AVAR Conference is organized by the Association of anti Virus Asia Researchers (AVAR – http://www.aavar.org) every year in a different city in Asia region. This year the conference was held in Hangzhou, China. We sent two proposals for a presentation. And both of them were accepted – “Injecting custom payload into signed Windows executables” by Igor Glucksmann (AVAST) and “Your Every Click Counts (But All the Money Goes to Me)” by Lukas Hasik & Jan Sirmer. We spent a week in China at this conference at the beginning of November. Let me share a few photos and comments with you.
We reserved a little bit of time to recover from the jet-lag after more than 11 hours on plane to Shanghai. So we had some time to discover a bit of China.
Hangzhou is a very nice city, or at least I really enjoyed the West Lake. And there is no better way to enjoy it more (in China) than on a bike, of course.
Financial malware threatens our banks and the safety of our personal identify and hard-earned money. Evidence from private research suggests that most endpoint security solutions offer minimal to no protection against financial malware. However, in a new test, avast! Internet Security provided 100% protection against banking malware.
They say that you can never have too much good advice. So in addition to the excellent set of Safe Holiday Shopping Tips we provided last week, here are three more simple rules of the road for safe and worry-free online experience this holiday season.
1. You can do more online and through mobile; just don’t do it differently. Doing more of what you normally do isn’t as much a risk as doing different things than you normally do. Try not to change your actual behavior, even though you’re doing more shopping and browsing online and through mobile. The less you stray from your normal habits, then the less likely you’ll encounter malicious sites, apps, or messages, and the less you’ll fall victim to fraud and other scams.
2. Scrutinize unusual messages. Be wary when receiving unsolicited or odd messages – even from people you know – and be especially wary if you do decide to act on them. Just like email viruses used to troll your address books, today’s malware will access your social networks. An odd message through your social network may well mean that your friend has been hacked. There will be plenty of scams and attacks that purport to be great last-minute deals, fake holiday cards that ask you to forward along to all your Facebook friends, confirmations or verifications for transactions you never made, and even fake warning messages about scams to avoid. All of these are just different attempts to get you to click on a link.
3. Don’t log in on a page you got to from an outside link. If a message takes you to a login page for a service that you use, look closely at the URL before entering your credentials. Better yet: just go to the site using your bookmarks or standard “www.xyz.com” address rather than signing in on the page you got to from a link.
What a weird positive we’ve just spotted on CNET’s Download.com…
Avast Software received an “AV-TEST CERTIFIED” seal for avast! Free Antivirus in the latest test-round from the AV-TEST Institute, an independent testing lab in Germany. Avast! Free Antivirus detected 100% of widespread and prevalent malware (such as viruses, worms or Trojan Horses), and its cumulative score earned it the top spot for overall performance among other free and a number of paid-for solutions competitors.
During September and October 2012, the Institute evaluated 24 home user and 8 business internet security products covering a range of metrics, including protection against ‘real-world’ zero-day malware attacks ( very simply, a previously unknown vulnerability) , detection of a representative set of malware discovered in the last 2-3 months, false positive rates, and scanning speed.
The results in three tests for detection of malware were outstanding, especially in a field crowded with paid-for alternatives. Avast! Free Antivirus was equal to expensive security suites and outshined the majority with a score of 100% in October “real-world” detection rates, and achieved a perfect 100% in tests to detect widespread malware. Read more…
Starting this week, we have made most of our Avast antivirus products and solutions free for use by schools and libraries in the US. This is just the first step and if it is successful, we will extend it worldwide. We are doing this for a couple of reasons. First, even though schools need security products, in these tough budget times, they need the ability to focus their spending on teaching. A couple of us here at Avast used to run the government and education sales at Symantec some years ago. We know that schools spend a lot on security—money that could be better spent on teaching.
Black Friday offers deep discounts and enticing deals, but holiday shoppers who venture out into the cold, dark night must have brave hearts, steely resolve, and pointed elbows. Far away from the crowds of frenzied shoppers, those of us who prefer to shop online, wearing our fluffy bathrobes and drinking hot chocolate, face our own set of dangers.
Here are some online shopping tips to help you remain safe and secure:
Choosing the Merchant
- Stick with what you know – Use websites that you know are legitimate. If you visit an unfamiliar one, check the avast! WebRep rating to make sure it’s trustworthy. A quick search for reviews, complaints, or scams related to the site will help you too.
- Make sure the site is secure – Look for the closed padlock icon on your browser’s address bar or a URL address that begins with shttp or http. This indicates that the purchase is encrypted or secured. Read more…
Potentially Unwanted Program – that’s what PUP stands for. You probably already had a chance to meet some PUPs on a Windows PC, but how does a PUP look on an Android phone? How will you know how to handle it? All of this will be explained here.
When a PUP alert attacks you, don’t panic.
For starters, it’s just a warning. It’s not a standard virus and, no, your life is not in danger. PUP detections were made to warn people when a suspicious component or ability is detected within the application.
Let’s say you downloaded an app that’s called “Christmas Carols” (don’t panic about that, either; it’s still a month and a half till Christmas) and a PUP warning hits you. The detection name reads “Android:SpyPhone-E [PUP]”. What should you do? Well, what I would do is to sing Silent Night to that app and wave goodbye while uninstalling it. Why? Well, it’s an app that’s supposed to play Christmas carols and not “SpyMyPhone” or whatever that PUP warning says.
Question of the week: A new program I downloaded was put into the Sandbox by avast!. What is a Sandbox and how does it work? The avast! Sandbox is a special security feature which allows you to run potentially suspicious applications automatically in a completely isolated environment. Programs running within the sandbox have limited access to your files and system, so there is no risk to your computer or any of your other files. This feature is connected to the FileRep cloud feature which identifies new files for additional analysis. So now we are able to warn you even before we have had the opportunity to examine this malware in our Virus Lab. Here’s how it works: By default, if an application is started and avast! detects anything suspicious, it will automatically run the application in the Sandbox. The advantage of running an application in the Sandbox is that it allows you to check suspicious applications while remaining completely protected against any malicious actions that an infected application might try to perform. The browser or other application will then open in a special window with a red border, indicating that it is being run inside the Sandbox. When the Sandbox is closed, it will be restored to its original state and any downloaded files or changed browser settings will be automatically deleted. You can change the AutoSandbox settings, so that avast! will ask you first before putting an application in the Sandbox. In the settings, the AutoSandbox can also be disabled completely, or you can specify any files or applications that should be excluded and never run automatically in the Sandbox. In the “Browser Protection” tab, you can further specify that your browsers should always be run in the Sandbox to ensure you are protected while surfing the web. To learn more about the AutoSandbox, please read our previous blog, AutoSandbox – why are you annoying me? You can ask questions, make comments, learn about security issues, or just say hello on our avast! Antivirus page on Facebook. Over 2 million people have “liked” us. Will you please Like avast! today?
No doubt you have heard about the scandal which prompted the resignation of America’s top spy, CIA Director David Petraeus. The celebrated retired Army general stepped down after confessing to an extramarital affair with his biographer Paula Broadwell. The downfall came when the two got caught exchanging secret love letters through an email account, but as you can read from any news source, the plot continues to thicken.
According to a law enforcement official investigating the case, Petraeus and Broadwell adopted a trick used by al-Qaida terrorists and sneaky teenagers to conceal their illicit correspondence. They composed emails in an anonymous Gmail account, but instead of sending them, they left the messages in the draft folder. That way, they could read and respond to messages without leaving anything to track.
Well, as we know, nothing stays private for very long on the interwebs. Read more…