Most computer users know that they need an antivirus to protect their machines from the many threats of the modern web. While there are plenty of free antivirus programs, many of them stay free by constantly bugging you to upgrade to the paid version or installing some unnecessary browser extension. If you’re installing an antivirus for a novice computer user, you don’t want them confused by all kinds of nagging popups. Even advanced users get tired of these.

To this end, we’ve picked out some free antivirus suites that don’t constantly nag you or install a bunch of unnecessary junk. We’ve started with the cleanest solutions and end with a few that have popups by default, but are easily disabled by flipping one setting.

Windows Defender Let’s start with the default antivirus in Windows 10. Windows Defender had some issues in its infancy, but it’s grown into a solid antivirus with several pros in its corner.

One of the biggest reasons to use it is the complete lack of nag screens. There’s no premium version of Windows Defender, so you won’t ever see a popup asking you to pay for it. Windows Defender sits quietly and does its job, only alerting you if there’s an issue. You don’t have to worry about any “special offers” with this solution, either. Finally, Windows Defender updates through Windows Update, which is automatic in Windows 10.

Sophos Home Sophos isn’t one of the biggest names in antivirus programs, but it’s still an excellent contender. You’ll have to register for an account before you download the antivirus, but it’s a small inconvenience for a nag-free antivirus tool. The installer is pretty large, so it might take several minutes to get it set up.

Once Sophos is ready, you’ll find that opening it results in a simple panel with no ads. Click Manage My Security to open Sophos’s website, where you can sign in and manage how the antivirus runs. Open the Configure tab, and you can even set up basic web filtering for your computer. You can block or issue a warning for categories like gambling, violence, and alcohol.

Immunet The open source antivirus ClamAV has been around on Linux for a while, and developers have ported it to other platforms too. The standard Windows client hasn’t seen an update in over a year. However, ClamAV recommends you try Immunet, a full antivirus published by Cisco and powered by ClamAV’s engine.

Immunet doesn’t have a paid version, so there’s zero nag screens or bloatware to worry about. What makes this antivirus unique is that it’s community-based — if the app detects an infection on someone’s system, it automatically blocks it for everyone else who uses Immunet. Even better, it only takes up a few MB of space.

Bitdefender Antivirus Free Bitdefender is another great beginner-friendly antivirus. It doesn’t present tons of options to confuse you, and like any good antivirus should, it sits quietly in the background protecting your PC. There’s also no bundled junk to watch out for during the installation.

Once you’ve activated Bitdefender, click the gear icon at the top of the window and select Account info. Disable the Display notifications with special offers option to prevent popups for the paid version of Bitdefender from showing up. After that, you shouldn’t need to pop open its panel again.

Panda Free Antivirus Panda is a solid third-party antivirus. It includes a few “special offers” during installation and you must disable its ads, but doing so is easy enough so we’ve included it in the fifth spot here.

When you install it, make sure to uncheck the three boxes to avoid installing Panda’s useless browser extension and changing your homepage and search provider. Panda will ask for an email address to create an account when you launch it, but you can close this as the app works fine without it.

Once you have Panda installed, you need to flip one setting to disable all annoyances. Open the app and click the Menu icon in the upper-left corner of the window. Select Settings and scroll down to the bottom of the General tab. Uncheck Show Panda news and Show relevant security news here.

Now Panda will keep quiet unless it detects a problem. Plus, Panda doesn’t pile a load of extra garbage into its free offering. Since it’s a cloud antivirus, this makes for a relatively light package.

Avira Avira is one of the “big three” antivirus providers (along with Avast and AVG), and arguably the least annoying of them. As long as you avoid installing the extra junk, it’s a relatively light antivirus. However, while we didn’t see any in our testing, some users have reported that Avira occasionally displays a popup advertising its premium product. Thus we excluded it from the main list above, but still included it here in case you hate all five of the above solutions.

When you head to Avira’s download page, make sure you download the Free Antivirus and not Free Security Suite when offered. The latter packs in a ton of bloat that you don’t need.

Once Avira starts installing, avoid installing any of the extra nonsense. Don’t click Install for free on any of the extras like Avira Safe Shopping and Avira System Speedup. You can click the Skip all text in the upper-right and wait for Avira to finish up the install.

If you dig into Avira’s settings by clicking the Settings gear in the bottom-left of the program’s window, you can select General, then turn off Acoustic alerts and Warnings if you wish. These are actual problems that you may want notifications for, however.

We are all aware of the recent headlines about major data breaches of personal information and similar cyber incidents, from the theft of 145 million records from a major credit reporting agency to reports about ransomware shutting down businesses. But of all the data that is at risk, a breach of our health information is probably the most concerning.

Does your business manage healthcare data? If so, contact our cyber security experts for a free security audit!

•  Health data is very personal and may contain information we wish to keep confidential (e.g., mental health records) or potentially impact employment prospects or insurance coverage (e.g., chronic disease or family health history).
• It is long living – an exposed credit card can be canceled, but your medical history stays with you a lifetime.
• It is very complete and comprehensive – the information health care organizations have about their patients includes not only medical data, but also insurance and financial account information. This could be personal information like Social Security numbers, addresses or even the names of next of kin. Such a wealth of data can be monetized by cyber adversaries in many ways.
• In our digital health care world, the reliable availability of accurate health data to clinicians is critical to care delivery and any disruption in access to that data can delay care or jeopardize diagnosis.

The privacy and security of health information is strictly regulated in the U.S. under federal laws, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA), but also through various state laws and laws protecting individuals against discrimination based on genetic data.

Unfortunately, health data breaches are only too common. For 2016, the U.S. Department of Health and Human Services reported a total of 450 health care data breaches affecting more than 27 million patients, with the 10 largest incidents accounting for half of the breached records alone (13 million). And, most concerning, more than half of all breaches were due to external cyberattacks, as opposed to accidental exposure due to human error or loss of devices.

Looking at recent examples of health care security incidents will show a wide spectrum of events and underlying motivation by the cybercriminal. We have seen reports of employees at hospitals browsing through medical records out of curiosity or posting information about patients on social media. There have also been cases in which an individual’s identity, financial or insurance information is stolen for personal gain ‒ for example to take out a mortgage or to receive medical services in somebody else’s name (and on somebody else’s insurance).

The incidents that have broader impact and affect more patients are the theft of medical records and attempts to extort health care organizations by threatening the release of stolen data. Also, health care institutions have been affected by ransomware, with some deciding to pay up and others not, choosing instead to accept the impact on patient services and loss of income.

For health care providers and insurers, there is typically no limitation for patients to disclose information about their health. Just as any patient can (and mostly should) share concerns about their health with family and friends, any patient can now easily share anything they want with the world via social media or join an online support group. Although these are generally positive steps that help an individual with health concerns find support and receive advice, we now need to be much more conscious about what we share and where it ends up.

How large is your social network, and who gets to see what you are sharing? Who is hosting the support group you just joined and what is their commitment to data privacy? Many sites, especially if hosted by reputable organizations, are safe. But how do you know what, or if any, of your information may get shared and analyzed for marketing or other purposes?

By no means should this advice be interpreted against sharing or seeking support online. The more we know, the better prepared we are, and the better health care decisions will we be able to make. The wealth of information we can derive from the internet has led to a more educated patient population that is much more capable of being engaged and part of the healing process.

However, concerns about your health care provider’s ability to protect your data should not lead to patients withholding information. Even in this digital age, the patient-doctor trust relationship is still the most important aspect of our health care system – and that trust goes both ways: patients need to trust their providers with often intimate and personal information, and providers need to know that their patients are not withholding anything due to privacy concerns.

We have entered the new age of digital medicine and almost universal availability of information, leading to better diagnosis and more successful treatments, ultimately reducing suffering and extending lives. However, this great opportunity also comes with new risks and we all – health care providers and patients alike – need to be conscious about how we use this new technology and share information.

The best smart home devices are dramatically bringing your dumb household into the future, letting you control everything from the front door lock to the bedroom lights with a phone, tablet or even a smart speaker. Below are the best rated Smart Home devices of 2017! Nebula Consulting was one of the first Smart Home installers in New England. If you would like a free consultation with one of our engineers, contact us today!

Smart Energy Monitoring: Curb Energy

CURB is the most powerful and intelligent integrated hardware/software system for visualizing and managing energy in residential and commercial settings. 18 dedicated sensors give you real-time information about your home’s power consumption, electrical vehicle charging and solar production. Integration with Samsung’s SmartThings platform enables you to directly control appliances on the go.

Smart Light Bulbs: Philips Hue

One thing that you might want to do as soon as you decide to make your home a smart home is switch out the light bulbs – something easier said than done considering how many different options out there. Of them all, however, we think the best smart light bulbs are Philips Hue range of smart bulbs.

Smart Thermostat: Nest Learning Thermostat 3rd Gen

A thinner, sleeker design. A bigger, sharper display. The 3rd generation Nest Learning Thermostat is more beautiful than ever. With Farsight, it lights up when it sees you coming and shows you the time or temperature from across the room. And the Nest Thermostat is proven to save energy. That’s the most beautiful part.

Smart Security Camera: NetGear Arlo Q

Home security is an important thing to consider, and there are a ton of connected security cameras out there. One of the best is the NetGear Arlo Q, because of the fact that it has a nice design and reliable motion-detection that starts recording when it detects an object moving about. If you buy the camera, you’ll also get a free basic 7-day cloud recording service, and you can access that recorded footage through the accompanying app – which is excellently designed.

Smart Power Switch: iHome ISP5 Control Smart Plug

While there are great smart replacements for many devices, a much simpler option is simply using connected plugs in your power outlets. Doing so will give any device that plugs into a power outlet basic smart features like the ability to turn the device on and off, or the ability to monitor the device's power usage. It's Wi-Fi enabled, and works with HomeKit, Nest and Wink – so it should play nice with your other smart home devices.

Smart Lock: August Smart Lock 3rd Gen

Make your front door smarter with the most advanced and complete solution on the market. Go keyless to lock and unlock your door from anywhere with your phone. Give keyless entry to family, friends or even the dog walker. Lock and unlock your door, control keyless access, and keep track of who comes and goes, all from your phone. The 24/7 activity log means you’re always in the know. The lock easily attaches to your existing deadbolt so you can still use your regular keys.

Smart Doorbell: SkyBell HD Silver WiFi Video Doorbell

SkyBell HD is a High-Definition, video doorbell connected to your home Wi-Fi that lets you see, hear, and speak to visitors at your door simply by using your smartphone or tablet - even if you're not at home. With a 1080p camera, full-color night vision, motion sensor and live alerts - SkyBell HD will conveniently give you peace of mind when answering the door without compromising your safety. And even when you don't answer, SkyBell HD will record video to your cloud account as soon as the button is pressed or motion is detected. So, you'll always know who's at your door.

Smart Smoke Detector: Nest Protect

Nest doesn’t just make great smart thermostats: it also offers smoke alarms, which can connect to the rest of your smart home. That said, the Nest Protect looks great, and it offers great connectivity through Wi-Fi and IFTTT. Nest Protect has been redesigned from the inside out. It has an industrial-grade smoke sensor, can be hushed from your phone, tests itself automatically, and lasts up to 10 years. And just like the original Nest Protect, it also tells you what’s wrong and can even alert your phone.

Smart Flood Sensor: D-Link Wi-Fi Water Sensor

This smart wireless water sensor that helps keep your home safe. It will help you detect water damage before serious problems occur. Get alerted when water is detected in basements, sinks, near a water heater, dishwashers, in a bathroom or anywhere there might be moisture.

In the digital era, every company is considered a technology company. Whether you provide electricity, banking or public transportation, you are increasingly dependent upon the internet and network connectivity. If all companies are technology companies, that means all companies need to prioritize cyber security as a strategic imperative to ensure they are connected, digitized and successful. Every organization should focus on two cyber security fundamentals: Understand what’s going on, and know the simple actions you can take to facilitate better cyber security in your environment. We can leverage the network to enable both of these fundamentals. To do so requires good network hygiene.

We’ve been working to draw attention to the hidden security risks organizations face by not properly maintaining their aging infrastructures and patching vulnerable systems. The trends lead us to believe we should expect to see more of this activity in the future – with widespread attacks that target not only traditional servers and endpoints, but also the network itself. This future activity will bring with it significant consequences affecting not just enterprises but entire industries.

An organization can no longer make the assumption that its network infrastructure is secure. Factors such as TA16-250A, WannaCry, the Presidential Executive Order, the Modernizing Government Technology Act of 2017 and the recent Equifax breach make it clear that attacks are escalating and business leaders must be proactive and demonstrate security diligence. Infrastructure of the past was not built to withstand the threats of today’s landscape. It is crucial that every organization – regardless of industry – verifies the security and cyber resilience of their network infrastructure that drives their business and, collectively, our global economy and national security.

Although it’s expensive to incorporate updates, the costs of ignoring aging infrastructure can be potentially devastating – in the form of lost data, revenue and customers, destruction of service and, ultimately, consumer trust. It is crucial to update and regularly patch all hardware and software within a network to enable proper and safe connectivity, communication, operations and overall management. Waiting to take action and hoping that you will not be breached is no longer an option in today’s world.

Systems that were designed, built and deployed in decades past didn’t anticipate the hostile security environment of today. Until now, very few have thought about securing infrastructure because they didn’t think adversaries would target these systems and devices, or they had “higher priorities” to fix. This must change.

Outdated components and software provide an opportunity for attackers to breach networks ‒ increasing risks for unpatched machines and some legacy operating systems at end of support. Be sure to choose trustworthy vendors and technologies that allow the network administrator to verify devices are genuine, unmodified and operating as intended.

Keeping your network up to date provides a place for visibility, policy and control for the things that are coming online. Visibility helps us understand day-to-day behavior. It’s crucial to leverage the network to segment assets and functions in order to reduce exposure and create observations and control points. This helps execute on the second fundamental I mentioned above – know the simple actions to take to facilitate better cybersecurity in your environment. When things are out of the ordinary, the network can enforce security policies that allow the right users and devices to get the right access and contain the impact of a potential attack.

Every organization must assess the overall strength and cyber resilience of their deployed infrastructure and systems. This process likely will be eye-opening, but it’s a necessary reality check. Organizations that proactively improve their security posture will be better positioned to meet today’s threats and prepare for tomorrow’s challenges and opportunities.

If you would like to speak one of Nebula's security experts, please contact us.

Cyberattacks are a serious threat to businesses and consumers, with large-scale attacks having nationwide effects, thus making national security a serious concern. Contact Nebula's security experts for a free security audit for your business. Kaspersky Lab’s investigation reports that more than 100 banks across the world suffered up to $1 billion losses from a cyber attack back in 2013, including financial institutions from Russia, the United States, China, Germany and Ukraine. Carbanak, the malware used in these attacks, infiltrated and extracted data and exploited weaknesses in Microsoft Office files sent through emails.

The 2017 Ponemon Cost of Data Breach study revealed that the global average cost of a data breach is $3.62 million, making breaches some of the most expensive threats organizations can face.

Cybersecurity Ventures predicts that by 2021, cybercrime damages will cost up to $6 trillion annually.

Forms and Impacts of Malware

Different forms of malware have existed throughout the years, and the most recent variants are much stronger and more aggressive than before. Here are some recent examples:

Ransomware Ransomware is a type of malware that locks the victim’s system, extracts data and encrypts it. The hacker will then threaten to publish the data or keep it in a perpetual lockdown unless the victim pays a ransom.

Recent examples are WannaCry and Petya. WannaCry shocked the world when it infected more than 200,000 computers in more than 150 countries. Within the initial hours of the attack, 48 National Health Service organizations in the UK had to turn patients away or delay medical procedures. In the U.S., FedEx delivery services were delayed. Spain’s major telecoms and gas companies also suffered, as well as France’s Renault. Even the Russian Interior Ministry and Megafon, a telecom company, were impacted. The hackers reportedly ransomed more than $1 billion, not including damages.

Petya was first discovered in 2016 and resurfaced in 2017, using designs from WannaCry to effectively target systems. While giant businesses such as Merck, Maersk and Rosnoft were affected the attack specifically targeted Ukraine. An infrastructure breach in the country resulted in disruption of power, airports, public transit and even its central bank; the breach caused unprecedented effects in both economy, civic welfare and national security.

Banking Trojans Banking trojans are highly specific forms of trojans written for the purpose of stealing confidential banking information; they wait in a victim’s system and steal login credentials.

Zeus is one of the most pervasive and damaging banking trojans to date. A 2010 white paper by Unisys reported that Zeus is responsible for 44 percent of banking attacks and infected 3.6 million computers in the United States alone. A total of 960 banks and almost 90% of Fortune 500 companies fell victim. The financial damages were estimated to be about $100 million. However, its real impact is still undetermined due to its scope.

Since the “retirement” of its creator in 2011 and the successive leak of its source code, Zeus has spawned many imitators and variants.

Point Of Sale (POS) Trojan A POS trojan targets both businesses and consumers; it steals customer data from electronic payment systems such as debit and credit cards. POS machines in stores are also vulnerable.

Kaptoxa is a famous trojan that exposed the payment data of more than 70 million Target customers. The trojan escaped most security detection at the time and managed to remain in POS machines for days.

Tips to Protect Your Business

Be Aware As a business owner, you should be the first one to know the types of cybersecurity threats your company might face. A false sense of security is often the source of weak systems. Knowing what is out there and how to protect your business is a necessity.

Secure Your Network Firewalls are your first line of defense against cyberattacks. Your business connects to the internet via different applications such as email, VoIP and media streaming. Your firewall should monitor threats coming from different connections. Also, consider setting up a private network to have more control over your security.

Invest in Security A simple installation of antivirus is not enough. Your business’ assets should be protected by multiple layers of security. Antivirus, anti-malware, and anti-ransomware suites are some of the tools your business should have. These applications can also evaluate the weakness of your security system.

Keep Everything Up to Date Once the security system is in place, make sure that you have regularly scheduled updates. Malware rapidly evolves and your security applications need patches and updates to detect any attacks from new forms of threats. Similarly, run a regular update of your system drivers, operating systems and applications.

Encrypt Your Data In case hackers breach your security, your next level of protection is encryption. Encryption encodes your data, making it useless to third-party attacks. Most software companies offer encryption applications suitable for your needs.

Protect Your Hardware While the internet poses immense threats, your hardware is not safe either. Stolen hard drives, laptops and even thumb drives with company information may just be the vulnerability the bad guys are waiting for. Strong security in your business premises is a necessity, protecting not only physical assets but your data as well.

Develop a Security Policy More often than not, it’s people who are the greatest security threats. An employee who accidentally clicks the wrong link may cost you your business. Integrate security policies in your company operations. Educate your employees about the threats and how to prevent them. Workshops are available to help you strengthen the knowledge of your colleagues and employees against cybersecurity attacks.

Enforce Strong Passwords Password security should be a strictly enforced. Anything accessed in the company, from emails to bank accounts, should be protected by a strong password. Typically, a strong password should be a sentence that is at least 12 characters long. Focus on sentences that are easy to remember and/or pleasant to think about – on many sites, you can even use spaces!

Have an Emergency Response Plan Even with all your protection, the worst can still happen. Set up company guidelines on how to detect possible attacks, what to do during attacks and how to proceed afterward. The sooner you stop the attack and contact the authorities, the less damage an attack will cause.

Back Up Your Files Backups, which should have their own security system, can save you the pain of starting from scratch. In case an attack happens, your next priority is to get your business back to normal operations as soon as possible. Regularly updated backups can help you get things running again with minor losses.

Conclusion

Small and medium-sized businesses are common targets of attacks, as they can be used as gateways to gain access to bigger companies. With today’s heavily connected world, an attack on another business can put yours at risk. Stay updated on the current cybersecurity threats and how to prevent them. Make sure your company is always ready for a cybersecurity attack.