Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Archive for the ‘General’ Category
July 23rd, 2015

Microsoft releases emergency Windows patch after discovery of critical security flaw

With the release of their newest operating system just days away, now is not the most convenient time for Microsoft to be facing and dealing with security bugs. However, two thirds of all 1.5 billion PCs operated by Windows across the globe were recently left vulnerable due to a security flaw found in nearly every version of Windows, including Windows 10 Insider Preview.

If you use Windows, the time to update is now!

If you use Windows, the time to update is now!

The flaw (MS15-078) lies within the Windows Adobe Type Manager Library and can be exploited by cybercriminals to hijack PCs and/or infect them with malware. Users can be attacked when they visit untrusted websites that contain malicious embedded OpenType fonts. Microsoft explains more about the threat in a security bulletin advisory:

An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

There are multiple ways an attacker could exploit this vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage that contains embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts.

The flaw has been classified as critical, which is Microsoft’s highest measured level of threat. Anyone running Windows Vista, Windows 7, Windows 8 and 8.1, Server 2008, Server 2012 and Windows RT are affected by the flaw. Microsoft’s online Security TechCenter includes a full list of affected software and additional vulnerability information.

Read more…

Comments off
July 22nd, 2015

Windows 10 security features consumers can look forward to

Windows 10 will be launching in T-minus seven days and will be offered for free within its first year of availability to Windows 7 and 8 users. Not only will the beloved Start button be back in Windows 10, but Windows 10 will also include a personal assistant, Cortana. What’s more, the new operating system will introduce many promising security features and a new browser.

Image: TechRadar

Image: TechRadar

Hello there, Windows Hello and Passport!

Windows Hello is biometric authentication that either scans your face, iris or fingerprint to access your Windows 10 device – very secret agent-like security! By doing so, Windows Hello eliminates the chance of hackers stealing your password to access your device, simply because you will no longer have a password to begin with!

Windows Passport also eliminates the use of passwords to access your online accounts. For now, Microsoft will work with the Azure Active Directory and has joined the FIDO alliance to subsequently support password replacement for other consumer, financial and security services. Windows will verify that you are truly the one using your device through a PIN or via Windows Hello, and then it will authenticate Windows Passport so you can log in to websites and services without ever using a password. Combined use of Windows Hello and Windows Passport would mean that a hacker would not only have to physically steal your device, but also kidnap you to access your accounts.

You will, of course, need hardware that is capable of infrared scanning your face or iris, or that has a built-in fingerprint reader to use Windows Hello. Microsoft has already confirmed that all OEM systems with Intel® RealSense™ 3D Camera (F200) will support Windows Hello’s facial unlock features.

Read more…

July 21st, 2015

Is the Ashley Madison data breach worse than other data breaches?

Ashley Madison calls itself the “most famous website for discreet encounters between married individuals”. Now, the platform for infidelity and dating has been hacked and its user database of 40 million cheaters with their real names, addresses, financial records, and explicit information were stolen. Discreet is done.

Did the married Ashley Madison customers really think their extramarital activities could be discreet?

Ashley Madison hookup site gets hacked

image: www.ashleymadison.com

The past months and years, Target was hacked, Home Depot, BlueCross BlueShield, and even the U.S. government was hacked and data of tens of millions of people were exposed. Wal-Mart, CVS, and Costco had to take down their photo service websites last week as they are investigating a possible data breach. News about new data breaches break every month, sometimes even every week. Just in May, the dating site AdultFriendFinder was hacked, and sensitive information about 3.5 million people was leaked. It shouldn’t come as a surprise to Ashley Madison users that this data breach happened. It was just a matter of time.

Read more…

July 21st, 2015

Android malware Fobus now targeting users in the U.S., Germany and Spain

Mid January we informed you of a data-stealing piece of Android malware called Fobus. Back then Fobus mainly targeted our users in Eastern Europe and Russia. Now, Fobus is also targeting our users in the USA, United Kingdom, Germany, Spain and other countries around the world.

Fobus can cost its unaware victims a lot of money, because it sends premium SMS, makes calls without the victims’ knowledge and can steal private information. More concerning is that Fobus also includes hidden features that can remove critical device protections. The app tricks users into granting it full control of the device and that is when this nasty piece of malware really begins to do its work. You can find some more technical details and analysis of Fobus in our previous blog post from January.

Today, we decided to look back and check on some of the data we gathered from Fobus during the last six months. We weren’t surprised to find out that this malware family is still active and spreading, infecting unaware visitors of unofficial Android app stores and malicious websites.

The interesting part of this malware is the use of server-side polymorphism, which we suspected was being used back in January but could not confirm. We have now confirmed that server-side polymorphism is being used by analyzing some of the samples in our database. Most of these have not only randomly-generated package names, but it also seems that they have randomly-generated signing certificates.

Number of users who have encountered Fobus

Number of users who have encountered Fobus

Read more…

July 20th, 2015

How iOS users can stay protected against iScam threat

iScam displays a "crash report" to affected users. (Photo via Daily Mail)

iScam displays a “crash report” to affected users. (Photo via Daily Mail)

It’s a common belief (and myth) that Apple products are invincible against malware. This false line of thinking has recently again been refuted, as iPhone and iPad users have been encountering a ransomware threat that freezes their Internet browsers, rendering their devices unusable. The ploy, commonly known as iScam, urges victims to call a number and pay $80 as a ransom to fix their device. When users visit an infected page while browsing using the Safari application, a message is displayed saying that the device’s iOS has crashed “due to a third party application” in their phone. The users are then directed to contact customer support to fix the issue.

How to clean your system if you’ve been infected by iScam

  • Turn on Anti-phishing. This can be done by visiting Settings > Safari and turn on ‘Fraudulent Website Warning’. When turned on, Safari’s Anti-phishing feature will notify you if you visit a suspected phishing site.
  • Block cookies. For iOS 8 users, tap Settings > Safari > Block Cookies and choose Always Allow, Allow from websites I visit, Allow from Current Websites Only, or Always Block. In iOS 7 or earlier, choose Never, From third parties and advertisers, or Always.
  • Allow JavaScript. Tap Settings > Safari > Advanced and turn JavaScript on.
  • Clear your history and cookies from Safari. In iOS 8, tap Settings > Safari > Clear History and Website Data. In iOS 7 or earlier, tap Clear History and tap Clear Cookies and Data. To clear other stored information from Safari, tap Settings > Safari > Advanced > Website Data > Remove All Website Data.

Check out Apple’s support forum for additional tips on how to keep your device safe while using Safari.

Categories: General, How to Tags: , , , , , ,
Comments off
July 20th, 2015

GrimeFighter is now Avast Cleanup

Optimize your PC with Avast Cleanup’s advanced scanning features.

Change is good, especially when it pushes us forward and encourages us to improve. We’ve recently made a change that will benefit our users and make their experience using our products even better. Our PC optimization product formerly known as GrimeFighter has now emerged as Avast Cleanup. In addition to the name change, there’s more to this transition that Avast users can be excited about. In Avast Cleanup, we’ve got a bunch of great benefits for you to enjoy:

  • Rid your PC of up to 5x more junk. Avast Cleanup continues to search for junk files, unnecessary app processes and system settings that slow down your PC’s performance. The amount of issues detected by Avast Cleanup have been improved fivefold, ensuring that your PC is cleaned as thoroughly as possible.
  • Keep it clean, keep it fast. Avast Cleanup’s quick and easy scan is 10x faster, now capable of transforming your PC in minutes or even seconds. As always, exact scan times may vary due to Internet connection or amount of issues found.
  • Win precious space back with new, advanced scanning features. Even a new PC can be loaded with unnecessary apps. Avast Cleanup checks when you update a program or uninstall an app, ensuring that any unnecessary leftover files don’t take up space on your PC. Since you’re immediately informed if unneeded files are discovered, you can save more space on your device than ever before.
  • Organize Avast Cleanup to work around your agenda. You can schedule a daily clean, select which programs you want to load upon startup, and choose what you clean in a scan. What’s more, Avast Cleanup discreetly runs in the background while you go about your daily activities.

Avast Cleanup helps you store more of what you actually want and to accomplish it in just a few minutes. Don’t let your PC become a test of your patience — try Cleanup for yourself. Here’s how:

  • For licensed users, all you need to do is install the latest version of Avast. Your GrimeFighter will then be automatically updated to Avast Cleanup. You’ll receive a notification letting you know that the update was successful.
  • For users who have updated to the latest Avast version but haven’t yet purchased Avast Cleanup, you can do so either from our website or, better yet, directly through the program by navigating to the store link on left menu of the interface.
  • For users who haven’t updated, you can also buy Cleanup within Avast. For now, you’ll still see it as GrimeFighter and you’ll need to do an update to the latest version of Avast in order for it to work.
July 17th, 2015

Patches from Adobe, Oracle, and Microsoft released

Avast Software Updater helps you apply software updates.

Earlier this week, we told our readers about the three Flash Player zero-day vulnerabilities that were found in stolen files that were leaked from the Hacking Team. We advised Avast users to disable Flash until the bugs are fixed.

It doesn’t look good for Flash. Because of the continuing security problems facing the 20-year old platform, Google and Mozilla each announced this week that their Web browsers will eventually be dropping default support for Adobe Flash, and Facebook’s new security chief wants to kill Flash. For now you can still use it, but the reports of it’s death are not greatly exaggerated…

Read more…

July 17th, 2015

Mr. Robot Review: da3m0ns.mp4

This week’s episode was a little confusing for me – and I’m not only referring to the trippy dream Elliot has while going through his drug withdrawals.

Operation Meltdown

It seems I wasn’t the only one who had questions about the hacks in this week’s episode; Forbes published an interview they did with Michael Bazzell, Mr. Robot’s technical consultant and cyber crime expert explaining the hack attack on E Corp that Elliot comes up with at the beginning of the show.

In the article, Michael Bazzell explains how Elliot plans on destroying E Corp’s data storage facility, using Raspberry Pi. Sounds like a very yummy method – too bad there’s an “e” missing at the end of “pi”! Michael explains that Raspberry Pi is a very small computer that can be accessed via the Internet through its built-in cellular chip. Using this, Elliot wants to control the facility’s climate control system to overheat it, thus melting E Corp’s tape-based back up.

While Forbes focused on the more complex hacks that targeted large corporations like E Corp and Allsafe, I was intrigued by the two physical hacks in the show.

@whoisMrRobot

via USA Networks

Beep Beep

The first “IRL” hack is when two members of FSociety hack a minivan – keep in mind that FSociety does everything in their power to not leave a trail, so they need a stolen car to get to E Corp’s data facility center in order to prevent being caught.

The FSociety guys casually sit on a sidewalk and wait for someone to park and lock their car. Using what looked like an old radio to me but is more likely a transmitter, they were able to send a command to unlock the car – politely thanking “mom” for giving them the opportunity to steal her car. Once inside the car, they connect the car to their laptop using a cable and ran the code to get the car started.

I asked my colleague, senior malware analyst Jaromir Horejsi, what he thought of the hack:

All they needed was the cable and specialized control software for cars. This software can access data from sensors in the car and it can control the car’s behavior. With that, they just had to connect everything together and select their desired actions. – Jaromir Horejsi

Read more…

Categories: General Tags: , ,
July 15th, 2015

One in 10 American mobile users is the target of mobile malware

Avast Antivirus detects and neutralizes malware

Threat analysts and malware researchers in the Avast Virus Lab detect and neutralize threats as soon as they appear.

The Avast Threat Report provides an overview of global threat activity.

 

Avast malware researchers and Avast customers work 24/7 to protect each other.

Avast protects 230 million people worldwide in more than 186 different countries — we are present in more countries than McDonalds and protect more people than any other antivirus security provider. We stream 250 micro updates a day that protect our users from attacks. This is made possible by the 230 million devices we protect that simultaneously act as de facto sensors. These sensors provide us with information about suspicious files to help detect and neutralize threats as soon as they appear. Once we identify a suspicious file on a single device, it is reported back to the Avast servers and all Avast users around the world are immediately protected. This is called our Community IQ – it not only lets us better protect our users but also gives us valuable insights into the current security landscape.

Read more…

Comments off
July 13th, 2015

Adobe Flash zero-day vulnerabilities threaten your security

Last Friday, Adobe confirmed two new “critical” zero-day flaws in the Adobe Flash Player browser plugin 18.0.0.204 – and earlier versions – for Windows, Mac OS X, and Linux. Today, a third flaw was found. Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messages.

We recommend disabling Flash until the bugs are fixed. 

Three "critical" zero-day flaws in Adobe Flash Player discovered

Three “critical” Flash zero-day flaws in Adobe Flash Player discovered

Security experts say the two flaws were found in stolen files that were dumped earlier this month from Hacking Team, an Italian security firm that sells communication interception and surveillance software to governments around the world. The third one came from the same documents.

“Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system,” Adobe said in their blog. “Depending on the privileges associated with the user account targeted, an attacker could install programs on the system, alter or delete data, create new accounts with similar user rights, or cause a denial-of-service.”

Read more…