Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘unsecured WiFi’
October 15th, 2014

“Poodle” security hole has a nasty bite

poodles

“Poodle” bites on open WiFi networks with multiple users.

A security hole called Poodle could allow hackers to take over your banking and social media accounts.

Yesterday, Google researchers announced the discovery of a security bug in version 3 of the Secure Sockets Layer protocol (SSLv3). This web technology is used to encrypt traffic between a browser and a web site, and can give hackers access to email, banking, social accounts and other services.

Poodle bites multiple users in unsecure open WiFi networks, like the ones you use at coffee shops, cafes, hotels, and airports.

“To exploit the vulnerability, you must be running javascript, and the attacker has to be on the same network as you—for example, on the same Starbucks Wi-Fi network you’re using,” explained Kim Zetter in a WIRED article.

Avast experts strongly recommend that our users protect themselves when using free WiFi with avast! SecureLine VPN.

Poodle is not considered as serious a threat as this past spring’s Heartbleed bug which took advantage of a vulnerability in OpenSSL, and or last month’s Shellshock bug in Unix Bash software.

SSLv3 is an outdated standard (it’s a decade and a half old), but some browsers, like Internet Explorer 6, and older operating systems, like Windows XP, only use the SSLv3 encryption method. Google’s security team recommends that systems administrators turn off support for SSLv3 to avoid the problem, but warns that this change will break some sites.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

February 23rd, 2014

Protect yourself NOW from Apple Security flaw

Apple iPhone, iPad, and iPod users: Update your mobile operating system iOS now to patch a serious SSL encryption bug that opens you wide to a “man-in-the-middle-attack,” (MITM)  especially when you use unsecured WiFi, for example at a cafe, hotel, or airport, even at your home. The flaw is “as bad as you could imagine” says one cryptography expert.

What is protected and what’s not

The 7.0.6 update is for all devices that can run iOS 7;  iPhone (4 and later), iPod touch (5th generation) and iPad (2nd generation).

The iOS 6.1.6 update is for the iPhone 3GS and fourth-generation iPod touch.

ATTENTION: The bug still exists in Apple’s Mac OS X 10.9.1 desktop operating system and there is no patch for it at this time.

IMG-main-ios-smHow to update your iOS

  1. 1. Plug the device into your computer
  2. 2. Open iTunes
  3. 3. Click the device name
  4. 4. Click the button that says, “Check for update”

The best protection is VPN

This security flaw allows a cybercrook to use an insecure WiFi connection to put a man electronically “in the middle” of the transactions you make on your iPhone or iPad to intercept data.

“The flaw is in SSL, and the easiest way to exploit that is via unsecure/public WiFi,” said Ondřej Vlček, AVAST’s COO told Apple users in San Francisco before the annual RSA conference begins. “avast! SecureLine VPN for iOS can protect against the Apple security bug.”

The MITM attack gives them access to the information you thought was secure like credit card numbers. The best protection is to plug that hole with a VPN product.

How to get avast! SecureLine

avast! SecureLine VPN is available as a monthly or yearly subscription for iOS in the Apple App Store.

Watch this video for more information on avast! SecureLine VPN

 

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.