Our team had a wonderful time meeting and networking with the crème de la crème of security industry professionals at this year’s Virus Bulletin Conference in Prague, of which we were a proud platinum sponsor. Throughout the conference, a handful of Avast employees presented talks a variety of today’s most prominent security-centered topics. For those who weren’t able to make it to the conference, we’d like to provide a brief recap of the content that was covered.
Taking a close look at denial of service attacks
In their presentation, “DDoS trojan: a malicious concept that conquered the ELF format“, senior malware analysts Petr Kalnai and Jaromir Horejsi discussed the serious issues relating to distributed denial-of-service (DDoS) attacks.
Abstract: DDoS threats have been out there since the Internet took over half of global communication, posing the real problem of denial of access to online service providers. Recently, a new trend emerged in non-Windows DDoS attacks that was induced by code availability, lack of security, and an abundance of resources. The attack infrastructure has undergone significant structural, functional and complexity changes. Malicious aspects have evolved into complex and relatively sophisticated pieces of code, employing compression, advanced encryption and even rootkit capabilities. Targeted machines run systems supporting the ELF format – anything from desktops and servers to IoT devices like routers or digital video recorders (DVRs) could be at risk.
Some days ago we wrote about scams targeting senior citizens. This group is at risk because generally speaking, they have less computer education than younger people who have grown up in the digital world. I recommended the reading to my mother, thinking she will benefit from it. She thanked me, but said that there were “some things” she did not understand.
In the Avast blog we do our best to write in simple terms. However, we know much more about security and, quite frequently, explains things in technical writing. So, I’ve take some time to write what will be useful for your mother (and mine). What about recommending her to read this?
Computer and mobile security essentials for senior citizens
Managing the security of your Facebook business page is important to maintain a good reputation.
Nowadays we can hardly imagine a successful business functioning without digital marketing. When we say digital marketing Facebook comes to mind immediately. The most popular social platform with more than one billion users all over the world is a massive communication platform not only for the individuals, but also for brands and their consumers.
Freelancers, owners of small local businesses, and large corporations; all of them use Facebook to promote their products and talk with their customers. In this blog post we will show you how to keep your Facebook page safe from the bad guys.
Manage the managers
Even if you are a small business, managing all your social media efforts by yourself can be difficult. Don’t try to control everything, it’s impossible and you will end up with micromanagement overload with unnecessary work. Instead, control the roles of your co-workers and educate them!
Networks are relentlessly attacked by online threats. Organizations need quality security products to keep their network secure.
When Jothan Virgil, an IT Administrator at Alabama State University located in Montgomery, Alabama, got an email announcing the new, free Avast for Business product, he did his research and signed up.
Virgil knows that a good antivirus product is the most important part of protecting a network and was using Avast Endpoint Protection before switching. ”The new cloudbased solution is easier to manage.” Avast for Business lets Virgil see his entire network anywhere, anytime making his job easier.
Alabama State has a very large network managed by multiple IT professionals, with over 1,000 faculty and staff members and more than 5,600 students. Avast for Business now protects all of them from one console.
“Avast for Business is so easy to deploy and monitor, it’s made the administration of our network much smoother.” System notifications tell Virgil exactly which machines are being hit with viruses or malware.
And it’s not just easy. It’s also free. Avast for Business created a savings that Virgil can use somewhere else. He’s certain the savings will go to good use in their growing IT environment.
Avast for Business can save your non-profit, company, or school money and time. Sign up on the Avast website.
That online shopping increases day by day is not news. If you are an average user, you are probably already aware of the normal precautions and have taken them yourself. Ease of use and convenience when browsing for different products or searching for the best prices has improved greatly. However, at the same time, online threats and frauds have also increased exponentially. Therefore, from time to time, all of us must review our behavior and think again if our habits are secure.
Best practices while online shopping
1. Use your own computer or mobile device when shopping. It seems obvious, but you cannot trust a computer that does not belong to you, even your best friend’s computer. It might not have appropriate protection and it could already be compromised by malware. So, always use your own device, install an anti-malware solution and before you start doing anything that involves your money, scan your network to discover if it is safe.
With the release of their newest operating system just days away, now is not the most convenient time for Microsoft to be facing and dealing with security bugs. However, two thirds of all 1.5 billion PCs operated by Windows across the globe were recently left vulnerable due to a security flaw found in nearly every version of Windows, including Windows 10 Insider Preview.
The flaw (MS15-078) lies within the Windows Adobe Type Manager Library and can be exploited by cybercriminals to hijack PCs and/or infect them with malware. Users can be attacked when they visit untrusted websites that contain malicious embedded OpenType fonts. Microsoft explains more about the threat in a security bulletin advisory:
An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit this vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage that contains embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts.
The flaw has been classified as critical, which is Microsoft’s highest measured level of threat. Anyone running Windows Vista, Windows 7, Windows 8 and 8.1, Server 2008, Server 2012 and Windows RT are affected by the flaw. Microsoft’s online Security TechCenter includes a full list of affected software and additional vulnerability information.
The Avast Threat Report provides an overview of global threat activity.
Avast malware researchers and Avast customers work 24/7 to protect each other.
Avast protects 230 million people worldwide in more than 186 different countries — we are present in more countries than McDonalds and protect more people than any other antivirus security provider. We stream 250 micro updates a day that protect our users from attacks. This is made possible by the 230 million devices we protect that simultaneously act as de facto sensors. These sensors provide us with information about suspicious files to help detect and neutralize threats as soon as they appear. Once we identify a suspicious file on a single device, it is reported back to the Avast servers and all Avast users around the world are immediately protected. This is called our Community IQ – it not only lets us better protect our users but also gives us valuable insights into the current security landscape.
Over time, we’ve noticed the presence of some fairly heated user debates disputing the necessity of security or antivirus apps for Android devices. This could have been sparked by our recent post which argues that you can’t always rely on the security of Google Play or because of the myth that antivirus companies create viruses to sell more software.
Certain security gurus claim that if users stick to downloading and purchasing apps using only the Google Play Store, nothing bad will happen to their devices. However, we found that this line of thinking is not 100% correct, as was demonstrated through the discovery of a rogue Dubsmash app or in the infamous case of apps on Google Play posing as games and infecting millions of users with adware. Despite these findings, there are some users who still feel that they’re safe whenever using Google Play. This feeling of false security could have negative consequences; for example, when your data or financial information is stolen or when you have to resort to resetting your device in order to cleanse it of malware.
So, we know we can’t rely on the Google Play Store all the time, but are third-party stores more secure? Of course not. In this case, how is it still possible that it’s not a problem to use third-party stores? First of all, it’s necessary to point out that there are certain legitimate and clean third-party stores, such as Amazon and FDroid. At the same time, there are tons of shady stores and even more black market .apk files promising to deliver you the latest features of a cracked app.
VPN service Hola, which has millions of users, recently came under fire for not being as up front with their users as they should have been. In the past weeks it has been revealed that Hola does the following:
- allows Hola users to use each others’ bandwidth
- sells their users’ bandwidth to their sister company Luminati (which recently helped facilitate a botnet attack)
- and, according to Vectra research, Hola can install and run code and additional software on their users’ devices without their users’ knowledge.
If you are an Hola user or if you know someone who uses Hola, please make sure you/they are aware of this.
We rely on our apps. Everyday we use our favorite ones to check news, the weather for our next trip, and communicate with our loved ones. Some apps, especially the system ones, are continuously in use, even if they are not the foremost app on your screen. The keyboard is one of them.
Recently, a dangerous vulnerability was discovered in the most popular keyboard, SwiftKey. If you have a Samsung S6, S5, and even a S4 running the stock operating system, you’re at risk. The app always checks for language updates, but this process is not performed in a secure way. If you’re connected with an open or public Wi-Fi, your phone is at risk of a very common and dangerous Man-in-the-middle attack. Your connection will be compromised and all the Internet traffic could be eavesdropped upon. That includes the passwords you’re typing in the very same keyboard, your financial information, everything.
To insure your security, you need to use a VPN when on Wi-Fi, since that’s when most updates are scheduled to occur. You probably already know what a VPN is and how it works. If not, you can find a lot of information in our blog. Our product, Avast SecureLine VPN, creates an encrypted tunnel for the inbound and outbound data of your Internet connection, blocking any possibility of a Man-in-the-middle attack.
But the story does not end here. If you use SwiftKey on an unsecured Wi-Fi, the attacker could also download malware into your phone or tablet. That’s a job for Avast Mobile Security & Antivirus (AMS). Some users think that we don’t need a security product for our phones. They also think that security companies exaggerate the need for a security app just to sell their products. AMS not only scans the installation process of apps but also checks the Internet sites you’re visiting and malicious behavior of any file in your device. You can install Avast Mobile Security & Antivirus on your Android device for free from the Google Play store.
NOTE: At the writing of this post, a patch for the vulnerability was provided to mobile network operators by Samsung. SwiftKey wrote on their blog, “This vulnerability is unrelated to and does not affect our SwiftKey consumer apps on Google Play and the Apple App Store.”