter in this week's video with loads of discussion on the CTARS / NDIS data breach then a real time "let's see what the fuss is about" with news that one of our state's digital driver's licenses (DDL) may be easily forgeable. I think the whole discussion is actually really interesting when looked at through the lens of how on balance, a digitised license compares to a physical one. As you'll see, I think the reporting on this is overblown however... the weak encryption keys do seem like an oversight and the response of Service NSW to criticism has been lacklustre at best. Let's see how it goes in other states, I'll be first in line when they roll out in Queensland so I can finally start leaving my wallet at home!
How on earth does an enterprise rack-mounted NAS not come with rails to actually install it in the rack?! So yeah, that's what's in the box, something that should have been in the original box and not in a separate purchase. Just to add to the Synology packaging insanity, I went to install a couple of spare NVMe drives in it today and... there were no screws in the NVMe slots 🤦 I'll be doing the next four weekly updates from various locations around the country as we hit the road again, stay tuned for epic tweet threads of amazing locations 😎
Microsoft on Tuesday released software updates to fix 60 security vulnerabilities in its Windows operating systems and other software, including a zero-day flaw in all supported Microsoft Office versions on all flavors of Windows that’s seen active exploitation for at least two months now. On a lighter note, Microsoft is officially retiring its Internet Explorer (IE) web browser, which turns 27 years old this year.
Three of the bugs tackled this month earned Microsoft’s most dire “critical” label, meaning they can be exploited remotely by malware or miscreants to seize complete control over a vulnerable system. On top of the critical heap this month is CVE-2022-30190, a vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows.
Dubbed “Follina,” the flaw became public knowledge on May 27, when a security researcher tweeted about a malicious Word document that had surprisingly low detection rates by antivirus products. Researchers soon learned that the malicious document was using a feature in Word to retrieve a HTML file from a remote server, and that HTML file in turn used MSDT to load code and execute PowerShell commands.
“What makes this new MS Word vulnerability unique is the fact that there are no macros exploited in this attack,” writes Mayuresh Dani, manager of threat research at Qualys. “Most malicious Word documents leverage the macro feature of the software to deliver their malicious payload. As a result, normal macro-based scanning methods will not work to detect Follina. All an attacker needs to do is lure a targeted user to download a Microsoft document or view an HTML file embedded with the malicious code.”
Kevin Beaumont, the researcher who gave Follina its name, penned a fairly damning account and timeline of Microsoft’s response to being alerted about the weakness. Beaumont says researchers in March 2021 told Microsoft they were able achieve the same exploit using Microsoft Teams as an example, and that Microsoft silently fixed the issue in Teams but did not patch MSDT in Windows or the attack vector in Microsoft Office.
Beaumont said other researchers on April 12, 2022 told Microsoft about active exploitation of the MSDT flaw, but Microsoft closed the ticket saying it wasn’t a security issue. Microsoft finally issued a CVE for the problem on May 30, the same day it released recommendations on how to mitigate the threat from the vulnerability.
Microsoft also is taking flak from security experts regarding a different set of flaws in its Azure cloud hosting platform. Orca Security said that back on January 4 it told Microsoft about a critical bug in Azure’s Synapse service that allowed attackers to obtain credentials to other workspaces, execute code, or leak customer credentials to data sources outside of Azure.
In an update to their research published Tuesday, Orca researchers said they were able to bypass Microsoft’s fix for the issue twice before the company put a working fix in place.
“In previous cases, vulnerabilities were fixed by the cloud providers within a few days of our disclosure to the affected vendor,” wrote Orca’s Avi Shua. “Based on our understanding of the architecture of the service, and our repeated bypasses of fixes, we think that the architecture contains underlying weaknesses that should be addressed with a more robust tenant separation mechanism. Until a better solution is implemented, we advise that all customers assess their usage of the service and refrain from storing sensitive data or keys in it.”
Amit Yoran, CEO of Tenable and a former U.S. cybersecurity czar, took Microsoft to task for silently patching an issue Tenable reported in the same Azure Synapse service.
“It was only after being told that we were going to go public, that their story changed…89 days after the initial vulnerability notification…when they privately acknowledged the severity of the security issue,” Yoran wrote in a post on LinkedIn. “To date, Microsoft customers have not been notified. Without timely and detailed disclosures, customers have no idea if they were, or are, vulnerable to attack…or if they fell victim to attack prior to a vulnerability being patched. And not notifying customers denies them the opportunity to look for evidence that they were or were not compromised, a grossly irresponsible policy.”
Also in the critical and notable stack this month is CVE-2022-30136, which is a remote code execution flaw in the Windows Network File System (NFS version 4.1) that earned a CVSS score of 9.8 (10 being the worst). Microsoft issued a very similar patch last month for vulnerabilities in NFS versions 2 and 3.
“This vulnerability could allow a remote attacker to execute privileged code on affected systems running NFS. On the surface, the only difference between the patches is that this month’s update fixes a bug in NFSV4.1, whereas last month’s bug only affected versions NSFV2.0 and NSFV3.0,” wrote Trend Micro’s Zero Day Initiative. “It’s not clear if this is a variant or a failed patch or a completely new issue. Regardless, enterprises running NFS should prioritize testing and deploying this fix.”
Beginning today, Microsoft will officially stop supporting most versions of its Internet Explorer Web browser, which was launched in August 1995. The IE desktop application will be disabled, and Windows users who wish to stick with a Microsoft browser are encouraged to move to Microsoft Edge with IE mode, which will be supported through at least 2029.
For a closer look at the patches released by Microsoft today and indexed by severity and other metrics, check out the always-useful Patch Tuesday roundup from the SANS Internet Storm Center. And it’s not a bad idea to hold off updating for a few days until Microsoft works out any kinks in the updates: AskWoody.com usually has the dirt on any patches that may be causing problems for Windows users.
As always, please consider backing up your system or at least your important documents and data before applying system updates. And if you run into any problems with these updates, please drop a note about it here in the comments.
Well, we're about 2,000km down on this trip and are finally in Melbourne, which was kinda the point of the drive in the first place (things just escalated after that). The whole journey is going into a long tweet thread you can find below (or mute - that's partly why it's in a single thread):
It’s time for the next great road trip 🏎 pic.twitter.com/9B9k9cXQvH
— Troy Hunt (@troyhunt) June 14, 2022
Next week is NDC Melbourne so please get along to the event if you're in town, it's kinda amazing to think I'll finally be back at an NDC after all this time 😊
First up, I'm really sorry about the audio quality on this one. It's the exact same setup I used last week (and carefully tested first) but it's obviously just super sensitive to the wind. If you look at the trees in the background you can see they're barely moving, but inevitably that was enough to really mess with the audio quality. I do actually have a windsock for the mic, but it's in a drawer at home so for the remainder of this trip it'll be indoor recording only. Speaking of which, because there was a lot of enthusiasm for Charlotte and I to do one together on the cultural differences we've both experienced living in different parts of the world, that'll be next week's video. Less techie, but hopefully something you'll all enjoy 😊
FreshRSS 