“In the cross hairs of anonymous”
The hacktivist group Anonymous announced phase one of a massive cyberattack, called Op USA, on U.S government and banking websites scheduled for next Tuesday, May 7. The White House, the NSA, and the FBI are included on a list of high profile government targets, and 133 financial institutions including the Bank of America, Wells Fargo, and Citibank are listed as banking targets.
Communicating through Pastebin on April 21, an Anonymous spokesperson stated, “Anonymous will make sure that this May 7th will be a day to remember.” They wrote that the reason for the attack is “…multiple war crimes in Iraq, Afghanistan, Pakistan…”.
Anonymous posted a list of targets and mapped out the method of attacks writing, “You can not stop the internet hate machine from doxes, DNS attacks, defaces, redirects, ddos attacks, database leaks, and admin take overs.” Read more…
Question of the week: I have avast! Free Antivirus on my computer and I love it, but isn’t antivirus for a smartphone overkill? I mean, there are not so many threats to a phone, are there?
This is a question being asked by lots of security firms lately, and the answer is a resounding, YES. As smartphones and tablets become increasingly popular, so do threats that target mobile devices exclusively. Two particular studies published lately have pointed to an increase in mobile malware over the past year.
Android is in the bull’s eye
Results of the AV-Comparatives 2013 Security Survey (pdf) are in, and once again AVAST leads among consumer preferences. Since AV-Comparatives is an independent testing firm, we always look forward to what they have to say. Here are some highlights:
According to survey respondents, AVAST remains the most widely used antivirus solution worldwide, claiming first place as the most used computer antivirus in Europe and South/Central America.
We are also glad to report that AVAST is the only brand to be among the top three most-used brands in all four global regions surveyed.
At the time this survey was conducted, AVAST was protecting just over 184 million PCs, Macs, and mobile devices.
To make the above news even better, the survey’s respondents requested AVAST as their top interest for future testing. Read more…
By now, avast! users are aware of the importance of creating strong computer passwords, and guarding their Social Security number like a trained Doberman. But what about the humble four-digit personal identification number (PIN)? PINs are security features just like passwords. They give access to your mobile phone, credit card, bank account, and numerous other things. My garage door opener even has a keypad and PIN. Because it’s the key that unlocks so many doors, literally and figuratively, it pays to keep your PINs safe.
Here are some things to remember when choosing a PIN:
- Be more original than 1234. One in 10 people use this number combination. Together with 1111 and 0000, these three combinations make up nearly 20% of PINs. Think of it this way, if you find an ATM card on the floor, you have a 1 in 10 chance of getting the correct number if you type 1-2-3-4 .
- Using your birthdate as a PIN is a bad idea. Everyone carries their driver’s license in their wallet with their ATM card. The birthday information gives a wallet thief both the lock and key in a convenient location. One study said that one out of 15 wallet thief victim’s also had their ATM raided!
- Forget about your address too. Your house or apartment number is also printed on your driver’s license, so it’s easily found.
- Keep LOVE in your heart, not on your phone. 5683, which spells out “love” on the keypad is very popular. Use a less popular word, maybe 9278, which spells “wart.”
Here are some tips to secure (and remember) your PIN:
- Use the bank assigned number. Just don’t write it on your ATM card.
- An old phone number, student or work ID is good, as long as they’re not listed anywhere.
- Choose a meaningful number. The score of the big game (your favorite basketball team won 80-58, so the PIN is 8058).
- Base the number on a phrase instead of a word, such as 2432 for “Avast is FREEking awesome” (AIFA).
- Hide the number in a fake contact. If you have too many PINs to remember, make up a fake contact with a fake phone number and keep it in your phone. Just don’t let the battery run out!
A serious new vulnerability notice about Java exploits has been issued by the Department of Homeland Security’s Cybersecurity Division. Java 7 Update 10 and earlier contain a vulnerability that can allow a remote attacker to execute malware on vulnerable systems.
A French researcher called Kafeine discovered that a number of websites using the exploit are able to download files directly to the victim’s computer, and execute actions such as installing ransomware. “Hundreds of thousands of hits daily where i found it,” he wrote on his blog. “This could be a mayhem.”
Disable Java in web browsers
Some webpages may include content or apps that use the Java plug-in. There is no fix for this yet, so it is recommended that you protect yourself by disabling Java in your particular browser. Please see our previous blog How do I disable Java in my browser for instructions.
For a higher level of security, it is possible to entirely prevent any Java apps from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab. Disabling Java through the Java Control Panel will disable Java in all browsers.
Last month we wrote about a flaw in Microsoft’s Internet Explorer that could allow cybercrooks to take control of a Windows-based computer if the user browses to a malicious website. The website making news for that attack was the US-based think tank, the Council on Foreign Relations (CFR). Avast Virus Lab has since discovered that two Chinese human rights sites, a Hong Kong newspaper site, a Russian science site, and weirdly, a Baptist website (see the recent tweet) are also infected with the Flash exploit of IE8.
You can imagine the interesting audience that frequents sites such as these. The CFR, for example, attracts high ranking government officials including former presidents and secretaries of state, ambassadors, journalists, and leaders of industry. These sites were chosen on purpose; instead of targeting the general masses, like in a phishing attack, the perpetrators of a so-called “watering hole attack” target specific topics like defense or energy and lie in wait for persons of interest to visit, similar to a predator at a watering hole waiting for its victims to come to it. Read more…
A flaw in Microsoft’s Internet Explorer (IE) 6, 7 and 8 could allow hackers to take control of a Windows-based computer if the user browses to a malicious website. Security Advisory 2794220 was issued over the weekend and soon after a team blog reported that, “We are only aware of a very small number of targeted attacks at this time. This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an email or instant message.”
Microsoft has made a temporary fix available for the zero-day vulnerability until it can deliver a formal patch.
Be particularly careful if you are using versions 6, 7 or 8 of the IE browser. Versions 9 and 10 are not affected by the vulnerability. Check which version of IE you’re running by opening IE, click the Help question mark icon on the right and choose About Internet Explorer. To upgrade an older version of IE, go to Start > Control Panel > Windows Update.
We recommend switching browsers for a more secure one like Google Chrome. In addition to being more secure than IE 8, it is also faster and supports HTML 5, giving you a better browsing experience. Download free Google Chrome here.
Congratulations on your wonderful gift, and Merry Christmas! You are wise to think about security for your tablet, because cybercrooks are producing malware for these devices in increasing numbers.
avast! Mobile Security prevents malware and viruses on Android devices at no cost to you. You get Anti-theft protection, remote control and remote memory wipe, plus privacy reports, anti-spyware, network management, Web protection and a firewall. avast! Free Mobile Security is available for download either via Google Play (Android Market) or our website.
Once you have downloaded, do not forget to set your PIN Recovery in the ‘Settings’ section. The PIN Recovery feature is the way to get access to your device in case you lose or forget your avast! PIN. You have to set it in Settings or on the avast! Portal. You can use the avast! Portal for controlling your device remotely in case it is stolen. For this operation your device must be paired with your avast! account – if you do not have one, please sign in on dedicated pages.
Have fun with your new Galaxy tablet, and please share avast! Antivirus with your friends. Happy New Year!
The latest version of Android 4.2, code-named “Jelly Bean” has been released some time ago. While being just an incremental update to the major 4.0 release “Ice Cream Sandwich”, Google introduced some major new features within that update. While offering multi-user support and improved notifications, a new feature which is being promoted heavily, is the built-in app scanner which should protect Android devices from being infected by malware.
The client side app scanner of Android 4.2 is the next step in Google’s attempts to protect their Android ecosystem from malware threats, after introducing Bouncer, a server-side malware scanner used by Google to analyze apps that are being uploaded to Google Play Store. Bouncer was announced in February 2012 and is Google’s approach to prevent malware from being uploaded to the Google Play store as a first line of defense.
Now, some authors claim that third party mobile security tools are most likely not needed anymore, because Google now already pre-checks all mobile apps. I’ve been closely monitoring all those changes and improvements because I wanted to make my own mind on how successful these attempts by Google would be and to find out how our Android antivirus scanner delivered within our free avast! Mobile Security suite (http://www.avast.com/free-mobile-security) would stack up to what the operating system vendor itself would be able to provide.
Since months before the release of avast! Mobile Security in December 2011, our virus lab was working on setting up the initial state of our Android malware database. The database contains signatures of all the malicious files our virus lab guys find over time and is being extended day-by-day to contain definitions of the newest threats in real-time. Currently, tens of millions of Android devices owned by our users download those definitions every day to their avast! client side scanners. So I just went to our virus lab and asked the guys there to provide me with some statistics on the growth of our Android malware database.
As I already stated, Bouncer was thought to be the first line of defense, and tries to protect the main source of app downloads from malicious offerings. Could it be that as a result of introducing Bouncer, our malware database stopped growing or started to decline in size when Bouncer was introduced? Has Google been successful? See for yourself:
Android Malware Database History (Click to enlarge)
Obviously, since February 2012, our Android malware growth has not started to decline; it has not even stalled its growth, but has been continuously growing since that point in time. Read more…
AVAST Software has teamed up with Facebook to help you and your friends stay safe. AVAST is sharing its Virus Lab data with Facebook in the combined attempt to prevent malware being shared unknowingly by Facebook users. Whenever someone clicks a link within Facebook, Facebook checks the URL in the AVAST cloud, in real time. If the URL is infected, the user sees a message warning of the potential threat.
Nearly half of the world’s Internet users log onto Facebook each month to share interesting things, play games, check in to shops and restaurants, tag photos, and most of all, connect with their friends. Facebook’s networks of more than a billion people make it attractive to cybercrooks who try to gain access to our accounts and passwords. Once in, crooks use our connections to spread hoax messages or malicious apps to our friends, attempting to trick them into sending money or sharing personal information. Who among us hasn’t been curious about celebrity death rumors, tempted by free gift cards, or concerned because our friend was mugged and stranded in a foreign country?
“We’ve seen that the most prominent way of spreading malware now is through links to infected websites, rather than the traditional method of emailing infected files,” said AVAST Software CEO Vince Steckler. “Our Virus Lab has tracked about 2 million infected websites just in the last 12 months and the best way to stop these infections is to prevent links to them being shared.”
Over 160 million people use avast! for their PCs, Macs and Android devices, and they work together in a vast network of anonymous security sensors called CommunityIQ. These sensors provide information about possible suspicious files which allow new threats to be detected and neutralized almost as soon as they appear.
“Nothing is more important to us than the safety of our users and their data. Beginning today, Facebook will be able to leverage Avast’s feed of malicious URLs to augment our existing site integrity systems and those in our community will be able to download Avast’s software to better protect themselves and their devices. We look forward to working with Avast to provide an even more secure experience for those who use our service,” said Joe Sullivan, CSO of Facebook.