Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

Webroot

Designed with MSPs, resellers, and distributors in mind, the Webroot® Channel Edge® Program offers
competitive margins, recurring revenue, lower operational costs, improved productivity, and innovative
enablement tools. Through its web-based management console and integration with RMM and PSA
platforms, Webroot provides easy-to-deploy, cloud-based security for endpoint, mobile, and web.
Partnering with businesses of all sizes, Webroot secures your clients against sophisticated threats—no
matter how or where users connect. For more information, visit www.webroot.com/MSPpartners

Share tech news, updates, or what's on your mind.

Sign up to Post

Ransomware Spares No One: How to Avoid the Next Big Attack

Ransomware-Blog_Image-800x650-1-ner8.png
With global ransomware attacks, such as WannaCry and not-Petya, making big headlines this year, it seems the unwelcomed scourge of ransomware isn’t going away any time soon. While large-scale attacks like these are most known for their ability to devastate companies and even whole countries, the often under-reported victim is the average home user.

We sat down with Tyler Moffit, senior threat research analyst at Webroot, to talk ransomware in plain terms to help you better understand how to stop modern cybercriminals from hijacking your most valuable data.
0
Automating Your MSP Business
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Protect DNS: A Conversation With Dave Dufour of Webroot

DNS is one of the basic services on which the web is based and it has proven to be robust and scalable to an astounding degree. Unfortunately, it's also vulnerable to hacking and can be a serious attack vector if left unprotected. Dave Dufour, director of cybersecurity and engineering at Webroot, is an expert on DNS and its implications in network security. Security Now talked with Dufour about the issues with DNS and what organizations should be doing to protect their networks, employees and customers from DNS-based threats.

Read more of the interview on Security Now.
2
CyberNewsRundown.jpg
Cyber News Rundown: Edition 9/15/17

German Voting Software Raises Concerns

With German elections only a couple weeks away, researchers have been working to determine how secure the voting systems really are. Per a recent study, the software being used contains multiple vulnerabilities that could lead to devastating results if the election is compromised. Meanwhile, the software creator maintains there is nothing wrong with the system and any tampering would only lead to confusion, rather than truly affecting the vote’s outcome.

Upgraded Android OS Slows Tide of Overlay Attacks

While overlay attacks are nothing new to Android™ users, the Toast window is a surprisingly fresh take on this technique. Google has already patched the issue being exploited, but many users unintentionally fell victim and gave permissions to a malicious app using the Toast window overlay on a legitimate page to spoof the users input. This type of attack can range from simply installing an annoying piece of malware on the device, all the way up to locking the device down and demanding a ransom.
2
Capture.JPG
Cyber News Rundown: Edition 9/8/17

The Cyber News Rundown brings you the latest happenings in cyber news weekly.
If you have any other questions, just ask!





Consumer Credit Reporting Agency Equifax Suffers Cyberattack Affecting 143 Million Customers

Equifax announced hackers gained access to sensitive company data that potentially compromised information for 143 million American consumers, including Social Security numbers, driver’s license information, and credit card details. This is the third major cybersecurity incident for the agency since 2015. Most concerning, Equifax knew of the breach on June 29 but waited until September 7 to disclose the information.

Instagram Hack Exposes Millions of Accounts
A group of hackers recently gained access to a large number of Instagram accounts for high-profile celebrities and other victims. The attackers were able to use an exploit in the Insta app to retrieve the email addresses and phone numbers for millions of account holders. They then used this information to take control of more valuable accounts and posted the credentials for sale on the dark web. While Instagram was quick to fix the bug, it is still unclear just how many accounts were compromised.

Customer Databases Belonging to Time Warner Cable Publicly Exposed
1
New Leadership at Webroot

Dick Williams has decided to retire after 8 years at Webroot, and more than five decades in the business world. Webroot has named a new CEO, Mike Potts, who will start September 25. Dick will remain on Webroot’s Board of Directors.
 
Mike brings more than 25 years of experience as a seasoned technology industry veteran spanning the application and security sectors. He most recently served as an integration executive in the security business group at Cisco after the acquisition of Lancope, where he served as president and CEO. Prior to Lancope, Mike was president and CEO of Air Defense, which was acquired by Motorola in 2008. He has a long history of driving innovation and growth and is the right person to continue our path to success at Webroot.

Dick expresses his sincere thanks and appreciation to all of our customers and advocates for helping Webroot achieve its current success, and for being incredible partners over the years.

Check out Dick's blog and our press release for more information on this announcement.
5
CyberNewsRundown.jpg
Cyber News Rundown: 9/1/17

IRS-Themed Ransomware Using Old-School Tactics

Over the past week, researchers have discovered a new ransomware variant that attempts to impersonate both the IRS and the FBI, similar to the FBI lockscreen malware that was popular several years ago. By tricking the victim into opening a link to a fake FBI questionnaire, the ransomware is downloaded onto the machine and begins encrypting. Fortunately, both the FBI and the IRS are taking great measures to alert possible victims and to catalog any scam emails that are being sent out.

History Repeats Itself at UK NHS District

Back in May, the UK’s National Health Services fell victim to a large WannaCry ransomware attack. While most of the districts have since regained full functionality, the district of Lanarkshire has once again been targeted. A cyberattack on its staffing and telephone systems left the district with only emergency services for several days. This event just reinforces the importance of updating security on critical systems before an attack, and even more so after one as devastating as WannaCry.

To read all of the stories, visit the Webroot Threat Blog.
3
Capture.JPG
Cyber News Rundown: Edition 8/25/17

The Cyber News Rundown brings you the latest happenings in cyber news weekly.
If you have any other questions, just ask!





UK NHS Database Exposes Over 1 Million Patient Records
During the past week, a breach was discovered in patient booking system SwiftQueue, which is widely used by several National Health Service (NHS) facilities. The database may have contained patient information for up to 1.2 million UK citizens, though the actual data has yet to be fully examined. Even worse, attackers now claim they have found additional SwiftQueue vulnerabilities and are in possession of all 11 million records stored by the company.

Booking Provider’s Data Found in Public Data Dump
Researchers recently discovered a large customer data dump in a publicly-facing Amazon S3 bucket. The data in question belongs to Groupize, a groups and meetings solution, and contains everything from customer interactions to full credit card information used to book hotels and other meeting spaces. Fortunately for anyone who has used the service, the data was properly secured within a week of the discovery.

Phishing Site Hosted on .fish Domain
1
OwnYourId.jpg
Your Identity Is Yours. Here’s How To Keep It That Way.

Have you ever been out with friends, had a little too much to drink, and left your credit card in a bar? Or maybe you thought you’d stowed your child’s social security card safely away in your desk drawer, but now you can’t find it. It may seem like losing these items is just an inconvenience, but the reality is that simple slip-ups like these can spell disaster for you and your family.
 
We recently took to the streets of Denver to get a feel for how average Americans are staying safe from identity theft. Their responses were not so surprising.  
 
How are you protecting your identity?
3
 
LVL 7

Expert Comment

by:Brian Matis
How are you protecting your identity?
I'm with you on the credit monitoring and credit freeze. Although, full disclosure, I did spend many years working for one of the major credit bureaus on their consumer credit monitoring products and wrote the business requirements for my team's portion of the credit lock feature—still one of my favorite projects from when I was there. We made it so much easier for customers to manage their freeze status through our service. :-)
1
 

Author Comment

by:Drew Frey
The credit piece is a big one that I think many don't pay enough attention to. It's important to know where you stand and stay up to date with your credit score and in some cases, freeze when needed.

That project sounds really interesting! Fun that you got to work on that Brian!
0
Locky ransomware rises from the crypt

Lockys_Back.jpg
New variants of Locky—Diablo and Lukitus—have surfaced from the ransomware family presumed by many to be dead. After rising to infamy as one of the first major forms of ransomware to achieve global success, Locky’s presence eventually faded. However, it appears this notorious attack is back with distribution through the Necurs botnet, one of the largest botnets in use today.
 
Webroot protects against Diablo and Lukitus
 
For the initial list of MD5s and more detail on Locky.
3
Capture.JPG
Webroot Acquires Securecast, Launches Webroot Security Awareness Training

Beta Program Available Immediately to Help Businesses Reduce the Risks and Costs of Cyber Threats with End User Education

Webroot has acquired the assets of Securecast, a security awareness training platform. Building on Securecast, Webroot Security Awareness Training will give managed service providers (MSPs) and businesses a solution to reduce the risks and costs of phishing, ransomware, and other cyber threats with end-user education.

Webroot Security Awareness Training is available today as a beta program, with general availability scheduled for later this fall. The beta will allow participants to operate phishing simulations and provide a test course to address the weakest link in an organization’s security posture: the human factor. By combining the latest threat intelligence, technology, and training, Webroot enables businesses to reduce their security risks by continually educating their users and testing their awareness on cybersecurity best practices.

Explore Webroot Security Awareness Training

Webroot Security Awareness Training Beta Key Facts:
  • Webroot Security Awareness Training is a fully hosted Awareness-as-a-Service platform with an end user training program and a sophisticated phishing simulator.
  • The phishing
2
Put Machine Learning to Work--Protect Your Clients
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

The Future of Cyber Security - Facts & Predictions


Ransomware, one of today's biggest security threats, has become a massive growth opportunity for our channel. As key stakeholders fear now that their organisation will eventually be hit by a ransomware attack, they are willing to spend more on IT security solutions.
 
Join our Live Webinar on 24th August 2017
 
  • Why is NHS spending 50 million pounds to improve its cyber security?
  • Why are schools and top universities the perfect targets for the file-encrypting attacks?
  • How much are businesses willing to invest after their first ransomware attack?
  • How to remain competitive and win the cyber security market?


Register Now and Secure your Spot!
2

71% of SMBs aren't prepared for cybersecurity risks


CyberThreatsSMB.png
This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies (with between 100 and 499 employees) in the U.S., U.K., and Australia. The survey focused on how these small businesses perceived new threats facing their organizations.

Some of the answers were surprising.

Key stats:

  • 96% of those surveyed believe they are susceptible to cyber threats.
  • 80% use third-party IT security resources (mixed-use IT and security teams).
  • 94% are updating their security budgets to account for mitigating new threats.
  • 71% still admit not being ready to address cybersecurity threats.

Get the full report and more stats here.
     
2
You need to assemble a crack AI team: Where do you even start?

lego_heads_photo_via_shutterstock.jpg
AI is finding its way into every day business and government. The idea of AI is not a new, but what is different is that today's hardware and software is bringing the various concepts underpinning AI to a mass market.

What’s new, too, is the driver: from bots and digital assistants to autonomous vehicles Google, Microsoft, Facebook, Nvidia and others in Silicon Valley are setting a drum beat to which the rest of are marching.

View All
2
How machine learning enables your best employees to work 24/7

A recent incent industry report states that artificial intelligence and machine learning have great potential, but can’t yet match the breadth of human intelligence. While I would argue you can’t have one without the other, meaning humans are an integral part of both AI and machine learning, both of these technologies have the power to be better than any single employee.

Our CTO, Hal Lonas, talks Artificial Intelligence and machine learning with Information-Management.
2
Webroot Certification Program
We're excited to announce the launch of our Webroot Certification Program.

The Webroot Certification Program covers key feature differentiators, deployment best practices, cybersecurity management, and basic troubleshooting techniques for SecureAnywhere® Business Endpoint Protection. The program enables the sales and technical teams at managed service providers (MSPs), value-added resellers (VARs), and other distributor partners to better sell and support the solution, as well as streamline and enhance their IT services business.

Get certified by signing up here.
2

Cyber News Rundown: Edition 7/21/17


Cyber-News-Rundown-WordPress-800x600.jpg
Malware Lurking in Game of Thrones Torrents

Viewers hoping to catch an illegal copy of the season 7 premier of Game of Thrones, released last Sunday evening, stumbled across something much more dangerous than White Walkers. The most pirated TV show in the last 5 years, Game of Thrones torrents often come with an extra side of malware, and have even released a Cerber ransomware variant onto unsuspecting viewers. While some lucky pirates have escaped with clean torrents, others haven’t been so fortunate. Use caution in all your internet activities, whatever they may be.

Twitter Porn Bot Shutdown

In the last few weeks, researchers have been attempting to bring down a Twitter botnet that took over 86,000 bot accounts to send out a relentless stream of porn ads to Twitter users across the globe. The botnet itself began by creating systematically generated Twitter accounts to send out a malicious URL payload to victims, which would then redirect them to a variety of porn sites controlled by the same network.

Adoption Data Leaked in Newcastle

Recently, officials of the Newcastle City Council have been attempting to resolve a data breach in which a spreadsheet of over 2,700 adopted children’s information
5
QTT2017.PNG
In This Issue:
Streaming Malware Detection and Trends

More information here.

Although malware and potentially unwanted applications (PUAs) such as spyware and adware have been a top concern for years, many organizations still find themselves overwhelmed by the abundance of modern threats. This quarter, we examine malware trends, get insight from Webroot CTO Hal Lonas on dissolving security perimeters, and present findings from two recent surveys on how security professionals will focus their security efforts over the next year.

Get the latest Threat Trends Report now!
2
Cyber-News-Rundown-WordPress-800x600.jpg
Cyber News Rundown Edition: 7/14/17

Verizon Call Logs Found Exposed Online

Over the past month, researchers have been learning more about the recent discovery of unsecured customer service call records for over 14 million individuals on an Amazon server. The server in question is controlled by Nice Systems, an enterprise software company based in Israel, and contained call logs from January through June of this year. In the unencrypted records were customers’ names and their Verizon account login credentials. Even after Verizon became aware of the server’s vulnerability, it took over a week to get it properly secured by Nice Systems.

Bupa Healthcare Services Breached

In the last week, international healthcare provider Bupa was the victim of a data breach that included basic customer information, such as names, birthdates, and nationalities. The breach originated with an employee incorrectly transferring data between systems of Bupa Global, which handles international health insurance for frequent travelers—around 108,000 customers in total. The affected branch of Bupa has contacted all affected customers, and has stated that no other branches worldwide have been compromised.

Botnets Distributing New Point-of-Sale Malware

With the recent influx of botnet-related cyberattacks in the last year, it’s hardly surprising that Point-of-Sale malware is now spreading through the same channels
3
Bupa breach affects more than half a million customers

A London health insurance agency has been hit with a massive data breach. The personal information of about 547,000 people was compromised.

More info here
1
2017 Webroot Threat Report
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Cyber-News-Rundown-WordPress-800x600.jpg
Cyber News Rundown: Edition 7/7/17

British Lawmakers’ Logins Targeted

Over the last week, multiple parliament members and other lawmakers in the UK have been the focus of cold-callers attempting to gain login credentials, following a successful brute force attack that compromised the credentials of several other officials. Passwords for the remainder of the parliamentary staff have received a force reset to avoid any further exploitation of their systems.

Banks Still Struggle with Security

The Online Trust Alliance recently conducted an anonymous study of 1,000 websites across many different sectors, to test for security, privacy, and consumer protection. Of the 100 largest US banks in the study, only 27% passed all 3 categories, while 65% failed in at least one category. Although the American Banking Association still believes that banks are the current standard for security, the long list of breaches throughout the last year alone leave many consumers questioning just how secure their banks really are.

Sabre Breach Exposes Google Employee Data

In the past few days, Google has been sending out notifications to employees after Sabre Hospitality Services experienced a breach in their reservation system
4
bitcoin_photo_via_shutterstock.jpg
This just in... Humans Still the Weakest Link

"The fact that access appears to have been initiated by initially compromising an employee's personal PC is a very worrying development – highlighting huge failings on so many levels, from an employee education and training standpoint, all the way to administrative and technical controls, to monitoring and enforcement." -  David Kennerley, director of threat research at Webroot.

More on TheRegister.
5
 
LVL 2

Expert Comment

by:Christopher Rourke
Good ol' PEBCAK :) Thanks for the article link.
1
 

Author Comment

by:Drew Frey
Happy to share, Christopher! There's an educational component most people could use to help combat PEBCAK :)
1

Many Firms Hit by Global Cyber Attacks - Petrwrap


Firms around the globe are reporting that they have been hit by a major cyber-attack. Some experts have suggested that it could be a ransomware attack, similar to Wannacry which hit last month. Alan Woodward, a computer scientist at Surrey University, said: "It appears to be a variant of a piece of ransomware that emerged last year.

More on this story via the BBC.
10
 
LVL 10

Expert Comment

by:Experts Exchange
They have a sense of humor.
2
 
LVL 15

Expert Comment

by:Ajit Singh
The Petya ransomware has caused serious disruption at large firms. Ransomware attack continue to be a huge challenge for organizations with incidents reaching record highs. This article explains bit more about 'Petya' ransomware attack strikes companies across Europe and US.
 
Also check this this article to defense the ‘Petya’ Ransomware Attack.
0
Honda isn't alone in facing these challenges -- according to Reuters, competitors Nissan and Renault also stopped production at plants in Japan, Britain, France, Romania and India last month due to WannaCry attacks.  

This attack should serve as a reminder that even if your business wasn't hit during the initial WannaCry outbreak, you may well still be vulnerable.

More on the latest WannaCry attack and how you can mitigate future attacks here.
3
Drew Frey writes articles on cyber security and ransomware protection.  Follow him if you're interested in seeing new articles in those topics.

https://www.experts-exchange.com/members/Drew-Frey.html
5
 

Expert Comment

by:Michael Bodine
SP INFOTECH was also part of a scam...they had people calling up with foreign voices and the company name would change..as they answered the phone.. certaintly unpredictable crap.
1
 
LVL 17

Author Comment

by:Kyle Santos
Source?
0
IMG_0386.jpg
Colorado is fortunate to have a diverse community of tech companies and startups, each one backed by its own diverse community of leaders, tech gurus and innovators. But diversity aside, women are still grossly underrepresented in tech — in classrooms, in boardrooms and everywhere in between.
 
We talked with Amy Wiley, VP of Engineering Services here at Webroot about her greatest challenges, what Webroot is doing to promote diversity in tech, and advice for other women looking to get into the tech industry.
 
Read more here.
2

Webroot

Designed with MSPs, resellers, and distributors in mind, the Webroot® Channel Edge® Program offers
competitive margins, recurring revenue, lower operational costs, improved productivity, and innovative
enablement tools. Through its web-based management console and integration with RMM and PSA
platforms, Webroot provides easy-to-deploy, cloud-based security for endpoint, mobile, and web.
Partnering with businesses of all sizes, Webroot secures your clients against sophisticated threats—no
matter how or where users connect. For more information, visit www.webroot.com/MSPpartners

Top Experts In
Webroot