Android Mediaserver vulnerability looks similar to the Stagefright bug.
Android owners may recall the Stagefright bug, the “worst ever Android vulnerability yet discovered”. That malware exposed a billion (that’s nearly every) Android device on the face of the earth to malware.
The latest critical bug has similarities to Stagefright, but exists in Android’s mediaserver. Google warns that an attacker could use the bug to remotely run malware hidden in video or audio.
In an announcement published in the Nexus Security Bulletin for January, Google said it has fixed 12 vulnerabilities affecting Android versions 4.4.4 to 6.0.1. Five are rated as critical security bugs. Partners were notified about and provided updates for the issues on December 7, 2015 or earlier, said the post.
“The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files.”
How to protect yourself from the Android bug
Your home and the devices in it will be a viable target for cybercrooks in 2016.
Back in the good ol’ days of the early 2000s until just a few years ago, all we had to be concerned about was security on our desktop computers and laptop. In the intervening years, mobile devices have become so ubiquitous that hackers have turned their sights on them, especially Android devices.
But starting in 2015, everyone began to realize just how close to home cybersecurity really is. Home networks are the new gateway, and 2016 will be the year that vulnerabilities in the Internet of Things (IoT) and wearable devices combined with weak home router security will lead to personal attacks.
The weak link is your home router
“The security situation with home routers is actually pretty bad,” Ondrej Vlcek, COO of Avast told Fast Company. “Most of the companies do a relatively good job of . . . patching the vulnerabilities, but the problem is that no one updates the firmware in the routers. The user doesn’t at all, and usually the ISP doesn’t either.” He added that we saw the most attacks on routers by far in 2015.
“Right now, attackers are targeting routers en masse,” said Pavel Sramek, an Avast Virus Lab research analyst. “It’s highly probable that they’ll expand their target list to network-attached storage and “smart” TVs as well, since the security aspect of these devices has been almost completely neglected by their manufacturers so far.”
“Many of the companies and engineers don’t really think about security,” says Vlcek. Data, for example, is often transmitted without any encryption, making it easy to steal or fiddle with.
Since this is the time of year to look forward, I asked several of our Avast Virus Lab research analysts about what to expect in 2016 for home networks, wearable devices, and all the gadgets that make up the Internet of Things.
Back in May, I pulled my new copy of Entertainment Weekly out of the mailbox and flipped through it quickly, as I usually do before sitting down to read the whole thing. An article about an unusual premier of a new TV show called Mr. Robot caught my eye. The cyberthriller’s pilot episode was set to make its debut online and through alternative viewing services like Xfinity On Demand, iTunes, Amazon Instant Video, XBOX, and Google Play almost a month earlier than its USA Network television debut on June 24.
The next Monday morning, I shared the news about the show with my colleagues, and we all vowed to watch the new drama about a cybersecurity expert who joins an underground hacker group, as soon as we could. We hoped it would be a more realistic version of the security issues we face today than CSI: Cyber or any number of Hollywood movies. We even contemplated having a weekly viewing party with Avast Virus Lab researchers and getting their comments live, a la Mystery Science Theater 3000, if the show was good.
A twist in the plot
The very next day after the initial discussion, one of my colleagues, and regular blog writer, Stefanie Smith, received an email from a Mr. Robot production staff member asking if we would be interested in having an Avast antivirus product make an appearance on one of the upcoming episodes. At the time, a few weeks before the pilot episode even aired, this was a difficult call – but our decision to be a part of the show, even for a brief moment, proved to be the right one.
Mr. Robot has consistently been named one of 2015’s best TV shows, and it received Golden Globe nominations for Best Series, Best Actor for Rami Malek, and Best Supporting Actor for Christian Slater.
We didn’t watch it together with the Virus Lab guys, but every week after the show, we got their expert opinions about the hacks depicted on Mr. Robot. Here’s some of our favorite moments from season one:
When I was checking my Facebook News Feed this morning, I found this message.
It seems one of my friends was very excited because Facebook founder, Mark Zuckerberg, was scheduled to give away 4.5 million shares of Facebook stock at midnight. To enter this lottery-like giveaway, all you had to do was copy and paste the message to your own news feed. The message, and variations like it, go on to say that the winners will be announced live on today’s Good Morning America. Read more…
Merry Christmas! Happy Holidays! Seasons Greetings!
All of us at Avast raise our glass in a toast to all of you, the global community of people who help us keep cyberspace secure. You motivate us everyday, and we wish you the happiest of holidays and a New Year full of joy, peace, and security. Cheers!
Avast Wi-Fi Finder saves your data and roaming fees by locating safe and reliable connections.
Everyone loves free Wi-Fi. You can surf the web, check your email or newsfeed, make Skype video calls across the world, or stream games, movies, and music – without eating up your data plan. That’s a great deal! Or is it?
The problem with free Wi-Fi hotspots is they can’t be trusted to be safe and keep your data secure. Cybercrooks can eavesdrop on your conversations and even break in to steal personal information.
When you need to find safe Wi-Fi, use Avast Wi-Fi Finder
Our new mobile app, Avast Wi-Fi Finder, lets you instantly search for available networks on the map or browse through a list. Wherever you are in the world, you can always find a safe connection, because after a successful beta test, we launched the app with nearly 800,000 networks in our database. The more people who use Avast Wi-Fi Finder, the bigger and better that database will become.
Internet-connected toys gather data on the user and have weak security compared to other computer products.
Digital devices and toys like cameras, smartwatches, and tablets may be on your child’s Christmas wish list. But more parents are having second thoughts about placing these items under the tree, because Internet-connected toys gather data on the user and have weak security compared to other computer products.
6 million children’s accounts taken by a hacker
This weakness was made very public during the Black Friday shopping bonanza, when a Hong Kong-based digital toy company called VTech lost databases of more than 6 million children and almost 5 million connected parental accounts to a hacker.
By putting the databases together the hacker was able to retrieve personally identifiable information like children’s names, ages, and genders, and even pictures and chat logs were found. Parents’ names, email addresses, secret questions and answers, IP addresses, encrypted passwords, and mailing addresses were also accessed. Supposedly the breach did not include credit card or financial account information exposure.
Protect your credit cards from theft and fraud with these simple tips.
At this time of the year, your credit cards see a lot of action – online and at the stores. Credit card fraud takes place every day, but in the holiday shopping season you need to be extra diligent to keep cybercooks from getting hold of your cards and card numbers. Here are six easy tips that even the least tech-savvy among us can follow.
Keep a record of your cards
Some people scan their cards and save the copies on their laptop, others write all the numbers down and keep them in a safe place. Whatever method you choose, keep a record of your account numbers, their expiration dates and the phone number to report fraud.
Watch your accounts closely
When online shopping, it’s safer to use a credit card than a debit card. Credit cards come with consumer protections against fraud that debit cards do not have. Check your account regularly during the season for any strange charges and report the activity as soon as you can. Many companies have toll-free numbers and 24 hour service if you lose your card.
Another good practice is to use a single credit card for your online purchases. It’s easier to manage the account, as well as your holiday gift spending budget, without lots of other miscellaneous charges cluttering the statement.
SafePrice protects your privacy while finding the best online prices.
The holiday shopping season is upon us and shoppers are flocking to the Web to find online deals and coupons. Shopping extensions for your web browser can help you find the best prices, but how do you know you are finding a great deal from a SAFE and trusted retailer?
There are several shopping tools that can help you find the lowest price from around the web, but I’ll start with the one that finds low prices and guarantees the safety and integrity of the online shop – Avast’s very own SafePrice.
SafePrice find the best deals from TRUSTED online shops
Instead of visiting price comparison sites first, all you do is go to your favorite online store and pick out what you want to buy. SafePrice checks the price against thousands of verified stores, then displays the best deals and coupons at the very top of your browser. The bar is invisible when you’re not shopping.
Avast users already have SafePrice installed. If you are not an Avast user, but wnat to use it to find trusted stores, then add the extension to Chrome from the Chrome Web Store.
Avast is the official Windows 10 consumer security software provider.
Yesterday, Microsoft released the first major update to Windows 10 for PCs and tablets since its initial release in July. It’s so large and improves so many features that it has been categorized as a whole new version instead of merely a patch or service pack.
Many of the features that have been in preview mode, including Cortana and Microsoft Edge, have significant upgrades. Additional capabilities in Cortana are only available in the USA for now. Improvements were also made to Mail and Calendar, Maps, Groove, Photos, Skype, and Xbox.
The Microsoft company blog states, “With this update, there are improvements in all aspects of the platform and experience, including thousands of partners updating their device drivers and applications for great Windows 10 compatibility.”
Avast 2016 is compatible with Windows 10
Avast is the official Windows 10 consumer security software provider. For best results with the new version of Windows 10, please make sure you also upgrade your Avast antivirus protection to the latest Avast 2016 version.
Avast is a recipient of the Windows 10 Compatibility Award from AV Comparatives.
image via windows.microsoft.com