PC PORTAL

Experienced. Trusted. Solutions.

Featured Posts

By

Simplified Two-factor Authentication for Webroot

Reading Time: ~ 1 min.

Webroot has evolved its secure login offering from a secondary security code to a full two-factor authentication (2FA) solution for both business and home users.

Webroot’s 2FA has expanded in two areas. We have:

  • Implemented a time-based, one-time password (TOTP) solution that generates a passcode which is active for only a short period of time.
  • Given our users the option to either opt-in or opt-out, especially those that leverage Webroot for home and personal use.

Starting in December, with the new updates, users will find it easier to use industry-vetted options, including Google Authenticator, Microsoft Authenticator, LastPass Authenticator, and Authy 2-Factor Authentication.

Why Two-Factor Authentication?

First and foremost, we encourage all users to opt-in to maintain a higher level of security. Two-factor authentication adds an extra layer of security to your basic login procedure. When logging into an account, the password is a single factor of authentication, and requiring a second factor to prove you are who you say you are adds a layer of security. Each layer of security you add exponentially increases protection from unauthorized access and makes it harder for brute force and credential stuffing attacks to occur.

A Note to Businesses

Users will have the option to opt-in or opt-out of the new Webroot 2FA feature. The Admins tab within our console will show you which of your users have or have not enabled 2FA.

To learn how to enable two-factor authentication, visit the Webroot Community.

The post Simplified Two-factor Authentication for Webroot appeared first on Webroot Blog.

By

Cookies, Pixels, and Other Ways Advertisers are Tracking You Online

Reading Time: ~ 3 min.

In May of 2018, the General Data Protection Regulation (GDPR) came into effect in the EU. Seemingly overnight, websites everywhere started throwing pop-ups to inform us about their use of cookies and our privacy rights. While the presence of the pop-ups may be reassuring to some (and annoying to others), the real issue is that very few of these pop-ups give any explanation as to how the cookies are used or whether they inform marketing decisions. So, before you click “accept” on that next privacy policy notification, read our primer on all things related to cookies, pixels, and web traffic trackers.

Check out the Webroot Community for more tips on how you can manage these cookies.

What is a Cookie?

Cookies (aka. HTTP cookies, session cookies, browser cookies, web cookies, or tracking cookies) are used by almost all websites to keep track of site users’ sessions. While you might not like the idea that a website is tracking you, cookies actually provide a very convenient function. Without them, websites you regularly visit wouldn’t be able to remember you or what content they should serve you. For example, if you added items to an online shopping cart and then navigated away without purchasing, that cart would be lost. You’d have to go back and add everything all over again when you were finally ready to buy. If it weren’t for cookies, our web experiences would be entirely different (and much more frustrating).

In cases like the previous example, the use of tracking cookies is pretty benign and helps smooth the user’s online experience overall. So, if cookies can provide a beneficial service, why do we need privacy laws like GDPR? The answer is because of a specific type of cookie, i.e. third-party tracking cookies. These are created by domains other than the one you are actively visiting. They run silently in the background, tracking you and your online habits without your notice and compiling long-term records of your browsing behavior. These are typically used by advertisers to serve ads “relevant” to the user even as they navigate unrelated parts of the web.

Who Serves Cookies and Why?

By far the most prolific servers of third-party cookies are Google and Facebook. To help businesses target and track advertisements, both Google and Facebook both suggest embedding a tracking pixel—which is just a short line of code—into business websites. These pixels then serve up cookies, which allow the site owner to track individual user and session information.

The tracking doesn’t stop there. To optimize their marketing tools for all users, Google and Facebook both track and store this data in their own databases for processing through their own algorithms. Even if you’re not currently logged in to Facebook, your session data can still be tracked by your IP address.

What is People-Based Targeting?

Google and Facebook’s ad platforms work incredibly well because they pair cookie data with an existing bank of user data that most of us have willingly (or unwillingly) given them. Your Facebook account, Instagram account, Gmail, and Google Chrome accounts are all linked to larger systems that inform sophisticated advertising networks how to appeal to you, specifically, as a consumer. This way, websites can serve you ad content you’re likely to click on, no matter which sites you’re actively visiting. Combining traditional cookie tracking with these types of in-depth user profiles is called “people-based targeting” and it’s proven to be an incredibly powerful marketing tactic.

How to Protect Your Data

The sad truth is that you’ll never fully escape tracking cookies, and, frankly, you probably wouldn’t want to. As mentioned above, they streamline your online experiences in a pretty significant way. What you can do is reduce the breadth of their reach in your digital life. Here are a few key ways to do that.

  1. Stay vigilant. Be sure to read the privacy policies before you accept them. This advice goes beyond the GDPR-compliant pop-ups that have become so prevalent in the last year. Keep in mind that tech giants are often interconnected, so it’s important to be aware of all the privacy policies you’re being asked to accept.
  2. Clean house. You don’t have to do it often, but clear your cookie cache every once in a while. There are plusses and minuses here; clearing your cache will wipe away any long-term tracking cookies, but it will also wipe out your saved login information. But don’t let that deter you! Despite that sounding like a hassle, you may find your browser performance improves. Exact steps for how to clear your cookies will depend on your browser, but you’ll find plenty of guides online. Don’t forget to clear the cache on your mobile phone as well.
  3. Use a VPN. Most of all, we recommend installing a virtual private network (VPN) on all of your devices. VPNs wrap your web traffic in a tunnel of encryption, which will prevent tracking cookies from following you around the web. Make sure you use a reputable VPN from a trusted source, such as Webroot® WiFi Security. A number of the supposedly free VPN options may just sell your data to the highest bidder themselves.

Cookie tracking and digital ad delivery are growing more sophisticated every day. Check back here for the latest on how these technologies are evolving, and how you can prepare yourself and your family to stay ahead.

The post Cookies, Pixels, and Other Ways Advertisers are Tracking You Online appeared first on Webroot Blog.

By

Online Gaming Risks and Kids: What to Know and How to Protect Them

Reading Time: ~ 4 min.

Online games aren’t new. Consumers have been playing them since as early as 1960. However, the market is evolving—games that used to require the computing power of dedicated desktops can now be powered by smartphones, and online gaming participation has skyrocketed. This unfortunately means that the dangers of online gaming have evolved as well. We’ve examined the top threats that parents need to know about to keep their kids safe while gaming online.

Check out our Antivirus protection for PC gaming without impact on your gameplay.

Online Bullying and Harassment

A recent study shows that 65% of players who participate in online gaming have been harassed; a statistic that does not bode well for underage gamers. Your first instinct may be to try to prevent your child from participating in online gaming altogether, but this may cause them to sneak playing time without your knowledge. A stronger choice would be to talk with your kids and prepare them for the types of negative behavior they may experience online, and to make sure they know they can come to you if they are being harassed. It’s also important to explain the impact that online bullying can have on others, and to set firm consequences if you catch your child participating in harassment or abusive language. Regulating the use of headsets can help prevent both your child’s exposure to and participation in online harassment.

Two types of harassment specific to online experiences go a step beyond what you would expect from online bullying: doxxing and swatting. Doxxing is when one or more online participants seek personal, identifying information on a particular user for blackmail or intimidation purposes. Doxxing can often lead to the release of real names, phone numbers, home addresses, employer information, and more. Swatting is a form of harassment that uses doxxing techniques to create an actual, tangible threat. A harasser will call in a threat to a doxxed user’s local law enforcement, often claiming there is a kidnapping or hostage situation at the victim’s address. This may bring a large SWAT response unit to descend upon the address.

Keeping an open line of communication about your kid’s gaming experiences is critical. Swatting can happen over seemingly innocuous events. One of the most notorious examples followed a dispute over a $1.50 bet in “Call of Duty: WWII.”

Pro tip: one is only vulnerable to doxxing and swatting if a harasser can link identifying information back to the targeted gamer. Educating your kids on digital privacy best practices is one of the strongest security measures you can take against these forms of online harassment.

Viruses and Malware

As with almost every digital experience, you’ll find specific cybersecurity threats associated with the online gaming landscape. We asked Tyler Moffitt, Webroot security analyst, for his thoughts on the malware threats associated with online gaming. 

“The thing kids should really watch out for with games is the temptation to cheat,” explains Moffit. “In popular games like Fortnite and PUBG, ‘aimbots’ are very common, as they allow the player to get headshots they normally wouldn’t be able to make. However, many of the aimbots that kids download from forums are packed with malware—usually  ransomware or info-stealing Trojans. What’s worse: a lot of young gamers also don’t run antivirus because they think it will make the game slower.”

The bottom line: cheating at online games isn’t just ethically icky, it makes you a proven target for hackers. Make sure your kids know the real cost of “free” cheats.

Phishing Scams and Account Takeovers

Where there’s money, there are scammers. With more than 1 billion gamers actively spending money not just on games, but in games, it’s no surprise that phishing scams have become commonplace in gaming communities. One of the most prevalent phishing tactics in gaming: account takeovers are often prompted by a risky link click on a gaming forum, or a compromised account sending out phishing links to other users. Once the hacker has control of the account, they can run up fraudulent charges to any attached credit cards or, in some cases, sell the compromised account (particularly if it contains valuable items or character skins). Young gamers are especially at risk for these hacks. In these cases, chances are that any credit cards attached to gaming accounts belong to you, not your kids, so young gamers aren’t going to notice who’s spending your hard-earned funds.

Keeping Your Kids Safe

You’ll find plenty of tools to help your kids stay secure while gaming. Reliable antivirus software installed and up-to-date on all of your household smart devices can protect your family from malicious software. Additionally, wrapping your household web traffic in the secure encryption of a trusted VPN could reduce doxxing potential. But your kids will only find true security through digital literacy. Start conversations with them not just about online bullying, but about recognizing cybersecurity threats and phishing scams. If you’re having a hard time connecting with them over the threat, remind them that it’s not just your wallet on the line. Account takeovers are now all too common, and no kid wants to see their Fortnite skins sold for a stranger’s profit. Also, always be sure to exercise caution in giving out information on the internet. Even small, seemingly irrelevant pieces of information could be used to pull up Facebook or other user account pages to grab even more personal data.

To keep your kids educated about online gaming risks, it’s important to educate yourself as well. Have a question we didn’t cover here? Ask the Webroot community.

The post Online Gaming Risks and Kids: What to Know and How to Protect Them appeared first on Webroot Blog.

By

STEM for Kids: Why Does it Matter?

Reading Time: ~ 3 min.

You have probably seen or heard news reports about STEM education (Science, Technology, Engineering, and Math), and how important STEM jobs are for the economy; or maybe you’ve heard reports on schools that are making strides to improve their STEM programs for kids. It’s important for parents with school-aged children to fully understand what a STEM education is and why access to STEM learning resources is so critical.  

STEM education, which is rooted in a strong foundation in the disciplines of science and math, is traditionally a part of any student’s curriculum. But a truly effective STEM education focuses on the interdisciplinary layering of these disciplines into the larger educational picture. When applied appropriately, effective STEM learning is integrated across subject areas, which taps into a child’s natural curiosity, providing them with an outlet for their creative energy. 

Check out some more tips on what you can do to help create the STEM leaders of tomorrow.

Why is STEM important for kids?

STEM isn’t just a buzzword acronym. The data shows a real impact when a child is exposed to STEM activities or programs. Here are just a few of ways kids are benefiting from STEM learning. 

  • College Readiness: A recent study from ACT shows that teenagers with an expressed interest in STEM display significantly higher levels of college readiness than their uninterested cohort.  
  • Workforce Opportunity: Humanity will always need engineers, and STEM workforce growth will always reflect that need. Since 1990, STEM employment has  grown by nearly 80%, and the sector expects to see an additional 8.9% in growth before 2024. Even better, STEM workers earn around 26% higher salaries than others. Even if they don’t end up working in a traditionally STEM-focused field, people with STEM degrees tend to earn more on average across the board. 
  • American Infrastructure: It’s no secret that we have a shortage of STEM workers in the United States. In fact, of the 970,532 STEM-interested students polled in the ACT survey, only 5,839 indicated a plan to pursue a degree in a STEM field. With less than one percent of STEM-interested students pursuing the field, this leaves the future of our country’s digital infrastructure in potential peril. Consider this: China has a ratio of roughly one STEM grad for every 293 citizens, while the United States has one STEM grad for every 573 citizens. As it stands, we have roughly half the engineering power as our main economic rival, with no sign of bridging the gap. 

Getting kids involved in STEM

STEM may seem intimidating to introduce to a young child, but it’s such a diverse field in which you can find several points of entry. Many existing extracurricular activities have already integrated STEM initiatives. One notable example is the Girl Scouts of America’s pledge to bring 2.5 million young women into the STEM pipeline by infusing their existing programs with STEM education projects. Many local and national programs are also focused on engaging children in STEM. If you’re having trouble finding such programs in your area, don’t forget the valuable resource that is your local library. They can often help you find a few relevant activities around town. 

STEM at Home

You don’t have to wait for a STEM program to begin encouraging your child’s curiosity. Many simple, safe, and fun STEM projects can be worked on at home, like fun games or building toys (like creating magnetic slime or the engineering of simple robots). Finding at-home STEM activities to do with your child is an excellent first step toward giving them a solid foundation in STEM principles and nurturing their interest. 

Creating a new generation of scientists, engineers, and inventors is important for all of us. Here at Webroot, we partnered with the Air Force Association’s CyberPatriot program to engage with Denver-area students around the topics of STEM and cybersecurity awareness, and we’re continuing thisinitiative again this year in honor of National Cyber Security Awareness Month in October. By engagingwith students in our community, we hope to plant the seeds that will encourage students to explore future opportunities in cybersecurity and IT.  

How are you applying STEM education to your child’s life? Find ways to get involved in National CyberSecurity Awareness Month here. 

The post STEM for Kids: Why Does it Matter? appeared first on Webroot Blog.

By

Keeping Your Vehicle Secure Against Smart Car Hacks

Reading Time: ~ 3 min.

An unfortunate reality of all smart devices is that, the smarter they get, and the more integrated into our lives they become, the more devastating a security breach can be. Smart cars are no exception. On the contrary, they come with their own specific set of vulnerabilities. Following high-profile incidents like the infamous Jeep hack, it’s more important than ever that smart car owners familiarize themselves with their inherent vulnerabilities. It may even save lives.

Want smart device shopping tips? Make sure your security isn’t sacrificed for convenience.

Smart Car Vulnerabilities

At a recent hacking competition, two competitors were able to exploit a flaw in the Tesla Model 3 browser system and compromise the car’s firmware. While the reported “Tesla hack” made waves in the industry, it actually isn’t even one of the most common vulnerabilities smart car owners should look out for. These, easier to exploit, vulnerabilities may be more relevant to the average owner.

Car alarms, particularly aftermarket car alarms, are one of the largest culprits in smart car security breaches. A recent study found that at least three million vehicles are currently at risk due to insecure smart alarms. By exploiting insecure direct object reference (IDORS) issues within the alarm’s software, hackers can track the vehicle’s GPS location, disable the alarm, unlock doors, and in some cases even kill the engine while it is being used.

Key fobs are often used by hackers to gain physical access to a vehicle. By using a relay attack, criminals are able to capture a key fob’s specific signal with an RFID receiver and use it to unlock the car. This high-tech version of a duplicate key comes with a decidedly low-tech solution: Covering your key fob in aluminum foil will prevent the signal from being skimmed.

On-Board diagnostic ports are legally required for all vehicles manufactured after 1996 in the United States. Traditionally used by mechanics, the on-board diagnostics-II (OBD-II) port allows direct communication with your vehicle’s computer. Because the OBD-II port bypasses all security measures to provide direct access to the vehicle’s computer for maintenance, it provides particularly tempting backdoor access for hackers.

Protecting Your Smart Car from a Cybersecurity Breach

Precautions should always be taken after buying a new smart device, and a smart car is no exception. Here are the best ways to protect your family from a smart car hack.

Update your car’s firmware and keep it that way. Do not skip an update because you don’t think it’s important or it will take too much time. Car manufacturers are constantly testing and updating vehicle software systems to keep their customers safe—and their brand name out of the news. Signing up for vehicle manufacturer recalls and software patches will help you stay on top of these updates.

Disable unused smart services. Any and all of your car’s connectivity ports that you do not use should be turned off, if not altogether disabled. This means that if you don’t use your car’s Bluetooth connectivity, deactivate it. Removing these access points will make your car less exposed to hacks.

Don’t be a beta tester. We all want the newest and hottest technologies, but that doesn’t keep us at our most secure. Make sure that you’re purchasing a vehicle with technology that has been field tested for a few years, allowing time for any vulnerabilities to be exposed. Cutting-edge technologies are good. But bleeding edge? Not so much.

Ask questions when buying your vehicle and don’t be afraid to get technical. Ask the dealer or manufacturer which systems can be operated remotely, which features are networked together, and how those gateways are secured. If you’re not comfortable with the answers, take your money elsewhere.

Advocate for your security. As smart cars become so smart that they begin to drive themselves, consumers must demand that manufacturers provide better security for autonomous and semi-autonomous vehicles.

Only use a trusted mechanic and be mindful of who you grant access to your car. OBD-II ports are vulnerable but necessary, so skipping the valet may save you a costly automotive headache down the line.

Keep the Conversation Going

As our cars get smarter, their vulnerabilities will change. Check back here to keep yourself updated on the newest trends in smart car technologies, and stay ahead of any potential threats.

The post Keeping Your Vehicle Secure Against Smart Car Hacks appeared first on Webroot Blog.