Mon – Fri: 08:00am – 4:00pm, Sat-Sun: Closed

PC MADNESS
PERTH IT SPECIALIST


Cloud Services, Business IT Support, Web & Design Services,
Computer Store - Sales & Service for PERTH WA.

Webroot Endpoint Protection

Webroot

What is endpoint protection?

Endpoint protection, or endpoint security, is a general term that describes cybersecurity services for network endpoints, like laptops, desktops, smartphones, tablets, servers, and virtual environments. These services may include antivirus and antimalware, web filtering, and more.

Endpoint protection helps businesses keep critical systems, intellectual property, customer data, employees, and guests safe from ransomware, phishing, malware, and other cyberattacks.

Why businesses need endpoint protection

Criminals are constantly developing new ways to attack networks, take advantage of employee trust, and steal data. Smaller businesses may think they’re not a target, but that couldn’t be further from the truth. In fact, small businesses with 100 employees or fewer now face the same risk of attack as a 20,000-employee enterprise.*

No matter their size, businesses need reliable endpoint security that can stop modern attacks. And since most companies are subject to some form of compliance and privacy regulations, protection for endpoints is 100% necessary to help businesses avoid hefty fines and damage to their reputation due to a security breach.

Why Our Endpoint Protection is Different

We designed our solutions to put time back in your day, so you can maximize profitability.

Stop sophisticated cyberattacks

  • Next-generation protection
  • Contextual threat intelligence
  • Industry-leading efficacy

Streamline management

  • Cloud-based console
  • Fast deployment & scans
  • RMM, PSA & BI integrations

Save time and money

  • Lower TCO & flexible billing
  • No software conflicts
  • No reimaging
Webroot® Evasion Shield
The Evasion Shield:

* Protects against file-based and fileless script attacks
* Blocks malicious JavaScript, VBScript, PowerShell, macros, and more
* Enables admins to detect scripts running in their environments
* Allows whitelisting for legitimate scripts

For more details, visit the Webroot Community.
This image has an empty alt attribute; its file name is image-1.pngMinimize business disruption
Managed detection and response (MDR) solutions help enable real-time threat detection and response, maintain compliance and lower the risk of the business downtime. They optimize existing security investments and reduce the impact of successful attacks. With our MDR solutions, businesses benefit from best-in-class, AI-powered threat intelligence augmented by “always there” human experts.

Detect and respond to threats like Ransomware with our tailored MDR solutions:

Webroot MDR powered by Blackpoint
Gartner-recognized MDR service using patented SNAP-Defense, NICOS network tap and third-party integrations
SOC with experienced MDR team to monitor, hunt and respond to threats
Competitively priced offering with more capabilities than competitors
Guided by a board of ex-national security leadership

OpenText MDR
AI-powered threat detection
Award-winning threat intelligence
99% detection – highest in the industry
97% alert noise reduction

Contact PC Madness Today

PC Madness can help and setup onsite or remotely your Security application to better protect you from today’s threats. Contact our office today to enquire and get more information how this product can help you secure your pc and network needs.

Call today PC Madness – 9250 4554

2020 Webroot Threat Report

phising2020

2020 Webroot Threat Report: Phishing Attempts Grew by 640% Last Year

The annual Webroot Threat report was recently released, highlighting not only the agility and innovation of cybercriminals who continue to seek out new ways to evade defenses, but also their commitment to long-established attack methods. Most notably, Webroot observed a 640 percent increase in phishing attempts and a 125 percent increase in malware targeting Windows 7. The report is derived from metrics captured and analyzed by Webroot’s advanced, cloud-based machine learning architecture: the Webroot Platform.

“In the cybersecurity industry the only certainty is that there is no certainty, and there is no single silver bullet solution,” said Hal Lonas, Senior Vice President and CTO, SMB and Consumer, OpenText. “The findings from this year’s report underline why it’s critical that businesses and users of all sizes, ensure they’re not only protecting their data but also preparing for future attacks by taking simple steps toward cyber resilience through a defense-in-depth approach that addresses user behavior and the best protection for network and endpoints.”

Here are a few of the findings that I found pretty interesting:

Phishing URLs encountered grew by 640 percent in 2019.

  • 1 in 4 malicious URLs is hosted on an otherwise non-malicious domain.
  • 8.9 million URLs were found hosting a cryptojacking script.
  • The top sites impersonated by phishing sites or cybercriminals are Facebook, Microsoft, Apple, Google, PayPal and DropBox.
  • The top five kinds of websites impersonated by phishing sites are crypto exchanges (55%), gaming (50%), web email (40%), financial institutions (40%) and payment services (32%).

Malware targeting Windows 7® increased by 125 percent.

  • 93.6 percent of malware seen was unique to a single PC – the highest rate ever observed.
  • 85 percent of threats hide in one of four locations: %temp%, %appdata%, %cache%, and %windir%, with more than half of threats (54.4%) on business PCs hiding in %temp% folders. This risk can be easily mitigated by setting a Windows policy to disallow programs from running from the temp directory.
  • IP addresses associated with Windows exploits grew by 360 percent, with the majority of exploits targeting out-of-date operating systems.

Consumer PCs remain nearly twice as likely to get infected as business PCs.

  • The data reveals that regions most likely to be infected also have the highest rates of using older operating systems.
  • Of the infected consumer devices, more than 35 percent were infected more than three times, and nearly 10 percent encountered six or more infections.
  • The continued insecurity of consumer PCs underscore the risk companies face in allowing employees to connect to business networks from their personal devices.

Trojans and malware accounted for 91.8 percent of Android™ threats.

Download the full report.

Written By Freydrew by Webroot

What Is Credential Stuffing? How to Protect Yourself.

cyber-security
A silhouette of a padlock in front of a Zoom logo.
Ink Drop/Shutterstock.com

A total of 500 million Zoom accounts are for sale on the dark web thanks to “credential stuffing.” It’s a common way for criminals to break into accounts online. Here’s what that term actually means and how you can protect yourself.

It Starts With Leaked Password Databases

Attacks against online services are common. Criminals often exploit security flaws in systems to acquire databases of usernames and passwords. Databases of stolen login credentials are often sold online on the dark web, with criminals paying in Bitcoin for the privilege of accessing the database.

Let’s say you had an account on the Avast forum, which was breached back in 2014. That account was breached, and criminals may have your username and password on the Avast forum. Avast contacted you and had you change your forum password, so what’s the problem?

Unfortunately, the problem is that many people reuse the same passwords on different websites. Let’s say your Avast forum login details were “[email protected]” and “AmazingPassword.” If you logged into other websites with the same username (your email address) and password, any criminal who acquires your leaked passwords can gain access to those other accounts.

Credential Stuffing in Action

“Credential stuffing” involves using these databases of leaked login details and trying to log in with them on other online services.

Criminals take large databases of leaked username and password combinations—often millions of login credentials—and try to sign in with them on other websites. Some people reuse the same password on multiple websites, so some will match. This can generally be automated with software, quickly trying many login combinations.

For something so dangerous that sounds so technical, that’s all it is—trying already leaked credentials on other services and seeing what works. In other words, “hackers” stuff all those login credentials into the login form and see what happens. Some of them are sure to work.

This is one of the most common ways that attackers “hack” online accounts these days. In 2018 alone, the content delivery network Akamai logged nearly 30 billion credential-stuffing attacks.

How to Protect Yourself

Multiple keys next to an open padlock.
Ruslan Grumble/Shutterstock.com

Protecting yourself from credential stuffing is pretty simple and involves following the same password security practices security experts have been recommending for years. There’s no magic solution—just good password hygiene. Here’s the advice:

  • Avoid Reusing Passwords: Use a unique password for each account you use online. That way, even if your password leaks, it can’t be used to sign in to other websites. Attackers can try to stuff your credentials into other login forms, but they won’t work.
  • Use a Password Manager: Remembering strong unique passwords is a nearly impossible task if you have accounts on quite a few websites, and almost everyone does. We recommend using a password manager like 1Password (paid) or Bitwarden (free and open-source) to remember your passwords for you. It can even generate those strong passwords from scratch.
  • Enable Two-Factor Authentication: With two-step authentication, you have to provide something else—like a code generated by an app or sent to you via SMS—each time you log in to a website. Even if an attacker has your username and password, they won’t be able to sign in to your account if they don’t have that code.
  • Get Leaked Password Notifications: With a service like Have I Been Pwned?, you can get a notification when your credentials appear in a leak.

How Services Can Protect Against Credential Stuffing

While individuals need to take responsibility for securing their accounts, there are many ways for online services to protect against credential-stuffing attacks.

  • Scan Leaked Databases for User Passwords: Facebook and Netflix have scanned leaked databases for passwords, cross-referencing them against login credentials on their own services. If there’s a match, Facebook or Netflix can prompt their own user to change their password. This is a way of beating credential-stuffers to the punch.
  • Offer Two-Factor Authentication: Users should be able to enable two-factor authentication to secure their online accounts. Particularly sensitive services can make this mandatory. They can also have a user click a login verification link in an email to confirm the login request.
  • Require a CAPTCHA: If a login attempt looks strange, a service can require entering a CAPTCHA code displayed in an image or clicking through another form to verify a human—and not a bot—is attempting to sign in.
  • Limit Repeated Login Attempts: Services should attempt to block bots from attempting a large number of sign-in attempts in a short period of time. Modern sophisticated bots may attempt to sign in from multiple IP addresses at once to disguise their credential-stuffing attempts.

Poor password practices—and, to be fair, poorly secured online systems that are often too easy to compromise—make credential stuffing a serious danger to online account security. It’s no wonder many companies in the tech industry want to build a more secure world without passwords.

Article by Chris Hoffman from how to geek.

PC Madness Trading Hours​

Monday: 8:00am – 4:00pm

Tuesday: 8:00am – 4:00pm

Wednesday: 8:00am – 4:00pm

Thursday: 8:00am – 4:00pm

Friday: 8:00am – 4:00pm

Saturday: CLOSED

Sunday: CLOSED

Public Holidays: CLOSED