Internet Archives - IT Security Guru

Safer Internet Day 2022 – How Can The Online World Be A Safer Place?

The Gurus — Wed, 09 Feb 2022 11:51:25 +0000

The 8th of February marked the 19th Safer Internet Day which saw over 200 countries take a collaborative stance to make the Internet a safer and better place for all, particularly for younger people. Over the past 18 months, online activity sky-rocketed due to the disruptions caused by the pandemic. With many faced with lockdowns, the vast majority were restricted to the confines of our homes, with adults working remotely and children learning virtually. The majority of our social interactions were also conducted online, whether that be from the computer, laptop, mobile (or other handheld devices) and this still continues to be the case.

Yet, while there are definite benefits to being online, there are dangers that many of us need to be aware of, particularly younger people who have been spending a lot more time on the internet. In fact, research by Ofcom has found 40% of children have engaged in ‘risky behaviours’ online by the time they reach the age of 12.

Whether it be gaming, social media or general web browsing, the age young people interact with the internet is getting lower and, unfortunately, there is the risk they are interacting or sharing sensitive information with people they don’t know. A child could’ve taken a picture or video of themselves and posted on a social media platform which could result in millions seeing them. Or sent a friend request on a game to a random stranger, or just generally acted in a way that would be disapproving to their parents.

This is a scary thought for any parent or guardian, knowing that a child could be interacting with a complete stranger. This is a concern many cybersecurity experts have with, especially when the youth are on the internet. Irfahn Khimji, chief systems engineer at Tripwire says: “As the world has been going more and more digital, virtual interactions are more prominent than ever. The difference is that you can be anyone you want to be online. This can be challenging to identify who it is you are talking to, so it is critical to ensure not to give away personal information to those who you’ve only met online.” Khimji adds: If you are faced with bullying or harassment, you can often block that user or even turn off your computer or mobile device and step away. If the harassment becomes persistent and threatening, you can always contact your local law enforcement agency to help.”

Joni Moore, director security solution at Lookout also advises parents to be more aware of what they are teaching their children when it comes to their activities online, with the teachings not too dissimilar from what they are taught in real-life: “Stranger-Danger” – we teach our kids to be aware of stranger danger in the real world. The same applies online.”

Additionally, Moore explains it is beneficial for more of the general public to learn about cybersecurity techniques that are used to dupe online gamers – both young and old: “Some hackers target gamers with fake game updates or utilities claiming to customise your game or help speed your game progress. Malicious apps spread through phishing, in-game communications, as attachments on gamers’ forums or chat rooms, and by other, similar means.”

On Safer Internet Day, Digital Minister Chris Philp also announced that the Online Safety Bill will be significantly strengthened with a new legal duty requiring all sites that publish pornography to put robust checks in place to ensure their users are 18 years old or over.

This could include adults using secure age verification technology to verify that they possess a credit card and are over 18 or having a third-party service confirm their age against government data. Jon Andrews, VP, EMEA at Gurucul, had the following to say: “It is an interesting topic as age restrictions on pornographic material on the internet would certainly help with societies problems when it comes to misogyny, violence towards women and sexism, which need to be directly addressed.

On the other hand, it is important to ensure that regulation don’t become restriction. The internet should be free and available to all, and regulations that can better society are certainly welcome. Credit card verification, however, can be a restrictive measure that might encourage people to obtain one in order to access certain parts of the internet, so less invasive forms of identification might be preferable. .

These restrictions will also require websites to store personal identifiable information. This adds a component of risk for users, who will need to trust these entities with highly sensitive data. Unless government bodies consider this aspect and scrutinise the security policies of these websites, the move could have serious privacy implications and might motivate threat actors to launch campaigns aimed at stealing credit card details and other valuable information.”

Phishing and malware are threats that are ever-present in the gaming world with malicious individuals determined to trick young and unsuspecting minds with dangerous attachments or urls. Paul Bischoff, privacy advocate at Comparitech provides some advice on this issue specifically: “Never click on links posted in chats. Just like with emails, you should never click on unsolicited links. They could lead to malware or a phishing page. Or worse, you could get rickrolled.”

Regarding the issue around malware, Moore adds: “Malware also spreads through legitimate game update mechanisms in some cases. Some of that malware is game-oriented, stealing gamers’ credentials or in-game goods, but some steal bank accounts and other personal information stored on computers or smartphones. Gamers should always ensure they run the latest version of OS.”

But these problems are not just found at home.

Tackling the issues of malware and phishing and keeping sensitive information safe are challenges enterprises face everyday. With employees re-entering the office environments again, organisations need to ensure security training is being conducted. For organisations unaware of how to get their workforce best prepared, Erich Kron, Security Awareness Advocate, KnowBe4 has parted with some necessary guidance:

“Security professionals within organisations can best train their employees to be on the lookout for cyber attacks by implementing frequent and consistent security awareness training and by sending simulated phishing attacks so that employees truly understand what a real cyber attack could look like and they can practice this skill in a way that does not bring risk to the organisation. Having the proper reporting structure for employees to report suspected phishing emails, vishing calls or other types of attacks is also critical to help keep an organisation safe.”

“Employees may have adopted poor security practices while working remotely, such as sharing their devices or having corporate information on personal devices, not locking their machine when leaving it unattended or using corporate devices for personal tasks. These types of problems are often overlooked. Beyond technology, there could be physical records and assets that have made their way into employees’ homes. It is also difficult to determine if any sensitive information has been printed and secured or disposed of securely.”

“The challenges of defending against cyber attacks have increased significantly due the popularity of remote working brought on by the COVID-19 pandemic. That is why communication between organisations and employees is of utmost importance. Clear communication should lay out what the expectations are for employees who have moved to a remote working structure and how it will work logistically.”

The post Safer Internet Day 2022 – How Can The Online World Be A Safer Place? appeared first on IT Security Guru.

Samsung Pay Now Available to UK Visa Cardholders

The Gurus — Fri, 19 May 2017 09:53:52 +0000

With today’s launch of Samsung Pay, UK Visa account holders can now use their compatible Samsung smartphones for purchases worldwide. Visa’s tokenisation service enables cardholders to add their Visa credit and debit cards quickly and easily to the Samsung Pay wallet and pay in a secure and convenient way at contactless point-of-sale terminals. Samsung Pay is now available to Visa cardholders who bank with MBNA, Nationwide and Santander.
When a consumer loads their card into Samsung Pay, the app uses Visa tokenisation to replace the consumer’s sensitive account information with a different series of numbers – a “token” – that is specific to that card and device. Payments are made using the token so that the card information is never exposed, adding another layer of safety to digital payments. If the phone is compromised or stolen, the token cannot be used in any other environment and can easily be deactivated without requiring the Visa account to be cancelled.
Kevin Jenkins, Regional Managing Director, UK and Ireland, Visa, commented: “Today’s launch of Samsung Pay gives Visa account holders a mobile payment solution that enables safe and easy contactless in-store payments with their Samsung mobile. The phone is the one item people always have with them and Visa supports payment solutions that fit people’s changing lifestyles.”
Mobile Payment gets more popular
Visa’s 2016 Digital Payment study shows that there is high consumer demand for mobile payment solutions in the UK, with over 94% of the UK’s 18-24 years olds already using their mobile device to monitor their money or make payments. In fact, Visa predicts that payments from mobile devices will comprise 50% of all worldwide transactions by 2020. According to the study, more than four in ten people in the UK use their phones to pay bills (42 percent), buy takeaway food (45 percent), and pay for bus or train tickets (41 percent).
Visa in Samsung Pay
To pay, simply swipe up on the phone’s screen to select your Visa card of choice and confirm the payment via fingerprint, iris scan or passcode. With the Smartwatch Gear S3 the payment can be started with a touch of a button. The authorisation is conducted via passcode when putting on the Smartwatch. To complete the payment, simply tap the device on any contactless enabled POS terminals to pay contactless with as you would with your Visa card. Payments are confirmed immediately with a message sent to the Samsung device. Merchants that already accept contactless payment do not need to update their terminals to accept payments with Samsung Pay nor will there be any additional cost for the merchant or the Visa cardholder since the transaction is a Visa card transaction.
With the Near Field Communication (NFC) technology, Samsung Pay* can be used to touch and pay wherever Visa contactless debit cards or credit cards are accepted.

The post Samsung Pay Now Available to UK Visa Cardholders appeared first on IT Security Guru.

Global survey reveals that most people are ill equipped to deal with ransomware

The Gurus — Fri, 19 May 2017 09:50:49 +0000

Friday’s ransomware attack, which affected 200,000 computer systems in 150 countries and crippled hospitals across the United Kingdom, is a frightening reminder of how much damage can be done by this type of malicious cyberattack. A new global survey of Internet users in 23 countries and Hong Kong (China) reveals that most people are ill equipped to deal with ransomware.
“It is simply unacceptable that people do not get the care they need because of cybercriminals attacking hospitals. We have a shared responsibility to collaboratively get this under control,” says Kathy Brown, President and Chief Executive Officer of the Internet Society (ISOC) which helped to fund the survey. “Law enforcement, IT professionals, consumers, business, and the public sector all have responsibility to act to keep enabling the good that the Internet brings.”
According to the joint CIGI, ISOC and UNCTAD Global Survey on Internet Security and Trust, conducted by global research company Ipsos, before the latest attack, 6 per cent of Internet users globally had already been personally affected by ransomware, with Internet users in India, Indonesia, China and the United States the most likely to be affected. An additional 11 per cent knew someone who has been hit by these malicious programs.
“Cyber thieves now operate on a global scale, as the most recent attack illustrates, and just about anybody can launch a ransomware attack,” says Fen Osler Hampson, Distinguished Fellow and Director of Global Security at CIGI. “Ransomware attackers have discovered that they don’t have to steal or destroy your data to enrich themselves, they just have to hold it hostage. Our survey data shows that many people are willing to pay to get their data back, which makes such attacks highly profitable.”
People remain largely unprepared for this new form of cyberattack, which encrypts their data and renders it inaccessible until they pay a ransom. Twenty-four percent of people admit they would have no idea what to do if their computer were to be hit with ransomware.
Many would turn to the authorities: 22 per cent would contact law enforcement, 15 per cent would contact their Internet Service Provider and 9 per cent would contact a private firm to try to retrieve their data. Unfortunately, the authorities are often unable to help. Once the data is locked, it is extraordinarily difficult to retrieve without either paying the ransom or restoring the files from a backup.
Here again, Internet users are woefully unprepared. Only 16 per cent of people globally indicate that they would retrieve their data from a backup.
Among those who had been affected by ransomware, 41 per cent said they had paid to have their device unlocked. Among those affected who did not pay the ransom, 45 per cent refused to pay, claiming that it is not right to pay criminals.
In any event, there remains some honour among thieves, as 91 per cent of Internet users who paid the ransom indicated that their device had subsequently been unlocked. Internet users in North America (10%) and Europe (15%) were the least likely to have their devices unlocked after they paid the ransom.
“The evolution of cybercrime has a negative impact on the willingness among people and enterprises to use the Internet for e-commerce and other productive activities,” says Torbjörn Fredriksson, Chief of ICT Analysis Section at the UN Conference on Trade and Development (UNCTAD) which helped to fund the survey. “This underlines the importance of legal and regulatory responses that include criminalizing conduct, enhancing law enforcement powers and putting in place cybersecurity frameworks that include prevention and permit active defense.”
About the Global Survey on Internet Security and Trust
The survey of 24,225 Internet users was conducted by global research company Ipsos, on behalf of the Centre for International Governance Innovation (CIGI) in collaboration with the Internet Society (ISOC) and the United Nations Conference on Trade and Development (UNCTAD) between December 23, 2016, and March 21, 2017. The survey was conducted in 24 countries—Australia, Brazil, Canada, China, Egypt, France, Germany, Hong Kong (China), India, Indonesia, Italy, Japan, Kenya, Mexico, Nigeria, Pakistan, Poland, Republic of Korea, South Africa, Sweden, Tunisia, Turkey, United Kingdom and the United States.

The post Global survey reveals that most people are ill equipped to deal with ransomware appeared first on IT Security Guru.

Global survey reveals the impact of declining trust in the Internet on e-commerce

The Gurus — Mon, 24 Apr 2017 08:59:48 +0000

A new global survey reveals that Internet users are increasingly concerned about their online privacy, and that 49 percent of users polled say lack of trust is their main reason for not shopping online.
The survey, conducted by Ipsos and the Centre for International Governance Innovation (CIGI), in collaboration with the United Nations Conference on Trade and Development (UNCTAD) and the Internet Society, comes as data breaches and the reported hacking of elections in several European countries continues to capture international headlines. The survey results suggest that the resulting impact on trust is hindering further development of the digital economy.
Released today at the UNCTAD E-Commerce Week in Geneva, the 2017 CIGI-Ipsos Global Survey on Internet Security & Trust shows that among those worried about their privacy, the top sources of concern were cybercriminals (82%), Internet companies (74%) and governments (65%).
“The lifeblood of the Internet is trust, and when that is damaged, the consequences for the digital economy are nearly irreparable,” said Director of CIGI’s Global Security & Politics program Fen Osler Hampson. “The results of this global survey offer a glimpse into why policymakers should be concerned, and why there is a strong link between user trust and the health of e-commerce,” he said.
Lack of trust is most likely to keep people off e-commerce platforms in the Middle East, Africa and Latin America, suggesting that the potential gains of e-commerce are not spread evenly around the globe.
The survey also revealed great differences in e-commerce behavior when it came to how users are purchasing goods online. For example, in China, India and Indonesia, more than 86 percent of respondents expect to make mobile payments on their smartphone in the next year, compared with less than 30 percent in France, Germany and Japan.
Even in the digital world, location still matters. Fifty-five percent of global respondents indicated that they prefer purchasing online goods and services made in their own country.
“The survey confirms the importance of having adequate consumer protection and data protection in place, areas where many developing countries are lagging behind,” said Shamika N. Sirimanne, Director of UNCTAD’s Division on Technology and Logistics. “More capacity-building is therefore urgently needed,” she added.
The survey of 24,225 Internet users was conducted by global research company Ipsos, on behalf of the Centre for International Governance Innovation (CIGI) between December 23, 2016, and March 21, 2017. The survey was conducted in 24 countries—Australia, Brazil, Canada, China, Egypt, France, Germany, Hong Kong (China), India, Indonesia, Italy, Japan, Kenya, Mexico, Nigeria, Pakistan, Poland, Republic of Korea, South Africa, Sweden, Tunisia, Turkey, United Kingdom and the United States.
“Nearly 50 percent of Internet users surveyed do not trust the Internet and this lack of trust is affecting the way they use it. The findings of this year’s CIGI-Ipsos survey underscore the importance of taking action now to build stronger online trust by addressing users’ concerns and using technologies such as encryption to secure communications,” said Sally Wentworth, Vice President of Global Policy for the Internet Society.

The post Global survey reveals the impact of declining trust in the Internet on e-commerce appeared first on IT Security Guru.

Neustar: 92% of UK organisations unaware of impact DNS is having on internet users

The Gurus — Thu, 23 Mar 2017 09:51:55 +0000

Neustar, Inc., a trusted, neutral provider of real-time information services, today released findings from new research into how UK businesses are provisioning domain name system (DNS) servers and services, finding that 92 percent have limited visibility of the impact DNS performance is having on their internet users and visitors to their online resources. Although DNS is a fundamental utility supporting the internet and relied upon by all businesses, visibility is hampered by complexity with 45 percent of organisations having as many as 8 different ways of provisioning their DNS infrastructure.
The report, titled ‘Winning the domain game: the business case for a specialist DNS provider’, commissioned from independent analysis firm, Quocirca, presents new UK-focused research into how businesses are provisioning DNS servers and services in the interests of both their internal and external internet users. The full report from Quocirca can be read here: https://hello.neustar.biz/2017-quocirca-dns-research-paper-security-lp.html
“The internet is now a core utility for all businesses, as essential as electricity and water supply. However, unlike these utilities, internet use is bi-directional; outward, for employees and other internal users to engage with the world, and inward for customers and other visitors to find an organisation’s online resources. It’s also reliant on its own fundamental utility, the domain name system or DNS,” explains Bob Tarzey, Analyst & Director, Quocirca. “At its most basic, DNS is an address book which matches websites to internet Protocol (IP) addresses. Our research reveals that many organisations have yet to realise that DNS can be so much more than that; sitting on the front line in the online security battle, maximising use of backend resources, ensuring governance and providing a rich source of data for marketing teams.”
Key findings from interviews with 100 senior IT decision makers at UK-based businesses in a variety of sectors reveals:

Critical Issues – 72 percent of organisations reported regularly suffering from at least one of 6 critical issues that impact website and application availability (including Distributed Denial of Service [DDoS] attacks, network access issues and web server downtime), and 61 percent revealing the same for performance – any of these ‘internet problems’ are potentially DNS-related.
DNS Complexity – Despite being relied upon by all businesses, only 8 percent of respondents claim to have full visibility across all areas of DNS, including frequency of dropped requests, cache poisoning, latency and overall load on DNS infrastructure, rendering it impossible to ensure a consistent service to internal and external Internet users. DNS complexity is a major reason for lack of visibility with 45 percent of organisations having as many as 8 different ways of provisioning their infrastructure.
Room for improvement – 89 percent of respondents claim to be using a specialist DNS service provider, but just 15 percent have committed to using it for both internal and external DNS purposes to provide advanced features such as mitigation against DDoS attacks, reducing infrastructure load and central management tools to improve visibility. With so few benefiting from advanced features, it would suggest a lack of knowledge about the value add that can be provided via DNS, and what could be achieved by using a specialist DNS service provider.

When complexity starts to prevent the delivery of efficiency and security benefits, businesses need to sit up and take notice. The report found that the majority of organisations use ISPs, managed hosting providers and internet registrars as way of provisioning some of their DNS needs. Such suppliers provide DNS services as a spinoff from the other things they do. On the other hand, 92 percent of organisations polled maintain some in-house DNS capability to cover recursive DNS (for internal internet users) and/or authoritative DNS (for external internet users) requirements. However, this unfocused approach to DNS management has its own drawbacks. Advanced DNS provision and management, as performed by a specialist DNS service provider, can deliver a number of valuable features to address these issues and provide significant value-add for businesses.
“DNS has been called the most important part of the internet that people don’t know about and its time IT managers woke up to what a professional DNS service can deliver to business,” said Rodney Joffe, SVP and Fellow at Neustar. “As the report highlights, DNS can be so much more than a website address directory. Provisioned correctly, by a reputable specialist DNS service provider, it can defend the front line in the fight against cyber-attacks, maximise the use of backend resources, ensure governance and be a rich source of marketing data.”

The post Neustar: 92% of UK organisations unaware of impact DNS is having on internet users appeared first on IT Security Guru.

Google’s latest transparency report shows record government data requests

The Gurus — Tue, 19 Jul 2016 15:35:04 +0000

Google saw a record number of data requests from law enforcement agencies worldwide during the second half of 2015 as the request total passed the 40,000 mark for the first time. That’s up from 35,365 in the first half of the year and 30,140 one year previous,according to the tech giant’s latest transparency report.
Google’s transparency report is an important resource since it provides a glimpse at how international governments and states are trying to use and access our data. And also, importantly, it is an indicator as to how much information Google — one of the world’s biggest holders of internet data — gives up in these cases. It is fairly high level in detail, but it is definitely a start and Google’s efforts have triggered similar reports from other consumer tech companies, including Twitter, Facebook and chat app Line, which handle potentially sensitive user data.

Original Source: Tech Crunch
View the full story here.

The post Google’s latest transparency report shows record government data requests appeared first on IT Security Guru.

Tor Browser 6.0 released

The Gurus — Wed, 01 Jun 2016 10:52:21 +0000

The Tor Browser lets you use Tor on Windows, OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is portable.
Tor Browser 6.0 is now available. Some of the improvements include:

Code-signing for OS X systems is introduced. This should help users who had trouble with getting the Tor Browser to work on their Mac due to Gatekeeper interference.
The release features new privacy enhancements and disables features potentially harmful in a Tor Browser context.
SHA1 certificate support is disabled and the updater is not only relying on the signature alone, but is checking the hash of the downloaded update file as well before applying it.
Version 6.0 provides a fix for a Windows installer related DLL hijacking vulnerability.

Original Source: Help Net Security
View the full story here.

The post Tor Browser 6.0 released appeared first on IT Security Guru.

Survey shows lack of concern around cyber security from UK students

The Gurus — Tue, 15 Mar 2016 00:01:09 +0000

Students aren’t concerned about cyber security despite 77% seeing it as a growing threat.
Only 17% of students are genuinely concerned by cyber security despite it affecting many of them, finds a new survey by Jisc, the digital services and solutions organisation for UK education and research. Students are unsurprisingly more worried about grades (90%), but are also more often worried about money (79%) or friendships (53%).
The findings come as the Government is set to address the growing threat of cyber-attacks by doubling investment in cyber security for 2016, spending £1.9 billion over five years. The national cyber plan includes the development of a National Offensive Cyber Programme to counter cyber-attacks, and perhaps most critically, the goal of increasing the nation’s cyber skills.
Tim Kidd, executive director of Jisc technologies, said: “It’s no surprise that so many students view cyber security as a growing threat, recently there has been daily media coverage about new attacks on businesses, and over 15% of the students we asked have already had their personal e-mail accounts hacked.
“Students have many demands on their time and have grown up in a digital world, and have a low level of concern about cyber security. This may be as students feel they understand the security in place on their devices, 65% of the 406 students asked said they know how to protect themselves online from security threats, such as hacker’s phishing for their personal data.”
The survey also found that 35% of students see it as their own responsibility to learn about cyber security. Tim continues: “In a world that is becoming more digital by the day it is undeniable that students and education professionals may need to learn more about cyber security. There is no clear responsibility for the education of students in this area, but universities may find this becomes a focus for them in the future.”
Further results showed that 35% of students don’t know what security is available on their university/college computer, compared to 76% who are aware of the security on their own devices. Steve Kennett, head of operational services for Jisc, including the CSIRT (Computer Security and Incident Response Team) comments: “We provide security services and access to the global Internet, through our private Janet network, to UK universities and colleges. We monitor and resolve security incidents to protect users and make sure students have 24/7 access to resources. We also work closely with IT teams in education, but all this all goes on behind the scenes so it is no surprise that students aren’t fully aware of how secure their university or college network is, often more secure than a home broadband connection.
“Only 24% of students actually think their university network is more secure than their home network, but 16% had had their personal details hacked online, whereas only 4% had ever had their college or university emails hacked. This may demonstrate that more needs to be done to education students about the security of their network and on how they can help reduce cyber security threats at their institution.”
The subject of cyber security in education will be discussed and addressed by experts at Jisc’s network and technology conference, Networkshop44, on the 22-24 March 2016 at the University of Manchester. Please visit here to buy your ticket, or watch online.

The post Survey shows lack of concern around cyber security from UK students appeared first on IT Security Guru.

Children Given Key to the Internet First, House Keys Second

The Gurus — Tue, 01 Mar 2016 09:44:42 +0000

A new study by IT security firm ESET has revealed that children in the UK are being allowed to surf the internet completely unsupervised before they are trusted with their own set of house keys.
22 percent of the 1000 British parents surveyed said they allow their children, aged under seven years, to surf the internet unsupervised, while the average age was 9.5. In comparison, the average age at which British parents give their children their own set of house keys is 10.8. These findings highlight that despite being protective of their children’s physical safety, parents are still not recognising dangers of the internet.
Commenting on the study findings, Mark James, security specialist at ESET, said: “What parents must understand is that their children could be talking to anyone online. While they think they are talking to another child of similar age, there is actually no way to be completely sure. One of the biggest problems is that parents treat their child’s internet usage like watching television – they do not expect them to see inappropriate content, however the harsh reality is that children are curious and want to explore the internet, even when they know it’s wrong.”
Surprisingly, considering the findings from the study, when parents were asked if they feel children are using technology too young, 64 percent either agreed or strongly agreed.
ESET also compared the UK findings to parental attitudes in the US, Germany and Russia. The comparison revealed that only 3 percent of Russian parents allowed their children to surf the internet unsupervised when aged 6 or under, while the figure was around 15 percent for all UK, US and German parents. Russian parents were also most strict with their young children (6 and under) playing unsupervised in a playground at only 18 percent of children being allowed to do so, compared to 28 percent in the UK and US and a massive 40 percent in Germany.
Interestingly, despite being the most protective of their young children, on average Russian parents were actually the first to give their children mobile phones at only 7 years and 2 months, 8 months earlier than their house keys. On the other hand, Brits are granting their offspring their first phone at 9.8 years, almost 10 months before their first set of house keys (10.6). This is closely followed by American parents who give children their first devices shortly before their 10^th birthday (9.7), just after Germans, at 9 years and 7 months (9.6).
James points out that “while it has always been strongly advised that children should be supervised when using the internet, this advice is rarely taken. Parents do not view the internet as a place that could cause any immediate danger to their child as the places they visit on the internet is done in the comfort of their own home. This is not a good attitude to take and the internet should be treated with caution as there are a number of online threats which could also have a physical impact on their child.”
So here are ESET’s seven golden rules for parents and children for online security:

Updated Antivirus and Security software is a necessity.
Updated OS as well as up to date installed applications is a necessity.
Be vigilant and monitor your child’s internet connection: set a password and allow children to surf the web only during the times when you can periodically check on their online activities. Set clear rules about the use of computers.
Instruct children on internet privacy: they should never supply personal data and details to strangers on the web and social networks.
Control the web camera as it can be easily misused by criminals and strangers. Unplug or cover your webcam when you don’t use it. There is malware that can access your webcam without you knowing about it or, if your machine is compromised, it could be turned back on remotely. Have children use camera only for approved communication: with known friends and family.
On social media, if you or your child shares the wall with “Everyone” or “Friends of friends” then you have lost control of who has access to all data
The information posted on the internet does not go away. Do not assume that when you delete a photo or even the whole social network account that you have automatically deleted all the data forever. Pictures and information might be already saved on someone else’s computer. Children and parents should think twice about which pictures and details to put on the Internet.

For the full findings of the study visit the ESET blog at: http://www.welivesecurity.com/2016/02/23/digital-childhoods-different-nations-bring-kids/

The post Children Given Key to the Internet First, House Keys Second appeared first on IT Security Guru.

Mysterious spike in WordPress hacks silently delivers ransomware to visitors

The Gurus — Fri, 05 Feb 2016 09:56:24 +0000

It’s still not clear how, but a disproportionately large number of websites that run on the WordPress content management system are being hacked to deliver crypto ransomware and other malicious software to unwitting end users.
In the past four days, researchers from three separate security firms have reported that a large number of legitimate WordPress sites have been hacked to silently redirect visitors to a series of malicious sites. The attack sites host code from the Nuclear exploit kit that’s available for sale in black markets across the Internet. People who visit the WordPress sites using out-of-date versions of Adobe Flash Player, Adobe Reader, Microsoft Silverlight, or Internet Explorer can then find their computers infected with the Teslacrypt ransomware package, which encrypts user files and demands a hefty ransom for the decryption key needed to restore them.

Original Source: Ars Technica
View the full story here

The post Mysterious spike in WordPress hacks silently delivers ransomware to visitors appeared first on IT Security Guru.