Mon – Fri: 08:00am – 4:00pm, Sat-Sun: Closed

PC MADNESS
PERTH IT SPECIALIST


Cloud Services, Business IT Support, Web & Design Services,
Computer Store - Sales & Service for PERTH WA.

Webroot Endpoint Protection

Webroot

What is endpoint protection?

Endpoint protection, or endpoint security, is a general term that describes cybersecurity services for network endpoints, like laptops, desktops, smartphones, tablets, servers, and virtual environments. These services may include antivirus and antimalware, web filtering, and more.

Endpoint protection helps businesses keep critical systems, intellectual property, customer data, employees, and guests safe from ransomware, phishing, malware, and other cyberattacks.

Why businesses need endpoint protection

Criminals are constantly developing new ways to attack networks, take advantage of employee trust, and steal data. Smaller businesses may think they’re not a target, but that couldn’t be further from the truth. In fact, small businesses with 100 employees or fewer now face the same risk of attack as a 20,000-employee enterprise.*

No matter their size, businesses need reliable endpoint security that can stop modern attacks. And since most companies are subject to some form of compliance and privacy regulations, protection for endpoints is 100% necessary to help businesses avoid hefty fines and damage to their reputation due to a security breach.

Why Our Endpoint Protection is Different

We designed our solutions to put time back in your day, so you can maximize profitability.

Stop sophisticated cyberattacks

  • Next-generation protection
  • Contextual threat intelligence
  • Industry-leading efficacy

Streamline management

  • Cloud-based console
  • Fast deployment & scans
  • RMM, PSA & BI integrations

Save time and money

  • Lower TCO & flexible billing
  • No software conflicts
  • No reimaging
Webroot® Evasion Shield
The Evasion Shield:

* Protects against file-based and fileless script attacks
* Blocks malicious JavaScript, VBScript, PowerShell, macros, and more
* Enables admins to detect scripts running in their environments
* Allows whitelisting for legitimate scripts

For more details, visit the Webroot Community.
This image has an empty alt attribute; its file name is image-1.pngMinimize business disruption
Managed detection and response (MDR) solutions help enable real-time threat detection and response, maintain compliance and lower the risk of the business downtime. They optimize existing security investments and reduce the impact of successful attacks. With our MDR solutions, businesses benefit from best-in-class, AI-powered threat intelligence augmented by “always there” human experts.

Detect and respond to threats like Ransomware with our tailored MDR solutions:

Webroot MDR powered by Blackpoint
Gartner-recognized MDR service using patented SNAP-Defense, NICOS network tap and third-party integrations
SOC with experienced MDR team to monitor, hunt and respond to threats
Competitively priced offering with more capabilities than competitors
Guided by a board of ex-national security leadership

OpenText MDR
AI-powered threat detection
Award-winning threat intelligence
99% detection – highest in the industry
97% alert noise reduction

Contact PC Madness Today

PC Madness can help and setup onsite or remotely your Security application to better protect you from today’s threats. Contact our office today to enquire and get more information how this product can help you secure your pc and network needs.

Call today PC Madness – 9250 4554

Staying a Step Ahead of the Hack

by Steven Jurczak

Hackers, never at a loss for creative deception, have engineered new tactics for exploiting the weakest links in the cybersecurity chain: ourselves! Social engineering and business email compromise (BEC) are two related cyberattack vectors that rely on human error to bypass the technology defenses businesses deploy to deter malware.

Social Engineering

Social Engineering is when hackers impersonate trusted associates or acquaintances to manipulate people into giving up their passwords, banking information, date of birth or anything else that could be used for identity theft. As it turns out, it’s easier to hack our trust than our computers. Social engineering covers a range of tactics:

  • Email from a friend or family member – A hacker gets access to the email password of someone you know. From there, they can send you a malicious link in an email that you’re more likely to click on because it came from someone you trust.
  • Compelling story (pretexting) – This includes urgently asking for help. This can read like, “Your friend is in danger and they need your help immediately – please send me money right away so they can get treatment!”
  • Standard phishing tactics – Phishing techniques include website spoofing emails appearing to come from an official source asking you to reset your password or confirm personal data. After clicking the link and entering the info, your security is compromised.
  • “You’re a winner” notifications ­– Whether a lottery prize or a free trip to Cancun, this tactic catches many off guard. It’s known as “greed phishing” and it takes advantage our fondness for pleasure or weakness for the word “free.”

Business Email Compromise

Business email compromise is a targeted attack against corporate personnel, usually someone with the authority to request or fulfill a financial transaction. Victims execute seemingly routine wire transfers to criminals impersonating legitimate business associates or vendors.

This form of fraud relies on a contrived pretext to request a payment or purchase be made on the attacker’s behalf. According to the FBI, BEC attacks resulted in more than $26 billion (you read that right) between June 2016 and July 2019. Here are a few tips for protecting users and businesses from BEC attacks:

Slow down – BEC attacks combine context and familiarity (an email from your boss) with a sense of urgency (I need this done now!). This causes victims to lose their critical thinking capabilities.

Don’t trust, verify – Never use the same channel, in this case email, to verify the identity of the requester. Pick up the phone and call, or use video chat.

Prepare for the inevitable – Use all the technology at your disposal to ensure a BEC attack doesn’t succeed. Machine learning-enabled endpoint security solutions can help identify malicious sites.

Address the weakest link – Train users to spot BEC attacks. Webroot testing shows that phishing simulations can improve users’ abilities to spot attacks.

Perfecting Your Posture

Webroot Security Intelligence Director, Grayson Milbourne, offers several suggestions that companies can do to increase their security posture. First, he says, “Whenever money is going to be sent somewhere, you should have a two-factor verification process to ensure you’re sending the money to the right person and the right accounts.”

Milbourne is also a big advocate of security awareness training. “You can really understand the security topology of your business with respect to your users’ risk factors,” he says. “So, the engineering team might score one way and the IT department might score another way. This gives you better visibility into which groups within your company are more susceptible to clicking on links in emails that they shouldn’t be clicking.”

With the increase in scams related to the global COVID-19 pandemic, timely and relevant user education is especially critical. “COVID obviously has been a hot topic so far this year, and in the last quarter we added close to 20 new templates from different COVID-related scams we see out in the wild,” Milbourne says.

“When we look at first-time deployment of security awareness training, north of 40% of people are clicking on links,” Milbourne says. “Then, after going through security awareness training a couple of times, we see that number dip below 10%.”

Webroot: (NEW) Privacy and Security with DNS over HTTPS (DoH)

Webroot
NEW: Privacy and Security with DNS over HTTPS (DoH)

DNS has been around since 1983 and has worked brilliantly at resolving all internet domain requests for both IPv4 and the newer IPv6 address spaces. However, DNS was not built with privacy or security in mind, as it communicates all requests in clear text.

To make DNS more secure for users, the new DNS over HTTPS (DoH) protocol encrypts the requests using the same HTTPS encryption used when connecting to a secure website. All the major web browsers are beginning to support DoH, but this incredible privacy enhancement can also bring some security drawbacks.

What exactly is DNS over HTTPS (DoH)?

DoH is an initiative to prevent eavesdropping and manipulation of DNS request data by third parties, whether for malicious purposes, governmental control, or commercial reasons. DoH adds encryption to these requests, thereby hiding them from prying eyes and ensuring the privacy and security of the overall connection.
 

Why is DoH a problem for IT security?

Adding privacy can come at a cost. From a security perspective, the rapid adoption and usage of DoH could blindside security administrators and prevent them from extracting useful cybersecurity information by monitoring and analyzing their DNS request traffic logs.

Additionally, some applications can be configured to use DoH directly. As this bypasses the system’s configured DNS server, it presents issues with filtering and accuracy of the DNS requests.

How does Webroot DNS Protection handle DoH?

If all DNS requests are encrypted, then admins can lose considerable visibility and control in terms of web filtering security. When applications are capable of making DNS requests independently, it defeats the value of web filtering by circumventing the in-place protections. To correctly leverage the advantages of DoH, every DNS request on a must be passed via DoH, applications must be prevented from making rogue DNS requests, and filtering and logging must be maintained.

With our latest enhancements, Webroot DNS Protection now combines the privacy benefits of DoH with the security benefits of DNS-layer protection powered by Webroot BrightCloud®️ Web Classification intelligence. Our service leverages the advantages of DoH by encrypting and managing the DNS requests for the entire system, and then securely relaying these requests via DoH to the Webroot resolvers. This way, admins retain control of DNS and are able to filter and log, while the user and business benefit from the additional privacy and security.

Where can I learn more?

Check out our new DoH resources for more info:

Written by freydrew – Community and Advocacy Manager of webroot

Microsoft Edge: Protect against potentially unwanted applications (PUAs)

Overview

Potentially unwanted applications aren’t considered to be viruses or malware, but these apps might perform actions on endpoints that adversely affect endpoint performance or use. For example, Evasion software actively tries to evade detection by security products. This kind of software can increase the risk of your network being infected with actual malware. PUA can also refer to applications that are considered to have poor reputation.

Protect against PUA with Microsoft Edge

Microsoft Edge (version 80.0.361.50 or later) blocks PUA downloads and associated resource URLs.

You can set up protection by enabling the Block potentially unwanted apps feature in Microsoft Edge.

To enable PUA protection:

  1. Open Settings in the browser.
  2. Select Privacy and services.
  3. In the Services section, check to see that Microsoft Defender SmartScreen is turned on. If not, then turn on Microsoft Defender SmartScreen. The example in the following screenshot shows the browser is managed by the organization and that Microsoft Defender SmartScreen is turned on.
  4. In the Services section, use the toggle shown in the preceding screenshot to turn on Block potentially unwanted apps.
security-pua-setup
Edge security-PUA-setup

block against PUA-associated URLs

After you turn on PUA protection in Microsoft Edge, Windows Defender SmartScreen will protect you from PUA-associated URLs.

There are several ways admins can configure how Microsoft Edge and Windows Defender SmartScreen work together to protect users from PUA-associated URLs. For more information, see:

Admins can also customize the Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) block list. They can use the Microsoft Defender ATP portal to create and manage indicators for IPs and URLs.

Protect against PUA with Windows Defender Antivirus

The Detect and block potentially unwanted applications article also describes how you can configure Windows Defender Antivirus to enable PUA protection. You can configure protection using any of the following options:

When Windows Defender detects a PUA file on an endpoint it quarantines the file and notifies the user (unless notifications are disabled) in the same format as a normal threat detection (prefaced with “PUA:”.) Detected threats also appear in the quarantine list in the Windows Security app.

PUA notifications and events

There are several ways an admin can see PUA events:

  • In the Windows Event Viewer, but not in Microsoft Endpoint Configuration Manager or Intune.
  • In an email if email notifications for PUA detections is turned on.
  • In Windows Defender Antivirus event logs, where a PUA event is recorded under event ID 1116 with the message: “The antimalware platform detected malware or other potentially unwanted software.”

 Note

Users will see “*.exe has been blocked as a potentially unwanted app by Microsoft Defender SmartScreen”.

Allow-list an app

Like Microsoft Edge, Windows Defender Antivirus provides a way to allow files that are blocked by mistake or needed to complete a task. If this happens you can allow-list a file. For more information, see How to Configure Endpoint Protection in Configuration Manager to learn how to exclude specific files or folders.

PCMadness Recommends the New Microsoft Edge as the choice of browser to use.

NEW: Webroot Evasion Shield

Webroot Evasion Shield

It’s coming folks! We’re starting the rollout of the new Webroot® Evasion Shield. This critical security layer uses brand new, patented Webroot technology to detect, block, and quarantine evasive script attacks—including file-based, fileless, obfuscated, or encrypted threats—to help businesses become more resilient against advanced cyberattacks. The shield will also prevent malicious behaviors from executing in PowerShell, JavaScript, VBScript, and more, which are often used to launch evasive attacks. Get an overview of how it works in the video below.

Who’s going to get the new shield?

Every Webroot Business Endpoint Protection customer will benefit from the new shield. It doesn’t cost extra and you don’t have to install it separately. However, please make sure all your endpoints are using the 9.0.28.00 version of the Business Endpoint Protection agent or higher. Earlier agent versions will not fully support Evasion Shield malicious script protection.

Will the new shield start protecting me right away?

The shield is turned OFF by default. We designed it that way because many admins use legitimate custom scripts in their environments, and nobody likes a false positive. We recommend enabling the shield with the Detect and Report setting first, so you can see all the scripts that are currently running and whitelist any that you don’t want flagged. (See more on this in our FAQs, linked below.)

Written by Frey Drew Community and Advocacy Manager
 

2020 Webroot Threat Report

phising2020

2020 Webroot Threat Report: Phishing Attempts Grew by 640% Last Year

The annual Webroot Threat report was recently released, highlighting not only the agility and innovation of cybercriminals who continue to seek out new ways to evade defenses, but also their commitment to long-established attack methods. Most notably, Webroot observed a 640 percent increase in phishing attempts and a 125 percent increase in malware targeting Windows 7. The report is derived from metrics captured and analyzed by Webroot’s advanced, cloud-based machine learning architecture: the Webroot Platform.

“In the cybersecurity industry the only certainty is that there is no certainty, and there is no single silver bullet solution,” said Hal Lonas, Senior Vice President and CTO, SMB and Consumer, OpenText. “The findings from this year’s report underline why it’s critical that businesses and users of all sizes, ensure they’re not only protecting their data but also preparing for future attacks by taking simple steps toward cyber resilience through a defense-in-depth approach that addresses user behavior and the best protection for network and endpoints.”

Here are a few of the findings that I found pretty interesting:

Phishing URLs encountered grew by 640 percent in 2019.

  • 1 in 4 malicious URLs is hosted on an otherwise non-malicious domain.
  • 8.9 million URLs were found hosting a cryptojacking script.
  • The top sites impersonated by phishing sites or cybercriminals are Facebook, Microsoft, Apple, Google, PayPal and DropBox.
  • The top five kinds of websites impersonated by phishing sites are crypto exchanges (55%), gaming (50%), web email (40%), financial institutions (40%) and payment services (32%).

Malware targeting Windows 7® increased by 125 percent.

  • 93.6 percent of malware seen was unique to a single PC – the highest rate ever observed.
  • 85 percent of threats hide in one of four locations: %temp%, %appdata%, %cache%, and %windir%, with more than half of threats (54.4%) on business PCs hiding in %temp% folders. This risk can be easily mitigated by setting a Windows policy to disallow programs from running from the temp directory.
  • IP addresses associated with Windows exploits grew by 360 percent, with the majority of exploits targeting out-of-date operating systems.

Consumer PCs remain nearly twice as likely to get infected as business PCs.

  • The data reveals that regions most likely to be infected also have the highest rates of using older operating systems.
  • Of the infected consumer devices, more than 35 percent were infected more than three times, and nearly 10 percent encountered six or more infections.
  • The continued insecurity of consumer PCs underscore the risk companies face in allowing employees to connect to business networks from their personal devices.

Trojans and malware accounted for 91.8 percent of Android™ threats.

Download the full report.

Written By Freydrew by Webroot

Webroot Cloud Base Protection

Webroot

PC Madness provides a Cloud base Protection to better protect our Clients. PC Madness offers a managed service to their clients, helping in detecting and removal of threats without putting the client in stress. See below video and information on how PC Madness and Webroot Endpoint can help you today.

Discover cloud-based protection that stops threats in real time and secures businesses and individuals wherever they connect.

What is endpoint protection?

Endpoint protection, or endpoint security, is a general term that describes cybersecurity services for network endpoints, like laptops, desktops, smartphones, tablets, servers, and virtual environments. These services may include antivirus and antimalware, web filtering, and more.

Endpoint protection helps businesses keep critical systems, intellectual property, customer data, employees, and guests safe from ransomware, phishing, malware, and other cyberattacks.

Why businesses need endpoint protection

Criminals are constantly developing new ways to attack networks, take advantage of employee trust, and steal data. Smaller businesses may think they’re not a target, but that couldn’t be further from the truth. In fact, small businesses with 100 employees or fewer now face the same risk of attack as a 20,000-employee enterprise.*

No matter their size, businesses need reliable endpoint security that can stop modern attacks. And since most companies are subject to some form of compliance and privacy regulations, protection for endpoints is 100% necessary to help businesses avoid hefty fines and damage to their reputation due to a security breach.

Why Webroot Business Endpoint Protection is Different

We designed our solutions to put time back in your day, so you can maximize profitability.

Stop sophisticated cyberattacks

  • Next-generation protection
  • Contextual threat intelligence
  • Industry-leading efficacy

Streamline management

  • Cloud-based console
  • Fast deployment & scans
  • RMM, PSA & BI integrations

Save time and money

  • Lower TCO & flexible billing
  • No software conflicts
  • No reimaging

Content taken from Webroot.com

PC Madness Trading Hours​

Monday: 8:00am – 4:00pm

Tuesday: 8:00am – 4:00pm

Wednesday: 8:00am – 4:00pm

Thursday: 8:00am – 4:00pm

Friday: 8:00am – 4:00pm

Saturday: CLOSED

Sunday: CLOSED

Public Holidays: CLOSED