That question was answered with a resounding YES by college football star Laremy Tunsil. A hacked Twitter and Instagram account cost that falling sports star an estimated $13 million. Don’t let your easy-to-crack passwords cost you. Use a password manager or follow our tips for strong passwords.
Avast Free Antivirus has nearly 100% detection rate and no false positives.
Wondering if Avast Free Antivirus is worth the price? We understand that when it comes to “free” things, you mostly get what you pay for. But in the case of Avast Free Antivirus, our free security product is better than pricey premium antivirus products!
Every day, 50,000 infected unique URLs of HTTPS-protected websites are detected and blocked. Scientists from the Concordia University in Montreal, Canada, have tested 14 antivirus programs offering HTTPS scanning and found that these programs create more security problems than they actually solve. There was only one exemption from this: Avast. The only issue mentioned in their study is a lack of revoked certificates checking by Avast, which has been in the market since November 2015 and is fixed in 2016 products.
What’s the deal with these “you won something” texts?
I recently received a text message saying an iPhone 6s is waiting for me. I normally delete these messages, but this time I was curious… I have been considering upgrading from my iPhone 5 for a while now J. So, I decided to consult with my friend, Avast senior malware analyst Jan Sirmer and see what would happen if I believed the text.
How did they get my number?
The first question I had about this was: How did they get my number? “A computer probably sent it to you,” said Jan. How did a computer get my number? “There are programs that allow computers to send text messages to a bunch of numbers at once. They probably use the same area code and the rest of the digits in the number are generated by the program.”
LinkedIn members' login credentials are being sold on the dark web.
The 2012 breach of social networking site LinkedIn, has come back to haunt us. That breach resulted in 6.5 million members' credentials being stolen. Articles published in the last day report that the number was way short of reality - it's actually more than 167 million email and password combinations - or nearly all the members of LinkedIn.
Avast Antivirus solutions protect against Locky ransomware.A brief update on Locky, the latest ransomware targeting PCs:
Beware of emails from random email addresses with subject lines like “Upcoming Payment – 1 Month Notice”. These emails typically come with a zip attachment that attackers have created to run a script that downloads and runs the now well-known ransomware, Locky. These phishing emails prove that Locky is not going anywhere anytime soon.
The emails are written in typical phishing style. The attacker tries to entice a potential victim to read the email and subsequently download the attachment. Attackers seem to be targeting small and medium sized businesses, to gain access to valuable company data.
Content of the email.
Last week, Talos discovered multiple vulnerabilities in 7-Zip, a popular, open source file archiver. The vulnerabilities are particularly severe as many products, including antivirus software, implement 7-Zip in their software. When vulnerabilities are found, it is the responsibility of software owners to patch them. However, these patches are useless, unless users update their software.
Avast is not affected by these vulnerabilities, but if you are a non-Avast user we recommend you update your antivirus software, if you haven’t done so already.
About the vulnerabilities
The two vulnerabilities found are CVE-2016-2335 and CVE-2016-2334. The first vulnerability is an out-of-bounds read vulnerability, which exists due to how 7-Zip handles Universal Disk Format (UDF) files and could allow attackers to remotely execute code.
The second vulnerability is an exploitable heap overflow vulnerability, found in the Archive::NHfs::CHandler::ExtractZlibFile method functionality. In the HFS+ file system, files, depending on their size, can be split into blocks. There is no check to see if the size of the block is bigger than size of the buffer, which can result in a malformed block size which exceeds the buffer size. This will cause a buffer overflow and heap corruption.
What you should do
As mentioned above, it is up to software publishers to provide their users with vulnerability fixes, but these are futile if users don’t take action and update their software. It is vital that you frequently update all software, including your operating system, on a regular basis.
Avast Passwords gives you easy, secure access to all your passwords, PINs and login credentials.
Avast Passwords is an app that helps you to safely store each of your PIN codes, passwords and login details safely in one place. Instead of needing to memorize each of your login credentials, Avast Passwords allows you to keep them together in one secure place and access them safely.
Most of popular botnet Andromeda’s (also known as Gamarue) distribution channels have been discovered and analyzed by antivirus vendors. This has forced Andromeda’s distributors to come up with a new attack strategy to continue to drop Andromeda binaries onto PCs.
Meanwhile at the Andromeda headquarters…
Operator: “Captain, all of our distribution channels have been discovered!”
Captain: “Report the loss..”
Operator: “Email scams, exploit kits, everything is known to the public.”
Captain: “Operator, let’s start with plan N!”
Operator: “Roger that, captain”
Before we dive into Andromeda’s new tactic, I’d recommend you to read this article by fellow security researchers from Stormshield, which describes one of Andromeda’s most recent phishing campaigns. We have observed similar Andromeda email phishing campaigns. Most of the emails we have seen seem to be targeting Germans and Italians. However, these two target groups seem to be too clever to fall for the bait, as they are not the top infected users.
Some of the popular subject lines used to target Germans and Italians are “Your current bill” and “A nude photo of you has appeared on the Internet”.
An Android Trojan is spying on its victims and even tricking some into giving up their credit card information.
Most of today’s malware authors create malware for one of two reasons: either to make money or to steal valuable data. In this blog post, we will show how an Android Trojan relies on social engineering.
Social engineering tactics are used to trick people into performing an action, like clicking on a link or downloading an application. The person being tricked thinks they are doing something innocent when they are really clicking on or downloading something malicious. This malware is associated with the banker family as it tries to steal user's credit card information.
Once installed, the Banker Trojan puts an icon in the launcher. The app name shown with the icon can vary from sample to sample -- some of the names we have seen were : AVITO-MMS, KupiVip and MMS Центр (MMS Center).