<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0"
     xmlns:content="http://purl.org/rss/1.0/modules/content/"
     xmlns:dc="https://purl.org/dc/elements/1.1/"
     xmlns:dcterms="http://purl.org/dc/terms/"
     xmlns:media="http://search.yahoo.com/mrss/"
     xmlns:atom="http://www.w3.org/2005/Atom"
>
    <channel>
                    <atom:link href="https://www.itpro.com/feeds/tag/laptop-security" rel="self" type="application/rss+xml" />
                            <title><![CDATA[ Latest from ITPro in Laptop-security ]]></title>
                <link>https://www.itpro.com/tag/laptop-security</link>
        <description><![CDATA[ All the latest laptop-security content from the ITPro team ]]></description>
                                    <lastBuildDate>Wed, 06 Aug 2025 10:26:00 +0000</lastBuildDate>
                            <language>en</language>
                                <item>
                                                            <title><![CDATA[ Millions of Dell laptops are are at risk thanks to a Broadcom chip vulnerability – and more than 100 device models are impacted ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/millions-of-dell-laptops-are-are-at-risk-thanks-to-a-broadcom-chip-vulnerability-and-more-than-100-device-models-are-impacted</link>
                                                                            <description>
                            <![CDATA[ Widely used in high-security environments, the PCs are vulnerable to attacks allowing the theft of sensitive data ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">FSGMcXcYrSYW62jeoeoDFP</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/mMYNyRepeU6Tsm2Qq8timc-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 06 Aug 2025 10:26:00 +0000</pubDate>                                                                                                                                <updated>Mon, 06 Oct 2025 13:37:00 +0000</updated>
                                                                                                                                            <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Emma Woollacott ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/aWfskavxoVSMDy6cDWtYmJ.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/mMYNyRepeU6Tsm2Qq8timc-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Dell laptops pictured at a Best Buy store in Austin, Texas.]]></media:description>                                                            <media:text><![CDATA[Dell laptops pictured at a Best Buy store in Austin, Texas.]]></media:text>
                                <media:title type="plain"><![CDATA[Dell laptops pictured at a Best Buy store in Austin, Texas.]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/mMYNyRepeU6Tsm2Qq8timc-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Millions of Dell laptops with Broadcom chips are vulnerable to attack if left unpatched, thanks to firmware vulnerabilities that could allow hackers to steal sensitive data.</p><p>Dell ControlVault is system-on-chip (SoC), a hardware-based security solution that stores passwords, biometric templates and security codes within the firmware. </p><p>It does this via a daughter board, which Dell refers to as a Unified Security Hub (USH). This is used as a hub to run ControlVault (CV), connecting various security peripherals such as a fingerprint reader, smart card reader and NFC reader. </p><p>Designed to provide enhanced security, CV is widely used by <a href="https://www.itpro.com/security/28133/what-is-cyber-security">cybersecurity </a>companies, government agencies, and other highly security-conscious organizations. </p><p>However, according to Cisco Talos researchers, more than 100 Dell laptop models are affected by five vulnerabilities, dubbed ReVault, which affect both the ControlVault3 <a href="https://www.itpro.com/tag/firmware">firmware</a> and its associated Windows APIs. </p><p>The flaws include multiple out-of-bounds vulnerabilities, an arbitrary free and a stack-overflow, all affecting the CV firmware, as well as an unsafe-deserialization that affects ControlVault’s Windows APIs. </p><p>"These findings highlight the importance of evaluating the security posture of all hardware components within your devices, not just the operating system or software," said Cisco Talos senior vulnerability researcher Philippe Laulheret. </p><p>"As Talos demonstrated, vulnerabilities in widely-used firmware such as Dell ControlVault can have far-reaching implications, potentially compromising even advanced security features like biometric authentication."</p><h2 id="what-the-vulnerability-means-for-users">What the vulnerability means for users</h2><p>If left unpatched, said Cisco Talos, the vulnerabilities could allow attackers to take full control of a user’s device, steal passwords and access sensitive data such as fingerprint information. </p><p>Attack scenarios include privilege escalation, persistent access even after OS reinstallation and exploitation via physical tampering.</p><p>"On the Windows side, a non-administrative user can interact with the CV firmware using its associated APIs and trigger an Arbitrary Code Execution on the CV firmware,” said Laulheret</p><p>“From this vantage point, it becomes possible to leak key material essential to the security of the device, thus gaining the ability to permanently modify its firmware.” </p><p>"This creates the risk of a so-called implant that could stay unnoticed in a laptop’s CV firmware and eventually be used as a pivot back onto the system in the case of a Threat Actor’s post-compromise strategy,” Laulheret added.</p><p>Meanwhile, any local attacker with physical access to a user’s laptop could pry it open and directly access the USH board over USB with a custom connector - allowing them to exploit the vulnerabilities without needing to log in into the system or have a full-disk encryption password. </p><p>Dell has issued a security advisory on the flaws, <a href="https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053"><u>DSA-2025-053</u></a>, and has patches for affected systems. Users are advised to apply these patches, disable any unused services and consider disabling fingerprint login when laptops are likely to be left unattended.</p><p>Dell and Broadcom have been approached for comment.</p><h3 class="article-body__section" id="section-more-from-itpro"><span>MORE FROM ITPRO</span></h3><ul><li>INSERT CONTENT</li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ ‘A huge national security risk’: Thousands of government laptops, tablets, and phones are missing and nowhere to be found  ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/a-huge-national-security-risk-thousands-of-government-laptops-tablets-and-phones-are-missing-and-nowhere-to-be-found</link>
                                                                            <description>
                            <![CDATA[ A freedom of information disclosure shows more than 2,000 government-issued phones, tablets, and laptops have been lost or stolen, prompting huge cybersecurity concerns. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">v2uMGPH7StFV7SN6CfeBiD</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/gxmDz2Vva54pCZX8UqSrL5-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 24 Jun 2025 10:25:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Security]]></category>
                                                                                                <author><![CDATA[ itpro@futurenet.com (Bobby Hellard) ]]></author>                    <dc:creator><![CDATA[ Bobby Hellard ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/bsR2tHSyVKUoyXZF5pNsDA.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Bobby Hellard&amp;nbsp;is&amp;nbsp;ITPro&#039;s Reviews Editor and has worked on&amp;nbsp;CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.&lt;/p&gt;
&lt;p&gt;Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.&lt;/p&gt;
&lt;p&gt;He has been a journalist for ten years, originally covering sports, before moving into business technology with ITPro. He has bylines in The Independent, Vice and The Business Briefing. Contact him at &lt;a href=&quot;mailto:bobby.hellard@futurenet.com&quot;&gt;bobby.hellard@futurenet.com&lt;/a&gt; or find him on Twitter: &lt;a href=&quot;https://twitter.com/bobbyhellard&quot;&gt;@bobbyhellard&lt;/a&gt;&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/gxmDz2Vva54pCZX8UqSrL5-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Lost devices concept image showing a laptop left behind on a seat in an airport terminal.]]></media:description>                                                            <media:text><![CDATA[Lost devices concept image showing a laptop left behind on a seat in an airport terminal.]]></media:text>
                                <media:title type="plain"><![CDATA[Lost devices concept image showing a laptop left behind on a seat in an airport terminal.]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/gxmDz2Vva54pCZX8UqSrL5-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The UK government has lost over 2,000 laptops, phones, and tablets within the last two years, according to a freedom of information disclosure. </p><p>Figures first published by <a href="https://www.theguardian.com/technology/2025/jun/22/uk-government-laptops-phones-tablets-lost-stolen-cybersecurity" target="_blank"><u><em>The Guardian</em></u></a> show that, combined, the lost devices are worth more than £1 million, but experts told <em>ITPro </em>that the real issue is the cybersecurity risk they pose. </p><p>Devices reported as either lost or stolen from the Department for Work and Pensions totaled 240 missing laptops and 124 missing phones in 2024. </p><p>The <a href="https://www.itpro.com/cloud/cloud-security/how-the-uks-ministry-of-defence-is-overhauling-its-internal-cloud-with-a-secure-by-design-approach">Ministry of Defence</a> recorded 103 missing laptops and 387 missing phones, while the Cabinet Office is said to have lost or had stolen 66 laptops and 124 phones.  </p><p>Missing devices were recorded across 18 Whitehall departments and public authorities in the last year, which included the Bank of England, HM Treasury, and the <a href="https://www.itpro.com/security/home-office-confirms-systems-were-impacted-in-microsoft-russia-hack">Home Office</a>.</p><p>The Bank of England told <em>The Guardian</em> that it “takes the security of devices and data very seriously and has suitable protection in place”.</p><p><em>ITPro </em>has approached the UK government for comment, but in a statement given to the publication, said: “We take the security of government devices extremely seriously, which is why items such as laptops and mobile phones are always encrypted so any loss does not compromise security.”</p><h2 id="lost-government-devices-are-a-security-nightmare">Lost government devices are a security nightmare</h2><p>While the financial cost of this loss is substantial, the greater concern is the cybersecurity risk presented by the loss or theft of these devices, according to James Castro-Edwards, counsel for multinational law firm Arnold & Porter</p><p>“Sophisticated hackers can break into such devices, potentially opening a ‘back door’ to government departments,” Castro-Edwards told <em>ITPro</em>. “This is particularly concerning when hackers are not only organized criminal gangs, but hostile nation states.</p><p>“Where the affected government department handles sensitive information, for instance, the Ministry of Defence or the security services, this creates a huge national security risk.”</p><p>Castro-Edwards said it’s crucial that all organizations implement “rigorous technical security measures” such as encryption and strong password protection to ensure devices remain secure. </p><p>Stolen devices play a crucial role in the cyber criminal economy, according to Boris Cipot at <a href="https://www.itpro.com/security/28133/what-is-cyber-security">cybersecurity</a> firm, Black Duck, underlining the dangers posed by lost government hardware.</p><p>"Stolen hardware is often ‘refurbished’ and then sold as used devices,” he explained. “This is because modern encryption software on these devices makes it difficult to access the data stored on hard drives or other storage media.”</p><p>“However, even the most advanced <a href="https://www.itpro.com/security/encryption/359943/what-is-end-to-end-encryption-and-why-is-everyone-fighting-over-it">encryption</a> is ineffective if the encryption key or user password is weak,” Cipot added.</p><p>With this in mind, Cipot said organizations should not solely rely on the “technical capabilities of protection software”. Passwords used to access and disable encryption must be robust.</p><p>“For government-issued <a href="https://www.itpro.com/hardware/laptops">laptops</a> and phones, it is particularly recommended to implement <a href="https://www.itpro.com/security/cyber-attacks/how-hackers-bypass-mfa-and-what-to-do-about-it">MFA</a>,” he said. “MFA can take the form of digital methods, such as biometric verification, or physical methods, such as a USB key or ID card.”</p><p>“This additional layer of security significantly enhances the protection of sensitive data and reduces the risk of unauthorized access, further ensuring uncompromised trust in software."</p><h3 class="article-body__section" id="section-more-from-itpro"><span>MORE FROM ITPRO</span></h3><ul><li><a href="https://www.itpro.com/security/cyber-attacks/cyber-attacks-have-rocked-uk-retailers-heres-how-you-can-stay-safe">Cyber attacks have rocked UK retailers – here's how you can stay safe</a></li><li><a href="https://www.itpro.com/hardware/laptops/what-good-laptop-security-looks-like-today">What good laptop security looks like today</a></li><li><a href="https://www.itpro.com/software/software-security-code-of-practice-ncsc-announcement">The NCSC wants developers to get serious on software security</a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Iranian hackers targeted nuclear expert, ported Windows infection chain to Mac in a week ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/cyber-attacks/iranian-hackers-targeted-nuclear-expert-ported-windows-infection-chain-to-mac-in-a-week</link>
                                                                            <description>
                            <![CDATA[ Fresh research demonstrates the sophistication and capability of state-sponsored threat actors to compromise diverse targets ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">Wa6FcqEdzsGaaHytker7tT</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/RBmH3m9HDsh4cfAWBqaJqf-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 06 Jul 2023 09:36:20 +0000</pubDate>                                                                                                                                <updated>Thu, 06 Jul 2023 13:19:08 +0000</updated>
                                                                                                                                            <category><![CDATA[Cyber Attacks]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                <author><![CDATA[ richard.speed@futurenet.com (Richard Speed) ]]></author>                    <dc:creator><![CDATA[ Richard Speed ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/9i9jXkpYyoBCECh2PbJBGP.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/RBmH3m9HDsh4cfAWBqaJqf-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Iranian hackers: Iran flag digital distorted to denote a disruption caused by a hack]]></media:description>                                                            <media:text><![CDATA[Iranian hackers: Iran flag digital distorted to denote a disruption caused by a hack]]></media:text>
                                <media:title type="plain"><![CDATA[Iranian hackers: Iran flag digital distorted to denote a disruption caused by a hack]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/RBmH3m9HDsh4cfAWBqaJqf-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>New research has shown the flexibility of threat actors to rapidly iterate attack patterns in order to bypass security controls.</p><p>An investigation from security firm Proofpoint into a recent attack targeting a nuclear security expert at a US-based think tank revealed how well-resourced attackers change tactics on the fly to compromise different machines.</p><p>After realizing their initial payload wouldn’t work on a Mac, they quickly pivoted to new techniques known to work on targets who used Apple hardware.</p><p>The sophisticated operation saw skilled threat actors devise a seemingly benign email chain with the high-profile target and continue the conversation over the course of weeks to build trust and rapport, exploiting that to launch further attacks.</p><h2 id="how-the-attack-unfolded">How the attack unfolded</h2><p>The mid-May 2023 attack came from TA453, an Iranian state-affiliated threat actor, also tracked under the monikers: Charming Kitten; APT42; Mint Sandstorm; and Yellow Garuda, and saw them posing as members of the Royal United Services Institute (RUSI).</p><p>Using a multi-persona approach, the attackers - known for conducting espionage operations - started an email chain with the target seemingly seeking feedback on a project titled ‘Iran in the Global Security Context’.</p><p>The attackers sent multiple messages from different accounts, all referencing each other to generate a feeling of authenticity - a technique seen before in <a href="https://www.itpro.com/security/ransomware/361417/microsoft-exchange-servers-distribute-squirrelwaffle-malware"><u>email hijacking campaigns</u></a>.</p><p>After a single seemingly benign interaction, a malicious Google Script macro was delivered, intended to direct the target to a Dropbox URL. The URL hosted a <a href="https://www.itpro.com/security/34616/the-top-password-cracking-techniques-used-by-hackers"><u>password</u></a>-encrypted .rar file, which contained a dropper masquerading as a PDF but was actually a Windows LNK file.</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="ovMSxaaARrLd4LYsh7bM4m" name="The Business Value of Zscaler Data Protection_listing.jpg" caption="" alt="Whitepaper cover with male and female colleague looking at, and pointing to, a digital padlock" src="https://cdn.mos.cms.futurecdn.net/ovMSxaaARrLd4LYsh7bM4m.jpg" mos="" link="" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div><figcaption itemprop="caption description" class=""><span class="credit" itemprop="copyrightHolder">(Image credit: Zscaler)</span></figcaption></figure><p class="fancy-box__body-text"><strong>The business value of Zscaler Data Protection</strong></p><p class="fancy-box__body-text"><em>Understand how this tool minimizes the risks related to data loss and other security events</em></p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/data-protection/the-business-value-of-zscaler-data-protection"><strong>DOWNLOAD FOR FREE</strong></a></p></div></div><p>Using <a href="https://www.itpro.com/security/exploits/368742/malware-campaigns-abuse-windows-shortcuts-bypass-macros"><u>LNK files</u></a> has been a hallmark of cyber attacks since Microsoft <a href="https://www.itpro.com/security/cyber-security/368513/microsoft-confirms-vba-macro-backtrack-is-only-temporary"><u>blocked VBA macros by default</u></a> last year. Exploiting VBA macros had for years been the go-to method for installing malware using maliciously crafted <a href="https://www.itpro.com/business-operations/productivity/368062/10-best-features-of-microsoft-365-for-small-businesses"><u>Microsoft 365</u></a> files.</p><p>Proofpoint said, “Using a .rar and LNK file to deploy malware differs from TA453’s typical infection chain of using VBA macros or remote template injection”.</p><p>“The LNK enclosed in the RAR used <a href="https://www.itpro.com/operating-systems/microsoft-windows/356552/what-is-windows-powershell"><u>PowerShell</u></a> to download additional stages from a cloud hosting provider.”</p><p>However, the target was using an Apple computer, meaning that the delivered file would not run. The file it attempted to deliver was a newly identified PowerShell-based backdoor called GorjolEcho.</p><p>Once it realized GorjolEcho would not execute on macOS, TA453 then pivoted to re-launch the attack at a later date using a ported version of the backdoor that worked on Apple hardware.</p><p>The attackers continued the same seemingly innocent email conversation with the target and roughly a week after the initial Windows-based attempt, they relaunched the attack with the Apple-ported backdoor.</p><p>In this case, the malware was delivered via a password-protected ZIP file masquerading as a RUSI <a href="https://www.itpro.com/security/27098/best-vpn-services"><u>VPN solution</u></a> and shared drive. </p><p>After some interactions with the threat actor, the user would be persuaded to open the file. A series of bash scripts would have then installed a backdoor, dubbed <em>NokNok</em>.</p><p>Proofpoint judged that this was intended to serve as a foothold for further instruction and was almost certainly a port of the PowerShell backdoor.</p><p>The incident serves as a reminder of the adaptability of the threat actors. In this instance, LNK files were sent instead of Microsoft Word documents with macros, and swiftly ported to macOS when the opportunity arose. </p><h2 id="the-state-of-mac-malware">The state of Mac malware</h2><p>As Apple hardware has become progressively more popular in the enterprise, it has become correspondingly more of a target for threat actors.</p><p>That said, according to Apple management specialist Jamf, in 2022 there was a drop in new malware infections. </p><p>In its 2023 State of Malware <a href="https://go.malwarebytes.com/rs/805-USG-300/images/MWB_State_of_Malware_Report_2023.pdf" target="_blank">report</a>, Malwarebytes noted that while Mac malware was rare, it did exist. 11% of machines with detection events were infected by malware.</p><p>However, Michael Covington, VP of portfolio strategy at Jamf, told <em>ITPro </em>that 2023 had been a very active period for Apple security.</p><p>He said: “In the first half of the year, we saw some noteworthy developments in the threat landscape indicating that attacks against Apple devices were changing, both in terms of intensity and purpose”. </p><p>“During this time, we saw the <a href="https://www.itpro.com/security/ransomware/lockbit-macos-ransomware-strain-discovered-sparks-concerns-over-shifting-tactics"><u>first real instance of ransomware</u></a> emerge that was built specifically to target macOS. We also saw new <a href="https://www.itpro.com/malware/28076/what-is-malware"><u>malware</u></a> in distribution, attributed to state-sponsored attackers, that used novel evasion techniques to avoid detection and bypass built-in platform protections to take root.”</p><p>Covington also noted the rise of cryptojacking threats aimed at Apple processors and the continued evolution of <a href="https://www.itpro.com/security/malware/368629/mysterious-macos-spyware-using-public-cloud-storage-control-server"><u>spyware</u></a> being used against high-risk individuals - primarily in government and media, but also commended Apple’s actions to address active exploits.</p><p>He also warned of the risk posed by gullible or distracted users, particularly with regard to phishing attacks.</p><p>Proofpoint’s research is evidence of the adaptability of threat actors, their ability to respond to changes in the environment, and the continually evolving threat landscape.</p><p>Joshua Miller of Proofpoint said: “TA453’s capability and willingness to devote resources into new tooling to compromise its targets exemplifies the persistence of state-aligned cyber threats”. </p><p>“The threat actor’s continued efforts to iterate their infection chains to bypass security controls demonstrate how important a strong community-informed defense is to frustrate even the most advanced adversaries.”</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ How to enable Secure Boot in Windows 11 ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/software/windows/how-to-enable-secure-boot-in-windows-11</link>
                                                                            <description>
                            <![CDATA[ Most modern PCs have Secure Boot enabled by default, but you may need to manually turn it on to meet Windows 11's security requirements ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">Un4SVDjBRUCPu52pSoBVtb</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/mkWVBAKJc2VF9c2tYakd9m-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 19 Apr 2023 08:48:01 +0000</pubDate>                                                                                                                                <updated>Thu, 19 Jun 2025 18:02:40 +0000</updated>
                                                                                                                                            <category><![CDATA[Windows]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Microsoft]]></category>
                                                                                                <author><![CDATA[ john@jloeppky.com (John Loeppky) ]]></author>                    <dc:creator><![CDATA[ John Loeppky ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/GJCxqX7ryKSC5XjEDLnEtU.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;John Loeppky is a British-Canadian disabled freelance writer currently based on Treaty 6 territory in Saskatoon, Saskatchewan, Canada where he lives with his wife and three dogs.&lt;/p&gt;&lt;p&gt;In addition to his work for ITPro, he regularly works with outlets such as &lt;em&gt;CBC&lt;/em&gt;, &lt;em&gt;Healthline&lt;/em&gt;, &lt;em&gt;VeryWell&lt;/em&gt;, &lt;em&gt;Defector&lt;/em&gt;, and a host of others. John began his journalism career at the University of Regina at their student newspaper, The Carillon. He started as a sports writer, then sports editor, before serving as EIC until 2020. &lt;/p&gt;&lt;p&gt;John holds a BA and an MFA from the University of Regina. His graduate work focused on disability, identity, and solo performance in theatre. Prior to shifting to being a full-time freelancer, John worked for Listen to Dis&#039; Community Arts Organization, Saskatchewan&#039;s only disability-led disability arts organization. &lt;/p&gt;&lt;p&gt;His focus as a generalist is to cover things with societal and cultural impact, particularly when it comes to inclusion in its various forms. As a result, he&#039;s written for FiveThirtyEight about Apple Watches, covered the Paris Paralympics for CBC, and written for Defector about a scandal in American wheelchair basketball. He also serves as a member of the National Center on Disability and Journalism&#039;s advisory board. John&#039;s goal in life is to have an entertaining obituary to read. &lt;/p&gt;&lt;p&gt;You can find more of his work at Jloeppky.com/portfolio and you can contact him via email at John@Jloeppky.com.&lt;/p&gt; ]]></dc:description>
                                                                                                        <dc:contributor><![CDATA[ Rene Millman ]]></dc:contributor>
                                                                                                                                                                                    <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/mkWVBAKJc2VF9c2tYakd9m-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images]]></media:credit>
                                                                                                                                                                        <media:description><![CDATA[Secure Boot is a key system requirement for upgrading to Windows 11]]></media:description>                                                            <media:text><![CDATA[Somebody&#039;s finger pressing a button on a laptop keyboard, representing Secure Boot]]></media:text>
                                <media:title type="plain"><![CDATA[Somebody&#039;s finger pressing a button on a laptop keyboard, representing Secure Boot]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/mkWVBAKJc2VF9c2tYakd9m-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>For IT professionals managing or deploying Secure Boot on Windows 11 systems, its activation is a cornerstone of a robust security posture. Secure Boot is a critical UEFI firmware feature designed to ensure that your PC boots using only software trusted by the Original Equipment Manufacturer (OEM) or the user. This mechanism provides a vital defense against malware that might attempt to compromise the boot process, such as rootkits or bootkits. </p><p>As a mandatory requirement for Windows 11, understanding how to verify and enable Secure Boot is essential. This guide will walk you through checking its status, activating it via the system&apos;s firmware (BIOS/UEFI) settings, and troubleshooting common hurdles.</p><p>Having Secure Boot enabled on Windows 11 is a critical step for users wanting to run Microsoft&apos;s latest operating system in a protected environment. Secure Boot is a security standard developed by members of the PC industry to help make sure that your device boots using only software that is trusted by the PC manufacturer. It’s part of the<a href="https://www.itpro.com/operating-systems/microsoft-windows/370385/what-are-the-minimum-requirements-for-windows-11"><u> stringent hardware and software requirements</u></a> introduced with Windows 11, alongside the need for a compatible CPU, <a href="https://www.itpro.com/hardware/components/367778/what-is-a-trusted-platform-module-tpm-and-why-is-it-key-to-windows-11"><u>TPM 2.0</u></a>, and sufficient RAM and storage.</p><p>Although <a href="https://www.itpro.com/hardware/laptops/368274/best-windows-laptops"><u>most modern PCs</u></a> ship with Secure Boot enabled by default, some configurations, especially on custom-built machines or older systems upgraded to support Windows 11, may show it as inactive. This often relates to specific BIOS or UEFI firmware settings, such as the Compatibility Support Module (CSM) being active. While enabling Secure Boot significantly strengthens a machine&apos;s overall security, there are niche scenarios — such as working with certain older <a href="https://www.itpro.com/operating-systems/28025/best-linux-distros"><u>Linux distributions</u></a> or specialized legacy hardware — where temporarily disabling it might be considered, albeit with increased security risks</p><h2 id="turning-on-secure-boot-for-windows-11">Turning on Secure Boot for Windows 11</h2><p>Secure Boot works by verifying the digital signatures of all boot software, including firmware drivers (Option ROMs), UEFI applications, and the operating system. Before diving into firmware settings, it&apos;s prudent to check if Secure Boot is already active, as accessing and navigating the BIOS/UEFI can vary between manufacturers.</p><section class="howto-block">                    <h3>How to check if Secure Boot is already enabled</h3>                    <figure>                            <p class="bordeaux-image-check">                                <img    src="https://cdn.mos.cms.futurecdn.net/aP5hAi8eR3USDGYRAzwD77.png"                                        alt="A screenshot of the System Information menu in Windows 11 showing a red circle around Secure Boot"                                        onerror="this.parentNode.replaceChild(window.missingImage(),this)"                                        data-pin-media="https://cdn.mos.cms.futurecdn.net/aP5hAi8eR3USDGYRAzwD77.png"                                        class="expandable van-old-layout-image">                            </p><div class="credit">(Image: © Future)</div></figure>                    <p><p>To verify whether Secure Boot is active on your system:</p></p><p><ol></p><p><li>Click<strong> Start</strong>.</li></p><p><li>Type System Information into the search bar and press <strong>Enter</strong>.</li></p><p><li>In the System Summary section (usually selected by default), scroll through the list to find <strong>Secure Boot State</strong>.</li></p><p><li>If the value shows <strong>On</strong>, then Secure Boot is already enabled. If it shows <strong>Off</strong> or <strong>Unsupported</strong>, you’ll need to investigate further and potentially enable it manually via the firmware settings.</li></p><p></ol></p>                </section><section class="howto-block">                    <h3>How to enable Secure Boot in Windows 11</h3>                                        <p><p>If Secure Boot is not enabled, you can typically turn it on through the system's UEFI firmware settings (often referred to as BIOS settings):</p></p><p><p><br></p></p>                </section><p><ol>  <li><strong>Access UEFI/BIOS Settings:</strong>    <ul>      <li>The most reliable method is often via Windows Recovery Environment: Go to <strong>Settings > System > Recovery</strong>. Under "Advanced startup," click <strong>Restart now</strong>. Once the PC restarts to the blue recovery screen, select <strong>Troubleshoot > Advanced options > UEFI Firmware Settings</strong>, then click <strong>Restart</strong>.</li>      <li>Alternatively, restart your PC and wait for the manufacturer&apos;s splash screen. As it appears, repeatedly press the specific key to enter the BIOS/UEFI setup. Common keys include <strong>Delete, F2, F10, F12, or Escape</strong>. This key can vary significantly by manufacturer (e.g., Dell, HP, Lenovo, ASUS often use F2 or Delete). Consult your PC or motherboard manual if unsure.</li>    </ul>  </li></ol></p><p>2. <strong>Navigate the Firmware Menu:</strong> Once in the UEFI/BIOS, look for a <strong>Boot</strong>, <strong>Security</strong>, or <strong>Authentication</strong> tab. The exact naming and location differ based on the motherboard manufacturer.</p><p>3. <strong>Locate the Secure Boot option:</strong> Within the relevant section, find the "Secure Boot" setting. It might be a direct toggle or within a sub-menu.</p><p>4. <strong>Enable Secure Boot:</strong> Set the Secure Boot option to <strong>Enabled</strong>.</p><p>5. <strong>Ensure UEFI Mode:</strong> Secure Boot requires the system to be in UEFI mode, not Legacy BIOS or CSM (Compatibility Support Module) mode. If you see an option for "CSM," "Legacy Boot," or similar, it must be <strong>Disabled</strong> for Secure Boot to be available or to function correctly. <em>Note: Switching from Legacy/CSM to UEFI mode might make existing OS installations unbootable if the OS was installed in Legacy mode. This often requires an OS reinstall or conversion of the boot disk from MBR to GPT partition style.</em></p><p>6. <strong>Save and Exit:</strong> Save the changes (usually via a key like F10 or an option in the "Exit" menu) and restart your PC.</p><p>Once enabled, your system will use Secure Boot to verify the integrity of the boot process, helping prevent unauthorized software from running during startup.</p><h2 id="what-is-secure-boot-and-why-is-it-so-important">What is Secure Boot and why is it so important?</h2><p>Secure Boot acts as a critical system safeguard by meticulously verifying the digital signatures of firmware, bootloaders, and the operating system kernel before they are allowed to run. When your PC starts, Secure Boot ensures that the UEFI firmware itself is signed and trusted, then checks each subsequent piece of critical software in the boot chain.</p><p><br></p><p>This process is highly effective against sophisticated malware like <a href="https://www.itpro.co.uk/security/cyber-attacks/360526/what-is-a-rootkit"><u>rootkits </u></a>and bootkits. These types of <a href="https://www.itpro.co.uk/malware/28076/what-is-malware"><u>malicious software</u></a> attempt to load before the operating system, embedding themselves deep within the system to gain privileged access and evade detection by traditional security software. By ensuring that only cryptographically verified and trusted software can execute during the boot sequence, Secure Boot protects the foundational integrity of the operating system.</p><p>Introduced with Windows 8, Secure Boot is now a non-negotiable system requirement for Windows 11. Microsoft mandates that all certified x86-based Windows 11 devices must ship with Secure Boot enabled by default, trust Microsoft’s certificates, and, importantly, allow users to manage Secure Boot settings, including the ability to trust non-Microsoft certificates or disable the feature if absolutely necessary (though this is strongly discouraged for general use).</p><h2 id="why-would-you-disable-secure-boot">Why would you disable Secure Boot?</h2><p>Although Secure Boot significantly enhances system security, there are specific, limited scenarios where disabling it might be considered:</p><p>It&apos;s crucial to understand that turning off Secure Boot reduces your system&apos;s protection against pre-boot malware and unauthorized software. It should only be done if essential for a specific task and ideally re-enabled afterward.</p><h2 id="troubleshooting-common-secure-boot-issues">Troubleshooting common secure boot issues</h2><p>Encountering issues when enabling Secure Boot is not uncommon. Here are some frequent problems and their potential solutions:</p><p><strong>Secure Boot option is grayed out in BIOS/UEFI:</strong></p><p><strong>System won’t boot after enabling Secure Boot:</strong></p><p><strong>Secure Boot is enabled in firmware, but Windows still reports it as off:</strong></p><h2 id="further-reading-on-windows-11-and-security">Further reading on Windows 11 and security</h2><p>To learn more about Windows 11 security features, check out our other guides. We cover everything from<a href="https://www.itpro.com/operating-systems/microsoft-windows/361662/how-to-boot-windows-11-in-safe-mode"> <u>how to boot into Windows 11 Safe Mode</u></a> to managing encryption tools like BitLocker, ensuring your PC meets the latest security standards. For those exploring Linux or other OS setups, see our articles on<a href="https://www.itpro.com/operating-systems/24841/windows-vs-linux-whats-the-best-operating-system"> <u>comparing Windows 11 with Linux</u></a>, UEFI settings, and<a href="https://www.itpro.com/software/linux/357095/switch-to-linux-with-these-top-distros/2"> <u>switching to Linux from Windows</u></a>.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ The top malware and ransomware threats for April 2023 ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/malware/the-top-malware-and-ransomware-threats-for-april-2023</link>
                                                                            <description>
                            <![CDATA[ New ransomware gangs and malware abound as hackers continue to evolve their tactics ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">NKveEGmf2wzVUN4mjRA3v9</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/wxwQh5vaMoKWvRvc4tsgMe-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 14 Apr 2023 11:53:32 +0000</pubDate>                                                                                                                                <updated>Mon, 17 Apr 2023 07:28:42 +0000</updated>
                                                                                                                                            <category><![CDATA[Malware]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                <author><![CDATA[ connor.jones@futurenet.com (Connor Jones) ]]></author>                    <dc:creator><![CDATA[ Connor Jones ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/LPjgE2kGKixS9aF7Jdp2mT.png ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Connor Jones is the News and Analysis Editor at ITPro, CloudPro, and ChannelPro. As the brands’ leader for news, he welcomes pitches on all topics, and he personally still reports breaking news on the topics of cyber security, software, and Big Tech firms.&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&lt;br&gt;&lt;/p&gt;
&lt;p&gt;He has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs.&lt;/p&gt;
&lt;p&gt;&lt;br&gt;&lt;/p&gt;
&lt;p&gt;Connor is currently in his third year at ITPro, but has been a journalist for much longer, having written for the likes of Red Bull Esports and UNILAD. He has a master’s degree in Magazine Journalism from one of the UK’s leading journalism departments at the University of Sheffield, as well as an undergraduate degree in English Language from Sheffield Hallam University.&lt;/p&gt;
&lt;p&gt;&lt;br&gt;&lt;/p&gt;
&lt;p&gt;When he’s not hitting the phones trying to squeeze stories out of sources and press offices, in his free time Connor studies software development, is a keen cook, and enjoys leading an active life through cycling, hiking, racket sports, and weightlifting.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/wxwQh5vaMoKWvRvc4tsgMe-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Top malware and ransomware cause &#039;system hacked&#039; alert to appear on a computer screen]]></media:description>                                                            <media:text><![CDATA[Top malware and ransomware cause &#039;system hacked&#039; alert to appear on a computer screen]]></media:text>
                                <media:title type="plain"><![CDATA[Top malware and ransomware cause &#039;system hacked&#039; alert to appear on a computer screen]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/wxwQh5vaMoKWvRvc4tsgMe-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Alerts for new malware strains and active ransomware groups were spread widely across the security industry throughout March and the first half of April.</p><p>New strains of malware targeting organizations of all kinds were discovered, harnessing infection vectors that may not already be in their threat models.</p><p>It’s highly important that organizations stay on top of emerging threats and patch their systems against the most prevalent types of attacks. </p><p>Patching isn’t always an easy task to do, especially in large organizations, but as a bare minimum, it’s advised that active threats are protected against if a more comprehensive patch operation isn’t feasible.</p><p>Knowing what cyber security vulnerabilities and zero days to patch is one thing, but it’s equally important to pay close attention to the ways malware is evolving to bypass security detections so the workforce can be aware of what suspicious activity to look out for.</p><p>Here you’ll find a complete list of the most dangerous malware and ransomware threats of April 2023.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:5000px;"><p class="vanilla-image-block" style="padding-top:73.18%;"><img id="vs9yTRo5yQxteYSCkYk7Qi" name="onenote-GettyImages-1237632217.jpg" alt="OneNote logo on a smartphone against white background with Windows logo on it" src="https://cdn.mos.cms.futurecdn.net/vs9yTRo5yQxteYSCkYk7Qi.jpg" mos="" align="middle" fullscreen="" width="5000" height="3659" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Getty Images)</span></figcaption></figure><h2 id="onenote-exploited-to-bypass-macro-attacks">OneNote exploited to bypass macro attacks</h2><p>Ever since Microsoft made the long-awaited decision to <a href="https://www.itpro.com/security/cyber-security/368513/microsoft-confirms-vba-macro-backtrack-is-only-temporary"><u>disable VBA macros</u></a> in Office documents by default last year, cyber attackers have been experimenting with inventive ways to deliver malware in a trusted way.</p><p>Microsoft OneNote is installed on Windows by default, unlike Word, Excel, and PowerPoint, and can therefore allow all Windows users to open email attachments in the OneNote format regardless of whether they have a Microsoft 365 subscription.</p><p>The combination of using a malware-laden OneNote file to seem more legitimate and the weaker detection measures the application provides against embedded malware, now makes OneNote a more reliable threat vector than Office documents.</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="p7aA9ci4nXKjR9pXsMHoAN" name="Mapping the digital attack surface_thumb.png" caption="" alt="Red whitepaper cover with title and logo" src="https://cdn.mos.cms.futurecdn.net/p7aA9ci4nXKjR9pXsMHoAN.png" mos="" link="" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div><figcaption itemprop="caption description" class=""><span class="credit" itemprop="copyrightHolder">(Image credit: Trend Micro)</span></figcaption></figure><p class="fancy-box__body-text"><strong>Mapping the digital attack surface</strong></p><p class="fancy-box__body-text">Why global organisations are struggling to manage cyber risk</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.co.uk/security/cyber-security/370166/mapping-the-digital-attack-surface"><strong>DOWNLOAD FOR FREE</strong></a></p></div></div><p>Zscaler’s ThreatLabz researchers found that a variety of scripts and malware have been observed running after successful phishing attacks led victims to download and open the files.</p><p><a href="https://www.itpro.com/security/trojans/355479/four-steps-to-exterminating-rats-controlling-your-computer"><u>Remote access trojans (RATs)</u></a> and information stealers have been installed following successful attacks. </p><p>Researchers also <a href="https://www.zscaler.com/blogs/security-research/onenote-growing-threat-malware-distribution" target="_blank"><u>said</u></a> that MSHTA, WSCRIPT, and CSCRIPT can be executed from within OneNote, using multi-layered obfuscation techniques to evade detection. </p><p>CHM, HTA, JS, WSF, and VBS scripts are also supported via OneNote documents.</p><p>Organizations should inform their staff about the dangers of OneNote attachments in emails. If an email seems suspicious, it should be checked by the organization’s security team before downloading any attachments.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:2329px;"><p class="vanilla-image-block" style="padding-top:55.26%;"><img id="ZLh8NqNMJxu2ezah4ARbhn" name="botnet-GettyImages-1398190099.jpg" alt="Mockup of a botnet and its different stages" src="https://cdn.mos.cms.futurecdn.net/ZLh8NqNMJxu2ezah4ARbhn.jpg" mos="" align="middle" fullscreen="" width="2329" height="1287" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Getty Images)</span></figcaption></figure><h2 id="emotet-returns-again-with-new-tricks">Emotet returns again with new tricks</h2><p>Trend Micro announced in March that the <a href="https://www.itpro.com/security/cyber-security/370253/new-emotet-socially-engineers-evade-detection?utm_campaign=itpro_newsletter_20230314&utm_source=itpro_uk_newsletter&refid=8FF9B2F3D90B6CB87A72F4BDCC18B32F&utm_medium=email" target="_blank"><u>Emotet botnet has returned once again</u></a> after another of its trademark periods of downtime.</p><p>Emotet was observed mimicking replies in existing email chains, increasing the perceived legitimacy of responses rather than it being a cold email from an unrecognized sender.</p><p>While OneNote is being exploited to bypass Microsoft’s VBA macro defenses, Emotet instead deploys social engineering tactics to trick victims into manually re-enabling macros, allowing malicious Office documents to execute commands, like downloading DLLs, and install malware.</p><p>The new version of Emotet also uses binary padding - crafting large files, such as 500MB Word documents, to bypass security scans.</p><p>The prevailing advice is that workers should remain mindful that attempts to re-enable VBA macros will likely lead to malicious activity and should be flagged to the security team as soon as possible.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:6500px;"><p class="vanilla-image-block" style="padding-top:53.85%;"><img id="L6DSTHdion3mCrSBkWnF9C" name="malware-GettyImages-1420039900.jpg" alt="Mockup of a padlock covered in blue and red neon code denoting ransomware, malware, and security" src="https://cdn.mos.cms.futurecdn.net/L6DSTHdion3mCrSBkWnF9C.jpg" mos="" align="middle" fullscreen="" width="6500" height="3500" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Getty Images)</span></figcaption></figure><h2 id="cl0p-overtakes-lockbit-in-ransomware-rankings">Cl0p overtakes LockBit in ransomware rankings</h2><p>Cl0p’s exploitation of the <a href="https://www.itpro.com/security/data-breaches/370409/the-goanywhere-data-breach-explained"><u>vulnerability in GoAnywhere MFT</u></a> propelled it to the top of Malwarebytes’ ransomware rankings for April, overtaking LockBit by a small margin.</p><p>The group claimed to have breached more than 130 organizations in a month including Proctor and Gamble, Virgin Red, Saks Fith Avenue, and the <a href="https://www.itpro.com/security/ransomware/370329/pension-protection-fund-confirms-employee-data-exposed-goanywhere-breach"><u>UK’s Pension Protection Fund (PPF)</u></a>.</p><p>Although Cl0p operates its own namesake ransomware program, many of the GoAnywhere-related breaches are thought not to have involved ransomware.</p><p>Regardless, it overtook LockBit this month after it dominated in March with 126 attacks. For context, the second-place gang from last month, ALPHV, only registered 32 attacks.</p><p>The reliability of LockBit was questioned earlier this month by DarkTracer International, accusing it of running an inefficient website on the dark web.</p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">The reliability of the RaaS service operated by LockBit ransomware gang seems to have declined. They appear to have become negligent in managing the service, as fake victims and meaningless data have begun to fill the list, which is being left unattended. pic.twitter.com/mfGhH93oYh<a href="https://twitter.com/darktracer_int/status/1646125694127345664">April 12, 2023</a></p></blockquote><div class="see-more__filter"></div></div><p>LockBit responded by attempting another of its ‘pranks’, like it has done in the past with the likes of <a href="https://www.itpro.com/security/ransomware/369449/lockbit-repeats-pr-stunt-as-thales-ransomware-investigation-reveals-no-breach"><u>Mandiant and Thales</u></a>, but it ultimately backfired when its team, which doe snot speak English natively, confused DarkTracer with Cambridge, UK-based Darktrace. </p><p>This forced Darktrace to publicly deny that it had been attacked by LockBit, and the vent prompted many in the community to mock the ransomware gang’s mistake.</p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">Earlier today @darktracer_int stated Lockbit ransomware group was declining and becoming negligent in managing their service.Lockbit responded to them on their onion domain. pic.twitter.com/3ISlwIZtPw<a href="https://twitter.com/vxunderground/status/1646433205916925953">April 13, 2023</a></p></blockquote><div class="see-more__filter"></div></div><p>A patch for the GoAnywhere MFT vulnerability has been available since February and should be applied as a priority if it hasn’t been already to prevent further attacks from Cl0p.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="FRRDLEFjuVCi2yG5QJMqoU" name="malware-getty.jpg" alt="Blue and gold mockup of motherboard with lock denoting malware and security" src="https://cdn.mos.cms.futurecdn.net/FRRDLEFjuVCi2yG5QJMqoU.jpg" mos="" align="middle" fullscreen="" width="1920" height="1080" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Getty Images)</span></figcaption></figure><h2 id="microsoft-signals-new-ransomware-gang-on-the-block-in-patch-tuesday">Microsoft signals new ransomware gang on the block in Patch Tuesday</h2><p>In yet another <a href="https://www.itpro.com/windows/microsoft-april-patch-tuesday-password-feature"><u>error-strewn Patch Tuesday</u></a> from Microsoft, it highlighted an actively exploited zero-day vulnerability.</p><p>Researchers identified the new ransomware gang, known as Nokoyama, exploiting the vulnerability since February.</p><p>Trend Micro’s <a href="https://www.trendmicro.com/en_us/research/22/c/nokoyawa-ransomware-possibly-related-to-hive-.html" target="_blank"><u>report</u></a> on the group linked the operation to the <a href="https://www.itpro.com/security/cyber-crime/369952/fbis-landmark-takedown-hive-ransomware-unlikely-significant-impact"><u>recently taken down Hive</u></a> group, which claimed attacks on the likes of New York Racing Association, Tata Power, and <a href="https://www.itpro.com/security/368903/altice-reportedly-hit-by-hive-ransomware-attack"><u>Altice</u></a>.</p><p>The researchers said the two groups share a number of similarities in their attack chain such as the use of Cobalt Strike and <a href="https://www.itpro.com/security/29093/what-is-phishing"><u>phishing</u></a> emails, but noted Hive’s <a href="https://www.itpro.com/security/ransomware/367624/the-rise-of-double-extortion-ransomware"><u>double extortion</u></a> technique hasn’t been used by Nokoyama yet.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:8000px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="o7aE2bbqGF7TeVESbqgZfb" name="malware-GettyImages-1345812496.jpg" alt="Mockup of brigtly coloured alert with code and a warning sign, reading 'malware'" src="https://cdn.mos.cms.futurecdn.net/o7aE2bbqGF7TeVESbqgZfb.jpg" mos="" align="middle" fullscreen="" width="8000" height="4500" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Getty Images)</span></figcaption></figure><h2 id="fusioncore-malware-as-a-service-operation">FusionCore malware as a service operation</h2><p>Researchers at CYFIRMA detailed an emerging threat actor believed to be operating from inside Europe earlier this month.</p><p>FusionCore has been described as a ‘one-stop shop’ for malware services, with a wide range of tools on offer, plus hacker-for-hire services too.</p><p>The malware on offer has been described as “cost-effective, yet customizable”, and its ransomware affiliate scheme provides both a ransomware payload and affiliate software to manage negotiations with victims.</p><p>“FusionCore typically provides sellers with a detailed set of instructions for any service or product being sold, enabling individuals with minimal experience to carry out complex attacks,” CYFIRMA <a href="https://www.cyfirma.com/outofband/the-rise-of-fusioncore-an-emerging-cybercrime-group-from-europe/" target="_blank"><u>said</u></a>.</p><p>A number of indicators of compromise (IOCs) can be found on the researcher’s blog.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="WUxCWQvnDGZ7w4W2rRGJE" name="china-hacker-security-getty.jpg" alt="Laptop with china flag on screen and code overlaid, denoting Chinese hacking" src="https://cdn.mos.cms.futurecdn.net/WUxCWQvnDGZ7w4W2rRGJE.jpg" mos="" align="middle" fullscreen="" width="1920" height="1080" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Getty Images)</span></figcaption></figure><h2 id="chinese-hackers-targeting-products-with-no-edr-support">Chinese hackers targeting products with no EDR support</h2><p>Mandiant’s blog in March highlighted a threat actor, which it tracks as UNC3886, targeting products that aren’t supported by endpoint detection and response (EDR) products.</p><p>These include firewalls, IoT devices, hypervisors, and VPNs from Fortinet, SonicWall, Pulse Secure, and others.</p><p>Dozens of attacks have been investigated by the security firm and have involved the exploitation of zero-day vulnerabilities and the use of custom malware to both steal credentials and maintain a lasting presence in a victim’s IT environment.</p><p>Full details of the attack scenarios, their methods, and the products being targeted can be found in <a href="https://www.mandiant.com/resources/blog/fortinet-malware-ecosystem" target="_blank"><u>Mandiant’s detailed blog</u></a>.</p><p>The takeaway for admins here is that they should be communicating regularly with vendors to ensure any potential threats can be mitigated.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:3840px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="VUDZptndWJDCBjYxYfV9u6" name="python-code-GettyImages-1346778393.jpg" alt="Python code on a screen" src="https://cdn.mos.cms.futurecdn.net/VUDZptndWJDCBjYxYfV9u6.jpg" mos="" align="middle" fullscreen="" width="3840" height="2160" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Getty Images)</span></figcaption></figure><h2 id="developers-beware-of-w4sp-copycats">Developers beware of W4SP copycats</h2><p>Sonatype said that one of the key malware trends for March this year was a continuation of malicious packages being uploaded to the PyPI registry - a destination for developers to download and use software built by the <a href="https://www.itpro.com/business-strategy/careers-training/356640/how-to-become-a-python-software-developer"><u>Python community</u></a>.</p><p>It noticed a number of packages mimicking the W4SP stealer - a popular information stealer since the middle of 2022 used to carry out <a href="https://www.itpro.com/security/cyber-security/369082/c-suite-executives-say-software-supply-chain-hacks-have-become-chief-concern"><u>software supply chain attacks</u></a>.</p><p>“These types of packages are a cause for concern as they pose a serious threat to developers who may inadvertently download and install them,” it <a href="https://blog.sonatype.com/malware-monthly-march-2023" target="_blank"><u>said</u></a>.</p><p>The packages have since been taken down, but with the ongoing attempts to poison the software supply chain, and the damage such attacks can cause - think <a href="https://www.itpro.com/security/malware/370353/3cx-ceo-state-sponsored-hackers-behind-supply-chain-malware-attack"><u>3CX as a recent example</u></a>, then developers need to be especially vigilant when downloading open-source software, ensuring that it’s safe to use.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ How we test security software ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/laptop-security/368952/how-we-test-security-software</link>
                                                                            <description>
                            <![CDATA[ Everything you need to know about our benchmarking process for antivirus products ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">aFHKiURD4A5QA59Np973Y7</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/hJfK5Sy7uV6mBcL7TgvmrF-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 21 Nov 2022 14:00:06 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ IT Pro ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/hJfK5Sy7uV6mBcL7TgvmrF-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[How we test: Security software]]></media:description>                                                            <media:text><![CDATA[How we test: Security software]]></media:text>
                                <media:title type="plain"><![CDATA[How we test: Security software]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/hJfK5Sy7uV6mBcL7TgvmrF-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/hardware/368942/how-we-test" data-original-url="/hardware/368942/how-we-test">How we test</a></p></div></div><p>To assess how well consumer-grade security packages actually handle threats in the wild, we draw on real-world tests carried out by not one but two specialist antivirus testing labs – namely AV-Comparatives.org and AV-Test.org. The scores we cite represent the average of the ratings reported by each lab in their latest available reports. The number of false positives represents the total number of incorrect alerts raised up by each package, across both labs’ tests.</p><p>To measure the impact of each security product on system responsiveness, AV-Comparatives uses a combination of its own in-house test suite and the PCMark 10 benchmark, while AV-Test times a series of standardised tasks, including launching applications, opening websites and copying files, on both a typical and high-end PC. We convert these scores into a percentage and take the average to reach our performance rating for each suite we test. </p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="hTbseKruhiCEmPa3wu788A" name="" alt="The Veritas Backup exc console" src="https://cdn.mos.cms.futurecdn.net/hTbseKruhiCEmPa3wu788A.png" mos="https://cdn.mos.cms.futurecdn.net/hTbseKruhiCEmPa3wu788A.png" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>We also run our own speed tests, using each suite to scan through an external hard disk containing 55GB of assorted files, including documents, images, application installers – and the EICAR test file, a harmless bit of code that all security packages identify as faux-malware for testing purposes.</p><p>While protection and performance are of great importance when choosing a security suite, those aren’t the only things we consider. We extensively road-test each package ourselves, and take into account the accessibility and user-friendliness of the interface, as well as the breadth and usefulness of features beyond the standard scanning component. Naturally, we also weigh up value for money, and all of these factors are combined to award each security suite a star rating out of five.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Avira Free Security review: An effective antimalware suite, but heavy on the marketing ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/antivirus/368331/avira-free-security-review-an-effective-antimalware-suite-but-heavy-on</link>
                                                                            <description>
                            <![CDATA[ It’s hard to fully appreciate Avira’s malware protection when the packaging feels so manipulative ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">prfG8w5ZJd21BfQA2J9mYK</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/iDZfUUPTNDboLNBuQXh9f3-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 21 Jun 2022 11:34:32 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Darien Graham-Smith ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/nZP8qH6BDshBkBZo9Kvhbe.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/iDZfUUPTNDboLNBuQXh9f3-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A screenshot of Avira Free Security&amp;#039;s main dashboard]]></media:description>                                                            <media:text><![CDATA[A screenshot of Avira Free Security&amp;#039;s main dashboard]]></media:text>
                                <media:title type="plain"><![CDATA[A screenshot of Avira Free Security&amp;#039;s main dashboard]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/iDZfUUPTNDboLNBuQXh9f3-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Avira Free Security looks smart, with its dark colour scheme and tasteful splashes of colour. It also looks quite substantial for a free security suite: distributed across the Security, Privacy and Performance pages you’ll find a total of 16 big buttons for various promising-sounding functions.</p><p>Unfortunately, once you start clicking around, you discover that many of the apparent features are dummies. Try to enable web, email or <a href="https://www.itpro.com/security/ransomware/361250/how-not-to-get-hit-by-ransomware-in-2022" data-original-url="https://www.itpro.com/security/ransomware/361250/how-not-to-get-hit-by-ransomware-in-2022">ransomware protection</a> and you’re merely greeted with an advert inviting you to upgrade to the commercial Avira Prime suite. </p><p>Other buttons do half a job, then invite you to pay for the rest of it. For example, the software updater scans your system and warns you about apps that might be obsolete, but when you click “Update” it reveals that automatic updates require – you guessed it – an Avira Prime subscription. It’s not unreasonable to ask people to pay for security services, but this isn’t a respectful way to do it. It doesn’t help that the full suite is pretty pricey, costing £52 for five devices in the first year, rising to £86 after that. </p><p>Although it’s disappointingly light on features, Avira Free Security delivers quite creditable virus protection. In the latest tests by independent security lab <a href="https://www.av-comparatives.org">AV-Comparatives.org</a> it managed a 99.96% malware protection rate while connected to the internet – matching <a href="https://www.itpro.com/security/antivirus/361689/microsoft-defender-effective-effortless-protection-for-zero-cost" data-original-url="https://www.itpro.com/security/antivirus/361689/microsoft-defender-effective-effortless-protection-for-zero-cost">Microsoft Defender</a> – with an impressive false positive rate of just one wrong detection in over 10,000 items. That’s better than any other free security solution we’ve tried.</p><p>Perhaps because so little is actually included in the free package, it’s also very lightweight. In performance tests carried out by <a href="https://www.av-test.org/en/antivirus/home-windows">AV-Test.org</a>, Avira slowed down web browsing on a standard PC by just 8% – just a whisker above Defender’s 5%. Apps launched quickly too, with an 8% slowdown that was once again barely any different to the 6% impact of using Windows’ built-in protections.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="GNAKpUP4nUGYghXb23yUqW" name="" alt="A screenshot of Avira Free Security" src="https://cdn.mos.cms.futurecdn.net/GNAKpUP4nUGYghXb23yUqW.jpg" mos="https://cdn.mos.cms.futurecdn.net/GNAKpUP4nUGYghXb23yUqW.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Alongside the main application, the Avira installer sets up the company’s Phantom VPN service. Like <a href="https://www.itpro.com/security/antivirus/367693/avast-one-essential-review-a-great-free-antivirus-solution-with-some" data-original-url="https://www.itpro.com/security/antivirus/367693/avast-one-essential-review-a-great-free-antivirus-solution-with-some">Avast’s VPN</a>, this allows limited use for free, but it’s much more restrictive, allowing just 500MB of protected traffic per month. There’s a link to the web-based Avira <a href="https://www.itpro.com/software/359931/bitwarden-review-worth-paying-for" data-original-url="https://www.itpro.com/software/359931/bitwarden-review-worth-paying-for">password manager</a> service too, which can store and auto-fill any number of passwords for free. The optional Avira Safe Shopping browser extension warns you away from fake sites and blocks trackers – though it also inserts coupon deals into web pages, which feels a little sleazy for a security product.</p><p>The component we’re most uneasy about is Avira System SpeedUp – a completely separate app which installs without asking for permission, and pops up when you click various buttons on the Performance page, including Battery saver and Advanced tools. It’s effectively another limited demo: unlocking its features requires a separate SpeedUp Pro licence, which starts at £4 a year, then rockets up to £22.</p><p>To be fair, it’s easy to ignore Avira’s upsell attempts. You can leave the antivirus running in the background and enjoy very good malware protection, with minimal impact on performance. If you do want additional features, though, Avast One Essential gives you much more for free, while those seeking a minimal experience might as well stick with Microsoft Defender.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Kaspersky Free review: Effective and lightweight – everything you want from a free antivirus solution ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/antivirus/368179/kaspersky-free-review-effective-and-lightweight-everything-you-want-from</link>
                                                                            <description>
                            <![CDATA[ It’ll be a real shame if politics means people missing out on this top-class security tool ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">7YVseFThdABESAaykq8u5S</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/JaTcpxne5ktuJYFE8JMeS-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 08 Jun 2022 15:03:24 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Darien Graham-Smith ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/nZP8qH6BDshBkBZo9Kvhbe.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/JaTcpxne5ktuJYFE8JMeS-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A screenshot of Kaspersky Free&amp;#039;s main dashboard]]></media:description>                                                            <media:text><![CDATA[A screenshot of Kaspersky Free&amp;#039;s main dashboard]]></media:text>
                                <media:title type="plain"><![CDATA[A screenshot of Kaspersky Free&amp;#039;s main dashboard]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/JaTcpxne5ktuJYFE8JMeS-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Kaspersky Lab makes no secret of its Russian origins, and in the current climate <a href="https://www.itpro.com/security/cyber-security/367288/is-kaspersky-still-safe-to-use" data-original-url="https://www.itpro.com/security/cyber-security/367288/is-kaspersky-still-safe-to-use">you might be wary of trusting it with your security</a>. In the past few years though the company has taken steps to put its operations beyond reach of the Kremlin: data storage and processing are now handled in Switzerland, while additional “transparency centres” in Brazil, Canada, Malaysia and Spain allow governments and other institutions to review the company’s code and practices.</p><p>There’s no question about Kaspersky’s malware-blocking credentials, though. In the latest independent tests by <a href="https://www.av-comparatives.org">AV-Comparatives.org</a> the Kaspersky engine achieved a superb online protection score of 99.98% – slightly better than <a href="https://www.itpro.com/security/antivirus/361689/microsoft-defender-effective-effortless-protection-for-zero-cost" data-original-url="https://www.itpro.com/security/antivirus/361689/microsoft-defender-effective-effortless-protection-for-zero-cost">Microsoft Defender</a> on 99.96%. It racked up fewer false positives too: against a set of more than 10,000 items, Kaspersky wrongly raised the alarm just twice, while Defender missed the mark five times. <a href="https://www.av-test.org/en">AV-Test.org</a> confirms the engine’s effectiveness: in its tests for January and February 2022, Kaspersky provided impeccable 100% protection against both <a href="https://www.itpro.com/security/zero-day-exploit/360447/why-zero-day-exploits-are-surging-on-an-unprecedented-scale" data-original-url="https://www.itpro.com/security/zero-day-exploit/360447/why-zero-day-exploits-are-surging-on-an-unprecedented-scale">new “zero-day”</a> and widespread threats.</p><p>The user experience is delightfully clean. Although Kaspersky’s main business is commercial security products, the Kaspersky Free Windows client has no adverts or non-functional buttons – a real breath of fresh air. </p><p>Instead there are just a few buttons for the major functions. From the Home page you can quickly scan your computer for malware and check online to see whether your personal credentials have been compromised; on the Security page you’ll also find buttons to download emergency boot media, and to scan your Windows configuration for suspicious or corrupted settings.</p><p>That may sound a bit minimal, but there’s more going on behind the scenes. Kaspersky Free also quietly takes care of web and email scanning, while the System Watcher component keeps an eye out for <a href="https://www.itpro.com/security/ransomware/367624/the-rise-of-double-extortion-ransomware" data-original-url="https://www.itpro.com/security/ransomware/367624/the-rise-of-double-extortion-ransomware">ransomware-like behaviour</a> and automatically offers to undo potentially harmful activity. If anything, these components are perhaps a bit <em>too</em> unobtrusive: unless you delve into the program settings you might never realise that they’re enabled. Still, that’s better than AVG’s approach, which puts big fake buttons in its interface purely to tell you that these features <em>aren’t</em> available in the free suite.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="JA5nbrycaXyBFeuRc3DVj" name="" alt="A screenshot of Kaspersky Free's performance dashboard" src="https://cdn.mos.cms.futurecdn.net/JA5nbrycaXyBFeuRc3DVj.jpg" mos="https://cdn.mos.cms.futurecdn.net/JA5nbrycaXyBFeuRc3DVj.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/antivirus/367661/panda-free-antivirus-review-a-free-security-tool-with-a-personality-all" data-original-url="/security/antivirus/367661/panda-free-antivirus-review-a-free-security-tool-with-a-personality-all">Panda Free Antivirus review: A free security tool with a personality all of its own</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/desktop-software/26635/how-to-turn-on-windows-defender" data-original-url="/desktop-software/26635/how-to-turn-on-windows-defender">How to turn on Windows Defender</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/business-strategy/careers-training/367781/mcafee-appoints-greg-johnson-as-new-ceo" data-original-url="/business-strategy/careers-training/367781/mcafee-appoints-greg-johnson-as-new-ceo">McAfee appoints Greg Johnson as new CEO</a></p></div></div><p>A few other tools are hidden away under Settings. A Privacy Cleaner scans your system for records of recently accessed files, cookies, caches and so forth, while an optional on-screen keyboard helps defeat keyloggers. The resource consumption options let you tweak things like automatic scans, to help minimise battery drain or avoid possible interference with games.</p><p>That’s not a huge issue, as Kaspersky Free is fairly lightweight. In AV-Test.org’s performance tests, it slowed down web browsing on a standard PC by 14% – that’s some way behind Defender’s 5% impact, but better than <a href="https://www.itpro.com/security/antivirus/367693/avast-one-essential-review-a-great-free-antivirus-solution-with-some" data-original-url="https://www.itpro.com/security/antivirus/367693/avast-one-essential-review-a-great-free-antivirus-solution-with-some">Avast One Essential</a> on 17% and well ahead of <a href="https://www.itpro.com/security/cyber-security/355934/avg-antivirus-free-review" data-original-url="https://www.itpro.com/security/cyber-security/355934/avg-antivirus-free-review">AVG AntiVirus Free’s 28%</a>. Similarly, Kaspersky had a 10% impact on application launch speed, versus 6% from Defender and 12% from Avast and AVG.</p><p>One thing that Kaspersky Free lacks is centralised administration; you can connect up to three installations under an individual email address, but it’s not designed to be managed across businesses. Even if you can live with that, it’s understandable if you’re still <a href="https://www.itpro.com/security/antivirus/367251/ncsc-kaspersky-warning" data-original-url="https://www.itpro.com/security/antivirus/367251/ncsc-kaspersky-warning">uncomfortable rolling out a Russian security solution</a>. But with its excellent protection, generous feature set and unobtrusive design, Kaspersky Free has enough going for it to deserve serious consideration.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Your journey to zero trust ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/identity-and-access-management-iam/361718/your-journey-to-zero-trust</link>
                                                                            <description>
                            <![CDATA[ What you wish you knew before you started ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">oYJuGJ163jXK31VcTQhT7</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/sUMT9GoLTN2RCULyLudTNJ-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 02 Dec 2021 10:49:31 +0000</pubDate>                                                                                                                                <updated>Wed, 12 Apr 2023 12:56:08 +0000</updated>
                                                                                                                                            <category><![CDATA[Networking]]></category>
                                                    <category><![CDATA[Infrastructure]]></category>
                                                                                                <author><![CDATA[ itpro@futurenet.com (ITPro) ]]></author>                    <dc:creator><![CDATA[ ITPro ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/sUMT9GoLTN2RCULyLudTNJ-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Image of speaker Dave Gruber in black and white with associated company logos along bottom]]></media:description>                                                            <media:text><![CDATA[Image of speaker Dave Gruber in black and white with associated company logos along bottom]]></media:text>
                                <media:title type="plain"><![CDATA[Image of speaker Dave Gruber in black and white with associated company logos along bottom]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/sUMT9GoLTN2RCULyLudTNJ-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Employees have gotten used to the flexibility of the fully remote workplace, and even if they’re happy to return to the office or a hybrid model, your business needs to maintain that flexibility for all its workers. </p><p>Whether it’s working from home or another out-of-office location, using personal devices, or something else, this level of flexibility requires an identity and access management (IAM) solution to keep your people secure and productive. </p><p>Watch this on-demand webinar to hear from security and IAM experts about: </p><ul><li>Priorities for security professionals as we settle into permanent hybrid work models</li><li>How CISOs perceive the importance of implementing zero trust</li><li>The components of a well-structured IAM platform</li></ul><p><em>Provided by </em></p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="aVingsbZaxsFEzjgWucZgF" name="" alt="Okta logo" src="https://cdn.mos.cms.futurecdn.net/aVingsbZaxsFEzjgWucZgF.png" mos="https://cdn.mos.cms.futurecdn.net/aVingsbZaxsFEzjgWucZgF.png" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><iframe frameborder="0" height="1000" width="100%" data-lazy-priority="low" data-lazy-src="https://dennis.cvtr.io/forms/49424/form-8172?locale=1&p=false&wp=7988"></iframe>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ McAfee Total Protection review: Quick, effective and affordable ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/antivirus/360652/mcafee-total-protection-review-quick-effective-and-affordable</link>
                                                                            <description>
                            <![CDATA[ A solid security choice, with perfect malware protection, a fully functional VPN and more ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">ebSFxqxke7TQWm3YzqGn41</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/5PksUUakHkmPFwMtksjFmN-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 23 Aug 2021 09:33:28 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                <author><![CDATA[ itpro@futurenet.com (ITPro) ]]></author>                    <dc:creator><![CDATA[ ITPro ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/5PksUUakHkmPFwMtksjFmN-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A screenshot of the McAfee Total Protection dashboard]]></media:description>                                                            <media:text><![CDATA[A screenshot of the McAfee Total Protection dashboard]]></media:text>
                                <media:title type="plain"><![CDATA[A screenshot of the McAfee Total Protection dashboard]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/5PksUUakHkmPFwMtksjFmN-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>McAfee’s security software hasn’t always wowed us in the past but, since parting company with Intel in 2017, it’s become a persuasive contender.</p><p>That’s partly to do with value. Total Protection is McAfee’s top-of-the-line offering and one of the most feature-packed security suites we’ve seen, yet you can get a three-PC package on Amazon for just £15 a year. The slightly leaner Internet Security suite can also be had for two quid less.</p><h2 id="mcafee-total-protection-review-features">McAfee Total Protection review: Features</h2><p>McAfee Total Protection keeps an active watch over your system and blocks viruses and other malicious items on access. It monitors web content, too, and the free browser extension for Chrome, Edge, Firefox and Internet Explorer will steer you away from dodgy websites.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/hardware/printers" data-original-url="/security/antivirus/360586/norton-360-standard-review-a-dependable-partner-in-security">Norton 360 Standard review: A dependable partner in security</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution" data-original-url="/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution">Avast Antivirus Free review: Our favourite free solution</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price" data-original-url="/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price">Bitdefender Internet Security review: A solid suite at a fair price</a></p></div></div><p>Additional features include a custom firewall and access to McAfee’s True Key password manager across five devices. There’s also an automatic software updater, a simple network scanner that lets you inspect nearby LAN clients, and tools for encrypting or shredding sensitive files.</p><p>The optional App Boost component isn’t really a security feature but it can make your system feel more responsive by allocating extra system resources to foreground applications.</p><p>Also included is McAfee’s Safe Family parental control platform. This works across Windows, Android and iOS to track and block specific apps and online content, keep tabs on device location and even send you alerts when your kids enter or leave defined areas.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="vET2KTbjZo5UmozE5zKjVJ" name="" alt="A screenshot of the McAfee Total Protection dashboard" src="https://cdn.mos.cms.futurecdn.net/vET2KTbjZo5UmozE5zKjVJ.jpg" mos="https://cdn.mos.cms.futurecdn.net/vET2KTbjZo5UmozE5zKjVJ.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Most unusually, your McAfee subscription also includes <a href="https://www.itpro.com/networking/27210/do-i-need-a-vpn" data-original-url="https://www.itpro.com/networking/27210/do-i-need-a-vpn">a complete VPN service</a>, with selectable servers in 23 locations around the world and no data caps. You can even set it to kick in automatically whenever you connect to a new network too – a very nice touch. The catch is that to use it you have to keep the automatic licence renewal option turned on. This could prove costly if you forget to cancel at the right time, as the price goes up significantly in the second year.</p><h2 id="mcafee-total-protection-review-protection">McAfee Total Protection review: Protection</h2><p>McAfee’s malware engine is regularly put through its paces by both <a href="https://www.av-comparatives.org">AV-Comparatives.org</a> and <a href="https://av-test.org">AV-Test.org</a> and, in the most recent tests carried out in the first half of 2021, Total Protection achieved a flawless 100% protection rating.</p><p>There’s a catch, though. While McAfee successfully blocked every nasty sample it was exposed to, it also wrongly flagged seven innocent items. That’s more than we’d like to see. Once you get into the habit of manually unblocking safe items, it becomes far more likely that you’ll end up unblocking something dangerous. By contrast, in the same test, F-Secure SAFE and Eset Internet Security made no mistakes at all.</p><h2 id="mcafee-total-protection-review-user-interface">McAfee Total Protection review: User interface</h2><p>In the past, some McAfee products were burdened with a sluggish, overcomplicated front-end; thankfully, that’s now been completely overhauled. The current release of Total Protection is nicely responsive and neatly organised, with tabs along the top and sensibly labelled controls in the main pane.</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="c5fdkHzEjR5QWwGmwDkBdg" name="c5fdkHzEjR5QWwGmwDkBdg.jpg" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/c5fdkHzEjR5QWwGmwDkBdg.jpg" mos="https://cdn.mos.cms.futurecdn.net/c5fdkHzEjR5QWwGmwDkBdg.jpg" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>The Forrester Wave: Top security analytics platforms</strong></p><p class="fancy-box__body-text">The 11 providers that matter most and how they stack up</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/360171/the-forrester-wave-top-security-analytics-platforms" data-original-url="/security/cyber-security/360171/the-forrester-wave-top-security-analytics-platforms">FREE DOWNLOAD</a></p></div></div><p>It’s also one of the nimblest security suites around. In a range of different usage scenarios, AV-Comparatives.org and AV-Test.org reported it slowed down their test PCs by an average of 6.3%. That’s an excellent score; of the packages we’ve seen, only F-Secure SAFE did better, nosing ahead with 6.1%. Windows Defender meanwhile weighed in at a ponderous 12.5%.</p><p>Scanning is quite quick, too. McAfee Total Protection fully scanned an external hard disk containing 55GB of assorted data in well under two minutes. Again, it didn’t quite keep up with F-Secure SAFE, which whizzed through the test in 27 seconds, but many other suites took longer and Windows’ own scanner left us waiting around nearly ten minutes.</p><h2 id="mcafee-total-protection-review-verdict">McAfee Total Protection review: Verdict</h2><p>McAfee Total Protection partners slick and effective malware protection with a tempting array of genuinely useful add-ons. The fact that it can be had for such a low price makes it almost irresistible.</p><p>However, a worse than average false positive rate means you might need to be prepared to fish the odd file out of quarantine and, if you��re going to enable the VPN, make sure you set a reminder to cancel your subscription before you’re stung with a hefty renewal fee.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ AVG Internet Security review: Money for nothing ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/antivirus/360646/avg-internet-security-review-money-for-nothing</link>
                                                                            <description>
                            <![CDATA[ An ostensible upgrade from the free Avast package – but there’s very little here to justify the cost ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">qhNf3PGpFtx6H7AYAaB86K</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/FzvYAFqr4HznvyedtXBodb-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 20 Aug 2021 14:46:40 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Darien Graham-Smith ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/nZP8qH6BDshBkBZo9Kvhbe.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/FzvYAFqr4HznvyedtXBodb-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A screenshot of AVG Internet Security&amp;#039;s main dashboard]]></media:description>                                                            <media:text><![CDATA[A screenshot of AVG Internet Security&amp;#039;s main dashboard]]></media:text>
                                <media:title type="plain"><![CDATA[A screenshot of AVG Internet Security&amp;#039;s main dashboard]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/FzvYAFqr4HznvyedtXBodb-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>AVG is known for its basic, free antivirus tool, but when you can upgrade to the full version of its security suite for less than a quid a month, it’s tempting to at least look into what you get for the money.</p><p>For the price, it looks like a tempting upgrade. However, the extra features are of questionable value and there are plenty of things that this program won’t do: if you want all-round protection, you’re encouraged to buy additional AVG-branded products to fill in the gaps.</p><h2 id="avg-internet-security-review-features">AVG Internet Security review: Features</h2><p>If you’ve used AVG Free lately, you’ll be right at home with AVG Internet Security: it looks exactly the same, except that all the buttons are unlocked.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price" data-original-url="/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price">Bitdefender Internet Security review: A solid suite at a fair price</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/antivirus/360563/avira-antivirus-pro-review-obnoxious-and-annoying" data-original-url="/security/antivirus/360563/avira-antivirus-pro-review-obnoxious-and-annoying">Avira Antivirus Pro review: Obnoxious and annoying</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/hardware/printers" data-original-url="/security/antivirus/360611/g-data-total-security-review-aptly-named-but-steeply-priced">G Data Total Security review: Aptly named, but steeply priced</a></p></div></div><p>These give you access to various premium features. AVG Internet Security includes webcam protection, to ensure no-one can spy on you or listen in to your activity. It also features a custom firewall, and there’s a module specifically designed to block malicious remote desktop connections.</p><p>Then there are a few tools designed to protect sensitive data, including a secure file shredder and AVG’s innovative Sensitive Data Shield, which identifies documents containing information such as payment, tax or travel details, and blocks applications from accessing them without your say-so.</p><p>The price shown above covers a year-long subscription for a single PC, but there are also options that cover longer periods and more devices. Whichever you choose, it’s normally cheapest to buy from a third-party retailer such as Amazon, rather than AVG’s own website.</p><h2 id="avg-internet-security-review-protection">AVG Internet Security review: Protection</h2><p>AVG Internet Security achieved a perfect 100% protection rating in the latest tests by <a href="https://www.av-comparatives.org">AV-Comparatives.org</a> and <a href="https://av-test.org">AV-Test.org</a>. Obviously, that’s as good as you could ask for, but it doesn’t make AVG exceptional: several other products achieved the same score in recent tests, including <a href="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution" data-original-url="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution">the free edition of Avast</a>, which isn’t surprising since the two suites use the same core antivirus engine. Come to that, Windows 10’s own built-in protections came tantalisingly close, with an average score of 99.97% across all of the two labs’ tests.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="ZEDK9fMF2ysZcRGWrnrkZh" name="" alt="A screenshot of AVG Internet Security's web and email security dashboard" src="https://cdn.mos.cms.futurecdn.net/ZEDK9fMF2ysZcRGWrnrkZh.jpg" mos="https://cdn.mos.cms.futurecdn.net/ZEDK9fMF2ysZcRGWrnrkZh.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>AVG also jumped the gun just a few times, registering three false positives during the tests. Avira, BullGuard, Eset, F-Secure, G-Data and Kaspersky all did better, wrongly flagging up fewer or no innocent files. Still, this isn’t a disastrous showing.</p><h2 id="avg-internet-security-review-user-interface">AVG Internet Security review: User interface</h2><p>Across numerous performance tests, AVG Internet Security slowed down Windows performance by 8.5% on average. That’s not bad at all. The slickest security solution we’ve seen lately is the 2021 edition of F-Secure SAFE, and even that had an impact of 6.15%.</p><p>Overall, though, AVG Internet Security isn’t a terribly impressive package. The custom firewall seems pointless – there’s nothing wrong with the standard Windows one – and, while we like the idea of the Sensitive Data Shield, it didn’t work for us at all, failing to recognise or protect a text file containing our banking details and online password.</p><p>AVG also omits features found in other security suites such as a driver updater or a warning tool to alert you if your online credentials are leaked. Instead, these functions have been spun off into separate products and the AVG interface conveniently includes marketing links from which you can buy them. It’s not exactly in-your-face advertising, but it still feels a bit distasteful.</p><h2 id="avg-internet-security-review-verdict">AVG Internet Security review: Verdict</h2><p>Sadly, this paid package isn’t worth it. Even though the price is low, AVG Internet Security simply isn’t very good value. For sure, the underlying antivirus engine is great, but you can get that in the AVG Free Antivirus suite without paying a penny.</p><p>Conversely, if you’re willing to pay an annual subscription for internet security, check out something like McAfee or <a href="https://www.itpro.com/hardware/printers" data-original-url="https://www.itpro.com/security/antivirus/360586/norton-360-standard-review-a-dependable-partner-in-security">Norton</a>, which do far more for a similar price.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Avira Antivirus Pro review: Obnoxious and annoying ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/antivirus/360563/avira-antivirus-pro-review-obnoxious-and-annoying</link>
                                                                            <description>
                            <![CDATA[ This antivirus tool does the job, but it’s expensive – and the in-app advertising really sticks in the throat ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">c2VgNJaXgRG68WvmTcirrw</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/ph3RoJRidpZYyfe2oK985V-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 13 Aug 2021 07:00:07 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Darien Graham-Smith ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/nZP8qH6BDshBkBZo9Kvhbe.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/ph3RoJRidpZYyfe2oK985V-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A screenshot of the Avira Antivirus Pro dashboard ]]></media:description>                                                            <media:text><![CDATA[A screenshot of the Avira Antivirus Pro dashboard ]]></media:text>
                                <media:title type="plain"><![CDATA[A screenshot of the Avira Antivirus Pro dashboard ]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/ph3RoJRidpZYyfe2oK985V-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Avira Antivirus Pro makes a great first impression. The console opens with a swish graphic promising not only to look after your security, but to protect your privacy and boost system performance as well.</p><p>And, on the first count, it delivers. The raw rankings aren’t kind to Avira, placing it behind most other security suites we’ve seen recently – but that still represents an overall protection rating of 99.8%, including perfect 100% scores against <a href="https://av-test.org">AV-Test’s</a> set of malware samples for February 2021. A score of two false positives isn’t bad, either: we’d have no hesitation in trusting it for everyday security.</p><p>Sadly, the privacy side of things is much less comprehensive. It’s initially exciting to see that the suite includes Avira’s Phantom VPN, but the service is limited to 1GB of data transfer per month, and doesn’t allow you to choose your own location, making it no better than any number of free alternatives. Upgrading to the full, unlimited version will set you back an additional £52 a year.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price" data-original-url="/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price">Bitdefender Internet Security review: A solid suite at a fair price</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/malware/28153/whats-the-difference-between-antimalware-and-antivirus" data-original-url="/malware/28153/whats-the-difference-between-antimalware-and-antivirus">What's the difference between antimalware and antivirus?</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/360540/nortonlifelock-and-avast-to-merge-in-8-billion-deal" data-original-url="/security/cyber-security/360540/nortonlifelock-and-avast-to-merge-in-8-billion-deal">NortonLifeLock and Avast finalise $8 billion merger</a></p></div></div><p>It’s a similar situation with the password manager. The version bundled with this suite can save unlimited passwords and works on multiple devices, but again it’s just the free edition. There’s also a Privacy settings module, which helpfully brings together a range of Windows options, but at the end of the day these are all tweaks that you can apply yourself. </p><p>That just leaves the Performance tab, and this is where Avira really drops the ball. From here you can clear out junk files and update any ageing device drivers, but clicking on almost any other function fires up a separate app called Avira System Speedup. This may initially come as a surprise because the installer doesn’t ask your permission to install this additional application. Irritation quickly follows, as it becomes apparent that to fully activate the features promised within the main Antivirus package, you need to buy a licence for System Speedup Pro, costing £22 a year.</p><p>In <a href="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution" data-original-url="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution">a free product</a>, we might grit our teeth and overlook this type of deceptive presentation. But in a commercial suite costing £30 a year it’s downright obnoxious. We recommend that you opt for one of the several security solutions out there that are faster, provide better malware protection and treat the user a bit more respectfully.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Bitdefender Internet Security review: A solid suite at a fair price ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price</link>
                                                                            <description>
                            <![CDATA[ Strong protection against viruses and ransomware make this a fine solution ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">nKtL5KfLs1MnfzBGTgcSwh</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/uCUkndQznw776SE9gHiYBe-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 06 Aug 2021 08:00:05 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Darien Graham-Smith ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/nZP8qH6BDshBkBZo9Kvhbe.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/uCUkndQznw776SE9gHiYBe-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A screenshot of Bitdefender Internet Security&amp;#039;s main dashboard ]]></media:description>                                                            <media:text><![CDATA[A screenshot of Bitdefender Internet Security&amp;#039;s main dashboard ]]></media:text>
                                <media:title type="plain"><![CDATA[A screenshot of Bitdefender Internet Security&amp;#039;s main dashboard ]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/uCUkndQznw776SE9gHiYBe-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Bitdefender Internet Security is a strong all-round security solution, with a broad set of supplementary features in addition to regular virus scanning. Indeed, the only thing you miss out on by choosing this edition rather than the more expensive Total Security package is a system tune-up module, which isn’t a security function anyway.</p><p>For those looking to squeeze the budget as far as possible, Bitdefender also offers a completely <a href="https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools" data-original-url="https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools">free antivirus</a> tool, which includes only the core detection engine. The standard suite isn’t by any means expensive, however: it costs a reasonable £25 direct from the Bitdefender website and Amazon will sell you a three-device bundle for just £15 a year.</p><p>Bitdefender will actively spot and block any suspicious programs or activity on your system, and it guides you away from dangerous online content via plugins for Chrome and Firefox, plus Safari for Mac users. For sensitive transactions, the software will detect when you’re visiting a banking site or similar and offer to open it in Bitdefender’s custom Safepay browser, to defeat most spyware and other attacks.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution" data-original-url="/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution">Avast Antivirus Free review: Our favourite free solution</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/357510/the-it-pro-podcast-how-hackers-steal-your-password" data-original-url="/security/cyber-security/357510/the-it-pro-podcast-how-hackers-steal-your-password">The IT Pro Podcast: How hackers steal your password</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/endpoint-security/356467/kaspersky-endpoint-security-cloud-review-merciless-against" data-original-url="/security/endpoint-security/356467/kaspersky-endpoint-security-cloud-review-merciless-against">Kaspersky Endpoint Security Cloud review: Merciless against malware</a></p></div></div><p>There’s also an ingenious ransomware remediation module, provided as an extra line of defence just in case something slips past the scanner. It doesn’t prevent apps from writing to your personal folders – since that could interfere with the proper functioning of legitimate software – but instead keeps dynamic backups of modified files, which can be instantly restored as needed.</p><p>The suite also offers specific protections for webcams and microphones, ensuring criminals can’t spy on, or listen into, your personal life. And a versatile parental control service links you to a central web management portal, from which you can browse and restrict kids’ screen time and app usage across all platforms. You can even track their location if you’ve installed the companion app on their Android or iOS smartphone.</p><p>The cherry on top is Bitdefender’s own-brand <a href="https://www.itpro.com/networking/27210/do-i-need-a-vpn" data-original-url="https://www.itpro.com/networking/27210/do-i-need-a-vpn">VPN service</a> but this is quite limited, as it will only protect up to 200MB of data a day. That’s fine for securely checking in with a message board, but you won’t be able to use it to keep all your online activity private. You can’t select a server location either, so it won’t help you get around geographical restrictions.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="BbEcffNjdxAKdmwpxqcgYL" name="" alt="A screenshot of Bitdefender Internet Security's privacy dashboard" src="https://cdn.mos.cms.futurecdn.net/BbEcffNjdxAKdmwpxqcgYL.jpg" mos="https://cdn.mos.cms.futurecdn.net/BbEcffNjdxAKdmwpxqcgYL.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Bitdefender is undeniably effective. In malware tests carried out in the first half of 2021 Bitdefender achieved perfect 100% protection ratings from both AV-Comparatives.org and AV-Test.org. That’s reassuring but, for context, note that numerous other suites achieved the same score, including the Windows Defender tool that’s built into Windows 10.</p><p>And Bitdefender blotted its copybook a little when it came to false positives. On five separate occasions it made the wrong call, blocking a legitimate program or file.</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="TDddJPsRCmdrr35SdPri7g" name="TDddJPsRCmdrr35SdPri7g.jpg" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/TDddJPsRCmdrr35SdPri7g.jpg" mos="https://cdn.mos.cms.futurecdn.net/TDddJPsRCmdrr35SdPri7g.jpg" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>How to reduce the risk of phishing and ransomware</strong></p><p class="fancy-box__body-text">Top security concerns and tips for mitigation</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/ransomware/360247/how-to-reduce-the-risk-of-phishing-and-ransomware" data-original-url="/security/ransomware/360247/how-to-reduce-the-risk-of-phishing-and-ransomware">FREE DOWNLOAD</a></p></div></div><p>That’s nowhere near as bad as Norton 360 or Malwarebytes Premium, which registered 22 and 50 false positives respectively, but it still casts a tiny shadow of doubt over Bitdefender’s judgement; rival packages F-Secure SAFE and Eset Internet Security didn’t make any mistakes at all.</p><p>It’s good to know what your security software is doing, but sometimes you don’t want to be interrupted. Bitdefender addresses this with a smart profile system, which can automatically switch between silent and interactive operation depending on whether you’re working, gaming, using public Wi-Fi and so forth.</p><p>If you want to customise Bitdefender’s behaviour, the interface is logically laid out, with distinctive icons and clear labelling explaining what everything does.</p><p>The one area where Bitdefender doesn’t excel is speed. It took around five minutes to fully scan 55GB of data on an external hard disk, while suites from F-Secure, Trend Micro and Eset all completed the task in under a minute. It’s a tiny bit behind the pace in day-to-day use, too. The independent testing labs found it slowed down Windows operations by an average of 10.2%. Still, that’s better than Windows Defender, which had an impact of 12.5%.</p><p>Two things hold Bitdefender Internet Security back from the winner’s podium – it isn’t as speedy as other suites and its false positive rate isn’t quite as reassuring, either.</p><p>Those aren’t necessarily deal-breakers, however. They’re issues you might well be able to live with. At the end of the day, it’s a highly capable security suite and, if you buy from Amazon, it’s great value, too.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Avast Antivirus Free review: Our favourite free solution ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution</link>
                                                                            <description>
                            <![CDATA[ Excellent protection with minimal intrusions and a strong set of bonus features – and it doesn’t cost a penny ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">jQuCvjE2mNxdRE1WTeVgFd</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/rmS7PV5znhbE7vnZ2dsihZ-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 04 Aug 2021 14:54:45 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Darien Graham-Smith ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/nZP8qH6BDshBkBZo9Kvhbe.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/rmS7PV5znhbE7vnZ2dsihZ-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A screenshot of Avast Antivirus Free showing various protection modules]]></media:description>                                                            <media:text><![CDATA[A screenshot of Avast Antivirus Free showing various protection modules]]></media:text>
                                <media:title type="plain"><![CDATA[A screenshot of Avast Antivirus Free showing various protection modules]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/rmS7PV5znhbE7vnZ2dsihZ-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>If you don’t want to pay for malware protection, there are several free options. The most obvious is what’s already built into Windows 10, but big names such as Bitdefender and Kaspersky also offer free versions. In our view, however, Avast’s is the best free offering, providing strong protection and a feature set that goes beyond its rivals.</p><p>It’s not quite impeccable: during AV-Comparatives’ malware tests, Avast dropped the ball just once. If our protection scores were extended to three decimal places, it would come away with an overall rating of 99.998%. That’s still an excellent result, and better than you can expect from the free editions of Avira or Malwarebytes – or indeed Microsoft Defender. There’s a good range of scanning and notification options too, meaning you can tweak Avast’s behaviour to suit your preferences.</p><p>Avast also missed out on a clean sheet when it came to false positives, erroneously sounding the alarm three times during the test. Again, though, that’s better than Windows’ built-in scanner fared, and a mile ahead of paid-for suites from Malwarebytes and Norton.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/endpoint-security/356467/kaspersky-endpoint-security-cloud-review-merciless-against" data-original-url="/security/endpoint-security/356467/kaspersky-endpoint-security-cloud-review-merciless-against">Kaspersky Endpoint Security Cloud review: Merciless against malware</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/357510/the-it-pro-podcast-how-hackers-steal-your-password" data-original-url="/security/cyber-security/357510/the-it-pro-podcast-how-hackers-steal-your-password">The IT Pro Podcast: How hackers steal your password</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/endpoint-security/356447/f-secure-protection-service-for-business-review-f-ing-good" data-original-url="/security/endpoint-security/356447/f-secure-protection-service-for-business-review-f-ing-good">F-Secure Protection Service for Business review: A strong choice for SMBs</a></p></div></div><p>Beyond regular malware-blocking duties, Avast wins credit for its breadth of additional protections. As soon as you install it, Avast inspects your browser for suspect extensions, and scans your installed applications to spot any that might be in need of security updates. If you want Avast to automatically fetch and apply the patches, you’ll need to upgrade to the Premium package, but the warnings alone provide valuable insight that other packages miss.</p><p>Then there’s the Wi-Fi scanner, which sniffs out all other devices on your wireless network to help you <a href="https://www.itpro.com/network-internet/wifi-hotspots/358230/how-to-share-a-wi-fi-connection-securely" data-original-url="https://www.itpro.com/network-internet/wifi-hotspots/358230/how-to-share-a-wi-fi-connection-securely">spot any intruders</a> and warns you if it detects any insecure passwords or other vulnerabilities that could be exploited by an attacker. Again, the software can’t fix such issues, but it can at least indicate where you need to shore up your defences.</p><p>The <a href="https://www.itpro.com/security/ransomware/360435/is-this-the-end-of-the-road-for-ransomware" data-original-url="https://www.itpro.com/security/ransomware/360435/is-this-the-end-of-the-road-for-ransomware">Ransomware</a> Shield, meanwhile, does the same job as Windows’ built-in Controlled Folder Access feature, but in a more user-friendly way. When an untrusted program tries to write to a protected location, Avast immediately flings up a requester that lets you block or approve the app with a click, rather than requiring you to rummage around in the settings.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="LQTUPaJKBUqWWaQNgiDbMc" name="" alt="A screenshot of Avast Antivirus Free showing locked privacy tools" src="https://cdn.mos.cms.futurecdn.net/LQTUPaJKBUqWWaQNgiDbMc.jpg" mos="https://cdn.mos.cms.futurecdn.net/LQTUPaJKBUqWWaQNgiDbMc.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Finally, the Hack Alert feature extends protection outside of your own network by monitoring releases of leaked or hacked data from third-party servers. If any credentials connected to your email address are found to have been compromised then you’ll be warned immediately, giving you a chance to change your password before someone else does. <a href="https://www.itpro.com/security/data-breaches/359713/fbi-partners-with-have-i-been-pwned-on-breached-password-database" data-original-url="https://www.itpro.com/security/data-breaches/359713/fbi-partners-with-have-i-been-pwned-on-breached-password-database">Have I Been Pwned</a> offers the same free service, but it’s handy to have the function built into your security software – and it works continually in the background. </p><p>As a rule, the catch with free software is the upsell. We were irked but not entirely shocked when, even before the program had launched for the first time, the installer popped up a warning that the firewall and phishing protection modules weren’t enabled. Predictably enough, clicking “Resolve all” takes you to a purchasing page, where you’re invited to pay up for Avast Premium Security. </p><p>Yet it’s hard to feel too annoyed by this. The premium subscription isn’t offensively expensive – the two-year option works out to £23 per annum – and once you start using the program proper, there’s very little in the way of pushy marketing. Yes, the interface is laden with buttons for features that aren’t included in this free edition, but they’re all clearly marked with little orange padlock icons, so you never feel deceived. The worst we can really say is that all the icons clutter up the front-end a bit.</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="B2q7WnjeR9PaiVL7iTeGV4" name="B2q7WnjeR9PaiVL7iTeGV4.jpg" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/B2q7WnjeR9PaiVL7iTeGV4.jpg" mos="https://cdn.mos.cms.futurecdn.net/B2q7WnjeR9PaiVL7iTeGV4.jpg" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>The five essentials from your endpoint security partner</strong></p><p class="fancy-box__body-text">Empower your MSP business to operate efficiently</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/business-operations/managed-service-provider-msp/360322/the-five-essentials-from-your-endpoint" data-original-url="/business-operations/managed-service-provider-msp/360322/the-five-essentials-from-your-endpoint">FREE DOWNLOAD</a></p></div></div><p>The other potential area of concern is performance, and carrying out a full scan of our test folder proved a slow business, dragging on for more than a quarter of an hour. In everyday use, however, you’re likely to rely upon on-access scanning, and here Avast ticks along smoothly. Across AV-Test and AV-Comparatives’ tests, system speed with Avast Antivirus Free averaged 91.9% of “bare metal” performance, stacking up incredibly well against competitors. </p><p>When you download a free antivirus package, you know you’re not going to get the kitchen sink. Even so, Avast brings together a broad range of useful security tools – and when it comes to the job of stopping viruses, it performs very creditably. Perhaps most pleasingly, while the advertising element is certainly there, we never found it obnoxious. All of this makes Avast our favourite free solution.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Remote workforce security report  ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/endpoint-security/358843/remote-workforce-security-report</link>
                                                                            <description>
                            <![CDATA[ Key challenges, security threats, and investment priorities of organisations during the pandemic ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">dhV4JXNr4tNpwpufau7JjY</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/vygdvCL5VfMidAxpopQA7g-1280-80.png" type="image/png" length="0"></enclosure>
                                                                        <pubDate>Wed, 10 Mar 2021 13:27:48 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Data Protection]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                <author><![CDATA[ itpro@futurenet.com (ITPro) ]]></author>                    <dc:creator><![CDATA[ ITPro ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/png" url="https://cdn.mos.cms.futurecdn.net/vygdvCL5VfMidAxpopQA7g-1280-80.png">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[remote workforce security report - whitepaper from Okta]]></media:description>                                                            <media:text><![CDATA[remote workforce security report - whitepaper from Okta]]></media:text>
                                <media:title type="plain"><![CDATA[remote workforce security report - whitepaper from Okta]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/vygdvCL5VfMidAxpopQA7g-1280-80.png" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="aVingsbZaxsFEzjgWucZgF" name="" alt="Okta logo" src="https://cdn.mos.cms.futurecdn.net/aVingsbZaxsFEzjgWucZgF.png" mos="https://cdn.mos.cms.futurecdn.net/aVingsbZaxsFEzjgWucZgF.png" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Find out how organisations like yours are managing remote workforce security during the pandemic. </p><p>This report presents the findings of a survey conducted during the height of the pandemic and discusses topics such as workers using unmanaged devices, threats of malware and phishing, and increases in productivity. </p><p>Download the report now to look at where remote work might be headed and more. </p><iframe frameborder="0" height="1000" width="100%" data-lazy-priority="low" data-lazy-src="https://dennis.cvtr.io/forms/okta-2021-eng?locale=1&p=false&wp=5825"></iframe>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Lenovo ThinkPad L14 review: It’s not right but it’s okay ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/hardware/357386/lenovo-thinkpad-l14-its-not-right-but-its-okay</link>
                                                                            <description>
                            <![CDATA[ Pleasant enough for simple office tasks ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">hLU1Mr4yygTjKcUZpUodKq</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/3kXHCkSD2hT6A77qU9o5Hd-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 09 Oct 2020 14:33:16 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Digital Transformation]]></category>
                                                    <category><![CDATA[Business]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sabina Weston ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/3kXHCkSD2hT6A77qU9o5Hd-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A side view of a Lenovo ThinkPad L14 sat on a clear glass table next to a bowl of bananas]]></media:description>                                                            <media:text><![CDATA[A side view of a Lenovo ThinkPad L14 sat on a clear glass table next to a bowl of bananas]]></media:text>
                                <media:title type="plain"><![CDATA[A side view of a Lenovo ThinkPad L14 sat on a clear glass table next to a bowl of bananas]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/3kXHCkSD2hT6A77qU9o5Hd-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>There’s always a subtle hint of nostalgia when working on a <a href="https://www.itpro.com/hardware/tablets" data-original-url="https://www.itpro.com/search/thinkpad">ThinkPad</a>. The laptop hasn’t changed much since the release of its very first model in 1992 and is as much of a nineties staple as AOL or the Spice Girls, down to that iconic little red dot in the middle of the keyboard which is supposed to be useful but really isn’t (more on that later).</p><p>When buying a ThinkPad, users have come to expect a certain level of dependability from the device, regardless of whether it’s a <a href="https://www.itpro.com/laptops/31880/lenovo-thinkpad-x1-carbon-2018-review-a-flawed-gem-of-a-14in-laptop" data-original-url="https://www.itpro.com/laptops/31880/lenovo-thinkpad-x1-carbon-2018-review-a-flawed-gem-of-a-14in-laptop">ThinkPad X1 Carbon</a> or a <a href="https://www.itpro.com/laptops/34370/lenovo-thinkpad-x390-review-an-all-purpose-business-companion" data-original-url="https://www.itpro.com/laptops/34370/lenovo-thinkpad-x390-review-an-all-purpose-business-companion">ThinkPad X390</a>. Described as a “powerful, entry-level laptop”, the L14 is aimed at professionals looking for a standard, no-fuss device that doesn’t sacrifice its performance.</p><p>However, can it truly live up to the ThinkPad’s iconic status?</p><h2 id="lenovo-thinkpad-l14-review-design">Lenovo ThinkPad L14 review: Design</h2><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/354468/if-not-passwords-then-what" data-original-url="/security/cyber-security/354468/if-not-passwords-then-what">If not passwords then what?</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/hardware/laptops/354709/hands-on-with-lenovos-2020-business-hardware-lineup" data-original-url="/hardware/laptops/354709/hands-on-with-lenovos-2020-business-hardware-lineup">Hands-on with Lenovo's 2020 business hardware lineup</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/hardware/laptops/354694/lenovo-thinkpad-x1-fold-hands-on-review-first-foldable-pc-feels-like-the" data-original-url="/hardware/laptops/354694/lenovo-thinkpad-x1-fold-hands-on-review-first-foldable-pc-feels-like-the">Lenovo ThinkPad X1 Fold hands-on review: First foldable PC feels like the future</a></p></div></div><p>Although ThinkPads might still be associated with the unappealing boxiness of nineties <a href="https://www.itpro.com/hardware" data-original-url="https://www.itpro.com/hardware">hardware</a>, the L14 definitely exceeds expectations and shows that appearances can be misleading. </p><p>While most modern laptops seek to charm users with their sleek, aluminium looks, the ThinkPads are still made out of the classic fibre-reinforced plastic which has that reassuring feel to it. It may not be pretty, but it’s sturdy and makes it difficult for the device to slip out of your hand when carrying it around. </p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="HkBcMN66MdcMZpZ5VRrWXR" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/HkBcMN66MdcMZpZ5VRrWXR.jpg" mos="https://cdn.mos.cms.futurecdn.net/HkBcMN66MdcMZpZ5VRrWXR.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>On the other hand, it definitely isn’t the lightest device out there - at 1.65kg, it’s around 400g heavier than most modern laptops. Its weight might make it tiresome to carry around all day and the ThinkPad’s signature chunky design might make it difficult to fit into a small bag. However, a tote bag might suffice if it’s just for a short walk to the local cafe. After all, it doesn’t seem like we’ll be commuting anywhere further <a href="https://www.itpro.com/business/business-operations/356630/microsoft-wont-reopen-its-offices-until-january-2021" data-original-url="https://www.itpro.com/business/business-operations/356630/microsoft-wont-reopen-its-offices-until-january-2021">until 2021</a>.</p><h2 id="lenovo-thinkpad-l14-review-display">Lenovo ThinkPad L14 review: Display</h2><p>At first glance, the 14in 1080p IPS display seems perfectly acceptable. In fact, it gave the impression of a reasonably bright screen capable of producing vivid colours. However, further inspection and a few tests revealed that colour fidelity is far from ideal. The L14’s screen covered just 59.5% of the sRGB colour gamut, while the maximum brightness is only 243.5 cd/m2. That’s a poor technical showing, and we’d be concerned about using the laptop in bright conditions, or for anything requiring colour accuracy.</p><p>Nevertheless, it does have its assets. The anti-glare coating helps alleviate some of the brightness issues and is also available with a touchscreen. Despite the poor colour accuracy, we wouldn’t write this screen off completely. It’s not best-suited for users who spend a lot of time mixing colours in Photoshop or InDesign, but it’s pleasant enough for simple office tasks.</p><h2 id="lenovo-thinkpad-l14-review-keyboard-and-touchpad">Lenovo ThinkPad L14 review: Keyboard and touchpad</h2><p>The ThinkPad range has been using what is essentially the same keyboard for most of its history, and in comparison to other laptop keyboards of the 21st century, the L14’s backlit keys (with two levels of brightness) may seem quite chunky and ungraceful. However, there’s a reason the ThinkPad keyboard has remained unchanged for all that time; it’s not only comfortable to type on, but also among the sturdiest laptop keyboards around. </p><p>We can’t discuss the ThinkPad’s keyboard without mentioning the elephant in the room; disguised as a little red dot, the classic Trackpoint nubbin is arguably one of the most controversial elements of modern laptop design. As Lenovo’s chief design officer David Hill once famously said: “Some people get it and some people don’t; some people acquire the taste. It’s hard to explain, but I still think there’s a use for it.” The L14’s Trackpoint might have been reworked to be less sensitive and more precise, but that doesn’t mean that there’s much need for it apart from its visual appeal. </p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="nUhwUA4uyWsgmX5NAWvV8W" name="" alt="A side view of a Lenovo ThinkPad L14 sat on a clear glass table next to a bowl of bananas" src="https://cdn.mos.cms.futurecdn.net/nUhwUA4uyWsgmX5NAWvV8W.jpg" mos="https://cdn.mos.cms.futurecdn.net/nUhwUA4uyWsgmX5NAWvV8W.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>It’s safe to say that the ClickPad - another distinctive hallmark of the range - was not our favourite part of the laptop. It often got out of hand and fought hard to establish a life of its own. Finding the right angle on the trackpad to click on something was especially challenging, making the working process a rather stressful experience. It almost seemed as if Lenovo specifically intended users to only use the mouse buttons above the trackpad rather than the somewhat temperamental buttons built into the trackpad itself and, although it can be done, it takes time to get used to.</p><h2 id="lenovo-thinkpad-l14-review-ports-and-features">Lenovo ThinkPad L14 review: Ports and features</h2><p>Users seeking extra security will be impressed with the options offered by this laptop, with biometric login supported by both a fingerprint scanner or <a href="https://www.itpro.com/security/privacy/356882/the-pros-and-cons-of-facial-recognition-technology" data-original-url="https://www.itpro.com/security/privacy/356882/the-pros-and-cons-of-facial-recognition-technology">facial recognition</a>. We chose the former and it was largely unproblematic. It might have denied us access on a few occasions but it was still way more efficient than the iPhone’s TouchID. However, users should bear in mind that the feature is available in only two out of the five possible L14 configurations.</p><p>The L14 laptop also comes with an integrated suite of Lenovo’s ThinkShield <a href="https://www.itpro.com/security" data-original-url="https://www.itpro.com/security">security</a> solutions, unveiled by the company two years ago, and a ThinkShutter privacy cover for the webcam.</p><p>The L14 comes with a perfectly acceptable number of ports: two USB 3.1 Gen 1, one HDMI 1.4, an RJ45, and a USB-C for its 65W charger. There’s also a MicroSD card reader, while users are able to choose whether the device includes a SIM tray.</p><p>One potential drawback is that the L14 only has one 3.5mm jack port which is intended for microphones and headphones alike. However, this is perfectly fine for an entry-level laptop and it didn’t prove to be troublesome at all.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="PDq67sM79RsWqsq8fS3VoH" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/PDq67sM79RsWqsq8fS3VoH.jpg" mos="https://cdn.mos.cms.futurecdn.net/PDq67sM79RsWqsq8fS3VoH.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><h2 id="lenovo-thinkpad-l14-review-battery">Lenovo ThinkPad L14 review: Battery</h2><p>The L14’s battery definitely has a lot of potential. Lenovo claims that the L14 has a battery life of 12 hours and, as we put it to the test, the statement proved to be (almost) factual. The ThinkPad’s battery managed to survive 11hrs 18mins in our battery testing, which is quite impressive. In practise, however, we found that the real-world battery life isn’t anything like as good as this. </p><p>On a busy day with reasonably intense use - with an average 15 tabs open in <a href="https://www.itpro.com/tag/google-chrome" data-original-url="https://www.itpro.com/search/google%20chrome">Google Chrome</a> - the battery only lasts around five hours. Chances are slim that it will last you a full workday, so you’ll want to make sure you carry a charger. On the other hand, once you connect the L14 to a power outlet, it’s capable of charging up to 80% in just one hour, so all is not lost. Nevertheless, we felt quite underwhelmed by this disappointing battery life.</p><h2 id="lenovo-thinkpad-l14-review-specs-and-performance">Lenovo ThinkPad L14 review: Specs and performance</h2><p>The Lenovo ThinkPad L14 uses <a href="https://www.itpro.com/tag/intel" data-original-url="https://www.itpro.com/search/intel">Intel</a>’s Core i5-10210U CPU and 8GB DDR4 3200MHz RAM. Although it’s not the most powerful option out there, it performs well enough for simple office tasks but could become overwhelmed when under an increased strain with numerous programmes running at once. </p><p>In our benchmark tests, the L14 scored an 87 in image editing, 115 in video editing, and a 28 in multitasking, which reflected our initial impressions. Its overall score was 67 - not the strongest, but certainly adequate for most users. It’s outpaced by most of the competition, such as the LG Gram 14 and its overall score of 73, but at this price, it’s hard to complain. Basically, it’s just enough muscle to get you through the day, if you manage to stay away from anything too demanding.</p><h2 id="lenovo-thinkpad-l14-review-verdict">Lenovo ThinkPad L14 review: Verdict</h2><p>The <a href="https://www.itpro.com/tag/lenovo" data-original-url="https://www.itpro.com/search/lenovo">Lenovo</a> ThinkPad L14 doesn’t have a lot of negative qualities but the severity of them, such as its heavy weight or poor colour fidelity, might be considered a dealbreaker to some. Moreover, we believe that in this price bracket, Lenovo could have done better with the L14’s battery.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="BpiEpSEoHaDmiScyVP95hS" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/BpiEpSEoHaDmiScyVP95hS.jpg" mos="https://cdn.mos.cms.futurecdn.net/BpiEpSEoHaDmiScyVP95hS.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>On the upside, the charging time is remarkably fast and the keyboard is very comfortable to work on. Fans of a good worktime playlist will definitely appreciate the Dolby Audio speakers, while those who tend to get a bit paranoid about webcams will welcome the added ThinkShutter privacy cover. The time has come to rip off that tacky bandaid - it never looked professional anyway.</p><p>Overall, if you’re looking for without demanding too much, the L14 might be just for you.</p><h2 id="lenovo-thinkpad-l14-specifications">Lenovo ThinkPad L14 specifications</h2><div ><table><tbody><tr><td  ><strong>Processor</strong></td><td  >Intel Core i5-10210U</td></tr><tr><td  ><strong>RAM</strong></td><td  >8GB DDR4 3200MHz SoDIMM</td></tr><tr><td  ><strong>Graphics adapter</strong></td><td  >Intel® UHD</td></tr><tr><td  ><strong>Storage</strong></td><td  >256GB</td></tr><tr><td  ><strong>Screen size</strong></td><td  >14in</td></tr><tr><td  ><strong>Screen resolution</strong></td><td  >1920x1080</td></tr><tr><td  ><strong>Screen type</strong></td><td  >IPS Anti-Glare</td></tr><tr><td  ><strong>Touchscreen</strong></td><td  >N/A</td></tr><tr><td  ><strong>Pointing devices</strong></td><td  >ClickPad, Trackpoint</td></tr><tr><td  ><strong>Memory card slot</strong></td><td  >MicroSD card reader</td></tr><tr><td  ><strong>3.5mm audio jack</strong></td><td  >Yes</td></tr><tr><td  ><strong>Graphics outputs</strong></td><td  >USB-C Gen 1, USB-C Gen 2</td></tr><tr><td  ><strong>Other ports</strong></td><td  >2 x USB 3.1 Gen 1</td></tr><tr><td  ><strong>Web Cam</strong></td><td  >IR & 720p HD Camera with Microphone</td></tr><tr><td  ><strong>Speakers</strong></td><td  >Dolby Audio™</td></tr><tr><td  ><strong>Wi-Fi</strong></td><td  >Intel Wi-Fi 6 AX200 (2x2 AX)</td></tr><tr><td  ><strong>Bluetooth</strong></td><td  >Bluetooth 5.0</td></tr><tr><td  ><strong>NFC</strong></td><td  >Yes</td></tr><tr><td  ><strong>Dimensions (WDH)</strong></td><td  >20.4 x 331 x 235mm</td></tr><tr><td  ><strong>Weight</strong></td><td  >1.65kg</td></tr><tr><td  ><strong>Battery size</strong></td><td  >45Wh</td></tr><tr><td  ><strong>Operating system</strong></td><td  >Windows 10 Pro</td></tr><tr><td  ><strong>Warranty</strong></td><td  >1 year</td></tr></tbody></table></div>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ AVG AntiVirus Free review: Great malware protection, though the upsell is a turn-off ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/cyber-security/355934/avg-antivirus-free-review</link>
                                                                            <description>
                            <![CDATA[ AVG serves up the same powerful antivirus engine as Avast, but the trimmings aren’t as generous ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">w2FrDLidi212hg22QXTptQ</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/wfc5Uoc97SfcPP2kBohpcU-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 04 Jun 2020 15:44:18 +0000</pubDate>                                                                                                                                <updated>Thu, 26 May 2022 15:44:18 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Darien Graham-Smith ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/nZP8qH6BDshBkBZo9Kvhbe.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/wfc5Uoc97SfcPP2kBohpcU-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A screenshot of AVG AntiVirus Free&amp;#039;s main dashboard]]></media:description>                                                            <media:text><![CDATA[A screenshot of AVG AntiVirus Free&amp;#039;s main dashboard]]></media:text>
                                <media:title type="plain"><![CDATA[A screenshot of AVG AntiVirus Free&amp;#039;s main dashboard]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/wfc5Uoc97SfcPP2kBohpcU-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>AVG is owned by Avast, so it’s no surprise to find that this free antivirus solution has some similarities to <a href="https://www.itpro.com/security/antivirus/367693/avast-one-essential-review-a-great-free-antivirus-solution-with-some" data-original-url="https://www.itpro.com/security/antivirus/367693/avast-one-essential-review-a-great-free-antivirus-solution-with-some">the free Avast One Essential package</a>. In fact, it evidently uses the same underlying security engine: in their most recent tests, independent security testing labs <a href="https://www.av-comparatives.org">AV-Comparatives.org</a> and <a href="https://www.av-test.org/en">AV-Test.org</a> both reported identical protection results for the two packages.</p><p>That’s a good thing. In AV-Comparatives’ online protection test, AVG’s achieved a superb score of 99.8%, nosing ahead of Microsoft Defender on 99.6%. And when AV-Test pitted the software against an array of both zero-day and widespread threats, AVG cleaned up with a perfect 100% score.</p><p>Not everything is the same, however. AVG has a very different interface, with a sombre grey theme. Frankly we’re not fans: the controls are split between big card-type buttons in the centre of the window and various buttons and menus on the periphery. It’s not obvious what’s available, nor where to find it. </p><p>It’s also hard to overlook the fact that, of the five main buttons, only two relate to features that are actually included in the package. The other three just bring up pages inviting you to upgrade to <a href="https://www.itpro.com/security/antivirus/360646/avg-internet-security-review-money-for-nothing" data-original-url="https://www.itpro.com/security/antivirus/360646/avg-internet-security-review-money-for-nothing">the full AVG Internet Security suite</a>. At £24 for the first year this might seem like a fair deal, but that only covers a single Windows computer. A ten-device licence costs £36, and as with Avast One, the price doubles after the first year, which feels like a rather slimy way to make money.</p><p>The features that are here overlap considerably with Avast One. The easy-to-use anti-ransomware module is pleasingly familiar, and while the firewall isn’t installed by default, you can install it as a separate component from within the AVG application. The secure browser is an optional extra too – although beware, if you click through the pre-ticked boxes it’ll be not only installed but set as your default web browser.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="APeJrM9aXa4baY4SpcJXe3" name="" alt="A screenshot of AVG AntiVirus Free's vulnerability scanner" src="https://cdn.mos.cms.futurecdn.net/APeJrM9aXa4baY4SpcJXe3.jpg" mos="https://cdn.mos.cms.futurecdn.net/APeJrM9aXa4baY4SpcJXe3.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/antivirus/367661/panda-free-antivirus-review-a-free-security-tool-with-a-personality-all" data-original-url="/security/antivirus/367661/panda-free-antivirus-review-a-free-security-tool-with-a-personality-all">Panda Free Antivirus review: A free security tool with a personality all of its own</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/antivirus/28144/best-antivirus" data-original-url="/antivirus/28144/best-antivirus">Best antivirus for Windows 10</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/malware/28153/whats-the-difference-between-antimalware-and-antivirus" data-original-url="/malware/28153/whats-the-difference-between-antimalware-and-antivirus">What's the difference between antimalware and antivirus?</a></p></div></div><p>One difference between the Avast and AVG packages is that AVG doesn’t include the <a href="https://www.itpro.com/desktop-software/28688/best-free-vpn-apps" data-original-url="https://www.itpro.com/desktop-software/28688/best-free-vpn-apps">free VPN</a>. In its place, you get a network scanner that probes all the devices on your network for security vulnerabilities. While you won’t use this feature every day, it’s a good thing to run from time to time, and there’s also a handy feature that alerts you to any new clients that have joined since your last scan, to help spot any intruders.</p><p>The other notable difference isn’t so positive for AVG. Any antivirus suite that tries to actively block malicious web content will affect your browsing experience, but AV-Test.org found that AVG had the worst impact of any free antivirus suite, slowing down web browsing by a whopping 28%. For comparison, Avast One Essential had an impact of 17% on a standard PC, while Microsoft Defender only slowed things down by 15%. </p><p>We’re left with not much reason to recommend AVG AntiVirus Free. Sure, it does an excellent job of malware protection, and has some decent add-on features. Aside from the network scanner, though, Avast One Essential offers all the same benefits in a slicker package.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Keep yourself protected with our list of the best security suites ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/cyber-security/355932/keep-yourself-protected-with-out-list-of-the-best-security-suites</link>
                                                                            <description>
                            <![CDATA[ With more malware lurking in the shadows than ever before, it’s critical that you keep yourself safe ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">xeZXUiAHusWYfeNmYMA42w</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/NAEo9aFrDcWStQQY4fKaCC-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 04 Jun 2020 15:34:36 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Darien Graham-Smith ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/nZP8qH6BDshBkBZo9Kvhbe.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/NAEo9aFrDcWStQQY4fKaCC-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A neon blue digital padlock against a black background]]></media:description>                                                            <media:text><![CDATA[A neon blue digital padlock against a black background]]></media:text>
                                <media:title type="plain"><![CDATA[A neon blue digital padlock against a black background]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/NAEo9aFrDcWStQQY4fKaCC-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The malware threat is more insidious than ever. If you’re not properly protected, you may not know you’ve been hit until dodgy-looking transactions start appearing on your online shopping accounts, or an alert pops up warning that your files have been encrypted. Simply being careful online is no longer good enough – not that it ever was.</p><p>Fortunately, as we all know, security software isn’t something you necessarily need to spend money on. A decent degree of protection is built right into Windows 10, and there are copious providers promising to keep you safe for free.</p><p>With so much at stake, though, the question is whether opting for a free suite is a false economy – especially when some paid-for suites can be had for almost nugatory sums. Alongside the free options this month, we test a whole spread of commercial security software at prices ranging from just £7 up to £50 per annum.</p><p>So if you’ve been wondering whether it’s worth paying a premium for high-end protection, or whether you’re just as well off with a cheap or free solution, you’ll find the answer on the following pages. Read on to discover which products will keep you safe on a tight budget, and which struggle to justify their price tags.</p><p>Bitdefender is one of the most effective security suites around. In AV-Test’s tests, it achieved a perfect 100% score for malware protection, and dropped only a few marks for AV-Comparatives. While this doesn’t quite match Norton 360’s flawless record, Bitdefender did better than Norton in the false-positive test, making only a single mistake across all tests – and the suite is nimble too, with a creditable 94% rating for system performance.</p><p>Bitdefender will appeal if you’re the sort who likes lots of features and options to play with. The customisable dashboard gives access to a selection of core features, and the Protection and Privacy panes offer plenty more to explore. The sheer number of things to click on might seem daunting at first, but everything is laid out in front of you in a way that makes it easy to grasp the features on offer and find what you’re looking for.</p><p>As you’d expect, the Protection pane includes options for launching and configuring various types of scan, as well as settings for web-based and behavioural protection. It’s also here that you’ll find Bitdefender’s own firewall: by default, this runs quietly in the background, relying on its own intelligence to decide what should be allowed to access the internet and what should be blocked, but you can review its decisions, set up your own rules and even enforce different behaviours for different networks. There’s also a Vulnerability Scan tool that warns you about missing updates for Windows and applications, and highlights weak passwords and insecure networks.</p><p>Unusually, Bitdefender offers not one but two modules aimed at defeating ransomware. The first, Safe Files, does the same thing as Windows 10’s Protected Folders component, blocking untrusted apps from writing to selected folders. But it’s partnered by a novel Ransomware Remediation feature, which automatically takes temporary backups of vulnerable files, ready for instant restoration if needed. It’s a reassuring belt-and-braces approach.</p><p>One last protection feature that’s worth highlighting is the Bitdefender Rescue Environment. Many security suites let you create a bootable rescue CD or flash drive, but Bitdefender goes a step further and automatically sets up a minimal rescue environment on your hard disk. If you fear your PC has been compromised, it takes just a few clicks to reboot and fully scan your system from outside of Windows. </p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="ccqvdf5aA2dudXJUCteXTV" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/ccqvdf5aA2dudXJUCteXTV.jpg" mos="https://cdn.mos.cms.futurecdn.net/ccqvdf5aA2dudXJUCteXTV.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Switching to the Privacy pane exposes a miscellany of features, including Bitdefender’s locked-down Safepay browser. You probably won’t want to use this hardened app as your everyday browser, so we like the way you can set it to pop up only when you visit a banking or shopping site. You don’t need to buy the whole suite to get Safepay, though: it’s available as a free standalone download.</p><p>Similarly, the bundled VPN service (provided by Hotspot Shield) doesn’t add a huge amount of value to the package. Your exit node is automatically chosen for you, and throughput is limited to just 200MB per day. That, of course, is because Bitdefender wants you to pay to unlock unlimited data, but to be fair it’s not badly priced at £38 a year for full access to servers in 27 different countries. </p><p>The final major feature is the parental controls, which are among the best. Once you’ve remotely pushed the agent onto your child’s computer, you can monitor and approve the apps and websites they’re accessing, as well as enforcing screen time schedules and total usage limits. Install the app on their Android phone and you can also keep an eye on their contacts and track their location from the Bitdefender website.</p><p>A third program pane, headed Utilities, suggests that there might be even more to the suite, but clicking on it brings up an advert for Bitdefender Total Security Multi-Device, which adds cross-platform protection and a few extra system tools. It will cost you £35 for five devices, but we don’t think it’s worth it as the extra tools only do the same jobs as free alternatives.</p><p>On the subject of price, if you buy direct from Bitdefender then it automatically renews your subscription at a higher price if you allow it to roll into a second year. However, it sends warnings and you can opt out of recurrent billing at the point of purchase.</p><p>Either way, this is a superb security suite – one that’s effective and loaded with features, yet at the same time lightweight and easy to use. Competing packages have their strengths, but as a one-stop all-rounder, Bitdefender can’t be beaten.</p><p>Avast’s headline price of zero quid can’t be beaten – but the trade-off is some quite aggressive in-application marketing. The tone is set right from the word go, with an installation process that pops up warnings such as “you only have a basic firewall” and “your PC may be suffering from slowdown and clutter”. Click through and suddenly you’re asked to pay £20 a year for Avast’s Premium Security package; you can continue with free protection by closing the window, but this isn’t explained. Advertising is one thing, but this feels positively deceptive.</p><p>There’s more sneaky design at play once the program’s installed. Click around the Protection, Privacy and Performance panes and you’ll find icons for 18 features – but only a minority of these are included in the free edition of the software, while the rest are marked with small padlock overlays. Click on one and you’ll once again be prompted to upgrade to the paid-for suite – or to install one of Avast’s other money-spinners, such as Avast Driver Updater or its SecureLine VPN service.</p><p>Happily, what Avast doesn’t do any more is pester you with pop-up ads, so once you’ve got through setup and initial configuration, you can leave it running in the background and largely forget it’s there. </p><p>And we have to say, its protection capabilities aren’t bad at all. Avast’s malware engine achieved a reassuring 99.6% overall protection rating in the latest independent tests, handling not just real-time virus scanning and behavioural analysis but browser-based threats too, including dodgy downloads and suspicious scripts. If you’re using a local email client such as Outlook, Avast Free Antivirus will scan incoming and outgoing email attachments. You can enable website blocking as well, although this isn’t exactly a proactive measure as you have to fill in the blacklist yourself. </p><p>A few useful system maintenance tools are included too. The Software Updater scans installed applications and flags up any that can be updated to a newer release, which may include important security enhancements; the “automatic updates” option turns out to be a dummy, which once again invites you to upgrade to the paid-for suite, but it’s no great hardship to run the scan manually every so often. Just bear in mind that there’s no guarantee that it will recognise every last app on your system – consider its recommendations a handy starting point rather than a complete solution to the problem of outdated apps.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="nq3WqSJTdRAE8nNTnHzcS" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/nq3WqSJTdRAE8nNTnHzcS.jpg" mos="https://cdn.mos.cms.futurecdn.net/nq3WqSJTdRAE8nNTnHzcS.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>On a similar theme, you also get Avast’s Wi-Fi inspector, which scans your home network for devices using insecure passwords, outdated firmware and so forth. We often hear of worms and hack attacks that spread by exploiting such vulnerabilities, so this module could be the one that saves you from a devastating malware attack – yet you won’t find it in any other free suite, nor indeed in most paid-for products.</p><p>If disaster does strike, you can also take advantage of Avast’s Rescue Disk creator. It may be hidden away on the Virus Scans page, but it’s a useful tool to have in your armoury: the wizard takes just two clicks to create a bootable CD or USB flash drive containing detection and disinfection tools, and since the recovery environment only takes up around 500MB, you don’t need to sacrifice a big, expensive flash drive to make use of it.</p><p>Finally, Avast will optionally install the company’s own Secure Browser. This is built on Chromium so the look and feel are familiar, but it adds a sandboxed Bank Mode along with Avast’s own ad blocker, phishing detector and password manager. If you decline the generous offer to make it your default browser, you can instead install a free browser extension for Chrome and Firefox that warns you away from dodgy content, and a password manager for Chrome. </p><p>For a free download, Avast is impressively well rounded. Naturally, you’ll get more from a paid-for suite: notably, Avast Free lacks a dedicated anti-ransomware component – that’s reserved for customers who cave in and upgrade to Premium Security – and the company doesn’t offer parental controls at all.</p><p>Even so, Avast’s protection rating of 99.6% isn’t bad at all, and while it was tripped up by a total of ten false positives, that’s no worse than AVG or Panda, and way better than Windows Defender. It won’t take much of a toll on your system, either: AV-Test gave Avast a 5.5/6 rating for performance, while AV-Comparatives gave it top marks in its own test. To be sure, there’s something distasteful about the way Avast Free Antivirus hectors you to upgrade, but it goes further to protect you than any of the free alternatives and that’s pretty hard to complain about.</p><p>If you buy Kaspersky Internet Security from the company’s website, you’ll pay £45 for a one-year, three-device licence – but the publisher allows retailers to apply deep discounts, and if you skip over to <a href="https://store.pcpro.co.uk/p35391-kaspersky_internet_security_2020_3-d_1-yr">our sister title PC Pro’s store</a>, you’ll find the same package for just £20. That’s a tempting price for a security suite that goes far beyond real-time malware protection.</p><p>Some of the extra features are familiar. The Safe Money browser does the same job as any other secure browser, although the green border helps ensure that you don’t get your windows mixed up, and we also like the way it can be set to spring up only when you arrive at a site that processes financial transactions.</p><p>More innovative features include the Network Monitor tool, which is really a firewall in disguise: you can see which processes are accessing the internet or your local network, and create rules to block anything that doesn’t look kosher. The Application Control feature lets you set granular permissions for every program’s access to system files, services, Registry branches and so on, as well as its ability to read and change Windows settings. It’s the most advanced process inspection and management tool we’ve seen in any security product – power users will love it.</p><p>That’s not to say Kaspersky is only for techies. The program’s Trusted Applications mode locks down Windows so only programs that have been positively validated by Kaspersky as safe can be opened – perfect for a kid’s PC, or for a less technically-able user.</p><p>There’s also a fair set of PC maintenance tools to hand, including a smart clean-up tool that highlights rarely used applications and blocks third-party installers from sneaking unwanted bundleware onto your system. It’s complemented by a scanner that finds non-standard Windows settings that might have been changed without your knowledge, an automatic application updater and a history cleaner. These functions are a bit extra to the core role of an internet security suite, but it’s great to see them all included in the price, as other publishers tend to push such things as paid-for extras. </p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="t5QEU6xTveHdjpKZZG24fd" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/t5QEU6xTveHdjpKZZG24fd.jpg" mos="https://cdn.mos.cms.futurecdn.net/t5QEU6xTveHdjpKZZG24fd.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>There are a few parts of Kaspersky Internet Security that you do have to pay to fully unlock. One is the Safe Kids parental control module – but it makes a degree of sense to separate these functions out as not everyone needs them. Indeed, parents may find that the basic free functions suffice, letting them enforce safe searching, category-based website blocking and time limits. Only if you want to add location tracking and social media monitoring do you need to cough up for the full edition, which costs £15 a year for any number of children.</p><p>Another restricted feature is the Kaspersky Secure Connect VPN. Like Bitdefender’s VPN, this is operated by Hotspot Shield, and it comes with the same limitations: you can’t choose the location of your exit node, and you can only transfer 200MB of data each day. To gain access to the full set of servers and unlimited data, you’ll have to pay an extra £50 a year for up to five devices, which is higher than Bitdefender’s £38. Keep an eye out for discounts, though, as at the time of writing the price has been slashed to just £20.</p><p>Finally, Kaspersky Internet Security invites you to download the company’s free, cross-platform password manager: the catch here is that it’ll only store passwords for up to 15 sites. The unlimited version costs £10.49 a year: we suggest you skip it and use a tool like LastPass instead.</p><p>With all these features crammed in, finding your way around can be confusing. While the six big buttons of the main interface look invitingly simple, many components are hidden behind the “More Tools” button, beyond which you’ll find a proliferation of tabs, panes, links and free-floating windows.</p><p>Also note that, in the latest independent malware tests, Kaspersky fell just a little short of greatness. Historically it’s always been a strong performer, and its overall protection score of 99.6% isn’t disgraceful, but against fierce competition, it ranks below average. On the plus side, it was the only suite we’ve tested recently to achieve a perfect score in the false positive tests.</p><p>Kaspersky also had nearly the lightest touch of any security product we looked at, with an excellent performance rating of 96.8%. In the current climate you might be reluctant to entrust your online safety to a company based in Russia – but we’ve no reason to doubt Kaspersky’s good faith, and it delivers a superb breadth of protection at a terrifically affordable price.</p><p>Symantec keeps on tinkering with the name of its flagship security suite: last year it was Norton Security, but now it’s been rebranded as Norton 360. The water is further muddied by the fact that it’s offered in Standard, Deluxe and Premium editions, which cover one, three (or five) and ten devices. The feature sets are the same, though, except that the single-device licence doesn’t include the parental control module – which is fair enough, as kids will presumably be using a separate device anyway.</p><p>Uniquely, Norton includes a cloud backup module. You’ll need to be selective about what you back up, as the Standard and Deluxe licences come with a fairly tight 10GB and 25GB of storage (50GB if you buy the five-device version), while the Premium licence gives you just 75GB shared between your ten devices. Still, assuming you already have a first-line backup regime in place, Norton adds a helpful extra level of off-site protection for your personal files.</p><p>Norton also distinguishes itself by including a full VPN with unlimited access to 31 servers worldwide – a far cry from the cut-down services offered by its rivals. Don’t get too excited: we found the VPN wasn’t able to unblock Netflix US, and our browsing speeds were slashed from 108Mbits/sec to just 39Mbits/sec even when using a UK-based server. However, for the occasional bit of privacy protection, it’s a definite plus point for Norton, especially when you compare the price of a dedicated VPN.</p><p>It’s good to see that the bundled parental controls aren’t hobbled, either. The Deluxe and Premium packages include full category-based website blocking, time limits and activity monitoring for Windows devices, plus location tracking for Android and iOS devices.</p><p>Beyond these big features, there’s not a lot more to the suite. At first glance, the interface looks like it’s full of tools and functions, but this is partly down to a muddled design that duplicates features across the “My Norton” and “Device Security” windows. Click around and the only other significant components you’ll find are the SafeCam feature – which lets you grant or deny webcam access to specific applications – and Norton’s free Safe Search and password manager extensions for Chrome and Edge. There’s no ransomware-specific protection, though the backup service could save your bacon if you get hit.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="jNkzj3393KSghdseUu3nHg" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/jNkzj3393KSghdseUu3nHg.jpg" mos="https://cdn.mos.cms.futurecdn.net/jNkzj3393KSghdseUu3nHg.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>The final core security component isn’t shown in the main interface, but is buried in the Settings menu. This is Norton’s firewall, which lets you configure application and protocol-specific rules, and set policies for dealing with subjective cases such as “uncommon protocols” and “low-risk applications”. It seems a bit odd that Symantec doesn’t make more of this feature, but that perhaps reflects the reality that only the most meddlesome of advanced users will want to adjust the default settings.</p><p>A couple of system tools fill out the feature list: the disk defragmenter and file clean-up tools replicate functions that are built into Windows, but the Startup Manager gives a useful insight into whether individual startup items on your PC are commonplace among Norton users or suspiciously rare.</p><p>Norton 360 can also boast of one achievement that only one rival can match: a 100% protection rating from both AV-Comparatives and AV-Test. Trend Micro managed the same, but blotted its copybook with 20 false positives, while Norton only fell for a more forgivable seven.</p><p>The user experience is better than you’d expect, too. The performance figures suggest that Norton has a significant impact on system responsiveness, but AV-Test noted that the slowdown was most obvious while installing new apps, while AV-Comparatives found that Norton primarily affected launch speed when apps were run for the first time. Those aren’t things you’ll be doing all that often, and when it comes to opening and using your everyday applications, Norton had a much lesser effect.</p><p>The last thing to talk about is the price. Officially, Norton 360 Deluxe costs £80 per year, but the Symantec website almost always seems to be a sale on – right now it’s reduced to £30, and if you shop around you’ll find the full five-device product online for just £20. As usual, look out for automatic renewals: make sure you cancel before your initial 12-month licence expires, or you’ll be billed the full RRP for your next year’s subscription.</p><p>With its built-in backup and VPN services, Norton stands out from the crowd, and even if those features aren’t high on your priority list, the suite’s low price and protection rating make it worth considering. </p><p>A decade ago, Microsoft launched a free-standing, ultra-lightweight virus scanner called “Security Essentials”. Since then it’s been not only renamed but progressively absorbed into Windows, to the extent that Defender no longer exists at all as a program in its own right: type its name into the Windows 10 Start menu and you’ll simply be directed to the main Security page in the Settings app.</p><p>Still, if you’re looking for the functions that used to comprise Defender, they’ve been shunted onto the “Virus & threat protection” page and have picked up a few new tricks along the way. Signatures are regularly downloaded via Windows Update, while a cloud protection feature can identify the latest threats even if they’re not in your database. Another addition is the offline scan function, which reboots your computer and carries out a forensic inspection of your hard disk from outside of Windows, leaving viruses with nowhere to hide.</p><p>Basic scans are supplemented by a few technologies designed to tackle ransomware head-on. Windows SmartScreen, which is enabled by default, pops up an alert when you try to install an unrecognised program, which should help slow the spread of trojan downloads – and if you insist on going ahead, Controlled Folder Access blocks untrusted apps from writing to your personal folders, unless you’ve whitelisted them. This latter feature isn’t switched on automatically, presumably to ensure legacy apps don’t run into problems, but it’s well worth enabling. </p><p>As a last resort, Windows will also prompt you to store your files in OneDrive, so you can roll back to previous versions if the originals are maliciously encrypted. While the principle is sound, it’s a bit icky to see Microsoft exploit the opportunity to promote its cloud service, especially since it actually does very little to help with the challenges of ransomware: the onus of ensuring your files are uploaded in the first place remains squarely on your shoulders, and if disaster does strike you’ll have to manually browse through your cloud files to find older versions to recover. You might as well use any other backup or cloud sync service.</p><p>Two other major features flesh out Windows’ integrated offering. One is the Windows Firewall, which lets you selectively lock down public and private networks, or grant access to specific apps. The odds are you’ll never need to, however, because the firewall does a fine job of keeping intruders out without any need for human interaction. There’s a reason why many third-party suites don’t even bother offering their own firewall any more.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="F5D7oBaSnTEqHNbMXUua5Y" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/F5D7oBaSnTEqHNbMXUua5Y.jpg" mos="https://cdn.mos.cms.futurecdn.net/F5D7oBaSnTEqHNbMXUua5Y.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Finally, there’s Windows’ parental controls. Microsoft doesn’t make a lot of noise about these, but Windows 10 gives you the ability to set screen time schedules and limits on kids’ laptops and Xbox consoles, monitor their online activity and even track their location – as long as they’re running the Microsoft Launcher on an Android smartphone. You can also block “inappropriate” sites, although there’s no granularity to this, nor any transparency into exactly what’s deemed unacceptable.</p><p>With all this bundled into the price of your Windows licence, it’s understandable if you’re tempted to stick with Defender as your security solution. Doing so means never having to worry about subscriptions, and keeps the number of intrusive pop-ups to a minimum: for the most part, it runs silently and invisibly in the background.</p><p>It must also be acknowledged that Defender and its companion modules do a fair job of keeping you safe. A few years ago, the software suffered from very poor malware detection rates, but it’s clawed its way up to a solid, mid-table protection score of 99.5%. </p><p>Even so, we’ve some reservations. For one, Defender is hands-down the worst performer we’ve seen recently when it comes to false positives, wrongly blocking or warning testers away from more than 30 harmless programs and websites. That might not bother you if you’re confident enough to recognise when your security software has made a mistake, but really that’s not a call you should ever have to make.</p><p>Second, Defender may look and feel lightweight, but it has quite an impact on system performance. AV-Test found that it slowed down the launch of standard software applications by 11%, while AV-Comparatives observed that it had a measurable impact on file-copy and installation operations: across all third-party tests only BullGuard was slower overall. We’re not saying that Windows Defender is a disaster by any means, but there are plenty of alternatives, both free and paid-for, that will give you sharper, smarter protection and actually make your PC run slightly faster. </p><p>BullGuard is one of the cheapest internet security suites around, and for the money, it delivers a good degree of malware protection. It’s not the leader, but it’s on par with Kaspersky, and it only slipped up once in AV-Test’s false-positives test – although it’s important to note that AV-Comparatives didn’t test it.</p><p>The package also brings together a fair set of features, including both a safe browser and an integrated backup client. BullGuard doesn’t provide online storage for your files, but it works with Dropbox, Google Drive and OneDrive, which may suffice to protect your precious files against ransomware. That’s just as well, since BullGuard doesn’t offer any sort of ransomware-specific protection.</p><p>There’s a set of bespoke parental controls, which can selectively block 24 different categories of websites, restrict PC and internet usage, ban specific applications and protocols and – unusually – prevent predefined strings from being transmitted online, so your child can’t broadcast their address or other information. The catch is that it only works for local Windows accounts: if your kids have their own phone or tablet, you’ll need to find another solution.</p><p>The Firewall module is similarly a little less than it seems. It provides a complicated Network Activity view, and a bespoke window for managing firewall rules, but behind it all, it’s the regular Windows Firewall that’s actually handling business. There’s no VPN module included in the suite either: clicking the “Try VPN” button takes you to a 30-day trial of the separate BullGuard VPN product, which is operated by NordVPN.</p><p>Two final features are the Game Booster and Boot Manager. The first doesn’t just silence notifications when you’re playing a game but also constrains resource usage by other tasks. The latter generates a detailed report of which processes are active during the startup process, so you can see if anything’s causing delays.</p><p>Sadly, the biggest cause of system slowdown turns out to be BullGuard itself. AV-Test found that it nearly doubled the time taken to install an application, delayed file copies by 19% and even bogged down web browsing by around 10%. This won’t make your PC unusable, but it’s a noticeable drag – and while BullGuard is quite effective and affordable, it’s not fantastic enough to make up for that.</p><p>We’re not saying Avira is pushy, but after installing Antivirus Pro you’re given a dashboard that invites you to install no less than eight other products. To be fair, they’re all free to download, but the Software Updater, Password Manager and VPN are feature-limited, and cost extra to fully enable.</p><p>The antivirus module itself is disappointingly bare. You can browse pages dedicated to Ransomware Protection, Web Protection and Mail Protection, but each one offers only a single on/off switch, and you have to open the Settings window to discover and adjust what gets scanned by each module. It’s a similar story with the Firewall: the main interface lets you turn it on and off, but only on peering into the Settings do you discover that Avira is merely acting as a middle-man for Windows’ built-in firewall.</p><p>The Home Guard scanner didn’t wholly endear itself to us, either. Like Avast’s network scanner, this scans all the devices on your home network for vulnerabilities, and it did usefully flag up some open ports and network shares. But the report is presented in a bafflingly undersized window, so reviewing it involves a lot of scrolling.</p><p>Still, when it comes to the crucial task of defeating viruses, Avira obviously knows what it’s doing. With an overall 99.9% protection rating, Avira Antivirus Pro came very near to the top of the performance chart, matching Labs Winner Bitdefender and losing out only to Norton and Trend Micro. The software also wrongly flagged up only a single false positive across all of AV-Comparatives and AV-Test’s exercises: here, only Kaspersky Internet Security 2020 did better.</p><p>System performance isn’t so strong, however, with Avira’s overall rating of 90.7% placing it in the lower half of the rankings. That would be easy to overlook if the package were cheap and cheerful, but in fact it’s one of the most expensive security products we’ve seen, costing £39 for the Antivirus Pro package or a wince-worthy £86 for the Prime package, which includes unlimited VPN usage and full versions of Avira’s Software Updater, Password Manager and System Speedup tools. </p><p>In the end that’s what does for Avira Antivirus Pro. It’s undeniably effective, but the expense is impossible to justify when the likes of Bitdefender and Norton deliver similar performance – and more features – for much lower prices.</p><p>Eset’s security products have long been popular among the tech cognoscenti. Whether you go for the antivirus-only NOD32 package or this more fully-featured suite, Eset has a reputation for top-notch security without intrusive pop-ups and interruptions, and minimal impact on the performance of your PC.</p><p>It isn’t cheap, though. Many security suites can be had at deeply discounted prices from Amazon and other retailers but with Eset your only option is to pay full price at the company’s own website. That works out to £32 to protect a single PC for one year: is the software really good enough to warrant the outlay?</p><h2 id="eset-internet-security-review-features">Eset Internet Security review: Features</h2><p>Eset Internet Security goes well beyond the basics of virus protection. As well as scanning local files, it blocks dodgy websites and links and, if you’re running a local email program like Outlook or Thunderbird, it will also scan for <a href="https://www.itpro.com/security/phishing/358767/high-risk-email-security-threats-increased-by-32-last-year" data-original-url="https://www.itpro.com/security/phishing/358767/high-risk-email-security-threats-increased-by-32-last-year">infected attachments, phishing links and spam</a>.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/endpoint-security/356467/kaspersky-endpoint-security-cloud-review-merciless-against" data-original-url="/security/endpoint-security/356467/kaspersky-endpoint-security-cloud-review-merciless-against">Kaspersky Endpoint Security Cloud review: Merciless against malware</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/357510/the-it-pro-podcast-how-hackers-steal-your-password" data-original-url="/security/cyber-security/357510/the-it-pro-podcast-how-hackers-steal-your-password">The IT Pro Podcast: How hackers steal your password</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution" data-original-url="/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution">Avast Antivirus Free review: Our favourite free solution</a></p></div></div><p>There’s a clever secure browsing mode, too, which provides extra peace of mind when you’re shopping or banking online: specific sites can be set to automatically open in a new secure window, with additional protection against keyloggers and the like. It’s up to you whether you let extensions like password managers run in secure windows.</p><p>Another noteworthy feature is Eset’s Connected Home scanner, which probes your network and flags up any router vulnerabilities discovered, as well as alerting you whenever a new client connects. Most of the time this will be because you’ve bought a new phone, or <a href="https://www.itpro.com/network-internet/wifi-hotspots/358230/how-to-share-a-wi-fi-connection-securely" data-original-url="https://www.itpro.com/network-internet/wifi-hotspots/358230/how-to-share-a-wi-fi-connection-securely">shared your Wi-Fi password with a friend</a> but it could be invaluable if an intruder does manage to sneak onto your network.</p><p>Unusually, Eset extends Windows’ built-in theft protections, adding the ability to capture camera pictures and screenshots from a stolen laptop, as well as simply locking and locating it. </p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="p7zC5ktHmraxhJhRFnHfbi" name="" alt="A screenshot of Eset Internet Security's connected home management panel" src="https://cdn.mos.cms.futurecdn.net/p7zC5ktHmraxhJhRFnHfbi.jpg" mos="https://cdn.mos.cms.futurecdn.net/p7zC5ktHmraxhJhRFnHfbi.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><h2 id="eset-internet-security-review-protection">Eset Internet Security review: Protection </h2><p>In the first half of 2021, Eset Internet Security was included in independent reports by both <a href="https://www.av-comparatives.org">AV-Comparatives.org</a> and <a href="https://av-test.org">AV-Test.org</a>. Across both labs’ tests it came away with an average protection rating of 99.8%. Some other suites scored a flawless 100%, including <a href="https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price" data-original-url="https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price">Bitdefender</a>, Kaspersky and Norton but Eset was close enough to perfection that we’re not inclined to quibble.</p><p>What’s more, none of those big names was able to match Eset’s perfect record for false positives: it sailed through extensive testing without wrongly flagging a single innocent item. Only F-Secure SAFE was able to equal that claim. It’s a strong confirmation of Eset’s excellent malware-detecting capabilities.</p><h2 id="eset-internet-security-review-user-interface">Eset Internet Security review: User interface</h2><p>We’re not fans of the creepy robot that welcomes you to the software, and frankly we find the Eset interface unnecessarily cumbersome to get around. Its features are split across six main pages in an arrangement that doesn’t seem particularly logical or intuitive.</p><p>Still, the technically minded will forgive that in exchange for hands-on controls such as the network protection troubleshooter, which lets you check up on what connections have been blocked and why, allowing you to unblock any items you think have been wrongly flagged – something that’s harder or impossible in most other suites.</p><p>It’s also hard to complain about Eset’s impact on your system. The two testing labs measured an average performance hit of just 7.8% with the software installed. That’s well below the 12.5% caused by Windows’ built-in security tools – indeed, it makes Eset one of the fastest security suites around.</p><h2 id="eset-internet-security-review-verdict">Eset Internet Security review: Verdict</h2><p>Eset Internet Security has a lot going for it. It’s an effective antivirus solution with impeccable accuracy and strong performance and it partners that core capability with a well-conceived set of additional features.</p><p>We’ve just one reservation, and that’s the price. £32 a year won’t break the bank but it’s hardly competitive for a licence that only covers one PC. For comparison, Norton costs a third as much for single-device protection, and BullGuard will cover five PCs for half the cost. Regrettably, that makes Eset Internet Security hard to recommend.</p><p>G Data’s dark red trim gives it the air of an emergency service, and the interface provides a sober, functional overview of your protection. The first two pages in particular are a hit: it only takes two clicks to check your system status, carry out various types of scan or create a bootable rescue disk.</p><p>The third page is for G Data’s proprietary, fully customisable firewall. Would-be sysadmins will appreciate the freedom this gives you to create your own security rules, but it’s fiddly to work with because the necessary controls are spread across three tabs in the main interface and then four more panes in the Settings window. </p><p>Next up is what’s advertised as a “cloud backup” feature – but you have to provide the storage yourself, in the form of either a Dropbox or Google Drive account. Doing so might protect your files from ransomware, but there are plenty of free backup tools that can do the same job, and most will go a lot further, with support for multiple backup sets and local destinations.</p><p>We’re not blown away by G Data’s parental controls, either. These offer simple web filtering and time limits for local Windows users, but if you want to extend protection to an Android device you’ll need to shell out £12.95 for a separate app. Lastly, perhaps the least useful bit of G Data Internet Security is the Autostart Manager. This shows you all the processes set to run at startup, but gives no hint as to whether they’re trustworthy or not. Wasn’t this supposed to be a security suite?</p><p>G Data doesn’t even inspire at the crucial task of stopping malware. It combines a home-grown scanner with one licensed from the much better-appointed Bitdefender suite, which you’d think would give you the best of both worlds – but Bitdefender’s effectiveness clearly isn’t down to its engine alone, as G Data’s two-pronged approach earned it only a 99.6% protection rating, which is no better than the free options.</p><p>AV-Test also rated G Data Internet Security one of the slowest security suites around, noting a performance drop-off of around 12% when visiting popular websites and launching applications, along with a steep 29% hit when installing new software. We could live with that if we had to, but there’s no reason to pay more than £40 a year for it – not when our top-rated packages offer broader, slicker protection at lower prices.</p><p>Panda Free Antivirus doesn’t bundle in a custom browser, parental controls or anything fancy like that. The focus is squarely on the important job of malware detection – and, as you would hope, it does it rather well, achieving a 99.6% protection rate in AV-Comparatives’ most recent report. That lab did find that the software also flagged up 12 false positives, which might confound less experienced users, but that’s way ahead of Windows Defender, and even beats some paid-for contenders.</p><p>A few secondary tools are included as well. The Rescue Kit lets you create a bootable flash drive for disinfecting compromised systems, while the Process Monitor works like a simple manual firewall: you can view all running processes, or only those accessing the internet, inspect their connections, view a risk rating assigned by Panda and optionally block any items you deem dodgy.</p><p>The package is rounded off by a basic VPN with servers in 23 countries, including the US, Russia and Brazil. Free users get 150MB of traffic a day – obviously this won’t get you very far on Netflix, but it might suffice if you simply need to check a secure server from time to time. If you want to move up to unlimited data, prices start at a steep £10 on a monthly contract, but then fall to a much more reasonable £2.16 a month if you sign up for three years.</p><p>One grey mark against Panda Free Antivirus is that, by default, it installs a browser plugin called Smart Shopping, which highlights online deals while you’re surfing. It’s easy to remove this – or if you’re sharp-eyed you can untick the box during the installation process – but the very idea of sneaking an extension into your browser feels inappropriate from a security provider.</p><p>The software also pops up occasional adverts to let you know what splendid value Panda’s paid-for security products are – but we’re happy to report that these can easily be silenced by unflicking a switch in the settings.</p><p>Lastly, note that Panda isn’t the fastest security tool out there, receiving a not-quite-stellar 92.2% performance rating from AV-Comparatives. Once again, though, it’s comfortably ahead of Windows Defender, so if you’re looking for a straightforward virus scanner that won’t nag you or fill your computer with unwanted bloat, Panda makes a very tempting option.</p><p>Trend Micro is a well-known name in the world of antivirus and cyber security, and for good reason - it’s historically been a well-rounded and capable solution offering robust protection.</p><p>That’s partly why it’s so surprising to find that, according to statistics from <a href="https://www.av-comparatives.org">AV-Comparatives.org</a> and <a href="https://www.av-test.org">AV-Test.org</a>, Trend Micro Internet Security’s overall protection rating of 99.5% falls behind most competitors, including <a href="https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price" data-original-url="https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price">Bitdefender</a> and <a href="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution" data-original-url="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution">Avast Antivirus Free</a>. </p><p>That shouldn’t necessarily rule it out of contention, though, as the functional difference in effectiveness between this and our winners is very small indeed. Sadly, that’s not the only way in which Trend Micro proved slightly off the pace in recent tests. </p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/360234/avast-and-norton-in-talks-over-multi-billion-dollar-merger" data-original-url="/security/cyber-security/360234/avast-and-norton-in-talks-over-multi-billion-dollar-merger">Avast and Norton in talks over multi-billion dollar merger</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/business-strategy/smb/360467/it-pro-2020-the-weak-link-in-cyber-security" data-original-url="/business-strategy/smb/360467/it-pro-2020-the-weak-link-in-cyber-security">IT Pro 20/20: The weak link in cyber security</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/desktop-software/26635/how-to-turn-on-windows-defender" data-original-url="/desktop-software/26635/how-to-turn-on-windows-defender">How to turn on Windows Defender</a></p></div></div><p>It registered three false positives in AV-Comparatives’ tests, and a further three for AV-Test, putting it near the bottom of the table for accuracy. And while the scanner raced through our hard disk in a brisk 41 seconds, the suite had a notable overall impact on everyday computer use.</p><p>Aside from real-time malware scanning, Trend Micro includes some distinctive extra features. Dedicated social media modules can audit your privacy settings on Facebook, LinkedIn and Twitter to make sure you’re not inadvertently over-sharing, while the browser plugin can insert risk ratings alongside links on those platforms.</p><p>There’s also a thoughtful “Mute mode”, which silences all but critical notifications and optionally suspends Windows Update to keep disruption to a minimum. Mute mode engages automatically when you’re running an app in full-screen mode, or you can turn it on manually for a preset period; sadly, you can’t tell the suite to activate Mute mode whenever specific windows applications are in the foreground. </p><p>Other features include Pay Guard, which automatically shunts your web session into a secure browser when you log onto a banking site or visit other sensitive pages, and Trend Micro’s anti-ransomware Folder Shield – basically a more user-friendly alternative to Windows’ built-in Controlled Folder Access. A parental control module is included too; this lets you set up time limits, web filtering and application control features, but these only apply to individual Windows accounts on the local machine.</p><p>It’s a fair set of features, and it’s all laid out in a clear interface. As we’ve noted, though, its recent statistics aren’t on par with the competition, and its price makes it one of the most expensive options. All this means it’s unlikely to top anyone’s shortlist.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ F-Secure SAFE review: A mediocre suite with no killer features ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/cyber-security/355931/f-secure-safe-review-a-mediocre-suite-with-no-killer-features</link>
                                                                            <description>
                            <![CDATA[ It’s nice to look at and not too expensive, but SAFE is neither particularly fast nor particularly effective ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">4fgD9iQ9mGyenyy1K6RxrM</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/ZTtT99pzc97pRjXSqFz9V-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 04 Jun 2020 15:26:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Security]]></category>
                                                                                                <author><![CDATA[ itpro@futurenet.com (ITPro) ]]></author>                    <dc:creator><![CDATA[ ITPro ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/ZTtT99pzc97pRjXSqFz9V-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A screenshot of Eset Internet Security&#039;s connected home management panel]]></media:description>                                                            <media:text><![CDATA[A screenshot of Eset Internet Security&#039;s connected home management panel]]></media:text>
                                <media:title type="plain"><![CDATA[A screenshot of Eset Internet Security&#039;s connected home management panel]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/ZTtT99pzc97pRjXSqFz9V-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The F-Secure SAFE interface is clean and clear – and the suite itself certainly isn’t cluttered with features. Naturally, it’ll watch for viruses, and carry out on-demand scans, but there’s little in the way of secondary functions to discover. </p><p>To some extent, this is because the important stuff is taking place behind the scenes. F-Secure doesn’t transfer your sensitive transactions into a separate browser, but it does install extensions for Chrome and Firefox aimed at doing a similar job. It even detects when you’re connected to a payment or banking site and locks down all other network traffic, so snoopers can’t capture your details.</p><p>Similarly, while SAFE doesn’t make a song and dance about its anti-ransomware feature, it’s there in the background, blocking untrusted access to your personal folders. But it only does the same as the Protected Folders feature built into Windows 10, which feels a little superfluous.</p><p>There’s not much imagination on display on the Tools page, either. “App and file control” merely lets you browse files that have been blocked, quarantined or protected, while the website control window lets you enter URLs to blacklist and whitelist for the current user – hardly a feature we’ve been crying out for. The Firewall icon modestly takes you to Windows’ native firewall settings.</p><p>The most ambitious part of SAFE is its parental controls, which let you apply daily time limits and web filtering for Windows devices, plus app restrictions and location tracking on Android and iOS. It’s a nice system, and centrally managed from a friendly web portal: installing the software on a child’s laptop and phone will eat up two of your three licences, but if need be you can find a five-device edition online for a very reasonable £22.50. </p><p>A bigger issue is performance. AV-Comparatives found that F-Secure SAFE neutralised only 99.3% of threats, which is a little on the low side – and in the same lab’s false-positive test it blocked 25 harmless programs and websites, a tally that only beats Windows Defender.</p><p>In its tests, AV-Comparatives also found that F-Secure measurably slowed down both file copies and downloads, which resulted in a performance rating far behind the likes of Eset and Kaspersky. So, in the absence of a killer feature, F-Secure SAFE emerges as a mediocre suite that doesn’t distinguish itself in any particular way.</p><p>Bitdefender is one of the most effective security suites around. In AV-Test’s tests, it achieved a perfect 100% score for malware protection, and dropped only a few marks for AV-Comparatives. While this doesn’t quite match Norton 360’s flawless record, Bitdefender did better than Norton in the false-positive test, making only a single mistake across all tests – and the suite is nimble too, with a creditable 94% rating for system performance.</p><p>Bitdefender will appeal if you’re the sort who likes lots of features and options to play with. The customisable dashboard gives access to a selection of core features, and the Protection and Privacy panes offer plenty more to explore. The sheer number of things to click on might seem daunting at first, but everything is laid out in front of you in a way that makes it easy to grasp the features on offer and find what you’re looking for.</p><p>As you’d expect, the Protection pane includes options for launching and configuring various types of scan, as well as settings for web-based and behavioural protection. It’s also here that you’ll find Bitdefender’s own firewall: by default, this runs quietly in the background, relying on its own intelligence to decide what should be allowed to access the internet and what should be blocked, but you can review its decisions, set up your own rules and even enforce different behaviours for different networks. There’s also a Vulnerability Scan tool that warns you about missing updates for Windows and applications, and highlights weak passwords and insecure networks.</p><p>Unusually, Bitdefender offers not one but two modules aimed at defeating ransomware. The first, Safe Files, does the same thing as Windows 10’s Protected Folders component, blocking untrusted apps from writing to selected folders. But it’s partnered by a novel Ransomware Remediation feature, which automatically takes temporary backups of vulnerable files, ready for instant restoration if needed. It’s a reassuring belt-and-braces approach.</p><p>One last protection feature that’s worth highlighting is the Bitdefender Rescue Environment. Many security suites let you create a bootable rescue CD or flash drive, but Bitdefender goes a step further and automatically sets up a minimal rescue environment on your hard disk. If you fear your PC has been compromised, it takes just a few clicks to reboot and fully scan your system from outside of Windows. </p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="ccqvdf5aA2dudXJUCteXTV" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/ccqvdf5aA2dudXJUCteXTV.jpg" mos="https://cdn.mos.cms.futurecdn.net/ccqvdf5aA2dudXJUCteXTV.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Switching to the Privacy pane exposes a miscellany of features, including Bitdefender’s locked-down Safepay browser. You probably won’t want to use this hardened app as your everyday browser, so we like the way you can set it to pop up only when you visit a banking or shopping site. You don’t need to buy the whole suite to get Safepay, though: it’s available as a free standalone download.</p><p>Similarly, the bundled VPN service (provided by Hotspot Shield) doesn’t add a huge amount of value to the package. Your exit node is automatically chosen for you, and throughput is limited to just 200MB per day. That, of course, is because Bitdefender wants you to pay to unlock unlimited data, but to be fair it’s not badly priced at £38 a year for full access to servers in 27 different countries. </p><p>The final major feature is the parental controls, which are among the best. Once you’ve remotely pushed the agent onto your child’s computer, you can monitor and approve the apps and websites they’re accessing, as well as enforcing screen time schedules and total usage limits. Install the app on their Android phone and you can also keep an eye on their contacts and track their location from the Bitdefender website.</p><p>A third program pane, headed Utilities, suggests that there might be even more to the suite, but clicking on it brings up an advert for Bitdefender Total Security Multi-Device, which adds cross-platform protection and a few extra system tools. It will cost you £35 for five devices, but we don’t think it’s worth it as the extra tools only do the same jobs as free alternatives.</p><p>On the subject of price, if you buy direct from Bitdefender then it automatically renews your subscription at a higher price if you allow it to roll into a second year. However, it sends warnings and you can opt out of recurrent billing at the point of purchase.</p><p>Either way, this is a superb security suite – one that’s effective and loaded with features, yet at the same time lightweight and easy to use. Competing packages have their strengths, but as a one-stop all-rounder, Bitdefender can’t be beaten.</p><p>Avast’s headline price of zero quid can’t be beaten – but the trade-off is some quite aggressive in-application marketing. The tone is set right from the word go, with an installation process that pops up warnings such as “you only have a basic firewall” and “your PC may be suffering from slowdown and clutter”. Click through and suddenly you’re asked to pay £20 a year for Avast’s Premium Security package; you can continue with free protection by closing the window, but this isn’t explained. Advertising is one thing, but this feels positively deceptive.</p><p>There’s more sneaky design at play once the program’s installed. Click around the Protection, Privacy and Performance panes and you’ll find icons for 18 features – but only a minority of these are included in the free edition of the software, while the rest are marked with small padlock overlays. Click on one and you’ll once again be prompted to upgrade to the paid-for suite – or to install one of Avast’s other money-spinners, such as Avast Driver Updater or its SecureLine VPN service.</p><p>Happily, what Avast doesn’t do any more is pester you with pop-up ads, so once you’ve got through setup and initial configuration, you can leave it running in the background and largely forget it’s there. </p><p>And we have to say, its protection capabilities aren’t bad at all. Avast’s malware engine achieved a reassuring 99.6% overall protection rating in the latest independent tests, handling not just real-time virus scanning and behavioural analysis but browser-based threats too, including dodgy downloads and suspicious scripts. If you’re using a local email client such as Outlook, Avast Free Antivirus will scan incoming and outgoing email attachments. You can enable website blocking as well, although this isn’t exactly a proactive measure as you have to fill in the blacklist yourself. </p><p>A few useful system maintenance tools are included too. The Software Updater scans installed applications and flags up any that can be updated to a newer release, which may include important security enhancements; the “automatic updates” option turns out to be a dummy, which once again invites you to upgrade to the paid-for suite, but it’s no great hardship to run the scan manually every so often. Just bear in mind that there’s no guarantee that it will recognise every last app on your system – consider its recommendations a handy starting point rather than a complete solution to the problem of outdated apps.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="nq3WqSJTdRAE8nNTnHzcS" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/nq3WqSJTdRAE8nNTnHzcS.jpg" mos="https://cdn.mos.cms.futurecdn.net/nq3WqSJTdRAE8nNTnHzcS.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>On a similar theme, you also get Avast’s Wi-Fi inspector, which scans your home network for devices using insecure passwords, outdated firmware and so forth. We often hear of worms and hack attacks that spread by exploiting such vulnerabilities, so this module could be the one that saves you from a devastating malware attack – yet you won’t find it in any other free suite, nor indeed in most paid-for products.</p><p>If disaster does strike, you can also take advantage of Avast’s Rescue Disk creator. It may be hidden away on the Virus Scans page, but it’s a useful tool to have in your armoury: the wizard takes just two clicks to create a bootable CD or USB flash drive containing detection and disinfection tools, and since the recovery environment only takes up around 500MB, you don’t need to sacrifice a big, expensive flash drive to make use of it.</p><p>Finally, Avast will optionally install the company’s own Secure Browser. This is built on Chromium so the look and feel are familiar, but it adds a sandboxed Bank Mode along with Avast’s own ad blocker, phishing detector and password manager. If you decline the generous offer to make it your default browser, you can instead install a free browser extension for Chrome and Firefox that warns you away from dodgy content, and a password manager for Chrome. </p><p>For a free download, Avast is impressively well rounded. Naturally, you’ll get more from a paid-for suite: notably, Avast Free lacks a dedicated anti-ransomware component – that’s reserved for customers who cave in and upgrade to Premium Security – and the company doesn’t offer parental controls at all.</p><p>Even so, Avast’s protection rating of 99.6% isn’t bad at all, and while it was tripped up by a total of ten false positives, that’s no worse than AVG or Panda, and way better than Windows Defender. It won’t take much of a toll on your system, either: AV-Test gave Avast a 5.5/6 rating for performance, while AV-Comparatives gave it top marks in its own test. To be sure, there’s something distasteful about the way Avast Free Antivirus hectors you to upgrade, but it goes further to protect you than any of the free alternatives and that’s pretty hard to complain about.</p><p>If you buy Kaspersky Internet Security from the company’s website, you’ll pay £45 for a one-year, three-device licence – but the publisher allows retailers to apply deep discounts, and if you skip over to <a href="https://store.pcpro.co.uk/p35391-kaspersky_internet_security_2020_3-d_1-yr">our sister title PC Pro’s store</a>, you’ll find the same package for just £20. That’s a tempting price for a security suite that goes far beyond real-time malware protection.</p><p>Some of the extra features are familiar. The Safe Money browser does the same job as any other secure browser, although the green border helps ensure that you don’t get your windows mixed up, and we also like the way it can be set to spring up only when you arrive at a site that processes financial transactions.</p><p>More innovative features include the Network Monitor tool, which is really a firewall in disguise: you can see which processes are accessing the internet or your local network, and create rules to block anything that doesn’t look kosher. The Application Control feature lets you set granular permissions for every program’s access to system files, services, Registry branches and so on, as well as its ability to read and change Windows settings. It’s the most advanced process inspection and management tool we’ve seen in any security product – power users will love it.</p><p>That’s not to say Kaspersky is only for techies. The program’s Trusted Applications mode locks down Windows so only programs that have been positively validated by Kaspersky as safe can be opened – perfect for a kid’s PC, or for a less technically-able user.</p><p>There’s also a fair set of PC maintenance tools to hand, including a smart clean-up tool that highlights rarely used applications and blocks third-party installers from sneaking unwanted bundleware onto your system. It’s complemented by a scanner that finds non-standard Windows settings that might have been changed without your knowledge, an automatic application updater and a history cleaner. These functions are a bit extra to the core role of an internet security suite, but it’s great to see them all included in the price, as other publishers tend to push such things as paid-for extras. </p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="t5QEU6xTveHdjpKZZG24fd" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/t5QEU6xTveHdjpKZZG24fd.jpg" mos="https://cdn.mos.cms.futurecdn.net/t5QEU6xTveHdjpKZZG24fd.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>There are a few parts of Kaspersky Internet Security that you do have to pay to fully unlock. One is the Safe Kids parental control module – but it makes a degree of sense to separate these functions out as not everyone needs them. Indeed, parents may find that the basic free functions suffice, letting them enforce safe searching, category-based website blocking and time limits. Only if you want to add location tracking and social media monitoring do you need to cough up for the full edition, which costs £15 a year for any number of children.</p><p>Another restricted feature is the Kaspersky Secure Connect VPN. Like Bitdefender’s VPN, this is operated by Hotspot Shield, and it comes with the same limitations: you can’t choose the location of your exit node, and you can only transfer 200MB of data each day. To gain access to the full set of servers and unlimited data, you’ll have to pay an extra £50 a year for up to five devices, which is higher than Bitdefender’s £38. Keep an eye out for discounts, though, as at the time of writing the price has been slashed to just £20.</p><p>Finally, Kaspersky Internet Security invites you to download the company’s free, cross-platform password manager: the catch here is that it’ll only store passwords for up to 15 sites. The unlimited version costs £10.49 a year: we suggest you skip it and use a tool like LastPass instead.</p><p>With all these features crammed in, finding your way around can be confusing. While the six big buttons of the main interface look invitingly simple, many components are hidden behind the “More Tools” button, beyond which you’ll find a proliferation of tabs, panes, links and free-floating windows.</p><p>Also note that, in the latest independent malware tests, Kaspersky fell just a little short of greatness. Historically it’s always been a strong performer, and its overall protection score of 99.6% isn’t disgraceful, but against fierce competition, it ranks below average. On the plus side, it was the only suite we’ve tested recently to achieve a perfect score in the false positive tests.</p><p>Kaspersky also had nearly the lightest touch of any security product we looked at, with an excellent performance rating of 96.8%. In the current climate you might be reluctant to entrust your online safety to a company based in Russia – but we’ve no reason to doubt Kaspersky’s good faith, and it delivers a superb breadth of protection at a terrifically affordable price.</p><p>Symantec keeps on tinkering with the name of its flagship security suite: last year it was Norton Security, but now it’s been rebranded as Norton 360. The water is further muddied by the fact that it’s offered in Standard, Deluxe and Premium editions, which cover one, three (or five) and ten devices. The feature sets are the same, though, except that the single-device licence doesn’t include the parental control module – which is fair enough, as kids will presumably be using a separate device anyway.</p><p>Uniquely, Norton includes a cloud backup module. You’ll need to be selective about what you back up, as the Standard and Deluxe licences come with a fairly tight 10GB and 25GB of storage (50GB if you buy the five-device version), while the Premium licence gives you just 75GB shared between your ten devices. Still, assuming you already have a first-line backup regime in place, Norton adds a helpful extra level of off-site protection for your personal files.</p><p>Norton also distinguishes itself by including a full VPN with unlimited access to 31 servers worldwide – a far cry from the cut-down services offered by its rivals. Don’t get too excited: we found the VPN wasn’t able to unblock Netflix US, and our browsing speeds were slashed from 108Mbits/sec to just 39Mbits/sec even when using a UK-based server. However, for the occasional bit of privacy protection, it’s a definite plus point for Norton, especially when you compare the price of a dedicated VPN.</p><p>It’s good to see that the bundled parental controls aren’t hobbled, either. The Deluxe and Premium packages include full category-based website blocking, time limits and activity monitoring for Windows devices, plus location tracking for Android and iOS devices.</p><p>Beyond these big features, there’s not a lot more to the suite. At first glance, the interface looks like it’s full of tools and functions, but this is partly down to a muddled design that duplicates features across the “My Norton” and “Device Security” windows. Click around and the only other significant components you’ll find are the SafeCam feature – which lets you grant or deny webcam access to specific applications – and Norton’s free Safe Search and password manager extensions for Chrome and Edge. There’s no ransomware-specific protection, though the backup service could save your bacon if you get hit.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="jNkzj3393KSghdseUu3nHg" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/jNkzj3393KSghdseUu3nHg.jpg" mos="https://cdn.mos.cms.futurecdn.net/jNkzj3393KSghdseUu3nHg.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>The final core security component isn’t shown in the main interface, but is buried in the Settings menu. This is Norton’s firewall, which lets you configure application and protocol-specific rules, and set policies for dealing with subjective cases such as “uncommon protocols” and “low-risk applications”. It seems a bit odd that Symantec doesn’t make more of this feature, but that perhaps reflects the reality that only the most meddlesome of advanced users will want to adjust the default settings.</p><p>A couple of system tools fill out the feature list: the disk defragmenter and file clean-up tools replicate functions that are built into Windows, but the Startup Manager gives a useful insight into whether individual startup items on your PC are commonplace among Norton users or suspiciously rare.</p><p>Norton 360 can also boast of one achievement that only one rival can match: a 100% protection rating from both AV-Comparatives and AV-Test. Trend Micro managed the same, but blotted its copybook with 20 false positives, while Norton only fell for a more forgivable seven.</p><p>The user experience is better than you’d expect, too. The performance figures suggest that Norton has a significant impact on system responsiveness, but AV-Test noted that the slowdown was most obvious while installing new apps, while AV-Comparatives found that Norton primarily affected launch speed when apps were run for the first time. Those aren’t things you’ll be doing all that often, and when it comes to opening and using your everyday applications, Norton had a much lesser effect.</p><p>The last thing to talk about is the price. Officially, Norton 360 Deluxe costs £80 per year, but the Symantec website almost always seems to be a sale on – right now it’s reduced to £30, and if you shop around you’ll find the full five-device product online for just £20. As usual, look out for automatic renewals: make sure you cancel before your initial 12-month licence expires, or you’ll be billed the full RRP for your next year’s subscription.</p><p>With its built-in backup and VPN services, Norton stands out from the crowd, and even if those features aren’t high on your priority list, the suite’s low price and protection rating make it worth considering. </p><p>A decade ago, Microsoft launched a free-standing, ultra-lightweight virus scanner called “Security Essentials”. Since then it’s been not only renamed but progressively absorbed into Windows, to the extent that Defender no longer exists at all as a program in its own right: type its name into the Windows 10 Start menu and you’ll simply be directed to the main Security page in the Settings app.</p><p>Still, if you’re looking for the functions that used to comprise Defender, they’ve been shunted onto the “Virus & threat protection” page and have picked up a few new tricks along the way. Signatures are regularly downloaded via Windows Update, while a cloud protection feature can identify the latest threats even if they’re not in your database. Another addition is the offline scan function, which reboots your computer and carries out a forensic inspection of your hard disk from outside of Windows, leaving viruses with nowhere to hide.</p><p>Basic scans are supplemented by a few technologies designed to tackle ransomware head-on. Windows SmartScreen, which is enabled by default, pops up an alert when you try to install an unrecognised program, which should help slow the spread of trojan downloads – and if you insist on going ahead, Controlled Folder Access blocks untrusted apps from writing to your personal folders, unless you’ve whitelisted them. This latter feature isn’t switched on automatically, presumably to ensure legacy apps don’t run into problems, but it’s well worth enabling. </p><p>As a last resort, Windows will also prompt you to store your files in OneDrive, so you can roll back to previous versions if the originals are maliciously encrypted. While the principle is sound, it’s a bit icky to see Microsoft exploit the opportunity to promote its cloud service, especially since it actually does very little to help with the challenges of ransomware: the onus of ensuring your files are uploaded in the first place remains squarely on your shoulders, and if disaster does strike you’ll have to manually browse through your cloud files to find older versions to recover. You might as well use any other backup or cloud sync service.</p><p>Two other major features flesh out Windows’ integrated offering. One is the Windows Firewall, which lets you selectively lock down public and private networks, or grant access to specific apps. The odds are you’ll never need to, however, because the firewall does a fine job of keeping intruders out without any need for human interaction. There’s a reason why many third-party suites don’t even bother offering their own firewall any more.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="F5D7oBaSnTEqHNbMXUua5Y" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/F5D7oBaSnTEqHNbMXUua5Y.jpg" mos="https://cdn.mos.cms.futurecdn.net/F5D7oBaSnTEqHNbMXUua5Y.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Finally, there’s Windows’ parental controls. Microsoft doesn’t make a lot of noise about these, but Windows 10 gives you the ability to set screen time schedules and limits on kids’ laptops and Xbox consoles, monitor their online activity and even track their location – as long as they’re running the Microsoft Launcher on an Android smartphone. You can also block “inappropriate” sites, although there’s no granularity to this, nor any transparency into exactly what’s deemed unacceptable.</p><p>With all this bundled into the price of your Windows licence, it’s understandable if you’re tempted to stick with Defender as your security solution. Doing so means never having to worry about subscriptions, and keeps the number of intrusive pop-ups to a minimum: for the most part, it runs silently and invisibly in the background.</p><p>It must also be acknowledged that Defender and its companion modules do a fair job of keeping you safe. A few years ago, the software suffered from very poor malware detection rates, but it’s clawed its way up to a solid, mid-table protection score of 99.5%. </p><p>Even so, we’ve some reservations. For one, Defender is hands-down the worst performer we’ve seen recently when it comes to false positives, wrongly blocking or warning testers away from more than 30 harmless programs and websites. That might not bother you if you’re confident enough to recognise when your security software has made a mistake, but really that’s not a call you should ever have to make.</p><p>Second, Defender may look and feel lightweight, but it has quite an impact on system performance. AV-Test found that it slowed down the launch of standard software applications by 11%, while AV-Comparatives observed that it had a measurable impact on file-copy and installation operations: across all third-party tests only BullGuard was slower overall. We’re not saying that Windows Defender is a disaster by any means, but there are plenty of alternatives, both free and paid-for, that will give you sharper, smarter protection and actually make your PC run slightly faster. </p><p>BullGuard is one of the cheapest internet security suites around, and for the money, it delivers a good degree of malware protection. It’s not the leader, but it’s on par with Kaspersky, and it only slipped up once in AV-Test’s false-positives test – although it’s important to note that AV-Comparatives didn’t test it.</p><p>The package also brings together a fair set of features, including both a safe browser and an integrated backup client. BullGuard doesn’t provide online storage for your files, but it works with Dropbox, Google Drive and OneDrive, which may suffice to protect your precious files against ransomware. That’s just as well, since BullGuard doesn’t offer any sort of ransomware-specific protection.</p><p>There’s a set of bespoke parental controls, which can selectively block 24 different categories of websites, restrict PC and internet usage, ban specific applications and protocols and – unusually – prevent predefined strings from being transmitted online, so your child can’t broadcast their address or other information. The catch is that it only works for local Windows accounts: if your kids have their own phone or tablet, you’ll need to find another solution.</p><p>The Firewall module is similarly a little less than it seems. It provides a complicated Network Activity view, and a bespoke window for managing firewall rules, but behind it all, it’s the regular Windows Firewall that’s actually handling business. There’s no VPN module included in the suite either: clicking the “Try VPN” button takes you to a 30-day trial of the separate BullGuard VPN product, which is operated by NordVPN.</p><p>Two final features are the Game Booster and Boot Manager. The first doesn’t just silence notifications when you’re playing a game but also constrains resource usage by other tasks. The latter generates a detailed report of which processes are active during the startup process, so you can see if anything’s causing delays.</p><p>Sadly, the biggest cause of system slowdown turns out to be BullGuard itself. AV-Test found that it nearly doubled the time taken to install an application, delayed file copies by 19% and even bogged down web browsing by around 10%. This won’t make your PC unusable, but it’s a noticeable drag – and while BullGuard is quite effective and affordable, it’s not fantastic enough to make up for that.</p><p>We’re not saying Avira is pushy, but after installing Antivirus Pro you’re given a dashboard that invites you to install no less than eight other products. To be fair, they’re all free to download, but the Software Updater, Password Manager and VPN are feature-limited, and cost extra to fully enable.</p><p>The antivirus module itself is disappointingly bare. You can browse pages dedicated to Ransomware Protection, Web Protection and Mail Protection, but each one offers only a single on/off switch, and you have to open the Settings window to discover and adjust what gets scanned by each module. It’s a similar story with the Firewall: the main interface lets you turn it on and off, but only on peering into the Settings do you discover that Avira is merely acting as a middle-man for Windows’ built-in firewall.</p><p>The Home Guard scanner didn’t wholly endear itself to us, either. Like Avast’s network scanner, this scans all the devices on your home network for vulnerabilities, and it did usefully flag up some open ports and network shares. But the report is presented in a bafflingly undersized window, so reviewing it involves a lot of scrolling.</p><p>Still, when it comes to the crucial task of defeating viruses, Avira obviously knows what it’s doing. With an overall 99.9% protection rating, Avira Antivirus Pro came very near to the top of the performance chart, matching Labs Winner Bitdefender and losing out only to Norton and Trend Micro. The software also wrongly flagged up only a single false positive across all of AV-Comparatives and AV-Test’s exercises: here, only Kaspersky Internet Security 2020 did better.</p><p>System performance isn’t so strong, however, with Avira’s overall rating of 90.7% placing it in the lower half of the rankings. That would be easy to overlook if the package were cheap and cheerful, but in fact it’s one of the most expensive security products we’ve seen, costing £39 for the Antivirus Pro package or a wince-worthy £86 for the Prime package, which includes unlimited VPN usage and full versions of Avira’s Software Updater, Password Manager and System Speedup tools. </p><p>In the end that’s what does for Avira Antivirus Pro. It’s undeniably effective, but the expense is impossible to justify when the likes of Bitdefender and Norton deliver similar performance – and more features – for much lower prices.</p><p>Eset’s security products have long been popular among the tech cognoscenti. Whether you go for the antivirus-only NOD32 package or this more fully-featured suite, Eset has a reputation for top-notch security without intrusive pop-ups and interruptions, and minimal impact on the performance of your PC.</p><p>It isn’t cheap, though. Many security suites can be had at deeply discounted prices from Amazon and other retailers but with Eset your only option is to pay full price at the company’s own website. That works out to £32 to protect a single PC for one year: is the software really good enough to warrant the outlay?</p><h2 id="eset-internet-security-review-features-2">Eset Internet Security review: Features</h2><p>Eset Internet Security goes well beyond the basics of virus protection. As well as scanning local files, it blocks dodgy websites and links and, if you’re running a local email program like Outlook or Thunderbird, it will also scan for <a href="https://www.itpro.com/security/phishing/358767/high-risk-email-security-threats-increased-by-32-last-year" data-original-url="https://www.itpro.com/security/phishing/358767/high-risk-email-security-threats-increased-by-32-last-year">infected attachments, phishing links and spam</a>.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/endpoint-security/356467/kaspersky-endpoint-security-cloud-review-merciless-against" data-original-url="/security/endpoint-security/356467/kaspersky-endpoint-security-cloud-review-merciless-against">Kaspersky Endpoint Security Cloud review: Merciless against malware</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/357510/the-it-pro-podcast-how-hackers-steal-your-password" data-original-url="/security/cyber-security/357510/the-it-pro-podcast-how-hackers-steal-your-password">The IT Pro Podcast: How hackers steal your password</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution" data-original-url="/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution">Avast Antivirus Free review: Our favourite free solution</a></p></div></div><p>There’s a clever secure browsing mode, too, which provides extra peace of mind when you’re shopping or banking online: specific sites can be set to automatically open in a new secure window, with additional protection against keyloggers and the like. It’s up to you whether you let extensions like password managers run in secure windows.</p><p>Another noteworthy feature is Eset’s Connected Home scanner, which probes your network and flags up any router vulnerabilities discovered, as well as alerting you whenever a new client connects. Most of the time this will be because you’ve bought a new phone, or <a href="https://www.itpro.com/network-internet/wifi-hotspots/358230/how-to-share-a-wi-fi-connection-securely" data-original-url="https://www.itpro.com/network-internet/wifi-hotspots/358230/how-to-share-a-wi-fi-connection-securely">shared your Wi-Fi password with a friend</a> but it could be invaluable if an intruder does manage to sneak onto your network.</p><p>Unusually, Eset extends Windows’ built-in theft protections, adding the ability to capture camera pictures and screenshots from a stolen laptop, as well as simply locking and locating it. </p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="p7zC5ktHmraxhJhRFnHfbi" name="" alt="A screenshot of Eset Internet Security's connected home management panel" src="https://cdn.mos.cms.futurecdn.net/p7zC5ktHmraxhJhRFnHfbi.jpg" mos="https://cdn.mos.cms.futurecdn.net/p7zC5ktHmraxhJhRFnHfbi.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><h2 id="eset-internet-security-review-protection-2">Eset Internet Security review: Protection </h2><p>In the first half of 2021, Eset Internet Security was included in independent reports by both <a href="https://www.av-comparatives.org">AV-Comparatives.org</a> and <a href="https://av-test.org">AV-Test.org</a>. Across both labs’ tests it came away with an average protection rating of 99.8%. Some other suites scored a flawless 100%, including <a href="https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price" data-original-url="https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price">Bitdefender</a>, Kaspersky and Norton but Eset was close enough to perfection that we’re not inclined to quibble.</p><p>What’s more, none of those big names was able to match Eset’s perfect record for false positives: it sailed through extensive testing without wrongly flagging a single innocent item. Only F-Secure SAFE was able to equal that claim. It’s a strong confirmation of Eset’s excellent malware-detecting capabilities.</p><h2 id="eset-internet-security-review-user-interface-2">Eset Internet Security review: User interface</h2><p>We’re not fans of the creepy robot that welcomes you to the software, and frankly we find the Eset interface unnecessarily cumbersome to get around. Its features are split across six main pages in an arrangement that doesn’t seem particularly logical or intuitive.</p><p>Still, the technically minded will forgive that in exchange for hands-on controls such as the network protection troubleshooter, which lets you check up on what connections have been blocked and why, allowing you to unblock any items you think have been wrongly flagged – something that’s harder or impossible in most other suites.</p><p>It’s also hard to complain about Eset’s impact on your system. The two testing labs measured an average performance hit of just 7.8% with the software installed. That’s well below the 12.5% caused by Windows’ built-in security tools – indeed, it makes Eset one of the fastest security suites around.</p><h2 id="eset-internet-security-review-verdict-2">Eset Internet Security review: Verdict</h2><p>Eset Internet Security has a lot going for it. It’s an effective antivirus solution with impeccable accuracy and strong performance and it partners that core capability with a well-conceived set of additional features.</p><p>We’ve just one reservation, and that’s the price. £32 a year won’t break the bank but it’s hardly competitive for a licence that only covers one PC. For comparison, Norton costs a third as much for single-device protection, and BullGuard will cover five PCs for half the cost. Regrettably, that makes Eset Internet Security hard to recommend.</p><p>G Data’s dark red trim gives it the air of an emergency service, and the interface provides a sober, functional overview of your protection. The first two pages in particular are a hit: it only takes two clicks to check your system status, carry out various types of scan or create a bootable rescue disk.</p><p>The third page is for G Data’s proprietary, fully customisable firewall. Would-be sysadmins will appreciate the freedom this gives you to create your own security rules, but it’s fiddly to work with because the necessary controls are spread across three tabs in the main interface and then four more panes in the Settings window. </p><p>Next up is what’s advertised as a “cloud backup” feature – but you have to provide the storage yourself, in the form of either a Dropbox or Google Drive account. Doing so might protect your files from ransomware, but there are plenty of free backup tools that can do the same job, and most will go a lot further, with support for multiple backup sets and local destinations.</p><p>We’re not blown away by G Data’s parental controls, either. These offer simple web filtering and time limits for local Windows users, but if you want to extend protection to an Android device you’ll need to shell out £12.95 for a separate app. Lastly, perhaps the least useful bit of G Data Internet Security is the Autostart Manager. This shows you all the processes set to run at startup, but gives no hint as to whether they’re trustworthy or not. Wasn’t this supposed to be a security suite?</p><p>G Data doesn’t even inspire at the crucial task of stopping malware. It combines a home-grown scanner with one licensed from the much better-appointed Bitdefender suite, which you’d think would give you the best of both worlds – but Bitdefender’s effectiveness clearly isn’t down to its engine alone, as G Data’s two-pronged approach earned it only a 99.6% protection rating, which is no better than the free options.</p><p>AV-Test also rated G Data Internet Security one of the slowest security suites around, noting a performance drop-off of around 12% when visiting popular websites and launching applications, along with a steep 29% hit when installing new software. We could live with that if we had to, but there’s no reason to pay more than £40 a year for it – not when our top-rated packages offer broader, slicker protection at lower prices.</p><p>Panda Free Antivirus doesn’t bundle in a custom browser, parental controls or anything fancy like that. The focus is squarely on the important job of malware detection – and, as you would hope, it does it rather well, achieving a 99.6% protection rate in AV-Comparatives’ most recent report. That lab did find that the software also flagged up 12 false positives, which might confound less experienced users, but that’s way ahead of Windows Defender, and even beats some paid-for contenders.</p><p>A few secondary tools are included as well. The Rescue Kit lets you create a bootable flash drive for disinfecting compromised systems, while the Process Monitor works like a simple manual firewall: you can view all running processes, or only those accessing the internet, inspect their connections, view a risk rating assigned by Panda and optionally block any items you deem dodgy.</p><p>The package is rounded off by a basic VPN with servers in 23 countries, including the US, Russia and Brazil. Free users get 150MB of traffic a day – obviously this won’t get you very far on Netflix, but it might suffice if you simply need to check a secure server from time to time. If you want to move up to unlimited data, prices start at a steep £10 on a monthly contract, but then fall to a much more reasonable £2.16 a month if you sign up for three years.</p><p>One grey mark against Panda Free Antivirus is that, by default, it installs a browser plugin called Smart Shopping, which highlights online deals while you’re surfing. It’s easy to remove this – or if you’re sharp-eyed you can untick the box during the installation process – but the very idea of sneaking an extension into your browser feels inappropriate from a security provider.</p><p>The software also pops up occasional adverts to let you know what splendid value Panda’s paid-for security products are – but we’re happy to report that these can easily be silenced by unflicking a switch in the settings.</p><p>Lastly, note that Panda isn’t the fastest security tool out there, receiving a not-quite-stellar 92.2% performance rating from AV-Comparatives. Once again, though, it’s comfortably ahead of Windows Defender, so if you’re looking for a straightforward virus scanner that won’t nag you or fill your computer with unwanted bloat, Panda makes a very tempting option.</p><p>Trend Micro is a well-known name in the world of antivirus and cyber security, and for good reason - it’s historically been a well-rounded and capable solution offering robust protection.</p><p>That’s partly why it’s so surprising to find that, according to statistics from <a href="https://www.av-comparatives.org">AV-Comparatives.org</a> and <a href="https://www.av-test.org">AV-Test.org</a>, Trend Micro Internet Security’s overall protection rating of 99.5% falls behind most competitors, including <a href="https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price" data-original-url="https://www.itpro.com/security/360491/bitdefender-internet-security-review-a-solid-suite-at-a-fair-price">Bitdefender</a> and <a href="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution" data-original-url="https://www.itpro.com/security/antivirus/360476/avast-antivirus-free-review-our-favourite-free-solution">Avast Antivirus Free</a>. </p><p>That shouldn’t necessarily rule it out of contention, though, as the functional difference in effectiveness between this and our winners is very small indeed. Sadly, that’s not the only way in which Trend Micro proved slightly off the pace in recent tests. </p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/360234/avast-and-norton-in-talks-over-multi-billion-dollar-merger" data-original-url="/security/cyber-security/360234/avast-and-norton-in-talks-over-multi-billion-dollar-merger">Avast and Norton in talks over multi-billion dollar merger</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/business-strategy/smb/360467/it-pro-2020-the-weak-link-in-cyber-security" data-original-url="/business-strategy/smb/360467/it-pro-2020-the-weak-link-in-cyber-security">IT Pro 20/20: The weak link in cyber security</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/desktop-software/26635/how-to-turn-on-windows-defender" data-original-url="/desktop-software/26635/how-to-turn-on-windows-defender">How to turn on Windows Defender</a></p></div></div><p>It registered three false positives in AV-Comparatives’ tests, and a further three for AV-Test, putting it near the bottom of the table for accuracy. And while the scanner raced through our hard disk in a brisk 41 seconds, the suite had a notable overall impact on everyday computer use.</p><p>Aside from real-time malware scanning, Trend Micro includes some distinctive extra features. Dedicated social media modules can audit your privacy settings on Facebook, LinkedIn and Twitter to make sure you’re not inadvertently over-sharing, while the browser plugin can insert risk ratings alongside links on those platforms.</p><p>There’s also a thoughtful “Mute mode”, which silences all but critical notifications and optionally suspends Windows Update to keep disruption to a minimum. Mute mode engages automatically when you’re running an app in full-screen mode, or you can turn it on manually for a preset period; sadly, you can’t tell the suite to activate Mute mode whenever specific windows applications are in the foreground. </p><p>Other features include Pay Guard, which automatically shunts your web session into a secure browser when you log onto a banking site or visit other sensitive pages, and Trend Micro’s anti-ransomware Folder Shield – basically a more user-friendly alternative to Windows’ built-in Controlled Folder Access. A parental control module is included too; this lets you set up time limits, web filtering and application control features, but these only apply to individual Windows accounts on the local machine.</p><p>It’s a fair set of features, and it’s all laid out in a clear interface. As we’ve noted, though, its recent statistics aren’t on par with the competition, and its price makes it one of the most expensive options. All this means it’s unlikely to top anyone’s shortlist.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Avast Business Patch Management review: Don’t give up the day job just yet ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/software/34583/avast-business-patch-management-review-don-t-give-up-the-day-job-just-yet</link>
                                                                            <description>
                            <![CDATA[ Good Windows patch management services but a work in progress ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">ceb4c6obh12ZEwkbixWKMz</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/7WFgkuERhYMBxf7i4MP8JR-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 08 Oct 2019 09:57:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Dave Mitchell ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/7WFgkuERhYMBxf7i4MP8JR-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/7WFgkuERhYMBxf7i4MP8JR-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Regular patch deployment is one of those things that we all know we should do, but the hassle of patch management can often mean we don't do it as regularly as we could. Patch management is often a struggle for businesses faced with a seemingly never-ending stream of updates, both for <a href="https://www.itpro.com/microsoft-windows/33898/8-killer-new-windows-10-features-for-2019" target="_blank" data-original-url="https://www.itpro.com/microsoft-windows/33898/8-killer-new-windows-10-features-for-2019">Microsoft's Windows software</a> and for sundry other business applications.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/34257/it-pro-panel-why-is-patch-management-so-difficult" data-original-url="/security/34257/it-pro-panel-why-is-patch-management-so-difficult">IT Pro Panel: Why is patch management so difficult?</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/antivirus/33115/avast-free-antivirus-review-capable-but-annoying" data-original-url="/antivirus/33115/avast-free-antivirus-review-capable-but-annoying">Avast Free Antivirus review: Capable but annoying</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/27713/the-importance-and-benefits-of-effective-patch-management" data-original-url="/security/27713/the-importance-and-benefits-of-effective-patch-management">Patch management vs vulnerability management</a></p></div></div><p>Avast comes to the rescue; its Business Patch Management (BPM) solution aims to provide centralised cloud management of patches for Windows endpoints from a single web console. Not only does it manage all Windows systems, but it supports over a thousand third-party apps, allowing you to ditch all your disparate update processes and bring them under one roof.</p><p>BPM lets you decide when to scan for updates and set schedules to determine the time they should be deployed so you can minimise their impact on business operations. Updates can be reviewed, you can use settings templates to control how endpoints are restarted, and even choose to ignore specific ones.</p><h2 id="avast-business-patch-management-review-deployment">Avast Business Patch Management review: Deployment</h2><p>The first thing you need to be aware of is that BPM is an add-on enhancement to Avast's Business Antivirus, so you can't currently use it separately and will have to purchase an Antivirus subscription in addition to a BPM plan. We raised this with Avast and it advised us it is in the process of splitting the two products apart as a future feature.</p><p>Before using BPM, you'll need to configure your Windows systems to stop automatic updates and Avast provides help on its support site showing various methods, including using Group Policy Object (GPO). Hardly elegant, but Avast also told us it will be implementing a feature in the console that allows automatic updates to be remotely disabled on systems with the Avast software installed.</p><p>Deployment is a swift process; you can simply create a custom installer utility from the console and send it to your endpoints. Delivery methods include copying it to endpoints and installing it manually, emailing a download link to users or linking up with Active Directory and using a master agent to automate the process.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="HxGAfRWo6qXw4EbEhPkzZ4" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/HxGAfRWo6qXw4EbEhPkzZ4.png" mos="https://cdn.mos.cms.futurecdn.net/HxGAfRWo6qXw4EbEhPkzZ4.png" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Advanced installer options allow it to be customized further for Windows workstations and <a href="https://www.itpro.com/server-storage/31942/how-to-choose-the-perfect-1u-rack-server" target="_blank" data-original-url="https://www.itpro.com/server-storage/31942/how-to-choose-the-perfect-1u-rack-server">servers</a>. Endpoints can be placed in different groups, each with their own settings template that determines what AV components to install (there are a lot) plus patch management scan and deployment schedules.</p><h2 id="avast-business-patch-management-review-product-evolution">Avast Business Patch Management review: Product evolution</h2><p>We've been testing BPM in the lab for three months and initially found an alarming number of issues that were cause for concern. These included patches being scheduled but never deployed, endpoint reboot tasks constantly being created, some third-party apps failing to update and the original dashboard patch status widgets being very uninformative.</p><p>During this time, we've been in regular contact with Avast's development team, although we're unsure whether regular customers would have received the same level of support. That said, rather than being ignored, we've seen many of our criticisms being resolved and our suggestions being implemented.</p><p>The patch management dashboard widgets have been improved so the device summary provides hot links for pulling up quick views of vulnerable systems and those in danger. Rather than presenting a static status table, the patch summary widget now has direct links to systems with issues and the task list can be updated at will with a filter for sorting them into chronological order.</p><p>Most third-party apps installed on our test systems were updated successfully and included the latest Office and Adobe apps plus all popular web browsers - Avast provides a downloadable list which currently shows more than 1,200 supported apps. Some less common apps such as the FileZilla 4 FTP client had to be updated manually and Java updates aren't currently supported, due to Oracle changing its Java patch download processes.</p><p>We highlighted the latter to Avast which plans to add a console link that will allow Java patches to be manually uploaded for distribution by BPM. Despite these glitches, BPM's support for the majority of common business apps will make it easier to manage their updates from one console.</p><h2 id="avast-business-patch-management-review-management-console">Avast Business Patch Management review: Management console</h2><p>Avast's cloud console is very informative; the dashboard provides an overview of protected systems with an unmissable banner across the top that alerts you when systems are deemed vulnerable or in danger. The interactive patch widgets keep you posted on endpoint update status while below are two charts that focus on installed AV components and detected malware threats.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="vxzwygrCSHUd3neGF2YRd6" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/vxzwygrCSHUd3neGF2YRd6.png" mos="https://cdn.mos.cms.futurecdn.net/vxzwygrCSHUd3neGF2YRd6.png" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Notifications are posted in date order and, where relevant, will have a link alongside that takes you straight to the affected system for a closer look. The device list can be filtered to show those with patch-related issues and endpoints have colour-coded icons for easy status identification.</p><p>The Device Settings page is where you create templates to control BPM agent behaviour. You can choose daily, weekly or monthly patch scan schedules, opt to deploy them immediately or at a specific time, control how and when endpoints are restarted and permit users to postpone or cancel the reboot.</p><p>You can view patch deployment status and apply filters to fine-tune the information while a drop-down menu for each patch allows you to force deployment, ignore it or roll it back on a specific endpoint. Avast provides a set of graphical reports so you can check on patch deployments, see systems that have failed tasks or missing patches and check on patched applications.</p><h2 id="avast-business-patch-management-review-verdict">Avast Business Patch Management review: Verdict</h2><p>Avast's Business Patch Management is clearly a work in progress although the number of updates pushed out during our test period shows plenty of commitment. At its foundation, BPM's centralized cloud console and myriad deployment controls look capable of bringing order to Windows patch-related chaos and its support for third-party app updates makes it more versatile than classic products such as Microsoft's WSUS (Windows Server Update Services).</p><p>However, it isn't a smart move tying BPM in with Avast's <a href="https://www.itpro.com/malware/28153/whats-the-difference-between-antimalware-and-antivirus" target="_blank" data-original-url="https://www.itpro.com/malware/28153/whats-the-difference-between-antimalware-and-antivirus">antivirus</a> products as this could easily double acquisition costs. Businesses that like the look of BPM but already have a preferred AV vendor other than Avast will need to wait until it is available as a standalone product.</p><h2 id="verdict">Verdict</h2><p>Despite myriad hiccups, Avast takes the pain out of desktop patch management - although it’ll be much better value when it’s a standalone solution</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ What is WannaCry?  ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/wannacry/34352/what-is-wannacry</link>
                                                                            <description>
                            <![CDATA[ The full story behind one of the worst ransomware outbreaks in history ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">uG2fGQ68NLW8nvTwwRA7iU</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/gP3dFYNfVq4PFcHmJivKUZ-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 09 Sep 2019 09:02:00 +0000</pubDate>                                                                                                                                <updated>Thu, 04 Feb 2021 16:23:00 +0000</updated>
                                                                                                                                            <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Adam Shepherd ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/3n2BoLAtRj8Z5eRfxtwyK8.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/gP3dFYNfVq4PFcHmJivKUZ-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                        <media:description><![CDATA[The NHS was one of the largest victims of the attack]]></media:description>                                                            <media:text><![CDATA[Somebody sitting at their desk in front of various devices that have been locked by WannaCry]]></media:text>
                                <media:title type="plain"><![CDATA[Somebody sitting at their desk in front of various devices that have been locked by WannaCry]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/gP3dFYNfVq4PFcHmJivKUZ-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>‘WannaCry’ is a term that’s likely to instil fear into IT departments across the country, even several years after the devastating effects of this devilish cyber threat. Although it’s been almost four years since the <a href="https://www.itpro.com/security/28084/what-is-ransomware" data-original-url="https://www.itpro.com/security/28084/what-is-ransomware">ransomware</a> first hit organisations in this country, we still look to WannaCry as an example of a real-life worst-case scenario.</p><p>The ransomware strain first rose to prominence in May 2017 when it began spreading between devices globally - seizing control of servers and files and demanding the payment of Bitcoin in exchange for their return.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/355041/critical-nhs-cyber-security-checks-suspended-due-to-coronavirus" data-original-url="/security/cyber-security/355041/critical-nhs-cyber-security-checks-suspended-due-to-coronavirus">Critical NHS cyber security checks suspended due to coronavirus response</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/wannacry/34751/spanish-ryuk-ransomware-attack-hints-at-new-wannacry" data-original-url="/wannacry/34751/spanish-ryuk-ransomware-attack-hints-at-new-wannacry">Spanish Ryuk ransomware attack hints at new WannaCry</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/33953/nhs-must-spend-now-to-prevent-devastation-of-wannacry-20" data-original-url="/security/33953/nhs-must-spend-now-to-prevent-devastation-of-wannacry-20">NHS must spend now to prevent devastation of ‘WannaCry 2.0’</a></p></div></div><p>This crypto-ransomware exploited a vulnerability in the Windows operating system using a tool called EternalBlue, supposedly developed by the US National Security Agency (NSA). While Microsoft had already launched a fix two months previously, many organisations that ran legacy versions of Windows, including Windows XP and <a href="https://www.itpro.com/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7" target="_blank" data-original-url="https://www.itpro.com/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7">Windows 7</a>, were still vulnerable. </p><p>Arguably, WannaCry’s largest victim was the National Health Service (NHS), with the ransomware strain disrupting the operations of roughly a third of Trusts. The attack resulted in roughly 19,000 cancelled appointments, and a bill for approximately £92 million.</p><p>Although the WannaCry outbreak was devastating, it didn’t last too long and was ended only a few days after it was found to have disrupted computer systems. Regardless, WannaCry represented a successful test case for the viability of ransomware as an effective method of cyber attack, with <a href="https://www.itpro.com/security/ransomware/356567/1212-million-ransomware-attacks-in-the-first-half-of-2020" data-original-url="https://www.itpro.com/security/ransomware/356567/1212-million-ransomware-attacks-in-the-first-half-of-2020">strings of cyber gangs pivoting towards it</a>.</p><h3 class="article-body__section" id="section-who-was-affected-by-wannacry"><span>Who was affected by WannaCry?</span></h3><p>WannaCry <a href="https://www.itpro.com/security/28648/nhs-ransomware-attack" target="_blank" data-original-url="https://www.itpro.com/security/28648/nhs-ransomware-attack">made headlines after hitting multiple NHS organisations</a> across the country in May 2017. Systems across 16 NHS sites, including a third of hospital trusts and 5% of GP practices, were crippled by a sudden inability to access core functions, leading to severe delays and the cancellation of some 19,000 appointments.</p><p>Despite initial reports, the ransomware infections were not part of a larger coordinated attack against the NHS, as had been feared. In fact, it's believed that the NHS was simply caught in the crossfire of a particularly virulent strain of malware that targetted older systems.</p><p>Within hours of the first detection, there were reports of WannaCry infections in at least 11 countries. The malware would ultimately infect more than 200,000 systems across 150 countries, all within 24 hours. Some of the more high profile victims included Telefonica, FedEx, Deutsche Bahn.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="WXZgQTSHenuJb2Usx8kKB8" name="" alt="The NHS website as seen on an internet browser" src="https://cdn.mos.cms.futurecdn.net/WXZgQTSHenuJb2Usx8kKB8.jpg" mos="https://cdn.mos.cms.futurecdn.net/WXZgQTSHenuJb2Usx8kKB8.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div><figcaption itemprop="caption description" class="pull-"><span class="caption-text">The NHS was one of the largest victims of the attack </span><span class="credit" itemprop="copyrightHolder">(Image credit: Shutterstock)</span></figcaption></figure><p>WannaCry is said to have caused <a href="https://www.symantec.com/blogs/feature-stories/wannacry-lessons-learned-1-year-later" target="_blank">an estimated $4 billion in losses</a>, including <a href="https://www.itpro.com/wannacry/32103/wannacry-cost-the-nhs-92-million-report-estimates" target="_blank" data-original-url="https://www.itpro.com/wannacry/32103/wannacry-cost-the-nhs-92-million-report-estimates">£92 million</a> for the NHS.</p><p>It was believed at the time that the worst hit organisations were those that relied on older versions of the Windows operating system, namely Windows XP. However, post-event analysis by Kaspersky revealed that the vast majority of infections (98%) were found on machines running Windows 7, an operating system that was still receiving extended security support from Microsoft at the time, with Windows XP infections making up just 0.1%.</p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr"><a href="https://twitter.com/cantworkitout/status/865562842149392384"></a></p></blockquote><div class="see-more__filter"></div></div><p>Victims were urged not to pay the ransom demanded, and by the time WannaCry had stopped spreading, just 327 payments had been made to the hardcoded bitcoin wallet addresses associated with the malware. The total amount paid <a href="https://www.bbc.co.uk/news/technology-40811972" target="_blank">was around $140,000</a> when it was withdrawn from the wallets in August 2017.</p><p>It's believed that WannaCry had the potential to cause catastrophic damage had it been deliberately targetted against critical infrastructure, such as utility companies or the National Grid.</p><h3 class="article-body__section" id="section-what-vulnerabilities-did-wannacry-exploit"><span>What vulnerabilities did WannaCry exploit?</span></h3><p>Like all ransomware, WannaCry worked by gaining access to the target's computer, encrypting the contents of its hard drives and then extorting money from the victim in exchange for the decryption key. What made WannaCry unique was the way it spread.</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="uZXV3vAfY2MsMRm4tSjJfE" name="uZXV3vAfY2MsMRm4tSjJfE.png" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/uZXV3vAfY2MsMRm4tSjJfE.png" mos="https://cdn.mos.cms.futurecdn.net/uZXV3vAfY2MsMRm4tSjJfE.png" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>The business guide to ransomware</strong></p><p class="fancy-box__body-text">Everything you need to know to keep your company afloat</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/ransomware/357745/the-business-guide-to-ransomware" data-original-url="/security/ransomware/357745/the-business-guide-to-ransomware">FREE DOWNLOAD</a></p></div></div><p>The WannaCry package was comprised of two parts: the ransomware portion, which encrypted the target machine and threw up the ransom instructions, and a component which allowed it to quickly propagate throughout networks. It was this latter element which made it so devastating.</p><p>Based on a flaw in the Server Message Block (SMB) protocol of various versions of Windows, it scanned the local network that a machine was connected to, found other devices (including printers and other peripherals as well as PCs) with exposed SMB network ports, and then used specially-crafted packets to initiate a transfer and drop the payload on the new machine, whereupon the process would start all over again.</p><p>This process was based on an exploit known as '<a href="https://www.itpro.com/security/33716/us-security-agency-linked-to-baltimore-hack" target="_blank" data-original-url="https://www.itpro.com/security/33716/us-security-agency-linked-to-baltimore-hack">EternalBlue</a>', released by <a href="https://www.itpro.com/security/33581/chinese-hackers-used-stolen-nsa-tools-a-year-before-they-were-leaked-by-the-shadow" target="_blank" data-original-url="https://www.itpro.com/security/33581/chinese-hackers-used-stolen-nsa-tools-a-year-before-they-were-leaked-by-the-shadow">the Shadow Brokers</a> hacking group. This mysterious collective of hackers dumped a number of dangerous exploits for vulnerabilities in major systems (widely thought to have been created by the NSA) onto the public web, allowing the authors of WannaCry to incorporate it into their ransomware in order to make it wormable. WannaCry also used DOUBLEPULSAR, a backdoor injection tool that was also included in the Shadow Brokers' leaks, to aid in its spread.</p><p>The EternalBlue exploit that facilitated WannaCry's spread had actually been patched by Microsoft some months earlier, but widespread failure to apply the patch in a timely manner meant that victims were left at risk. Shortly following the outbreak, Microsoft also took the unusual step of releasing an emergency patch for affected operating systems that had already reached their end-of-life date.</p><h3 class="article-body__section" id="section-who-was-behind-wannacry"><span>Who was behind WannaCry?</span></h3><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="KZdka2h8CXxj3KKFA5JeQU" name="" alt="Abstract image showing a cyber criminal silhouetted against a North Korean flag" src="https://cdn.mos.cms.futurecdn.net/KZdka2h8CXxj3KKFA5JeQU.jpg" mos="https://cdn.mos.cms.futurecdn.net/KZdka2h8CXxj3KKFA5JeQU.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div><figcaption itemprop="caption description" class="pull-"><span class="caption-text">Evidence suggests WannaCry was spearheaded by the North Korean-linked Lazarus Group </span><span class="credit" itemprop="copyrightHolder">(Image credit: Shutterstock)</span></figcaption></figure><p>Attributing cyber attacks to specific individuals, groups or nation-states is always difficult; it's an inexact science at best, and made all the more difficult by malware authors planting false flags to throw investigators off the scent. However, the general consensus among the security and intelligence community is that North Korean hackers were most likely to be behind WannaCry, probably working on behalf of the government.</p><p>This assessment is lent credence by the fact that metadata within the ransomware files indicated the author's computer was set to a Korean timezone, while it has been noted by both Symantec and Kaspersky that the code bears strong similarities to code used by the Lazarus Group. This group orchestrated the hack on Sony Pictures in 2014, and has also been <a href="https://www.itpro.com/security/33609/fbi-thwarts-lazarus-linked-north-korean-surveillance-malware" target="_blank" data-original-url="https://www.itpro.com/security/33609/fbi-thwarts-lazarus-linked-north-korean-surveillance-malware">linked to the North Korean state</a>.</p><p>The US government <a href="https://www.itpro.com/wannacry/31857/us-charges-north-korean-hacker-with-wannacry-and-sony-hack" target="_blank" data-original-url="https://www.itpro.com/wannacry/31857/us-charges-north-korean-hacker-with-wannacry-and-sony-hack">formally blamed North Korea for the attack</a> in September 2018 - a charge that various G20 allies, including the UK, have since echoed. North Korean authorities have always denied the allegations.</p><h3 class="article-body__section" id="section-how-was-wannacry-stopped"><span>How was WannaCry stopped?</span></h3><p>The spread of WannaCry was successfully halted less than a week after its initial emergence, thanks to the combined efforts of security researchers around the world. However, the biggest blow against the malware happened virtually by accident.</p><p>A security researcher going by the handle MalwareTech (later revealed to be British citizen Marcus Hutchins) found a URL hardcoded into the malware, which the malware would query prior to releasing its payload and encrypting the target machine.</p><p>After registering the domain, he discovered that this URL was effectively acting as a kill-switch; if the malware queried the domain and didn't find anything, it would drop the payload, but if it received a response, then it didn't trigger. Some initially suggested that this was included as a deliberate kill-switch, allowing the malware's creators to pull the plug if they needed to, but <a href="https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html" target="_blank">Hutchins does not agree</a>.</p><p>Some <a href="https://www.itpro.com/security/33715/windows-10-security-focused-sandbox-broken-and-left-without-a-fix-for-a-month" target="_blank" data-original-url="https://www.itpro.com/security/33715/windows-10-security-focused-sandbox-broken-and-left-without-a-fix-for-a-month">sandbox environments</a>, which researchers use to analyse malware without risk of infecting their machine, will simulate a correct response for any URL lookup. Hutchins believes that the inclusion of a URL check is an attempt to stop it triggering in sandbox environments, making it harder for researchers to analyse and combat. The effect, however, was the same: once the domain had been registered, any new WannaCry infections would not initiate the encryption of the victim, effectively killing off its ability to spread further.</p><p>The hackers behind WannaCry attempted to launch new variants with different hard-coded domains, but they were quickly caught and registered. They also tried to knock Hutchins original domain offline via a <a href="https://www.itpro.com/security/33260/devastating-mirai-variant-is-back-on-the-hunt-for-businesses-to-infect" target="_blank" data-original-url="https://www.itpro.com/security/33260/devastating-mirai-variant-is-back-on-the-hunt-for-businesses-to-infect">Mirai-powered</a> DDoS attack, but were ultimately unsuccessful. The domain is currently being maintained by Kryptos Logic, Hutchins' employer.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ What are Meltdown and Spectre and are you affected? ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected</link>
                                                                            <description>
                            <![CDATA[ A guide to the CPU security flaws and their flawed patches ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">i2McWSqHu84hBLy9V98pfZ</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/9Bss8qq5LJRXjjvGCDdm3f-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 29 Aug 2019 14:30:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Keumars Afifi-Sabet ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/EAvwpZggMZ2K5h8s2pTAEm.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/9Bss8qq5LJRXjjvGCDdm3f-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/9Bss8qq5LJRXjjvGCDdm3f-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Over the last 20 years, there have been a number of big security threats to worry about, from <a href="https://www.itpro.com/security/22101/heartbleed-bug-everything-you-need-to-know" target="_blank" data-original-url="https://www.itpro.com/security/22101/heartbleed-bug-everything-you-need-to-know">Heartbleed</a> to the <a href="https://www.itpro.com/hacking/27449/was-mirai-malware-behind-dyn-ddos-attack" target="_blank" data-original-url="https://www.itpro.com/hacking/27449/was-mirai-malware-behind-dyn-ddos-attack">Mirai botnet</a>. The last two years have proved to be no different. Indeed, within just a week of the New Year in 2018, <a href="https://www.itpro.com/security/30223/meltdown-and-spectre" data-original-url="https://www.itpro.com/security/30223/meltdown-and-spectre">we learned of a serious design flaw</a> present in most processor chips made in the last two decades. </p><p>Worryingly, it was reported by experts in cyber security that this could be exploited using techniques known as Spectre and Meltdown, leaving devices vulnerable to hackers, and requiring an operating system patch in order to fix it.</p><p>A lot of water has passed under the bridge in the meantime, so for anyone needing to catch up, here's a complete guide to the whole fiasco.</p><h3 class="article-body__section" id="section-the-design-flaw"><span>The design flaw</span></h3><p>The security vulnerability is a consequence of a design defect that was first found present in all Intel chips produced in the last 20 years (effectively every processor since 1995 except Intel Itanium and Intel Atom before 2013).</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/exploits/30350/linus-torvalds-blasts-intels-meltdownspectre-patch-as-pure-garbage" data-original-url="/exploits/30350/linus-torvalds-blasts-intels-meltdownspectre-patch-as-pure-garbage">Linus Torvalds blasts Intel's Meltdown/Spectre patch as "pure garbage"</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/30223/meltdown-and-spectre" data-original-url="/security/30223/meltdown-and-spectre">Meltdown and Spectre: Samsung Galaxy S7 vulnerable to Meltdown hack</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/exploits/30245/intel-faces-32-lawsuits-over-the-meltdown-and-spectre-flaws" data-original-url="/exploits/30245/intel-faces-32-lawsuits-over-the-meltdown-and-spectre-flaws">Intel faces 32 lawsuits over the Meltdown and Spectre flaws</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/33031/spectre-vulnerabilities-cannot-be-mitigated-by-software-alone" data-original-url="/security/33031/spectre-vulnerabilities-cannot-be-mitigated-by-software-alone">Spectre vulnerabilities cannot be mitigated by software alone</a></p></div></div><p>This flaw basically enables normal user programs, such as database applications and JavaScript in web browsers, to identify some of the layout or contents of protected kernel memory areas of the vulnerable chips.</p><p>The kernel on a computer chip moves data around a chip's various sections of memory in response to what command a user is carrying out. By exploiting the kernel in different ways, Meltdown and Spectre have the potential to allow intruders to get access to data previously thought completely protected.</p><h3 class="article-body__section" id="section-what-exactly-are-meltdown-and-spectre"><span>What exactly are Meltdown and Spectre?</span></h3><p>Spectre and Meltdown are the names given to the diverse variants of this same vulnerability. Both include malicious code gaining access to data that is normally protected by the kernel.</p><p>Meltdown is so-called as it has the ability to "melt" the restrictions usually set in place at a chip's hardware level that should, in theory at least, protect sectors of the memory. In side-stepping these defences, Meltdown permits attackers or malware to access and pry on data they shouldn't be able to.</p><p>Spectre, on the other hand, gets its name from a procedure known as "speculative execution" that is supposed to help computers carry out actions in a non-linear fashion, improving the speed of execution.</p><p>For instance, if the program a user is running follows an 'if X, then Y' rule, then if a user chooses to perform X, the chip must then work on carrying out Y. A chip performing speculative execution would start carrying out Y before the user chooses to perform X, to get a headstart on computation. Doing so leaks data that should stay private.</p><p>A Spectre attack needs more knowledge of the victim program's inner workings, and doesn't permit access to other programs' data, but will also work on just about any computer processor out there.</p><p>The <a href="https://spectreattack.com">official Spectre website</a> (yes, there is one) s<a href="https://spectreattack.com">tates that while Spectre is more difficult to exploit than Meltdown, it is also harder to mitigate. It breaks the isolation between different applications and allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. However, it is possible to prevent specific known exploits based on Spectre through software patches.</a></p><h3 class="article-body__section" id="section-which-systems-are-affected"><span>Which systems are affected?</span></h3><p>It depends on the attack you're looking at. Meltdown mostly affects Intel processors and at the moment, it is unclear whether AMD processors are also affected. ARM says some of its processors are also affected.</p><p>Spectre is much more widespread, however. Almost every system is affected by Spectre, including desktops, laptops, cloud servers, and even smartphones. More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable, that means all popular operating systems, including <a href="http://www.channelpro.co.uk/advice/9240/windows-vs-linux-vs-mac-the-channel-comparison" target="_blank">Windows, Linux, and macOS</a> are affected.</p><h3 class="article-body__section" id="section-am-i-affected"><span>Am I affected?</span></h3><p>Pretty much all chips from all major manufacturers created in the last 20 years are affected by Spectre or Meltdown, or both.</p><p>Although Intel was the first to be identified and the first to acknowledge the problem both in private and in public ARM and AMD CPUs are also affected.</p><p>All three have issued patches for their components (more information on that below), typically consisting of microcode mitigations. Some of these have been more successful than others and Intel took a number of attempts to issue ones that didn't cause major problems such as causing computers to repeatedly reboot or run extremely slowly.</p><p>Consequently, if you're running a computer or servers bought more recently than 1995 and haven't installed the patches issued by the chip manufacturers, your system(s) are almost certainly affected.</p><h3 class="article-body__section" id="section-patching-problems"><span>Patching problems</span></h3><p>In the race to patch the vulnerabilities when they became known at the start of 2018, vendors issued updates that created many issues for users.</p><p>Shortly after publishing a fix in January, Microsoft removed the update after a number of AMD-powered PCs failed to boot following the installation of the security patch.</p><p>The issue was brought to Microsoft's attention on its customer support blog, with users saying their devices stopped loading the Start menu or taskbar after installing updates pushed to their devices on the 3 and 9 January. It seems computers running Windows 10, Windows 8.1 and Windows 7 were all affected, with some of the machines dating back 10 years.</p><p>Intel had a much bigger issue after releasing its CPU bug fixes, however.</p><p>After discovering that <a href="https://www.itpro.com/security/30316/intels-meltdown-and-spectre-patches-cause-reboots-and-hurt-performance" target="_blank" data-original-url="https://www.itpro.com/security/30316/intels-meltdown-and-spectre-patches-cause-reboots-and-hurt-performance">the Spectre patches impact performance</a> by up to 25% on data centre chips, and 3% to 4% on other systems, the chip giant backtracked and decided to <a href="https://www.itpro.com/security/30223/meltdown-and-spectre" target="_blank" data-original-url="https://www.itpro.com/security/30223/meltdown-and-spectre">advise customers not to download the patches</a>, due to the reboots and performance hits they were causing.</p><p>The firm's executive vice president, Navin Shenoy, recommended that OEMs, cloud service providers, system manufacturers, software vendors, and end-users "stop deployment of current versions on [a] specific platform as they may introduce higher than expected reboots and other unpredictable system behaviour".</p><p>This applied to systems powered by Intel's previous generations of chips, including Broadwell, Haswell, Coffee Lake, Kaby Lake, Skylake, and Ivy Bridge families.</p><p>In a post on the Linux kernel mailing list, <a href="https://www.itpro.com/exploits/30350/linus-torvalds-blasts-intels-meltdownspectre-patch-as-pure-garbage" data-original-url="https://www.itpro.com/exploits/30350/linus-torvalds-blasts-intels-meltdownspectre-patch-as-pure-garbage">Linux creator Linus Torvalds</a><a href="https://www.itpro.com/exploits/30350/linus-torvalds-blasts-intels-meltdownspectre-patch-as-pure-garbage" target="_blank" data-original-url="https://www.itpro.com/exploits/30350/linus-torvalds-blasts-intels-meltdownspectre-patch-as-pure-garbage"> lambasted Intel for the fiasco</a>, saying the patches "do literally insane things" to the performance of the systems they are installed on.</p><p>"They do things that do not make sense," Torvalds declared. "That makes all your arguments questionable and suspicious. The patches do things that are not sane."</p><p>He ranted that the patches are "ignoring the much worse issue, namely that the whole hardware interface is literally mis-designed by morons".</p><p>In February, however, Intel finally issued a working update for its Skylake chips. It might have arrived three weeks after the original buggy patch release, but the firm said it had successfully developed a number of microcode solutions to protect its customers against the Meltdown and Spectre exploits.</p><p>The released updates included fixes for its OEM customers and partners for Kaby Lake and Coffee Lake-based platforms, as well as additional Skylake-based platforms. These included its sixth, seventh and eight-generation Intel Core product lines as well as the latest Intel Core X-series processor family.</p><p>The recently announced Intel Xeon Scalable and Intel Xeon D processors for data centre systems are also covered by the patches.</p><p>"This effort has included extensive testing by customers and industry partners to ensure the updated versions are ready for production," Shenoy <a href="https://newsroom.intel.com/news/latest-intel-security-news-updated-firmware-available" target="_blank">said in a blog post</a>. "On behalf of all of Intel, I thank each and every one of our customers and partners for their hard work and partnership throughout this process."</p><p>It's still not clear if Intel has successfully patched its fourth and fifth generation Haswell and Broadwell CPUs yet, however. </p><h3 class="article-body__section" id="section-can-i-patch"><span>Can I patch?</span></h3><p>Users concerned about the impact of Spectre and Meltdown are advised to keep in-tune with regular patch releases from device manufacturers as and when they are released while hoping they don't cause too much of an unintended consequence to the performance of the machines.</p><p>Microsoft recently disabled its Spectre patch, for instance, saying the performance impact was too great compared to the low risk of a user launching a Spectre attack on someone's device. However, if you're a large enterprise likely to be a lucrative target for malicious actors, failing to patch Spectre is not an option.</p><p>Torvalds' outburst was also directed at the fact that Intel's plan to bypass its patches' hits on performance was to make the Meltdown fix optional, so shipping faulty hardware that users would then have to patch themselves.</p><p>However, at the start of February <a href="https://www.itpro.com/security/30485/intel-re-issues-meltdown-and-spectre-patches-with-fresh-code-to-rid-users-of" target="_blank" data-original-url="https://www.itpro.com/security/30485/intel-re-issues-meltdown-and-spectre-patches-with-fresh-code-to-rid-users-of">Intel issued a fresh patch for devices running its Skylake-based Core or Core M processors</a> that it claimed wouldn't introduce any untoward side effects. A similarly effective patch for Haswell and Broadwell-running PCs is still in the works, but Intel has also introduced patches for its Kaby Lake, Coffee Lake, sixth, seventh and eighth-generation Intel Core i and Core X series.</p><p>In April, however, <a href="https://www.itpro.com/exploits/30885/intel-gives-up-patching-some-chips-with-spectre-flaws" data-original-url="https://www.itpro.com/exploits/30885/intel-gives-up-patching-some-chips-with-spectre-flaws">Intel deemed some of its affected CPUs too tough to patch</a>. The chip manufacturer released a revision notice listing 16 microcode updates as "stopped", meaning that while patches had previously been released they were no longer being rolled out.</p><p>The reasons Intel gave vary from the sheer difficulty in patching a chip due to its design to the fact some are powering 'closed systems', with the company leaving it up to its hardware partners to issue BIOS updates themselves.</p><p>Later that month, AMD finally released a number of updates to help protect systems against Spectre vulnerabilities found in its chips, months after they were first disclosed to the public in early 2018. </p><p><a href="https://www.itpro.com/security/33031/spectre-vulnerabilities-cannot-be-mitigated-by-software-alone" data-original-url="https://www.itpro.com/security/33031/spectre-vulnerabilities-cannot-be-mitigated-by-software-alone">According to a team of Google researchers</a>, Spectre vulnerabilities present in many of today's processors cannot be completely mitigated by applying software fixes, as has been assumed.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Apple rolls out its own fix for Zoom zero-day ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/zero-day-exploit/33976/apple-rolls-out-its-own-fix-for-zoom-zero-day</link>
                                                                            <description>
                            <![CDATA[ The exploit allowed websites to forcibly activate a user's webcam ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">6vBgFpjyFy7w2teSKEX6yt</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/rcxPmeGGrSUNWWwYA4tVuX-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 11 Jul 2019 09:50:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Privacy]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Connor Jones ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/LPjgE2kGKixS9aF7Jdp2mT.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/rcxPmeGGrSUNWWwYA4tVuX-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/rcxPmeGGrSUNWWwYA4tVuX-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Following backlash against Zoom's Mac vulnerability on Monday, Apple has rolled out a silent update that removes a web server that allowed websites to automatically launch a conference call and activate a user's webcam.</p><p>The move follows Zoom's own update to its client on Tuesday, which also removed the web server from Mac systems for those that chose to keep the software installed.</p><p>Apple's update serves those users who have, like a number of <em>IT Pro</em> writers, deleted Zoom from their systems following Monday's news.</p><p>Apple told <a href="https://techcrunch.com/2019/07/10/apple-silent-update-zoom-app" target="_blank"><em>TechCrunch</em></a> that the update requires no user intervention and is deployed automatically. However, following our own testing, <em>IT Pro</em> can confirm that the vulnerability is still exploitable for those users who have yet to restart their system.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/zero-day-exploit/33166/patched-chrome-exploit-worked-hand-in-hand-with-critical-windows-bug" data-original-url="/zero-day-exploit/33166/patched-chrome-exploit-worked-hand-in-hand-with-critical-windows-bug">Patched Chrome exploit worked hand-in-hand with critical Windows bug</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/33697/security-researcher-auctions-off-windows-10-zero-day-exploits" data-original-url="/security/33697/security-researcher-auctions-off-windows-10-zero-day-exploits">Security researcher auctions off Windows 10 zero-day exploits</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/32992/zero-day-flaws-in-internet-explorer-and-exchange-patched-by-microsoft" data-original-url="/security/32992/zero-day-flaws-in-internet-explorer-and-exchange-patched-by-microsoft">Zero-day flaws in Internet Explorer and Exchange patched by Microsoft</a></p></div></div><p>Despite both companies releasing updates for the issue, Tod Beardsley, research director at cybersecurity firm Rapid7 told <em>IT Pro</em> that the Zoom vulnerability was 'overblown'.</p><p>"I'm not entirely certain this is a bug in Zoom," he said. "For starters, there's a (non-default) configuration setting that seems to totally mitigate this issue: In the Mac OS client, go to zoom.us > Preferences > Video > "Turn off my video when joining meeting".</p><p>"Since this is already my personal default, I was confused as to why the original proof of concept wasn't working for me (I finally figured it out this morning)," he added. "At any rate, given the existence of this mitigation, the bug actually seems to be down in the browser, not the Zoom client, where CORS policies aren't enforced for localhost domains."</p><p>There is an issue with this criticism which lies in that the default setting in Zoom is to have automatic webcam enablement - it's a feature of the client most people appreciate as it makes joining a conference call more seamless.</p><p>When users click on a Zoom link, they expect to be thrown into a conference call, and it's therefore unlikely that users will take the time to change this default setting.</p><h3 class="article-body__section" id="section-09-07-2019-major-zero-day-privacy-vulnerability-found-in-zoom-for-mac"><span>09/07/2019: Major zero-day privacy vulnerability found in Zoom for Mac</span></h3><p>A serious zero-day vulnerability has been discovered in the hugely popular video conferencing and meetings application Zoom, which allows websites to forcibly activate a Mac user's camera without their intervention.</p><p>The vulnerability leverages a localhost web server that's installed alongside any Zoom installation and remains on a user's computer even after uninstalling the app. The web server also has the power to re-install Zoom on a user's system without their permission.</p><p>Jonathan Leitschuh, the researcher who discovered and provided proof of concept for the vulnerability said this web server will accept requests other browsers wouldn't.</p><p>The vulnerability exploits Zoom's feature where users can simply send others a customised link so they can join a conference call. When users have a setting enabled which allows Zoom to automatically activate a user's camera when joining a call, websites can abuse this custom link feature by inputting a Zoom conference link as an </p><div><a href="https://mozo.com.au"><img class="lft" src="" alt="Powered by Mozo"></a></div><iframe frameborder="" height="" width="" sandbox="allow-scripts allow-forms allow-same-origin allow-popups allow-popups-to-escape-sandbox" id="mozo-iframe" class="rc-iframe" scrolling="yes" data-lazy-priority="low" data-lazy-src=""></iframe><script type="text/javascript" src=""></script><script type="text/javascript">function ready(fn){if(document.attachEvent ? document.readyState === "complete" : document.readyState !== "loading"){ fn();}else{document.addEventListener("DOMContentLoaded", fn);}};function mozoResize(){iFrameResize({ log: false, checkOrigin: false }, "#mozo-iframe")};ready(mozoResize);</script>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Kaspersky Endpoint Security for Business Advanced review: On-prem security done right ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/endpoint-security/33558/kaspersky-endpoint-security-for-business-advanced-review-on-prem-security</link>
                                                                            <description>
                            <![CDATA[ Excellent device protection for modern businesses ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">qa1B29YqKJikSsWJ49Z29u</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/MNp5HMZZsjdpmZSTPxY2JF-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 01 May 2019 13:06:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Dave Mitchell ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/MNp5HMZZsjdpmZSTPxY2JF-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/MNp5HMZZsjdpmZSTPxY2JF-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Kaspersky's Endpoint Security for Business (ESB) has been the foundation of its on-premises solutions for many years and the latest version introduces tougher security measures than ever before. The new intelligent adaptive anomaly control component watches out for abnormal user behavior and along with the ability to scan inbound and outbound HTTPS traffic, the web protection components have a keen nose for sniffing out mining malware.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/software/31943/kaspersky-small-office-security-6-review" data-original-url="/software/31943/kaspersky-small-office-security-6-review">Kaspersky Small Office Security 6 review</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/hardware/printers" data-original-url="/security/33162/panda-free-antivirus-review-bamboo-zle-the-hackers">Panda Free Antivirus review: Bamboo-zle the hackers</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/hardware/printers" data-original-url="/security/32999/bitdefender-internet-security-2019-review-still-one-of-the-best">Bitdefender Internet Security 2019 review: Still one of the best</a></p></div></div><p>ESB comes in three flavours with the Select edition including the Security Center management console, anti-malware, file server and mobile protection as well as device, web and application controls. The Advanced edition on review adds the adaptive anomaly control, encryption and patch management plus remote software installation, while the Total edition bolsters this with mail server, gateway and collaboration security.</p><p>Prices for the Advanced version on review start at 760 per year for 10 seats. Platform support is extensive as ESB can protect Windows, Mac and Linux workstations and servers and includes iOS and Android mobile device management (MDM) services using Exchange ActiveSync or its own iOS MDM server.</p><h2 id="kaspersky-endpoint-security-for-business-advanced-review-management-and-deployment">Kaspersky Endpoint Security for Business Advanced review: Management and deployment</h2><p>ESB deployment starts by installing the Security Center 11 component on the designated host Windows workstation or server. It expects to have a SQL database made available and for testing, we installed Microsoft's SQL Server 2014 Express SP2.</p><p>Functioning as an MMC (Microsoft Management Console) snap-in, the Security Center 11 console receives a fresh lick of paint but retains the same intuitive format as previous versions. The ESB web console, on the other hand, sees a complete redesign and, along with vastly improved status dashboards and reporting, now provides full access to ESB's settings allowing it to be used instead of the Security Center if required.</p><p>You're spoilt for workstation deployment choices; ESB can search network subnets, workgroups and Active Directory (AD) domains. The ESB console places all discovered systems in an 'unassigned' list where we selected our Windows test workstations, pushed the Network Agent and Endpoint Security components to them with one job and watched ESB move them to the default managed group.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="mnWmpeAtmZgHR9UtJMKb9a" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/mnWmpeAtmZgHR9UtJMKb9a.png" mos="https://cdn.mos.cms.futurecdn.net/mnWmpeAtmZgHR9UtJMKb9a.png" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>The automatic installation option is even faster. All unassigned systems can be added to a console group with this feature enabled and ESB will do all the hard work for you. Group structures based on selected workgroups or AD domains can be created where you leave the discovery routine to populate them and then run the entire deployment.</p><h2 id="kaspersky-endpoint-security-for-business-advanced-review-group-policies">Kaspersky Endpoint Security for Business Advanced review: Group policies</h2><p>The System Center creates a base set of security policies for the default group so all our test clients were protected immediately. You can create custom groups and apply new policies to define how a client's Network Agent and Endpoint Security components behave when they join a group.</p><p>ESB's group policies are a powerful feature as they allow you to centrally manage all endpoint security and threat protection features and stop end users fiddling with the client settings or uninstalling them. Policies can be modified from the System Center or web console and we found changes took around 10 seconds to be pushed out to our clients.</p><p>Choosing a group reveals all member systems, with each assigned colour-coded icons for at-a-glance status indicators. Selecting a client shows their properties in a right-hand pane while a drop down menu provides access to options such as running tasks, forcing synchronizations and viewing hardware and software inventories.</p><p>A useful support feature is the ability to fire up a remote control session with a selected client using RDP or Windows desktop sharing. Another valuable feature is ESB's integral vulnerability and patch management component which checked our clients, showed all required updates and offered to automatically deploy them.</p><h2 id="kaspersky-endpoint-security-for-business-advanced-review-threat-protection-features">Kaspersky Endpoint Security for Business Advanced review: Threat protection features</h2><p>Policies provide easy access to all security features and we found it simple to customize the various components. Advanced threat protection includes access to Kaspersky's Security Network for reputation-based scanning, behavioral detection for ransomware protection and exploit protection.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="W9uRfUkeYu8NHkhwTzxJ2c" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/W9uRfUkeYu8NHkhwTzxJ2c.png" mos="https://cdn.mos.cms.futurecdn.net/W9uRfUkeYu8NHkhwTzxJ2c.png" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Essential threat protection features include a memory resident file scanner, transparent scanning of email and web traffic, a client firewall and network attack detection. Many components can be modified easily just by using a slider bar to choose from three levels.</p><p>Policy security controls go even further as these allow you to enforce black and white application lists and decide what hardware devices can be used on client systems. The web content filtering component can't match the efficacy of UTM hardware appliances but Kaspersky has increased the number of available URL categories from 15 to 28.</p><p>Adaptive anomaly control is also enabled in this policy section and can be applied to Office app, WMI, script and PowerShell activities. We found it initially spends a few days in training mode after which it creates smart rules based on its findings, and you can quickly load reports to see training progress and whether any rules have been triggered.</p><p>Reporting is a real strength, too. ESB comes with a wide choice of predefined reports for viewing anything from infected computers and endpoint inventory to detected threats and web browsing behavior. We could easily create custom reports using these as templates, schedule them to run regularly and create tasks to have them emailed to us.</p><h2 id="kaspersky-endpoint-security-for-business-advanced-review-verdict">Kaspersky Endpoint Security for Business Advanced review: Verdict</h2><p>Kaspersky's Endpoint Security for Business is a great choice for companies that prefer on-premises to cloud management. It's easy to deploy, offers a choice of MMC snap-in or web browser management access and delivers an unbeatable range of security measures for hardening your endpoints against malware.</p><h2 id="verdict-2">Verdict</h2><p>An on-premises endpoint protection solution suitable for a wide range of businesses that’s good value, easy to manage and packed to the rafters with tough security measures</p><p>Security Center 11: Windows 7/Server 2012 upwards</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Spectre vulnerabilities cannot be mitigated by software alone ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/33031/spectre-vulnerabilities-cannot-be-mitigated-by-software-alone</link>
                                                                            <description>
                            <![CDATA[ Researchers found that one variant of the critical data-leaking flaw "defeats everything we can think of" ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">tcNqVY788pcNKALaa57LCD</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/5TFschoicHxBcCYXVKJo5i-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 19 Feb 2019 11:53:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Keumars Afifi-Sabet ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/EAvwpZggMZ2K5h8s2pTAEm.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/5TFschoicHxBcCYXVKJo5i-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Spectre processor flaw]]></media:description>                                                            <media:text><![CDATA[Spectre processor flaw]]></media:text>
                                <media:title type="plain"><![CDATA[Spectre processor flaw]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/5TFschoicHxBcCYXVKJo5i-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>A team of Google researchers has demonstrated the Spectre vulnerabilities present in many of today's processors cannot be completely mitigated by applying software fixes, as has been assumed.</p><p>Variants of the Spectre flaw discovered last year, which involves information leaking via 'speculative execution' or functions performed early to speed up computation, are not just software glitches but lie in the foundations of the hardware.</p><p>In their paper titled '<a href="https://arxiv.org/abs/1902.05178" target="_blank">Spectre is here to stay: An analysis of side-channels and speculative execution</a>', the researchers concluded that Spectre fundamentally defeats an important layer of software security.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/vulnerability/30252/why-the-raspberry-pis-immune-to-the-meltdown-and-spectre-bugs" data-original-url="/vulnerability/30252/why-the-raspberry-pis-immune-to-the-meltdown-and-spectre-bugs">Why the Raspberry Pi's immune to the Meltdown and Spectre bugs</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/exploits/30245/intel-faces-32-lawsuits-over-the-meltdown-and-spectre-flaws" data-original-url="/exploits/30245/intel-faces-32-lawsuits-over-the-meltdown-and-spectre-flaws">Intel faces 32 lawsuits over the Meltdown and Spectre flaws</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected" data-original-url="/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected">What are Meltdown and Spectre and are you affected?</a></p></div></div><p>As part of the process, the researchers built a universal read gadget that destroys the idea of language-enforced confidentiality when deployed, which could allow an attacker, for instance, to read all the memory in the same address space.</p><p>"We now believe that speculative vulnerabilities on today's hardware defeat all language-enforced confidentiality with no known comprehensive software mitigations," the researchers wrote, "as we have discovered that untrusted code can construct a universal read gadget to read all memory in the same address space through side-channels.</p><p>"Computer systems have become massively complex in pursuit of the seemingly number-one goal of performance. We've been extraordinarily successful at making them faster and more powerful, but also more complicated, facilitated by our many ways of creating abstractions.</p><p>"Our models, our mental models, are wrong; we have been trading security for performance and complexity all along and didn't know it," they added. "It is now a painful irony that today, defence requires even more complexity with software mitigations, most of which we know to be incomplete."</p><p>One of the major challenges identified was mitigating the vulnerabilities presented by the Spectre flaw, with the researchers learning that the four variants analysed bypassed normal safety checks and the assumption of language type safety.</p><p>Variant 4, for example, dubbed speculative aliasing confusion, "defeats everything we can think of", with the researchers exploring more prospective mitigations for this attack over any other but found "it proved to be more pervasive and dangerous than we anticipated".</p><p>The <a href="https://www.itpro.com/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected" target="_blank" data-original-url="https://www.itpro.com/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected">Spectre and Meltdown</a> attacks are the terms prescribed to variants of the same processor vulnerability discovered last year, which involves a malicious program gaining access to data normally protected by a kernel. This kernel on a computer chip moves data around the various sections of memory in response to the functions a user is carrying out.</p><p>Either, or both, vulnerabilities have affected more or less all chips from the major manufacturers built in the last couple of decades, with CPUs from not just Intel but also ARM and AMD vulnerable to exploitation.</p><p>As opposed to Meltdown attacks, which 'melts' the boundaries set in place at a chip's hardware level that should in theory protection sections of the memory, Spectre attacks are more targeted and require knowledge of the victims' systems. They have always been harder to exploit, but also harder to mitigate.</p><p>"It was always apparent that the Spectre vulnerabilities were not easily fixable," Kaspersky's principal security researcher David Emm told <em>IT Pro</em>. "Spectre opened new ways of exploitation that might affect different software in the months and years to come.</p><p>"Most of the patches that were released in the wake of Spectre and Meltdown, minimised the surface of the attack but did not eradicate it completely. This is likely to continue to be the case."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Businesses at risk of data theft through 'classic' cold boot attack ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/31911/businesses-at-risk-of-data-theft-through-classic-cold-boot-attack</link>
                                                                            <description>
                            <![CDATA[ F-Secure warns sensitive data can be scalped from the RAM of lost, stolen or recycled laptops ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">nzj5azwnmaqzwsJkEzmaGg</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/Q4BtpkkfaoaacNJWJhd9fV-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 13 Sep 2018 09:00:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Bobby Hellard ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/bsR2tHSyVKUoyXZF5pNsDA.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/Q4BtpkkfaoaacNJWJhd9fV-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Thief stealing laptop from car]]></media:description>                                                            <media:text><![CDATA[Thief stealing laptop from car]]></media:text>
                                <media:title type="plain"><![CDATA[Thief stealing laptop from car]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/Q4BtpkkfaoaacNJWJhd9fV-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Most modern computers have a weakness that allows hackers to steal encryption keys and other sensitive data, according to new research.</p><p>Cyber security firm F-Secure said it had managed to revive a decades-old attack that involves stealing user data during a computer's reboot process, warning that the majority of modern-day computers are vulnerable to the exploit.</p><p>The exploit, known as a cold-boot attack, which has been known to hackers since 2008, involves rebooting a computer without initiating a proper shutdown process, then scalping the residual data that briefly sits on the machine's RAM. While most modern laptops have been designed to overwrite this data by default, the research team was successfully able to disable this overwrite function.</p><p>Researchers warn that the attack could mean that businesses risk losing data through machines they have either lost or ditched in recent replacement cycles, and that current security measures are not good enough to protect against the exploit.</p><p>"Typically, organisations aren't prepared to protect themselves from an attacker that has physical possession of a company computer," said F-Secure principal security consultant Olle Segerdahl.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/cyber-security/31064/how-not-to-get-hacked-in-2019" data-original-url="/cyber-security/31064/how-not-to-get-hacked-in-2019">How not to get hacked in 2019</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/innovation-at-work/29580/the-truth-about-encryption" data-original-url="/security/innovation-at-work/29580/the-truth-about-encryption">The truth about encryption</a></p></div></div><p>"When you have a security issue found in devices from major PC vendors, like the weakness my team has learned to exploit, you need to assume that a lot of companies have a weak link in their security that they're not fully aware of or prepared to deal with."</p><p>F-Secure said that although the exploit requires some extra steps to the classic cold boot attack, it's proven to be effective against every modern laptop tested. It added that because the threat is typically used against devices that are stolen or lost, hackers have plenty of time to execute the attack.</p><p>Segerdahl also added that there's no reliable way for organisations to know their data is safe if a computer goes missing, and because nearly all company laptops will have things like access credentials for corporate networks, it gives attackers a consistent and reliable way to compromise corporate targets.</p><p>Rather worryingly, there is no easy fix for this issue either, but Segerdahl stressed the importance of invalidating access credentials once a machine is reported lost, stolen, or no longer in use.</p><p>When contacted by IT Pro, Microsoft senior director Jeff Jones said: "This technique requires physical access to a target device. We encourage customers to practice good security habits, including preventing unauthorized physical access to their device." Crucially, however, there was no mention of a potential fix for the problem.</p><p>F-Secure's advice is for businesses to configure laptops so they automatically shut down or hibernate instead of entering sleep mode, or require employees to enter an encrypted system's BitLocker PIN each time they boot up their machines.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ How Russia hacked the 2016 election ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/31527/how-russia-hacked-the-2016-election</link>
                                                                            <description>
                            <![CDATA[ A timeline of how 12 hackers allegedly corrupted the world's most powerful democracy ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">aNZcFqGdcf1yetBbbNtqu</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/zqGThXHsoLCcMmV9pbCpMW-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 18 Jul 2018 08:53:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Data Breaches]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Adam Shepherd ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/3n2BoLAtRj8Z5eRfxtwyK8.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/zqGThXHsoLCcMmV9pbCpMW-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/zqGThXHsoLCcMmV9pbCpMW-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>//</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Google and Microsoft discover new Spectre variant ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/endpoint-security/31169/google-and-microsoft-discover-new-spectre-variant</link>
                                                                            <description>
                            <![CDATA[ But patching Speculative Store Bypass flaw could hit performance by up to 8%, warns Intel ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">uBv3grTWCzTASvu4KkoCim</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/9Bss8qq5LJRXjjvGCDdm3f-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 22 May 2018 11:13:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/9Bss8qq5LJRXjjvGCDdm3f-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/9Bss8qq5LJRXjjvGCDdm3f-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>A new Spectre and Meltdown variant has been discovered by <a href="https://bugs.chromium.org/p/project-zero/issues/detail?id=1528" target="_blank">Google</a> and Microsoft researchers.</p><p>The newly-revealed flaw, called Variant 4, or Speculative Store Bypass, affects processors from Intel, ARM and AMD, meaning hundreds of millions of devices are potentially impacted, though no exploits have been seen in the wild.</p><p>Intel said that <a href="https://www.itpro.com/security/30223/meltdown-and-spectre" target="_blank" data-original-url="https://www.itpro.com/security/30223/meltdown-and-spectre">like Spectre</a>, the variant relies on speculative execution, a feature common to most modern processor architectures, to potentially expose certain kinds of data through a side channel. An <a href="https://www.us-cert.gov/ncas/alerts/TA18-141A" target="_blank">advisory</a> by US-CERT said that the vulnerability could allow an attacker to access and read older CPU memory either in the CPU stack or other memory locations.</p><p>"An attacker who has successfully exploited this vulnerability may be able to read privileged data across trust boundaries," <a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012" target="_blank">Microsoft Security Center</a>'s Security Advisory read.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/30223/meltdown-and-spectre" data-original-url="/security/30223/meltdown-and-spectre">Meltdown and Spectre: Samsung Galaxy S7 vulnerable to Meltdown hack</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected" data-original-url="/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected">What are Meltdown and Spectre and are you affected?</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/30285/intel-promises-more-transparency-about-meltdown-debacle" data-original-url="/security/30285/intel-promises-more-transparency-about-meltdown-debacle">Intel promises more transparency about Meltdown debacle</a></p></div></div><p>Hackers could exploit the bug by running JavaScript in web browsers, producing native code that could give rise to an instance of Variant 4 (CVE-2018-3639). Microsoft said that it has strengthend its Edge and Internet Explorer browsers to increase the difficulty of successfully creating such a side channel. Similar steps have been taken for other browsers.</p><p>While Intel <a href="https://newsroom.intel.com/editorials/addressing-new-research-for-side-channel-analysis" target="_blank">said</a> some of the Variant 4 exploits were mitigated by previous patches, it has also delivered a microcode update to address the new variant in beta form to OEMs and software vendors, expecting it to be released into production BIOS and software updates over the coming weeks.</p><p>However, the patch will be turned off by default, with Intel warning of a 2% to 8% performance hit for those that do enable it.</p><p>"We expect most industry software partners will likewise use the default-off option," said Leslie Culbertson, Intel's executive vice president and general manager of product assurance and security.</p><p>ARM noted in a <a href="https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability" target="_blank">blog post</a> that "this method is dependent on malware running locally which means it's imperative for users to practice good security hygiene by keeping their software up-to-date and avoid suspicious links or downloads".</p><p>According to blog posts by <a href="https://bugs.chromium.org/p/project-zero/issues/detail?id=1528" target="_blank">Google's Project Zero</a> and the <a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012" target="_blank">,</a> a flaw in the chips can The vulnerability affects processors from Intel, AMD, and ARM.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Intel won’t patch new Spectre-like chip vulnerabilities for another 12 days ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/zero-day-exploit/31076/intel-won-t-patch-new-spectre-like-chip-vulnerabilities-for-another-12-days</link>
                                                                            <description>
                            <![CDATA[ Patches for all operating systems and virtual machines may not be ready until later this year - report ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">iuJV2pBKGgT2u2qs8ad5KZ</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/6iBz3cezjaJCwBWBkMrpeK-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 09 May 2018 10:52:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/6iBz3cezjaJCwBWBkMrpeK-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Processor]]></media:description>                                                            <media:text><![CDATA[Processor]]></media:text>
                                <media:title type="plain"><![CDATA[Processor]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/6iBz3cezjaJCwBWBkMrpeK-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Intel won't patch a new series of Spectre-related flaws in its chips for another 12 days, it is reported.</p><p>Fixes for the flaws, known as 'Spectre Next Generation', were scheduled for 7 May, but the chip manufacturer is allegedly having issues getting the updates ready in time, needing another two weeks to do so. This pushes the release date back to 21 May.</p><p>This is according to a <a href="https://www.heise.de/security/meldung/Spectre-NG-Intel-verschiebt-die-ersten-Patches-koordinierte-Veroeffentlichung-aufgeschoben-4043790.html">report</a> in German IT publication <em>Heise</em>, which suggests the patches could take even longer to arrive.</p><p>The flaws were originally <a href="https://www.heise.de/ct/artikel/Super-GAU-fuer-Intel-Weitere-Spectre-Luecken-im-Anflug-4039134.html" target="_blank">reported</a> earlier this month and are caused by <a href="https://www.itpro.com/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected" target="_blank" data-original-url="https://www.itpro.com/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected">the same design issue responsible for the original Spectre vulnerabilities</a>. Around eight flaws have been discovered but technical details about them are yet to be published. Each flaw has a CVE number and each requires a patch to fix the issue.</p><p>Spectre Next Generation flaws affect Core i processors and their Xeon derivatives as far back as 2010, <em>Heise</em> reports. These are common Intel processors found in desktops, laptops and servers.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected" data-original-url="/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected">What are Meltdown and Spectre and are you affected?</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/31074/industry-collaboration-was-the-silver-lining-of-meltdown-and-spectre" data-original-url="/security/31074/industry-collaboration-was-the-silver-lining-of-meltdown-and-spectre">Industry collaboration was the "silver lining" of Meltdown and Spectre</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/vulnerability/30252/why-the-raspberry-pis-immune-to-the-meltdown-and-spectre-bugs" data-original-url="/vulnerability/30252/why-the-raspberry-pis-immune-to-the-meltdown-and-spectre-bugs">Why the Raspberry Pi's immune to the Meltdown and Spectre bugs</a></p></div></div><p>The flaws also reportedly affect Atom-based Pentium, Celeron and Atom processors dating back to 2013 as well as those powering tablets, smartphones and embedded devices.</p><p>One of the most troublesome flaws affects Core i and Xeon chips, allowing hackers to attack systems and virtual machines from a compromised VM. These flaws may not be fixed until the middle of August.</p><p>As well as microcode patches from Intel, fixes for the operating system will also be necessary, the publication said.</p><p>An Intel spokeswoman said in a statement sent to <em>IT Pro</em>: "Protecting our customers' data and ensuring the security of our products are critical priorities for us. We routinely work closely with customers, partners, other chipmakers and researchers to understand and mitigate any issues that are identified, and part of this process involves reserving blocks of CVE numbers. We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalise mitigations. As a best practice, we continue to encourage everyone to keep their systems up to date."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Kaspersky hits back at Twitter ban with open letter ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/antivirus/30983/kaspersky-hits-back-at-twitter-ban-with-open-letter</link>
                                                                            <description>
                            <![CDATA[ Eugene Kaspersky quotes Game of Thrones in letter claiming his firm is being unfairly censored ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">97X3ywQBaSuwhzBKNF9Atu</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/oiEJKZTiHZ27bVwM2PyKNT-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 23 Apr 2018 10:36:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Adam Shepherd ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/3n2BoLAtRj8Z5eRfxtwyK8.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/oiEJKZTiHZ27bVwM2PyKNT-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/oiEJKZTiHZ27bVwM2PyKNT-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Kaspersky Lab founder Eugene Kaspersky has responded to Twitter's advertising ban on his company with <a href="https://www.kaspersky.com/blog/ek-on-twitter-ads/22106" target="_blank">an open letter</a> invoking Game of Thrones that accuses the social network of "playing into the hands of cybercriminals".</p><p>Twitter alerted the company in January to the fact that it would "off-board advertising from all accounts owned by Kaspersky Lab", with the stated reason for the ban being that Kaspersky Lab's business model "inherently conflicts with acceptable Twitter Ads business practices" - a possible reference to <a href="https://www.itpro.com/antivirus/30085/kaspersky-offers-hackers-100000-for-spotting-bugs" target="_blank" data-original-url="https://www.itpro.com/antivirus/30085/kaspersky-offers-hackers-100000-for-spotting-bugs">accusations that Kaspersky has helped Russian spying efforts</a>, which Kaspersky has robustly denied.</p><p>After asking Twitter for its reasoning around the ban back in February, founder and CEO Eugene Kaspersky published an open letter to Twitter chief Jack Dorsey and the rest of Twitter's leadership team last week, asking the company to explain why the ban has been enacted and what other security companies can do to prevent suffering similar bans.</p><p>"Understandably, you've been busy dealing with public and political pressure. As a response to all this pressure, social media platforms - Twitter in particular - need to somehow adapt their rules and policies," Kaspersky wrote. "But please, dear Twitter managers, I think it's of the utmost importance that any and all changes you do introduce in response to existing challenges are divulged in full and applied in a transparent manner."</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/antivirus/30085/kaspersky-offers-hackers-100000-for-spotting-bugs" data-original-url="/antivirus/30085/kaspersky-offers-hackers-100000-for-spotting-bugs">Kaspersky offers hackers $100,000 for spotting bugs</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/29224/the-cyber-security-threat-in-charts" data-original-url="/security/29224/the-cyber-security-threat-in-charts">The cyber security threat in six charts</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/29822/kaspersky-claims-pirated-office-software-was-behind-nsa-exploit-leak" data-original-url="/security/29822/kaspersky-claims-pirated-office-software-was-behind-nsa-exploit-leak">Kaspersky claims pirated Office software was behind NSA exploit leak</a> Kaspersky’s attempt to overturn US government ban thrown out of court</p></div></div><p>Kaspersky argued that the majority of the company's promoted tweets are informative, educational posts about cyber security awareness, tips and research, and that even the purely marketing tweets it promotes are still in line with the behaviour of the rest of the IT industry, as is its business model.Kaspersky's letter - as well as several of the executive's tweets - implied that Twitter's actions amount to censorship.</p><p>In fact, he headed his letter with a quote from Game of Thrones character Tyrion Lannister: "When you tear out a man's tongue, you are not proving him a liar, you're only telling the world that you fear what he might say." Elsewhere he wrote: "Twitter is playing into the hands of cybercriminals when it hinders the delivery of important information on protection from cyberthreats."</p><p>Kaspersky is fighting back on multiple fronts against bans and blocks enforced by governments, filing a lawsuit against the Trump administration after mounting US pressure saw <a href="https://www.itpro.com/technology/blockchain" target="_blank" data-original-url="https://www.itpro.com/antivirus/28647/USKasperskyBan">it prohibit public sector bodies from using Kaspersky Lab software</a>,while in the UK, the National Cyber Security Centre <a href="https://www.itpro.com/antivirus/30085/kaspersky-offers-hackers-100000-for-spotting-bugs" target="_blank" data-original-url="https://www.itpro.com/antivirus/30085/kaspersky-offers-hackers-100000-for-spotting-bugs">issued guidance</a> advising all government departments to avoid Russian antivirus firms.</p><p>Despite the ongoing furore though, figures from market research firm B2B International showed that the majority of businesses have not been put off using Kaspersky Lab's products, and the company last year maintained an average Net Promoter Score (which measures how likely customers are to recommend your company) of 49, in line with the upper echelons of the software market. More customers are also using Kaspersky as their main security provider compared to 2016.</p><p>Kaspersky said that the company will be donating all the money it had planned to spend on Twitter advertising over the course of 2018 (which amounted to more than 75,700 in 2017) to the Electronic Frontier Foundation, noting pointedly that the organisation does "a lot to fight censorship online".</p><p><em>IT Pro</em> has contacted Twitter to try and find out the reasons behind Kaspersky's ban, but did not receive a response in time for publication.</p><p><em>Picture: Shutterstock</em></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ A quarter of UK councils 'have been hacked' ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/data-breaches/30583/a-quarter-of-uk-councils-have-been-hacked</link>
                                                                            <description>
                            <![CDATA[ Local authorities experience 19 million cyber attacks every year, finds report ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">gJesr5d6zpSXTh8gcAGwkS</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/CmhCUGwY8B2Bo8TuWuApnV-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 20 Feb 2018 11:37:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Data Breaches]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Lee Bell ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/CmhCUGwY8B2Bo8TuWuApnV-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/CmhCUGwY8B2Bo8TuWuApnV-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Over a quarter of all UK councils have had their IT systems breached in the past five years, according to privacy campaign group Big Brother Watch.</p><p><a href="https://www.itpro.com/policy-legislation/30218/what-is-a-freedom-of-information-foi-request" target="_blank" data-original-url="https://www.itpro.com/policy-legislation/30218/what-is-a-freedom-of-information-foi-request">Freedom of information requests</a> sent by the group found that 114 councils experienced at least one incident between 2013 and 2017, as well as more than 98 million cyber attacks on local councils in total across the country.</p><p>This amounts to 37 cyber attacks launched every minute on the local governments, with successful attempts potentially giving hackers access to the sensitive and personal information of UK citizens, said <a href="https://bigbrotherwatch.org.uk/about">Big Brother Watch</a> in its <em><a href="https://bigbrotherwatch.org.uk/wp-content/uploads/2018/02/Cyber-attacks-in-local-authorities.pdf" target="_blank">'Cyber attacks in local authorities'</a></em> report.</p><p>Worst yet, the report uncovers the councils' failure to report losses and breaches of data - <a href="https://www.itpro.com/it-legislation/27814/what-is-gdpr-everything-you-need-to-know" target="_blank" data-original-url="https://www.itpro.com/it-legislation/27814/what-is-gdpr-everything-you-need-to-know">which organisations must do within 72 hours under GDPR</a>, though currently do not have to under UK law - as well as shortcomings in staff training.</p><p>It found that despite human error being the main factor in a successful hack, 75% of local authorities said their staff don't undergo compulsory cyber security training.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/wannacry/30470/all-200-nhs-trusts-fail-latest-cybersecurity-standards" data-original-url="/wannacry/30470/all-200-nhs-trusts-fail-latest-cybersecurity-standards">All 200 NHS trusts fail latest cybersecurity standards</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/29075/newcastle-city-council-blames-human-error-for-data-breach" data-original-url="/security/29075/newcastle-city-council-blames-human-error-for-data-breach">Newcastle City Council blames human error for data breach</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/28844/gloucester-city-council-fined-100000-over-heartbleed-hack" data-original-url="/security/28844/gloucester-city-council-fined-100000-over-heartbleed-hack">Gloucester City Council fined £100,000 over Heartbleed hack</a></p></div></div><p>Jennifer Krueckeberg, lead researcher at Big Brother Watch, said: "With councils hit by over 19 million cyber attacks every year, one would assume that they would be doing their utmost to protect citizens' sensitive information.</p><p>"We are shocked to discover that the majority of councils' data breaches go unreported and that staff often lack basic training in cyber security. Local authorities need to take urgent action and make sure they fulfil their responsibilities to protect citizens."</p><p>Newcastle City Council blamed human error <a href="https://www.itpro.com/security/29075/newcastle-city-council-blames-human-error-for-data-breach" target="_blank" data-original-url="https://www.itpro.com/security/29075/newcastle-city-council-blames-human-error-for-data-breach">for a breach that saw thousands of adopted children's data leaked</a> in an email attachment last summer, while <a href="https://www.itpro.com/security/28844/gloucester-city-council-fined-100000-over-heartbleed-hack" target="_blank" data-original-url="https://www.itpro.com/security/28844/gloucester-city-council-fined-100000-over-heartbleed-hack">the Information Commissioner's Office (ICO) fined Gloucester City Council 100,000</a> for falling foul of the Heartbleed hack in 2014.</p><p>Raj Samani, chief scientist and fellow at McAfee, criticised the councils for failing to inform citizens of breaches.</p><p>"Unless made aware, potential victims the citizens that they're serving are unable to protect themselves, whether by changing passwords or more closely monitoring for instances of fraud," he said.</p><p>"That said, we will gain nothing by pointing the finger at the IT and security teams. Managing the growing and evolving against a background backdrop of squeezed budgets, local authorities are having to make difficult choices about where their investments should be made."</p><p>Samani added that one solution to this is through automating certain processes, such as removing simple repetitive activities that enable them to put their energy into planning their defences against the wider threat landscape.</p><p>The failure of local authorities to protect against malicious online activity against them comes just after the <a href="https://www.itpro.com/wannacry/30470/all-200-nhs-trusts-fail-latest-cybersecurity-standards" target="_blank" data-original-url="https://www.itpro.com/wannacry/30470/all-200-nhs-trusts-fail-latest-cybersecurity-standards">UK's Department of Health admitted</a> that all 200 NHS trusts assessed for cyber security vulnerabilities failed to meet the required standards, following the devastating <a href="https://www.itpro.com/security/28648/nhs-ransomware-attack" target="_blank" data-original-url="https://www.itpro.com/security/28648/nhs-ransomware-attack">WannaCry ransomware attack</a> last summer.</p><p>The malware affected 300,000 computers in 150 countries in May last year, including 48 NHS trusts, also shutting down multiple hospital IT systems as well as companies and universities elsewhere.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Intel faces 32 lawsuits over the Meltdown and Spectre flaws ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/exploits/30245/intel-faces-32-lawsuits-over-the-meltdown-and-spectre-flaws</link>
                                                                            <description>
                            <![CDATA[ Filing suggests there'll be more to come, with customers angry over exploits and Krzanich's shares sale ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">gY9s7PRRvHi4KrXv6ybzRc</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/o2idxyDvHpBjQNhjTU548P-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 19 Feb 2018 09:38:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Lee Bell ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/o2idxyDvHpBjQNhjTU548P-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/o2idxyDvHpBjQNhjTU548P-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Intel is facing at least 32 class action lawsuits over the Meltdown and Spectre chip flaws, which have quickly become two of the biggest security vulnerabilities ever uncovered.</p><p>The chipmaker revealed the number <a href="https://www.intc.com/investor-relations/financials-and-filings/sec-filings/sec-filings-details/default.aspx?FilingId=12559970" target="_blank">in a Securities and Exchange Commission filing</a> it made last week. Thirty are customer class action suits from users that are "seeking monetary damages and equitable relief", while two concern securities, and "allege that Intel and certain officers violated securities laws by making statements about Intel's products and internal controls that were revealed to be false or misleading by the disclosure of the security vulnerabilities".</p><p>On top of these 32 lawsuits, there were a further three shareholder suits filed against Intel, claiming that the company's board and corporate officers committed "breach of duty" in connection to the disclosure of the security flaws and have failed "to take action in relation to alleged insider trading". That related to Intel CEO Brian Krzanich, who sold shares worth $39 million after researchers informed Intel of Meltdown and Spectre.</p><p>Worst still, the filing notes it's likely that further lawsuits around these issues will arise.</p><p>Intel isn't the only tech giant getting sued in relation to the vulnerability. <a href="https://www.itpro.com/information-security-infosec/30324/apple-is-the-latest-firm-to-be-hit-by-class-action-lawsuit-for" target="_blank" data-original-url="https://www.itpro.com/information-security-infosec/30324/apple-is-the-latest-firm-to-be-hit-by-class-action-lawsuit-for">Apple was also hit by a class action lawsuit over the debacle in January</a>. The class action complaint was filed in a San Jose district court.</p><p>Chipmaker AMD has also being sued over claims that it artificially inflated its stock price by keeping quiet about how the Spectre flaws affected its chips.</p><p>Intel's first efforts to patch the vulnerability resulted in performance slowdowns and reboots for many laptops running its chips. It eventually recalled those and <a href="https://www.itpro.com/security/30485/intel-re-issues-meltdown-and-spectre-patches-with-fresh-code-to-rid-users-of" target="_blank" data-original-url="https://www.itpro.com/security/30485/intel-re-issues-meltdown-and-spectre-patches-with-fresh-code-to-rid-users-of">issued fresh patches</a>, which it claims don't have those bugs, earlier this month.</p><p>Meltdown and Spectre affect Intel processors from the last 10 years, and other manufacturers' processors as well. They allow hackers to gain access to data stored on chips' memory that would normally be protected. But no data breaches have yet been reported.</p><p><strong>08/01/2018:</strong> Intel is being taken to court over vulnerabilities in its processors, with plaintiffs in California, Oregon and Indiana all taking legal action against the company.</p><p>The Meltdown and Spectre flaws, which are present in the vast majority of modern processors, could allow hackers to break into the devices and steal sensitive data. However, no data breaches have been reported as yet, even though the vulnerabilities exist in the majority of processors dating from 1995. The flaw wasn't reported until June last year, despite Intel knowing about it since before then.</p><p>The lawyers representing the Californian claimants think there will be more cases coming to light in the coming months, describing it as "one of the largest security flaws ever facing the American public". They are urging Intel to fix the problem and to offer those affected compensation for any losses that have occurred.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/30215/serious-design-flaw-affects-all-intel-chips-from-the-last-decade" data-original-url="/security/30215/serious-design-flaw-affects-all-intel-chips-from-the-last-decade">Serious design flaw 'affects all Intel chips from the last decade'</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/30223/meltdown-and-spectre" data-original-url="/security/30223/meltdown-and-spectre">Meltdown and Spectre: Samsung Galaxy S7 vulnerable to Meltdown hack</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected" data-original-url="/exploits/30478/what-are-meltdown-and-spectre-and-are-you-affected">What are Meltdown and Spectre and are you affected?</a></p></div></div><p>However, for this to happen, businesses and individuals would have to provide solid evidence that they have been adversely affected by the flaws.</p><p>It may be easier for some of the big businesses affected by the vulnerabilities to take action. Legal experts expect cloud service providers to be the leaders in this, with Amazon, Microsoft and Google all having solid reasons to hold Intel to account if it slows their computational capacity.</p><p>An alternative to legal action may be for the cloud providers to demand lower prices on future chips. Kim Forrest, senior equity research analyst at Fort Pitt Capital Group told <a href="https://www.theguardian.com/technology/2018/jan/05/intel-class-action-lawsuits-meltdown-spectre-bugs-computer" target="_blank"><em>The Guardian</em></a>.</p><p>Intel explained it was unable to give any information about the cases. "[Intel] can confirm it is aware of the class actions but as these proceedings are ongoing, it would be inappropriate to comment," the company <a href="https://newsroom.intel.com/news/intel-responds-to-security-research-findings" target="_blank">said in a statement</a>.</p><p>"Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time," the company previously said.</p><p><em>Image: Shutterstock</em></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Linus Torvalds blasts Intel's Meltdown/Spectre patch as "pure garbage" ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/exploits/30350/linus-torvalds-blasts-intels-meltdownspectre-patch-as-pure-garbage</link>
                                                                            <description>
                            <![CDATA[ Meanwhile, Intel tells users not to download the latest patch as it causes too many problems ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">tDo2Mcb4ihdmGLp1htnHtD</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/b6TWFANWjgCMZyAojFogAL-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 23 Jan 2018 11:19:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Lee Bell ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/b6TWFANWjgCMZyAojFogAL-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Linus Torvalds]]></media:description>                                                            <media:text><![CDATA[Linus Torvalds]]></media:text>
                                <media:title type="plain"><![CDATA[Linus Torvalds]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/b6TWFANWjgCMZyAojFogAL-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Linux creator Linus Torvalds has lambasted Intel for the fiasco surrounding its patches for the Meltdown and Spectre flaws, calling the fixes "pure garbage".</p><p>In <a href="https://lkml.org/lkml/2018/1/21/192%20">a post on the Linux kernel mailing list</a>, Torvalds said the patches, part of a rollout of updates for chips dating back through the last decade, "do literally insane things" to the performance of the systems they are installed on. Intel itself found that the patches impact performance <a href="https://www.itpro.com/security/30316/intels-meltdown-and-spectre-patches-cause-reboots-and-hurt-performance" target="_blank" data-original-url="https://www.itpro.com/security/30316/intels-meltdown-and-spectre-patches-cause-reboots-and-hurt-performance">by up to 25% on data centre chips, and 3% to 4% on other systems</a>.</p><p>"They do things that do not make sense," Torvalds said. "That makes all your arguments questionable and suspicious. The patches do things that are not sane. WHAT THE F*CK IS GOING ON?"</p><p>He continued to rant that the patches are "ignoring the much worse issue, namely that the whole hardware interface is literally mis-designed by morons".</p><p>He added: "All of this is pure garbage," and elsewhere: "And I really don't want to see these garbage patches just mindlessly sent around."</p><p>Torvalds' ire appears to be directed at Intel's decision to patch issues that other fixes - like Google's Retpoline fix - already solve - like <a href="https://www.itpro.com/security/30223/meltdown-and-spectre" target="_blank" data-original-url="https://www.itpro.com/security/30223/meltdown-and-spectre">Google's Retpoline fix addressing a branch target injection enabled by Spectre</a>.</p><p>But he also directed his fire at Intel for its plan to remedy the performance hits its patches are creating. Intel's plan seems to be to bypass the performance hits its Indirect Branch Restricted Speculation (IBRS) update causes by making the Meltdown fix optional, introducing it as an additional feature.</p><p>"The whole IBRS_ALL feature to me very clearly says 'Intel is not serious about this, we'll have a ugly hack that will be so expensive that we don't want to enable it by default, because that would look bad in benchmarks'," Torvalds wrote. "So instead they try to push the garbage down to us."</p><p><em>IT Pro</em> has approached Intel for comment on Torvalds' outburst.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/30316/intels-meltdown-and-spectre-patches-cause-reboots-and-hurt-performance" data-original-url="/security/30316/intels-meltdown-and-spectre-patches-cause-reboots-and-hurt-performance">Intel's Meltdown and Spectre patches cause reboots and hurt performance</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/exploits/30299/just-4-of-business-mobile-devices-are-safe-from-meltdown-and-spectre" data-original-url="/exploits/30299/just-4-of-business-mobile-devices-are-safe-from-meltdown-and-spectre">Just 4% of business mobile devices are safe from Meltdown and Spectre</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/30223/meltdown-and-spectre" data-original-url="/security/30223/meltdown-and-spectre">Meltdown and Spectre: Samsung Galaxy S7 vulnerable to Meltdown hack</a></p></div></div><p>It comes as Intel decided to advise customersn not to download their patches, due to the reboots and performance hits they were causing.</p><p><a href="https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners">In a post today</a> on the company's newsroom, the firm's executive vice president, Navin Shenoy, said: "We recommend that OEMs, cloud service providers, system manufacturers, software vendors, and end users stop deployment of current versions on specific platform as they may introduce higher than expected reboots and other unpredictable system behaviour."</p><p>The advisory applies to systems powered by Intel's previous generations of chips, including Broadwell, Haswell, Coffee Lake, Kaby Lake, Skylake, and Ivy Bridge families. Intel apologised for the issues being caused by the patch, but it's likely to not be enough for users with suddenly borked machines.</p><p>"I apologise for any disruption this change in guidance may cause. The security of our products is critical for Intel, our customers and partners, and for me, personally. I assure you we are working around the clock to ensure we are addressing these issues," he added.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Is North Korea hacking computers to mine cryptocurrency? ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/digital-currency/30217/is-north-korea-hacking-computers-to-mine-cryptocurrency</link>
                                                                            <description>
                            <![CDATA[ The Kim Jong-un regime is reportedly mining Monero after most of its international exports were banned ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">bjDvTKmPe28H4MyKgrcRXx</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/nmdNgk7qfudGfqRXXnsdZW-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 03 Jan 2018 11:25:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Edward Munn ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/nmdNgk7qfudGfqRXXnsdZW-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/nmdNgk7qfudGfqRXXnsdZW-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Following new international sanctions that banned many of its exports, North Korea has resorted to new ways of making money, according to a <a href="https://www.bloomberg.com/news/articles/2018-01-02/north-korean-hackers-hijack-computers-to-mine-cryptocurrencies" target="_blank"><em>Bloomberg</em></a> report claiming that Kim Jong-un's regime is using hackers to hijack computers and mine cryptocurrency.</p><p>The news site spoke to Kwak Kyoung-ju, who heads up a hacking analysis team at the South Korean government-backed Financial Security Institute. According to Kwak, a group of hackers known as Andariel hijacked a South Korean company's server last summer and used it to mine $25,000 worth of Monero, a digital currency.</p><p>"Andariel is going after anything that generates cash these days," Kwak said. "Dust gathered over time builds a mountain."</p><p>This news follows the claim from the UK government <a href="https://www.itpro.com/security/28648/nhs-ransomware-attack" target="_blank" data-original-url="https://www.itpro.com/security/28648/nhs-ransomware-attack">that North Korea was behind the WannaCry attack</a> that affected 300,000 computers in 150 countries, including 48 NHS trusts. Victims of WannaCry were faced with a message demanding $800-$1,000 US dollars in Bitcoin in order to unlock their computers.</p><p>Kwak pointed out that the secretive state appears to prefer Monero to Bitcoin, because it's easier to hide and launder. Like Bitcoin, a network of miners verifies Monero transactions, but multiple transactions are combined and "dual-key stealth" addresses are used, making it harder to track both the origin and recipient of funds.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/strategy/28261/bitcoin-news" data-original-url="/strategy/28261/bitcoin-news">Bitcoin news: Major retailers offer support for bitcoin payments</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/strategy/28296/what-is-bitcoin" data-original-url="/strategy/28296/what-is-bitcoin">What is Bitcoin?</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/28648/nhs-ransomware-attack" data-original-url="/security/28648/nhs-ransomware-attack">NHS ransomware: UK government says it's North Korea's fault WannaCry happened</a></p></div></div><p>Cryptocurrency is 'mined' by using powerful computers to solve complex cryptographic puzzles. When a system correctly 'guesses' the solution to a problem, it is rewarded with a predetermined amount of the currency.</p><p>Since January 2017, the price of Bitcoin has increased from $997 (751) to $13,705 (10,114). The price reached an all-time high of $19,850 (14,619) in mid-December, but it has been extremely volatile since then, dropping by as much as $7,000 in the 10 days that followed.</p><p>Jamie Dimon, CEO of JP Morgan, warned last year that the long-term prospect of the cryptocurrency is not strong. "The currency isn't going to work," he said, at a banking conference in New York. "You can't have a business where people can invent a currency out of thin air and think that people who are buying it are really smart." It's hard to imagine this warning will deter the North Korean hackers if the reports are true - after all, when you're using someone else's computer to mine, there's really nothing to lose."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Keylogger discovered in hundreds of HP laptops ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/spyware/30129/keylogger-discovered-in-hundreds-of-hp-laptops</link>
                                                                            <description>
                            <![CDATA[ HP patches touchpad driver, but hackers could exploit flaw to spy on users ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">mbgFmhkM5mEWpcvg4Ff5PT</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/Wg5AScyfVfbDYaiL9foTQL-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 11 Dec 2017 15:14:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Data Breaches]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Joe Curtis ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/Wg5AScyfVfbDYaiL9foTQL-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/Wg5AScyfVfbDYaiL9foTQL-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>More than 450 HP laptop models have a keylogger hidden away in a driver, forcing HP to issue patches for the affected devices.</p><p>The keylogger, found in Synaptics' touchpad software, is disabled by default, but hackers could potentially enable it if they had access to a computer by elevating user privileges, <a href="https://zwclose.github.io/HP-keylogger" target="_blank">said Michael Myng</a>, the researcher who discovered the flaw.</p><p>Commericial workstations, consumer laptops and other HP products contain the flaw, including <a href="https://www.itpro.com/laptops/28986/hp-spectre-x360-review-redesigned-redefined-and-powerful" target="_blank" data-original-url="https://www.itpro.com/laptops/28986/hp-spectre-x360-review-redesigned-redefined-and-powerful">Spectre devices</a>, Pavilion devices, <a href="https://www.itpro.com/desktop-replacements/26665/hp-zbook-15u-g3-review" target="_blank" data-original-url="https://www.itpro.com/desktop-replacements/26665/hp-zbook-15u-g3-review">ZBooks</a> and others.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/laptops/28986/hp-spectre-x360-review-redesigned-redefined-and-powerful" data-original-url="/laptops/28986/hp-spectre-x360-review-redesigned-redefined-and-powerful">HP Spectre x360 review: Redesigned, redefined and powerful</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/laptops/23742/best-laptops" data-original-url="/laptops/23742/best-laptops">Best business laptops 2023: Top business notebooks from Acer, Asus, Dell, Apple and more</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/chief-executive-officer-ceo/30008/meg-whitman-calls-it-a-day-as-hpe-ceo" data-original-url="/chief-executive-officer-ceo/30008/meg-whitman-calls-it-a-day-as-hpe-ceo">Meg Whitman calls it a day as HPE CEO</a></p></div></div><p>"A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners," an HP statement on its <a href="https://support.hp.com/us-en/document/c05827409" target="_blank">security bulletin</a> read.</p><p>"A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue."</p><p>Myng discovered the issue when trying to control the backlighting of an HP keyboard, noticing a format string for a keylogger when looking through the keyboard driver. Unable to find an HP laptop to test his findings, he contacted HP directly.</p><p>"They replied terrificly [sic] fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace," he said.</p><p>HP claims the keylogger in Synaptics' touchpad was created to debug errors. If activated however, a hacker could track every letter a laptop user typed.</p><p>Worth updating with a quick line - they say sorry and working on updating drivers with a patch, don't give people admin access in the meantime</p><p>A Synaptics spokesperson apologised for the error and advised users to change their admin settings to prevent anyone taking advantage of the flaw before it's fixed.</p><p>"Synaptics is working closely with our PC customers to update drivers and to deploy them to address security concerns," they said. "Synaptics also recommends using best practices by restricting admin access to any system as anyone with this level of access can potentially install malware or other anti-privacy software irrespective of whether the debug tool is on or off."</p><p>They added: "In our new normal of heightened concern for security and privacy, Synaptics would like to apologise for any concerns that our debug tool may have raised. We have a path to immediately address this issue and other security concerns should they arise."</p><p>A keylogger was also discovered in Synaptics subsidiary Conexant's audio drivers, also installed in HP laptops, <a href="https://community.spiceworks.com/topic/1993834-keylogger-in-hp-audio-driver" target="_blank">back in May</a>.</p><p>An HP spokesperson said: "HP was advised of an issue that exists with Synaptics' touchpad drivers that impacts all Synaptics OEM partners. HP uses Synaptics' touchpads in some of its mobile PCs and has worked with Synaptics to provide fixes to their error for impacted HP systems, available in the <a href="https://support.hp.com/us-en/document/c05827409" target="_blank">security bulletin</a> on HP.com. HP has no access to customer data as a result of this issue."</p><p><em>Picture: HP Spectre x360/Credit: IT Pro</em></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ 3 reasons why Nadine Dorries is totally wrong about password sharing ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/30089/3-reasons-why-nadine-dorries-is-totally-wrong-about-password-sharing</link>
                                                                            <description>
                            <![CDATA[ Frustration abounds as MPs expose their backwards security practises ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">uiCsMdYaUAaaM2z13NyyhB</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/T5otn7g3g38REfj2ZVHKvY-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 04 Dec 2017 17:33:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Data Breaches]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Adam Shepherd ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/3n2BoLAtRj8Z5eRfxtwyK8.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/T5otn7g3g38REfj2ZVHKvY-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[facepalm sad social media]]></media:description>                                                            <media:text><![CDATA[facepalm sad social media]]></media:text>
                                <media:title type="plain"><![CDATA[facepalm sad social media]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/T5otn7g3g38REfj2ZVHKvY-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Shh - what's that? If you listen very, very carefully, you'll hear it; it's the sound of countless security experts smashing their heads against their keyboards in frustration. The cause, <a href="https://www.itpro.com/security/28380/deeply-misguided-tech-industry-rejects-rudd-s-attack-on-encryption" target="_blank" data-original-url="https://www.itpro.com/security/28380/deeply-misguided-tech-industry-rejects-rudd-s-attack-on-encryption">as so often before</a>, is the government's laughable attitude to data privacy and cyber security.</p><p>Where to begin with this latest shambles? You may recall that First Secretary of State Damian Green was allegedly found to have rude and naughty pictures of the pornographic variety on his government-issued computer, which Green denies.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/29705/what-are-biometrics" data-original-url="/security/29705/what-are-biometrics">What are biometrics?</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/28576/dreaming-of-a-world-without-passwords" data-original-url="/security/28576/dreaming-of-a-world-without-passwords">Dreaming of a world without passwords</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/29093/what-is-phishing" data-original-url="/security/29093/what-is-phishing">What is phishing?</a></p></div></div><p>Nadine Dorries, Conservative MP for Mid Beds, leapt to Green's defence over the weekend, pointing out that if porn was found on Green's computer, it may not have been him who was downloading and/or viewing it on taxpayer time. After all, she said, her staff use her login to access her official computer all the time. Even interns on exchange programmes!</p><p>Er, sorry... What?</p><p>Yes folks, you read that correctly - Dorries is so free and easy with her access credentials that she even hands them out to visiting exchange students. To make matters worse, several of her fellow MPs admitted they also share their login details with staff, including Nick Boles, Will Quince and Robert Syms.</p><p>Of course, Dorries was quick to downplay the seriousness of her actions, stating that all she has on her computer is a shared email account, with no access to government documents. Boles, similarly, said that only the four people he employs to deal with correspondence from constituents have access to the passwords, which are regularly changed.</p><p>For the avoidance of doubt, let's be crystal clear: this is a dangerous, insecure and irresponsible practice. Under no circumstances should anyone be sharing one login between multiple staff members. There are numerous ways to ensure staff members can access a shared computer, mailbox or file storage system without having one login that simply gets passed around, and the fact that government MPs are apparently not using any of them is extremely alarming.</p><p>Dorries and co claim that sharing their login with staff isn't an issue, but let's take the time to unpick some of the many, many problems with these arguments.</p><p>Firstly, there's the issue of lateral movement. Dorries says that the only thing on the computer is a shared email account. Even if that's true, the computer itself is 'Westminster-based', and is likely to be connected to some kind of internal network. This opens up the possibility for lateral movement, using Dorries' machine as a way to gain access to a more important target within the network.</p><p>Then there's the issue of data protection. The shared mailbox used by the staff of Dorries and Boles presumably contains at least a partial list of constituents' names and email addresses, along with who knows what additional information shared as part of their correspondence. Behaviour like this puts all of that information at risk.</p><p>Last but not least, accountability is the biggest problem with using a shared login - and one that is best illustrated, ironically, by the very issue that prompted Dorries' admission in the first place. She is quite right in stating that if Green's access credentials were shared by his staff, there's no way of proving that it was him that was allegedly looking at porn, but that's a huge problem.</p><p>Let's imagine that, instead of perusing some nudes, the First Secretary of State was instead accused of using his computer to <a href="https://www.itpro.com/antivirus/30085/kaspersky-offers-hackers-100000-for-spotting-bugs" target="_blank" data-original-url="https://www.itpro.com/antivirus/30085/kaspersky-offers-hackers-100000-for-spotting-bugs">leak classified intelligence data to Russian agents</a>. With a single shared login, it's virtually impossible to trace the source of the leak back to the mole. If everyone has their own credentials, it's instantly obvious.</p><p>The concept of not sharing your username and password with anyone is a basic, fundamental tenet of cyber security best practice, and the tools to ensure that you shouldn't need to share your credentials have existed for years. Considering that the Tories are supposed to be the party of business, its own staff seem to be <a href="https://www.itpro.com/public-sector/29288/whatsapp-amber-not-getting-the-message" target="_blank" data-original-url="https://www.itpro.com/public-sector/29288/whatsapp-amber-not-getting-the-message">trailing laughably far behind the curve</a> when it comes to keeping up with industry security standards - which would be funny if it wasn't so alarming.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ The importance of endpoint security ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/28968/the-importance-of-endpoint-security</link>
                                                                            <description>
                            <![CDATA[ Enterprise grade firewalls and rock solid server security is all well and good, but what about your printers? ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">pm91YVpMo3jFxyVCKJR6uM</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/QFQg8o9yksqxdQXMQWhDKh-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 30 Jun 2017 14:16:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                <author><![CDATA[ itpro@futurenet.com (ITPro) ]]></author>                    <dc:creator><![CDATA[ ITPro ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/QFQg8o9yksqxdQXMQWhDKh-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/QFQg8o9yksqxdQXMQWhDKh-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Network security is a huge issue, one which has gained significant public awareness after the WannaCry ransomware attack of May 2017 so badly affected the UK's National Health Service. But this was just the highest-profile incursion of the last few years. The potential dangers are there every day, for every company. <a href="https://www.beaming.co.uk/press-releases/cyber-security-breaches-cost-businesses-30-billion">Research by business ISP Beaming</a> calculated that cyber security breaches cost UK businesses 30 billion in 2016.</p><p>The most common areas where hackers focus their attention when trying to gain access to a corporate network are endpoints, which often sit outside the control of the corporate network. Traditionally, endpoints would be portables like laptops, and most recently smartphones. But printers can be endpoints too, and extremely vulnerable to attack. Most companies don't even realise their printers are so exposed, nor how dangerous it can be if these devices are compromised. </p><p>An endpoint device can in theory be any computer device with Internet connectivity hooked up to a TCP/IP network, and the range of kit fitting into this definition is growing all the time. Attention has recently been focusing on Internet of Things IoT - devices, which can have cheap mass-produced firmware that's as easy to hack into as a watermelon. Corporate network printers might not be as exposed to the outside world as a Wi-Fi-connected lightbulb from an unheard-of brand, since a printer will probably sit behind an industrial-strength firewall. But most network printers have a combination of features that make them ideal endpoints for attack.</p><p>The processing power required for handling multi-page, sometimes full colour print jobs as quickly as possible means printers have fast CPUs, plenty of memory, and sizeable local storage. Yet, whilst they may be running software that keeps print jobs private to the owner via passcode or NFC-chipped identity card, the device itself may not be so impervious, and that can lead to all manner of issues. This possibility was brought to the fore when a UK teenager recently hacked into around 150,000 Internet-connected printers and configured them to output ASCII art and other messages.</p><p>Once the printer itself is compromised, everything going through it will be too. Even if a job was sent to the printer in a secure fashion, it will be unencrypted and any password protection negated as the user logs in. Also, if a user employs the same password for their general network login as they do for accessing a printer to run jobs, copy, or scan, then that security information could be captured by the malware infection and passed outside for criminal usage elsewhere on the network. HP's <a href="https://hp.com/TheWolf">The Wolf</a> videos illustrate how endpoints, particularly printers, can be used to find a way into a network to steal valuable data.</p><p>Even a print job itself can contain the necessary malware code to compromise a printer. A seemingly innocuous attachment to an email that looks like just a printable image might have embedded within it the necessary code in the print stream to compromise the printer's firmware. This can then be used to circumvent the company's firewall by capturing data inside the protected area as it travels unencrypted across the local area network. This could include sensitive financial information, with potentially costly implications if this is stolen.</p><p>Whilst individual endpoints can be made more secure, HP provides a fully managed infrastructural approach that protects endpoints whilst also making it possible to monitor them over the network. Laptops and printers can be secured at the BIOS level. HP SureStart, for example, is available on EliteBook laptops and HP's business printers. This is a self-healing system that restores the BIOS to a safe state if BIOS integrity has been compromised.</p><p>With printers, the next stage is checking that the firmware matches a white list of FutureSmart digitally signed versions, and if not, the device will reboot. If the firmware passes, HP JetAdvantage Security Manager will then check that device security settings are correct. Finally, run-time intrusion detection looks out for anomalies in everyday firmware and memory operations that would indicate an attack, and reboots the device if this is indicated. The process then begins again with SureStart, flushing out any compromised code in the process.</p><p>This isn't just a standalone device approach, though. HP's management software will detect attacks across a fleet of devices and provide monitoring and protection, via JetAdvantage Security Manager. This lets you create a policy that is to be applied across the fleet of devices, and then apply it. HP Security Manager will ensure that this policy is applied every time a device is reset. Any non-compliance with the policy can be detected, reported, and then corrected. It's even possible to provide risk assessment reporting across the fleet, identifying less secure devices with older firmware or that lack SureStart, whitelisting or run-time intrusion detection.</p><p>The threat of printer compromise has only recently become widely recognised, and HP is at the forefront of providing solutions that prevent these attacks from occurring. But the threat landscape is constantly evolving, and new threats are appearing all the time. It's an arms race, where new endpoints become the focus of attack, and new protections must be put in place. But with the right security partner that is dedicated to researching not just current threats but those around the corner, endpoint defence can keep pace so your company remains secure.</p><p><a href="http://www8.hp.com/us/en/solutions/security/thewolf.html" target="_blank"><em>Find out why endpoint security is so important.</em></a></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Bitdefender Total Security 2013 review ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/642061/bitdefender-total-security-2013-review</link>
                                                                            <description>
                            <![CDATA[ The latest edition of the anti-virus software incorporates remote management tools and introduces Safepay, a feature which aims to safeguard online transactions. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">3qqjR8xtwvYPohujTeMJkW</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/EbXes73YCBJbZJ2jp68h85-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 02 Aug 2012 09:00:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/EbXes73YCBJbZJ2jp68h85-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Bitdefender 2013]]></media:description>                                                            <media:text><![CDATA[Bitdefender 2013]]></media:text>
                                <media:title type="plain"><![CDATA[Bitdefender 2013]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/EbXes73YCBJbZJ2jp68h85-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Bitdefender Total Security 2013 not only provides anti-virus protection, it comes an online protection tool, anti-theft management features and 2GB of cloud storage.</p><p>Upon installation, the suite defaults to an "Autopilot" mode. This makes all the important decisions about protection instead requiring user interaction. In theory a PC running this software should be much more protected against malware as the intelligence is built into the code, rather than the knowledge of the user.</p><p>It also means that interaction with the software is kept to a minimum. There is barely a whisper about what the software is doing; no constant display of pop-ups to tell you what has been blocked and why. It just appears to get on with its work while you do likewise.</p><p>On start-up, the suite goes about getting ready to protect the PC from threats. It scans the PC and simultaneously downloads updates to the software to protect against current threats. It also shows installation as three progress bars.</p><p>Where it does allow interaction is in its "Configure Product Behavior" settings. This allows the user to change how the product protects the system. Again, keeping everything to a minimum, you can turn the Autopilot on or off as well as toggle another setting "Automatic Game mode". This allows users to change settings of the product so that it doesn't interfere with any software the user may running while maintaining security settings on the PC.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="x4tZrGZXZ4GAq8yztBPMEd" name="" alt="Bitdefender - Dashboard" src="https://cdn.mos.cms.futurecdn.net/x4tZrGZXZ4GAq8yztBPMEd.jpg" mos="https://cdn.mos.cms.futurecdn.net/x4tZrGZXZ4GAq8yztBPMEd.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p><em>Most users will be content with using the Autopilot mode, but power users can tinker with settings</em></p><h2 id="dashboard">Dashboard</h2><p>The dashboard allows the user to see the status of the systems and access the product modules. Interaction is kept to a minimum and four initial modules (Anti-virus, Anti-spam, Privacy and Firewall) can be toggled on and off. This is not to say that further customisation is impossible.</p><p>Power users can delve deeper into settings to change them, but for the most part the design of the product is aimed at discouraging the user from doing so. On the dashboard there are another six modules that can be accessed by clicking on the left and right icons on the dashboard.</p><p>In keeping with aim of making the product accessible to non-power users, a desktop widget can be enabled to alert users of are any pending notification events as well as firewall and antivirus activity.</p><h2 id="antivirus">Antivirus</h2><p>As with any security product, antivirus forms the core part of the suite. This module has much to offer in terms of functionality. The autoscan feature kicks in when performance is not needed elsewhere on the computer. It also sports real-time protection that scans files and data as and when the user accesses them. There are further options behind the autopilot that allows users to carry out quick, full or custom scans, and a vulnerability module that looks for Windows and application updates as well as weak user account passwords.</p><p>The scans will only be as quick as the underlying hardware. Our test computer (a three-year-old Dell Vostro) carried out a quick scan in four minutes while a full scan edged closer to 17 minutes.</p><p>The vulnerability scan is useful for tracking down patches and updates that can be overlooked on many a PC. As well as tracking critical and optional Windows updates it also looks for application updates for browsers, applications and Flash and Java plugins, to name but a few.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="Gi3xPBDCZpgSKmGRDbnLLL" name="" alt="Bitdefender - Antivirus protection" src="https://cdn.mos.cms.futurecdn.net/Gi3xPBDCZpgSKmGRDbnLLL.jpg" mos="https://cdn.mos.cms.futurecdn.net/Gi3xPBDCZpgSKmGRDbnLLL.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p><em>Virus protection is still the primary function, but the speed of scans will depend on hardware</em></p><h2 id="firewall">Firewall</h2><p>Although interaction is kept to a minimum, a brief check of the firewall settings would not go amiss. This is because some features appear to be disabled by default. We felt that we would be afforded more protection by enabling the intrusion detection system to prevent malware installing itself.</p><p>Power users are catered for with more configurable settings. Interesting to note here is the "Paranoid Mode" which alerts the user every time a new application tries to connect to the internet.</p><p>Should you not wish to trust Autopilot, there are a plethora of application rules that can be configured. These include; program path, local address, remote address, network type, events, protocols, IP versions and permissions.</p><h2 id="safepay">Safepay</h2><p>One of the new features of Bitdefender Total Security 2013 is Safepay. This aims to make financial transactions carried out on the internet safer by running them in a protected browser (based on Google Chrome) isolated from the rest of the system. While it defends against keyloggers, the browser has no access to other desktop programs, such as password managers. This may add extra effort to the user, but it presumably is one Bitdefender thinks is necessary to protect the user from loss.</p><p>Another addition is the anti-theft module. This requires a Bitdefender account which can be used to locate lost or stolen laptops via the firm's website. It can also wipe data to ensure thieves can't access it.</p><h2 id="extra-features">Extra features</h2><p>The product doesn't limit itself to computer security. It also offers a range of performance tools designed to tune up a user's PC. It will find and erase useless files, delete invalid or outdated registry items as well as tidy up your browsing and computer history. It also sports a "Performance Optimiser" tool which displays memory and CPU usage, although this feels more like a re-skinned task manager with few features beyond that.</p><p>There is also a Safebox feature, which is an online cloud storage facility with 2GB of free storage. For tweeters and Facebookers there is social network protection too. This looks at links posted by others on social networking sites for malware and other security concerns. There is also a USB immuniser to scan flash drives as soon as they are plugged into a computer's USB port.</p><h2 id="overall">Overall</h2><p>Although the application takes time to download and install as well as update virus definitions, once running it consumes few resources compared to other security suites available. The autopilot mode beavers away in the background without the user having to worry too much as to whether they are being protected enough. It also gives power users the assurance they need with options to configure the suite themselves.</p><figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="GGTgtQXTWh5XnWT2mRJGDZ" name="" alt="ITPRO Value award" src="https://cdn.mos.cms.futurecdn.net/GGTgtQXTWh5XnWT2mRJGDZ.jpg" mos="https://cdn.mos.cms.futurecdn.net/GGTgtQXTWh5XnWT2mRJGDZ.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><h2 id="verdict-3">Verdict</h2><p>Bitdefender 2013 provides users with the option to automate or tightly monitor protection. The additional payment protection and remote management features make this an excellent all-round product. With the performance and storage features included in the suite, this makes the product a bargain at £54 to protect up to three computers.</p><p>Minimum requirements: Operating system: Microsoft Windows XP SP3 (32 bit) , Vista (SP2), Microsoft Windows 7 (SP1), Microsoft Windows 8 CPU: 800MHz processor Memory (RAM): 1 GB Available free hard disk space: 1.8 GB free space (at least 800 MB on the system drive) Recommended system requirements: Operating system: Microsoft Windows XP SP3 (32 bit), Vista (SP2), Microsoft Windows 7 (SP1), Microsoft Windows 8 CPU: Intel CORE Duo (1.66 GHz) or equivalent processor Memory (RAM): 1 GB (Microsoft Windows XP) 1.5 GB (Microsoft Windows Vista, Microsoft Windows 7 and Microsoft Windows 8) Available free hard disk space: 2.8 GB free space (at least 800 MB on system drive) Software requirements: Internet Explorer 7 and higher .NET Framework 3.5 (automatically installed by Bitdefender if necessary) Supports/Integrates with: Firefox 3.6 and higher Thunderbird 3.0.4 Outlook 2007, 2010 Outlook Express and Windows Mail on x86</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Photos: Kid-friendly tech at BETT ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/619420/photos-kid-friendly-tech-at-bett</link>
                                                                            <description>
                            <![CDATA[ A roundup of some of the more interesting new technologies on display at education show BETT. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">w9ACpiqZfPfvXyTphRnRPV</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/GcKa9cVhkcQ4fVyAcUniQh-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 13 Jan 2010 14:12:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Laptops]]></category>
                                                    <category><![CDATA[Hardware]]></category>
                                                                                                                    <dc:creator><![CDATA[ Nicole Kobie ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/GcKa9cVhkcQ4fVyAcUniQh-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[BETT show floor]]></media:description>                                                            <media:text><![CDATA[BETT show floor]]></media:text>
                                <media:title type="plain"><![CDATA[BETT show floor]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/GcKa9cVhkcQ4fVyAcUniQh-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Forget pencils and paper, today's kids have much more interesting learning tools in their classrooms: 3D projectors, fingerprint scanners, ruggedised notebooks, Lego-based robots and more.</p><p>All this was on show at the BETT educational technology show at Olympia in London.</p><p>Stand after stand displayed the all-important back-end tech as well as tried-and-tested school-friendly gadgets like netbooks and interactive whiteboards, but there was plenty of room at the massive show for some more unique - and brightly coloured - devices too.</p><p><em>IT PRO</em> uncovered the new USB-based NComputing system, 3D projectors, do-it-yourself robots and more. Click through the <a href="https://www.itpro.com/619420/photos-kid-friendly-tech-at-bett" target="_blank" data-original-url="https://www.itpro.com/619420/photos-kid-friendly-tech-at-bett">photo gallery for pictures and details</a>.</p><p>Are you attending BETT this week? Have you stumbled across any great tech? Let us know at <a href="mailto://comments@itpro.co.uk" data-original-url="mailto:comments@itpro.co.uk">comments@itpro.co.uk</a>.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Five biometric technologies businesses could use ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/608235/five-biometric-technologies-businesses-could-use</link>
                                                                            <description>
                            <![CDATA[ Could fingerprint and retina biometrics be rendered out of date by new tech such as vein pattern recognition? ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">j1vYWpPgd3uS2VvqCZxhTG</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/qZBFkyiQEyWKyNq8nhygeN-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 13 Nov 2008 14:00:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Asavin Wattanajantra ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/qZBFkyiQEyWKyNq8nhygeN-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/qZBFkyiQEyWKyNq8nhygeN-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>There is no doubt that the use of biometric technology is going to play an increasing role in the future.</p><p>This includes tech that we're used to - such as fingerprint and retina scanning - to new ways of authentication involving vein patterns in fingers to odour recognition.</p><p>With the public sector, biometric data will be used for the <a href="https://www.itpro.com/608031/timeline-how-national-id-cards-have-become-a-reality" target="_blank" data-original-url="https://www.itpro.com/608031/timeline-how-national-id-cards-have-become-a-reality">National ID card scheme</a>, and is going to be the main form of authentication when it comes to people coming in and out of the UK. It's also been used in defence, law enforcement and other areas.</p><p>However, developers will also target the technology increasingly at the private sector as businesses struggle with security controls.</p><p>Biometric technology can be used alone or integrated with other authentication technology, and would negate the need for passwords or swipe cards which can be easily lost.</p><p>Physiological biometrics</p><p>This is the type of biometrics that most people are familiar with, and involves traits related to the shape of the body such as fingerprints, face and iris recognition.</p><p>Fingerprint biometrics will be used for the <a href="https://www.itpro.com/business/public-sector" target="_blank" data-original-url="https://www.itpro.com/607977/businesses-to-fingerprint-customers-for-id-cards">National ID scheme</a>, and are already being used for <a href="https://www.itpro.com/security" target="_blank" data-original-url="https://www.itpro.com/155181/fingerprint-visas-go-global-ahead-of-schedule">many visa applicants</a> and border controls.</p><p>The police forces will also <a href="https://www.itpro.com/607575/police-get-mobile-fingerprint-scanners" target="_blank" data-original-url="https://www.itpro.com/607575/police-get-mobile-fingerprint-scanners">use mobile fingerprint scanners</a>. The smartphone-sized devices will be able to scan a suspect's fingerprints, comparing them to a national biometric database.</p><p>The <a href="http://www.bia.homeoffice.gov.uk/managingborders/technology/iris" target="_blank">Iris Recognition Immigration System</a> (IRIS) is in use at many UK airports, with the benefits of fast automated entry though border controls for those who sign up.</p><p>Also this year, new <a href="https://www.itpro.com/605589/face-scanning-border-tech-tested-at-manchester-airport" target="_blank" data-original-url="https://www.itpro.com/605589/face-scanning-border-tech-tested-at-manchester-airport">facial recognition technology</a> was being trialled at Manchester Airport, which would compare passengers' face to images held in their passports.</p><p>Vein pattern recognition</p><p>Fingerprint and retina biometrics could be replaced by a Japanese biometric system which identifies people from the patterns of veins inside their fingers.</p><p>Companies in Europe have already started to roll out the technology created by Hitachi, with <a href="http://www.easydenticgroup.org" target="_blank">Easydentic Group</a> just announcing that it was going to use the finger vein security in door access systems for UK and Europe. It can also be used for PC login devices.</p><p>Japanese banks have used the technology widely in the last couple of years, with thousands of cash machines using finger vein biometrics. About 80 per cent of Japanese financial institutions have adopted the system.</p><p>The system captures images of the vein patterns inside a person's finger, which allows an image to be recorded on a CCD camera. The vein patterns are unique like other biometric data, but as they are inside the body it would be virtually impossible to replicate.</p><p>Voice biometrics</p><p>Banks and financial services have already been using biometric technology for a while, as the nature of what they do makes security a prime concern.</p><p>For example, Allied Irish Banks deployed a <a href="https://www.itpro.com/124774/aib-deploys-voice-biometrics-for-password-resets" target="_blank" data-original-url="https://www.itpro.com/124774/aib-deploys-voice-biometrics-for-password-resets">voice-biometrics password reset service</a>, which allowed employees to reset passwords using a voice verification system.</p><p>It verifies the voice from a voice print and tells them what the new password is after it is reset, therefore eliminating the need to call helpdesk staff.</p><p>Gait biometrics</p><p>Researchers from the University of Southampton could check airport and event security simply by taking a few steps with a <a href="https://www.itpro.com/107743/biometrics-tunnel-to-simplify-security-and-id-checks" target="_blank" data-original-url="https://www.itpro.com/107743/biometrics-tunnel-to-simplify-security-and-id-checks">gait recognition system</a> .</p><p>A tunnel in a camera-lined corridor measures and processes data such as gait, height and body shape as people walk through it.</p><p>Using digital cameras, measurements are taken which can build a 3D model. As human gait is unique, it can be used in security to check the person who is going through security checks and the person who is boarding the plane is the same person.</p><p>Odour biometrics</p><p>An American study by the Monell Chemical Senses Centre revealed that each person has a unique body odour, which could be used like fingerprints to identify them.</p><p>Even if an individual varied their diet by using strong smelling smells, unique biologically-based odourprints could be an reliable form of identification.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Is the password ill-equipped for the modern world? ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/608022/is-the-password-ill-equipped-for-the-modern-world</link>
                                                                            <description>
                            <![CDATA[ It’s been around since pretty much the dawn of computing, but can the humble password ever again be regarded as secure? ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">enM1WhYdi88ftf1N7SsARH</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/b26xFFzZywDGjH38eBpPte-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 07 Nov 2008 10:33:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Simon Brew ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/b26xFFzZywDGjH38eBpPte-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[padlock on a laptop]]></media:description>                                                            <media:text><![CDATA[padlock on a laptop]]></media:text>
                                <media:title type="plain"><![CDATA[padlock on a laptop]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/b26xFFzZywDGjH38eBpPte-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>IT departments the world over would no doubt share in the feeling that no matter how much time and effort you put into an IT infrastructure, there's little you can do to legislate against human beings.</p><p>More specifically, the actions of users who have an unmatched ability to put the best laid plans to waste. We've seen it several times of late, with Government officials losing memory sticks, discs going walkabout in the post, and confidential data appearing on the streets seemingly like chewing gum gets attracted to a pavement. And that's just the stuff they tell us about.</p><p>Yet, while usually generating less headlines, an increasing number of IT workers are citing the humble password as one of the biggest security threats that they face. And you can't help but see their point. After all, a word that can be as short as six characters long is often the only real line of defence between an organisation's network and the outside world.</p><p>And unsurprisingly, that's simply not being seen as enough.</p><p>The issues</p><p>The password has ridden on the back of the computer revolution of the past few decades, and has arguably become the one facet of security that users have the most trouble with. Not because they're unable to come up with a password, or anything of that ilk. No, the problems run deeper than that.</p><p>For this word, that is a key of sorts to a company's technological infrastructure, is either easy to guess, frivolously given out, or worst of all stuck to the monitor on a Post-It note. DTI research in 2007, that we <a href="https://www.itpro.com/115920/human-error-biggest-threat-to-computer-security" target="_blank" data-original-url="https://www.itpro.com/115920/human-error-biggest-threat-to-computer-security">previously reported on</a>, found that over a third of users recorded their password somewhere close to their terminal.</p><p>Furthermore, researchers in the past have even found that brazenly walking up to strangers on the street and asking people their password has a higher than expected success rate, thus immediately rendering moot whatever security infrastructure has been put in place. If people will tell a password to strangers, how more likely are they to blab it to people that they do know?</p><p>Yet no matter what level of business people operate at, it seems that passwords have rarely been more compromised. And what's more, it's not just the passwords themselves that are the problem, but the follow-up level of security that's been put in place to protect them. After all, most of us have forgotten a password at some point in our life, or needed it to be reset. But the process of doing just that can be equally fraught with holes.</p><p>Presidential passwork cracking</p><p>The most obvious high-level example in recently was Republican nominee for the US Vice-Presidency, Sarah Palin. Her Yahoo email password was quickly and easily beaten by a sole hacker. In under an hour, potentially one of the most powerful politicians in the world had found her e-mail account accessed, and select details leaked onto the web.</p><p>How was this achieved? Simple. The hacker in question worked out the relatively easy to discover answers to Palin's security questions and these tend to vary between memorable places, names of pets and such like (information that's often freely given away on social networking sites) and managed to get her password reset. Through a simple Forgotten Your Password?' link lay the tools to access someone's entire e-mail account.</p><p>Now granted, the protection afforded to webmail doesn't tend to equal that of a proper company infrastructure, but how many employees of big companies don't have a webmail account? And how many can say they do no confidential work business whatsoever through a webmail service? Not for nothing are such services the bane of an IT department's life.</p><p>Furthermore, around a quarter of users are believed to have a password that's based around the 1,000 most popular, lists of which aren't tricky to gleam from the web. A brute force attack on a password, using modern computing power, could devour such a list in a matter of minutes. Adding some of the most popular suffixes to the recipe would still fail to trouble a brute force attack. And more worryingly, users continue to demonstrate a willingness to either share their password with others, or simply make it so easy to guess, that it's borderline redundant.</p><p>Stuck in their ways</p><p>To further compound the problem, once many users have decided on their password, then that's it. There's no hope of persuading them to change it, unless a network has a specific policy that enforces such a change (which is, arguably, of limited use).</p><p>Of greater concern, one single password then gets applied pretty much across the board. It finds itself standing between outsiders and the likes of online banking, PayPal, social networking sites and business accounts, and rarely under duress could it put up any kind of spirited defence. That said, this is also a by-product of the modern day society, where users are expecting to remember a cornucopia of PINs and passwords. It is any wonder that a good number of people tend to rely on old favourites?</p><p>So where does the password sit in the modern day world? Arguably in too powerful a position seems to be the answer. Companies are inevitably investigating ways they can beef this up, including employing password filtering software, which rejects any words that it feels are too weak, and instead encourages users to come up with something of more strength. Then, of course, we move into the world of biometrics and fingerprint scanners, when security is absolutely paramount, with an assortment of other solutions regularly arising too.</p><p>And yet the humble password should be able to do more than it currently delivers. As part of a rounded security system, the password still manages to keep most general and casual users at bay, and it does still take a small level of commitment to try and work out what a user's password is. There's an argument that runs that dedicated hackers will always find a way, and while that's little excuse for not making it as difficult as possible, as a general deterrent, a password really does have its place.</p><p>They key problem remains, of course, one of education. Until users fully appreciate the potential fallout of a compromised password or until, more specifically, something happens to them then the chances are that it'll still be seen as yet another word to remember, rather than the potent security tool that it could and should be.</p><p>One hint though, if you happen to be running for high office in the US: beef up your security a bit, eh?</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Week in Review: Move over Vista, Windows 7 is in the works ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/607800/week-in-review-move-over-vista-windows-7-is-in-the-works</link>
                                                                            <description>
                            <![CDATA[ Bill Gates may have gone, but Microsoft still has the ability to make the IT community sit up and take notice. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">r55ipjBU5pmacUnui4T2zf</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/VM5FwsvMUxfJhiuwQirMmP-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 31 Oct 2008 11:52:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Android]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Google]]></category>
                                                                                                                    <dc:creator><![CDATA[ Asavin Wattanajantra ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/VM5FwsvMUxfJhiuwQirMmP-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/VM5FwsvMUxfJhiuwQirMmP-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>It looks like Microsoft has virtually given up on Vista as a enterprise-wide replacement for Windows XP as the <a href="https://www.itpro.com/607662/windows-7-sounds-death-knell-for-vista" target="_blank" data-original-url="https://www.itpro.com/607662/windows-7-sounds-death-knell-for-vista">covers were pulled off Windows 7</a>.</p><p>According to Microsoft management, the new platform in development will not suffer from the performance and compatibility problems that have beset Vista. A public beta will be released early in 2009, and it has also been hinted that it will be officially released as soon as late 2009 or early 2010.</p><p>Microsoft also made its move into the cloud' with a preview of a new utility computing platform called <a href="https://www.itpro.com/607620/microsoft-unveils-azure-cloud-computing-platform" target="_blank" data-original-url="https://www.itpro.com/607620/microsoft-unveils-azure-cloud-computing-platform">Windows Azure</a>.</p><p>It was also a week of security with <a href="https://www.itpro.com/607617/rsa-europe-photos-and-news" target="_blank" data-original-url="https://www.itpro.com/607617/rsa-europe-photos-and-news">RSA Europe</a> being held in London. The biggest news from the event was Information Commissioner Richard Thomas' speech where he revealed that there were <a href="https://www.itpro.com/607680/ico-reveals-even-more-data-breaches" target="_blank" data-original-url="https://www.itpro.com/607680/ico-reveals-even-more-data-breaches">277 more data breaches</a> since the infamous HMRC records loss.</p><p>NHS IT has had many problems, but is it actually "grinding to a halt?" Government opposition <a href="https://www.itpro.com/tag/nhs" target="_blank" data-original-url="https://www.itpro.com/607704/nhs-it-at-a-standstill">calls for a review</a> of the 12.7 billion programme which has already suffered delays and problems with suppliers backing out.</p><p>Other public technology schemes seem to be in better shape though, and the police confirm that trials of <a href="https://www.itpro.com/607575/police-get-mobile-fingerprint-scanners" target="_blank" data-original-url="https://www.itpro.com/607575/police-get-mobile-fingerprint-scanners">mobile fingerprint scanners will be expanding nationwide</a>.</p><p>Handheld biometric devices, which are the size of a smartphone, these useful little gadgets are able to return identity confirmation from a suspect's fingerprints in just a few minutes.</p><p>Last, but not least, yesterday saw the first <a href="https://www.itpro.com/607746/first-google-phone-now-on-sale" target="_blank" data-original-url="https://www.itpro.com/607746/first-google-phone-now-on-sale">Google Android phone hitting stores</a>. Reports have suggested that it had a rather less enthusiastic turnout than for the Apple iPhone, but considering the handset itself is an HTC model which is similar to one already running Windows Mobile, that was probably to be expected.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
            </channel>
</rss>