Few years back a group of bad guys from Estonia had neat idea how to get between you and the sites you want to visit on internet. They created malware which was named by AV companies DnsChanger. The main purpose of the malware was to change DNS servers your computer uses for the name to ip address translation to the servers operated by the criminals. This way they can intercept your traffic and eventually monetize it. The gang was later arrested and the servers confiscated by FBI. And there lies the problem, because FBI was ordered by the court that they must turn off these servers on Monday July 9th 2012. There are still about 300 000 computers around which are using the wrong DNS servers, so although the probability you’re one of them is quite low, it’s better to be safe than sorry and check if it may concern you.
The new version is 7.0.1451 and contains the following totally new features:
- WebRep now supports Opera
- SiteCorrect module for the detection of unwanted websites
And, in addition to the new features, our developers have made the following modifications:
- Changes in the AutoSandbox module
- Outlook plugin redesign
- Windows 8 compatibility updates
- Emergency Updater
- Improvements to Remote Assistance (support for UAC prompts, etc.)
- Improvements to avast! SafeZone™ (protection against kernel-mode keyloggers, updated SafeZone Browser, clipboard sharing, etc.)
We offer very special thanks to our developers, our QA team, and most importantly our loyal users, who have for many years provided us with great constructive feedback. Anyone can complain, but avast! users consistently amaze us with their new ideas.
For more technical info, please visit http://forum.avast.com/index.php?topic=100247.0
For the millions of you who have avast! already installed, just open your avast! control panel, then go to Maintenance -> Update Program
Or, you may download the new update file directly here http://files.avast.com/iavs5x/avast_free_antivirus_setup.exe
Yesterday, LinkedIn started investigating a password leak, followed by online dating site eHarmony, and now online music streaming site LastFM has announced on their blog that they too are investigating the leak of user passwords. As a precautionary measure, they are advising all their users to change their passwords immediately. You can do that here.
Yesterday, a Russian hacker reportedly stole 6.5 million LinkedIn passwords and 1.5 million passwords from eHarmony. It is not yet known if the hacking incidents are related.
It’s worth repeating the password tips my colleague Jindrich Kubec wrote in an earlier blog post.
A simple 5 step procedure for creating new passwords:
- Avoid anything ‘personal’ such as names and birth dates – see this list for examples of passwords to avoid
- Avoid overly complex passwords as you don’t want to write them down
- Don’t reuse passwords anywhere – leaks will happen in the future and you don’t want a single leak giving the bad guys keys to all the online services you use
- Longer passwords are always better
- Beware the phishers: always ensure you’re doing sensitive operation on the legitimate site, under a secure and verified connection. I’d also recommend never clicking on links in emails to update sensitive information Instead, manually enter the site and make changes.
Yesterday, password databases from two popular websites were leaked in an underground forum popular with computer hackers. 6.5 million passwords from LinkedIn and a further 1.5 million passwords from internet dating site eHarmony were divulged following attacks on these sites.
LinkedIn has already acknowledged the leak, and have said they are changing the algorithm for storing sensitive data and will email users instructions on how to reset password.
This issue was discovered and researched by us; we have been in contact with Microsoft engineers for the past few months to fix this problem. The aim of this blog post is to explain the problem, the risks, and possible consequences of the fix.
With the introduction of our new mobile product, avast! Free Mobile Security, we officially entered the mobile security business. While most of the feedback we have seen to date has been very positive, some of the reviews and comments on the Android market indicate that some people are a bit confused about the product and its features. This blog post was meant to explain some of the concepts and hopefully help resolve some of the confusion. It is structured as questions and answers. If you have additional questions, please feel free to post a comment below or head to our forum.
1. Why should I install a security product on my phone? There’s no viruses anyway, right?
First, it’s important to realize that the product goes well beyond malware protection. Components like Anti-theft, Firewall, SMS and call filtering and Application management are very useful irrespective of the malware situation and are all a good reason to install the product.
However, even the malware situation is not that great. To date, we have registered about 4,000 unique apps that exhibit malicious behavior. Most of them were pulled from the market relatively soon (some didn’t even make it to the market), but we dare to say that we can detect them faster.
Also, some of the threats are completely platform independent. A great example is phishing. Here’s how it works: you are sent a link to a website that looks and feels exactly like your online banking site, but in fact it’s a fake site whose purpose is to capture your credentials and steal your money. This has been a long-time classic on the desktop, but as people start browsing the web using their mobile devices it’s also becoming a problem here. Therefore, it does make sense to have an app that will alert you whenever you do something stupid like this (in case of avast! Mobile Security, the Web Shield component takes care phishing URL filtering). Especially given it’s free.
When a fire blazes, a thief strikes or a cup of coffee spills, having a backup copy of your computer files is a major relief. Hardware can be replaced, but retrieving precious photos, your extensive music collection and the past few years’ tax returns – well, not so simple – until now.
Avast! BackUp is an online backup and recovery service that allows you to select sets of data or individual files you want to back up. For example, if you only want to back up your music, you could choose files with .mp3 extensions, or, like me, if you want a backup of Outlook to preserve work contacts, you can choose Outlook email and contacts. For a second level of protection you can also back up to a local external drive.
History fans can do more than just learn about a vanished empire in the Sahara. When they visit Archaeology.org, the online publication of the Archaeological Institute of America, they can also pick up malware via an infected advertisement on the page.
“It’s a blackhole attack through advertisements, OpenX in this case,” confirmed Jiri Sejtko, senior virus analyst at the AVAST Virus Lab. “Here it is: OA_output['16'] += “<”+…. document.write(\’<”+”iframe src=\”hxxp://hdfh11.coom.in/main.php?page=423b262d0a1a9f70\”
OpenX is an open-source platform for exchanging advertisements. The blackhole toolkit is, in a nutshell, a system for delivering a wide range of malware. “It could be almost anything, for example a worm or fake antivirus,” added Jiri.
This latest bit of malware was uncovered by computer users researching the hotlinks on a recent National Geographic article http://news.nationalgeographic.com/news/2011/11/111111-sahara-libya-lost-civilization-science-satellites/ and the Discover magazine article Satellite Photos Show Ancient Saharan Fortresses of a Lost Empire. Read more…
Yes, most of us complain about all the seemingly unnecessary changes that Facebook initiates far more often than we’d like (just about the time we figure out how to navigate everything)… but it’s good to remember that Facebook is a free service. Of course some will argue that nothing is really ‘free’, but at least +140 million active avast! Community members know differently.
Some of you will remember the days of Rolodex. Mine was typically overfilled with business cards and scraps of paper – taped, glued, or even stapled in place. Sometimes a few ‘creative’ oversized business cards or paper scraps would clog up the ‘machine’, and maintaining changes to phone numbers, addresses, and job titles was always a major problem.
So Facebook, for me, was a welcome change. All my contacts keep their own info updated, and I can find them at any time via the search box. And my Facebook account serves 4 key purposes:
The recent passing of Steve Jobs prompted several conversations in the office, or at least in the Marketing/PR department, about old technologies and how/where they’ve gone. We’re amazed if/when we stumble onto a computer with an old floppy-disk drive nowadays, but in 2006 when I moved to Prague I actually brought a few old 3.5″ disks with me, as they had some stuff on them that I’d not yet saved elsewhere. I remember that by 2009 I had a difficult time finding anyone – even among my IT friends – who had a floppy drive, and fortunately I was able to find one at Anglo-American University Library, where my librarian friends were kind enough to let me use it, to at least save everything to an external USB drive.
In spirit, I could be like Henry David Thoreau, living out my days reading and writing by lamplight in an old cabin in the woods (not at Walden Pond, but somewhere in neighboring Slovakia’s High Tatra Mountains), with no electricity or plumbing. But I really do like electronic gadgets, even though I may be many years behind the mainstream in terms of adoption – i.e., I’ve still never played with a smartphone or a GPS device, and foursquare is to me a game I played in elementary school.
What I would rather play with is my ’81 Gibson Les Paul through an old tube amplifier… making it louder until the volume knob is around 7… and then dialing in that sweet distortion one finds between 7 and 10 (at least on my little ‘60s Epiphone amp) and playing until sunrise, until my fingers start to bleed. Read more…