Google is kicking off Cybersecurity Awareness Month by rolling out new tools that give customers greater control over their privacy when using Google Maps, YouTube, and Google Assistant. The company has confirmed that it’s launching incognito mode for Maps, which will debut on Android this month before expanding to iOS “soon.” 

When you turn on incognito mode in Maps, your Maps activity on that device, like the places you search for, won’t be saved to your Google Account and won’t be used to personalize your Maps experience,” Google’s Eric Miraglia wrote in a blog post. 

As for YouTube, Google is introducing the same rolling auto-delete feature that can already automatically clear out your location history and web data at an interval of your choosing. “Set the time period to keep your data — 3 months, 18 months, or until you delete it, just like Location History and Web & App Activity — and we’ll take care of the rest,” Miraglia wrote. Pretty straightforward.

And last, Google is letting you wipe recent voice commands or questions to Google Assistant without having to open an app on your phone. Now you can say “Hey Google, delete the last thing I said to you” or “delete everything I said to you last week” and that data will be erased. Unfortunately, you can’t delete more than a week’s worth of Google Assistant history using your voice. For that, you’ll still have to dig into the Assistant’s settings menu. 

Assistant is also now better prepared for a question like “Hey Google, how do you keep my data safe?” According to Miraglia, the answer you get “will share information about how we keep your data private and secure.”
​
Alongside these new options, Google is also building a password checkup feature right into its password manager, which syncs logins across Chrome and Android. You’ll be able to quickly check if your password was compromised in a third-party breach, find any passwords you’re reusing in multiple places, or replace weak, easy-to-guess passwords you might have in place for some accounts.

More than 400 police agencies across the United States are working with the Amazon-owned Ring home surveillance system, and now you can check if your local department is one of them.

Ring disclosed the number late month, and it’s double what reports had previously revealed. It also published an interactive map where anyone can check whether their hometown cops are part of the controversial effort through which police can see all the Ring cameras in a given neighborhood, can seamlessly request the footage and are encouraged to promote the device.

The map, where you can also check when each department started working with Ring, is available here, along with a blog post about the Ring-law enforcement partnership. The company will be updating the map as new departments are added, it says.

The release coincided with an in-depth Washington Post story, which disclosed the full number of agencies for the first time.

The Ring system includes its surveillance cameras (most famously the motion-activated camera doorbells) as well as the Neighbors app (where people can share footage from their cameras and discuss crime in their areas) and the Neighborhood Portal (where police can see a map of Ring cameras and quickly submit a request for footage during an investigation). In recent months, Vice, CNET, and Gizmodo have reported on police’s close relationship with the company, which, for example, gives departments discounts or free cameras to distribute among residents. In some cases, police have used the giveaways as leverage to demand that people hand over their footage, although Ring says it is supposed to be voluntary.
​
Critics worry about the privacy implications of such a built-out surveillance network, especially one that is controlled by a private company. What’s more, “neighborhood watch” apps like Neighbors or Nextdoor have had problems with racism and racial profiling, after users have raised the alarm after merely seeing people of color in their area.

A new security product has been launched, and it’s packed with features for a reasonable price. Authen2cateis a single-sign-on (SSO) and multi-factor authentication (MFA) service provider. Authen2cate provides a full-service, end-to-end solution that includes consulting services, implementation, integration, and ongoing maintenance and support.

Reduce Security Risk. The need for multi-factor authentication in today’s world is only becoming more and more apparent. According to The Password Exposefrom LastPass, the average employee is managing 191 passwords. Even a genius would sweat at the thought of remembering 191 unique, strong passwords from memory. This promotes the re-use of basic passwords and is a looming threat to every company. Remember, a simple eight-character alphanumeric password can be cracked in a matter of minutes.

As the internet and cloud solutions become an even more significant part of everyday life, especially in the workplace, ensuring identities can be properly authenticated and access is securely granted to only the right people, passwords alone are an outdated security measure. The National Institute of Standards and Technology (NIST)states that “MFA should be used wherever possible for any external access like VPN, Outlook Web Access or Citrix” and advised that many of the security issues they see today stem from passwords. Also, NIST recommended that businesses should incorporate Multi-Factor Authentication in their login policies, and that password management and policies are not “one-size-fits-all.” Authen2cate is designed to help with these issues. 

By implementing Authen2cate’s unified Identity and Access Management solution, users can prevent identity attacks and data compromise with an added layer of security. 

Meet Compliance Requirements. Security and privacy are essential topics in many industries: Healthcare, Government, IT, Education, and more. Most industry compliance guidelines and requirements from HIPAA, HITECH, PCI, FIPS, NIST, and others require or highly recommend added layers of security. By implementing Authen2cate’s Multi-Factor Authentication solutions, users can better prepare for audits and meet compliance standards to protect their organization.

Multi-Factor Authentication allows for added security to protect user logins and sensitive data. In today’s technical world, where everything is saved on a computer, in a server, or the cloud, it is more important than ever to protect personal information further. Should a username and password become compromised, MFA serves as a second layer of security preventing access to sensitive information.

Provisioning. One of the critical requirements of all compliance standards is not only creating access for a new user but also making sure that when a user leaves the organization, access is revoked. Authen2cate’s solution allows the administrator to seamlessly and automatically provision a new user by simply adding them to the application group in the directory. Applications like Office 365, Salesforce, Oracle, SAP, and many more take only a few minutes to deploy. When a user leaves the organization, delete them from the directory or remove them from the application group, and access is terminated for all applications they had previously been assigned.

Simple User Experience. Authen2cate's unified Identity and Access Management solution offers a seamless and straightforward experience for all users while adding another layer of security. How can Authen2cate make your life easier and more secure?

•   Single Sign-On Portal: Sign in once to your customized portal and get instant, secure access to all your apps in one central platform.

•   Mobile App: Three benefits all in one application. Implement Multi-Factor Authentication to add another layer of security to your applications. Securely reset your passwords straight from the app. And lastly, unlock your account if you completed too many failed login attempts.

Pricing. Authen2cate offers a 45-day free trial, and its subscription is $3/user/month with a minimum of 10 users.

Microsoft’s Windows 10 OS has been facing multiple problems in recent months. In the latest development, Microsoft has now released an important new Windows 10 warning to 800 million users. 

The company has identified a serious and long-running bug on its OS platform. The bug is more of a problem that was inadvertently introduced through design implementations. Microsoft has admitted to quietly switching off Registry backups in Windows 10. It has been observed that Registry backups would randomly show that backup operation has been completed despite no backup file being created. 

For users and businesses, Registry Backups are critical, as they are the last line of defense. If the Windows System Restore point fails, the registry backup is the only option for users. According to Microsoft, “Starting in Windows 10, version 1803, Windows no longer automatically backs up the system registry to the RegBack folder. If you browse to the WindowsSystem32configRegBack folder in Windows Explorer, you will still see each registry hive, but each file is 0kb in size.” 

Windows 10 1803 was released in October last year. While users flagged the issue to Microsoft, the company never admitted it. The disclosure comes just two months after Microsoft pledged to offer control, quality, and transparency to Windows 10 users. 

According to Microsoft, the company has done this to reduce the overall disk footprint size of Windows. The registry backup is usually 50 to 100 MB in size. To recover the system with a corrupt registry hive, Microsoft recommends using a system restore point. You can enable the period registry backup by manually editing the registry entry. 
​
Windows will back up the registry to the RegBack folder when the computer restarts. Windows stores the task information in the Scheduled Task Library in the Registry folder.

Travelers might finally be getting a break from the ever-frustrating airport security rules. Thanks to the introduction of new carry-on baggage scanners called CT (Computed Tomography), travelers won’t have to take electronics or liquids out of their bags. The TSA announced the rollout of this new technology, which would ultimately cut down on long security lines and make the airport experience much smoother.

The new machines can create 3D images of a bag’s contents and automatically detect and scan items you are currently required to remove. This includes electronic devices like laptops and even liquids. According to Bloomberg Government, 300 of these new machines have been ordered by the TSA so far, and they will begin to appear in airports this summer. Eventually, the goal is to replace all current X-ray machines with these new CT scanners. The TSA has been testing these machines since 2017, and once airport employees become comfortable operating the new equipment, shorter security lines are expected.
​               
The list of airports that will receive the new CT machines has not yet been released, though they are currently being used at the following airports:

• Hartsfield-Jackson Atlanta International Airport (ATL)
• Baltimore-Washington International Airport (BWI)
• Chicago O’Hare International Airport (ORD)
• Cincinnati/Northern Kentucky International Airport (CVG)
• Detroit Metropolitan Wayne County Airport (DTW)
• Houston Hobby Airport (HOU)
• Indianapolis International Airport (IND)
• John F. Kennedy International Airport (JFK)
• Logan International Airport (BOS)
• Los Angeles International Airport (LAX)
• Oakland International Airport (OAK)
• Phoenix Sky Harbor International Airport (PHX)
• St. Louis Lambert International Airport (STL)
• Washington-Dulles International Airport (IAD)

 

When you’re on the road, Starbuck’s ‘third space’ idea can become compelling. You might want to get out of your hotel room for a change of atmosphere, or you might need a better cup of coffee. And you probably still need to get online with something other than your phone, and coffee shops mean Wi-Fi as much as caffeine.

If you pick the big chains, the Wi-Fi is pretty reliable. If you choose a smaller shop, the coffee is often far tastier, but the wireless can be hit and miss. A journalist writing about this problem, went into a little coffee place in Seattle to get out of the rain and catch up on some work over a weekend, his phone warned him that it could connect to the Wi-Fi but not to the internet.

He had the same problem when he connected his laptop to the coffee shop Wi-Fi. It’s not always possible to diagnose what’s wrong with a Wi-Fi connection; often the bandwidth is overloaded by the number of people connected to free Wi-Fi, or the router isn’t correctly configured to hand out IP addresses to devices. That means waiting for a few people to leave or asking the staff to restart the router.

But frequently, the problem with networks is DNS; the wi-fi router is probably using the DNS server of the ISP to which it’s connected. Switch to a public DNS service like Cloudflare’s 1.1.1.1, and you should get connected – and probably find websites a bit more responsive, too.

In Windows 10, click the network indicator in the taskbar to open the network menu and choose Change adapter options to open the Network Connections control panel with the list of network hardware you can use. Right-click on the wi-fi connection and select Properties. Click on Internet Protocol Version 4 (TCP/IPv4) and choose Properties again, then click to fill in your DNS details. Fill in 1.1.1.1 to use the Cloudflare service; you can use 1.1.1.0 for the alternative DNS server if you want Cloudflare as the fallback, or 8.8.8.8 to use Google’s DNS service.

You can do the same thing on a Mac. Choose System Preferences / Network and select your wi-fi connection, then click Advanced and choose the DNS tab. Again, fill in 1.1.1.1 to use the Cloudflare service; you can use 1.1.1.0 for the alternative DNS server if you want Cloudflare as the fallback, or 8.8.8.8 to use Google’s DNS service. 
​
On an iPad, look under Settings / Wi-Fi and tap next to the Wi-Fi network name. Scroll down and select the Configure DNS option, then tap Manual and fill in the addresses. Then you can get back to your coffee and  on with some work.

Currently, 3.9 million Americans work remotely, which marks a 115% increase from 2005. Estimates indicate that more than one-third of employees will work remotely in the next ten years. The desire for greater flexibility and work/life balance is partially responsible for this trend, in addition to an ever-increasing number of businesses that are based entirely online. With cloud and mobile technologies making it easier than ever before to communicate and collaborate regardless of location, organizations are embracing remote work as a way to cut costs and satisfy employee demand.

Despite the productivity and cost-saving benefits of remote work, the concept introduces serious cybersecurity risks that have the potential to devastate entire businesses. For example, if an employee logs on to their email via a coffee shop’s public Wi-Fi, that individual runs the risk of sending their work emails, customer information and other business data directly to hackers rather than to the Wi-Fi connection point.
Small and medium businesses (SMBs) are particularly vulnerable to remote work security risks, as they usually have fewer resources to prevent or recover from cyber-attacks proactively.

Here are five best practices that will help establish the proper level of control over cybersecurity threats.

Enforce Basic Cybersecurity Hygiene.An organization's cybersecurity is only as strong as its weakest link, and all it takes is one employee – even a well-intentioned one – to cause that chain to break. Enforce cybersecurity best practices such as using strong passwords, not sharing passwords across multiple accounts, implementing two-factor authentication (often free) and accessing sensitive files only from trusted devices and VPNs. Also, some simple and inexpensive employee cybersecurity awareness training can ensure employees are familiar with the most common and current attack schemes and educated on how to handle a situation if they think a cybersecurity incident has occurred.

Reign in 'Shadow IT.'Shadow IT refers to computer systems, applications or devices being used without explicit organizational knowledge or approval. For example, do any of your employees access their work email from their personal cell phone? Attempting to completely shut down Shadow IT isn't realistic, nor is it necessarily helpful to your business. However, it's essential to identify any apps or devices that could pose the highest risk. Clearly communicate which products or services are forbidden and explain why so your employees don't feel unjustly blocked and circumvent the rules. Also, consider putting processes into place that allow your IT team to quickly approve or disapprove new applications in which employees express interest.

Organize Back-End Technologies. Cloud-based apps can be a godsend for ensuring a seamless work environment for remote employees, and many also provide the invaluable service of backing up all of the data being generated outside an office's walls. Services such as G Suite or Microsoft Office 365, for instance, can allow employees to create, edit, organize, share and automatically back up documents, spreadsheets, presentations and more, no matter their location or device. Consider migrating some or even all of your file storage to a trusted cloud provider to optimize flexibility and more efficiently manage, secure and backup your business data.

Duplicate Storage.With its infinite scalability and relative affordability, cloud technology can be an ideal data storage resource. However, rather than relying entirely on the cloud or trusting your employees to only use secure cloud services with automatic backup capabilities, duplicate your most critical business data, so at least one copy is kept separate from cloud data centers and stored offline via encrypted backup tapes. This is an essential action to protect your business from the impact of a ransom attack, where a hacker blocks access to your systems or data until a ransom is paid.
​
Get Cyber Insurance.Cyber insurance is an important, final step for protecting your business against the dangers of employees working remotely. Considering the significant financial demands many SMBs face as a result of a security incident, look for plans that cover immediate business costs (e.g., lost revenue due to the interruption of business, ransom, regulatory or legal fines). Also, be sure to implement coverage that includes such crisis response services such as coaching and guidance on how to respond to a breach.

Networks today are subject to many threats including ransomware, cryptocurrency-miner threats, or state-sponsored hackers.

In line with other security industry pros, Microsoft has confirmed in its 24th annual security intelligence report that ransomware has taken a backseat to pesky cryptocurrency miners. 

But the company also warns that supply-chain attacks are on the rise. These are where an attacker uses a supplier or business partner to spread an infection. 

Past examples include the NotPetya not-ransomware outbreakthat caused over a billion dollars in losses for global firms and the Dofoil BitTorrent attacks. 
    
"Supply-chain attacks are insidious because they take advantage of the trust that users and IT departments place in the software they use," Microsoft warns in the report. 

"The compromised software is often signed and certified by the vendor, and may give no indication that anything is wrong, which makes it significantly more difficult to detect the infection. They can damage the relationship between supply chains and their customers, whether the latter are corporate or home users.

"By poisoning software and undermining delivery or update infrastructures, supply-chain attacks can affect the integrity and security of goods and services that organizations provide."

While attacks are changing and Windows 10 built-in security is improving, the company's advice to customers remains the same. However, there are conflicting data about the best approach to staying secure.  
Microsoft recommends only using software from trusted sources, though this 'security hygiene' measure could be undermined in a supply-chain attack. 

The company also recommends "rapidly applying the latest updates to your operating systems and applications, and immediately deploying critical security updates for OS, browsers, and email."

Deploying patches quickly is generally a good idea. However, Microsoft recently revealed that vulnerabilities in its software are most likely to be exploited as a zero-daybefore the company has even had a chance to release a patch. 

However, its other tips don't present obvious security conflicts.  

"Deploy a secure email gateway that has advanced threat protection capabilities for defending against modern phishing variants," Microsoft warns, adding that businesses should "Enable host anti-malware and network defenses to get near real-time blocking responses from the cloud (if available in your solution)." 

The other important measures organizations should take include implementing access controls, and teaching employees to be suspect of messages that ask them to divulge sensitive information. 

Microsoft also recommends keeping "destruction-resistant backups of your critical systems and data" and using cloud storage services for online backups. 
​
"For data that is on premises, regularly back up important data using the 3-2-1 rule. Keep three backups of your data, on two different storage types, and at least one backup offsite," says Microsoft.

Every month, thousands of retail websites are targeted by cybercriminals, who insert a small piece of malicious code that allows them to snatch customers’ credit card information. The hacking technique is called formjacking, and it’s the virtual equivalent of putting a device on an ATM to skim debit card numbers.
Affecting an average of 4,800 websites per month, formjacking is one of the newest favorite ways for hackers to steal personal data, according to security company Symantec’s annual Internet Security Threat Report.

Small and medium-sized businesses are still the most prominent targets of formjacking, according to Symantec, but in recent months, high profile brands including British Airways and Ticketmaster have also fallen victim to attacks. Symantec said it blocked more than 3.7 million formjacking attacks on websites in 2018, with one-third of those happening during the holiday shopping season.

“Formjacking represents a serious threat for both businesses and consumers,” Greg Clark, CEO of Symantec, said in a statement. “Consumers have no way to know if they are visiting an infected online retailer without using a comprehensive security solution, leaving their valuable personal and financial information vulnerable to potentially devastating identity theft.”

As returns diminish on older hacking techniques, formjacking has become a lucrative choice for cyber crooks, though it’s impossible to quantify the amount stolen from every formjacking attack in 2018. Symantec estimates criminals were able to steal “tens of millions of dollars” by using credit card information or selling the numbers on the dark web for around $45 each.

Meanwhile, instances of ransomware declined 20% overall for the first time since 2013, according to Symantec. One primary reason for this is the decreased value of cryptocurrency, which hackers use to demand payments.

Of course, hackers are expert shape-shifters and are always looking for new, sophisticated ways to sneak up and steal private information. Security experts recommend staying on top of threats by using antivirus software and by checking to make sure any website where you enter your credit card information has a lock icon next to the domain, indicating it’s a secure server.
​
Hackers have also been known to go old school, too, by sending targets phishing emails as a way to socially engineer them into sending personal information. But companies are increasingly on the lookout for these dangerous messages. Google even developed a phishing quizto help web users better identify potentially dangerous emails.

Artificial intelligence has the potential to bring a select set of advanced techniques to the table when it comes to cyber offense, researchers say.

Last week, researchers from Darktracesaid that the current threat landscape is full of everything from opportunistic attacks from teen hackers to advanced, state-sponsored assaults, and in the latter sense, attacks continue to evolve.

However, for each sophisticated attack currently in use, there is the potential for further development through the future use of AI.

Within the report, the cybersecurity firm documented three active threats in the wild which have been detected within the past 12 months. Analysis of these attacks – and a little imagination – has led the team to create scenarios using AI which could one day become reality.

"We expect AI-driven malware to start mimicking behavior that is usually attributed to human operators by leveraging contextualization," said Max Heinemeyer, Director of Threat Hunting at Darktrace. "But we also anticipate the opposite; advanced human attacker groups utilizing AI-driven implants to improve their attacks and enable them to scale better."

Trickbot. The first attack relates to an employee at a law firm who fell victim to a phishing campaign leading to a Trickbot infection.

Trickbot is a financial Trojan which uses the Windows vulnerability EternalBluein order to target banks and other institutions. The malware continues to evolve and is currently equipped with injectors, obfuscation, data-stealing modules, and locking mechanisms.

In this example, Trickbot was able to infect a further 20 devices on the network, leading to a costly clean-up process. Empire Powershell modules were also uncovered which are typically used in remote, keyboard-based infiltration post-infection.

AI's Future Role.Darktrace believes that in the future, malware bolstered through artificial intelligence will be able to self-propagate and use every vulnerability on offer to compromise a network.

"Imagine a worm-style attack, like WannaCry, which, instead of relying on one form of lateral movement (e.g., the EternalBlue exploit), could understand the target environment and choose lateral movement techniques accordingly," the company says.

If chosen vulnerabilities are patched, for example, the malware could then switch to brute-force attacks, keylogging, and other techniques which have proven to be successful in the past in similar target environments.

As the AI could sit, learn, and 'decide' on an attack technique, no traditional command-and-control (C2) servers would be necessary.

AI's Future Role.It is possible that AI could be used to further adapt to its environment. In the same manner, as before, contextualization can be used to blend in, but AI could also be used to mimic trusted system elements, improving stealth.

"Instead of guessing during which times normal business operations are conducted, it will learn it," the report suggests. "Rather than guessing if an environment is using mostly Windows machines or Linux machines, or if Twitter or Instagram would be a better channel, it will be able to gain an understanding of what communication is dominant in the target's network and blend in with it."

Take It Slow. In the final example, Darktrace uncovered malware from a medical technology company. What made the findings special was that data was being stolen at such a slow pace and in tiny packages that it avoided triggering data volume thresholds in security tools.

Multiple connections were made to an external IP address, but each connection contained less than 1MB. Despite the small packets, it did not take long before over 15GB of information was stolen.

By fading into the background of daily network activity, the attackers behind the data breach were able to steal patient names, addresses, and medical histories.

AI's Future Role. AI could not only provide a conduit for incredibly fast attacks but also "low and slow" assaults. It can also be used as a tool to learn what data transfer rates would flag suspicion to security solutions.

Instead of relying on a hard-coded threshold, for example, AI-driven malware would be able to dynamically adapt data theft rates and times to exfiltrate information without detection.
​
"Defensive cyber AI is the only chance to prepare for the next paradigm shift in the threat landscape when AI-driven malware becomes a reality," the company added. "Once the genie is out of the bottle, it cannot be put back in again."