Category Archives: software

Simple ways an SME can guard itself from cybercrimes

1. Get secure office hardware.

“In the scramble to secure the cloud, hardware is often overlooked,” says Christoph Schell, president, Americas, HP Inc. “The truth is, if you have 500 employees, it is easier to have one secure cloud structure than it is to secure 500 laptops. Reduce your risk through security-centered device management and proactive practices and policies to engage each employee in the security process.”

In addition to creating a secure network, small businesses must select secure hardware and adopt secure protocols to really protect themselves. HP Inc., has developed security software Touchpoint Manager to help companies streamline their protection policy, minimize security vulnerabilities and monitor protected systems.

2. Keep spies out of your email.

Marketers, lawyers and sales people are widely using email tracking solutions to improve sales and better engage with prospects and current clients. Those solutions are popular in CRM systems as well. But cybercriminals are also using these tools to track the date and time emails are opened, where they are opened, where they are forwarded and so forth.

MailControl allows companies to block spymail from hitting their inbox. It is an especially effective tool in preventing targeted phishing attacks from reaching your business.

3. Stop ransomware.

The most prevalent cyber security risk to small businesses today is ransomware. The FBI estimates that over 4,000 U.S. businesses are infected by ransomware every day.  Ransomware takes control of the files on small business networks by encrypting them and holding them for ransom. The existing tools, like anti-virus, are not effective against the rapidly changing variants.

WatchPoint has an easy to use tool, called CryptoStopper, which small businesses can download and install to protect their network. CryptoStopper deploys bait files throughout a network. When these bait files are encrypted, the infected user is isolated, and the ransomware is stopped before doing damage. This is a new and unique approach to stopping ransomware.

4. Train your employees.

One of the most common, and preventable, attacks on small businesses is a social-engineering attack triggered by phishing attempts, improper web use or incoming phone calls. The most current training systems on the market are designed for large enterprises, but some companies set up our solution to help any size business, from those with just a few employees to those with thousands.

Security Awareness Training — Security Mentor: Employees aren’t always ready to combat a cyberattack or know when they are being baited into one. Security Mentor has created 10-minute lessons with its Security Awareness Training program. Small businesses will be able to train employees to be aware and alert, while making the right choices in a potential cyber crisis through these brief, online lessons.

5. Get SLL for your website.

Traditionally, companies have used SSL/TLS certificates (displayed as “https”) only on shopping carts or login pages. This can help, as it encrypts the data being sent between the customer’s computer and the SMB’s web server. Also, if companies use an Extended Validation (EV) certificate, the web browser will display a green padlock and website-address bar, as well as the company’s name next to the website address.

Today, though, companies are encouraged to follow what’s known as Always on SSL. This means that the entire website is protected by https, instead of just a couple of pages. This helps protect against modern attacks that seek to steal information when a site visitor browses between secure and not-secure pages.

Finally, Dan Hubbard, product CTO of Cloud Security, Cisco Systems, shared some advice. “There are a few things small businesses can do,” he said. First, make sure you have security solutions in place that are proven to detect and stop the majority of malware — and make sure they are deployed at critical points within the company.

“Second, in terms of ransomware: Back up your data. If you have a copy of your information that the attackers can’t get to, you are not at their mercy.”

Cyber-security: Open Source Security Tools to secure networks and systems

There are thousands of open source security tools with both defensive and offensive security capabilities.

The following are 10 essential security tools that will help you to secure your systems and networks. These open source security tools have been given the essential rating due to the fact that they are effective, well supported and easy to start getting value from.

1. Nmap – map your network and ports with the number one port scanning tool. Nmap now features powerful NSE scripts that can detect vulnerabilities, misconfiguration and security related information around network services. After you have nmap installed be sure to look at the features of the included ncat – its netcat on steroids.

2. OpenVAS – open source vulnerability scanning suite that grew from a fork of the Nessus engine when it went commercial. Manage all aspects of a security vulnerability management system from web based dashboards. For a fast and easy external scan with OpenVAS try our online OpenVAS scanner.

3. OSSEC – host based intrusion detection system or HIDS, easy to setup and configure. OSSEC has far reaching benefits for both security and operations staff.

4. Security Onion – a network security monitoring distribution that can replace expensive commercial grey boxes with blinking lights. Security Onion is easy to setup and configure. With minimal effort you will start to detect security related events on your network. Detect everything from brute force scanning kids to those nasty APT’s.

5. Metasploit Framework – test all aspects of your security with an offensive focus. Primarily a penetration testing tool, Metasploit has modules that not only include exploits but also scanning and auditing.

6. OpenSSH – secure all your traffic between two points by tunnelling insecure protocols through an SSH tunnel. Includes scp providing easy access to copy files securely. Can be used as poor mans VPN for Open Wireless Access points (airports, coffee shops). Tunnel back through your home computer and the traffic is then secured in transit. Access internal network services through SSH tunnels using only one point of access. From Windows, you will probably want to have putty as a client and winscp for copying files. Under Linux just use the command line ssh and scp.

7. Wireshark – view traffic in as much detail as you want. Use Wireshark to follow network streams and find problems. Tcpdump and Tshark are command line alternatives. Wireshark runs on Windows, Linux, FreeBSD or OSX based systems.

8. BackTrack – an Ubuntu based Linux distribution that is configured with hundreds of security testing tools and scripts. Backtrack is well known with penetration testers and hobbyists alike.

9. Nikto – a web server testing tool that has been kicking around for over 10 years. Nikto is great for firing at a web server to find known vulnerable scripts, configuration mistakes and related security problems. It won’t find your XSS and SQL web application bugs, but it does find many things that other tools miss. To get started try the Nikto Tutorial or the online hosted version.

10. Truecrypt – encrypt all the things. Truecrypt is a strong encryption utility that can encrypt entire volumes or create an encrypted container within a file system. Use Truecrypt to protect your flash drives. If it gets lost, even the NSA will have trouble reading the data.

Phones supporting Windows 10 Mobile

  • Alcatel OneTouch Fierce XL

  • BLU Win HD LTE x150e

  • BLU Win HD W510U

  • BLU Win HD LTE X150Q

  • BLU Win JR x130e

  • Lumia 430

  • Lumia 435

  • Lumia 532

  • Lumia 535

  • Lumia 540

  • Lumia 550

  • Lumia 635 (1GB)

  • Lumia 636 (1GB)

  • Lumia 638 (1GB)

  • Lumia 640

  • Lumia 640 XL

  • Lumia 650

  • Lumia 730

  • Lumia 735

  • Lumia 830

  • Lumia 929 (ICON)

  • Lumia 930

  • Lumia 950

  • Lumia 950 XL

  • Lumia 1520

  • Mouse Computer Madosma Q501

  • Xiaomi Mi4

DevGuard

devguard

An Android mobile application that helps users track their lost mobile devices in Kenya. [Get from Google Play] [] []

DevGuard uses cutting edge features to increase the chances of the phone owner finding a lost phone and also preventing leakage of sensitive data to a third party.

Top Features:

• Receive fraudster alerts

• Detect SIM Card replacement

• Remotely locate lost mobile device using “locate” or “track” commands

• Remotely check telephony information

• Remotely set mobile device password using “reset password ****” command

• Remotely lock mobile device using “lock device” command

• Remotely wipe mobile device data using “wipe device” command

Note: Care should be taken when using “wipe device” command. The command should be used as a last resort because it will erase all device’s data.

DevGuard_Screenshot_1        DevGuard_Screenshot_3

Operations:

To be able to Lock the mobile device and wipe device data remotely, enable the device as Device Administrator upon installation.

A password is required to prevent unauthorized access to the mobile application.

Set up guard mobile number that will be used to remotely command the device when the mobile device is lost.

The mobile number will also receive all tracking information.

The guard mobile number should be of a trusted relative or friend because all tracking information will be send to the guard number when the device is lost.

On receiving the location coordinates, copy and paste the coordinates in https://maps.google.co.ke/ to see device’s current location.

You can search “Route” TO coordinates as “destination” to determine the path to your device.

NOTE: One should not retrieve a lost mobile device from the person in possession of the device without proper security. For your own security, liaise with a policeman to retrieve the device for you.

When a device is stolen, try as much as possible to locate the device within 15 minutes to prevent further damages your mobile device.

If the device cannot be located, send an email of the IMEI and scanned purchase receipt (for authenticity purposes) to devguardke [at] gmail [dot] com for further assistance.

googleplay

 

Free Kaspersky Tools and Utilities

  1. Kaspersky Virus Removal Tool 

    Virus Removal Tool is a utility designed to remove all types of infections from your computer. It employs the effective detection algorithms used by Kaspersky Anti-Virus and AVZ. It cannot substitute a resident antivirus application. Download

  2. Kaspersky Security Scan 

    Download the free, easy-to-use scanner that rapidly finds malware & threats that may be hidden on your PC – even if you already have an antivirus product or firewall installed. You’ll get a detailed report on your PC’s security status – plus tips on improving your PC’s protection. Download

  3. Kaspersky Rescue Disk 10 

    Kaspersky Rescue Disk is designed to scan, disinfect and restore infected operating systems. It should be used when it is impossible to boot the operating system. Download

List of Free Antivirus