Hardly a week goes by without a company, an organization, or a hospital falling victim to a ransomware attack. Their computer systems have been attacked by an extortion virus that encrypts all files and only releases them again upon payment of a high ransom. Yet the computers of almost all victims are protected by an antivirus program. How can this be? Further reading: Best antivirus software 2024: Keep your PC safe from malware, spyware, and more 1. Extremely number of attacks with very many viruses Back in 2023, we asked anti-virus expert Andreas Marx of AV-Test how so many infections escape antivirus software, even though it actually protects well. His answer: “Many programs successfully fend off around 99.9 percent of attacks, but that also means that one in 1,000 attacks is successful. And with over 100 million new malware programs a year and several billion Windows PCs, there is thus always a residual risk.” In other words, the masses do it. Criminals spread viruses by the millions, so in the end there are still many who can slip through the security gaps of a computer system. Peter Stelzhammer, security specialist and co-founder of AV-Comparatives, also sees the mass of distributed viruses as a reason for the success of malware. But he also mentions other reasons and gives tips for good protection. You can find the interview with Peter Stelzhammer at the end of the article. The detection rate of PC malware by antivirus programs in the AV-Comparatives test is between 98.9 and 100 percent. These are very good values. But they also mean that some pests are still overlooked. The detection rate of PC malware by antivirus programs in the AV-Comparatives test is between 98.9 and 100 percent. These are very good values. But they also mean that some pests are still overlooked. IDG The detection rate of PC malware by antivirus programs in the AV-Comparatives test is between 98.9 and 100 percent. These are very good values. But they also mean that some pests are still overlooked. IDG IDG Most malware is spread by e-mail. Either the malicious code comes directly as an attachment or a link in the e-mail leads to a virus. To a much lesser extent, malicious code also comes via messenger or SMS. In these cases, a link is almost always sent that refers to the malicious code or an infected website. Basic protection is provided by an installed antivirus program. Your PC also must not have any security vulnerabilities open. You can ensure this by always installing all program and Windows updates. These patches close newly discovered gaps in the system. In addition to these technical requirements, you must become a security guard yourself. Always be extremely suspicious of e-mail attachments and links you don’t recognize. If in doubt, refrain from opening the attachment. If this isn’t an option, open the attachment only in a secure environment, e.g. in a sandbox under Any.run. 2. Targeted attacks on security flaws Security researchers repeatedly find security flaws in the standard configuration of programs. Not often, but often enough, these are also vulnerabilities that can initially be exploited without typical PC viruses. This is the case, for example, when remote access to a company’s PCs is only protected with a standard password or simple passwords. This is virtually an invitation for hackers to take possession of these systems. Once they are logged onto a system, they can cause further damage by, for example, disabling the installed antivirus program and sneaking their malicious code into the system. Detecting vulnerable systems is easier than one might think. After all, scanners can be used to search large parts of the internet for vulnerable systems. In the simplest case, the attackers use search engines for security vulnerabilities such as Shodan. Use very complex and unique passwords for all services where someone can log on to your computer. It’s best to activate two-factor authentication. Typical home networks are affected in two places here. The first place is the router (if remote access is enabled for it) and the second is the computer itself (if a remote desktop service like Windows’ is used there). Here, Microsoft Defender has blocked a rather harmless file and placed it in quarantine. On a private PC, this software should provide sufficient protection. For companies there are other programs. Here, Microsoft Defender has blocked a rather harmless file and placed it in quarantine. On a private PC, this software should provide sufficient protection. For companies there are other programs. IDG Here, Microsoft Defender has blocked a rather harmless file and placed it in quarantine. On a private PC, this software should provide sufficient protection. For companies there are other programs. IDG IDG 3. Credential Stuffing: Stolen log-in data With this method, the attackers do not have to wait for someone to find a security hole in a software or standard configuration (see above). Instead, the attackers obtain the credentials of hundreds of thousands or millions of users from underground forums and attempt to log in with those credentials. These attacks are called credential stuffing and primarily target online services such as the mailbox or a shopping website, but can also be applied to remote desktops. With tools like Sentry MBA, credential stuffing works automatically. They test username and password combinations on a variety of websites simultaneously. For some online shops, a large part of the login traffic already comes from such tools. All users who use the same password for several accounts are at risk. On the other hand, those who create a separate password for each service have little to fear. 4. Targeted attacks via social engineering These attacks mainly affect employees of companies, but also at home on a private PC. This is shown by the attack on the private laptop of a LastPass developer. After hackers gained access to this laptop, they were able to penetrate the LastPass company network and steal a considerable amount of customer data. One possible form of attack is spear phishing. In this hacking method, the attackers find out very detailed information about the victim before the attack. For example, the hackers find out which employees are responsible for accounting or work in the human resources department. These people then receive an e-mail with an invoice or an application attached. Of course, the employee will open the attachment because the e-mail is addressed to them personally, speaks directly to them, and thematically falls one hundred percent within their area of work. The attachment usually contains a PDF file with malicious code that exploits a new vulnerability in the company’s PDF viewer. Good protection against spear phishing is particularly difficult because the attack is tailored to the victim. Good technical measures, such as only allowing e-mail attachments to be opened in a protected environment (sandbox, virtual PC), will likely help. 5. Attacks with new tricks like SMS and video A virus can usually bypass an antivirus program when it is still very new. The protection program does not yet recognize the virus. The attacker can make sure that the virus is new because new viruses can be bought in underground forums. However, the attacker must then get their new product onto as many PCs as possible as quickly as possible. This can be done via mass e-mails (see point one) or via new tricks. These include, for example, messages sent by SMS containing a link to the new malware. The State Criminal Police Office of Lower Saxony, for example, warns against such phishing SMS messages. The criminals often pretend to be DHL support. With fake parcel SMS messages, they try to get their victims to divulge private data. These are later used by the fraudsters for identity theft. But, of course, this scam can also be used to spread malicious code. The very latest is the use of videos created with the help of artificial intelligence. The videos show how expensive software like Adobe for example can be used for free with a crack. This link, which leads to the crack, contains malware. Alleged cracks for expensive software have been used for decades to infect other people’s PCs. What’s new is the elaborate packaging in the form of an explanatory video. What protects against spam by SMS also helps against spam by e-mail. Be very suspicious of links in a message. This mistrust should also be extended to other approaches such as elaborately made videos or extensive messages. Interview with a security expert We talked about this topic with Peter Stelzhammer, security specialist and co-founder of AV-Comparatives (www.av-comparatives.org). Check out our interview below. PCWorld: How can it be that antivirus programs detect 99 to 100 percent of all PC malware and yet so many computers are infected? Stelzhammer: The problem is that antivirus programs are still partly reactive. The cyber criminals, on the other hand, usually take a proactive approach. This means that the criminals look for and find gaps in the antivirus programs and exploit them. The manufacturers of the antivirus tools can only react afterwards, i.e. be reactive and close the gaps within hours or days. This can also be seen in our tests of antivirus software. Many tools protect a good 99 percent against all current viruses. So, a few viruses still get through. And with the mass of viruses, that explains some of the infected systems. By the way, the programs with one hundred percent detection in our test do not manage this in every test either. PCWorld: So is virus protection pointless? Stelzhammer: No. It’s already the case that I’m well protected against pests with a computer with a good anti-virus program and all updates. Especially as a private person. But it is important that the antivirus program and all other installed programs and, of course, Windows are up to date. And to be well protected in case of an infection, you also need a backup. This should not remain connected to the PC. Because then it could also be encrypted by ransomware. PCWorld: Do attacks focus more on companies or private PCs? Stelzhammer: Companies. That is more lucrative. Infected private PCs are collateral damage. PCWorld: What’s the most frequent type of attack? Stelzhammer: Phishing by e-mail or other messages and fake websites are the biggest entry vector. The criminals use sophisticated tricks. One example is the domain www.poIizei.com. The letter L in the address is actually a capital I. In this way, criminals can forge almost all web addresses in which the letter L appears. AI tools are designed not to produce harmful content. This hacker forum shows how the AI Chat-GPT can nevertheless be misused for criminal purposes. AI tools are designed not to produce harmful content. This hacker forum shows how the AI Chat-GPT can nevertheless be misused for criminal purposes. IDG AI tools are designed not to produce harmful content. This hacker forum shows how the AI Chat-GPT can nevertheless be misused for criminal purposes. IDG IDG PCWorld: Aren’t phishing attacks easy to recognize with a little practice? Stelzhammer: If you know your way around, you don’t have to fall for phishing. But there are many well-made forgeries today for e-mail and websites. The quality of the fakes will increase with new AI tools because with Chat-GPT and other programs, criminals will be able to generate large amounts of individual phishing e-mails. When a victim replies to it, the AI will send a plausible answer. This makes it even easier to foist a PC malware on victims or to elicit data from them. PCWorld: How do criminals smuggle so many extortion viruses into companies? Stelzhammer: There are two ways. One is mass attacks in which ransomware is sent to millions of e-mail addresses. Some careless employee will click on the link to the ransomware in the e-mail. And if the ransomware belongs to the one percent of malware that virus protection misses, the PC is infected. On the other hand, there are also targeted social engineering attacks against a company with well-forged e-mails. Mostly, these are e-mails to the personnel department with a PDF attachment. The employees expect e-mails with PDF attachments and will click on the attachment. PCWorld: Protection software usually comes in three equipment classes: Antivirus, Internet Security, and Total Security. Which variant do you recommend? Stelzhammer: You should choose the version that contains all important protection mechanisms. Today there are good antivirus products that not only protect against harmful files, but also offer good behavior-based detection and have a built-in web filter against phishing sites. If a product has these features, it is sufficient. Better equipped products offer more comfort, but not necessarily more protection. You pay for the comfort. PCWorld: Microsoft Defender usually scores worse in your comparison tests. Can you recommend the free on-board product? Stelzhammer: Defender is sufficient for private use. But there are other free antivirus programs that offer more. I recommend taking a look at our comparison tests, which we provide on our website (www.av-comparatives.org). Read...

It’s that time of year again, folks. Whether you’re a freshman heading off to college for the first time or a returning student, you’re going to need a good laptop that will last you through your school years (and maybe beyond!). But finding the right laptop for your needs can be like searching for a needle in a haystack–daunting. What screen size should you spring for? Do you really need an all-powerful processor for research and general web browsing? Fortunately, I can help. In addition to overseeing PCWorld’s laptop reviews, I also maintain our top pick roundups such as best laptops and best Chromebooks. Notebooks are my job, so I know what to look for in a college laptop. If you’re not sure where to begin your search, don’t sweat it — I’ll guide you every step of the way. Further reading: Best laptops for college students 2024: Top picks and expert advice 6 must-have features in any college laptop Battery life The number one must-have feature when it comes to college laptops? Good battery life, hands-down. You don’t want your laptop to suddenly turn off when you’re in the middle of taking notes for an upcoming exam. I’ve been there and it sucks. So, what’s a good number to hit for battery life? This laptop has insane battery life Microsoft Surface Laptop 7 (13.8?) Read our review Best Prices Today: $999.99 at Amazon | $999.99 at Best Buy | Not Available at Adorama I’d recommend a laptop with 10-15 hours of battery life, but we recently tested a few laptops with Qualcomm processors that last 20+ hours on a single charge while watching video, which is absolutely bonkers. The Surface Laptop 7 lasted 20 hours and the Samsung Galaxy Book4 Edge lasted 21 hours. The Galaxy Book4 Edge is especially impressive, as it’s a 16-inch laptop with an OLED display and, if you know anything about OLED displays, you probably know that they typically consume a lot of power. While laptops with Qualcomm processors are great and can handle the basics, they don’t always work with specialized PC software that some courses may require. So, if you’re in the market for a laptop with an Intel Core processor or AMD Ryzen processor, both of which offer perfect software compatibility, we’ve reviewed plenty of those too. You’ll definitely want to check out the Dell Inspiron 16 Plus (17 hours!) and the Lenovo ThinkBook 14 2-in-1 (14 hours!), both of which are long-lasting. Enough power for writing papers and general web browsing check out our favorite windows laptop for college students Dell Inspiron 14 Plus Read our review You don’t need a ton of power for basic tasks like writing papers, research, general web browsing, and so on. You can easily get by with an Intel Core i3, 8GB of RAM, and 256GB of SSD storage. That said, more RAM and storage will improve the speed of the laptop, so you’ll notice a smoother web browsing experience as well as better multitasking performance like being able to simultaneously run multiple applications. If you can afford it, I’d recommend bumping up your configuration to 16GB of RAM and either 512GB or 1TB of SSD storage, especially if you’ve got a big backlog of games in your library. A good screen that won’t hurt your eyes A great college laptop with a gorgeous oled display Asus Zenbook 14 OLED Read our review Having dealt with eye strain and tension headaches for years, I know how important it is to invest in a laptop with a good screen. You might as well. Whether it’s tuning in to a remote lecture or writing a compare and contrast essay late into the night, you’re going to be staring at the screen a heck of a lot. The minimum resolution I’d recommend is 1920×1080–it’s sharp enough for writing essays, watching Netflix, answering e-mails, scrolling through your synopsis, and so on. Any lower than 1080p and you’ll find yourself leaning in to squint at the ants, I mean words on your screen. If you’re interested in a laptop with a lovely screen, you should really check out the Asus Zenbook 14 OLED, which is the Best For Students Runner-Up pick in PCWorld’s best laptops for college students roundup. According to our review, “movies and games look realistic and vibrant” on this 14-inch 1920×1200 OLED touch display. OLED displays are also known for producing deeper blacks and richer colors than their IPS counterparts, so this laptop may be a good option for those majoring in graphic design. A lightweight form factor A superior ultraportable laptop for students Acer TravelMate P6 Read our review Nobody wants to be lugging a heavy laptop from class-to-class. If you’ve got a jam-packed schedule this year, then you’ll really need to take a laptop’s weight into consideration. Gaming laptops, for example, tend to be heavier machines often weighing six pounds or more. That’s because they house bigger and more powerful hardware inside. There are a few lightweight gaming options out there in the universe, but if it’s raw power you’re after, chances are you’ll end up with a bulkier one. Anything under four pounds is considered “portable” in the laptop world. That said, folks with weak arms and shoulders (hi, it’s me) may opt for something even lighter. If that’s you, then you’ll want to pick up the Acer TravelMate P6. It weighs just 2.65 pounds and it has all the essential ports a college student would need. The right operating system for your needs check out our best chromebook for students Lenovo Flex 5i Chromebook Plus Read our review When it comes to the various operating systems, it’s like comparing apples to oranges. Windows, ChromeOS, macOS. They all offer such different things, so it really boils down to your specific needs. Are you studying photo or video editing this semester? Then go with Windows, as it offers wider access to applications and browsers you can’t run on ChromeOS. Does simplicity and security matter to you? Chromebooks, which exclusively run ChromeOS, are less vulnerable to attacks because of automatic updates. Chromebooks also tend to be more affordable and don’t require as much maintenance as a Windows laptop. macOS, which you’ll find on Apple laptops like the MacBook Air (M3), integrates really well with other Apple products like the iPhone. Setting up a MacBook is also pretty easy and the whole process feels really polished. A comfortable keyboard A budget gaming laptop with a delightful keyboard Asus TUF Gaming A16 Advantage Edition Read our review Whether it’s plugging numbers into a spreadsheet or producing a short story for your fiction class, whatever you’re majoring in, you’re going to be typing a lot in college. That’s why it’s important to buy a laptop with a comfortable keyboard. Again, it boils down to your specific needs. Do you need a full-sized keyboard with a number pad? The Asus TUF Gaming A16 is a good option. Not only does it have a number pad, but it also has a generous 1.7 mm of travel between the keys. Let’s talk about key travel for a second. Key travel is the distance the key requires to fully depress and send a command to the computer’s CPU. This distance is measured in millimeters. My rule of thumb? A keyboard with a longer key travel is going to provide a more comfortable typing experience. Anything beyond 1.4 mm of travel is ideal. The most common type of laptop keyboard is a membrane keyboard, which has rubber or silicone underneath each key. Membrane keyboards are quieter and more affordable than the mechanical variety–making them a more suitable option for a classroom environment. Further reading: Best laptops for college students 2024: Top picks and expert advice Read...

Wanaka in “shock” after Environment Court rules about 140 houses can be built on land used for mountain biking despite being long promised to Maori. Read...

Security authorities say Australia`s security environment had become more volatile and unpredictable. Read...

Your next barbecue, beach hangout, or pool party could be so much better with this Bose SoundLink Flex speaker that’s on sale for $109 on Amazon. Normally $149, this is a fantastic price for a fun gadget that fills your space with your favorite summer tracks. With its beautiful and compact design, Bose’s SoundLink Flex is a Bluetooth speaker that promises clear audio and deep bass, no matter if you’re listening your playlists at home or while on the go. The SoundLink Flex comes with smart technology that detects its own position and optimizes its sound quality based on orientation and environment. So, whether it’s lying flat on a table, standing straight up on the ground, or even hanging from a tree, it sounds great. I mentioned you can take the SoundLink Flex to pool parties and the beach, and that’s because it has an IP67 waterproof rating. Not only can it withstand accidental dips and splashes, it actually floats on water! This Bluetooth speaker can play music for up to 12 hours on a single charge. Note that it takes about four hours to recharge from zero to full, so keep that in mind when prepping for a trip. You can also take calls through the speaker if it’s connected to your phone. It has a built-in microphone and a button that accesses your phone’s smart assistant feature when pressed. Bose products don’t come cheap, which is why this is a really good deal to jump on. Get the Bose SoundLink Flex for $40 off on Amazon and elevate your summer this year. Save $40 on the Bose SoundLink FlexBuy now on Amazon Read...

The Fringe retains its title as the world’s largest arts festival in an increasingly fragile environment. Read...

Both DOC and Environment Canterbury are doubling down on assertions that there is no problem with the shrinking Lake Camp, other than natural fluctuations. Read...

Environment Southland says maritime and compliance teams had drawn a blank in searching for the source of the leaks. Read...

The IOC should insist that athletes enter a stadium, their rightful environment, to be introduced to the world rather than being treated like tourists coming to town. Read...

Creative people of all ages in the Horizons council area have been challenged to show what nature means to them. Read...