Stefanie Smith

Stefanie Smith

28 July 2016

Mr. Robot Review: eps2.2_init1.asec

Avast Senior Malware Analyst, Jaromir Horejsi, explains the tech terms from Mr. Robot's eps2.2_init1.asec

Read More

Security News

Stefanie Smith

25 July 2016

Security threats to watch out for at the 2016 Olympics

Athletes aren’t the only ones training for the Olympics, cybercriminals are also stepping up their game! Avast explains which threats you should watch out for!

Read More

Security News

Stefanie Smith

21 July 2016

Mr. Robot Review: eps2.1_k3rnel-pan1c.ksd

If you couldn't wrap your head around the latest episode, eps2.1_k3rnel-pan1c.ksd, of Mr. Robot, don't panic -- Avast explains the technical terms.

Read More

Security News

Stefanie Smith

14 July 2016

Mr. Robot Review: unm4sk-pt1.tc and unm4sk-pt2.tc

Mr._Robot_USA_Network_s2e1.jpg

Image via: USA Network @whoismrrobot

The two-part premiere of season two of Mr. Robot did not disappoint! The episodes focused more on the current state of the main characters than on hacking and a lot has changed since season one.

Read More

Security News

Stefanie Smith

13 July 2016

What we can learn from the hacks on season one of Mr. Robot

Mr. Robot is coming back to USA Network on Wednesday, July 13th at 9/10 pm Central (tonight!) for its second season and I cannot wait (especially since I missed Sunday's sneak preview)! Season one was full of complex hacks that were, for the most part, accurately portrayed. By speaking to various Avast experts, I learned a lot about the hacks on the show last summer and how they could affect consumers like you and I.

Mr_Robot_season_2.jpg

Image via: USA Network @whoismrrobot

Here’s a recap of what we learned from the hacks in season one of Mr. Robot:

Read More

Security News

Stefanie Smith

12 July 2016

What businesses can learn about cybersecurity from season one of Mr. Robot

Season one of last summer’s hit new TV show, Mr. Robot, was filled with interesting and, for the most part, accurately portrayed hacks. The hacks were carried out by the show’s main character Elliot and hacker group fsociety. Their goal throughout the season was to take down the multi-national conglomerate, E Corp.

Mr.Robot_season_2_premier.jpg

Image via: USA Network @whoismrrobot

Although the hacks on the show were rather complex and to a certain extent elaborate, there are a few things SMBs can learn from them.

Read More

SMB/Business

Stefanie Smith

6 July 2016

Permission to punch the presidential candidates

The 2016 U.S. presidential primaries are well under way and the candidates are a hot topic in the media, social media and in real life discussions. With all the buzz, I was curious to see how Android app developers are taking advantage of the candidate’s popularity and what permissions the apps request.  So with this mission in mind, I started downloading and testing these apps.

FB_Top_Trump_apps_Play_Store_1200x628px_logo.png

Read More

Mobile Security

Stefanie Smith

10 June 2016

Zuckerberg Twitter hack could have been avoided with better passwords

Avoid having your online accounts hacked like Mark Zuckerberg’s by managing your passwords correctly.

The recent news of celebrity social media accounts, including Mark Zuckerberg’s, being hacked should be seen as an important reminder to how valuable passwords are. Who knows if the cybercriminals that hacked the accounts just tweeted strange things or if they went a step further and read the celebrities’ direct messages or more. 

password_quilt-755842-edited.jpg

Most people create easy passwords like these and never change them

Read More

Security News

Stefanie Smith

23 May 2016

Your iPhone6s is not waiting for you – despite what the text message says

What’s the deal with these “you won something” texts?

I recently received a text message saying an iPhone 6s is waiting for me. I normally delete these messages, but this time I was curious… I have been considering upgrading from my iPhone 5 for a while now J. So, I decided to consult with my friend, Avast senior malware analyst Jan Sirmer and see what would happen if I believed the text.

iPhone_scam_text.jpg

How did they get my number?

The first question I had about this was: How did they get my number? “A computer probably sent it to you,” said Jan. How did a computer get my number? “There are programs that allow computers to send text messages to a bunch of numbers at once. They probably use the same area code and the rest of the digits in the number are generated by the program.”

Read More

Security News

Stefanie Smith

19 May 2016

Avast Software Updater can help protect you from security loopholes, like the recent 7 Zip vulnerabilities

Last week, Talos discovered multiple vulnerabilities in 7-Zip, a popular, open source file archiver. The vulnerabilities are particularly severe as many products, including antivirus software, implement 7-Zip in their software. When vulnerabilities are found, it is the responsibility of software owners to patch them. However, these patches are useless, unless users update their software.

Avast is not affected by these vulnerabilities, but if you are a non-Avast user we recommend you update your antivirus software, if you haven’t done so already.

About the vulnerabilities

The two vulnerabilities found are CVE-2016-2335 and CVE-2016-2334. The first vulnerability is an out-of-bounds read vulnerability, which exists due to how 7-Zip handles Universal Disk Format (UDF) files and could allow attackers to remotely execute code.

The second vulnerability is an exploitable heap overflow vulnerability, found in the Archive::NHfs::CHandler::ExtractZlibFile method functionality. In the HFS+ file system, files, depending on their size, can be split into blocks. There is no check to see if the size of the block is bigger than size of the buffer, which can result in a malformed block size which exceeds the buffer size. This will cause a buffer overflow and heap corruption.

What you should do

As mentioned above, it is up to software publishers to provide their users with vulnerability fixes, but these are futile if users don’t take action and update their software. It is vital that you frequently update all software, including your operating system, on a regular basis.

Read More

Security News