PC PORTAL

Experienced. Trusted. Solutions.

Featured Posts

By

A Chat with Kiran Kumar: Webroot Product Director

Reading Time: ~4 min.

The process of bringing a cybersecurity product to market can be long and tedious, but Kiran Kumar, Product Director at Webroot, loves to oversee all the moving parts. It keeps him on his toes and immersed in the ever-changing world of security technology.

We sat down to chat with Kumar about his #LifeAtWebroot, heard how he got to where he is today, and why he’s loved every minute of his journey.

Tell us about your role as a Product Director.

I’m the product director for our network portfolio of products. This includes Webroot DNS Protection, FlowScape, and our next-gen security solution. I’m also responsible for the overall solutions platform, the next-gen solution we are working on.

What does a typical week look like for you? 

My typical week ranges from working with customers on concept validation or case studies, to presenting at events. I’ll help customers with damage control, provide assurance of the product, or pitch Webroot solutions. I would say that at least 40-50% of my job is working with the engineering team on the next product release. The key is to stay on top of everything and keep my eyes and ears open because it’s the product director’s responsibility to make things happen. You must be able to collect information from different stakeholders, bring it all together, and prioritize. Sometimes no one reports to you, but you still have to bridge the gaps and constantly negotiate, make decisive tradeoff decisions, get buy-ins, etc. That’s the key to being a strong Product Manager. I spend time with a lot of people both inside and outside: marketing, sales, sales engineering, customer success, public relations, analyst relations, you name it. It’s a matter of constantly juggling and prioritizing.

What is your favorite part of working as a Product Director?

I enjoy being able to make a difference. Also, the satisfaction of building relationships with all these different groups of people and rallying them to achieve a common goal is really satisfying. You have to take everyone else’s opinion, along with your own, and figure out the best the direction to move in. All of that starts with the product. It’s a key part of every organization. I love seeing all the work that goes into bringing a product to market. The ability to make an impact and visibility into projects is tremendous.

What have you learned in this role? 

I think one of the biggest pieces of advice that I can give, and that I’m continuing to work on myself, is that building relationships is absolutely critical to success. You have to use negotiation skills, persuasion tactics, and figure out how to rally the whole troop. I’d say that’s critical in many areas of business. Also, you need to constantly have a sense of curiosity and willingness to challenge yourself. Good enough is not good enough. Ask questions and take ownership of things. One great thing about Webroot is that everyone is open to questions and collaborating to find answers.

What is the hardest thing about being a Product Director?

The most challenging thing about the job is staying levelheaded. Every day you need to be flexible and willing to adapt because a hundred different things will be thrown your way and you need to be prepared to handle it. You can’t be flustered. Another challenge is figuring out how to work quickly. One of the hardest things is working through problems and getting them solved in the time that I want — quickly.

Is this what you expected to be doing in your career?

After graduating from college, I never expected that I would be a product manager, but I was at the right place at the right time. I started at a technology consulting company and was placed at a security company. I started doing business analysis, and that’s still a part of my job, but product management is more inclusive of business analysis, product management, market research – everything this position entails. I didn’t like programming as much. I couldn’t sit behind a computer all day – that’s just not my personality. Now I’ve been in the industry about 16 years, and I have to say I have had the best time working at Webroot.

What makes working at Webroot so amazing? 

One benefit to being located in our smaller San Diego office, besides the weather, beach, and beer, is I’ve been able to see it grow. We have about 90 people in this office and I know everyone. The people at Webroot are really friendly and helpful, so it’s easy to feel welcomed. The Webroot culture is very open and not hierarchical. Since I’ve been here I’ve been able to talk to anyone, including any executive. I am super passionate about the products I support and the audiences we help – SMB/MSP.

Best career advice you’ve received? How have you seen that advice playing out in your own career? 

For someone who’s starting fresh and getting into product management, I would say to be open, be flexible, and constantly seek to challenge yourself. Soak in as much as you can. For people more senior, I would say to continue with relationship building and be mindful of how you can make the biggest impact. This position isn’t about having an MBA and writing up numbers. It is very technology focused and it’s all about being able to adapt and able to provide solutions, not just numbers.

What’s your favorite patio? (Place to go when it’s nice outside, place to get a drink.)

There’s a really nice brewery close to the office called Ballast Point. The team goes there a lot. But my favorite food is Mexican and I love hole-in-the-wall places. There’s one restaurant in the Torrey Pines area called Berto’s that’s awesome. It’s not fancy, but their veggie burrito keeps me coming back.

To learn more about life at Webroot, visit https://www.webroot.com/blog/category/life-at-webroot/.

The post A Chat with Kiran Kumar: Webroot Product Director appeared first on Webroot Blog.

By

How To Keep Better Tabs on Your Connected Apps

Reading Time: ~5 min.

Not that long ago, before data breaches dominated daily headlines, we felt secure with our social media apps. Conveniently, every website seemed to allow logging in with Facebook or Twitter instead of creating a whole new password, and families of apps quickly became their own industry. Third-party apps and games on social media platforms (remember Farmville on Facebook?) were allowed profile access en masse. Trivia games, horoscope predictions, personality quizzes — all seemingly secure and engaging diversions — let social media users enable some type of third-party app.  

Unfortunately, we now know that this left many of us, and our data, exposed to a potential breach

So we turned to Randy Abrams, Webroot’s Sr. Security Analyst, for insights on how to keep third-party app breaches in check. The trick to keeping yourself and your loved ones safe? Information silos, both on and off of social media. 

“As a rule, I leave my apps in silos, meaning I severely limit their connectivity level — especially when it comes to accessing my mobile device, “Abrams says. “Apps for email, texting, and calling people do have a reasonable need for access to your contacts on the phone. Most other apps, such as social media apps do not need to be able to look up your unsuspecting friends.”  

Limiting the access your apps have to their direct functions will help keep you and your loved ones safe. Here’s how to get it done. 

Mobile App Permissions 

Limiting your app’s permissions may seem like a chore, but it is the best way to keep breaches from expanding in scope. We’ve put together a mobile app permissions crash course to help you silo your sensitive data quickly and easily. 

For Android Users 

To monitor and edit an existing application’s accessibility permissions on your device, go to your Android’s settings and tap Apps & Notifications. From there, you will be able to locate all the applications that are active on your device. When you’ve located the application whose permissions you would like to edit, simply tap the app and then tap “Permissions” to view and edit its current permission settings. 

To review an application’s accessibility permissions before you install it on your device from the Google Play Store, tap on the app you’d like to install and click Read more to bring up its detail page. Scroll to the bottom and tap App permissions to review the app’s requested permissions. After you install and open the application for the first time, you will be prompted to allow or deny application permissions (like access to your contacts or location). You can always edit the application’s existing permissions later using the steps outlined above. 

For iOS Users 

To monitor and edit an existing application’s accessibility permissions on your device, go to the settings app Privacy to see all the permissions available on your phone (like location services and camera access). Select the permission set you would like to review to see all of the applications with access, and revoke any permissions you’re not comfortable with. 

To review an application’s accessibility permissions at install, simply open the app and begin using it. The app will request permissions, which you can either allow or deny. You can always revoke permissions after they have been granted by following the steps outlined above. 

Preventing social media applications from gaining unnecessary access to your mobile data could help stop data breaches from spreading. But it won’t stop the breaches themselves from happening. Leaving apps enabled entails large-scale security issues — not only for ourselves, but also for friends and family connected with us through social media. When we connect apps to our social media profiles, we expose not just our information, but the shared information of a broader network of connections — one that expands well beyond our immediate circles. In a startling example, only 53 Facebook users in Australia downloaded Cambridge Analytica’s infamous thisisyourdigitallife app, but a total of 311,127 network connections had their data exposed through those users. That amount of collateral damage is nothing to scoff at. 

Removing Third Party Apps 

“Facebook is the company best known for leaking extensive amounts of data about users, usually by default privacy settings that allow third-party apps to access as much user data as possible,” says Abrams. “Most users had no idea they could control some of what is shared and would have a difficult time navigating the maze to the settings.” 

Facebook 

Facebook made a few reform efforts to help make managing third-party access to your account a little bit easier. Click on Settings from the account dropdown menu, and then select Apps and Websites. This should take you to a dashboard that will show your active, expired, and removed apps. It will also give you the option to turn off the capability for any third-party apps to connect with your profile. 

Twitter 

From your account dropdown, click on Settings and privacy. Click on the Apps and devices tab, which will show all of the apps connected to your account. You can see the specific permissions that each app has under the app name and description. To disconnect an app from your account, click the Revoke access button next to the app icon. 

Instagram 

From a web browser, log in to your account and click the gear icon next the Edit Profile button. Select Authorized Apps to see all of the apps connected to your account. Click the Revoke Access button under an app to remove it from your account. 

Building Secure Social Media Habits 

Monitoring the access levels of your connected apps is a good start to keeping yourself and your loved ones secure, but it’s not always enough. 

“It must be assumed that all third-party apps are collecting all of the information on the platform, regardless of privacy settings,” warns Abrams. 

Establishing secure social media habits will continue to help keep you secure after you’ve reviewed your app permissions. This means conducting regular audits of the third-party app permissions associated with all of your social media accounts and — slightly more arduously — thoroughly reading the privacy policies of any third party apps before you connect them. 

“If a person is going to use apps in conjunction with social media platforms, it’s important to understand their privacy policies,” say Abrams. “Unfortunately, with many apps, the privacy policy may not be shown until the app has been installed, and may not even be visible on the developer’s website. When the policy can be located, you’ll often find the user’s friends’ privacy is collateral damage in the agreement. It is up to the individual choosing to decide if their friends’ privacy is acceptable collateral damage. Unfortunately, few know how to obtain the information required to make an informed decision. 

“Without reading the privacy policies you cannot know to what extent your friends’ private information will be shared, “adds Abrams. “Remember, it isn’t just their names you are sharing, it is part of the data aggregation they are already subjected to. Simply letting an app know you are friends provides more information than just their names. It helps app companies build more robust profiles.” 

Stay Vigilant and Informed 

Don’t allow your data or your network to be used beyond your wishes or against your will. Take charge of your data security, and protect your friends by conducting regular audits of your third-party app permissions. Before you connect any new apps, settle down with a little light reading and thoroughly vet their privacy policy. Given how intertwined our digital lives have become, the cybersecurity of our closest friends and loved ones could well depend on it. 

The post How To Keep Better Tabs on Your Connected Apps appeared first on Webroot Blog.

By

Four Tips to Help Tidy Up Your Tech

Reading Time: ~4 min.

This spring, many of us will roll up our sleeves and get down to business decluttering our homes. Garage sales will be held, basement storage rooms will be re-organized, and donations will be made. 

Shouldn’t the same thing happen in our digital lives? After all, the average American will spend the bulk of their waking hours parked in front of some sort of screen—flipping , swiping, and clicking away. A little tidying up of data and online habits can go a long way toward enhancing your digital security andpeace of mind. 

So here are a few tips for tidying up your tech designed to make you ask not only: “Does this bring me joy?” but also, “does this make me more secure?”  If not, consider purging apps, connections, and permissions that could leave you more susceptible to a breach. If you answer yes, make sure you’re taking the necessary steps to protect it.

Turn off Bluetooth when it’s not in use

Since the Blueborne family of vulnerabilities was discovered in 2017, deactivating Bluetooth when not in use has become standard security advice. With the increasing adoption of home IoT devices, the consequences of ignoring that advice have only risen. 

Bluetooth connections are like a lonely person on a dating site; they’re in constant search of a connection. When Bluetooth-enabled devices seek out the wrong sources—that of a cybercriminal, say—they are vulnerable to exploitation.

“Smart speakers and other IoT devices may introduce convenience to our daily lives,” says Webroot Security Analyst Tyler Moffitt. “But they’re also a calculated risk, and even more so for knock-off devices whose manufacturers don’t pay proper attention to security. Minimizing the time Bluetooth is on helps to manage that risk.”

Or, as Webroot VP of engineering David Dufour put it to Wired magazine soon after the discovery of Blueborne, “For attackers, it’s Candyland.”

Use a VPN to cloak your digital footprint

Shrouding your connection in a virtual private network (VPN) is especially important when accessing public or unsecured WiFi networks. Again, we make a trade-off between convenience and security when logging on to these “free” networks. 

Without additional protection, cybercriminals can spy on these unencrypted connections either by commandeering the router or by creating their own spoof of a legitimate WiFi hotspot, in a variation of a man-in-the-middle attack. From here, they’re free to monitor the data flowing between your device and the network. 

“It’s more than just the privacy violation of being able to see what you’re doing and where you’re going online,” Moffitt explains. “Cybercriminals can lift sensitive data like banking login credentials and drop ransomware or other malicious payloads like cryptojackers.”

A VPN encrypts the traffic between your device and the router, ensuring your digital footprint is shielded from prying eyes. 

Keep apps updated with the latest software

While some apps are inherently sketchy, and users shouldn’t expect the app creators behind them to prioritize security, others introduce vulnerabilities inadvertently. When responsibly run, app developers address these security gaps through software updates.

Take the cultural phenomenon Fortnite, for example. The game that drove its parent company, Epic Games, to an $8 billion valuation was found at the beginning of the year to contain multiple vulnerabilities that would have allowed malicious actors to take over player accounts, make in-game purchases, and join conversations. Epic Games was quick to issue “a responsibly deployed” fix, but in this and similar instances, users are only protected after installing the suggested updates.

“I always recommend users keep both their apps and their mobile operating systems up to date,” says Moffit. “This is made easier by turning on automatic updates wherever possible and only downloading apps from reputable app stores, so you increase the chances that updates are timely.”

For more tips on protecting your smartphone from mobile malware, see our complete list of recommendations here.

Set up automatic cloud backups

Purging unused apps is a good principle for spring cybersecurity cleaning – like a box of old clothes you haven’t worn in decades, unused apps represent digital data containers you no longer need. But what about all that data you’d hate to lose—the pictures, videos, documents, and other files you’d be devastated to see disappear? Protecting that trove of data is another core tenant for tidying up your tech. 

Ransomware is one prime reason for keeping up-to-date backups of valuable data. It can strike anyone from college students to cities, and the list of those who’ve been burned is long and distinguished.

“The combination of an antivirus and a cloud backup and recovery solution is an effective one-two punch against ransomware,” Moffit says. “On the one hand, you make your device more difficult to infect. On the other, you become a less attractive target because you’re unlikely to pay a ransom to recover data that’s already backed up to the cloud and out of reach for ransomware.”

Natural disasters and device theft—two contingencies even the tightest cybersecurity can’t account for—are prime reasons to make sure backups are in place sooner, rather than later. Cloud backup is more secure and affordable than ever, so it makes sense to back up anything you couldn’t stand to lose, before it’s too late. Want more tips for cybersecurity spring cleaning? Download Webroot’s full checklist for tidying up your tech.

The post Four Tips to Help Tidy Up Your Tech appeared first on Webroot Blog.

By

Hijacked Email Reply Chains

Reading Time: ~4 min.

Although phishing has been around in various forms since the 1980s, our research shows it continues to evolve—and remains a major threat. These days, phishing tactics have gotten so sophisticated, it can be difficult to spot a scam—particularly in the case of hijacked email reply chains. Let’s look at a concrete example.

Imagine you’re a purchaser for a concrete supplier, and you get an email from a regular client about an order. In that email, you can see this client, Michael, has been exchanging messages with your colleague, Jill. The email addresses, corporate logos, and everything about the email chain look 100% legitimate. You’ve even met Michael in person, so you know he’s trustworthy.

In this case, the conversation details are convincing to you—because they’re real. Someone gained access to your colleague’s email and took over a legitimate conversation about purchases, then forwarded it to you with a malicious payload attached.

A message like this is very likely to get through any email filtering, and you’d probably open it, since it looks like it’s from a trusted sender.

Had you opened the file in this hypothetical scenario, you might have gotten infected with Emotet or another banking Trojan, such as Ursnif / Gozi.

This image is an example of a malicious word document asking you to “enable macros.” This is a common malware tactic that convinces a victim to disable their own security.

“Phishing attacks increased 36%, with the number of phishing sites growing 220 percent over the course of 2018.” – Webroot Inc. “2019 Webroot Threat Report.” (March 2019)

Ursnif / Gozi Campaigns

The difference between an ordinary phishing attack and a hijacked email chain really comes down to believability. The criminals behind these campaigns take their time breaking into email accounts, watching business conversations, negotiations, and transactions, then launching their attempts at plausible moments when the recipient’s guard is most likely to be down. Most commonly, these attacks have been attributed to Ursnif/Gozi campaigns. Webroot has seen quite a few cases of these hijacked emails with the same style of phishing text and nearly identical payloads. There are numerous reports online as well. 

In a malware campaign like this one, it really doesn’t matter whose account the malicious actors have broken into. If you receive an email from your project manager, a sales colleague, the finance department, a particular client, or anyone else that bears the markers of a legitimate, ongoing email conversation, the attack is highly likely to succeed.

Samples

Seen since last November: all email bodies had a long list of replies, but all had the following message.

This would suggest they are all samples that can be attributed to the same gang. Each had .zip files attached with convincing names related to the business at hand, which contained Microsoft® Word documents with filenames that started with “request”.

What You Can Do

Faced with such plausible attacks, it might seem impossible to stay safe. But there are a few tips that can keep you protected. First, never turn macros on, and never trust a document that asks you to turn macros on, especially if it’s a Microsoft® Office file that wants you to show hidden content. Macros are a very common attack vector.

Second, always make sure to keep your operating system up to date, especially Microsoft Office programs. 

Third, you likely already mistrust emails from people you don’t know. Now, it’s time to turn that suspicion onto trusted senders too. Attackers commonly try to spoof email addresses to look like those you’re familiar with, and may even gain control of an email account belonging to a person you know. Always err on the side of caution when it comes to emails asking you to download attachments. 

Fourth, it’s important to protect your own email account from being hijacked. Attackers can use techniques like alternate inboxing to send messages from your account without your knowledge. Be sure to secure your account with strong passwords, 2-factor authentication, or use a secure password manager. Encourage friends and colleagues to do the same.Finally, if you’re suspicious of an email, the best way to check its legitimacy is to pick up the phone. If you know the sender personally, ask them about the message in person or via phone. Or, if you receive a message from a company, look up their publicly listed phone number (do not use the number provided in the email) and call them.

How Webroot Protection Can Keep You Safe

  • Webroot security for computers, smartphones, and tablets blocks malicious scripts, downloads, and executables. (However, you should still exercise caution and common sense, regardless which internet security solutions you use.)
  • For businesses and managed service providers, our portfolio of integrated, next-generation security includes Endpoint ProtectionDNS Protection, and Security Awareness Training for end users.

For more information on these types of attacks, you can read the following articles:

The post Hijacked Email Reply Chains appeared first on Webroot Blog.

By

Lock Down Your Digital Identity

Reading Time: ~3 min.

The last decade has been one of digital revolution, leading to the rapid adoption of new technology standards, often without the consideration of privacy ramifications. This has left many of us with a less-than-secure trail of digital breadcrumbs—something cybercriminals are more than aware of. Identity theft is by no means a new problem, but the technology revolution has created what some are calling a “global epidemic.”

Securing your digital identity is more important now than ever, and Webroot can help you start.

What is a Digital Identity?

The first step in locking down your digital identity is understanding what it is. A digital identity is the combination of any and all identifying information that can connect a digital persona to an actual person. Digital identities are largely comprised of information freely shared by the user, with social media accounts generally providing the largest amount of data. Other online services like Etsy and eBay, as well as your email and online banking accounts, also contribute to your digital identity. Realistically, any information that can be linked back to you, no matter how seemingly inconsequential, is part of your digital identity.

Digital Identity Theft

Digital identity theft occurs in several ways. A common tactic is social media fraud, where a hacker will impersonate a user by compromising an existing social media account, often messaging friends and family of the user requesting money or additional account information. If unable to gain full control of a genuine social media account, identity thieves will often set up a dummy social media account and impersonate the user using it.

A less widely-known form of digital identity fraud is internet-of-things (IoT) identity theft, where an attacker gains access to an IoT device with weak security protocols and exploits it to gain access to a higher priority device connected to the same network. Another growing threat is “SIM swapping”— an attack that involves tricking a mobile provider into swapping a legitimate phone number over to an illegitimate SIM card, granting the attacker access to SMS-enabled two-factor authentication (2FA) efforts.

Even those who don’t consider themselves targets should be aware of these tactics and take steps to lock down their digital identities.

Locking it Down

Reviewing your social media accounts’ privacy settings is one of the easiest things you can do to cut opportunistic identity thieves off from the start. Set your share settings to friends only, and scrub any identifying information that could be used for security clearance — things like your high school, hometown, or pets’ names. Only add people you personally know and if someone sends you a suspicious link, don’t click it! Phishing, through email or social media messages, remains one of the most prevalent causes of digital identity theft in the world. But your digital identity can be compromised in the physical world as well — old computers that haven’t been properly wiped provide an easy opportunity hackers won’t pass up. Always take your outdated devices to a local computer hardware store to have them wiped before recycling or donating them.

The Right Tools for the Job

This is just the start of a proper digital identity lock-down. Given the sensitive nature of these hacks, we asked Webroot Security Analyst Tyler Moffitt his thoughts on how consumers can protect their digital identities.

“Two-factor authentication in combination with a trusted virtual private network, or VPN, is the crown jewel of privacy lock-down,” Tyler said. “Especially if you use an authenticator app for codes instead of SMS authentication. A VPN is definitely a must… but you can still fall for phishing attempts using a VPN. Using two-factor authentication on all your accounts while using VPN is about as secure as you can get.”

2FA provides an additional level of security to your accounts, proactively verifying that you are actually the one attempting to access the account. 2FA often uses predetermined, secure codes and geolocation data to determine a user’s identity.

Because 2FA acts as a trusted gatekeeper, do your research before you commit to a solution. You’ll find some offerings that bundle 2FA with a secure password manager, making the commitment to cybersecurity a little bit easier. When making your choice, remember that using SMS-enabled 2FA could leave you vulnerable to SIM swapping, so though it is more secure than not using 2FA at all, it is among the least secure of 2FA strategies.

VPNs wrap your data in a cocoon of encryption, keeping it out of sight of prying eyes. This is particularly important when using public WiFi networks, since that’s when your data is at its most vulnerable. Many VPNs are available online, including some free options, but this is yet another instance of getting what you pay for. Many free VPNs are not truly private, with some selling your data to the highest bidder. Keeping your family secure behind a VPN means finding a solution that provides you with the type of comfort that only comes with trust.

The two things that only you can do to keep your identity secure? Constant vigilance and continuous education. Visit the Home+Mobile page on the Webroot blog for a host of resources to help keep you and your family safe online—at home and on the go. 

The post Lock Down Your Digital Identity appeared first on Webroot Blog.