Comodo’s 2018 Cybersecurity Predictions: Smart Infrastructure Security, SSL Everywhere, The Rise of AI and More

Online Security
Reading Time: 4 minutes
Cyber Security

Cybersecurity in 2017 was a long, winding road with many surprising obstacles. Every other week, there seemed to be a new widespread cyberthreat wreaking havoc, followed by the emergence of new and/or improved security technologies to counter the attack. We saw an influx of Internet of Things (IoT) hacks, increasing nation-state attacks globally, massive breaches caused by easily fixable, missed website patches, the prominence of artificial intelligence (AI) in security, and crippling worldwide ransomware and customer data theft attacks.

So what new cyber twists and turns can we expect in 2018? Based on the past year’s trends, Comodo’s panel of cybersecurity and threat experts compiled their top predictions on what new risks will be introduced, what new technology is needed to stop cybercriminals’ evolving techniques, and what areas organizations should focus their resources on in 2018.

VP of Cybersecurity Carlos Solari focuses on the need for smart infrastructure security as the technology becomes more and more common:

 

  • “Smart cars need smart roads…which need smart-secure IT/OT infrastructures. Seeing, hearing, reading all the buzz and the impressive investment dollars behind the start of smart cars reminds me of when we thought that personal computers were the answer to take on the monolithic mainframe. That was in the 1970s.
  • Fast forward to the present, and we now see that they needed an infrastructure – call it the internet in all its manifestations of protocol adoption, ethernet, websites, cloud data centers, mobile devices, etc. Smart cars serve as just one example. Were these PCs and their connections to the internet infrastructure made secure, at the earliest point of the OSI stack and TCP/IP implementations? No. That started late, and it remains in catch-up mode.
  • We are at the moment of massive changes coming from robotics, IoT, and yes, even smart cars. They will succeed when they are coupled with smart roads and smart IT/OT infrastructures. That is the prediction. Now to the question. Think we should make them secure…before it’s too late?”

VP of Threat Labs Fatih Orhan explores SSL certificate reach, malware protection technology advancements and IoT:

 

  • “SSL certificates will be everywhere. Phishing sites will be even more prevalent, and we’ll see more phishing sites with valid SSL, especially with the lowered requirements to obtain free certificates.”
  • “Cybercriminals became more organized, and they act ‘as a service’ (aaS). Companies will also demand more security products ‘as a service’ to keep up—plus to maintain lower costs and increase efficiency.”
  • “Malware attacks become even more complex every day, and security products will follow suit. More machine learning and AI-based solutions will, therefore, join the market in 2018.”
  • “Ransomware is continuing to be a major threat for consumers and SMEs. Just look at WannaCry, BadRabbit and NotPetya in 2017. New products specific to this malware type will be developed by companies that want to protect against ransomware.”
  • “IoT security is becoming a real concern, and every device is at risk. We need to be as vigilant with these types of devices as we are with PCs and servers. IoT devices and networks should be scanned for viruses and malware and have their firmware and operating systems checked as standard procedure. Security products should aim to protect even sensors.”

VP of Security Journeys Steven A. Menges explains why 99% effective protection from new malware is good…but not nearly good enough for the year ahead:

 

  • “Tolerance for 98-99% effective malware solutions will wane, and organizations will demand 100% prevention and protection.
  • The industry stubbornly sticks to an outdated ‘default allow’ approach that permits some new, unknown applications and files to run with unfettered access to system resources, welcoming sophisticated new threats with open arms. In sharp contrast, a solution featuring a ‘default deny’ security posture blocks and denies entry to those unknowns until they can be ruled out as new malware. Some solutions do this and automatically wrap unknown applications/executables in an isolated container so the user can open it in a safe environment during the analysis, which provides that default deny protection, but with the default-allow usability desired by businesses.
  • When it comes to files, applications and other code knocking at your endpoint doors, you should fear the unknown, at least until you understand it.  Adopt ‘default deny’ and simply keep them out (or safely contained) until you know they’re not a new threat, and address that last 1%.”

What is Endpoint Protection?
Though we can’t see the future, these highly probable insights should offer a helpful glimpse into this year’s cyberthreats and security trend crystal ball. Questions for our experts? Leave a comment below.

Related Resources:
  1. How To Improve Your Company’s Cyber Security Readiness
  2. Why you’re putting your network at risk with a defensive approach to malware
  3. The Seven Advantages of Hiring a Cyber Security Provider
  4. Cyber Security
  5. Cyber Security Solutions
  6. Online Link Scanner

Understanding Patch Management’s Importance

Reading Time: 2 minutes
Patch Management

The tried-and-tested practice in the IT service industry is keeping your systems updated – no matter what. It is important to have a patch management system specialized for your whole company and for your specific IT functions.

Patch Management Definition

Upgrades for software applications and systems that you have on your computers and network devices are called patches. When you have an ongoing plan for managing patches that can help your business or organization to deal with changes efficiently it is called Patch Management.

Reasons Why You Need Patch Management

 1. Reporting

If you want to track the updates on your security posture and systems anytime, a good patch management applications can issue an detailed reporting for you.

2. Compliance

A good patch management solution can ensure all of your systems are updated; and simplify your compliance to any internal policies or external requirements such as PCI.

3. Third Party Application Patching

Deploying patches for the third party applications among their systems is a major challenge to IT companies. Third party apps can be managed by patch management applications just like other systems.

4. Supportability

There are a couple of companies with networks that are no longer in a supportable condition if they fail to update their patching and service packs. Getting a good patch management solution guarantees that won’t happen.

5. Vulnerability Scanning and Correction

Keeping up with security updates is one of the essential reasons to have patch management. Administrators who use patch management applications can scan and report vulnerabilities, giving them the ability to test patches and exert updates immediately.

Problems of not Having Patch Management

There are no perfect infrastructure and information systems – especially when they are newly released in the market. The number of vulnerabilities discovered over a long time can seriously damage the coherence and security of information, and with proper patch management, you can prevent these problems.

A solid patch management system means the network is persistently monitored, and if a patch for a vulnerability is released, it gets quickly deployed, preventing any problems.

patch management

Related Resources:
Free Patch Management Software
Patch Management Software Comparison

Patch Management Metrics

Comodo Threat Intelligence Lab Update – Cyber Monday

Comodo Threat Intelligence Lab
Reading Time: 2 minutes
Threat Intelligence Lab

Globally, on Monday, November 27th… Cyber-Monday… the Lab saw a massive spike in detections. The reason? Cyber Monday deals lead to more people searching and shopping on the web than usual. More active endpoints mean more malware activity.

Over 17 million malware files were detected the week of December 6. This is more than a 33% increase from the previous week’s 13 million detections.

Last week, we reported that Taiwan was one of the countries under attack from the Ramnit virus. Now, we are seeing disproportionate levels of malware in Kazakhstan, Namibia, Mexico and Taiwan again. The Lab recommends a security review of patch management and endpoint protection for all enterprises with offices or other operations in these countries.

Trojans were the most detected key malware type, followed by viruses and worms. Trojans and worms hit Russia the hardest, followed by Brazil, Turkey, the United States and South Africa.

The most prevalent worms were Autorun and Dropper; among viruses it was Sality; and among Trojans, we saw Autoit, Scar, Agent, Fynloski and the infamous WannaCry ransomware virus.

The Comodo Threat Intelligence Lab recommends defense in depth with a robust endpoint URL filter as the best mitigation against Trojans. And to stay protected against worms, we recommend personal firewalls, which may not be as trendy as artificial intelligence and machine learning, but are still highly effective at keeping worms from spreading in your environment.

The limitations of machine-based analysis have also emerged. While machines can detect known malware executables and simple unknown ones, they cannot analyze complex unknown malware files, which numbered almost 75,000 last week. Complex unknown files require expert human analysis.

The Lab recommends implementing a default deny security approach for new unknowns to prevent infections in your endpoints from newly created or modified malware.

Despite this massive spike in malware activity, no active Comodo Advanced Endpoint Protection users were infected. This demonstrates the benefits of the Default-Deny security posture with Auto-Containment of unknown files while they’re being analyzed.

The Comodo Threat Intelligence Lab will continue to monitor cybersecurity events and malware attacks. As always, we’ll provide you with vital updates in weekly and special videos and reports.

If you would like to learn more about security threat report offered by Comodo Threat Intelligence Lab or subscribe and access the archives, please visit comodo.com/lab. Stay cyber safe! … and thank you.

What is Website Security?

Website Security check
Reading Time: 3 minutes
Website Security

Website security is critical component to protect and secure websites and servers. Websites are scanned for any possible vulnerabilities and malware through website security software. This software can scan for backdoor hacks, redirect hacks, Trojans, and many other threats. A website security software notifies the user if the website has any issue and provides solutions to address them.

Enterprise Networks are always at high risk of vulnerability and ensuring website security is vital.If the Network gets compromised, the server and the website get compromised as well – this would let the malware infiltrate through the enterprise network and introduce malware activities

Features of a good Website Security Plan

Website Security Issues
Your website handles customers’ personal sensitive data like the bank credentials, social security numbers and other vital information like credit card details. There are a lot of website security issue that might occur in a myriad ways:

Website Source Code
When the website code is not well developed there are a lot of security issues. If your web server and web apps are complex to manage – weaknesses, bugs and security flaws are a sure thing. The more dynamic the site, the more possibilities of bugs and security holes.

Website Visitor Access
There are websites that creates a space for visitor interaction, much like a chat room or any other option to make it visitor-friendly. Nevertheless, this brings a higher chance of the website being vulnerable. When there is an avenue through which the visitors are allowed to access corporate resources, it becomes more complex to identify and distinguish between the genuine and malware-intended visitors. So restricting or stopping the unauthorized bad guys is a challenge.

Website Security Software
Website Security Software equips the website for protection against cyber attacks. Website security service works by implementing the managed Security as a Service Model. These software are used by vendors to provide Website Security Service, usually as a managed Security-as-a-Service (SaaS) model.

Malware doesn’t differentiate

Malware is not biased. Security attacks are automated and all websites are prone to attack. There is no specific target on the websites. Website Security builds website reputation and customer trust. This ensures that the website is malware proof and the customers’ data are well protected.

Website Security Attacks are becoming more sophisticated

Hackers find new and innovative ways to attack a website. Malware is designed and developed to identify vulnerable websites. The intension of such malicious activities are distinct: while the purpose of some malicious attacks are to steal the data, some are to extend malicious activity for longer term.

Better performance

Website security software improves the overall website load time. The Content Delivery Network stores the website content on multiple servers available globally.

Consistent scanning and Instant Malware removal

Website security assures regular, thorough, in depth website scanning at a server level.

Advanced security monitoring

It is not just about the infecting the website. The Website Security oversees corresponding (DNS, SSL, WHOIS) to ensure that the customers or the visitors are not redirected to malicious website and secures the customers from sharing the private information.

Absolute Malware prevention

It obstructs malware even before it tries to infect the website. Website Security system uses Web Application Firewall (WAF) to check and verify all the incoming data and assures to filter out the malicious code, even before it tries to impose an attack.

website security

Related Resources:
  1. Malware Removal
  2. Link Scanner

Why did a UK-Based IT Support Company Choose Korumail?

Reading Time: 2 minutes
Korumail

On November 4, UK-based IT support company Strobe IT announced it had replaced its previous antispam engine with Comodo Korumail. Going forward, Strobe IT clients will be protected from spam, phishing, spoofing, and other email nuisances with Comodo’s multi-layer antispam protection. In a blog post on its website, Strobe IT laid out its four reasons for choosing Korumail over any other antispam engine on the market:

Why Korumail?

  1. KoruMail uses Comodo’s business grade antivirus product for scanning emails instead of a free basic scanner.
  2. Comodo have a dedicated team creating and writing spam rules allowing us to be ahead of the game.
  3. Not only do we have the access to RBL’s (Blacklists), Comodo provides their own managed list like this too.
  4. More customizable so we can tailor it to each client.

After using Korumail for only two days, Strobe IT reported seeing a 20% jump in the amount of spam emails being caught.

“Before this we were seeing about 70% of email being classed as clean. Now we see on average 45-50% classed as clean.”

Strobe IT was also pleased with the amount of categories and tags Korumail applies to incoming emails. Rather than just splitting emails into “Spam,” “Clean,” or “Virus” categories, Korumail divides emails into numerous highly-specific categories, including “Spam,” “Probable Spam,” “Virus,” “Social,” “SPF Reject,” and many more. Korumail can even tag the subject lines of incoming emails, with tags like [PROMO] for advertisements, which allows users to filter and sort emails into folders with ease.

Learn More About Korumail

Comodo KoruMail is an enterprise anti-spam and threat prevention appliance that uses a sophisticated array of spam filters, anti-virus scanners and content analysis engines to prevent unsolicited mail from ever entering your network. The solution is compatible with all major MTAs (Mail Transfer Agents), integrates easily into existing e-mail structures, and is scalable to thousands of users.

To learn more about Korumail’s key features and benefits, visit the Korumail website.

How to Check Your Website Security

Online Security
Reading Time: 2 minutes

These days, everyone is concerned about online security. Recent data breaches and ransomware attacks have demonstrated that hackers have the ability to cause immense damage and, in some cases, cause companies to shut down. So, every website owner must take the proper precautions and ensure that their website is secure. Here are a couple of questions you need to ask yourself to determine if your website is malware infected:

Have you received a malware alert on Google Webmaster Tools?

clean your site

Is your website blacklisted?

Website Security

Is your website loading slower than usual?

website loading slower

Are browsers displaying warnings about your site?

browsers displaying warnings

Is your site sending emails on its own?

site sending emails

Has your hosting provider shut down your site due to malware?

shut down your site due to malware

Are you seeing strange files and/or folders on your site?

strange files or folders

Are there strange redirects happening on your site?

redirects happening on your site

Is your site not loading?

Is your site not loading

Use Comodo Cwatch

Comodo cWatch Web is a Managed Security Service (MSS) operating in a Security-as-a-Service (SaaS) model. This means it is software (no appliance required) designed to protect your company’s web activity.

Comodo cWatch Web

Related Resources
  1. Link Scanner

3 Important Things Windows Patch Management Should Do.

Reading Time: 2 minutes
Patch Management

IT professionals understand the necessity of patches, even if it’s not one of their favorite things to do. However, if someone told you that there was an option that did almost everything for you, you’d probably be interested. A Windows patch management tool that will help you find and utilize patches to keep systems running smoothly, bug-free and safely.

Windows updates are a common example of a patch. If you use Windows, you are probably familiar with those messages from your operating system (OS) prompting you to accept them. With Windows 10, you need to restart your machine with updates.

Imagine yourself maintaining a car. Without regular check-ups, new tires and parts, you can still drive your car, however, it’ll become dangerous to drive if you keep avoiding the mechanic. Eventually, the car may break down or cause an accident. Get the analogy?

You should easily be able to:

1. Gain Control Over Windows Patching Servers.

Patch management tools are meant to integrate with your current patching system to automatically update your patches on a schedule that fits your needs. It should allow you to create various schedules for different groups or computers within the system and network.

2. Deploy Automated Windows Patch Management.

Patch management shouldn’t be difficult, and it should be automated, so you can set the parameters and be confident they are running in the background when they’re supposed to.

3. Utilize Third-Party Software Patch Management.

Along with specific operating-system patches, you should have Third Party Options should be available. It’s the only way to keep an integrated system safe and fully functional.

To learn more about patch management and use Comodo patch management for free, visit: https://www.itarian.com/patch-management.php

patch management

Family Business Web Filtering Solution- Comodo Dome

Reading Time: 2 minutes
Web Filtering

If you have kids, you know that the internet can be a dangerous place. But the internet can be equally, if not more dangerous to your employees and colleagues. They are adults, but they can still need some help to protect themselves and their environment from danger on the Internet. Not everything is what it seem.

Web Filtering Solution?

Web Filter – which is also commonly referred to as “content control software” – is a piece of software that is designed to restrict what websites a user can and cannot access on the internet.

On the surface, it’s pretty simple, but as with all technology, the deeper you drill down, the more complex things become. With precisely 1,292,812,747 live websites at the time of writing (according to the live counter at InternetLiveStats.com) and increasing all the time, there’s simply no way that every single website out there can be included on these lists at any one time. And so, some web filtering programs rely on algorithms and protocols to determine the content of a website before deciding whether access should be granted or denied.

It has two main customer bases:

1. Parents who wish to prevent their children from accessing content they consider
undesirable or inappropriate.

2. Businesses that want to prevent employees from accessing websites that don’t pertain to
their jobs.

Web filters are also commonly used as a prevention tool for malware, as the filters will block access to sites that commonly host malware, such as those related to pornography or gambling. The most advanced filters can even block information that’s sent out over the Internet, to ensure that sensitive data isn’t released.

Here are Some Key Advantages For An Enterprise:

  • Malware Control
  • Protection from Botnets.
  • Reduced Liability.
  • Increased Productivity.
  • Avoid Leakage of Private Information.

Start Protecting your users dangers of indiscriminate surfing on the web. Think about utilizing web filtering in your business. https://cdome.comodo.com/

Threat Detection Methods

Related Resource:

Getting Started With Comodo IT and Security Manager (ITSM)

Antispam
Reading Time: 3 minutes

Comodo IT and Security Manager (ITSM), which is a part of Comodo One initiative and is available absolutely free, assists MSPs in managing their client infrastructure, by equipping them with the necessary IT tools to address the four critical aspects of IT Service Management: device management, application management, security management and helpdesk management.

Subscribe to Comodo ITSM Now!
For more info visit: https://enterprise.comodo.com/itsm/

Getting started with Comodo ITSM software is easy and involves a 7-step process. Let’s take a brief look at how this can be accomplished. [Note: this is just a simple overview, for more detailed explanation, visit: https://help.comodo.com/topic-399-1-786-10091-Quick-Start.html].

1. Enroll With Comodo One here: https://one.comodo.com/signup/ (you’ll be required to confirm your details via verification mail sent to your inbox. And upon successful login, you’ll be required to provide your Account (Company) details. Example: specifying whether your Enterprise or MSP, company address etc.,).

ITSM

comodo setup

2. Configure ITSM Communications: For your ITSM server to communicate with devices you’ll enroll, you need to install an Apple Push Notification (APN) certificate and/or a Google Cloud Messaging (GSM) Token on your Portal (Login to Comodo One >Applications > IT and Security Manager>Settings >Portal Set-Up to apply the token).

3. Add Users (Comodo One MSP Staff): To add your MSP Staff to Comodo ITSM, do the following: Applications > IT and Security Manager > Users > User List > Create User.

comodo it security

 

4. Enroll User Devices: To add user devices which are going to be managed, MSP(s) can do the following: Applications > IT and Security Manager>Devices>Device List>Enroll Device.

comodo it security manager

5. Create Configuration Profiles: Using Configuration Profiles, you can define security policies which can be applied to various devices (see step 6) to define the device’s network access rights. You can also schedule antivirus scans for various devices and carry out other such activities here. (Applications>IT and Security Manager>Configuration Templates>Profiles).

Create Configuration Profiles

6. Apply Configuration Profiles To Devices Or Device Groups: Finally, you should apply the configured profiles to the respective devices or device groups.

Comodo ITSM is Available for Free! Try it Now!

Comodo ITSM