6 Simple Precautions for a virus free PC aka Digital Life

6-simple

Affordable and easily accessible internet connectivity has turned most of us into digital natives. From social media to making online payments, the internet has become an integral part of our being.
All this convenience comes at its own cost. There is a greater security risk to spending so much time online which may result in data theft, stolen identity or a system crash.
To ensure maximum cyber-security in our daily lives, here are 6 tips you can implement right away.

1) Beware of suspicious sources and non-secure websites
Be wary of emails with catchy subject-lines that promise enormous discounts on products or services from unfamiliar vendors. In most probability these could be scam websites, which are trying to hack into your system. Never open links or download attachments with the extensions “.exe”, “.com”, “.shs”, “.scr”, “.pif” and do not trust the file names either. For example, “fungames.exe” could actually be a virus or malware, disguised as a game.
Always look for the green lock in the address bar and “https://” at the start of the URL, before proceeding further on unfamiliar websites, banking sites, or before making online payments.
The rule of thumb is: Never reveal sensitive information on websites unless you are sure of its authenticity.

2) Scan Everything
While copying files from one machine to your PC with a pen-drive or any other external device, always run an anti-virus scan. It might take a minute or two longer, than if you didn’t but it will definitely ensure your system remains healthy and free of any viruses.

3) Auto Sync and Scans
New viruses are created daily or resurface as different variations of worms, Trojans, malicious malware or adware. To prevent these viruses from harming our systems, it is best to schedule a manual update or scan regularly. Ideally, it is recommended that your anti-virus software is updated automatically once the system starts up and is running at all times. If you have just bought a new system, ensure that your anti-virus software settings allow for an automatic update, scan and removal of viruses, if found.

4) Secure your Internet Network
Here are some ways to ensure your network is secured and not exposed to any cyber-attacks:
– Keep a strong password to access the internet
– Never broadcast your password or SSID (name of your connection)
– Use WPA and WPA2 encryption
– Avoid using a free Wi-Fi service
– Set the High security and privacy settings of your browser.

5) Keep a Strong Password
A strong and complex password is your first line of defense against any spyware or malware. Hackers find it difficult to break password that has a combination of alphanumeric characters in both upper and lower case, includes a special character, and is at least 8 characters in length. Avoid using the same password or username for multiple things, like net banking, email etc. In short, keep it easy to remember but difficult to guess.

6) Activate a Firewall
To activate firewall on a Windows PC: Go to ‘Control Panel’ and ‘Firewall’ in the search bar. While, for a Mac , go to ‘System Preferences’ in the toolbar, click on ‘Security’ and next on ‘Firewall’.

Bottomline:
There is no escape from being digitally connected but there is escape from viruses. Not only do we have to save our personal information from getting stolen, or identity getting compromised in the digital ecosystem but, we also have to be prepared with a fall back plan, in case something does go wrong.

Install Max Total Security, it is the fastest and the smartest Antivirus solution for your PC with scheduled data backup.

After all, prevention is better than cure.

Antivirus of 2018 – 8 Must Have features

antivirus
In our previous post we covered the top 5 viruses which haunted us in 2017 and how to prevent them. Today we will cover the top 8 features you must look for before investing in an antivirus software in 2018.

Among all the features, I would recommend that we look for a total security product which provides complimentary 24×7 365 DAY technical support so that no matter where you are , there is someone you can bank on , in case your pc gets infected and help you at no cost to you.

1. Auto-Scan
Though it may sound very basic, but it is one of the important features of an antivirus software. How frequently does the antivirus software automatically scan your computer system for any virus? An effective antivirus software should have a default schedule to perform in real-time to ensure no malicious infects your computer files.

2. Active Monitoring-Automatically detect virus if they try to download from network or internet or copied form external drives.

3. Live Update-Automatic , frequent live updates.

4. Application White Listing: This should allow only applications I allow in a list and block any other, a prefect way to safety.

5. Browser white Listing: Only allow websites I want to browse and block any other, menaing no malware can eneter through internet.

6. Application access control: Only give access of internet to applications that I allow sos no application can connect to internet to act as BOT to bring down Trojans or Worms.

7. USB manager: So after application, network and internet, the last way for malware to get into your PC is through external devices such as USB. You can manage that by automatic scanning as soon as USB drive is attached and preventing execution of any file from the external device. This means you are completely secure.

8. Auto-Quarantine: Anti Virus software should be intelligent enough to decide to delete or repair without asking questions, does not expect me to be a tech wiz.

Max Total Security is both robust and reliable, has everything you expect from an Anti-Virus, gives you a complete malware and internet usage protection. An effective antivirus software will not only defend your system but make the process seamless without slowing down your computer. Research the best antivirus for your personal computer before making an informed decision.

How to prevent cyber attacks?

cyber-attack

1. Install Anti-Virus software – If your PC isn’t antivirus protected, you must invest in the Best performing Antivirus Software. An Anti-Virus will stop any malware program from infecting your device.

2. Install a Firewall – A Firewall acts as a filter or a barrier, to secure your device against any unauthorized program from executing, and keeping it safe. You must keep the firewall on to keep you notified about unauthorized access

3.Keep strong passwords – A strong and complex password is your first line of defense to any spyware or malware. Hackers find it difficult to break passwords that are at least 8 characters in length, and a combination of alpha numeric characters in both upper and lower case, including a special character.

4. Don’t use the same password for multiple services

5. Enable two-factor authentication– Many services, including Google, offer two-factor authentication for logging into your account. Instead of simply entering a username and password to log in, the website will prompt you to enter a code sent to your smartphone to verify your identity.

6. Do not click on suspicious emails, pop-ups or download pirated files – You may be curious to open an email with a very attractive subject line coming from a stranger, but don’t as it could be a malware. Similarly, if you don’t trust the source never click the link or attachment or download. Never click on pop-ups, this could again be a sign of malware or adware.

7. Security settings of the browser – You can review and set security and privacy settings of your browser to a difficult level. You can choose to not allow websites access your movement or information that easily.

8. Apply software updates– when necessary. Apple, Google, and Microsoft typically include security bug fixes and patches in their most recent software updates. So don’t ignore those annoying prompts and keep your software up-to-date.

9. Check the app publisher before installing

10. Make sure a website is secure before you enter personal information

11. Don’t send personal data via email

Bottomline:
As our lives become more digitally driven, we need to be alert and stay one-step ahead to fight any kind of malicious computer viruses, worms or trojans that could crawl into our systems; and pose potential threat to our data security and privacy.

Don’t fret, even if a virus is detected in your system, you can regain control of it quickly and easily by eliminating Spyware & Adware that invade your privacy and security using Max Total Security by Max Secure Software.

5 Viruses that haunted 2017

threat image
CryptoLocker
Internet threat is a major concern for all internet users. Hacking, spamming and data-theft is a common trait in today’s digitally connected world. Personal data can easily be compromised by clicking on a malicious email or downloading a third party software or even using an infected pen-drive. At times, small inadequacies in our network infrastructure or email system or firewall or anti-virus software can give hackers an opportunity to infect our computers with viruses that can have telling effect in our personal lives.

CryptoLocker is a ransomware that spread through an email attachment. The hacker encrypted the user’s files and then, sent a decryption key in return for a ransom. If the victims didn’t pay, they lost all their files. As a result, holding the computers hostage this ransomware held 5 million victims and, made $30 million on 100 days.

I Love You
This email-based worm is the most deadly worm ever created, as recorded by the Guinness World Record as the most ‘virulent’ of all times. It infected 10% of the world’s computers that were connected to the internet, causing a damage of $15 billion worldwide. Many corporations had to take their email system offline once they heard of it. The virus came in an email with a subject line that said “I love you”.

Sasser
Sasser is a highly disruptive virus that initially slows down a computer and then, crashes it; Making it hard to even reset without power connectivity. It spread by taking random IP addresses to download the virus. Millions of computers were infected last year with Sasser costing a damage close to $31 Billion. Worst, it brought one-third of the post offices in Taiwan to a halt, rail and transatlantic flights had to be cancelled, and 130 branches of a Finnish bank were forced shut.

Conficker/Kido
This worm made a resurgence in 2017, causing major problems for Windows users. The virus aimed at obtaining administrative passwords in order to steal personal information.

Code Red
The Code Red bug replicated itself into hundred copies and exploited a buffer overflow vulnerability in the system. This bug infected close to two million servers, mostly running on the Microsoft’s IIS webservers. Around $2 billion was lost in productivity. Every affected webpage by Code Red had a message “Hacked by Chinese!” left on it.

Some other deadly virus were Notpetya and WannaCry. They allegedly demanded Bitcoin ransom payments. Like “I love you” email worm, Melissa and MyDoom caused major havoc too. In fact, MyDoom allegedly struck hi-tech companies likes Microsoft, Google with spam junk mails through infected computers. The cost of this malware was $38 Billion.

Best way to protect your devices from such Malware is to keep updated copy of a good Total Security solution such as Max Total Security. We will talk more about in next blog on what measures to take to prevent your devices from malware attacks.

Police, security vendors take down Andromeda botnet

Suspected bot master arrested in Belarus.

A joint operation between international law enforcement agencies, Microsoft and several security vendors has dismantled the Andromeda botnet responsible for infecting millions of computers around the world.

The botnet take-down was co-ordinated by the FBI in cooperation with Europol and German police.

Andromeda, which is also known as Gamarue, was used to distribute other malware and has been active since September 2011. It’s been linked with 80 other malware families and was used for the worldwide Avalanche botnet that was taken down in December last year. Belarus state media said the 37-year-old man earnt US$500 per sale of Andromeda, and US$10 per update for the malware. The total of revenues brought in by the malware business is yet to be ascertained.

The man’s hard drives, other data storage, and digital wallets have been seized by Belarus police and are being investigated.

Some 1500 domains associated with Andromeda were sinkholed, a technique used to prevent computers infected with the malware from reaching command and control servers by redirecting traffic to servers controlled by security vendors.

Microsoft said in 48 hours of sinkholing, around two million unique IP addresses of infected machines across 223 countries were recorded.

Over half of the total number of computers running the Andromeda malware remain infected. The sinkholing will remain in place for another year globally, including in Australia. Microsoft said its telemetry shows almost 1.1 million computers a month were infected by Andromeda this year.

It was used to steal credentials and download and install further malware on infected computers. This means Andromeda-infected computers are likely to harbour other malware such as the Neutrino distributed denial of service attack bot, as well as the Kelihos and Lethic spamware. Andromeda is modular malware and its functionality can be expanded with plug-ins such as keyloggers and form grabbers to capture and ex-filtrate users’ personal information.

The malware has spread worldwide through social media, instant messaging, spam, and removable hard drives.

It would detect if a target system’s keyboard layout was set to Russian, Ukrainian, Belarus or Kazakh languages – if so, Andromeda would exit without doing anything malicious.

Man Hacks Jail Computer Network To Get Inmate Released Early

So, now Malware network is not just limited to annoying ads, loss of business and data to Ransom ware, slow PC, poor internet bandwidth but social engineering is being used to release prison inmates. He was unsuccessful this time but you never know next time what other cyber attackers could do using malware.

A Michigan man pleaded guilty last week to hacking the computer network of the Washtenaw County Jail, where he modified inmate records in an attempt to have an inmate released early. To breach the jail’s network, the attacker used only spear-phishing emails and telephone social engineering.

The man named Voits called jail employees and posed as local IT staffers, tricking some into accessing a website, and downloading and installing malware under the guise of a jail system upgrade. According to court documents starting from approximately January 24, 2017, and until March 10, 2017, Voits used email spear-phishing and telephone social-engineering to trick Washtenaw County Jail employees into downloading and running malware on their computers.

Voits sent emails to jail staff posing as a man named “Daniel Greene” and asked for help with obtaining court records, and later also registered the domain “ewashtenavv.org,” a look-alike of “ewashtenaw.org,” the Washtenaw County’s official portal. Despite his efforts, the email spear-phishing campaigns were unsuccessful, and in mid-February, Voits switched to calling county jail employees.

During his calls, investigators said Voits posed as “T.L.” and “A.B.,” two actual Washtenaw County Jail, both working in the jail’s IT department. Telephone calls were successful. Some jail employees fell for Voits’ scheme and installed malware on their computers.

“Through the installation and use of this malware, Voits was able to gain full access to the County network, including access to sensitive County records such as the XJail system (the computer program used to monitor and track inmates in the County Jail), search warrant affidavits, internal discipline records, and County employee personal information,” the plea agreement reads.

The FBI says Voits was able to obtain information, including passwords, usernames, emails, and other personal information of over 1,600 County employees. Once Voits had access to this data, investigators said he accessed the XJail system, searched and accessed the records of several inmates, and modified at least one entry “in an effort to get that inmate released early.”

Jail employees noticed the modification right away and alerted the FBI soon after, realizing what happened. The Washtenaw County Jail also hired a security company specialized in incident response to clean its IT network.

Jail officials said they paid $235,488 “to determine the full extent of the breach, to reimage numerous compromised County hard drives, to verify the accuracy of the electronic records of nearly every then current County Jail inmate, and to attempt to reassure the 1,600 County employees whose personal data had been compromised by purchasing an identity theft program for County employees.”

After pleading guilty last week, Voits now faces up to ten years in prison and a fine of up to $250,000. Voits also had to forfeit all the electronics equipment he used to carry out his attacks — a laptop, four phones, one circuit board, and an undisclosed amount of Bitcoin. Voits remains in custody.The man as arrested a month later and is now awaiting sentencing (maximum 10 years and a fine of up to $250,000).

Google Bans Android Apps That Show Lockscreen Ads

Google Play Developer Policy Center, Google has banned apps from the Play Store that show ads on the lockscreen.
As the new policy clearly states, only apps whose sole purpose is to interact and improve the lockscreen are allowed to show ads.

Apps like photo editors, VPNs, malware scanners, password managers, or others, whose role and purpose are quite evident, cannot utilize the lockscreen to monetize installs.

The policy will apply only to apps uploaded and made available through the Play Store. Google did not specify when it will start pulling apps from the store that break this policy, but it’s expected that a formal announcement will be made in the following days.

The policy change is long overdue, as lockscreen ads are often so invasive that they sometimes appear on top of the PIN pad, or other legitimate features.

There have also been instances when badly implemented lockscreen ads have intervened with the actual device screen-locking function and allowed third-parties to bypass the phone’s PIN.

Nevertheless, in most cases, shady app developers have misled users with false promises into using their custom lockscreen, which then rotated through various ads while the phone was charging, earning the app developer a profit.

Beware of iGotYou Ransomware

The IGotYou Ransomware is being delivered through spam email messages. As part of a spam email campaign, computer users will receive emails that seem to come from legitimate sources such as FedEx, DHL, Amazon or Paypal. The message prompts them to open a file attachment, typically a Microsoft Word document. When the victim opens the file, a corrupted script downloads and installs the IGotYou Ransomware onto the victim’s computer. The IGotYou Ransomware functions like most encryption ransomware Trojans, using a strong encryption method to make the victim’s files inaccessible. This allows the IGotYou Ransomware to take the victim’s files hostage since they can only be recovered with a decryption key that the cybercrooks hold in their possession. The IGotYou Ransomware will deliver a ransom note threatening the victim with the permanent deletion of the affected files unless the victim pays a large monetary ransom.

After the IGotYou Ransom ware encrypts the victim’s files, it delivers a ransom note to the victim’s machine. Computer users will find a program window titled ‘Files Encrypted’ that appears on their computers after Windows starts up. This program window asks the victim to pay 10,000 INR using Paytm, a regional online payment method similar to PayPal or Venmo. It is not a recommended decision pay the IGotYou Ransom ware ransom. It is very unlikely that the people responsible for the attack will restore the victim’s files, and computer users that pay the ransom may be targeted for further attacks because they have shown a willingness to pay. Furthermore, paying the IGotYou Ransom ware ransom allows the cyber crooks to continue financing these attacks, developing new encryption ransom ware Trojans and carrying out new tactics. Instead of paying the ransom, computer users should restore their files from a backup copy.

Max Total Security provides secure back up on your hard disk which can not be encrypted by Ransomware and can be used to recover your files. In addition to that Max Total Security provides protection from such Crypto Ransom ware.

BASS-FES Ransomware

BASS-FES (BitchASS File Encryption System) is a ransomware-type cyber threat that is based on the HiddenTear project. The virus uses AES cryptography and appends the .basslock file extension to the encrypted files. Then it drops a ransom note called “the BASS the File the Encryption the Service Notice.txt” on the affected computer’s desktop. The ransom payment is demanded in 1 BitCoin.

BASS-FES ransomware might also distribute its payload file on social media and file-sharing services. Freeware which is found on the Web can be presented as helpful also be hiding the malicious script for the cryptovirus. Refrain from opening files right after you have downloaded them. You should first scan them with a security tool, while also checking their size and signatures for anything that seems out of the ordinary.

That ransom message appears after encryption is completed and reads the following:

“File Recovery Notice by BitchASS File Encryption System (BASS-FES)
Your files have been successfully encrypted and backuped in the cloud storage by BASS File Encryption System.
If you want to recover your files, please send 1 BTC to the following adress:
18Cgi9ADqH9NsG6zqW2xEh7wl6dQM6Rvix
If you sent 1 BTC to the adress, email at bitchasshole@protonmail.com with your Bitcoin adress.”

You should NOT under any circumstances pay the ransom. Your files may not get restored, and nobody could give you a guarantee for that. Plus, giving money to cybercriminals will likely motivate them to create more ransomware viruses or commit other crimes. We recommend using Max Total Security with ” Max Crypto Monitor ” to keep your pc safe and use its Data restore feature if ever something likes this happens.

Cyber Security Predictions -2018

The year 2018 will bring more connectivity, digital transformation initiatives, and data to companies, along with a number of new cybersecurity threats and landscape changes. Biggest areas that require extra attention are cloud computing and the internet of things, or IoT. The IoT includes the growing list of connected devices like smart thermostats, smart aquariums and smart light bulbs. Such electronics often come with security vulnerabilities that leave networks open to exploitation from hackers. For instance, hackers discovered a man-in-the-middle vulnerability in a smart refrigerator back in 2015 that granted them access to users’ gmail accounts.

Once an IoT device gets synced with a laptop, smartphone or tablet, all of the data on those machines can be compromised. Unfortunately, many of the IoT devices being manufactured today rely on cheap electronics that are incapable of supporting the security protocols that have become standard in other mobile devices. Even if a product is designed to meet the latest security standards, most IoT devices aren’t set up to receive automatic updates, so they remain vulnerable to new types of malware.

Cybercriminals will use ransomware to shut down point of sale systems. Many merchants have updated their payment systems to use end-to-end encryption and prevent criminals from obtaining credit card data from point of sale (POS) systems. This has led criminals to turn to ransomware as a means of monetizing an attack, as opposed to stealing and selling data.

Cyber terrorism also poses a threat to all humanity since successful attacks on power grids could have deadly consequences if hospitals, subways and other public services get disrupted.

IT security skills are already in high demand, and the need for new IT professionals will continue to increase with the digital transformation. Unfortunately, there may not be enough talent to fill all of the new job openings. Various reports estimate that up to 3.5 million IT security jobs will be unfilled in 2021 due to a severe talent shortage.

Government agencies and business leaders must partner together to recruit more young IT professionals, and universities will need to expand their curricula as data governance and AI technologies become more embedded into the fabric of society. Rather than maintaining a defensive approach to cyber security, the IT teams of the future could use artificial intelligence to predict threats before they arise. So there will be more application of Machine learning and Artificial Intelligence in threat detection.