What is your favorite PAID antivirus software for 2021?
7 members have voted
Recently Browsing 0 members
No registered users viewing this page.
Vodafone and Accenture team up to offer SMEs cybersecurity services
by Paul Hill
Vodafone has announced a partnership with Accenture to help get small and medium-sized enterprises (SMEs) set up with better cybersecurity. The announcement comes just two months after Vodafone called on the government to reduce the rate of VAT on cybersecurity products for SMEs down to just 5%.
The two firms have created the Vodafone Managed Security Services portfolio that includes a number of tools to protect and help the recovery of firms affected by cyberattacks, something which has been on the increase since the UK locked down last year. The new portfolio includes Cyber Exposure Diagnostic (CED), Penetration Testing/Vulnerability Assessment, and Phishing Awareness.
With Cyber Exposure Diagnostic, businesses can better understand how they would fare against a cyberattack and identify where attacks are most likely to happen in their setup. The Penetration Testing/Vulnerability Assessment offering will conduct simulated attacks on IT infrastructure to identify vulnerabilities before they're actually exploited. The Phishing Awareness service helps businesses educate staff on phishing attacks, adding an extra layer of defence.
Commenting on the partnership, Anne Sheehan, Business Director at Vodafone UK, said:
Vodafone has said that its security portfolio will soon be expanded with Breach Response, Forensic Services, Managed Detection and Response, and Managed Firewall. In addition, those that sign-up for the services will get round-the-clock access to Vodafone’s and Accenture’s teams of analysts and cyber specialists. To learn more, head over to the Managed Security Services product page.
By Usama Jawad96
Microsoft warns of widespread gift card scam targeting organizations
by Usama Jawad
Multiple types of security threats exist today including cryptojacking, malware, ransomware, phishing and more. Many of them use emails as attack vectors to lure in targets into sharing personal information or tricking them into installing malicious software on their devices. Today, Microsoft has issued an advisory against a widespread gift card scam that is targeting organizations.
Image via Shutterstock Attackers are utilizing business email compromise (BEC), which is a phishing technique to get access to business information or to steal money. In this particular campaign, attackers are targeting various industries including real estate, consumer goods, agriculture, and more by using typosquatted domains to trick recipients into thinking that they legitimately come from people they know.
Microsoft has outlined a classical example of a BEC gift card scam where an executive assistant receives an email from their boss saying that they want to reward their employees for their efforts during the pandemic, so the executive should immediately buy some gift cards and respond to the email with the codes so they can be shared among the team. The assistant does so, and eventually finds out that their boss never sent the email in the first place.
That said, Microsoft notes that the attack mechanism is not as simple as it appears. Attackers typically conduct detailed reconnaissance activities about the person they are impersonating, their target, and the company in general. Message headers occasionally contain a false "Re:" to indicate a prior conversation as well as typosquatted domains in reference headers that appear legitimate at first glance. Meanwhile, message bodies sometimes directly address the target with demands, and at other times they begin with small talk with a hint that they have a task for the target - the task being purchasing gift cards or making wire transfers for whatever reason. An example can be seen below:
Image via Microsoft Microsoft noted that after a successful attack, impersonators typically visit websites which allow them to convert gift card codes to cryptocurrencies or other foreign currencies untraceably. The chances that this is part of a coordinated campaign is high considering that Microsoft observed impersonation of 120 organizations using typosquatted domains which were registered just a few days prior to attacks. The company went on to say that:
As usual, Microsoft has recommended that organizations use Microsoft Defender for Office 365 which can detect potential attacks, identify user and domain impersonation, and increase aware among employees, among other things.
By Usama Jawad96
Microsoft announces Counterfit, an automation tool for security testing of AI systems
by Usama Jawad
Cybersecurity is at the forefront for Microsoft given increasing cyberattacks by sophisticated but malicious actors. The company is constantly updating its security infrastructure to protect itself against threats and advises its partners to do the same.
One overlooked aspect of an organization's tooling is typically the security of their AI systems. Microsoft plans to address this with the release of a new tool called Counterfit.
Image via The Indian Express Counterfit is an open source tool created by Microsoft to automate the security testing of an organization's AI systems. The ultimate goal is to give high confidence to companies that their artificial intelligence systems are robust and reliable, given how heavily they are used in various industries. Microsoft notes that out of the 28 organizations it surveyed, 25 felt that they didn't have the right mechanisms in place to protect AI systems and their security professionals are not well-equipped to handle threats against them.
Counterfit originally began as a set of scripts that could be used to attack AI models. Microsoft first used it in its own internal testing, but now, Counterfit has evolved to act as an automation tool that attacks multiple AI models at scale. The company says that it has become a staple tool of its own AI red team operations who use it to perform and automate adversarial security testing of AI services currently in development and production.
The benefits of using Counterfit are that it is environment-, model-, and data-agnostic. This means that it can be used on-premises, on the edge, in the cloud to test any kind of AI model that depends upon input data in virtually any form including text and images.
Microsoft has indicated that Counterfit is easy to use for security teams who utilize Metasploit or PowerShell Empyre. It can be used for penetration testing and vulnerability scanning, and it also logs attacks to AI models so data scientists can utilize its telemetry to further enhance the security of their AI systems.
You can head over to the open source project's GitHub page here to learn more about Counterfit and how you can deploy it at your organization.
NOD32 Antivirus / ESET Internet Security / Eset Smart Security Premium 126.96.36.199
by Razvan Serea
NOD32 for Windows is the best choice for protection of your personal computer. Almost 20 years of technological development enabled ESET to create state-of-the-art antivirus system able to protect you from all sorts of Internet threats. ESET Internet Security boasts a large array of security features, usability enhancements and scanning technology improvements in defense of your your online life.
ESET Internet Security
ESET Internet Security keeps your computer or laptop safe with intelligent multi-layered protection combining proven antivirus, antispyware, firewall, anti-rootkit and antispam capabilities. Based on ESET NOD32 Antivirus, it protects you from viruses, worms, spyware, and all Internet threats. It conserves resources and improves computer speed. You are protected at the highest level while you work, social network, play online games or plug in removable media.
ESET NOD32 Antivirus
Your best defense against viruses, trojans and other forms of malware—and the top choice for IT professionals. Powered by the ThreatSense® engine with advanced heuristics, which blocks far more unknown threats than the competition. The latest generation of the legendary ESET NOD32 Antivirus takes your security to a whole new level. Built for a low footprint, fast scanning, it packs security features and customization options for consistent and personalized security online or off.
ESET Smart Security
Ultimate protection for everyday web users, thanks to ESET’s trademark best balance of detection, speed and usability. Stay safe from viruses and spyware. Stay protected from ransomware - Blocks malware that tries to lock you out of your own data. Receive free support by email or telephone in your local language, wherever you are. Bank and shop online more safely - automatically secures transactions on internet banking sites, and helps to protect you on online payment gateways. Stop hackers from accessing your PC - Personal Firewall prevents hackers from gaining access to your computer and keeps you invisible when you use public Wi-Fi. Keep your kids safe online - block unwanted internet content by categories or individual websites and keep your kids safe online with Parental Control. Safer webcam and home router - Get an alert when anyone tries to access your webcam, and check your home router for vulnerabilities. Safely store passwords, and encrypt your data. Safely store, generate and prefill your passwords, and encrypt your files and removable media (USB keys). Includes protection for smartphones and tablets. Protect all of your devices - mix and match security protection for up to 3 or 5 devices.
New: support for device association with myESET New: activation flows + new icons New: association / disassociation flows for anti-theft New: reworked application statuses (now they are send into myESET account once device is associated) New: communicate device disassociation and deactivation from myESET in product New: Banking and payment protection: Secure all browsers setting in GUI (setup > Security tools) New: Banking and payment protection: “Setting” in badge of secure browser (Secure all browsers) – opens GUI > Setup > Security tools Improved: changed “license leaked” communication to “license overused” Improved: Banking and payment protection: user experience to enable Secure All browsers from browser Improved: Banking and payment protection: Badge smaller frame size Improved communication if port 53535 is not allowed Improved: Usability: Read out notifications by screen readers, fixed and added lot of elements to be read out by screen readers Other improvements and bugfixing Product updates changes:
- Program component update > setting changed to “Application feature updates” (Feature updates numbering: 14.2, 15, 15.1 ,…) - Hotfixes are applied also for disabled “Application feature updates” (Hotfixes numbering: 188.8.131.52, 184.108.40.206,..) Download: ESET NOD32 Antivirus 220.127.116.11 (32-bit) | NOD32 Antivirus 64-bit | ~180.0 MB (Free Trial)
Download: ESET Internet Security 18.104.22.168 (32-bit) | ESET Internet Security 64-bit
Download: Eset Smart Security Premium 22.214.171.124 (32-bit) | Eset Smart Security Premium 64-bit
Link: ESET Home Page
Get alerted to all of our Software updates on Twitter at @NeowinSoftware
By Usama Jawad96
Google banned over 100,000 malicious developers in 2020
by Usama Jawad
The Play Store is not exactly known for its security, but Google continually makes efforts to improve the overall situation. To that end, the company has now disclosed the various methodologies it used to fight malicious apps and developers in 2020, and has shared some accompanying statistics as well.
In 2020, over 100 billion installed apps were scanned by Play Protect on a daily basis. Play Protect was introduced back in 2017 to give users more visibility over Android security. With 2020 being a particularly difficult year due to growing fake news, U.S. elections, as well as people scrambling to find reliable information regarding COVID-19 and vaccines, Google took several steps to ensure that apps do not harm users via misinformation.
Among these was the requirement that apps dealing with sensitive use-cases such as displaying information about COVID-19 testing sites should meet a high-level of user data privacy and should be endorsed by government or healthcare authorities. New guidelines were introduced for apps which market themselves as "News" to improve transparency for users of the Play Store. Finally, specific teams and processes were put in place to focus on U.S. elections and to prevent related abuse via the Play Store.
Google's machine learning algorithms stopped over 962,000 apps from release on the Play Store because they violated certain policies. In the same vein, 119,000 malicious and spammy developer accounts received the banhammer.
Other enhancements include the review of all apps requesting access to location in the background and enforcing developers to provide user benefit when they request this information. Apps which do not follow these guidelines will be removed from the Play Store. Google plans to disclose more information about this process soon.
Lastly, the company also released a new tab in the Play Store containing "Teacher approved" apps, containing recommendations from academic experts and advisors.
Google says that it will continue investing in efforts that prevent malicious content from being distributed in the Play Store. The company hopes to build and sustain trust not only with users, but developers as well. It noted that its enforcement actions in the past year have resulted in increased developer satisfaction and a reduced number of appeals overall.