Webroot: (NEW) Privacy and Security with DNS over HTTPS (DoH)

Webroot
NEW: Privacy and Security with DNS over HTTPS (DoH)

DNS has been around since 1983 and has worked brilliantly at resolving all internet domain requests for both IPv4 and the newer IPv6 address spaces. However, DNS was not built with privacy or security in mind, as it communicates all requests in clear text.

To make DNS more secure for users, the new DNS over HTTPS (DoH) protocol encrypts the requests using the same HTTPS encryption used when connecting to a secure website. All the major web browsers are beginning to support DoH, but this incredible privacy enhancement can also bring some security drawbacks.

What exactly is DNS over HTTPS (DoH)?

DoH is an initiative to prevent eavesdropping and manipulation of DNS request data by third parties, whether for malicious purposes, governmental control, or commercial reasons. DoH adds encryption to these requests, thereby hiding them from prying eyes and ensuring the privacy and security of the overall connection.
 

Why is DoH a problem for IT security?

Adding privacy can come at a cost. From a security perspective, the rapid adoption and usage of DoH could blindside security administrators and prevent them from extracting useful cybersecurity information by monitoring and analyzing their DNS request traffic logs.

Additionally, some applications can be configured to use DoH directly. As this bypasses the system’s configured DNS server, it presents issues with filtering and accuracy of the DNS requests.

How does Webroot DNS Protection handle DoH?

If all DNS requests are encrypted, then admins can lose considerable visibility and control in terms of web filtering security. When applications are capable of making DNS requests independently, it defeats the value of web filtering by circumventing the in-place protections. To correctly leverage the advantages of DoH, every DNS request on a must be passed via DoH, applications must be prevented from making rogue DNS requests, and filtering and logging must be maintained.

With our latest enhancements, Webroot DNS Protection now combines the privacy benefits of DoH with the security benefits of DNS-layer protection powered by Webroot BrightCloud®️ Web Classification intelligence. Our service leverages the advantages of DoH by encrypting and managing the DNS requests for the entire system, and then securely relaying these requests via DoH to the Webroot resolvers. This way, admins retain control of DNS and are able to filter and log, while the user and business benefit from the additional privacy and security.

Where can I learn more?

Check out our new DoH resources for more info:

Written by freydrew – Community and Advocacy Manager of webroot

NEW: Webroot Evasion Shield

Webroot Evasion Shield

It’s coming folks! We’re starting the rollout of the new Webroot® Evasion Shield. This critical security layer uses brand new, patented Webroot technology to detect, block, and quarantine evasive script attacks—including file-based, fileless, obfuscated, or encrypted threats—to help businesses become more resilient against advanced cyberattacks. The shield will also prevent malicious behaviors from executing in PowerShell, JavaScript, VBScript, and more, which are often used to launch evasive attacks. Get an overview of how it works in the video below.

Who’s going to get the new shield?

Every Webroot Business Endpoint Protection customer will benefit from the new shield. It doesn’t cost extra and you don’t have to install it separately. However, please make sure all your endpoints are using the 9.0.28.00 version of the Business Endpoint Protection agent or higher. Earlier agent versions will not fully support Evasion Shield malicious script protection.

Will the new shield start protecting me right away?

The shield is turned OFF by default. We designed it that way because many admins use legitimate custom scripts in their environments, and nobody likes a false positive. We recommend enabling the shield with the Detect and Report setting first, so you can see all the scripts that are currently running and whitelist any that you don’t want flagged. (See more on this in our FAQs, linked below.)

Written by Frey Drew Community and Advocacy Manager
 

2020 Webroot Threat Report

phising2020

2020 Webroot Threat Report: Phishing Attempts Grew by 640% Last Year

The annual Webroot Threat report was recently released, highlighting not only the agility and innovation of cybercriminals who continue to seek out new ways to evade defenses, but also their commitment to long-established attack methods. Most notably, Webroot observed a 640 percent increase in phishing attempts and a 125 percent increase in malware targeting Windows 7. The report is derived from metrics captured and analyzed by Webroot’s advanced, cloud-based machine learning architecture: the Webroot Platform.

“In the cybersecurity industry the only certainty is that there is no certainty, and there is no single silver bullet solution,” said Hal Lonas, Senior Vice President and CTO, SMB and Consumer, OpenText. “The findings from this year’s report underline why it’s critical that businesses and users of all sizes, ensure they’re not only protecting their data but also preparing for future attacks by taking simple steps toward cyber resilience through a defense-in-depth approach that addresses user behavior and the best protection for network and endpoints.”

Here are a few of the findings that I found pretty interesting:

Phishing URLs encountered grew by 640 percent in 2019.

  • 1 in 4 malicious URLs is hosted on an otherwise non-malicious domain.
  • 8.9 million URLs were found hosting a cryptojacking script.
  • The top sites impersonated by phishing sites or cybercriminals are Facebook, Microsoft, Apple, Google, PayPal and DropBox.
  • The top five kinds of websites impersonated by phishing sites are crypto exchanges (55%), gaming (50%), web email (40%), financial institutions (40%) and payment services (32%).

Malware targeting Windows 7® increased by 125 percent.

  • 93.6 percent of malware seen was unique to a single PC – the highest rate ever observed.
  • 85 percent of threats hide in one of four locations: %temp%, %appdata%, %cache%, and %windir%, with more than half of threats (54.4%) on business PCs hiding in %temp% folders. This risk can be easily mitigated by setting a Windows policy to disallow programs from running from the temp directory.
  • IP addresses associated with Windows exploits grew by 360 percent, with the majority of exploits targeting out-of-date operating systems.

Consumer PCs remain nearly twice as likely to get infected as business PCs.

  • The data reveals that regions most likely to be infected also have the highest rates of using older operating systems.
  • Of the infected consumer devices, more than 35 percent were infected more than three times, and nearly 10 percent encountered six or more infections.
  • The continued insecurity of consumer PCs underscore the risk companies face in allowing employees to connect to business networks from their personal devices.

Trojans and malware accounted for 91.8 percent of Android™ threats.

Download the full report.

Written By Freydrew by Webroot

How to Create a Teams Meeting in Outlook

outlook logo

Now that working from home is the norm, video conferences are becoming the de facto way to meet. Here’s how to create Microsoft Teams meetings directly from within Outlook, without having to book them through the Teams app.

To create Teams meetings from within Outlook—either Outlook Online and the Outlook client—you need to install the Teams client on your computer. This will install an add-in to Outlook that provides a new option when you’re creating a meeting. Add-ins that you install in the Outlook client are automatically added to Outlook Online and vice versa. Once you’ve installed the Teams app, the add-in should be available in both clients.

These options should be available for all users of Outlook and Teams, regardless of whether you have a paid Office 365 (O365)/Microsoft 365 (M365) subscriptions. However, they’re only available for email accounts that use Exchange, whether that’s a free Outlook.com/live.com/hotmail account, or a paid Microsoft account for your own domain. If you’re using a non-Exchange account, such as a Gmail or Yahoo account, the Teams add-in won’t work for you.

We’ll take you through installing the Teams client first. If you have installed the client and you still can’t see these options, we’ve got some troubleshooting suggestions as well.

Install the Teams Client

The quickest way to get the Teams client is to open Teams online. On the first page, you’ll be offered the chance to download the Teams client.

The "Get the Windows app" button in Teams online.

If you already have Teams online open, click on the app download option at the bottom of the left sidebar.

The "App download" button in Teams online.

Install the .exe file, and log in with your O365/M365 account details when requested. To make sure the add-in is installed in Outlook, restart Teams, then restart Outlook.

Follow the instructions below to use the add-in in the Outlook client and in Outlook Online. If it’s not available, follow these troubleshooting tips from Microsoft.

Create a Teams Meeting in the Outlook Client

When you install the Teams client on your computer, it will install an add-in to Outlook that provides a new option when you’re creating a meeting. The option is available in the Home > New Items menu.

The "Teams Meeting" option in Outlook's "New Items" menu.

It’s also available in the ribbon of a new Meeting request.

The "Teams Meeting" option in a new meeting request.

When you click one of these options, the meeting request will change to include a location of “Microsoft Teams Meeting” and a link in the body of the request that attendees can click on to join the meeting.

A Teams meeting request.

Create a Teams Meeting in Outlook Online

When you install the Teams client on your computer, it will install an add-in to Outlook that provides a new option when you’re creating a meeting. In Outlook Online, the option is available in the meeting request.

The "Teams meeting" toggle switch in an Outlook Online meeting request.

Toggle the setting on to make it a Teams meeting. Unlike Teams meetings you create in the Outlook client, nothing changes in the Outlook Online meeting request, but once you’ve sent the meeting request, the Teams link will appear in the event in your calendar.

An event in the Outlook Online calendar showing the Teams meeting link.

For both Outlook Online and the Outlook client, fill in the attendees and the date and time of the meeting as usual. Send the meeting request the same way that you would with a normal meeting. The only difference is that you and your attendees will join the meeting in Teams, rather than a meeting room in an office.

Article by Rob Woodgate from How-to-geek.

Mobile Security Datasheet

Mobile Security Datasheet

Flexible support network


With the rise of the mobile workforce, the need to minimize security risks like device theft, data accessibility, and malware attacks is also increasing. Also, the sophistication of today’s security threats require a comprehensive approach that keeps your business devices, networks, and data protected.

USER ACCESS CONTROL

Lenovo’s user access control technology protects the organization’s devices and business ensuring only the right people have access to it.

  • Multi Factor Authentication (MFA) – For User Identity Protection
  • IR Camera with Windows Hello – For Simple and Secure Facial Login
  • Smart Card Access – For Two-factor Authentication in One Step
  • Near Field Communication (NFC) – For Rapid Contactless Authentication

PORT AND PHYSICAL PROTECTION

Whether in the office or on the go, end user computing devices need protection not only at the software level but also at a physical level. Built-in port security features help protect against physical theft of data via the USB and other access ports on company PCs.

  • ThinkShutter Camera Privacy – For Privacy When You Need It
  • Kensington® Cable Lock – For Preventing Device Theft
  • ThinkPad Ultra Dock – For Innovative Dock and Device Security

DATA PROTECTION

To keep the business running smoothly and without disruption, it is essential to have secure, automatic, and efficient data backup. Lenovo’s robust data protection tools enable easy and efficient data recovery and retrieval only by authorized personnel.

  • Fast Identity Online (FIDO) – For Robust Data Protection
  • Discrete Trusted Platform Module (dTPM) 2.0 – For Data Encryption
  • Online Data Backup (OLDB) – For Safeguarding Your Critical Data
  • Hard Drive Retention – For Retaining Sensitive Company Data
  • BUFFERZONE® – For Sophisticated and Supreme Malware Protection
  • Mobile Device Management

 DOWNLOAD DATASHEET 


Working from Home

Working from home is becoming more common as Australians self-isolate against COVID-19. Here are some ways to help make it feel more normal.

  1. Stay Focused and outline your task for the day – It’s tempting to sleep-in and stay in your Pj’s, but you’ll be more productive if you get up and stick to normal working hours and task schedule that you would normally do during work hours.
  2. Stay Healthy, Move and take breaks – Because you can work at all times, doesn’t mean you should. Eat well and take time to head outdoors for brief stroll or exercise.
  3. Stay Connected Via Internet and have remote access to work files and colleagues – You may not realise it, but a big part of your day job is the social connection you get at the office. That’s why it’s important to make sure you stay in touch with colleagues virtually, or via chat like Microsoft teams to keep your work moving forward.

PC Madness provides a whole range of cloud services to our clients to help them access there work files / server from home. If your business or work has not implemented any cloud system such a remote server / team file-sharing and having cloud phone system give us a call to discuss how we can help you. Working in the cloud mean you can work from anywhere and due to this pandemic crisis the world is facing at the moment a system like this can keep your business moving forward.

John
PC Madness Pty Ltd
08 9250 4554

Webroot Cloud Base Protection

Webroot

PC Madness provides a Cloud base Protection to better protect our Clients. PC Madness offers a managed service to their clients, helping in detecting and removal of threats without putting the client in stress. See below video and information on how PC Madness and Webroot Endpoint can help you today.

Discover cloud-based protection that stops threats in real time and secures businesses and individuals wherever they connect.

What is endpoint protection?

Endpoint protection, or endpoint security, is a general term that describes cybersecurity services for network endpoints, like laptops, desktops, smartphones, tablets, servers, and virtual environments. These services may include antivirus and antimalware, web filtering, and more.

Endpoint protection helps businesses keep critical systems, intellectual property, customer data, employees, and guests safe from ransomware, phishing, malware, and other cyberattacks.

Why businesses need endpoint protection

Criminals are constantly developing new ways to attack networks, take advantage of employee trust, and steal data. Smaller businesses may think they’re not a target, but that couldn’t be further from the truth. In fact, small businesses with 100 employees or fewer now face the same risk of attack as a 20,000-employee enterprise.*

No matter their size, businesses need reliable endpoint security that can stop modern attacks. And since most companies are subject to some form of compliance and privacy regulations, protection for endpoints is 100% necessary to help businesses avoid hefty fines and damage to their reputation due to a security breach.

Why Webroot Business Endpoint Protection is Different

We designed our solutions to put time back in your day, so you can maximize profitability.

Stop sophisticated cyberattacks

  • Next-generation protection
  • Contextual threat intelligence
  • Industry-leading efficacy

Streamline management

  • Cloud-based console
  • Fast deployment & scans
  • RMM, PSA & BI integrations

Save time and money

  • Lower TCO & flexible billing
  • No software conflicts
  • No reimaging

Content taken from Webroot.com

PC Madness Trading Hours​

Monday: 8:00am – 5:30pm

Tuesday: 8:00am – 5:30pm

Wednesday: 8:00am – 5:30pm

Thursday: 8:00am – 5:30pm

Friday: 8:00am – 5:30pm

Saturday: 9:00am – 1:00pm

Sunday: CLOSED

Public Holidays: CLOSED