When it comes to getting a new laptop, many of us have a favourite operating system. But, which platform is actually the safest Mac or Windows?

We spoke to several security experts to get an idea of how vulnerable each platform is, what attacks you need to watch out for and how to keep your device safe no matter which one you use. Heres what we found out.

Fennel Aurora, security advisor at F-Secure told Trusted Reviews, while it can feel wrong to think of hacking and distributing malware as a business, thats essentially what it is, and like any business, it all comes down to profit.

Cyber criminals are doing cost-benefit analyses on where to use their R&D resources, just like any normal company would, explained Aurora.

Where is the biggest market? Which market segment has the most people willing to pay? Which market is easiest to enter? Which market has the most competition?

Chris Hauk, consumer privacy champion at Pixel Privacy, add that right now the largest and easiest market to for hackers to enter is still Windows.

Windows machines are generally targeted much more than Macs, simply due to their sheer numbers, explained Hauk.

Targeting Windows machines provides more bang for the buck. However, thanks to its improved sales in recent years, the Mac platform is becoming a more attractive target for bad actors.

Antony Demetriades, VP at McAfee added that despite this, Apple users should be careful not to get too comfortable.

Many users have believed Macs to be untouchable by hackers, giving Apple devices a reputation for being more secure than other PCs, including Windows, said Demetriades.

But Macs are also vulnerable to viruses and have security measures that can be susceptible to fraudsters.

Aurora backed up Demetriades assertion adding that, in many instances, Mac users are considered the more desirable victims.

In general iOS and Mac users are more valuable targets and can be more profitable if the crime company is able to put in the effort to develop more complex malware, said Aurora.

These targets are generally profitable either from the generally richer users paying up for ransomware, or by working for governments and corporations with deep pockets behaving criminally to target protesters, journalists, opposition leaders, union organizers, whistleblowers, and anyone else inconvenient to their continuing abuses of power.

Kaspersky Total Security Now 50% off

Total protection in one product

Add additional security with award-winning protection against hackers, viruses and malware. Includes, Free VPN, Password Manager and Kaspersky Safe Kids. Now 50% off from just 19.99 per month

Paul Bischoff, privacy advocate at Comparitech told Trusted Reviews, the issue for Windows lies in how widespread the OS has become. This makes it a challenge for Microsoft to monitor for vulnerabilities across such a large range and number of devices.

Mac is probably more secure on the whole because Apple is in full control of both the hardware and software, whereas Windows has to be adapted to many different brands and models, explained Bischoff.

That, on top of the fact that fewer people own Macs, creates more gaps in Windows cybersecurity that are discovered more quickly.

F-Secures Aurora added that Apples marketing around security means that, while Macs can be more secure, its important users dont get overly complacent especially considering the higher value placed on hacking Apple devices.

Macs are generally more secure than Windows machines to start, and because of that people are often encouraged to be complacent around installing security software and other monitoring, and there is less competition from other criminals, warned Aurora.

Demetriades agreed, adding:

While Apple goes to great lengths to protect all its devices, this doesnt make your Mac immune to computer viruses, Whether hackers physically sneak onto your device or scam you via apps, sketchy websites or phishing attacks, viruses and malware can create several problems.

David Emm, principal security researcher at Kaspersky told Trusted Reviews, while it can be easy to just tell people not to click dodgy links, many cybercriminals will put in the effort to disguise their attacks as trusted websites or exciting opportunities.

Common threats can include keyloggers that expose your passwords, crypto-mining software that takes advantage of your computers power to mine crypto-currencies and Trojan malware that performs data-stealing attacks while hiding in plain sight.

Most malware, for whatever platform, relies on social engineering, i.e. tricking someone into doing something that jeopardises their security, Emm explained

Hence the number of phishing attacks designed to try and persuade people to click on links to fake sites hosting malware (this could be adware, a banking Trojan designed to steal their money, malicious crypto-currency miners or any other type of malware) or capturing personal information such as passwords.

Aurora agreed with Emm adding that cyber scams are, in their essence, just that scams. Many criminals will use the same marketing tactics used by scammers offline, too.

A lot of avoiding scams comes down to taking a breath and pausing when you feel yourself being pressured or suddenly excited by a too-good-to-be-true opportunity, explained Aurora.

This applies to websites your visit, emails you receive, text messages, social media, phone calls, and even while outside face-to-face. Scammers find you where you are and try to use things that are familiar to you to gain your confidence.

Kaspersky Total Security Now 50% off

Total protection in one product

Add additional security with award-winning protection against hackers, viruses and malware. Includes, Free VPN, Password Manager and Kaspersky Safe Kids. Now 50% off from just 19.99 per month

There are a few steps you can take to ensure your devices stay protected and reduce your risk of being the target of cyber scams.

The obvious one is to install antivirus software. You can find a rundown of our favourites in our best antivirus guide, but our current top pick is Kaspersky Internet Security for its excellent performance and handy feature set.

Its also a good idea to invest in a VPN to protect your data while surfing online. You can see the best VPN services weve tested in the attached guide.

Our experts also had the following advice to share.

Apply updates to operating systems and applications and back-up your data regularly. Think PUB protect, update, backup, said Emm.

Although its age-old advice, avoid suspicious emails or messages from unknown senders. Hackers often use phishing emails or text messages as a means to distribute malware, so do not open suspicious links, said Demitriades.

Emm advises users to avoid responding to unsolicited messages and to only use trusted sites: Use https and always type in the address yourself (or use bookmarks/favourites) rather than click on links, he warned.

Aurora, meanwhile, recommends registering for a password manager to keep tabs on unique passwords.

This is the only way to have a unique strong password on every account, meaning that even if one account is hacked, the damage is contained to that one account, explained Aurora.

In addition, the autofill and synchronization of passwords across devices that you get with good password managers means its easier to use every day than trying to remember and type out your passwords.

Aurora also advises users to switch on Multi-Factor Authentication (MFA/2FA) when available especially when it comes to your email.

If possible, use an app like FreeOTP or a USB hardware device like Yubikey instead of your phone number with SMS. And save those backup codes in your password manager. If you can only do SMS, please still do that, it is better than nothing, he said.

Regardless of whether youre Team PC or Team Mac, its important to understand that both are susceptible to cyberthreats which are constantly changing, concluded Demitriades.

Read more:
Are Macs safer than Windows laptops? We asked the experts - TrustedReviews

Britain's cyber security centre has urged UK organisations to check their cyber defences because of concern about the potential for new Russian cyber attacks linked to tensions with Ukraine.

The public-facing arm of the spy agency GCHQ encouraged everyone to read new guidance published on its website entitled: "Actions to take when the cyber threat is heightened."

Paul Chichester, director of operations at the National Cyber Security Centre (NCSC), said: "While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient.

"Over several years, we have observed a pattern of malicious Russian behaviour in cyber space. Last week's incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before."

Ukraine was hit on 14 January by what Ukrainian officials described as a "massive cyber attack" that targeted some 70 government websites.

Oleksiy Danilov, the top security adviser to Ukraine's president, told Sky News at the time that he was 99.9% sure Russia was behind the assault.

The Kremlin has denied the claim.

Please use Chrome browser for a more accessible video player

Officials from the NCSC are "urgently" helping the Ukrainian government investigate the attack and discover who was behind it.

The cyber offensive unfolded as Russia amasses more than 100,000 troops and weaponry close to Ukraine's borders.

The military mobilisation has prompted fears in Western capitals of a new Russian invasion of its neighbour - eight years after President Vladimir Putin annexed Crimea and backed separatists in the east.

The NCSC said in a statement on Friday: "While the government is not attributing responsibility for the recent cyber incidents in Ukraine, the NCSC is urgently investigating them.

"Incidents of this nature are similar to a pattern of Russian behaviour seen before in previous situations."

This included a global cyber attack in 2017 that cost businesses around the world hundreds of millions of pounds.

Read more:Kyiv mayor Vitali Klitschko criticises Germany over lack of support for UkraineHow many NATO troops are ready if Russia launches new invasion?Inside the top-secret tank base that provides Ukraine's best hope of defence

The UK has previously accused Russian military intelligence of launching the NotPetya attack against government IT systems in Ukraine.

The malware then spread across 64 other countries, including the UK.

Please use Chrome browser for a more accessible video player

Cyber hostilities are a form of attack that can take place in a grey zone under the threshold of war or as part of a physical, military invasion.

The new NCSC warning appears designed to try to ensure British companies and other organisations are better prepared in case another cyber attack against Ukraine then infects the internet worldwide.

It is a sign of how a conflict in one part of the world can impact anyone, anywhere because cyber weapons do not respect geographical boundaries.

The "guidance encourages organisations to follow actionable steps that reduce the risk of falling victim to an attack", the cyber centre said.

Follow the Daily podcast on Apple Podcasts, Google Podcasts, Spotify, Spreaker

These actions are listed on its new guidance, which was published last week - three days after the cyber attack against Ukrainian government websites became public.

They include things like patching systems;enabling multifactor authentication;and checking that backups and restore mechanisms are working.

Any organisation that falls foul of a cyber attack is advised to report the incident to the NCSC.

Originally posted here:
British firms warned to bolster cyber defences against threat of new Russian attacks - Sky News

It's been a busy week with ransomware attacks tied to political protests, new attacks on NAS devices, amazing research released about tactics, REvil's history, and more.

This week's biggest news is about a new ransomware operation called DeadBolt encrypted QNAP devices worldwide, illustrating how threat actors can still earn a lot of money by targeting consumers and small businesses.

The attacks started on January 25th and have since encrypted over 4,300 QNAP NAS devices where they demand 0.03 bitcoins, worth approximately $1,100, for a decryption key.

Unfortunately, many victims have reported paying, leading this attack to be very successful for the threat actors.

Other attacks this week include a Conti attack on Apple and Tesla contractor Delta and an attack on Belarusian Railway in protest of Russia using Belarusian Railway's rail transport network to move military units and equipment into the country.

Other interesting stories this week are ransomware gangs calling people whose data was stolen, an increase in attempts to recruit insiders, the analysis of LockBit's ESXI encryptor, and a fantastic report detailing the history of REvil.

Contributors and those who provided new ransomware information and stories this week include: @PolarToffee, @Ionut_Ilascu, @demonslay335, @BleepinComputer, @VK_Intel, @malwareforme, @struppigel, @fwosar, @FourOctets, @billtoulas, @Seifreed, @malwrhunterteam, @jorntvdw, @DanielGallagher, @LawrenceAbrams, @serghei, @kevincollier, @Jon__DiMaggio, @UseAnalyst1, @fbgwls245, @JakubKroustek, @pcrisk, @TrendMicro, @Hitachi_ID, @emsisoft, @BushidoToken, @SteveD3, @SttyK, @CuratedIntel, and @vinopaljiri.

dnwls0719 found a new Paradise .NET variant that appends the .iskaluz extension to encrypted files.

A recent survey of 100 large (over 5,000 employees) North American IT firms shows that ransomware actors are making greater effort to recruit insiders in targeted firms to aid in attacks.

A group of hackers (known as Belarusian Cyber-Partisans) claim they breached and encrypted servers belonging to the Belarusian Railway, Belarus's national state-owned railway company.

Jakub Kroustek found a new STOP ransomware variant that appends the .qqqw extension.

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

Wayne didnt know his sons school district had been hacked its files stolen and computers locked up and held for ransom until last fall when the hackers started emailing him directly with garbled threats.

The Belarusian Cyber Partisans have shared documents related to another hack, and explained that Curated Intel member, SttyK, would understand some of the methods used.

dnwls0719 found a new ransomware appending the .exploit extension to encrypted files.

QNAP is warning customers again to secure their Internet-exposed Network Attached Storage (NAS) devices to defend against ongoing and widespread attacks targeting their data with the new DeadBolt ransomware strain.

LockBit is the latest ransomware gang whose Linux encryptor has been discovered to be focusing on the encryption of VMware ESXi virtual machines.

dnwls0719 found a new Babuk knockoff appending the .king extension to encrypted files.

Delta Electronics, a Taiwanese electronics company and a provider for Apple, Tesla, HP, and Dell, disclosed that it was the victim of a cyberattack discovered on Friday morning.

In our previous research we investigated a ransom cartel, and then we conducted a study on ransomware gangs and their links to Russian intelligence organizations. Now, we are conducting a use case into one of the worlds most notorious ransomware gangs, REvil. This particular case is fascinating because the gang has existed for several years, conducted many high-profile attacks, inspired several spin-off gangs, and in the end, caused major turmoil among partnering hackers who supported them.

dnwls0719 found a new MeduaLocker ransomware variant that appends the .farattack extension to encrypted files.

QNAP force-updated customer's Network Attached Storage (NAS) devices with firmware containing the latest security updates to protect against the DeadBolt ransomware, which has already encrypted over 3,600 devices.

Emsisoft has released a decryption tool for DeadBolt, but users will still need to obtain a decryption key by paying the ransom.

PCrisk found two new STOP ransomware variants that append the .qqqe or .yoqs extensions.

Jir Vinopal found a new ransomware that was created by the Thanos builder that appends the .NARUMI extension.

Read more:
The Week in Ransomware - January 28th 2022 - Get NAS devices off the Internet - BleepingComputer

It offers an excellent mixture of business operations, advanced technologies, policy solutions, and the latest technology to provide a better user experience. MarketsandResearch.biz has just launched a worldwide study report entitled Global Internet Security Firewall Market from 2021 to 2027. Market segmentation is based on forms, functions, end-users, and regions to provide such a detailed understanding of the markets growth potential.

A study of production and consumption, as well as the presence of key players in this industry, are also included in the report, as are statistics on growth in the financial industry. Revenue margin, price, rotation, and gross margin are all estimated.

DOWNLOAD FREE SAMPLE REPORT: https://www.marketsandresearch.biz/sample-request/195856

Major key vendors/industry manufacturers include:

SAP, Hewlett Packard Enterprise, Cellusys, Openmind Networks, Tata Communications, ANAM Technologies, AMD Telecom, Adaptive Mobile, Infobip, EVOLVED INTELLIGENCE, MOBILEUM, OMOBIO

There is an examination of the market shares and growth potentials for each product category as well as for each sector. There is also a forecast of the markets size for the period from 2021 to 2027. The analysis shows that the global marketplace for Internet Security Firewall is expected to grow rapidly in the future, based on the present patterns.

Market segmentation by type:

Cloud-Based, On-Premise

Market segmentation by application:

Small and Medium Enterprise, Large Enterprise

Regions and countries mentioned in the global Internet Security Firewall market report:

North America (United States, Canada and Mexico), Europe (Germany, France, United Kingdom, Russia, Italy, and Rest of Europe), Asia-Pacific (China, Japan, Korea, India, Southeast Asia, and Australia), South America (Brazil, Argentina, Colombia, and Rest of South America), Middle East & Africa (Saudi Arabia, UAE, Egypt, South Africa, and Rest of Middle East & Africa)

ACCESS FULL REPORT: https://www.marketsandresearch.biz/report/195856/global-internet-security-firewall-market-2021-by-company-regions-type-and-application-forecast-to-2026

An in-depth assessment of the proposed market landscape is offered in the report. The study also provides a detailed analysis of general main trends, threats, and difficulties that appear to have a significant impact on the creation of income in the industry. Industry growth predictions for Internet Security Firewall were created using quantitative and real worth methods.

Customization of the Report:

This report can be customized to meet the clients requirements. Please connect with our sales team (sales@marketsandresearch.biz), who will ensure that you get a report that suits your needs. You can also get in touch with our executives on +1-201-465-4211 to share your research requirements.

Contact UsMark StoneHead of Business DevelopmentPhone: +1-201-465-4211Email: sales@marketsandresearch.bizWeb: http://www.marketsandresearch.biz

The rest is here:
Global Internet Security Firewall Market 2021 Emerging Players, Growth Analysis And Precise Outlook 2027 The Oxford Spokesman - The Oxford Spokesman