Most of us use debit or credit cards to pay at all kinds of locations without much thought. But these cards, especially at high-traffic locations like ATMs and fuel pumps, pose a special risk. Hopefully you know to look for the danger signs of a compromised ATM (like a fake number pad). Recently, a new type of device has become popular for fraudsters to install on card readers at gas stations. These can steal your card info without you even noticing, and transmit the stolen details via Bluetooth.

If you want an extra measure of security against these attacks, you should install the free Android app Skimmer Scanner.

Open up this simple app, make sure you have Bluetooth enabled, and tap Scan. Your phone will then search for nearby Bluetooth devices commonly used to skim cards and alert you if there’s a compromised scanner nearby. It will generate a list of nearby Bluetooth devices, including those that are harmless like your car system and your smartwatch. When it’s done scanning, you’ll see if it detected any scam devices.

Of course, this isn’t foolproof. Just because it doesn’t find a device doesn’t mean that the card reader is safe. Also, if you find a device, remember that you may accidentally authenticate your device’s Bluetooth to it, which could identify your device to the criminals using it. Don’t try to remove any skimmers yourself — let the station employees know and they can take the appropriate action.

In all, this is a great app to keep around. Running a quick scan before you pump gas only takes a moment, and could save you from the annoyance of having your card stolen. Just don’t let your guard down because you have the app in your corner.

Most computer users know that they need an antivirus to protect their machines from the many threats of the modern web. While there are plenty of free antivirus programs, many of them stay free by constantly bugging you to upgrade to the paid version or installing some unnecessary browser extension. If you’re installing an antivirus for a novice computer user, you don’t want them confused by all kinds of nagging popups. Even advanced users get tired of these.

To this end, we’ve picked out some free antivirus suites that don’t constantly nag you or install a bunch of unnecessary junk. We’ve started with the cleanest solutions and end with a few that have popups by default, but are easily disabled by flipping one setting.

Windows Defender Let’s start with the default antivirus in Windows 10. Windows Defender had some issues in its infancy, but it’s grown into a solid antivirus with several pros in its corner.

One of the biggest reasons to use it is the complete lack of nag screens. There’s no premium version of Windows Defender, so you won’t ever see a popup asking you to pay for it. Windows Defender sits quietly and does its job, only alerting you if there’s an issue. You don’t have to worry about any “special offers” with this solution, either. Finally, Windows Defender updates through Windows Update, which is automatic in Windows 10.

Sophos Home Sophos isn’t one of the biggest names in antivirus programs, but it’s still an excellent contender. You’ll have to register for an account before you download the antivirus, but it’s a small inconvenience for a nag-free antivirus tool. The installer is pretty large, so it might take several minutes to get it set up.

Once Sophos is ready, you’ll find that opening it results in a simple panel with no ads. Click Manage My Security to open Sophos’s website, where you can sign in and manage how the antivirus runs. Open the Configure tab, and you can even set up basic web filtering for your computer. You can block or issue a warning for categories like gambling, violence, and alcohol.

Immunet The open source antivirus ClamAV has been around on Linux for a while, and developers have ported it to other platforms too. The standard Windows client hasn’t seen an update in over a year. However, ClamAV recommends you try Immunet, a full antivirus published by Cisco and powered by ClamAV’s engine.

Immunet doesn’t have a paid version, so there’s zero nag screens or bloatware to worry about. What makes this antivirus unique is that it’s community-based — if the app detects an infection on someone’s system, it automatically blocks it for everyone else who uses Immunet. Even better, it only takes up a few MB of space.

Bitdefender Antivirus Free Bitdefender is another great beginner-friendly antivirus. It doesn’t present tons of options to confuse you, and like any good antivirus should, it sits quietly in the background protecting your PC. There’s also no bundled junk to watch out for during the installation.

Once you’ve activated Bitdefender, click the gear icon at the top of the window and select Account info. Disable the Display notifications with special offers option to prevent popups for the paid version of Bitdefender from showing up. After that, you shouldn’t need to pop open its panel again.

Panda Free Antivirus Panda is a solid third-party antivirus. It includes a few “special offers” during installation and you must disable its ads, but doing so is easy enough so we’ve included it in the fifth spot here.

When you install it, make sure to uncheck the three boxes to avoid installing Panda’s useless browser extension and changing your homepage and search provider. Panda will ask for an email address to create an account when you launch it, but you can close this as the app works fine without it.

Once you have Panda installed, you need to flip one setting to disable all annoyances. Open the app and click the Menu icon in the upper-left corner of the window. Select Settings and scroll down to the bottom of the General tab. Uncheck Show Panda news and Show relevant security news here.

Now Panda will keep quiet unless it detects a problem. Plus, Panda doesn’t pile a load of extra garbage into its free offering. Since it’s a cloud antivirus, this makes for a relatively light package.

Avira Avira is one of the “big three” antivirus providers (along with Avast and AVG), and arguably the least annoying of them. As long as you avoid installing the extra junk, it’s a relatively light antivirus. However, while we didn’t see any in our testing, some users have reported that Avira occasionally displays a popup advertising its premium product. Thus we excluded it from the main list above, but still included it here in case you hate all five of the above solutions.

When you head to Avira’s download page, make sure you download the Free Antivirus and not Free Security Suite when offered. The latter packs in a ton of bloat that you don’t need.

Once Avira starts installing, avoid installing any of the extra nonsense. Don’t click Install for free on any of the extras like Avira Safe Shopping and Avira System Speedup. You can click the Skip all text in the upper-right and wait for Avira to finish up the install.

If you dig into Avira’s settings by clicking the Settings gear in the bottom-left of the program’s window, you can select General, then turn off Acoustic alerts and Warnings if you wish. These are actual problems that you may want notifications for, however.

We are all aware of the recent headlines about major data breaches of personal information and similar cyber incidents, from the theft of 145 million records from a major credit reporting agency to reports about ransomware shutting down businesses. But of all the data that is at risk, a breach of our health information is probably the most concerning.

Does your business manage healthcare data? If so, contact our cyber security experts for a free security audit!

•  Health data is very personal and may contain information we wish to keep confidential (e.g., mental health records) or potentially impact employment prospects or insurance coverage (e.g., chronic disease or family health history).
• It is long living – an exposed credit card can be canceled, but your medical history stays with you a lifetime.
• It is very complete and comprehensive – the information health care organizations have about their patients includes not only medical data, but also insurance and financial account information. This could be personal information like Social Security numbers, addresses or even the names of next of kin. Such a wealth of data can be monetized by cyber adversaries in many ways.
• In our digital health care world, the reliable availability of accurate health data to clinicians is critical to care delivery and any disruption in access to that data can delay care or jeopardize diagnosis.

The privacy and security of health information is strictly regulated in the U.S. under federal laws, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA), but also through various state laws and laws protecting individuals against discrimination based on genetic data.

Unfortunately, health data breaches are only too common. For 2016, the U.S. Department of Health and Human Services reported a total of 450 health care data breaches affecting more than 27 million patients, with the 10 largest incidents accounting for half of the breached records alone (13 million). And, most concerning, more than half of all breaches were due to external cyberattacks, as opposed to accidental exposure due to human error or loss of devices.

Looking at recent examples of health care security incidents will show a wide spectrum of events and underlying motivation by the cybercriminal. We have seen reports of employees at hospitals browsing through medical records out of curiosity or posting information about patients on social media. There have also been cases in which an individual’s identity, financial or insurance information is stolen for personal gain ‒ for example to take out a mortgage or to receive medical services in somebody else’s name (and on somebody else’s insurance).

The incidents that have broader impact and affect more patients are the theft of medical records and attempts to extort health care organizations by threatening the release of stolen data. Also, health care institutions have been affected by ransomware, with some deciding to pay up and others not, choosing instead to accept the impact on patient services and loss of income.

For health care providers and insurers, there is typically no limitation for patients to disclose information about their health. Just as any patient can (and mostly should) share concerns about their health with family and friends, any patient can now easily share anything they want with the world via social media or join an online support group. Although these are generally positive steps that help an individual with health concerns find support and receive advice, we now need to be much more conscious about what we share and where it ends up.

How large is your social network, and who gets to see what you are sharing? Who is hosting the support group you just joined and what is their commitment to data privacy? Many sites, especially if hosted by reputable organizations, are safe. But how do you know what, or if any, of your information may get shared and analyzed for marketing or other purposes?

By no means should this advice be interpreted against sharing or seeking support online. The more we know, the better prepared we are, and the better health care decisions will we be able to make. The wealth of information we can derive from the internet has led to a more educated patient population that is much more capable of being engaged and part of the healing process.

However, concerns about your health care provider’s ability to protect your data should not lead to patients withholding information. Even in this digital age, the patient-doctor trust relationship is still the most important aspect of our health care system – and that trust goes both ways: patients need to trust their providers with often intimate and personal information, and providers need to know that their patients are not withholding anything due to privacy concerns.

We have entered the new age of digital medicine and almost universal availability of information, leading to better diagnosis and more successful treatments, ultimately reducing suffering and extending lives. However, this great opportunity also comes with new risks and we all – health care providers and patients alike – need to be conscious about how we use this new technology and share information.

The best smart home devices are dramatically bringing your dumb household into the future, letting you control everything from the front door lock to the bedroom lights with a phone, tablet or even a smart speaker. Below are the best rated Smart Home devices of 2017! Nebula Consulting was one of the first Smart Home installers in New England. If you would like a free consultation with one of our engineers, contact us today!

Smart Energy Monitoring: Curb Energy

CURB is the most powerful and intelligent integrated hardware/software system for visualizing and managing energy in residential and commercial settings. 18 dedicated sensors give you real-time information about your home’s power consumption, electrical vehicle charging and solar production. Integration with Samsung’s SmartThings platform enables you to directly control appliances on the go.

Smart Light Bulbs: Philips Hue

One thing that you might want to do as soon as you decide to make your home a smart home is switch out the light bulbs – something easier said than done considering how many different options out there. Of them all, however, we think the best smart light bulbs are Philips Hue range of smart bulbs.

Smart Thermostat: Nest Learning Thermostat 3rd Gen

A thinner, sleeker design. A bigger, sharper display. The 3rd generation Nest Learning Thermostat is more beautiful than ever. With Farsight, it lights up when it sees you coming and shows you the time or temperature from across the room. And the Nest Thermostat is proven to save energy. That’s the most beautiful part.

Smart Security Camera: NetGear Arlo Q

Home security is an important thing to consider, and there are a ton of connected security cameras out there. One of the best is the NetGear Arlo Q, because of the fact that it has a nice design and reliable motion-detection that starts recording when it detects an object moving about. If you buy the camera, you’ll also get a free basic 7-day cloud recording service, and you can access that recorded footage through the accompanying app – which is excellently designed.

Smart Power Switch: iHome ISP5 Control Smart Plug

While there are great smart replacements for many devices, a much simpler option is simply using connected plugs in your power outlets. Doing so will give any device that plugs into a power outlet basic smart features like the ability to turn the device on and off, or the ability to monitor the device's power usage. It's Wi-Fi enabled, and works with HomeKit, Nest and Wink – so it should play nice with your other smart home devices.

Smart Lock: August Smart Lock 3rd Gen

Make your front door smarter with the most advanced and complete solution on the market. Go keyless to lock and unlock your door from anywhere with your phone. Give keyless entry to family, friends or even the dog walker. Lock and unlock your door, control keyless access, and keep track of who comes and goes, all from your phone. The 24/7 activity log means you’re always in the know. The lock easily attaches to your existing deadbolt so you can still use your regular keys.

Smart Doorbell: SkyBell HD Silver WiFi Video Doorbell

SkyBell HD is a High-Definition, video doorbell connected to your home Wi-Fi that lets you see, hear, and speak to visitors at your door simply by using your smartphone or tablet - even if you're not at home. With a 1080p camera, full-color night vision, motion sensor and live alerts - SkyBell HD will conveniently give you peace of mind when answering the door without compromising your safety. And even when you don't answer, SkyBell HD will record video to your cloud account as soon as the button is pressed or motion is detected. So, you'll always know who's at your door.

Smart Smoke Detector: Nest Protect

Nest doesn’t just make great smart thermostats: it also offers smoke alarms, which can connect to the rest of your smart home. That said, the Nest Protect looks great, and it offers great connectivity through Wi-Fi and IFTTT. Nest Protect has been redesigned from the inside out. It has an industrial-grade smoke sensor, can be hushed from your phone, tests itself automatically, and lasts up to 10 years. And just like the original Nest Protect, it also tells you what’s wrong and can even alert your phone.

Smart Flood Sensor: D-Link Wi-Fi Water Sensor

This smart wireless water sensor that helps keep your home safe. It will help you detect water damage before serious problems occur. Get alerted when water is detected in basements, sinks, near a water heater, dishwashers, in a bathroom or anywhere there might be moisture.

In the digital era, every company is considered a technology company. Whether you provide electricity, banking or public transportation, you are increasingly dependent upon the internet and network connectivity. If all companies are technology companies, that means all companies need to prioritize cyber security as a strategic imperative to ensure they are connected, digitized and successful. Every organization should focus on two cyber security fundamentals: Understand what’s going on, and know the simple actions you can take to facilitate better cyber security in your environment. We can leverage the network to enable both of these fundamentals. To do so requires good network hygiene.

We’ve been working to draw attention to the hidden security risks organizations face by not properly maintaining their aging infrastructures and patching vulnerable systems. The trends lead us to believe we should expect to see more of this activity in the future – with widespread attacks that target not only traditional servers and endpoints, but also the network itself. This future activity will bring with it significant consequences affecting not just enterprises but entire industries.

An organization can no longer make the assumption that its network infrastructure is secure. Factors such as TA16-250A, WannaCry, the Presidential Executive Order, the Modernizing Government Technology Act of 2017 and the recent Equifax breach make it clear that attacks are escalating and business leaders must be proactive and demonstrate security diligence. Infrastructure of the past was not built to withstand the threats of today’s landscape. It is crucial that every organization – regardless of industry – verifies the security and cyber resilience of their network infrastructure that drives their business and, collectively, our global economy and national security.

Although it’s expensive to incorporate updates, the costs of ignoring aging infrastructure can be potentially devastating – in the form of lost data, revenue and customers, destruction of service and, ultimately, consumer trust. It is crucial to update and regularly patch all hardware and software within a network to enable proper and safe connectivity, communication, operations and overall management. Waiting to take action and hoping that you will not be breached is no longer an option in today’s world.

Systems that were designed, built and deployed in decades past didn’t anticipate the hostile security environment of today. Until now, very few have thought about securing infrastructure because they didn’t think adversaries would target these systems and devices, or they had “higher priorities” to fix. This must change.

Outdated components and software provide an opportunity for attackers to breach networks ‒ increasing risks for unpatched machines and some legacy operating systems at end of support. Be sure to choose trustworthy vendors and technologies that allow the network administrator to verify devices are genuine, unmodified and operating as intended.

Keeping your network up to date provides a place for visibility, policy and control for the things that are coming online. Visibility helps us understand day-to-day behavior. It’s crucial to leverage the network to segment assets and functions in order to reduce exposure and create observations and control points. This helps execute on the second fundamental I mentioned above – know the simple actions to take to facilitate better cybersecurity in your environment. When things are out of the ordinary, the network can enforce security policies that allow the right users and devices to get the right access and contain the impact of a potential attack.

Every organization must assess the overall strength and cyber resilience of their deployed infrastructure and systems. This process likely will be eye-opening, but it’s a necessary reality check. Organizations that proactively improve their security posture will be better positioned to meet today’s threats and prepare for tomorrow’s challenges and opportunities.

If you would like to speak one of Nebula's security experts, please contact us.