Just about a year after a plethora of celebrities’ nude photos were leaked online, two homes in south Chicago have been raided and investigators have named one of the suspected hackers. As this controversial story and investigation continues to unfold, Avast researchers have come up with a few speculations regarding the origin and motivation behind the initial hack. We’ve discussed the case with one of Avast’s security researchers, Filip Chytry, who has put in his two cents about the situation:
GR: Why might have Apple not flagged or investigated an IP address’ 572 iCloud logins and attempted password resets?
FC: “Putting it simply, Apple just doesn’t have security implemented on this level. Even though they might sound large to us, attempting to track this number of logins and attempts to reset passwords is similar to discovering a needle in a haystack when it comes to Apple’s ecosystem. Read more…
Many of the Wi-Fi hotspots you use in your hometown and when you travel have major security flaws making it easy for hackers to see your browsing activity, searches, passwords, videos, emails, and other personal information. It’s a public Wi-Fi connection, meaning that you are sharing the network with lots of strangers. Those strangers can easily watch what you’re doing or steal a username and password to one of your accounts while you sip your latte.
An easy and affordable way to maintain your security whenever you use free Wi-Fi is to use a virtual private network (VPN). It sounds techie, but Avast has made it simple.
A VPN service, like our SecureLine VPN, routes all the data you’re sending and receiving through a private, secure network, even though you’re on a public one. That way, SecureLine makes you 100% anonymous while protecting your activity.
Forget about shoplifting or painting graffiti on the wall at midnight. Opportunistic teens are turning to cybercrime to get their kicks these days.
A 14-year old boy in Florida was recently arrested and charged with a felony offense for unauthorized access against a computer system. The 8th grader said he was playing a prank on his teacher when he used the teacher’s administrative password to log onto a school computer and changed its desktop background to an image of two men kissing. The password was the teacher’s last name, and the prankster said he figured it out by watching the teacher type it in.
We have had a busy month with multiple announcements important to Avast customers and company-watchers. Here’s the quick rundown in case you missed it.
Avast SecureMe will launch in the next month or so to protect the new Apple Watch, as well as iPhones and iPads, when connected to unsecured Wi-Fi. That’s sure to make Apple gadget freaks happy. Read Avast SecureMe Protects Apple Watch Wi-Fi Users.
Windows 10 is scheduled to launch in July, and Avast is ready. Avast version V2015 R2 and newer are already compatible with Windows 10. Read Latest versions of Avast compatible with Windows 10.
Your router is one of the weakest links in your security, and researchers have proven once more that your home router puts you at risk.
Sixty security flaws have been identified in 22 router models that are distributed around the world, mostly by ISPs to their customers. These flaws could allow hackers to break into the device, change the password, and install and execute malicious scripts that change DNS servers to those the attacker wants. They do this so they can send your traffic through servers they control and direct you unwittingly to malicious sites or load malicious code on your machine when you visit a legitimate site.
Other flaws include allowing the hackers to read and write information on USB storage devices attached to the affected routers and reboot the devices.
The research report describes how the attackers can get in – through a backdoor with a universal password that is used by the ISP’s technical support staff to help troubleshoot for their customers over the phone. This second default administrator access is hidden from the router owner.
Which routers did the researchers test?
Earlier this week, Microsoft confirmed that the Windows 10 official launch date will be on July 29 and will be available as a free upgrade to Windows 7 and Windows 8.1 users (for one year). This latest OS will be available to pre-order in the upcoming weeks when it launches in 190 different markets across the globe. In anticipation of Microsoft’s exciting new OS, this Techradar article takes a brief look at the operating system’s past:
With Windows 8 and today Windows 8.1, Microsoft tried – not entirely successfully – to deliver an operating system (OS) that could handle the needs of not only number-crunching workstations and high-end gaming rigs, but touch-controlled systems from all-in-one PCs for the family and thin-and-light notebooks down to slender tablets.
Now, Windows 10 has emerged as an operating system optimized for PCs, tablets and phones in unique ways – a truly innovative move from Microsoft’s side. Its big reveal is now quickly approaching, and tech enthusiasts everywhere are curious to see how this OS will measure up.
Will Avast be compatible with Windows 10?
Question of the week: Why does Avast and other antivirus companies try to scare us with all this news about viruses and bad apps? It makes me think you are connected to the threats.
Avast and other reputable antivirus companies are not connected to the creation of threats – there are plenty of them without our developers making something up! But thanks for your question. We would like to help you and our other customers understand the nature of cybersecurity in today’s world and assure you that we have the tools to protect your online environment.
By the end of the decade, everyone on Earth will be connected.
–Eric Schmidt, Google chairman
As a rule of thumb, it’s good to keep in mind that anything and everything that can be connected to the Internet can be hacked. Poorly designed or implemented systems could expose serious vulnerabilities that attackers can exploit. Now, most of us are fairly familiar with certain gadgets that can be connected to the Internet, such as mobiles devices and/or laptops, smart watches, and cars, but what about the things that are still emerging within the Internet-connected world? Some of these new items include routers, sensors, and everyday gadgets such as alarm clocks, wearables, microwaves, and grills.
Internet users with basic security knowledge are aware that they should look for the padlock icon in the address bar or the HTTPS in a web address to indicate that a website is secure. We have gotten used to seeing it on bank sites or shopping carts where we input our credit card information. More and more, regular websites are making the switch from unencrypted HTTP to encrypted HTTPS. Last year, search giant Google sweetened the pot by adding HTTPS to their ranking algorithm. That action encouraged webmasters everywhere to make the switch to HTTPS.
But is HTTPS really more secure than HTTP?
The simple answer is not always. As more and more online services are moving to HTTPS, attacks are increasing. An encrypted connection ensures that the connection cannot be modified by anyone else, but it does not guarantee that the actual content being downloaded is safe. Just as with plain HTTP, if a legitimate website is hacked, malware scripts and binaries can be placed into the HTTPS page that appears to be safe.
That’s why it is imperative for security software to check this attack vector. To address this, Avast’s trusted Web Shield technology scans HTTPS sites for malware and threats.
How Avast’s HTTPS scanning feature works (the short version)
Avast is able to detect and decrypt TLS/SSL protected traffic in our Web-content filtering component. To detect malware and threats on HTTPS sites, Avast must remove the SSL certificate and add its self-generated certificate. Our certificates are digitally signed by Avast’s trusted root authority and added into the root certificate store in Windows and in major browsers to protect against threats coming over HTTPS; traffic that otherwise could not be detected.
Avast whitelists websites if we learn that they don’t accept our certificate. Users can also whitelist sites manually, so that the HTTPS scanning does not slow access to the site.
This video gives you an overview, but if any of this didn‘t make much sense to you, read below for a more detailed explanation. You can also explore the FAQ about HTTPS scanning in Web Shield.
What is HTTP and why is it being changed?
HyperText Transfer Protocol or HTTP is the network protocol used to deliver virtually all files and other data on the World Wide Web. When you visit a website you may see the HTTP:// prefix in the address. This means your browser is now connected to the server using HTTP. The problem with HTTP is that it is not a secure way to establish a connection, opening a door to cybercrooks who want to eavesdrop on your activities.
Most of us can agree that we don’t want our personal data falling into other people’s hands. This may seem like an obvious concept, but with the amount of data we regularly share online, it’s not such an uncommon occurrence that our information is wrongfully passed onto others. In this clever video published by Facebook Security, we learn how to nip scams in the bud and prevent others from tricking us into sharing personal information.