Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Archive for the ‘Technology’ Category
November 21st, 2014

How to change your router DNS settings and avoid hijacking

If your home router is hacked, you have a serious situation on your hands.

When an Avast Home Network Security scan finds that your router is already compromised, this notification will appear.

Your WiFi network is not secured

Your WiFi network is not secured

This means that the router has been hacked and the DNS settings have been modified to serve hacked contents to a cyberthief. This is a pretty serious situation. When hackers exploit router vulnerabilities, gain access to it, and modify the DNS servers settings, all your Internet traffic can be forwarded to rogue servers. This is called a man-in-the-middle attack.

The DNS or Domain Name System, is the “phone book” of the Internet, and an IP address is what’s listed in the book. DNS names computers, services, or any resource connected to the Internet or a private network. It translates easily memorized domain names, for instance, www.example.com, to the unique numerical IP addresses needed to locate the service worldwide.

What happens when your router is hacked?

Instead of connecting to a clean site or service, when your router is hacked, you’ll visit a rogue and hacked one. It’s obvious that your privacy will be violated, and your banking information could be captured – by the man-in-the-middle mentioned above. Even the usually secure SSL, the HTTPS protocol we have all been instructed to look for to indicate a secure site, won’t assure you’re protected. Instead, you’ll be proxied through malicious servers and the encrypted connection is cut in the middle. This illustration shows what happens.

 

Your WiFi network is not secured

Source: http://www.cert.pl//news/8019/langswitch_lang/en

This could also happen if your router is set to default/weak/factory password. So, the worst scenario of hacking is not that uncommon. See the latest news about webcams being hacked because of the owner’s using default passwords. Vincent Steckler, CEO of Avast, told VentureBeat that consumers are notorious for not updating default passwords, just as I’m talking about here. Some 63 percent of wireless routers run with default passwords, says Steckler.

The problem goes further than just one user or one device. The malicious effects can spread to all users in the local network, regardless of the operating system used.

How to protect ourselves against this plague?

First, scan your home network with Avast Home Network Security to verify if your device is compromised. If Avast alerts you, it’s already too late. You’ve already been compromised. You need to manually check the DNS servers in the router configuration.

By default, your router uses DNS servers automatically acquired from your Internet provider. All the devices on your network — PCs, smartphones, tablets, game consoles, and anything else connected to the network — get their DNS server from the router. You can change the DNS server on your router, therefore changing every other device on your network.

There are several good articles on the Internet about changing your DNS. Here’s one from howtogeek.com.

You also need to pay attention to your browser address bar. The HTTPS indicator should be there all the time. If it comes and goes, you may have already been compromised. In these cases, or for any other strange symptom you could be experiencing: Disable your Internet connection immediately and change the router username and password to unique ones (consult the router manual for instructions).

But, be warned, neither of these will be enough because if the router is vulnerable, it will take the attacker no time to change the settings back. Updating the router firmware or even changing it completely – as described in previous article – will be necessary.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

 

 

November 13th, 2014

How to upgrade your router with the latest firmware or replace it completely

It’s difficult to accept that we made an unwise purchase or even that a piece of technology has gone obsolete. But when it comes to the security of your home network, it’s time to face up to it.

Last February, Craig Young, a researcher at security firm Tripwire, published research showing that 80% of the 25 best-selling small office/home office (SOHO) wireless router models on Amazon had vulnerabilities. Because some routers, in fact, a lot of them, have so many non-patched vulnerabilities, the easiest way to secure your home network is to replace the router completely with a secure model.

Your WiFi network is not secured

Your WiFi network is not secured

 

How to update your router

But let’s not spend your money yet. Only four of the reported vulnerabilities were completely new, and many have been patched in later models, so you should first look for firmware updates. Some conscious manufactures release updates for their hardware controls and, if applied, could solve all (or at least some) known vulnerabilities.

Routers do not perform automatic updates, so the process requires appropriate patches to be manually downloaded and installed. Avast 2015 includes a Home Network Security scanner that can help you determine what needs to be done, explain why, and can direct you to the router manufacturer’s website.

Open the Avast user interface, click Scan from the menu on the left, then choose Scan for network threats. Avast will take a look at your router and report back any issues. In most cases, if there is an issue to be addressed, then it will direct you to your router manufacturer’s website.

Yes, Virginia, there is a Santa Claus Router Attack

If you’re not convinced that router attacks are something to be concerned about, then think back on the attack from earlier this year. Attackers remotely altered DNS configurations for more than 300,000 small office/home office (SOHO) routers, subsequently opening up victims to a host of compromises

Among several vulnerabilities around, there is one that is quite common. It’s called ROM-0 and allows the attacker to easily gain control of the whole router and, subsequently, your Internet connection. In short, the attacker could request ROM-0 through HTTP (i.e. http://192.168.1.1/ROM-0) and then he can download all the important and secret data stored in your router: Your ADSL login/password combination, WIFI password and basically all your configuration data.

How to avoid attackers from downloading your Rom-0 configuration file and manipulating your router?

It’s simple (if you are comfortable around computers. Ask a techie to help you, if you’re not):

  • Forward port 80 on the router to a non-used IP address on your network.
  • Enter your router configuration and go to “Port forwarding” configuration.
  • Send all http traffic, of all protocols, to star and end port 80 in a non-used local IP address (something like 192.168.0.xxx, where xxx would be a non-used IP).

There are free guides of “port forwarding” for quite a lot of routers. Check your model here.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

 

 

Comments off
November 11th, 2014

How to disable access to your router from the Internet

When Avast Home Network Security (HNS) displays the following error: “Your network router is accessible from the Internet” that means that hackers can access your router’s administrative interface.

Your WiFi network is not secured

Your WiFi network is not secured

 

Although that doesn’t mean imminent threat, the fact that the router is accessible from the Internet is not good. A cybercrook could modify your network settings and even disable your Internet connection or, the worst, steal your personal data.

For sure, if you use the default password in your router, everyone can access your router. However, you won’t do that, will you? If you’re reading this article, we suppose you’re technically educated and will know that using the default password is a serious risk.

hns3Routers, especially Small Office/Home Office (SOHO) wireless routers, are usually quite vulnerable to all sorts of exploits and exposing the admin interface of the router to the Internet is like leaving your door unlocked when you leave home. According to Tripwire, “80% of Amazon’s top 25 best-selling SOHO wireless router models have security vulnerabilities.”

Why should we worry about routers?

“Unsecured routers create an easy entry point for hackers to attack millions of American home networks,” said Vince Steckler, chief executive officer of Avast. “If a router is not properly secured, cybercriminals can easily gain access to an individual’s personal information, including financial information, user names and passwords, photos, and browsing history.”

Set up a strong password

I already explained how to make sure you have the highest level of encryption set on your router. If you missed it, please go back and read my blog, How to turn on WiFi encryption in your router settings.

The next step is to replace thedefault administrator password.Some of the most common mistakes made, not only by common users but also from a significant number of IT professionals, are to use the default administrator password and use the popular WPS and its insecure technology that allows hackers to discover (much easier) the router encryption passphrase.

When creating a new password, make sure it is long and strong, using a mix of numbers, letters and symbols. If you have many visitors to yourhome, it’s a good idea to set up a guest network with a separate password.

Avast 2015 includes a Home Network Security scanner that can help you determine what needs to be done, explain why, and can direct you to the router manufacturer’s website. Read more about it on our blog,  Your home network is at risk of cybersecurity attacks.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

November 6th, 2014

How to turn on WiFi encryption in your router settings

Eavesdropping is a major concern when we talk about the security of home WiFi networks. People around you, your neighbors in the next apartment, or even your own government, can discover anything flowing through your Internet traffic. Your personal data, like passwords and log in credentials, your credit card numbers, and  your photos and videos, are at risk.

Your WiFi network is not secured

Your WiFi network is not secured

We have written a lot about how to protect our communications using a VPN. To summarize, a Virtual Private Network, or VPN, is an encrypted tunnel where your data travels from your computer to a secure server on the Internet. Avast SecureLine is a VPN that you can use when outside of your home; at cafes, hotels, or airports.

Get your home network secure

But now, it’s time to bring your attention to your home network security. Your router should be correctly set to achieve the highest level of protection. Until you secure your router, you’re vulnerable to people accessing information on your computer, using your Internet service for free, and potentially using your network to commit cybercrimes.

There are basically three levels of security on a home router. These come in types of encryption. They are WEP, WPA and WPA2. These strange acronyms refer to different wireless encryption protocols which protect – in fact, encrypt – the information you send and receive over a wireless network.

WEP (Wired Equivalent Privacy) was the first protocol used in late 90s. It should not be used nowadays as it has serious security weaknesses which are easily hackable by even the most novice hacker. So, the first wise thing to do is move away from WEP. Your router must be quite old if you can’t do that, and you should consider purchasing an updated one, or ordering a new one from your ISP.

WPA (WiFi Protected Access) replaced WEP, but very soon after that, WPA2 replaced WPA. WPA2 implements the latest security standards, especially for data encryption with AES (Advanced Encryption Standard), a strong encryption algorithm.

Using WPA or, better, the WPA2 protocol, means that when any device tries to establish a connection to your wireless network, it will be prompted to enter the security key or password to connect.

Most wireless routers allow you to select WPA2 during the setup process. Unfortunately, the default in many wireless devices is WEP or, even worse – nothing -  which means anybody in range can connect to your WiFi to use the bandwidth and access your other devices (printer, network disk, etc.).

What to do at home

Avast Home Network Security scans for vulnerabilties.

Avast Home Network Security scans for vulnerabilties.

Verify your wireless network router (or other access point) supports WPA2. If necessary, go to your router manufacturer site and search for the latest firmware to be downloaded and applied according to its instructions. Apply compatible WPA2 settings on each WiFi device, choosing the WPA2 encryption and the correct authentication info.

Although encrypting your traffic won’t protect you from rogues, denial-of-service (DNS) attacks or interference, it will ensure secure wireless communication.

Also, change the default password. Make sure the one you use is long and strong, using a mix of numbers, letters and symbols.

Avast 2015 includes a Home Network Security scanner that can help you determine what needs to be done, explain why, and can direct you to the router manufacturer’s website. Read more about it on our blog,  Your home network is at risk of cybersecurity attacks.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

 

Comments off
November 4th, 2014

Avast 2015 new feature: Home Network Security scanning

Nowadays, security is team work: Software and hardware should work together to achieve the most complete protection possible.

Avast 2014 Home Network Security

Avast 2015 Home Network Security scans for vulnerabilities in your router.

Complete protection is why the developers at Avast Software decided to include a security feature called Home Network Security (HNS) in the new Avast 2015. HNS is all about scanning your router for vulnerabilities and identifying potential security problems that open the door to threats. Routers are the weakest security point in many home and small business networks these days, so this is a very valid and needed feature.

Here comes the problem. There are zillions of different routers available around the world, but the majority of users just acquire one “that works and is not so expensive” or they get whatever their ISP gives them.  That means the security is already compromised. HNS has been conceived to solve these major threats:

  1. 1. Your wireless network is not secure due to lack of encryption. Thus, anybody in range, like your neighbor, can connect to your Wi-Fi to use the bandwidth and access your other devices (printer, network disk, etc.).
  2. 2. Your network router is accessible from the internet, so hackers can access the router and modify your network settings, even disabling the internet connection or stealing your personal data.
  3. 3. Your router is vulnerable to hacker attacks, i.e., hackers can easily read your router settings, get access to the router, and modify it. Your personal data might be in risk.
  4. 4. Your internet connection is compromised and your router could be hijacked. Your router is already hacked (i.e., some well-known sites are re-directed to fake IPs).
  5. 5. Devices on your network are accessible from internet. This happens when Internet Protocol version 6 (IPv6 is enabled on the router and the devices get IPv6 addresses that are not firewalled. The problem is not primarily in the protocol, but in the router, which is not able to secure the devices with these addresses

Avast can help you protect your home network

With Home Network Security  on all  Avast security products, we can translate this into security protection for you. This 7-part series published on the Avast blog this month will show you what to do to enhance your network security and how Avast can guide you through the task.

 

Before we continue, know that there are a lot of free guides available from the major router manufacturers that provide step-by-step information. Take a look, for instance, here. Look for your model and read a bit. Remember, all you learn will work toward protecting your network. You can also download and install a router detector that could help you in this job.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

September 11th, 2014

Leave your credit cards at home; Apple Pay lets you buy things with your phone

source: CNET.com

In the wake of the Target, and now Home Depot, security breaches, Apple Pay wants to provide a safer way to make a purchase.

Nestled in-between this week’s announcements of the iPhone 6 and the Apple Watch, Apple CEO Tim Cook announced a new mobile payment system called Apple Pay. New iPhone and Apple Watch owners can leave their credit and debit cards at home because the devices come with a chip that lets them tap-to-pay at major retailers.

When you are in one of 220,000 participating stores, like McDonald’s, Walgreens, Disney, or Macy’s, you use the magic of near-field communication (NFC) to hold your phone by a terminal to pay. It also requires that you place your finger over a sensor to verify your fingerprint. The Apple Watch works the same way, without the added security of the fingerprint, and syncs to your iPhone 5, iPhone 5c, and iPhone 5s. The payment system will work with American Express, Mastercard, and Visa.

Sounds pretty good. But, Google Wallet, PayPal and other NFC systems have failed to really take off; will Apple give us a better way? I asked mobile malware analyst Filip Chytrý to share his thoughts about the security of Apple Pay.

Deborah: From a security perspective, what do you think about Apple Pay?

Filip: I have some concerns. Communications between your device or watch is through Bluetooth, and we have already seen many incidences of intercepted communication between two devices using a man-in-the-middle attack. Generally, anytime you use a pay system there is communication between the phone or watch over Bluetooth. This communication works over a much longer distance than NFC, so payment interception would be easier.

Deborah: I understand the convenience of paying with Apple Pay, but how is this more secure than paying with a credit card? Read more…

Categories: General, Technology Tags: , ,
Comments off
April 2nd, 2014

Declaring machine war against malicious Android packages

machine_war_theme_jpg

Do you know the notion “machine war”? If you’re a fan of the Matrix movie trilogy then probably, yes. It denotes the fictional rise of artificially intelligent machines against the human race and their violent conquest of human beings. We want to apply a similar dominance of computationally powerful machines, not to create a population of slaves, but against numerous malicious Android packages that wildly proliferate on unofficial markets.

The idea of malware detection with no human interaction appeared earlier on our blog. In a fundamental article about AVAST research activities by AVAST’s COO, Ondřej Vlček, he effectively described the technologies we employ to deal with Windows threats. Two techniques have been mentioned explicitly, Malware Similarity Search and Evo-Gen, both working with Windows PE file format. Sometimes the latter form of detection technique is denoted as weak automated anti-malware heuristic.

The main effort is to reach two slightly conflicting qualities at the same time: The robustness, which means that suggested methods cover as many threats as possible; and simplicity, so that the methods are easily implemented in AVAST’s mobile security solution. The search for balance between those qualities is assisted by lessons learned from automated heuristic for Windows PE executables.

Read more…

February 7th, 2014

Research buzz: Undercover technology

darth-vader

The Force is not strong with this one

Question of the week: What is the antivirus setting called DeepScreen?

DeepScreen is a new technology inside avast! Antivirus 2014. When you are about to run a suspicious program which is not yet known to the other core antivirus technologies, DeepScreen is invoked. Its task is to simply distinguish between good and bad software. Although it seems obvious and simple, it is not.

How DeepScreen uses The Force for good

This (magic) technology is served by two software components (the Jedi, if you will) which work hand-in-hand. One of them is well known from the past: The avast! Sandbox.

When a file is “DeepScreened,” it is actually run in the Sandbox, which is mainly responsible for keeping things isolated while watching for various high-level events and behavior of the program running. For example, it monitors the system call invocation and overall behavior of the program which is being executed. This seems to be just enough to distinguish between the Dark Side and the Light Side of the Force, but unfortunately, it is not that simple.

Firstly, how can you tell good and bad behavior apart? There are plenty of legitimate software products that use “weird” techniques to protect themselves. On the other hand, there is a bunch of malware samples that look innocent and behave well.

Secondly, malware is used to hiding away from the vigilant eyes of the Sandbox. The most common and powerful technique is encryption. In fact, there are more ways of encrypting and packing these well - known bad guys and rendering them undetectable than there are distinct malware samples.

SafeMachine: The new Jedi Order

deepscreenNow, let me introduce you to our new good guy: SafeMachine 2, a dynamic binary instrumentation tool and generic unpacker. Yes, a real Jedi Knight!

With the latest version of avast! Antivirus 2014, this technology is fully involved in fighting the bad guys. Whenever DeepScreen runs something in the Sandbox, it also performs binary instrumentation of the process.

Read more…

February 1st, 2014

Oversharers: The NSA Loves Your Openness and the Data You Share via Apps

“It has become second nature to connect various apps like Instagram, SocialCam, Angry Birds, CityVille, and Spotify to your Facebook ID. You just click ‘agree’ without even really knowing what you are agreeing to. What you don’t realize is that social apps linked to your Facebook profile can pretty much track your and your friends’ whole life.”

postThis quote, from Christian Sigl (co-founder of secure.me, which is now part of AVAST), originally appeared in Mashable in September, 2012.

Back then, we wanted to give users a heads-up and create awareness to think twice before sharing personal data with apps – regardless if via smartphone or the Web. Part of the message was that you never know what can happen with your data and in whose hands it could end up in.

Today, we know where the data went: The NSA and its British counterpart, GCHQ, have accessed data from Angry Birds and other smartphone and tablet apps, including sensitive information like age, location, education level and sexual orientation. The data accessed was collected directly from phones including geolocation, handset model, handset ID, software version and more – but personal information like sexual orientation, age and education level probably came from social media connect options.

Rovio, the company behind Angry Birds, has reacted and denied that they provide data to the NSA. Instead, they point out that they will rethink relationships with the ad networks they work with. “The alleged surveillance may be conducted through third party advertising networks used by millions of commercial web sites and mobile applications across all industries,” Rovio announced.

Regardless of how this data landed on NSA desks, giving away your customer’s personally identifiable information to a third-party organization is never a good move.

Users couldn’t really have done anything to avoid their data from ending up with the NSA, the only preventative action that could have been taken would have been limiting the amount of personal data that could be collected from social networks. Social network data isn’t meta data, this is information people share voluntarily. So of course, we know today that the NSA can access very sensitive and personal information if they want to – they will find a way if you’re of interest to them. Most of us aren’t though and one thing you can do to limit the amount of data that’s collected is to avoid online oversharing with apps and social networks.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

December 17th, 2013

The essential security tool for traveling is on sale!

We’ve got the tool you need when you’re on the road this holiday season and all year long! Stay safe when using public WiFi ‘hotspot’ hp-securelinenetworks and access your favorite content from your PC with no regional restrictions when you use avast! SecureLine VPN.

Save 33% now on a 1 year avast! SecureLine license

avast! SecureLine secures your data and computer from intrusive hackers when using public WiFi hotspots at airports, cafes, libraries and hotels.

Your public WiFi communications are encrypted, which means that someone snooping on you will see a bunch of gibberish instead of your email, files, passwords, etc.

Your browsing is anonymous because avast! SecureLine VPN cloaks your IP address to keep your private searches private.

When you travel and need web access from different locations, you may find some sites blocked. Now you can use servers located in multiple countries (e.g. UK, USA, etc.) to access Geo-blocked websites like Netflix or Pandora.

You have until the end of the year to take advantage of 33% off a 1 year license for avast! SecureLine. Get it now!

Get avast! SecureLine VPN here.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Comments off