14 Simple Steps for Writing Rock-Solid Passwords

Because your privacy is only as safe as your weakest password.

Your online privacy depends on the strength of your passwords.

Your online privacy depends on the strength of your passwords.

Ok, so maybe that’s a bit of an exaggeration, but let’s face it. The strength of your passwords is important. If it wasn’t, why would so many people be interested in hacking them!

Passwords keep your private stuff private. They make sure that the emails sent from your account are actually written by you. They make sure that the Posts, Likes and Comments that appear on your Facebook page are authentic. They keep your Dropbox photos private. They make sure your coffee card is used exclusively to buy frothy sweet drinks for the people you want to treat.

Of course, passwords also prevent criminals from draining your bank account, running up charges on your credit cards, and causing all sorts of other mischief.

Clearly, having a strong password and keeping it secure is important. Which leads to the question – how can you create rock-solid passwords and keep them protected? Here are 14 simple steps to help you out.

Continue reading

What the Heck are Zero-Day Attacks? (And 3 Ways to Avoid Them)

If you look for the term zero-day attack in your home dictionary, you probably won’t find it.

Go ahead and check…I’ll wait.

You might not even find the term in some online dictionaries (though to be fair, it does appear in others.).

Nevertheless, if you google the term, you’ll find thousands of references to it, many of them from mainstream sources including Forbes, Time, and USA Today. So what’s the deal? If the term is so important, why isn’t in the dictionary yet?

As with so many computer-related terms, the phrase zero-day attack has recently crept into the lexicon of the common person, after being used by technical types for more than a decade. Also known as 0day attacks, zero-hour attacks and 0hour attacks, these are attacks that exploit a vulnerability in a computer application or program.

A vulnerability, by the way, is simply an error in a software that could be exploited. It isn’t a problem in itself, and it isn’t something that stops an application or program from working properly. However, if a vulnerability is discovered by a hacker, and if the hacker uses the vulnerability to conduct nefarious activities, then the moment these nefarious activities are discovered, it is known as a zero-day attack.

Hackers look for vulnerabilities that they can exploit.

Hackers look for vulnerabilities that they can exploit.

The term zero-day stems from the fact that developers have had zero time to defend their software against the attack. From the moment it is revealed, developers must work quickly to fix the vulnerability and stop the damage from spreading.

There are several related terms, by the way, including zero-day vulnerability (a vulnerability that has been revealed to the public at large – including both hackers and developers – and could lead to a zero-day attack unless fixed) and a zero-day exploit (an effort by a hacker to exploit a vulnerability on the same day that it is revealed to the public). Prior to these zero-day events, developers have had zero time to do anything. Once the vulnerability is revealed, developers are pressed to find fixes (known as patches) before exploitation can occur.

A Short History of Zero-Day Attacks

There have been scores of reports about zero-day vulnerabilities, exploits, and out-and-out attacks in the news recently. After all, that’s why you’re reading this blog right? Some major zero-day events include the following.

If that looks like a worrisome shopping list of trouble – it is. And experts warn that things are getting worse. From 2006 to 2012, the number of zero-day attacks varied between 8 and 14 each year. By 2014, the number had increased to 25.

Things aren’t getting better because the business of hacking people’s computers is becoming increasingly lucrative. Indeed, there is a serious underground market for buying and selling knowledge about vulnerabilities. This knowledge, when purchased by software developers, can enable vulnerabilities to be repaired without any damage to the software, its users, or a company’s reputation. However, if this knowledge is sold to bad guys, the vulnerability can be used to cause extensive and wide-ranging damage.

3 Ways to Avoid Zero-Day Attacks

You don’t need to be an IT expert to protect yourself against zero-day attacks. Just by reading this blog, in fact, you’re one step closer to protecting yourself. Because the more you know about dangers on the internet, the better you’ll be able to protect yourself.

Update your Antivirus

Choose a top-notch antivirus that protects against both known and unknown threats.

1. Use a top-notch antivirus.
The first thing you can do is get yourself an excellent antivirus. Make sure the antivirus you choose doesn’t just protect against known threats, since zero-day attacks are, by definitions, attacks that were not known just one day earlier. So when you choose your antivirus software, make sure it protects you from both known and unknown attacks. At ZoneAlarm, we call this process Threat Emulation, and it means email attachments and downloads are tested for threats in a safe, cloud-based environment before being allowed to enter your computer.

 

2. Update your software.
Another important way of protecting yourself against zero-day attacks is to make sure that you use the most updated version of your software. If software you trust sends you a notice to update your version, do it. If the software update explains that this a critical update (it may be referred to as a “critical security release” or similar), believe them. The update may include a patch to a recently discovered vulnerability. By updating your software, you immunize yourself against possible future infections through that vulnerability.

Many software vendors automatically update your software for you. Windows, for example, automatically installs important and recommended updates to your Windows software. While it is possible to turn off these automatic updates, it is highly recommended that you don’t, as they protect you from potentially dangerous security and reliability issues.

3. Use only updated browsers.
Firefox, Chrome and Internet Explorer all push out automatic updates of their browsers on a regular basis. These updates, which often include patches to newly discovered vulnerabilities, generally take place in the background. The updates are installed when you close and reopen your browser, and won’t disturb your use of the browser at all.

If you’ve left your browser open for several days, you might see your browser prompt you to update manually. For example, in Chrome, you’ll see the colors of the Chrome menu in the top right corner switch to green, orange or red. This is a subtle reminder to update your Chrome browser, and this can be done through the Chrome menu. Make sure you click Restart afterwards so the changes are applied.

An ounce of prevention…

Protecting yourself online isn’t much different from protecting yourself in other aspects of life.
You buckle up your safety belt BEFORE you start driving.
You buy travel insurance BEFORE you board the plane.
You set your alarm clock BEFORE your 9 a.m. job interview.

When it comes to the internet, protecting yourself from online threats also requires advance planning. Make sure your antivirus is powerful and up-to-date. Make sure your browsers and software are up-to-date.

What precautions do you take in your online life to prevent unseen hazards?

 

ZoneAlarm Enhanced Browser Protection: Stop Threats Before They Reach Your Browser

Enhanced Browser Protection header

The Internet is plagued with a magnitude of threats that can cause serious damage to your PC. Simply surfing the web and visiting websites make you vulnerable and put you at risk of an attack. While having an antivirus is a good step towards protecting your PC, having security that can stop threats cold in their tracks, even before they reach your browser, is a huge advantage.
Continue Reading…ZoneAlarm Enhanced Browser Protection: Stop Threats Before They Reach Your Browser

Introducing ZoneAlarm Advanced Real-Time Antivirus

Advanced Real_time Antivirus_header

We’re excited to introduce you to ZoneAlarm Advanced Real-Time Antivirus, a new feature found in ZoneAlarm 2015 security suites*.

It’s recommended that your PC is equipped with, at a minimum, an antivirus, which prevents malware from infecting your PC, and a two-way firewall, which monitors traffic to-and-from your PC. However, with over 315,000 new threats being discovered every single day, it’s simply not practical for the antivirus software on your desktop to update at the same rate without taking a toll on your PC’s performance. With ZoneAlarm Advanced Real-Time Antivirus, you’re protected from the latest Web threats even when the antivirus on your desktop has not yet been updated with the latest signatures.
Continue Reading… Introducing ZoneAlarm Advanced Real-Time Antivirus