Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus


July 17th, 2015

Mr. Robot Review: da3m0ns.mp4

This week’s episode was a little confusing for me – and I’m not only referring to the trippy dream Elliot has while going through his drug withdrawals.

Operation Meltdown

It seems I wasn’t the only one who had questions about the hacks in this week’s episode; Forbes published an interview they did with Michael Bazzell, Mr. Robot’s technical consultant and cyber crime expert explaining the hack attack on E Corp that Elliot comes up with at the beginning of the show.

In the article, Michael Bazzell explains how Elliot plans on destroying E Corp’s data storage facility, using Raspberry Pi. Sounds like a very yummy method – too bad there’s an “e” missing at the end of “pi”! Michael explains that Raspberry Pi is a very small computer that can be accessed via the Internet through its built-in cellular chip. Using this, Elliot wants to control the facility’s climate control system to overheat it, thus melting E Corp’s tape-based back up.

While Forbes focused on the more complex hacks that targeted large corporations like E Corp and Allsafe, I was intrigued by the two physical hacks in the show.

@whoisMrRobot

via USA Networks

Beep Beep

The first “IRL” hack is when two members of FSociety hack a minivan – keep in mind that FSociety does everything in their power to not leave a trail, so they need a stolen car to get to E Corp’s data facility center in order to prevent being caught.

The FSociety guys casually sit on a sidewalk and wait for someone to park and lock their car. Using what looked like an old radio to me but is more likely a transmitter, they were able to send a command to unlock the car – politely thanking “mom” for giving them the opportunity to steal her car. Once inside the car, they connect the car to their laptop using a cable and ran the code to get the car started.

I asked my colleague, senior malware analyst Jaromir Horejsi, what he thought of the hack:

All they needed was the cable and specialized control software for cars. This software can access data from sensors in the car and it can control the car’s behavior. With that, they just had to connect everything together and select their desired actions. – Jaromir Horejsi

Read more…

Categories: General Tags: , ,

July 15th, 2015

One in 10 American mobile users is the target of mobile malware

Avast Antivirus detects and neutralizes malware

Threat analysts and malware researchers in the Avast Virus Lab detect and neutralize threats as soon as they appear.

The Avast Threat Report provides an overview of global threat activity.

 

Avast malware researchers and Avast customers work 24/7 to protect each other.

Avast protects 230 million people worldwide in more than 186 different countries — we are present in more countries than McDonalds and protect more people than any other antivirus security provider. We stream 250 micro updates a day that protect our users from attacks. This is made possible by the 230 million devices we protect that simultaneously act as de facto sensors. These sensors provide us with information about suspicious files to help detect and neutralize threats as soon as they appear. Once we identify a suspicious file on a single device, it is reported back to the Avast servers and all Avast users around the world are immediately protected. This is called our Community IQ – it not only lets us better protect our users but also gives us valuable insights into the current security landscape.

Read more…

Comments off

July 14th, 2015

Do third-party app stores pose a threat to mobile security?

Android Malware

Malware detected on Android

Over time, we’ve noticed the presence of some fairly heated user debates disputing the necessity of security or antivirus apps for Android devices. This could have been sparked by our recent post which argues that you can’t always rely on the security of Google Play or because of the myth that antivirus companies create viruses to sell more software.

Certain security gurus claim that if users stick to downloading and purchasing apps using only the Google Play Store, nothing bad will happen to their devices. However, we found that this line of thinking is not 100% correct, as was demonstrated through the discovery of a rogue Dubsmash app or in the infamous case of apps on Google Play posing as games and infecting millions of users with adware. Despite these findings, there are some users who still feel that they’re safe whenever using Google Play. This feeling of false security could have negative consequences; for example, when your data or financial information is stolen or when you have to resort to resetting your device in order to cleanse it of malware.

So, we know we can’t rely on the Google Play Store all the time, but are third-party stores more secure? Of course not. In this case, how is it still possible that it’s not a problem to use third-party stores? First of all, it’s necessary to point out that there are certain legitimate and clean third-party stores, such as Amazon and FDroid. At the same time, there are tons of shady stores and even more black market .apk files promising to deliver you the latest features of a cracked app.

Read more…


July 13th, 2015

Adobe Flash zero-day vulnerabilities threaten your security

Last Friday, Adobe confirmed two new “critical” zero-day flaws in the Adobe Flash Player browser plugin 18.0.0.204 – and earlier versions – for Windows, Mac OS X, and Linux. Today, a third flaw was found. Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messages.

We recommend disabling Flash until the bugs are fixed. 

Three "critical" zero-day flaws in Adobe Flash Player discovered

Three “critical” Flash zero-day flaws in Adobe Flash Player discovered

Security experts say the two flaws were found in stolen files that were dumped earlier this month from Hacking Team, an Italian security firm that sells communication interception and surveillance software to governments around the world. The third one came from the same documents.

“Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system,” Adobe said in their blog. “Depending on the privileges associated with the user account targeted, an attacker could install programs on the system, alter or delete data, create new accounts with similar user rights, or cause a denial-of-service.”

Read more…


July 13th, 2015

Ohio school district teams up with Avast for Business

Avast teamed up with Chillicothe City School District in Ohio to provide free antivirus software to their schools.

The best defense is a good offense.

The best defense is a good offense.

Educational institutions manage sensitive data including names, birthdays, and even social security numbers. That data needs to be secured to ensure sensitive student data remains confidential. Tyler Hisel is an IT technician the Chillicothe City School District in Ohio. Tyler recently started protecting his school with Avast for Business.

“We had AVG before switching to Avast and we really needed to simplify our security solution.”

Servicing an entire school district’s IT needs is a challenge. That’s why Tyler said he needed software with easy-to-use centralized management where he could monitor the district’s devices.

“Avast was cost saving and had lots of features that I was surprised came free,” said Tyler.

Tyler discovered Avast for Business by searching for free antivirus software for business. He explored all of the options and after considering the alternatives decided that Avast for Business was the best antivirus software for the district.

“All we wanted was a simple security solution that worked, and I knew we didn’t have to pay a fortune for it.”

Budget wasn’t the biggest factor in Tyler’s decision but he claimed that it was definitely important. There were other security solutions that fit most of Tyler’s qualifications but he says that Avast for Business’ nonexistent price tag and centralized management made it the clear choice. When asked if he would recommend Avast to others he replied saying, “We’ve told businesses in the area about it already!”

Tyler’s final thoughts on Avast for Business were simply this, “I’ve got to hand it to you, it’s really an impressive product and it being free just makes it better.”


 

Avast for Business is free for schools, small and medium sized businesses and non-profit organizations. Visit our Avast for Business website to learn more and sign up.

Comments off

July 11th, 2015

Does Avast slow down my computer?

When your computer slows to a crawl, it is very frustrating. One of the worst things that people do when trying to restore the performance of their PC is to remove the security software. Getting rid of your protective barrier just opens you up to threats that could make things even worse.

So you know that you need a security product on your computer, but you don’t want any software to impact the speed or performance. That’s why an excellent choice is Avast antivirus products.

Avast got the highest rating for Performance from AV-ComparativesAvast provides high detection rates and good protection against malware, but it does not degrade system performance or annoy users by being resource hungry.

But don’t take my word for it.

AV-Comparatives, a well-known and trusted third party testing lab, recently tested 20 antivirus and internet security products. Avast Free Antivirus topped every single one of them – paid security suites and free antivirus protection – and received an Advanced Plus three star award for the May 2015 Performance Test.

Reasons why your PC may be slow

It is not always security software that is responsible for a slow system. Other factors can play a role, which means that with a few tweaks your systems performance can be improved.

Read more…


July 9th, 2015

Mr. Robot Review: d3bug.mkv

Elliot, Mr. Robot’s anti-hero cyber-security engineer by day and vigilante hacker by night, has been having a life-style crisis. In episode 3, Elliot longs to live what he calls a bug-free life, otherwise known as a regular person.

“Was he drinking Starbucks?”

“Was he drinking Starbucks?”

However, he is quickly pulled back into F Society’s hold when emails exposed during the threatened data dump revealed that E Corp executives had knowledge about the circumstances which led to his father’s death. We will leave the intrigues and plot theories, especially if Mr. Robot is real or a figment of Elliot’s imagination, to the internet. Right now, let’s look at the hacks highlighted in this episode.

At minute 7:40, you see Elliot in the hospital after Mr. Robot had pushed him off the high wall they were sitting on in the previous episode. His psychiatrist, Krista, is in the hospital and explains that the police wanted to do a drug panel, but Elliot refused. Elliot admits he has been taking morphine. Krista says the only way she can approve his release from the hospital would be if he commits to a bi-monthly drug test. Elliot starts thinking about how he will get around this problem by hacking the hospital’s IT. The IT department is lead by one single person, William Highsmith, with a budget of just $7,000 a year. According to Elliot, he uses useless virus scans, dated servers and security software that runs on Windows 98. It’s one of the reasons why Elliot made that particular hospital his primary care facility, since he can easily modify his records to look average and innocent.

Stefanie: Wow, wouldn’t it be an unusual that a hospital would actually use old infrastructure and have little budget for their IT? I also found it a bit odd that they have just one IT guy, I mean healthcare data is REALLY sensitive and definitely one of the last things I would want to have accessed by hackers!

Read more…


July 9th, 2015

Top 10 most annoying browser toolbars

It usually happens after you download something free. You go back online and your browser suddenly looks unfamiliar. There’s new buttons and weird icons in the place of what you used to have. A strange search page from a company you have never heard has taken the place of your homepage.

How did I get that annoying toolbar?

 

Avast Browser Cleanup removes annoying toolbars

You have inadvertently downloaded a browser toolbar that came bundled with other software.

Free programs, like Adobe Reader, often include add-ons like toolbars or browser extensions. Most of the time, during the installation of the software, an opt-out option will be presented for the add-on. But, lots of people click through without reading, and when they’re finished they discover they have downloaded something they didn’t intend to.

To keep this from happening in the first place, slow down and read the screens. You could save yourself lots of time and headaches if you do.

Read more…


July 8th, 2015

AP students go nuts for Avast SecureLine VPN?

This morning, our colleagues who work on our Avast SecureLine VPN product informed us that there was a significant increase in downloads in the U.S. This made us curious, as we didn’t have any specific campaigns running that would explain this dramatic spike in downloads. In the App Store, we jumped tothe 6th spot in the utilities category (and as we were coming from the 200th spot, this says a lot)!

We decided to turn to Twitter to see what was going on and discovered that teenagers were the cause of the trend. This shouldn’t have really surprised us, as teens are trendsetters and experts at dispersing viral content via social media channels.

SecureLine VPN Read more…

Categories: General Tags:

July 8th, 2015

Welcome to the Team, Remotium!

I’m glad to announce that we have acquired Remotium, a leader in virtual enterprise mobility, headquartered in Silicon Valley. Remotium’s award-winning and patent-pending technology, the Remotium Virtual Mobile Platform (VMP), provides enterprises with secure access to business-critical applications from anywhere and from any mobile or desktop device. With this product, corporate mobile users have all their personal data and apps resident on their mobile (iOS or Android) while all their corporate data and apps reside and execute on a server and are only displayed on the mobile. This is the perfect fit for bring-your-own-device (BYOD) environments.

Remotium‘s mobile solutions address the needs of modern enterprises. As more and more companies support BYOD policies, the question of how to implement these policies efficiently and securely is top of mind for everyone. As people bring their own devices to work, the lines between business and private data become blurry. In a study, IBM found that millions of people use dating apps on company smartphones, which could expose themselves and their employers to hacking, spying and theft. Out of the 41 dating apps analyzed by the researchers, 26 had medium or high severity vulnerabilities.

With Remotium’s technology, companies have the visibility and security needed to ensure data integrity and corporate compliance. At the same time, users enjoy increased privacy, as well as apps that look and feel consistent across mobile and desktop platforms. Remotium was named “Most Innovative Company” at RSA® Conference 2013 and won the Best of Show award at Interop Tokyo in June 2015.

With this acquisition we are expanding our mobile offerings into the enterprise space. Although our near-term approach with Remotium is to make the products successful in the enterprise market, we also see a tremendous opportunity to leverage this innovative technology within our traditional consumer and SMB markets.

We are pleased to add the Remotium staff to our team of more than 600 Avast employees – together we will further accelerate Remotium’s growth and expand its capabilities across enterprise mobility platforms.

Comments off