WebTitan https://www.webtitan.com Fri, 15 Jun 2018 13:49:13 +0000 en-US hourly 1 https://wordpress.org/?v=4.9.6 WebTitan Incorporated into Datto’s Network Security Solutions https://www.webtitan.com/blog/webtitan-incorporated-into-dattos-network-security-solutions/ Thu, 14 Jun 2018 09:40:23 +0000 https://www.webtitan.com/?p=3384 TitanHQ has announced as part of its strategic alliance with networking and security solution provider Datto, WebTitan Cloud and WebTitan Cloud for Wi-Fi have been incorporated into the Datto networking range and are immediately available to MSPs. Datto is the leading provider of enterprise-level technology to small to medium sized businesses through its MSP partners. […]

The post WebTitan Incorporated into Datto’s Network Security Solutions appeared first on WebTitan.

]]>
TitanHQ has announced as part of its strategic alliance with networking and security solution provider Datto, WebTitan Cloud and WebTitan Cloud for Wi-Fi have been incorporated into the Datto networking range and are immediately available to MSPs.

Datto is the leading provider of enterprise-level technology to small to medium sized businesses through its MSP partners. Datto offers data backup and disaster recovery solutions, cloud-to-cloud data protection services, managed networking services, professional services automation, and remote monitoring and management tools.

The addition of WebTitan to its range of security and networking solutions means its MSP partners can now offer their clients another level of security to protect them from malware and ransomware downloads and phishing attacks.

WebTitan is a 100% cloud-based DNS web filtering solution developed with MSPs in mind. In addition to allowing businesses to carefully control the types of websites their employees can access through corporate wired and wireless networks, the solution provides excellent protection against phishing attacks and web-based threats.

With phishing now the number one threat faced by SMBs and a proliferation of ransomware attacks, businesses are turning to their MSPs to provide security solutions to counter the threat.

Businesses that implement the solution are given real-time protection against malicious URLs and IPs, and employees are prevented from accessing malicious websites through general web browsing and via malicious URLs sent in phishing emails.

“We are delighted that Datto has chosen TitanHQ as a partner in web security. By integrating TitanHQ’s secure content and web filtering service, we are well positioned to offer Datto MSPs a best of breed solution for their small to mid-size customers,” said TitanHQ CEO, Ronan Kavanagh.

“We pride ourselves in equipping our community of Managed Service Provider partners with the right products and tools to allow each and every customer to succeed,” said John Tippett, VP, Datto Networking. “With that in mind, I’m delighted to welcome TitanHQ as a security partner and look forward to growing our partnership.”  

At the upcoming TitanHQ-sponsored DattoCon 2018 conference in Austin, TX – the largest MSP event in the United States – MSPs will be able to see WebTitan in action. TitanHQ’s full team will be in attendance, including Ronan Kavanagh – TitanHQ’s CEO, Conor Madden – Sales Director, Dryden Geary – Marketing Manager, and Eddie Monaghan – Alliance Manager.

MSPs can visit the TitanHQ team at booth #66 in the exhibition hall for a demonstration of WebTitan, SpamTitan – TitanHQ’s award -winning spam filtering solution – and ArcTitan, TitanHQ’s email archiving solution. All three solutions are MSP friendly and are easily added to MSP’s service stacks.

DattoCon 2018 runs all week from June 18, 2018. The TitanHQ team will be present all week and meetings can be arranged in advance by contacting TitanHQ ahead of the conference.

The post WebTitan Incorporated into Datto’s Network Security Solutions appeared first on WebTitan.

]]>
Your Router May Have Been Compromised: Urgent Action Required https://www.webtitan.com/blog/your-router-may-have-been-compromised-urgent-action-required/ Tue, 29 May 2018 16:43:02 +0000 https://www.webtitan.com/?p=3380 A hacking group has succeeded in infecting hundreds of thousands of routers with VPNFilter malware. The scale of the malware campaign is astonishing. So far more than half a million routers are believed to have been infected with the malware, prompting the FBI to issue a warning to all consumers and businesses to power cycle […]

The post Your Router May Have Been Compromised: Urgent Action Required appeared first on WebTitan.

]]>
A hacking group has succeeded in infecting hundreds of thousands of routers with VPNFilter malware. The scale of the malware campaign is astonishing. So far more than half a million routers are believed to have been infected with the malware, prompting the FBI to issue a warning to all consumers and businesses to power cycle their routers.

Power cycling the router may not totally eradicate the malware, although it will temporarily disrupt communications and will help to identify infected devices, according to a May 25 public service announcement issued by the FBI.

All users have been advised to change the password on their router, install firmware updates if they are available, and disable the router’s remote management feature.

According to the U.S. Department of Justice, the malware campaign is being conducted by the Sofacy Group, also known as Fancy Bear and APT28. The hacking group has ties to the Russian government with some believing the hacking group is directed by Russia’s military intelligence agency.

While most of the infected routers and NAS devices are located in Ukraine, devices in more than 50 countries are known to have been infected with the malware. VPNFilter malware is a modular malware with a range of different functions that include the ability to capture all information that passes through the router, block network traffic and prevent Internet access, and potentially, the malware can totally disable the router. The infected routers could also be used to bring down specific web servers in a DDoS attack.

Many common router models are vulnerable including Linksys routers (E1200, E2500, WRVS4400N), Netgear routers (DGN2200, R6400, R7000, R8000, WNR1000, WNR2000), Mikrotik RouterOS for Cloud Core Routers (V1016, 1036, 1072), TP-Link (R600VPN), QNAP (TS251, TS439 Pro and QNAP NAS devices running QTS software).

The motive behind the malware infections is not known and neither the method being used to install the malware. The exploitation of vulnerabilities on older devices, brute force attacks, and even supply chain attacks have not been ruled out.

The FBI has taken steps to disrupt the malware campaign, having obtained a court order to seize control of a domain that was being used to communicate with the malware. While communications have now been disrupted, if a router has been compromised the malware will remain until it is removed by the router owners.

How to Update Your Router

While each router will be slightly different, they can be accessed by typing in 192.168.1.1 into the browser and entering the account name and password. For many users this will be the default login credentials unless they have been changed during set up.

In the advanced settings on the router it will be possible to change the password and disable remote management, if it is not already disabled. There should also be an option to check the firmware version of the router. If an update is available it should be applied.

You should then either manually power cycle the router – turn it off and unplug it for 20 seconds – or ideally use the reboot settings via the administration panel.

DrayTek Discovers Actively Exploited Zero Day Vulnerability

The Taiwanese broadband equipment manufacturer DrayTek has discovered some of its devices are at risk due to a zero-day vulnerability that is being actively exploited in the wild. More than 800,000 households and businesses are believed to be vulnerable although it is unknown how many of those devices have been attacked to date.

The affected devices are Vigor models 2120; 2133; 2760D; 2762; 2832; 2860; 2862; 2862B; 2912; 2925; 2926; 2952; 3200; 3220 and BX2000, 2830nv2; 2830; 2850; and 2920.

The vulnerability allows the routers to be compromised via a Cross-Site Request Forgery attack, one where a user is forced to execute actions on a web application in which they are currently authenticated. While data theft is possible with this type of attack, the attackers are using this attack to change configuration settings – namely DNS settings. By making that change, the attackers can perform man in the middle attacks, and redirect users from legitimate sites to fake sites where credentials can be stolen.

A firmware update has now been released to correct the vulnerability and all users of vulnerable DrayTek devices are being encouraged to check their DNS settings to make sure they have not been altered, ensure no additional users have been added to the device configuration, and apply the update as soon as possible.

When accessing the router, ensure no other browser windows are open. The only tab that should be open is the one used to access the router. Login, update the firmware and then logout of the router. Do not just close the window. Also ensure that you set a strong password and disable remote access if it is not already disabled.

Many small businesses purchase a router and forget about it unless something goes wrong and Internet access stops. Firmware updates are never installed, and little thought is given to upgrading to a new model. However, older models of router can be vulnerable to attack. These attacks highlight the need to keep abreast of firmware updates issued by your router manufacturer and apply them promptly.

The post Your Router May Have Been Compromised: Urgent Action Required appeared first on WebTitan.

]]>
TitanHQ Integrates WebTitan into Kaseya’s IT Complete Platform https://www.webtitan.com/blog/titanhq-integrates-webtitan-into-kaseyas-it-complete-platform/ Thu, 03 May 2018 17:19:56 +0000 https://www.webtitan.com/?p=3351 TitanHQ has announced its 100% cloud-based web filtering platform, WebTitan, has been fully integrated into the Kaseya IT Complete Platform. The IT Complete platform helps MSPs deliver invaluable cybersecurity and IT services to their clients quickly and efficiently. By using the platform, MSPs can save valuable time, allowing them to concentrate on IT projects strategic […]

The post TitanHQ Integrates WebTitan into Kaseya’s IT Complete Platform appeared first on WebTitan.

]]>
TitanHQ has announced its 100% cloud-based web filtering platform, WebTitan, has been fully integrated into the Kaseya IT Complete Platform.

The IT Complete platform helps MSPs deliver invaluable cybersecurity and IT services to their clients quickly and efficiently. By using the platform, MSPs can save valuable time, allowing them to concentrate on IT projects strategic to their business.

The addition of a web filtering solution to the IT Complete platform allows MSPs to provide a more comprehensive range of cybersecurity solutions to their clients to help protect against a wide range of web-based threats.  The web filtering solution joins cybersecurity solutions developed by Bitdefender, Cisco, and Dell and is now available to all MSPs who use Kaseya VSA.

WebTitan is a powerful DNS-based web filtering solution ideally suited to MSPs. The solution provides proven protection against malware and ransomware downloads, and complements existing anti-virus, email filtering, data backup solutions, and firewalls.

Being 100% cloud-based it is easy to deploy without the need for any hardware purchases, software installations, or site visits. With the new integration, WebTitan can be accessed directly through Kaseya VSA, and can be deployed and configured in minutes, providing near instant protection against web-based threats.

The integration of WebTitan into the Kaseya IT Complete platform is particularly timely, as some of the world’s leading MSPs will be attending the Kaseya Connect conference in Las Vegas, NV this week.

“Kaseya is a partner we have admired for a long time and I’m delighted to announce this integration. With over 10 million endpoints under their management it represents a massive opportunity for our business,” said Ronan Kavanagh, CEO of TitanHQ. “We look forward to working with Kaseya’s MSP partners and adding our personal touch and renowned focus on great customer support.”

The massive increase in cyberattacks on businesses in recent years has made cybersecurity a key area of growth for MSPs. Companies need to implement layered defenses to protect an ever-increasing attack surface and turn to MSPs to help them secure their networks.

“Security is a critical service that all MSPs must deliver,” said Frank Tisellano, Jr., vice president product management and design. “Adding WebTitan to our open ecosystem of partner solutions means our customers now have even greater access to best of breed technologies to meet the needs of their business. With growing concerns over malware, ransomware and phishing as key threats to MSP customers, WebTitan adds a highly effective layer of protection.”

The post TitanHQ Integrates WebTitan into Kaseya’s IT Complete Platform appeared first on WebTitan.

]]>
How Does WebTitan Work? https://www.webtitan.com/blog/how-does-webtitan-work/ Fri, 27 Apr 2018 12:54:06 +0000 https://www.webtitan.com/?p=3342 TitanHQ’s WebTitan is a powerful web filtering solution that helps businesses control the web content that can be accessed by its employees, but how does WebTitan work and how can the solution improve an organization’s security posture? Why Are Web Filters Necessary? Many businesses choose to implement a web filtering solution to prevent employees from […]

The post How Does WebTitan Work? appeared first on WebTitan.

]]>
TitanHQ’s WebTitan is a powerful web filtering solution that helps businesses control the web content that can be accessed by its employees, but how does WebTitan work and how can the solution improve an organization’s security posture?

Why Are Web Filters Necessary?

Many businesses choose to implement a web filtering solution to prevent employees from accessing inappropriate web content such as pornography or to stop work computers from being used to download illegal content such as pirated films, music, and TV shows. A category-based web filter allows businesses to block certain types of web content with ease, such as adult material and P2P file sharing websites.

While content filters can achieve those aims, perhaps a more important function of web filters is to block web-based threats such as malware and phishing websites. Many businesses choose to deploy WebTitan to block these threats, but how does WebTitan work?

How Does WebTitan Work?

WebTitan Cloud is a 100% cloud-based web filtering solution that serves as a semi-permeable membrane between an organisation’s users and the Internet. When an end user attempts to access a particular URL that does not violate an organization’s acceptable Internet use policy, the request is honoured. Since there is no latency, the speed at which the website is loaded is the same as if no filtering mechanism is in place.

Unknown to the user, when an attempt is made to access a webpage, the DNS request is sent to WebTitan Cloud which determines whether the request should be allowed or denied.

If the user attempts to access a gambling website and the gambling category has been blocked through WebTitan Cloud, the user will be advised that their request has been denied and access to the site will be prevented. But how does WebTitan work as far as malicious websites are concerned? How are malicious URLs identified and blocked?

How Does WebTitan Block Access to Malicious Websites?

How does WebTitan determine which URLs are benign and which ones are malicious, and how are those checks performed in real-time?

To block malicious sites, WebTitan uses a crowd-sourced approach and obtains a constant stream of URLs for analysis. These ActiveWeb URLs come from websites actively visited by a global network of customers through high traffic markets such as subscriber analytics, networks security, IOT, and ad tech.

This traffic is used to train WebTitan’s human-supervised Machine Learning Systems to detect, monitor, and categorize threats. Using in house and third-party tools, WebTitan performs link, content, static, heuristic, and behavioural anomaly analyses to categorize threats. When threats are detected, the WebTitan team profiles, tests and validates those threats. Once threats have been validated, they are blocked with false positives used to train the system to improve future accuracy.

In contrast to many DNS-based systems, which only work at the domain level, WebTitan works at the path level and is capable of blocking individual webpages rather than entire domains. The majority of malicious URLs in the WebTitan database are marked as malicious at the path level – 99.7% of IP-based URLs and 88.35% of non-IP-based URLs.

WebTitan performs checks of websites that have previously been marked as malicious to determine whether they still contain malware or other threats. The WebTitan Malicious Detection Solution revisits up to 300,000 sites to check whether they are still infected or have been cleaned, and the database is updated accordingly. Sites previously marked as malicious can be accessed once they have been determined to be safe.

What Web-Based Threats Does WebTitan Block?

There are ten main web-based threats that WebTitan protects against:

  • Malware distribution points
  • Ad fraud
  • Botnets
  • Spyware and questionable software
  • Phishing and other fraudulent sites
  • Command and Control (C2) servers
  • Malware call-home addresses
  • Compromised sites and links to malware
  • Spam URLs
  • Cryptocurrency mining

With WebTitan, businesses not only have highly granular control over the types of sites that can be visited by their employees, a wide range of malicious sites are also blocked, preventing malware and ransomware infections, data theft, data exfiltration and fraud.

You can view further information about WebTitan on this link. (PDF)

The post How Does WebTitan Work? appeared first on WebTitan.

]]>
Most Common Wireless Network Attacks https://www.webtitan.com/blog/most-common-wireless-network-attacks/ Thu, 19 Apr 2018 09:36:29 +0000 https://www.webtitan.com/?p=3313 The most common wireless network attacks are easy to pull off and can be highly profitable for criminals. It is therefore no surprise that wireless network attacks have increased significantly in the past couple of years. Wi-Fi is Ubiquitous, Yet Many Businesses Neglect Security Wi-Fi access used to be something you had to pay for, […]

The post Most Common Wireless Network Attacks appeared first on WebTitan.

]]>
The most common wireless network attacks are easy to pull off and can be highly profitable for criminals. It is therefore no surprise that wireless network attacks have increased significantly in the past couple of years.

Wi-Fi is Ubiquitous, Yet Many Businesses Neglect Security

Wi-Fi access used to be something you had to pay for, but now free WiFi is something that is taken for granted. Visitors to a hotel, coffee shop, bar, retail outlet, or restaurant now expect WiFi to be provided. The decision to use a particular establishment is often influenced by whether free WiFi is available, but increasingly the quality of the connection.

The quality of the WiFi on offer is not only about bandwidth. The massive rise in cyberattacks via public WiFi networks has seen consumers choose establishments based on the security of the WiFi access points. Parents often choose to visit establishments that offer controls over the types of content that can be accessed.

If you run a business and are providing WiFi or have yet to provide that service and are considering adding a WiFi hotspot to attract more customers, be sure to consider the security of your network. The past couple of years have seen many major attacks on WiFi networks. Some of the most common wireless network attacks are detailed below.

What are the Most Common Wireless Network Attacks?

Some of the most common wireless network attacks are opportunistic in nature. Businesses that fail to secure their WiFi networks leave the door wide open to amateur scammers and hackers who are all too happy to take advantage of poor security to steal credentials from users and spread malware. Unsecured WiFi networks are also targeted by sophisticated cybercriminals and organized crime groups.

Tel Aviv Free WiFi Network Hacked

One notable example of how easy it can be for a hacker to take over a WiFi network comes from Tel Aviv. Tel Aviv offers a city-wide free WiFi network, which incorporates basic security controls to keep users secure. However, it did not prove to be as secure as city officials thought.

While commuting home, Tel Aviv resident Amihai Neiderman noticed a new WiFi access point had appeared. The FREE_TLV access point was provided by the city and Neiderman decided to test its security controls. After determining the IP address through which WiFi clients accessed the Internet, he disconnected, scanned the router, and discovered the web-based login interface was run through HTTPS port 443.

While he found no major vulnerabilities, after extensive analysis he identified a buffer overflow vulnerability which he successfully exploited to take full control of the router. By doing so, if he was so inclined, he could have intercepted the traffic from tens of thousands of users.

Toasters Used to Hack Unsecured WiFi Networks

Perhaps not one of the most common WiFi network attacks, but notable none the less due to the rise in use of IoT devices. IoT capability has been incorporated into all manner of devices from toasters to washing machines. However, these devices can be vulnerable to supply chain attacks – Where hardware is altered which allows the devices to be used to attack WiFi networks. In 2016, Russian officials discovered chips imported from China had been altered and were being used to spread malware that could eavesdrop on unsecured WiFi networks from a range of 200 meters. They were used to infect those networks with malware that could steal information.

Interception of Unencrypted Traffic

Research by Kaspersky Lab in 2016 showed more than a quarter of public Wi-Fi hotspots set up in malls were insecure and lacked basic security controls. A quarter did not encrypt traffic at all, while research conducted by Skycure showed that five of the busiest 10 malls in the USA had risky WiFi networks. One mall in Las Vegas was discovered to be operating 14 risky WiFi access points. Hackers can use sniffers to monitor traffic on unencrypted WiFi networks.

Fake WiFi Access Points

Visitors to hotels, coffee shops and malls often connect to the free WiFi on offer, but various studies have shown that care is not always taken to connect to the official WiFi network. Criminals can easily set up fake WiFi access points, often using the name of the establishment. By connecting to the fake networks, users can still access the Internet, yet everything they do online is being monitored by cybercriminals. These man-in-the-middle attacks allow criminals to steal banking credentials, credit card numbers, and login information.

How is this done? The attacker simply creates a hotspot on a smartphone and pairs it with a tablet or laptop. The hacker can then sit in the coffee shop drinking a latte while monitoring the traffic of everyone that connects. One study indicated more than a third of WiFi hotspot users take no precautions when accessing WiFi hotspots and frequently connect to unsecured networks.

WiFi Networks Used to Gain Access to Business Data

Creating a WiFi network for guests is simple. Ensuring it is secure and cannot be used for attacks on the business network requires more thought and effort. Any business that allows customers to make purchases using credit and debit cards is a major target for hackers. The past few years have seen many major attacks that have resulted in malware being installed on POS systems. These are now some of the most common wireless network attacks.

How Can Businesses Prevent the Most Common Wireless Network Attacks?

How can businesses protect against some of the most common wireless network attacks? While it is difficult to prevent the creation of fake WiFi hotspots, there are steps that can be taken to prevent many common wireless network attacks.

Isolate the Guest Network

If your business network is not isolated from your guest WiFi network, it could be used to gain access to business data and could place your POS at risk of compromise. Use a router that offers multiple SSIDs – most modern routers have that functionality. These routers often have a guest SSID option or separate guest portal. Make sure it is activated when it is deployed. Alternatively, your wireless router may have a wireless isolation feature which will prevent WiFi users from accessing your internal network and other client devices. If you require multiple access points throughout your establishment, you are likely to need a VLAN or EoIP tunnel configuration – A more complicated setup that will require you to seek professional advice on security.

Create a Secure SSID

Your router will have a default SSID name, but this should be changed to personalize it to your business. If you make it easily identifiable, it will reduce the potential for rogue access points to be confused with your own.  Ensure that you enforce WPA2 encryption with a shared key and post that information for your customers along with your SSID.

Restrict WiFi Access

If your wireless router or access point is too powerful, it could be accessed from outside your premises. Choose a router that allows you to alter the strength of your signal and you can ensure only your customers will use your connection. Also ensure that your WiFi access point is only available during business hours. If your access points are left unsupervised, it increases the risk of attack.

Secure Your Infrastructure

Administrator access can be abused, so ensure that your login name and your passwords are secure. If the default credentials are not changed, it will only be a matter of time before they are abused. Change the username from ‘admin’ or any other default username. Set a strong password that includes upper and lower-case letters, at least one number, and a special character. The password must be at least 8 characters although more is better.  Alternatively use a 14-character+ passphrase.

Use Web Filtering

A web filtering solution is an essential protection for all WiFi networks. Web filters will prevent users from visiting websites and webpages that are known to have been compromised or have been confirmed as malicious. This will protect your customers from web-based threats as well as help to keep your network secure. A web filter will also allow you to prevent your network from being used to download or view unacceptable content such as pornography and lets you control bandwidth usage to ensure all customers can enjoy decent Internet speeds.

TitanHQ offers a scalable, easy to deploy, granular web filter for WiFi networks. WebTitan Cloud for WiFi requires no hardware purchases and no software downloads, and being 100% cloud-based, can be managed and monitored from any location.

The post Most Common Wireless Network Attacks appeared first on WebTitan.

]]>
EITest Web-Based Malware Distribution Network Disrupted https://www.webtitan.com/blog/eitest-web-based-malware-distribution-network-disrupted/ Tue, 17 Apr 2018 08:15:16 +0000 https://www.webtitan.com/?p=3311 A web-based malware distribution network that was redirecting around 2 million website visitors a day to compromised websites hosting exploit kits has been disrupted, crippling the malware distribution operation. The web-based malware distribution network – known as EITest – was using compromised websites to redirect web visitors to sites where exploits were used to download […]

The post EITest Web-Based Malware Distribution Network Disrupted appeared first on WebTitan.

]]>
A web-based malware distribution network that was redirecting around 2 million website visitors a day to compromised websites hosting exploit kits has been disrupted, crippling the malware distribution operation. The web-based malware distribution network – known as EITest – was using compromised websites to redirect web visitors to sites where exploits were used to download malware and ransomware, as well as redirect users to phishing websites and tech support scams that convinced visitors to pay for fake software to remove non-existent malware infections.

Due to the scale of the operation, removing the redirects from compromised websites is a gargantuan task. Efforts to clean up those sites are continuing, with national CERTs notified to provide assistance. However, the web-based malware distribution network has been sinkholed and traffic is now being redirected to a safe domain. Proofpoint researchers were able to seize a key domain that was generating C&C domains, blocking the redirects and re-routing them to four new EITest domains that point to an abuse.ch sinkhole.

The sinkhole has only been in operation for a month – being activated on March 15 – yet already it has helped to protect tens – if not hundreds of millions – of website visitors. In the first three weeks alone, an astonishing 44 million visitors had been redirected to the sinkhole from around 52,000 compromised websites and servers.

The majority of the compromised websites were running WordPress. Malicious code had been injected by taking advantage of flaws in the CMS and plugins installed on the sites. Vulnerabilities in Joomla, Drupal, and PrestaShop had also been exploited to install the malicious code.

The web-based malware distribution network has been in operation since at least 2011, although activity increased significantly in 2014. While previous efforts had been made to disrupt the malware distribution network, most failed and others were only temporarily successful.

The malicious code injected into the servers and websites primarily redirected website visitors to an exploit kit called Glazunov, and to a lesser extent, the Angler exploit kit.  Those exploit kits probed for multiple vulnerabilities in software to download ransomware and malware.

The threat actors behind EITest are believed to have responded and have attempted to gain control of the sinkhole, but for the time being those efforts have been thwarted.

How to Improve Security and Block Web-Based Malware Attacks

While it is certainly good news that such a major operation has been disrupted, the scale of the operation highlights the extent of the threat of web-based attacks. Spam email may have become the main method for distributing malware and ransomware, but organizations should not ignore the threat from web-based attacks.

These attacks can occur when employees are simply browsing the web and visiting perfectly legitimate websites. Unfortunately, lax security by website owners can easily see their website compromised. The failure to update WordPress or other content management systems and plugins along with poor password practices makes attacks on the sites a quick and easy process.

One of the best cybersecurity solutions to implement to reduce the risk of web-based attacks is a web filter. Without a web filter in place, employees will be permitted to visit any website, including sites known to host malware or be used for malicious purposes.

With a web filter in place, redirects to malicious websites can be blocked, downloads of risky files prevented, and web-based phishing attacks thwarted.

TitanHQ is the leading provider of cloud-based web filtering solutions for SMBs and enterprises. WebTitan Cloud and WebTitan Cloud for WiFi allow SMBs and enterprises to carefully control the website content that can be accessed by their employees, guest network users, and WiFi users. The solution features powerful antivirus protections, uses blacklists of known malicious websites, and incorporates SSL/HTTPS inspection to provide protection against malicious encrypted traffic.

The solution also allows SMBs and enterprises to enforce their acceptable internet usage policies and schools to enforce Safe Search and YouTube for Schools.

For further information on how WebTitan can protect your employees and students and prevent malware infections on your network, contact TitanHQ today.

The post EITest Web-Based Malware Distribution Network Disrupted appeared first on WebTitan.

]]>
Beware of this PayPal Text Phishing Scam https://www.webtitan.com/blog/paypal-text-phishing-scam/ Wed, 21 Mar 2018 11:07:24 +0000 https://www.webtitan.com/?p=3169 Phishing is commonly associated with spam emails, but it is not the only method of phishing as this PayPal text phishing scam shows. Phishers use various methods to obtain sensitive information. Phishing is arguably the biggest threat to businesses and consumers and one that can result in a malware infection, the encryption of files with […]

The post Beware of this PayPal Text Phishing Scam appeared first on WebTitan.

]]>
Phishing is commonly associated with spam emails, but it is not the only method of phishing as this PayPal text phishing scam shows. Phishers use various methods to obtain sensitive information.

Phishing is arguably the biggest threat to businesses and consumers and one that can result in a malware infection, the encryption of files with ransomware, a compromised email account, or the theft of sensitive data such as credit/debit card numbers or bank account information.

Phishers use social engineering techniques to fool end users into installing malware or obtaining login credentials and other sensitive information. Spam email may be the main method of attack, although the use of text (SMS) messages – often referred to as smishing – is growing.

Beware of this Credible PayPal Text Phishing Scam

This PayPal text phishing scam, and several variants, have been detected in recent weeks. The text message appears to have been sent from PayPal from a short code number.

The message reads:

Dear Customer,

Your account is currently under review. Please complete the following security form to avoid suspension: http://bit[dot]ly/PayPal_-no-sms.eu

Another message reads:

Dear customer,

Your account is under review. Please fill in the following security form to avoid lockout: http://bit[dot]ly/_payPal__

These scams work because many people do not carefully check messages before clicking links. Click the link on either of these two messages and you will be directed to a website that appears to be the official PayPal website, complete with branding and the normal web layout.

You will naturally have to login in but doing so just passes your account details to the attacker. The attacker will access your account and will empty the account of funds and plunder accounts linked to the PayPal account. The password may also be changed to give the attacker more time to make transfers.

These scams are particularly effective on smartphones as the full URL of the site you are on is not displayed due to the small screen size. It may not be immediately apparent that you are not on the correct site.

This PayPal text phishing scam shows that you need to be always be on your guard, whether accessing your emails, text messages, or answering the telephone.

Don’t Become a Victim of an SMS Phishing Scam

The PayPal text phishing scam detailed above is just one example of how cybercriminals obtain sensitive information via text message. Any brand could be impersonated with shortlinks commonly used to mask the fact that the link is not genuine.

To avoid becoming a victim of a smishing scam, assume any text message correspondence from a retailer or company could be a scam. If you receive a message – typically a warning about security – take the following steps.

  1. Access your account by typing in the correct URL into your web browser. Do not use the link in the message.
  2. Check the status of your account. If there is a freeze on your account, your account is under review, or it has been suspended, this will be clear when you log in.
  3. If in doubt, contact the vendor by telephone or send an email, again using verified contact information and not any contact details supplied in the text message (or email).
  4. Before logging in or disclosing any sensitive information online, check the entire URL to make sure the domain is genuine.

Precautions to Take to Protect Against Phishing

  1. Always set strong passwords and never reuse passwords. Each account should have a unique password. Since it can be difficult to remember all of your passwords, use a password manager and make sure you sent a strong master password for your password manager account.
  2. Change your passwords frequently and never reuse old passwords.
  3. Never tell anyone your password and do not write it down.
  4. Exercise extreme caution when someone sends you a hyperlink in a text message or email. The sender may not be who you think it is. A contact or family member’s email account may have been compromised or their phone stolen.
  5. Never open email attachments in unsolicited emails from unknown senders.

The post Beware of this PayPal Text Phishing Scam appeared first on WebTitan.

]]>
New Bill Calls for Mandatory Web Filtering in Rhode Island https://www.webtitan.com/blog/web-filtering-in-rhode-island/ Tue, 06 Mar 2018 13:41:38 +0000 https://www.webtitan.com/?p=3160 Lawmakers are considering a new bill that calls for mandatory web filtering in Rhode Island. More than a dozen U.S states are considering similar laws which make it necessary for the manufacturers or distributors of Internet enabled devices to use web filters to block access to adult content by default. In other states the bill […]

The post New Bill Calls for Mandatory Web Filtering in Rhode Island appeared first on WebTitan.

]]>
Lawmakers are considering a new bill that calls for mandatory web filtering in Rhode Island. More than a dozen U.S states are considering similar laws which make it necessary for the manufacturers or distributors of Internet enabled devices to use web filters to block access to adult content by default.

In other states the bill goes under the banner of the Human Trafficking Prevention Act. The aim of the legislation is to reduce the availability of online pornography, which is often claimed to represent ‘a public health crisis’ in the United States.

The purpose of the bill – sponsored by Senators Frank Ciccone (D-Providence) and Hannah Gallo (D-Cranston) – is not to make it illegal to view online pornography but to make state residents pay a fee if they want to view such material on their laptops, computers, and smartphones.

Bill Proposes Web Filtering in Rhode Island on All Internet-Enabled Devices

As in other states, the wording of the legislation means that web filtering in Rhode Island would be mandatory on all Internet-enabled devices, not only smartphones, laptops and desktops. This would require web filtering controls to also cover IoT devices and routers, which would be applied at the ISP level.

If the bill is passed, web filtering in Rhode Island would cover online pornography and any shows, motion pictures, performances, or images that “taken as a whole, lack serious literary, artistic, political, or scientific value.” The web filter would also need to block access to websites or hubs that facilitates human trafficking and prostitution and ensure child pornography and revenge porn cannot be accessed.

The move would certainly make it harder for minors to access adult content since in order to remove the filtering controls the device owner would be required to prove they are over 18 years of age. Any device sold in the state would need to be supplied with a warning about the removal of the filtering mechanism and the repercussions of doing so.

Any individual who wishes to remove the filtering would be allowed to do so by paying a one-off fee of $20. The fee would be added to a fund that supports the victims of human trafficking.

Any such technological control is unlikely to be 100% accurate, so a mechanism must be introduced that ensures requests can be submitted to add websites and webpages to the filter when obscene content has escaped the filtering controls. Conversely, when content is blocked that is not sexual in nature or is not patently offensive, a request can be submitted to add the page to a whitelist of allowable websites or have the site recategorized. Such requests would need to be processed no later than 5 days after the request has been submitted.

The failure to act on such requests would be punishable with a financial penalty of up to $500 per piece of content that was reported but not blocked. In its current form the bill does not call for similar fines to be imposed when requests are submitted to unblock legitimate content that has been inadvertently blocked by the filtering controls.

The post New Bill Calls for Mandatory Web Filtering in Rhode Island appeared first on WebTitan.

]]>
Common Web Filtering Myths Busted https://www.webtitan.com/blog/common-web-filtering-myths-busted/ Wed, 28 Feb 2018 18:49:36 +0000 https://www.webtitan.com/?p=3137 If you have yet to implement a web filtering solution to control the content that your employees can access at work, you are taking an unnecessary risk that could result in a costly malware infection, ransomware being installed on your network, or a lawsuit that could have been prevented by implementing basic web filtering controls. Many […]

The post Common Web Filtering Myths Busted appeared first on WebTitan.

]]>
If you have yet to implement a web filtering solution to control the content that your employees can access at work, you are taking an unnecessary risk that could result in a costly malware infection, ransomware being installed on your network, or a lawsuit that could have been prevented by implementing basic web filtering controls. Many SMBs have considered implementing a web filter yet have not chosen a solution due to the cost, the belief that a web filter will cause more problems than it solves, or simply because they do not think it offers enough benefits. In this post we explain some of the common misconceptions about web filtering and attempt to debunk some common web filtering myths.

Common Web Filtering Myths

Antivirus Solutions Provide Adequate Protection from Web-Based Malware Attacks

Antivirus software is a must, although products that use signature-based detection methods are not as reliable as they once were. While antivirus companies are still quick to identity new malware variants, the speed at which new variants are being released makes it much harder to keep up. Further, not all malware is written to the hard drive. Fileless malware remains in the memory and cannot easily be detected by AV software. Antivirus software is still important, but you now need a host of other solutions to mount a reasonable defense against attacks. Layered defenses are now a must.

Along with AV software you should have anti spam software in place to block email-based threats such as phishing. You need to train your workforce to recognize web and email threats through security awareness training. Firewalls need to be set with sensible rules, software must be kept updated and patches must be applied promptly, regular data backups are a must to ensure recovery is possible in the event of a ransomware attack, and a web filtering solution should be installed.

A web filter allows you to carefully control the web content that can be accessed by employees. By using blacklists, websites known to host malware can be simply blocked, redirects via malvertising can be prevented, and controls can be implemented to prevent potentially malicious files from being downloaded. You can also prevent your employees from visiting categories of sites – or specific websites – that carry a higher than average risk.

There are other benefits to web filtering that can help you avoid unnecessary costs. By allowing employees to access any content, organizations leave themselves open to lawsuits. Businesses can be held liable for activities that take place on their networks such as accessing illegal content and downloading/sharing copyright-protected material.

Web Filtering is Prohibitively Expensive

Many businesses are put off implementing a web filtering solution due to the perceived cost of filtering the Internet. If you opt for an appliance-based web filter, you need to make sure you have an appliance with sufficient capacity and powerful appliances are not cheap. However, there is a low-cost alternative that does not require such a major cash commitment.

DNS filtering requires no hardware purchases so there is no major capital expenditure. You simply pay for the licenses you need and you are good to go. You may be surprised to find out just how low the price per user actually is.

Web Filtering is Too Complicated to Implement

Some forms of web filters are complex, and hardware-based filters will take some time to install and configure, which will take IT staff away from important duties. However, DNS based filters could not be any easier to implement. Implementing the solution is a quick process – one that will take just a couple of minutes.  You just need to point your DNS to your web filtering service provider.

Even configuring the filter is straightforward. With WebTitan you are given a web-based portal that you can use to configure the settings and apply the desired controls. In its simplest form, you can simply use a checkbox option to select the categories of websites that you want to block.

Since WebTitan includes a database of malicious websites, any request to visit one of those websites will be denied. You can also easily upload third party blacklists, and for total control, use a whitelist to only allow access to specific websites.

Employees Will Just Bypass Web Filtering Controls

No web filtering solution is infallible, although it is possible to implement some basic controls that will prevent all but the most determined and skilled workers from accessing prohibited websites. Simple firewall rules can be easily set and you can block DNS requests to anything other than your approved DNS service. You can also set up WebTitan to block the use of anonymizers.

IT Support Will be Bombarded with Support Calls from Employees Trying to Access Blocked Websites

If you decide to opt for whitelisting acceptable websites, you are likely to be bombarded with support calls when users discover they are unable to access sites necessary for work. Similarly, if you choose to heavily filter the Internet and block most categories of website, then your helpdesk could well be swamped with calls.

However, for most companies, filtering the internet is simply a way of enforcing acceptable usage policies, which your employees should already be aware of. You are unlikely to get calls from employees who want access to porn at work, or calls from employees who want to continue gambling and gaming on the clock. Restrict productivity draining sites, illegal web content, phishing websites, and sites that are not suitable in the workplace, and explain to staff your polices in advance, and your support calls should be kept to a minimum.

Find Out More About DNS Filtering

If you have yet to implement DNS filtering in your organization, it is possible to discover the benefits of Internet filtering before committing to a purchase. TitanHQ offers a free trial of WebTitan Cloud (and WebTitan Cloud for WiFi) so you can try before committing to a purchase.

If you would like further information on getting started with web filtering, have technical questions about implementation, would like details of pricing or would like a demo or a free trial, contact the TitanHQ team today.

The post Common Web Filtering Myths Busted appeared first on WebTitan.

]]>
Google Chrome Ad Blocker Launched https://www.webtitan.com/blog/google-chrome-ad-blocker-launched/ Thu, 15 Feb 2018 15:13:56 +0000 https://www.webtitan.com/?p=3107 It has taken some time, and Google did not want to have to take action, but finally the Google Chrome Ad blocker has been released. The new feature of Chrome means intrusive adverts can now be blocked by users if they so wish. What Will the Google Chrome Ad Blocker Block? Google makes a considerable […]

The post Google Chrome Ad Blocker Launched appeared first on WebTitan.

]]>
It has taken some time, and Google did not want to have to take action, but finally the Google Chrome Ad blocker has been released. The new feature of Chrome means intrusive adverts can now be blocked by users if they so wish.

What Will the Google Chrome Ad Blocker Block?

Google makes a considerable amount of money from advertising, so the Google Chrome Ad blocker will not block all adverts, only those that are deemed to be intrusive and annoying. Those are naturally subjective terms, so how will Google determine what constitutes ‘intrusive’?

One of the first checks performed by Google is whether adverts on a webpage violate the standards set by the Coalition for Better Ads – A groups of trade organizations and online media companies committed to improving the online experience for Internet users.

The Coalition for Better Ads has identified ad experiences that rank the lowest across a range of experience factors and has set a bar for what is acceptable. These standards include four types of ads for Desktop users: Popup ads, auto-playing videos with sound, prestitial ads with countdowns, and large sticky ads. There are eight categories covering mobile advertising: Popup ads, prestitial ads (where ads are loaded before content), prestitial ads with countdowns, flashing animated ads, auto-playing videos with sound, full screen scrollover ads, large sticky ads, and an ad density higher than 30%.

Google Chrome assesses webpages against these standards. If the page has none of the above ad categories, no action will be taken. Google says when 7.5% of ads on a site violate the standards the filter will kick in. If the above standards are violated the site get a warning and will be given 30 days to take action. Site owners that ignore the warning and fail to take action will have their sites added to a list of failed sites. Those websites will have the adverts blocked, although visitors will be given the option of loading adverts on that site.

The aim of the Google Chrome Ad blocker is not to block advertisements, but to urge site owners to adhere to Better Ads standards. Google reports that the threat of ad blocking has already had a positive effect. Before the Google Chrome Ad blocker was even released, Google says 42% of sites with intrusive adverts have already made changes to bring their sites in line with Better Ads standards.

The move may not have been one Google wanted to make, but it is an important step to take. Intrusive adverts have become a major nuisance and web users are taking action by installing ad blockers. Ad blockers do not rate ads based on whether they are annoying. They block all adverts, which is obviously bad for companies such as Google. Google made $95.4 billion dollars from advertising last year and widespread use of ad blockers could make a serious dent in its profits. According to figures from Deloitte, 31% of users in the United States have already installed ad blockers and the figure is expected to rise to a third of all computers this year.

So, will the Google Chrome ad blocker mean fewer people will use ad blocking software? Time will tell, but it seems unlikely. However, the move may mean fewer people will seriously consider blocking adverts in the future if companies start adhering to Better Ads standards.

Why Businesses Should Consider Using a Web Filter

For businesses, adverts are more than a nuisance. Some adverts pose a serious security risk. Cybercriminals use malicious adverts to direct end users to phishing websites and webpages hosting exploit kits and malware. Termed malvertising, these adverts are a major risk. While it is possible to use an adblocker to prevent these malicious adverts from being displayed, adblockers will not prevent other serious web-based threats. For greater web security, a web filter is required.

A web filter can be configured to block categories of website content that employees have no need to visit during the working day. The filter can also be set to block websites/webpages known to be used for phishing or malware distribution and can block downloads of specific file types such as JavaScript and other executable files: Files that are often used to install malware. WebTitan also allows businesses to reduce the risk from malvertising without having to install ad blockers.

By carefully controlling the web content that can be accessed by employees, businesses can greatly improve web security and block the majority of web-based threats.

For more information on blocking malicious and undesirable content, contact the TitanHQ team today for advice.

The post Google Chrome Ad Blocker Launched appeared first on WebTitan.

]]>