Last Friday, Adobe confirmed two new “critical” zero-day flaws in the Adobe Flash Player browser plugin 22.214.171.124 – and earlier versions – for Windows, Mac OS X, and Linux. Today, a third flaw was found. Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messages.
We recommend disabling Flash until the bugs are fixed.
Security experts say the two flaws were found in stolen files that were dumped earlier this month from Hacking Team, an Italian security firm that sells communication interception and surveillance software to governments around the world. The third one came from the same documents.
“Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system,” Adobe said in their blog. “Depending on the privileges associated with the user account targeted, an attacker could install programs on the system, alter or delete data, create new accounts with similar user rights, or cause a denial-of-service.”
Avast teamed up with Chillicothe City School District in Ohio to provide free antivirus software to their schools.
Educational institutions manage sensitive data including names, birthdays, and even social security numbers. That data needs to be secured to ensure sensitive student data remains confidential. Tyler Hisel is an IT technician the Chillicothe City School District in Ohio. Tyler recently started protecting his school with Avast for Business. “We had AVG before switching to Avast and we really needed to simplify our security solution.”
Servicing an entire school district’s IT needs is a challenge. That’s why Tyler said he needed software with easy-to-use centralized management where he could monitor the district’s devices. “Avast was cost saving and had lots of features that I was surprised came free,” said Tyler.
Tyler discovered Avast for Business by searching for free antivirus software for business. He explored all of the options and after considering the alternatives decided that Avast for Business was the best antivirus software for the district. “All we wanted was a simple security solution that worked, and I knew we didn’t have to pay a fortune for it.”
Budget wasn’t the biggest factor in Tyler’s decision but he claimed that it was definitely important. There were other security solutions that fit most of Tyler’s qualifications but he says that Avast for Business’ nonexistent price tag and centralized management made it the clear choice. When asked if he would recommend Avast to others he replied saying, “We’ve told businesses in the area about it already!”
Tyler’s final thoughts on Avast for Business were simply this, “I’ve got to hand it to you, it’s really an impressive product and it being free just makes it better.”
Avast for Business is free for schools, small and medium sized businesses and non-profit organizations. Visit our Avast for Business website to learn more and sign up.
When your computer slows to a crawl, it is very frustrating. One of the worst things that people do when trying to restore the performance of their PC is to remove the security software. Getting rid of your protective barrier just opens you up to threats that could make things even worse.
So you know that you need a security product on your computer, but you don’t want any software to impact the speed or performance. That’s why an excellent choice is Avast antivirus products.
Avast provides high detection rates and good protection against malware, but it does not degrade system performance or annoy users by being resource hungry.
But don’t take my word for it.
AV-Comparatives, a well-known and trusted third party testing lab, recently tested 20 antivirus and internet security products. Avast Free Antivirus topped every single one of them – paid security suites and free antivirus protection – and received an Advanced Plus three star award for the May 2015 Performance Test.
Reasons why your PC may be slow
It is not always security software that is responsible for a slow system. Other factors can play a role, which means that with a few tweaks your systems performance can be improved.
Elliot, Mr. Robot’s anti-hero cyber-security engineer by day and vigilante hacker by night, has been having a life-style crisis. In episode 3, Elliot longs to live what he calls a bug-free life, otherwise known as a regular person.
However, he is quickly pulled back into F Society’s hold when emails exposed during the threatened data dump revealed that E Corp executives had knowledge about the circumstances which led to his father’s death. We will leave the intrigues and plot theories, especially if Mr. Robot is real or a figment of Elliot’s imagination, to the internet. Right now, let’s look at the hacks highlighted in this episode.
At minute 7:40, you see Elliot in the hospital after Mr. Robot had pushed him off the high wall they were sitting on in the previous episode. His psychiatrist, Krista, is in the hospital and explains that the police wanted to do a drug panel, but Elliot refused. Elliot admits he has been taking morphine. Krista says the only way she can approve his release from the hospital would be if he commits to a bi-monthly drug test. Elliot starts thinking about how he will get around this problem by hacking the hospital’s IT. The IT department is lead by one single person, William Highsmith, with a budget of just $7,000 a year. According to Elliot, he uses useless virus scans, dated servers and security software that runs on Windows 98. It’s one of the reasons why Elliot made that particular hospital his primary care facility, since he can easily modify his records to look average and innocent.
Stefanie: Wow, wouldn’t it be an unusual that a hospital would actually use old infrastructure and have little budget for their IT? I also found it a bit odd that they have just one IT guy, I mean healthcare data is REALLY sensitive and definitely one of the last things I would want to have accessed by hackers!
It usually happens after you download something free. You go back online and your browser suddenly looks unfamiliar. There’s new buttons and weird icons in the place of what you used to have. A strange search page from a company you have never heard has taken the place of your homepage.
How did I get that annoying toolbar?
You have inadvertently downloaded a browser toolbar that came bundled with other software.
Free programs, like Adobe Reader, often include add-ons like toolbars or browser extensions. Most of the time, during the installation of the software, an opt-out option will be presented for the add-on. But, lots of people click through without reading, and when they’re finished they discover they have downloaded something they didn’t intend to.
To keep this from happening in the first place, slow down and read the screens. You could save yourself lots of time and headaches if you do.
This morning, our colleagues who work on our Avast SecureLine VPN product informed us that there was a significant increase in downloads in the U.S. This made us curious, as we didn’t have any specific campaigns running that would explain this dramatic spike in downloads. In the App Store, we jumped tothe 6th spot in the utilities category (and as we were coming from the 200th spot, this says a lot)!
We decided to turn to Twitter to see what was going on and discovered that teenagers were the cause of the trend. This shouldn’t have really surprised us, as teens are trendsetters and experts at dispersing viral content via social media channels.
I’m glad to announce that we have acquired Remotium, a leader in virtual enterprise mobility, headquartered in Silicon Valley. Remotium’s award-winning and patent-pending technology, the Remotium Virtual Mobile Platform (VMP), provides enterprises with secure access to business-critical applications from anywhere and from any mobile or desktop device. With this product, corporate mobile users have all their personal data and apps resident on their mobile (iOS or Android) while all their corporate data and apps reside and execute on a server and are only displayed on the mobile. This is the perfect fit for bring-your-own-device (BYOD) environments.
Remotium‘s mobile solutions address the needs of modern enterprises. As more and more companies support BYOD policies, the question of how to implement these policies efficiently and securely is top of mind for everyone. As people bring their own devices to work, the lines between business and private data become blurry. In a study, IBM found that millions of people use dating apps on company smartphones, which could expose themselves and their employers to hacking, spying and theft. Out of the 41 dating apps analyzed by the researchers, 26 had medium or high severity vulnerabilities.
With Remotium’s technology, companies have the visibility and security needed to ensure data integrity and corporate compliance. At the same time, users enjoy increased privacy, as well as apps that look and feel consistent across mobile and desktop platforms. Remotium was named “Most Innovative Company” at RSA® Conference 2013 and won the Best of Show award at Interop Tokyo in June 2015.
With this acquisition we are expanding our mobile offerings into the enterprise space. Although our near-term approach with Remotium is to make the products successful in the enterprise market, we also see a tremendous opportunity to leverage this innovative technology within our traditional consumer and SMB markets.
We are pleased to add the Remotium staff to our team of more than 600 Avast employees – together we will further accelerate Remotium’s growth and expand its capabilities across enterprise mobility platforms.
Most Internet users are familiar with this problem all too well: After downloading a video player, Java, Flash updates or other software, the browser has suddenly changed. New buttons and icons in all colors and sizes along with an URL entry bar take up valuable real estate on your browser. The browser runs noticeably slower – and the results look different. Most annoying is that the advertising becomes more prominent.
Over the past two years, Avast Browser Cleanup has identified more than 60 million different browser add-ons which are often bundled with other free software, such as video players, Java and Flash updates. These toolbars typically occupy the horizontal space below a user’s browser and can include buttons, icons, and menus. Despite removing and re-installing a browser, toolbars will often remain, which is a behavior similar to malware.
Another week, another Mr. Robot episode! Last Wednesday the second episode of Mr. Robot aired (Ones and Zer0s). This episode did not disappoint! It was dark, gloomy, but also included lots of technical things that made us once again question: How can this affect me?
This week I sat down with freelance security and privacy journalist, Seth Rosenblatt, to discuss the episode.
At the beginning of the show, Elliot has a bit of an involuntary meeting with E-Corp now interim CTO, Tyrell Wellick. After this meeting, Elliot goes home and hacks Tyrell. What he notices is that E-Corp mail servers haven’t been patched since “Shellshock” and that Tyrell does not use two-factor authentication nor does he have a complex password. Elliot realizes that this was all too easy and that Tyrell must have wanted Elliot to hack him. He then goes nuts and burns his chips and SIM cards in the microwave, tears apart his hard drive, destroys his mother board.
Stefanie: Lots of interesting stuff happened in this scene! Can someone hack me like Elliot hacked Tyrell? What is the Shellshock vulnerability and can it still affect me as a personal user?
Seth: If Tyrell wanted Elliot to hack him, he made it pretty easy for an experienced hacker like Elliot. I bet many people, who do not put a lot of thought and effort into their online security, can be easily hacked. The fact that E-Corp hadn’t patched their servers since Shellshock seemed a bit odd, but again this was maybe intentional to make it easy for Elliot to hack, in the hopes of blackmailing him later on. In terms of the average user, Shellshock is a vulnerability that affects systems using BASH (a Unix based command processor used by Unix- based systems such as Linux and Mac). Patches for Shellshock have long been issued, so if you update your operating system regularly you have nothing to worry about.
Avast for Business just made life easier and saved money for administrator Dale Kvittem-Barr at Peace Lutheran Church and School.
Schools house a large quantity of sensitive data and Kvittem-Barr knows that security software is a must. But, managing 50 devices is a challenge.
“When I started here, we had Norton and each computer had its own individual license. It was a nightmare. I switched all of the school’s computers to the free Avast consumer product. When I heard there was a free business solution and that it had a centralized management dashboard I knew we had to have it.”
With Avast for Business, Kvittem-Barr no longer has multiple licenses to manage and he can see his entire network anytime, anywhere.
“The cloud-based system makes sense because the entire network can be updated constantly from the dashboard so I don’t have to run around to every computer anymore.”
For his mixed platform networks, Kvittem-Barr says Avast for Business just works for him.
“We have Macs and PCs so to be able to protect them both with the same console is great!”
And the software keeps him continuously informed about threats to the school.
“The notifications have been really helpful because I can see which computers are being hit harder than others and make sure I focus on those.”
Budget is an issue for all schools and Kvittem-Barr said that his school’s savings with Avast for Business were substantial. As for plans to spend the savings he says,
“Yeah, we were actually able to purchase a lot more computers and a device charging cart.”
Find out how your school can save money with Avast for Business.