Last Friday, Adobe confirmed two new “critical” zero-day flaws in the Adobe Flash Player browser plugin 126.96.36.199 – and earlier versions – for Windows, Mac OS X, and Linux. Today, a third flaw was found. Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messages.
We recommend disabling Flash until the bugs are fixed.
Security experts say the two flaws were found in stolen files that were dumped earlier this month from Hacking Team, an Italian security firm that sells communication interception and surveillance software to governments around the world. The third one came from the same documents.
“Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system,” Adobe said in their blog. “Depending on the privileges associated with the user account targeted, an attacker could install programs on the system, alter or delete data, create new accounts with similar user rights, or cause a denial-of-service.”
When your computer slows to a crawl, it is very frustrating. One of the worst things that people do when trying to restore the performance of their PC is to remove the security software. Getting rid of your protective barrier just opens you up to threats that could make things even worse.
So you know that you need a security product on your computer, but you don’t want any software to impact the speed or performance. That’s why an excellent choice is Avast antivirus products.
Avast provides high detection rates and good protection against malware, but it does not degrade system performance or annoy users by being resource hungry.
But don’t take my word for it.
AV-Comparatives, a well-known and trusted third party testing lab, recently tested 20 antivirus and internet security products. Avast Free Antivirus topped every single one of them – paid security suites and free antivirus protection – and received an Advanced Plus three star award for the May 2015 Performance Test.
Reasons why your PC may be slow
It is not always security software that is responsible for a slow system. Other factors can play a role, which means that with a few tweaks your systems performance can be improved.
It usually happens after you download something free. You go back online and your browser suddenly looks unfamiliar. There’s new buttons and weird icons in the place of what you used to have. A strange search page from a company you have never heard has taken the place of your homepage.
How did I get that annoying toolbar?
You have inadvertently downloaded a browser toolbar that came bundled with other software.
Free programs, like Adobe Reader, often include add-ons like toolbars or browser extensions. Most of the time, during the installation of the software, an opt-out option will be presented for the add-on. But, lots of people click through without reading, and when they’re finished they discover they have downloaded something they didn’t intend to.
To keep this from happening in the first place, slow down and read the screens. You could save yourself lots of time and headaches if you do.
One of the largest e-commerce platforms, Magento, has been plagued by hackers who inject malicious code in order to spy and steal credit card data or any other data a customer submits to the system. More than 100,000+ merchants all over the world use Magento platform, including eBay, Nike Running, Lenovo, and the Ford Accessories Online website.
The company that discovered the flaws, Securi Security, says in their blog, “The sad part is that you won’t know it’s affecting you until it’s too late, in the worst cases it won’t become apparent until they appear on your bank statements.”
Data breaches are nothing new. The Identity Theft Research Center said there were 761 breaches in 2014 affecting more than 83 million accounts. You probably recall the reports of Sony, Target, Home Depot, and Chic Fil A.
We have heard lots about what we as individual consumers can do to protect ourselves: Use strong passwords, update your antivirus protection and keep your software patched, learn to recognize phishing software, and be wary of fake websites asking for our personal information.
But this kind of hack occurs on trusted websites and show no outward signs that there has been a compromise. The hackers have thoroughly covered their tracks, and you won’t know anything is wrong until you check your credit card bill.
So how do you minimize the risk of online shopping?
Here’s your wrap up of security and privacy related news from the June 17 – 27 posts on the Avast blog:
It’s summertime in the Northern Hemisphere and many people are going on or planning their vacation. Beware of fake vacation packages and beautiful rental properties that are not as they seem. These Vacation scams can ruin your holiday, so read up before you become a victim.
More than 600 million Samsung phones were reported to be at risk because of a vulnerability found in the keyboard app SwiftKey. The best way to protect yourself is to use a virtual private network (VPN) when using an unsecured Wi-Fi hotspot. If you have a Samsung S6, S5, or S4, you need to read Samsung phones vulnerable to hacker attack via keyboard update.
Cybercrooks run their organizations like businesses these days. They have multinational offices, marketing departments, business development, and technical support teams. Maybe they also need some security…
Malware entrepreneur sentenced to 57 months in prison
One such malware entrepreneur, Alex Yucel, sold malware through a website that he operated, to other hackers. The Blackshades malware allowed hackers to remotely control their victims’ computers. They could do such things as log the victim’s keystrokes, spy through webcams, and steal usernames and passwords for email and other services. They could also turn their computers into bots which were used to perform Distributed Denial of Service (DDoS) attacks on other computers, without the knowledge of the victim.
Manhattan U.S. Attorney Preet Bharara said: “Alex Yucel created, marketed, and sold software that was designed to accomplish just one thing – gain control of a computer, and with it, a victim’s identity and other important information. This malware victimized thousands of people across the globe and invaded their lives. But Yucel’s computer hacking days are now over.” See the Department of Justice press release here.
Yucel sold the software for as little as $40 on PayPal and various black market forums. Read more…
For as long as there have been governments, there have been spy agencies, and for as long as there have been spy agencies, they’ve done spying. Spy agencies are always looking for ways to get information. Information is valuable, always has been, always will be. ~Avast CEO Vince Steckler
New documents from the many that were leaked by former US intelligence analyst Edward Snowden were published this week in The Intercept. They reveal that the U.S.’s National Security Agency (NSA) and its British counterpart, Government Communications Headquarters (GCHQ), spied on security companies including Avast, AVG, Kaspersky Lab, and Antiy. The spy agencies seem to be targeting non-American security companies; Avast and AVG are based in Prague, Czech Republic; Kaspersky is based in Moscow, Russia; and Antiy is Chinese. Together, these companies have nearly a billion users. No U.S. or U.K. -based companies were included in the list.
“Geopolitically, it makes sense that the NSA and GCHQ are targeting products that are prevalently used by foreign governments, like Kaspersky in Russia or CheckPoint in Israel,” said Steckler in an interview with RT News. “On the flip side, Russian or Chinese spy agencies may be similarly targeting products that the American government heavily uses, for example Symantec and McAfee. We’re hearing just one side of the story.”
Do you dream of lounging with an umbrella drink on a sunny beach, hiking by a pristine lake in the cool mountains, or leisurely strolling through a world class museum? As you begin to make summer vacation plans, much of it planned and reserved via the Internet, here are a few scams to be aware of:
Fake vacation rentals
Private vacation rentals are growing in popularity and it’s easy to find one these days through portals like Airbnb, HomeAway, and Craigslist. A typical scam starts with attractive pictures of a property in a desired location. The phony landlord, who is really a scam artist, requires an up-front deposit on the rental that is typically sent by wire transfer. When the happy family arrives at the destination, it either doesn’t exist, it’s not at all like it was described, or it is not available for rental. It may even belong to someone else, who lives there and has no knowledge of the transaction.
How to protect yourself from vacation rental scams
Don’t be fooled by pretty pictures. Photoshop is amazing and an artist can do all kinds of tricks with it. Ask the property owner to send you additional photos. You can even look it up on Google’s Street View to make sure the property and address actually exists.
Many of the Wi-Fi hotspots you use in your hometown and when you travel have major security flaws making it easy for hackers to see your browsing activity, searches, passwords, videos, emails, and other personal information. It’s a public Wi-Fi connection, meaning that you are sharing the network with lots of strangers. Those strangers can easily watch what you’re doing or steal a username and password to one of your accounts while you sip your latte.
An easy and affordable way to maintain your security whenever you use free Wi-Fi is to use a virtual private network (VPN). It sounds techie, but Avast has made it simple.
A VPN service, like our SecureLine VPN, routes all the data you’re sending and receiving through a private, secure network, even though you’re on a public one. That way, SecureLine makes you 100% anonymous while protecting your activity.
Forget about shoplifting or painting graffiti on the wall at midnight. Opportunistic teens are turning to cybercrime to get their kicks these days.
A 14-year old boy in Florida was recently arrested and charged with a felony offense for unauthorized access against a computer system. The 8th grader said he was playing a prank on his teacher when he used the teacher’s administrative password to log onto a school computer and changed its desktop background to an image of two men kissing. The password was the teacher’s last name, and the prankster said he figured it out by watching the teacher type it in.