Geobox: A $700 Anonymous Wi-Fi Device

Geobox: A Hacking Device That Is Basically Untraceable

In summary, a Geobox transforms the mini-computer Raspberry Pi into a Swiss-army knife type of hacking device!

Sold for a lifetime fee of $700 or a monthly rate of $80, the software is able to:

1. Spoof location

2. Mimic Wi-Fi access points

3. Manipulate DNS and network parameters while providing anonymity.

4. Copying and emulating the same commonly used Wi-Fi landing page that most restaurants and concerts use to log on to avoid suspicion. The operators can even charge 0.99 cents or more depending on the location/Clients of where they are located at (such as a fitness gym, where the upcharge is usually $2.99 for unlimited data use or free for limited data).

Imagination is not required: this Geotool allows any person to set up a virtually untraceable Wi-Fi box that most people take for granted and can own all of the data or even the device or laptop once one connects to it!

After researching a few operators using it at a popular tourist site (March, 2024), it was observed that “three malicious individuals utilized several Geobox devices, each connected to the internet. These devices served as proxies, significantly enhancing their anonymity. This approach complicated the investigation and tracking process for any one attempting to investigate them using them, especially since, by default, Geobox devices do not store any logs nor any digital or paper trail for themselves or whomever logs on to the created Wi-Fi access point. They also have an amazing choice: to either create a Wi-Fi point similar to the official location name of where they are operating from, such as naming it “McDonald’s Free Wi-fi”

OR

They simply use it for their own fully anonymous purposes, such as emulating an internal Wi-Fi access point; which is quite common at Malls, shopping areas and concert venues where the general public or even workers/vendors would have no ability to distinguish between a Geobox created Wi-Fi point and the authentic one. To make it even more authentic, an operator would mimic the secure password of the host site – such as a popular shopping Mall’s password for internal Employees/Vendors.

It only takes these bad actors 2 – 5 minutes on average by simply using the popular $300 Flipper device to get the password or passcode of any device or Wi-Fi router today as well in combination with the Geobox!

Raspberry Pi is a widespread, low-cost, and small single-board computer used for various projects and praised by enthusiasts.

However, with Geobox, it is transformed “into a potent weapon for digital deception.” Malicious software is specifically designed for the Raspberry Pi 4 Model B with at least 4GB of RAM.

The price is $700 for lifetime, which is very cheap and affordable considering the amount of data, private and personal information it can easily obtain within a few minutes of being set up once just one person unwittingly connects to it in this day and age of people expecting free or low-cost internet everywhere!

These device operators also have the ability to create a bogus free or one-time .99 cent-for-24 hour unlimited internet access via a simple landing page to mask and emulate, as an example, your favorite restaurants like McDonald’s or Starbucks!

With Geobox, malicious actors target a broad audience as the setup process is streamlined, clear, and concise, with easy-to-follow instructions also provided. The manual links to the official Raspberry website for OS installation.

Multiple tools are included with Geobox: multiple VPN connections, GPS and Wi-Fi emulation, DNS configuration, data substitution tools, network configurators, and others.

The Geobox Can Be Easily Used For Anonymous Geolocation or Multiple Internet Purposes

“The device’s functionality is diverse, allowing for various forms of digital manipulation and disguise. Key features include the ability to use WebRTC IP for discreet online communication and GPS spoofing to simulate different geographical locations, which is particularly valuable for activities that require geolocation manipulation. Furthermore, the Geobox can completely mask (hide) Wi-Fi MAC addresses, making the user’s network activity more difficult to trace.”

*Most High Schools and Colleges Use Wi-Fi MAC Addresses As Standard Internet and Wi-Fi Usage Tracking Controls*

The emergence of Geobox raises significant concerns and introduces new complexities for cybersecurity – as well as the general public! One simple dot or variation of a “Starbucks or McDonalds Wi-Fi” authentic connecting point at any location is all it takes for operators of a Geobox to own and obtain all of the data on your laptop/phone or any other connected device!

Armed with such an affordable and easy to obtain cyber device, operators can easily carry and coordinate various attacks; such as being a data dump for anyone logging on to the newly created “free Wi-Fi” identity theft and credit card fraud under the veil of anonymity, circumventing network restrictions and surveillance, malware distribution, credential stuffing, spreading misinformation, content piracy, etc.

It was observed one operator used Geobox in combination with two LTE-based wireless modems, “proxyfying connections via multiple chains of SOCKS and PROXY servers globally and automatic pseudo-randomly via AI”. In essence, these easy proxy steps further ensure they are anonymous and cannot be tracked unless known to be doing this activity in advance!

Leveraging several devices deployed in various locations using this model is easy if the operator has a few friends working as a small tight-knit team. Note that this device can be easily carried in a purse, bag or backpack; easily disguisable as simply being a popular Notebook or laptop.

“Once the malicious action has been conducted – they can simply wipe the device or physically destroy it if they have a hunch that they are being monitored or tracked – but this device is so cheap, simple and easy that the chances of them getting caught are slim to none and thus they simply move it to other locations depending on their intent and motives – such as an up coming concert venue or local restaurant that people go to fully expecting and using free Wi-Fi”.

How to Hide Your IP Address and Change Location on Coinbase

Are you concerned about your online privacy and looking for ways to mask your IP address on Coinbase?

If like many people, you have come to the right place. In this guide, we’ll walk you through the steps to change your location on Coinbase (or any other Crypto Exchange) and hide personal information like your IP address, country, and region.

 

Quick Guide: Hide Your IP Address and Change Your Location

  • Mask Your IP Address
  • Flush DNS and Renew Your IP Address
  • Change Your Coinbase Location Settings
  • Other Methods to Hide Your IP Address and Location on Coinbase

Why Hide Your IP Address?

There are several reasons why you might want to hide your IP address. One of the main reasons is to protect your privacy and prevent Coinbase from tracking your physical location. By masking your IP address, you can also avoid leaving a digital footprint and bypass content filters or bans.

How to Hide Your IP Address and Location from Coinbase

  1. Mask Your IP Address
    • Use a VPN (Virtual Private Network) or proxy server to mask your IP address and spoof your location.
    • We recommend using NordVPN for its ease of use and reliability.
    • Follow these steps to install and configure NordVPN:
      1. Visit NordVPN’s website and create an account.
      2. Download and install NordVPN on your devices.
      3. Connect to a VPN server from your preferred location.
  2. Flush DNS and Renew Your IP Address
    • Clear your DNS cache to ensure your computer obtains the latest IP address from Coinbase’s DNS server.
    • Renew your IP address through your device’s settings or command prompt.
    • Follow these steps for PC (Any Windows OS Computer) (please contact me directly at https://www.t.me/DigitalFoundation for one on one Consultation):

Step-by-Step Guide: Flush DNS and Renew Your IP Address

Step 1: Open Command Prompt

      • On Windows: Press the Windows key, type “cmd” in the search bar, then press Enter.
      • On Mac: Open Spotlight (Command + Space), type “Terminal,” then press Enter.

Step 2: Run Command Prompt as Administrator

      • Right-click on Command Prompt in the search results.
      • Select “Run as administrator” from the context menu.

Step 3: Enter Commands

      • In the Command Prompt window, type the following commands one by one, pressing Enter after each:
        • ipconfig /flushdns (This command clears the DNS resolver cache.)
        • ipconfig /release (This command releases your current IP address.)
        • ipconfig /renew (This command requests a new IP address from your DHCP server.)

Step 4: Confirm Success

      • Look for confirmation messages after each command.
      • You should see messages indicating successful flushing of the DNS resolver cache and renewal of your IP address.

Step 5: Close Command Prompt

      • Once you’ve completed the commands and confirmed success, you can close the Command Prompt window.

Note:

      • Flushing the DNS resolver cache and renewing your IP address can help resolve network connectivity issues and ensure that your computer has the latest IP address information.
      • These steps may vary slightly depending on your operating system. Always run Command Prompt with administrator privileges for these actions.

Mac/Apple Flushing DNS:

 

  1. Change Your Coinbase Location Settings
    • Before logging in to your Coinbase account, ensure NordVPN is running and connected to the preferred server location.
    • Log in to your account, go to “Privacy Settings,” and change your “Location/Region/Country” to match your VPN server.
    • Save the changes and you’re all set.

Can’t Change Your Coinbase Location Settings? Here’s What to Do

If you’re unable to change your region, location, or country on Coinbase’s account settings, you can contact Coinbase support for assistance. Follow these steps:

  • Connect to NordVPN and your preferred server.
  • Find the “Contact Us” or “Get in touch” page on Coinbase’s website here: https://help.coinbase.com/en-gb
  • Send a message to Coinbase support requesting a manual update of your physical location.
  • Wait for 24-48 hours for their response.

Other Methods to Hide Your IP Address and Location on Coinbase

In addition to using a VPN or proxy server, you can also consider using a neighbor or trusted friend’s Wi-Fi networks or proxy servers. However, keep in mind the security and privacy implications of these methods. If you are unsure or don’t know whether or not your Internet/Device/Computer is truly SECURE, take 2 minutes of your valuable time and go here to run a VPN and Browser Leak Scan: https://browserleaks.com/webrtc

 

VPN vs. Proxy vs. Public Wi-Fi: A Comparison

Here’s a comparison table outlining the key differences between using a VPN, proxy server, and public Wi-Fi to hide your IP address and change your location on Coinbase:

 

Features/Attributes VPN Proxy Server Public Wi-Fi
IP Address Masking Yes Yes Yes
Encryption Yes (High-level) No No
Geolocation Spoofing Yes Yes Partial
Ease of Setup Easy Moderate Easy
Speed Fast (depends on service) Moderate Varies (often slow)
Security High Low Very Low
Privacy High Low to Moderate Very Low
Access to Restricted Content Yes Yes Maybe
Consistency High Moderate Low
Cost Subscription Subscription or one-time fee Free
Legality & Compliance Generally Legal, some restrictions apply Generally Legal, some restrictions apply Legal

In summary, using a VPN offers the highest level of security and privacy, while proxy servers and public Wi-Fi networks may be less reliable. Choose the method that best suits your needs and always prioritize your online privacy and security.

By following these steps and tips, you can effectively hide your IP address and change your location on Coinbase, ensuring your online activities remain private and secure.

Disclaimer:

The information provided in this blog post is for educational purposes only. While we strive to provide accurate and up-to-date information, we cannot guarantee the effectiveness or suitability of the methods described.

By following the steps outlined in this guide, you acknowledge that neither any individuals affiliated with GeeksByTheHour nor its affiliates are responsible for any actions, events, or consequences that may occur as a result.

It is recommended to consult with a qualified IT professional or technician before performing any network-related actions on your computer. Always proceed with caution and at your own risk.

Machine vs. Mind: Will AI be 2024’s Most Dangerous Cyber Weapon?

In 2024, for cybersecurity, we’re entering an era where advanced AI tools and escalated social engineering tactics (especially during election years) are changing the game. To avoid potential cyber threats, businesses, governments and individuals must grasp these emerging trends.

1. Rise Of Cybersecurity AI

In 2024, AI’s role in cybersecurity will expand to encompass automated responses and predictive analytics. It’s mainly about taking preventive measures in advance….

Integrating AI into cybersecurity applications can improve threat detection and incident response. For instance, AI can identify anomalies or deviations that may indicate potential security threats. Previously unseen attacks can be detected.

With cyberattacks becoming more sophisticated, AI’s ability to analyze vast datasets and identify patterns will be pivotal. Since AI has become a major part of cyber criminals’ toolkit, AI is expected to become a mainstay in cybersecurity solutions.

2. Election Year Disinformation

Election years provide fertile ground for social engineering and disinformation campaigns, and there’s no reason to believe 2024 will be an exception. As political tensions rise, so do efforts to manipulate public opinion and undermine democratic processes.

Americans lost $10.3 billion to online scams in 2022, which also emphasizes the need for ongoing employee security awareness training that includes exercises to help identify social engineering tactics and phishing attempts. The use of open-source intelligence tools (OSINT) to root out network vulnerabilities is recommended as a preventive measure to combat threat actors.

3. Escalation Of Ransomware Attacks

Ransomware remains a formidable threat in 2024, with tactics becoming increasingly complex and negotiations more aggressive. According to Cybersecurity Ventures, damages from cybercrime are projected to exceed $10.5 trillion globally by 2025.

This alarming escalation calls for robust backup strategies, employee training, cyber insurance, negotiation expertise and incident response plans. Companies can follow the example of external performing tasks such as penetration testing, validating network integrity, identifying unauthorized activity and monitoring for suspicious behavior.

4. AI-Based Predictive Social Engineering

2024 will likely see a rise in AI-based predictive social engineering and a disturbing convergence of AI and social manipulation techniques.

Leveraging AI, cybercriminals can prey on human weaknesses such as impulsiveness, greed and curiosity to more convincingly create personalized phishing campaigns at scale. AI-facilitated social engineering attacks have been reported to the FTC.

This emerging trend underscores the need to perform AI risk assessments and to consider outsourcing expertise to a virtual AI officer who can step into the role and run AI-resistant security protocols.

5. National U.S. Data Privacy Act

The progression of data privacy regulations—beginning with the European Union’s General Data Protection Regulation (GDPR) and extending to California’s Consumer Privacy Act (CCPA)—is paving the way for establishing a national data privacy act in the U.S. called the American Data Privacy and Protection Act.

With five states’ privacy acts becoming effective in 2024 and other data breaches costing companies an average of $4.45 million, legislating a national data privacy standard is more urgent than ever.

6. Cyberattacks On Cannabis Retailers

The burgeoning cannabis industry, particularly retailers, is increasingly vulnerable to cyberattacks as they transition to digital platforms. Banks and credit card services could begin to accept electronic payments and ACH transfers from cannabis businesses—thanks to pending legislation making its way through Congress—and the gap between point of sale (PoS) systems and potential data breaches narrows significantly.

Human error and complacency are major risk factors, and the industry’s nascent adoption of digital technologies makes it an attractive target for cybercrime. Retail dispensaries must prioritize cybersecurity to protect their client data and financial transactions, as the sector’s so-called “green rush” also attracts the unwanted attention of threat actors.

7. Zero Trust Elevates To Boardroom Status

The concept of zero trust in cybersecurity, akin to the rise of anti-virus software in the 1990s, is set to become a staple topic in boardroom discussions in 2024. Gaining steady momentum, the implementation of zero trust is no longer a technical nicety but a business imperative.

Rooted in the principle of “never trust, always verify,” the widespread adoption of zero-trust architectures signifies a paradigm shift in security strategies, emphasizing continuous verification of every user and device, regardless of their location or network.

This strategic move elevates cybersecurity from a technical concern to a core business function, crucial for protecting organizational assets.

8. FEMA Cyber Insurance

To make a bold and unprecedented prediction, FEMA, the federal agency known for last-resort flood insurance, may eventually be called upon to serve as a model and backstop for cyber insurance policies not covered by commercial carriers.

With traditional insurance carriers withdrawing from high-risk regions like Florida due to severe climate events, there is a growing need for federal intervention. A FEMA initiative could potentially underwrite essential services like airports, hospitals, energy and water treatment plants as commercial insurance options become limited.

Conclusion

The increasing complexity of cyber threats underscoring the security trends of 2024 highlights the need for advanced mitigation strategies. Organizations will need to understand these trends, ensure they enable best practices and consider collaborating with outsourced cybersecurity expertise to navigate the security environment and ensure a robust, future-ready cyber defense.

How To Lock Down Your Computer

How to Quickly Lock Your Windows 11/10 PC

 

Your privacy matters. That’s why it’s good practice to lock a desktop or laptop whenever you leave it unattended. Use any of the methods below to stop other people from snooping around your PC.

Unlike signing out, locking a computer is faster, just as secure, and doesn’t require you to shut down open programs. You also get to unlock it instantly and pick up where you left off. This article will go through various ways to quickly lock Windows 11 and 10.

Lock Computer via the Start Menu

The most straightforward approach to locking your PC is simply to use the Start menu. Open it, select the User icon or your profile portrait, and choose the option labeled Lock.

Note: If the Lock option is not present, open the Control Panel, go to Hardware and Sound > Power Options > Change what the power buttons do, and activate the box next to Lock to add it.

Lock Computer with a Keyboard Shortcut

If you prefer keyboard shortcuts, an even faster way to lock a Windows computer is pressing Windows Key + L. Use it a few times, and you’ll get it hard-coded into your muscle memory.

Lock Computer with a Desktop Shortcut

If you find it challenging to use the Win + L keyboard shortcut, you can create a desktop shortcut capable of locking your PC just as quickly.

  1. Right-click a vacant area within the desktop area.
  2. Select New > Shortcut on the context menu.
  3. Copy and paste the following snippet of text into the Create Shortcut window and select Next:

rundll32.exe user32.dll,LockWorkStation

  1. Type a name for the shortcut—e.g., “Lock PC”—and select Finish.
  2. Double-click the shortcut whenever you want to lock your PC.

Lock PC via the Windows Security Screen

The Windows Security screen (a.k.a. the Ctrl + Alt + Delete screen) offers another quick way to lock Microsoft Windows. The best thing about this method is that you can use it even if Windows 11 or 10 isn’t responsive. Simply press Ctrl + Alt + Del to get the Windows Security screen to show up. Then, select Lock.

Lock Computer via Task Manager

If you ever find yourself using the Task Manager in Windows 11 or 10 and want to lock down your PC immediately, you can do that using the Task Manager itself.

  1. Right-click the Start button and select Task Manager.
  2. Select More details to expand the default Task Manager view.
  3. Switch to the Users tab.
  4. Select your Windows user account.
  5. Select the Disconnect option at the lower-right corner of the window.

Lock Computer Alongside Screen Saver

If you regularly forget to lock your PC, you can set up a screensaver to kick in automatically and lock your PC when it engages.

  1. Open the Start menu, search for screen saver, and select Turn Screen Saver On or Off to invoke the Screen Saver Settings pop-up.
  2. Open the drop-down menu under Screen saver and pick a screensaver (select Blank if you prefer to keep the computer screen dark when the screensaver is active).
  3. Specify a time in minutes within the Wait box, check the box next to On resume, display logon screen, and select OK.

Your PC will display the screensaver when left idle for the time duration. Press a key or mouse button whenever you want to exit it and get to the Lock Screen.

Lock Computer With Dynamic Lock

Dynamic Lock automatically locks the operating system if it detects a weak Bluetooth signal between your PC and another device. Although it works with any Bluetooth peripheral, using a smartphone (Android or iPhone) is the most practical.

Connect Smartphone to PC

Before activating Dynamic Lock, you must pair your smartphone with your computer.

  1. Put your phone into Bluetooth discovery mode. That’s as simple as visiting its Bluetooth options screen (e.g., Settings > Bluetooth on the iPhone).
  2. Open the Settings app on your PC (press Windows + I).
  3. Select Devices > Bluetooth & other devices.
  4. Select Add Bluetooth or other device > Bluetooth.
  5. Select your phone and go through the onscreen instructions to pair it.

Activate Dynamic Lock

It’s now just a matter of activating Dynamic Lock.

  1. Open the Settings app on your PC.
  2. Select Accounts > Sign-in Options and scroll down to the Dynamic Lock section.
  3. Check the box next to Allow Windows to automatically lock your device when you’re away.

Your PC will automatically lock itself whenever you move away from it with your iPhone or Android smartphone.

Lock Computer via Run Command

You can perform many valuable activities with Run commands in Windows, including locking your PC. Although it’s hard to justify using Run over the above methods, it’s good to know that this way exists.

  1. Press Windows Key + R or right-click the Start button and select Run.
  2. Type the following command into the Run dialog box:

rundll32.exe user32.dll,LockWorkStation

  1. Select OK, or press Enter to lock Windows.

Lock Computer via Windows Terminal

Another obscure way to lock a Windows 11/10 PC requires running a command through the Windows Terminal or Windows PowerShell consoles. Here’s how to use it:

  1. Right-click the Start button and select Windows Terminal (Windows 11) or Windows PowerShell (Windows 10).
  2. Type the following command:

rundll32.exe user32.dll,LockWorkStation

  1. Press Enter.

Tip: The above command also works on the older Command Prompt console. Open the Start menu, type cmd, and select Open to get to it.

While this command is not particularly useful for locking your PC in the moment, it can be handy to include the command in a script so that your PC locks when the script finishes.

Total Lockdown

Locking your Windows PC has no downsides and keeps intruders at bay. It’s easy to forget to do that, however, so it’s always worth taking your time to tweak your screensaver settings or set up Dynamic Lock. While you’re at it, check out how to create a passwordless login in Windows to make getting back in even faster.

 

Top 10 Cybersecurity Trends (Updated for 2023)

Top 10 Cybersecurity Trends (Updated for 2023)

Table of Contents

1) Rise of Automotive Hacking 

2) Potential of Artificial Intelligence (AI) 

3) Mobile is the New Target 

4) Cloud is Also Potentially Vulnerable 

5) Data Breaches: Prime Target

6) IoT with 5G Network: The New Era of Technology and Risks 

7) Automation and Integration 

8) Targeted Ransomware

9) State-Sponsored Cyber Warfare

10) Insider Threats

2023: The Digital Transformation realized for businesses, organizations and even governments are relying on computerized and progressively increased digital systems to manage their day-to-day activities making Cybersecurity a primary goal and priority for all Executives and Organizations of all sizes.

The 2020 pandemic  year exacerbated this fact – with up to 75% of billions of people globally transitioning from their physical office (which had the IT resources and personnel) to their “home office”. Essentially turning the entire “working from home industry” and all of the IT and HR requirements that it needs due to safeguarding data from various online attacks or any unauthorized access as the new “norm” of virtual/remote work.

Going Forward: Continuous change in technologies including the popular Dual Authorization Password apps primarily through utilizing the smart phone also implies a parallel shift and priority in Cybersecurity trends across the board in every organization as news of data breach, ransomware, malware, compromised devices/browsers and hacks unfortunately become the norms. This is simply based on adapting to the progressing volume (millions before the 2020 Pandemic worked from home, today it is billions) of remote workers. Here are the top Cybersecurity trends for 2023:

1) Rise of Automotive Hacking 

Modern vehicles nowadays come packed with automated software creating seamless connectivity for drivers in cruise control, engine timing, door lock, airbags and advanced systems for driver assistance. These vehicles use Bluetooth and WiFi technologies to communicate that also opens them to several vulnerabilities or threats from hackers. Gaining control of the vehicle or using microphones for eavesdropping is expected to rise in 2023 with more use of automated vehicles. Self-driving or autonomous vehicles use an even further complex mechanism that requires strict cybersecurity measures.

2) Potential of Artificial Intelligence (AI) 

With AI being introduced in all market segments, this technology with a combination of machine learning has brought tremendous changes in cybersecurity. AI has been paramount in building automated security systems, natural language processing, face detection, and automatic threat detection and the ChatGPT OpenAI capabilities that are literally transforming industries of anything relating to “the written word” including Copy Writing, Marketing, Advertising, Education, and many, many others are all being automated with AI. Although, it is also being used to develop smart malware and attacks to bypass the latest security protocols in controlling data. AI enabled threat detection systems can predict new attacks and notify admins for any data breach instantly.

3) Mobile is the New Target 

Cybersecurity trends provide a considerable increase (50 percent) for mobile banking malware or attacks in 2020, making our handheld devices a potential prospect for hackers. All of our photos, financial transactions, emails, and messages possess more threats to individuals. Smartphones are logically one of the biggest targets for anyone with the skills and agenda primarily based on two facts:

  1. Smartphones are used by more people globally today than PC’s (personal computers)
  2. The security and vulnerabilities of smartphones are far less on average than PC’s
  3. Social Media like Facebook, Instagram, and Tik Tok as well as other installed Apps of all types on smartphones/PC’s/devices are being targeted more and more each day by malicious individuals and “ransomware gangs” globally.

4) The “Cloud” i.e. Internet is Also Potentially Vulnerable 

With more and more organizations now established on clouds, security measures need to be continuously monitored and updated to safeguard the data from leaks. Although cloud applications such as Google or Microsoft are well equipped with security from their end still, it’s the user end that acts as a significant source for erroneous errors, malicious software, and phishing attacks more than ever before today. Malicious actors across the globe are adapting faster than end users can act, especially in today’s ever so popular Social Media world.

5) Data Breaches: Prime target

Data will continue to be a leading concern for organizations around the world. Whether it be for an individual or organization, safeguarding digital data is the primary goal now. Any minor flaw or bug in your system browser or software is a potential vulnerability for hackers to access personal information. New strict measures General Data Protection Regulation (GDPR) was enforced from May 25th, 2018 onwards, offering data protection and privacy for individuals in the European Union(EU). Similarly, the California Consumer Privacy Act (CCPA) was applied after January 1st, 2020, for safeguarding consumer rights in the California area.

6) IoT with 5G Network: The New Era of Technology and Risks 

With the advent and growth of 5G networks, a new era of inter-connectivity will become a reality with the Internet of Things (IoT).

The Internet of Things (IoT)  is essentially an interconnected global network where all devices are connected to each other as well as the “internet” 24×7. This communication between multiple devices also opens them to vulnerabilities from outside influence, attacks or an unknown software bug. Even the world’s most used browser supported by Google, Chrome was found to have serious bugs. 5G architecture is comparatively new in the industry and requires a lot of research to find loopholes to make the system secure from external attack.

Every step of the 5G network might bring a plethora of network attacks that we might not be aware of. Here manufacturers need to be very strict in building sophisticated 5G hardware and software to control data breaches.

7) Automation and Integration 

With the size of data multiplying every day, it is eminent that automation is integrated to give more sophisticated control over the information. Modern hectic work demand also pressurizes professionals and engineers to deliver quick and proficient solutions, making automation more valuable than ever. Security measurements are incorporated during the agile process to build more secure software in every aspect. Large and complex web applications are further hard to safeguard making automation as well as cyber security to be a key concept of the software development process.

8) Targeted Ransomware

Another important cybersecurity trend that we can’t seem to ignore is targeted ransomware. Especially in the developed nations’ industries rely heavily on specific software to run their daily activities. These ransomware targets are more focused today in 2023 including examples like the Wanna Cry attack on the National Health Service hospitals in England corrupted more than 70,000 medical devices. Though generally, ransomware asks to threaten to publish the victim’s data unless a ransom is paid still it can affect the large organization or in case of nations too.

9) State-Sponsored Cyber Warfare

There won’t be any stoppage between the western and eastern powers in attempts to find superiority. The tension between the US and Iran or Chinese hackers often creates worldwide news though the attacks are few; they have a significant impact on an event such as elections. And with more than 70 elections bound to be held this year, criminal activities during this time will surge. Expect high-profile data breaches, key infrastructure like airlines grounding planes due to internal software compromises, etc. as top cybersecurity trends for 2023.

10) Insider Threats

Human error is still one of the primary reasons for data breaches and cyber security issues and service tickets, up to 75% of all reported in fact according to the most recent 2022 statistics. Any employee having a grudge or just a bad day at their employer or intentional loophole can bring down a whole organization with millions of stolen data. One example of this in 2022 was an official Report by Verizon that a documented data breach gives strategic insights on cybersecurity trends that 45 percent of total attacks were directly or indirectly made by the employees. Creating a culture of more awareness within premises to safeguard data in every way possible is truly the primary goal today in 2023 as well as the future.

Happy 2023: Top 10 Cyber Security

Top 10 Cybersecurity Trends

Table of Contents

1) Rise of Automotive Hacking 

2) Potential of Artificial Intelligence (AI) 

3) Mobile is the New Target 

4) Cloud is Also Potentially Vulnerable 

5) Data Breaches: Prime Target

6) IoT with 5G Network: The New Era of Technology and Risks 

7) Automation and Integration 

8) Targeted Ransomware

9) State-Sponsored Cyber Warfare

10) Insider Threats

The Digital Transformation for businesses, organizations and even governments are relying on computerized systems to manage their day-to-day activities and thus making cybersecurity a primary goal to safeguard data from various online attacks or any unauthorized access.

Continuous change in technologies also implies a parallel shift in cybersecurity trends as news of data breach, ransomware and hacks become the norms. Here are the top cybersecurity trends for 2023.

1) Rise of Automotive Hacking 

Modern vehicles nowadays come packed with automated software creating seamless connectivity for drivers in cruise control, engine timing, door lock, airbags and advanced systems for driver assistance. These vehicles use Bluetooth and WiFi technologies to communicate that also opens them to several vulnerabilities or threats from hackers. Gaining control of the vehicle or using microphones for eavesdropping is expected to rise in 2023 with more use of automated vehicles. Self-driving or autonomous vehicles use an even further complex mechanism that requires strict cybersecurity measures.

2) Potential of Artificial Intelligence (AI) 

With AI being introduced in all market segments, this technology with a combination of machine learning has brought tremendous changes in cybersecurity. AI has been paramount in building automated security systems, natural language processing, face detection, and automatic threat detection. Although, it is also being used to develop smart malware and attacks to bypass the latest security protocols in controlling data. AI enabled threat detection systems can predict new attacks and notify admins for any data breach instantly.

3) Mobile is the New Target 

Cybersecurity trends provide a considerable increase (50 percent) for mobile banking malware or attacks in 2020, making our handheld devices a potential prospect for hackers. All of our photos, financial transactions, emails, and messages possess more threats to individuals. Smartphones are logically one of the biggest targets for anyone with the skills and agenda primarily based on 2 facts:

1. They (Smartphones) are used by more people globally today than PC’s (personal computers)

2. The security and vulnerabilities of smartphones are far less on average than PC’s

4) Cloud is Also Potentially Vulnerable 

With more and more organizations now established on clouds, security measures need to be continuously monitored and updated to safeguard the data from leaks. Although cloud applications such as Google or Microsoft are well equipped with security from their end still, it’s the user end that acts as a significant source for erroneous errors, malicious software, and phishing attacks.

5) Data Breaches: Prime target

Data will continue to be a leading concern for organizations around the world. Whether it be for an individual or organization, safeguarding digital data is the primary goal now. Any minor flaw or bug in your system browser or software is a potential vulnerability for hackers to access personal information. New strict measures General Data Protection Regulation (GDPR) was enforced from May 25th, 2018 onwards, offering data protection and privacy for individuals in the European Union(EU). Similarly, the California Consumer Privacy Act (CCPA) was applied after January 1st, 2020, for safeguarding consumer rights in the California area.

6) IoT with 5G Network: The New Era of Technology and Risks 

With the advent and growth of 5G networks, a new era of inter-connectivity will become a reality with the Internet of Things (IoT).

Read about What Is the Internet of Things (IoT) and Why It Matters? This communication between multiple devices also opens them to vulnerabilities from outside influence, attacks or an unknown software bug. Even the world’s most used browser supported by Google, Chrome was found to have serious bugs. 5G architecture is comparatively new in the industry and requires a lot of research to find loopholes to make the system secure from external attack.

Every step of the 5G network might bring a plethora of network attacks that we might not be aware of. Here manufacturers need to be very strict in building sophisticated 5G hardware and software to control data breaches.

7) Automation and Integration 

With the size of data multiplying every day, it is eminent that automation is integrated to give more sophisticated control over the information. Modern hectic work demand also pressurizes professionals and engineers to deliver quick and proficient solutions, making automation more valuable than ever. Security measurements are incorporated during the agile process to build more secure software in every aspect. Large and complex web applications are further hard to safeguard making automation as well as cyber security to be a key concept of the software development process.

8) Targeted Ransomware

Another important cybersecurity trend that we can’t seem to ignore is targeted ransomware. Especially in the developed nations’ industries rely heavily on specific software to run their daily activities. These ransomware targets are more focussed such as the Wanna Cry attack on the National Health Service hospitals in England Scotland corrupted more than 70,000 medical devices. Though generally, ransomware asks to threaten to publish the victim’s data unless a ransom is paid still it can affect the large organization or in case of nations too.

9) State-Sponsored Cyber Warfare

There won’t be any stoppage between the western and eastern powers in attempts to find superiority. The tension between the US and Iran or Chinese hackers often creates worldwide news though the attacks are few; they have a significant impact on an event such as elections. And with more than 70 elections bound to be held this year, criminal activities during this time will surge. Expect high-profile data breaches, political and industrial secrets to top cybersecurity trends for 2023.

10) Insider Threats

Human error is still one of the primary reasons for the data breach. Any bad day or intentional loophole can bring down a whole organization with millions of stolen data. One example of this in 2022 was an official Report by Verizon that a documented data breach gives strategic insights on cybersecurity trends that 34 percent of total attacks were directly or indirectly made by the employees. Creating a culture of more awareness within premises to safeguard data in every way possible is truly the primary goal today in 2023 as well as the future.

Cyber Criminals Love You For Using Phones!

antstang/Shutterstock.com

Safeguarding your data by protecting your computers? Great. SMARTPHONES are by far your biggest weakness in cybersecurity today…. And that’s really no surprise to us Cyber Security experts!

Your Smartphone Is Their #1 Target

Some cyberattacks are targeted at a specific individual or company. The victim is selected because they are a high-value target to the threat actors. High value most often means rich financial gains for the threat actors. But sometimes their goal is to exfiltrate sensitive or private documents, intellectual property, or industrial secrets. Occasionally, the entire motive is to cause trouble for the victim. Hacktivists, for example, will try to destroy the victim’s IT systems and information. They want to cause operational and reputational damage to the victim. High value doesn’t always mean money.

Often the attackers are sophisticated organized crime cyber groups or state-sponsored advanced persistent threats groups (APTs). Many of the attacks they launch are against knowledgeable, well-defended targets, and are very difficult to accomplish. They require significant financial backing, top-tier technical skills, a lot of manpower, and operational guidance and control.

The recent attack on FireEye is a case in point. The attack was so sophisticated that investigators believe the perpetrators are a state-sponsored APT. The value, in this case, was stealing the software tools that FireEye uses to probe its customers’ cyber defenses.

By contrast, other cyber attacks try to snare as many victims as possible. No individual target is singled out. The threat actors are playing a numbers game today where we are clearly a “Smartphone Society”.

The numbers are staggering just since 2021…..

  • There are currently 300 million cell phones being used just in the U.S.A.
  • There is an estimated 15 Billion Phones in the world.

Apps and Data Leaks

Phones can run apps. It’s one of their biggest attractions. They’re easy to install and the majority are free. Unfortunately, they can be a cause of data leakage. The developers of the apps need to make money. If they are not charging for the app you have to ask yourself how are they funding development.

The answer is by selling information about you, such as your phone and app usage statistics, your contacts, communications, browsing habits, geographical location, your installed apps, and more. And these are the”legitimate” apps such as the McDonalds app which records, tracks, and documents ALL of the above information and is a BLESSING for any law enforcement / Cyber Security Forensic Investigators such as us).

The worst examples of these apps also capture login credentials and passwords for websites you visit, VPNs that you use, and any of your data & metadata (basically anything on your phone).

Riskware is the name used for free apps that offer to do something entertaining or useful—and actually deliver on that promise—but secretly siphon off information and send it back to the app publishers to be sold to advertisers or criminals. Riskware is different from a phone becoming infected with covert malware. With riskware, the owner of the smartphone chooses to install the app and is aware that it is going to be added to their device.

With the steady blurring that is happening between people’s personal digital lives and their corporate digital lives, most users will be able to get their personal and their business email on the same phone, and it is common for people to juggle multiple inboxes on the same device, often in a blended view. Riskware, or other more malicious apps, will happily harvest data whether it is personal or corporate.

Staff who haven’t been issued with a corporate phone will have a private phone, and they’ll bring it to their place of work and want to connect to the Wi-Fi. Personal phones should be relegated to the guest Wi-Fi or to another Wi-Fi segment set up for employees’ personal devices. They must not be allowed to connect to the main network.

MDM systems can block known bad apps and query unknown apps. Once vetted, the apps are either permitted or blocked. The hard part is to do this in a way that doesn’t overwhelm technical staff and that doesn’t grate on your users. A centralized management system and clear guidance provided when the phone is allocated will help on both fronts.

Choose Your Phone Brand Carefully

The well-documented ban prohibiting US federal contracts from being awarded to Huawei and several other Chinese companies is based on suspicions that the Chinese government could—using provisions in China’s 2017 National Intelligence Law—coerce manufacturers to plant back-doors and other spycraft mechanisms into their products.

Summary: In just under a year the two companies involved made over USD $5 Million dollars just by sending advertisements to the phones. Being the victim of adware is bad enough, but the same techniques could be used to deploy more insidious strains of malware such as keystroke loggers and other spyware. This amount DOES NOT COUNT any $$$ earned indirectly via the PII (Personal Identifying Information such as SSN/DOB/IRS information) easily seen, screenshots and then shared on the Deep or Dark Web. How about them accessing the phone owner/user’s bank account, their emails, credit cards saved, etc.? Yes, this is why it is uncountable in terms of total damage.

Smishing Attacks

Smishing attacks are phishing attacks delivered by SMS message instead of email. This delivery method has several advantages for the threat actors:
  • They don’t need to dress the message in the colors, fonts, and other trappings of corporate livery to make it look convincing.
  • People expect SMS messages to be short and sweet. They don’t expect to be told the entire story in the SMS. It is commonplace to click a link in an SMS to learn more and to get the finer detail.
  • People will more readily overlook poor grammar and misspellings in an SMS message. We’re all used to predictive text mishaps and while this shouldn’t happen in a corporate SMS message, that conditioning makes us more forgiving with that type of error than we would be in a corporate email.
  • In the space-restricted world of SMS messages, shortened URLs are the norm. And shortened URLs can be used to hide the real destination of the link.
  • It is easy to fake—or spoof—the number that sent an SMS message. If you receive an SMS from a telephone number that matches a contact in your address book, your phone will believe that is who sent it. The SMS messages will be identified as having come from that contact and they will be placed in the conversation list for that contact, alongside all of the genuine messages from that contact. All of that adds to the illusion that the message is genuine.

End-point protection suites usually have clients for cellphones, and these will go some way toward preventing malware installations. The most effective defense. of course. is to read articles like these to BE EDUCATED AND EMPOWERED to be aware of smishing, to recognize fraudulent messages, and to delete them immediately.

Loss of Devices

Losing a phone puts a tremendous amount of information about the owner of the phone at risk. If the phone has a poor password or PIN it won’t take long for the threat actors to discover it. PINs based on significant dates are a poor choice. Clues to the dates can be often be found in your social media posts.

Using a strong password or PIN and turning on encryption are good measures to protect the data—both personal and corporate—inside your phone. Installing or configuring tracking options is a good idea so that you can see the location of the device. This can aid recovery.

If you have added a Google account to your phone, Google’s Find My Device should be turned on automatically. Apple has a similar service called Find my iPhone. A third-party centralized system might better suit some corporate needs.

SIM Swapping

You don’t need to lose your device to lose control over it. When you buy a new phone you can transfer the existing number to the new device and activate that as your current ‘live’ handset.

If scammers can gather some information about you they can ring your phone provider and have your number transferred to a handset that is under their control, in a sting called SIM Swapping. To make the transition to your new phone as smooth as possible, both Apple and Google will download copies of all your apps, settings, and data to the new handset. Unfortunately, it is under the control of the threat actors.

A variant on this is to use social engineering techniques to obtain a (say) 5G SIM card for the victim’s phone number, either online or at an outlet. The threat actor then calls the victim and pretends to be from the victim’s phone provider informing them of a free upgrade to 5G. They tell them that an upgrade code will shortly follow. They then text the victim the activation code that came with the fraudulently acquired 5G SIM card. When the victim activates the service it doesn’t upgrade their old 4G SIM. Instead, it ceases the service to it and activates the new 5G SIM. The threat actors have effectively cloned your phone.

These are targeted attacks. The victims have something on their phones that makes the effort worthwhile. The most famous cases of these have targeted cryptocurrency traders or individuals with high-value cryptocurrency accounts. Swapping the SMs allow their digital wallets to be accessed. Individual losses have amounted to tens of millions of dollars.

Public Wi-Fi and Network Spoofing

Phones and other mobile devices are great because of their portable nature, and because they let us get online wherever there is a Wi-Fi connection that we can join. But you need to be careful when you are on public Wi-Fi. Everyone who is using that Wi-Fi is on the same network, and the threat actors can use a laptop and some network packet capture and analysis software to snoop on what your cellphone is sending and receiving. So what you might have thought was private is not private at all.

You shouldn’t use public Wi-Fi if you are going to need to enter a password to log in to one of your sites or to check your email. Don’t do anything sensitive like online banking or using PayPal or any other payment platform. Don’t do anything that will reveal any of your personally identifiable information. Checking the sports scores or catching up on the news is fine. If you’re doing anything else, you should always use a Virtual Private Network (VPN). A VPN sends your data down a private encrypted tunnel making it impossible for threat actors to see.

For a couple of hundred dollars, threat actors can buy portable devices that act as Wi-Fi access points (WAPs). They’ll set up camp in a coffee shop or other public space, and configure their dummy WAP to have a name similar to the genuine free Wi-Fi connection.

Unsuspecting victims—usually those in a rush—will connect to the threat actor’s bogus Wi-Fi instead of the genuine free Wi-Fi. The threat actor’s Wi-Fi is connected to the genuine Wi-Fi so the victim does get online, but everything that the victim types is captured by the threat actor’s device. A VPN will keep you safe in this circumstance too.

A reputable VPN is a must if you are going to be using public Wi-Fi for anything other than the most mundane web browsing. Of course, if you have a really high data quota in your phone package you might not need to join a public Wi-Fi at all.

And while we’re talking about public spaces, avoid publicly shared phone charge points. If they have been compromised they can inject malicious code into your phone.

It’s a Computer, So Patch It

The modern phone is a computer in your pocket that you happen to be able to make calls on. It has an operating system, it runs apps, and you should have some sort of end-point protection suite running on it. All of these should be the current versions and kept patched up to date.

This can be more of a challenge with Android phone than with other devices. Different handset manufacturers blend their own integrations into vanilla Android before distributing it. Samsung, HTC, Sony, and others all provide their own modifications to Android. This slows down the release of Android patches because the patch has to be released to the manufacturers from Google, and then embellished by the third-party manufacturers before it is released to the end users.

Don’t Forget the Users

Adopt good business practices such as app vetting, deploying encryption, and Mobile Device Management. Tell your employees to:

  • Use strong PINs, passwords, or fingerprint recognition.
  • Always use a VPN on public Wi-Fi.
  • Turn off Bluetooth and Wi-Fi when you’re not using them.
  • Be careful what apps you download. Research them first.
  • Turn on backups.
  • Avoid public phone charge points. Carry a booster battery instead.

Does your iPhone or iPad have Pegasus spyware? Find out for FREE right now!

Does your iPhone or iPad have Pegasus spyware? Find out for FREE right now (only a 5 minute read)

If you are like me, you’re curious about whether your iPhone or iPad is infected by Pegasus spyware. Here’s how to check for peace of mind.

 cybersecurity-2544
You will need to connect your iPhone to your computer to check for Pegasus spyware. 

Every time there’s a report about an iPhone or iPad exploit being actively distributed and used, it’s unnerving. In July, 2021 it was revealed that security researchers discovered evidence of Pegasus spyware being used on the phones of journalists, politicians and activists without their knowledge or, just as importantly, without their consent.

The spyware can be remotely installed on a target’s iPhone or iPad without the owner taking any action, granting the person or organization who installed it full access to the device and all the data it holds. That includes text messages, emails and even recording phone calls. Pegasus was originally designed and is marketed by its creator, the NSO Group, to monitor criminals and terrorists.

To be clear, the odds of your iPhone or iPad being infected by the Pegasus Spyware are low, and various reports claim that the most recent update, iOS 14.7.1, fixed the exploit Pegasus was using, but that hasn’t been confirmed by Apple. That said, if you want peace of mind — just in case — by knowing that your device is free of anyone spying on you, here’s what you need to do.

iMazing recently updated its Mac and PC app to include Amnesty International’s Mobile Verification Toolkit (MVT) which was built to detect signs of Pegasus on a device and isn’t charging users to access the feature.

Download iMazing for your respective computer from the company’s website. Don’t worry about buying the app, we can run the full spyware test using the free trial. 

After it’s downloaded, install iMazing and then open it. When prompted, select free trial.

how-to-run-imazing-spyware-tool
The longest part is waiting for the app to make a back up of your iPhone or iPad. 

How to run the Pegasus Spyware test on your iPhone or iPad

With iMazing installed and running, connect your iPhone or iPad to your computer using the appropriate cable. You may have to enter your Lock Screen code on your device to approve the connection before proceeding (something to keep in mind if your iPhone or iPad isn’t showing up in iMazing).

Next, scroll down through the action options on the right-hand side of iMazing until you locate Detect Spyware; click on it.

A new window will open, guiding you through the process. The tool works by creating a local backup of your device (so you’ll need to make sure you have enough storage space for the backup), and then analyzing that backup. It’s an automated task, so you don’t have to stick around to monitor it once you click start.

iMazing suggests leaving all of the default settings in place as you click through each screen. There are configuration options built into the tool for advanced users, but for most of us (including myself), the default configuration settings will get the job done. 

After going through the basic configuration, you’ll need to accept a license for the tool and then click the Start Analysis button.

Once the process starts, make sure you leave your iPhone or iPad connected until it’s finished. I ran the test on my iPhone 12 Pro and it took around 30 minutes to create the backup and another 5 minutes for it to be analyzed. After the backup was created, I did have to enter my account password to allow iMazing to begin analyzing the file. Because of that, I recommend starting the tool and checking on it after a while. My neighbor has a iPhone 12 (not a Pro model) and the same process took her 45 minutes and another 13 minutes respectively to give you a comparison of iPhone devices.

Once iMazing begins analyzing your device’s backup, it’ll show you its progress by displaying each individual app it’s checking, starting with iMessage. The app is using a database of known “malicious email addresses, links, process names and file names

When iMazing finishes, you’ll see an alert with the results. In my case, my iPhone 12 Pro did not show any signs of infection and had 0 warnings.

The alert also includes two buttons to either open or reveal the report. I looked through my report and it contained a bunch of random links that meant nothing to me.

imazing-spyware-check-results.png
At the end of the scan, the results are displayed in an easy to read alert.

What to do if the iMazing app says your device has signs of an infection

First of all, don’t panic. It could be a false positive. iMazing asks that you send the report (click reveal report to go directly to the file) to its customer support team who will then do further analysis.

The company does suggest, however, that if you or a family member are active in a “politically sensitive context” and have a positive report to immediately remove your SIM card and turn your iPhone off.

Again, the odds of getting a true positive report are very low, but at least you’ll have some peace of mind. For more peace of mind and a free 30-minute security diagnosis by Certified Mac/Apple Technicians, contact GeeksByTheHour.com right now.

The Best Antivirus for Windows 10 Today (2023) (Is Windows Defender Good Enough?)

The Best Antivirus for Windows Today In 2023: Is Windows Defender Good Enough?

 

Windows Defender was originally known as Microsoft Security Essentials back in the Windows 7 days when it was offered as a separate download, but now it’s built right into Windows and it’s enabled by default. Many people have been trained to believe that you should always install a third-party antivirus, but that isn’t the best solution for today’s security problems, like ransomware.
If improving Security for your end device is your overall goal and you have a PC (aka Windows-OS device) then you must download and install WINPATROL. There is a FREE limited edition, but if you care for what comes in to your device then for a week's worth of coffee it is HIGHLY SUGGESTED you pay for the Upgrade. I have the paid version on every devices that runs on Windows since Windows 7 came out and it is THE BEST BARGAIN IN PC SECURITY. https://www.bleepingcomputer.com/download/winpatrol/
So, What Is the Best Antivirus Program In 2023?

 

We definitely recommend you read the entire article so you fully understand why we recommend a combination of Windows Defender and Malwarebytes, but since we know that tons of people will just scroll down and skim, here is our recommendation for how to keep your system secure:
  • Keep the Built-in Windows Defender for traditional antivirus – but today in 2023, malicious hackers require you to adapt and focus on Ransomware, zero-day attacks, keyloggers, and malware (such as Keyloggers that can copy and use every key stroke on your device for their own purposes) that require the 1-2-3 Defense listed below.
  • Use Malwarebytes for Anti-Malware and Anti-Exploit – all of the huge malware outbreaks these days are using zero-day flaws in your browser to install ransomware to take over your PC, and only Malwarebytes provides really excellent protection against this with their unique anti-exploit system. There’s no bloatware and it won’t slow you down.

Editor’s Note: This doesn’t even mention the fact that Malwarebytes, the company, is staffed by some really great people that we really respect. Every time we talk to them, they are excited about the mission of cleaning up the internet. It’s not often that we give an official How-To Geek recommendation, but this is our favorite product by far, and something we use ourselves.

A One-Two-Three Punch Equals a Knockout for anyone trying to cause harm: Registry/Windows Defense (WinPatrol), Antivirus (Windows Defender) and Anti-Malware (MalwareBytes)
1. You need antivirus software on your computer, no matter how “carefully” you browse. Being smart isn’t enough to protect you from threats, and security software can help act as another line of defense.

2. However, antivirus itself is no longer adequate security on its own. We recommend you use a good antivirus program and a good anti-malware program. Together, they will protect you from most of the biggest threats on the internet today: viruses, spyware, ransomware, and even potentially unwanted programs (PUPs)—among many others.

3. So which ones should you use, and do you need to pay money for them? Let’s start with the first part of that unified threesome combo: antivirus.

Is Windows Defender Good Enough On Its Own? NO IT IS NOT!

When you install Windows 10 or Windows 11 (not recommended as of this time), you will have an antivirus program already running. Windows Defender comes built-in to Windows 10, and automatically scans programs you open, downloads new definitions from Windows Update, and provides an interface you can use for in-depth scans. Best of all, it doesn’t slow down your system, and mostly stays out of your way—which we can’t say about most other antivirus programs.

For a short while, Microsoft’s antivirus fell behind the others when it came to comparative antivirus software tests—way behind. It was bad enough that we recommended something else, but it’s since bounced back, and now provides very good protection.

So in short, yes: Windows Defender is good enough (as long as you couple it with a good anti-malware program, as we mentioned above—more on that in a minute).

But Is Windows Defender the Best Antivirus? What About Other Programs?

If you look at that antivirus comparison we linked to above, you’ll notice that Windows Defender, while good, does not get the highest ranks in terms of raw protection scores. So why not use something else?

First, let’s look at those scores. AV-TEST found that it still caught 99.9% of the “widespread and prevalent malware” in April 2017, along with 98.8% percent of the zero-day attacks. Avira, one of AV-TEST’s top rated antivirus programs, has the exact same scores for April—but slightly higher scores in past months, so its overall rating is (for some reason) much higher. But Windows Defender isn’t nearly as crippled as AV-TEST’s 4.5-out-of-6 rating would have you believe.

Furthermore, security is about more than raw protection scores. Other antivirus programs may occasionally do a bit better in monthly tests, but they also come with a lot of bloat, like browser extensions that actually make you less safe, registry cleaners that are terrible and unnecesary, loads of unsafe junkware, and even the ability to track your browsing habits so they can make money. Furthermore, the way they hook themselves into your browser and operating system often causes more problems than it solves. Something that protects you against viruses but opens you up to other vectors of attack is not good security.

Just look at all the extra garbage Avast tries to install alongside its antivirus.

Windows Defender does not do any of these things—it does one thing well, for free, and without getting in your way. Plus, Windows 10 already includes the various other protections introduced in Windows 8, like the SmartScreen filter that should prevent you from downloading and running malware, whatever antivirus you use. Chrome and Firefox, similarly, include Google’s Safe Browsing, which blocks many malware downloads.

If you hate Windows Defender for some reason and want to use another antivirus, you can use Avira. It has a free version that works fairly well, a pro version with a few extra features, and it provides great protection scores and only has the occasional popup ad (but it does have popup ads, which are annoying). The biggest problem is that you need to be sure to uninstall the browser extension it tries to force on you, which makes it hard to recommend to non-technical people.

Antivirus Isn’t Enough: Use Malwarebytes, Too

Antivirus is important, but today, it is far more important that you use a good anti-exploit program to protect your web browser and plug-ins, which are the most targeted by attackers. Malwarebytes is the program we recommend here.

Unlike traditional antivirus programs, Malwarebytes is good at finding “potentially unwanted programs” (PUPs) and other junkware. As of version 3.0, it also contains an anti-exploit feature, which aims to block common exploits in programs, even if they are zero-day attacks that have never seen before—like those nasty Flash zero-day attacks. It also contains anti-ransomware, to block extortion attacks like CryptoLocker. The latest version of Malwarebytes combines these three tools into one easy-to-use package for $40 per year.

Malwarebytes claims to be able to replace your traditional antivirus entirely, but we disagree with this. It uses completely different strategies for protecting you: antivirus will block or quarantine harmful programs that find their way to your computer, while Malwarebytes attempts to stop harmful software from ever reaching your computer in the first place. Since it doesn’t interfere with traditional antivirus programs, we recommend you run both programs for the best protection.

Update: The Premium version of Malwarebytes now registers itself as the system’s security program by default. In other words, it will handle all your anti-malware scanning and Windows Defender won’t run in the background. You can still run both at once if you like. Here’s how: In Malwarebytes, open Settings, click the “Security” tab, and disable the “Always register Malwarebytes in the Windows Security Center” option. With this option disabled, Malwarebytes won’t register itself as the system’s security application and both Malwarebytes and Windows Defender will run at the same time.

Note that you can get some of Malwarebytes’ features for free, but with caveats. For example, the free version of Malwarebytes program will only scan for malware and PUPs on-demand—it won’t scan in the background like the premium version does. In addition, it doesn’t contain the anti-exploit or anti-ransomware features of the premium version.

You can only get all three features in the full $40 version of Malwarebytes, which we recommend. But if you’re willing to forego anti-ransomware and always-on malware scanning, the free versions of Malwarebytes and Anti-Exploit are better than nothing, and you should definitely use them.

There you have it: with a combination of a good antivirus program, Malwarebytes, and some common sense, you’ll be pretty well protected. Just remember that antivirus is only one of the standard computer security practices you should be following. Good digital hygiene isn’t a replacement for antivirus, but it is essential to making sure your antivirus can do its job.