Monthly Archives: March 2015
Dropbox SDK Bug Leaves Android Users Open To Attack
Facebook Issues Present Possible Threat to Users
A security researcher has identified a pair of security issues in Facebook, one of which can be used to to upload an arbitrary file to the site, and the other of which can allow an attacker to gain control of a victim’s machine under some limited circumstances with user interaction. The more serious of the vulnerabilities, which […]
80 percent of global merchants fail card data security tests
Around 80 percent of global merchants including retailers, financial institutions and hospitality firms have failed interim tests which show they are not in compliance with card data security standards.
The post 80 percent of global merchants fail card data security tests appeared first on We Live Security.
AVG AntiVirus Wins Top Rated Security Product 2014
“Does exactly what it says on the tin” was an advertising slogan that appeared in the UK in the 90s. It resonated well with consumers due to its simplicity. Today, it’s a common term referring to something that is straightforward and does the job.
I am reminded of this phrase when I read the recent independent test results for the AVG AntiVirus products. The results show that AVG products are delivering our promise to protect our users from malware. Lets take a moment to review the recent results…
VB100
Virus Bulletin (VB) tested 39 Anti-malware solutions running on Windows 7 Professional and AVG AntiVirus received the top RAP result with 91.6%. The test measures a products detection rates on the newest samples available as well as an unknown sample to see how quickly and accurately they detect it. Click here to see the full test results.
But it’s not just about An important part of providing the best protection is that the detection engine doesn’t slow down the performance of the machine. VB tested the performance impact slowdown vs detection and there was nothing to worry about here either, as you can see here.
AV-Comparatives
Detecting malware is of course extremely important but its also critical that malware is removed once detected and AV-Comparatives conducts a test that measures the quality of removal and AVG AntiVirus achieved ‘Gold’ status in this test along with ‘Top Rated Security Product 2014’.
In summary the above tests show that the AVG AntiVirus products really do ‘exactly what it says on the tin’ for detection, performance and in the removal of malware.
It should give you the confidence to use the Internet without worry as AVG has you covered.
Follow me on twitter @tonyatavg
CVE-2010-5322 (zeuscart)
Cross-site scripting (XSS) vulnerability in ZeusCart 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to index.php.
CVE-2014-9017 (openkm)
Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 (build 23338) allows remote authenticated users to inject arbitrary web script or HTML via the Subject field in a Task to frontend/index.jsp.
CVE-2015-1026 (manageengine_admanager_plus)
Multiple cross-site scripting (XSS) vulnerabilities in ZOHO ManageEngine ADManager Plus before 6.2 Build 6270 allow remote attackers to inject arbitrary web script or HTML via the (1) technicianSearchText parameter to the Help Desk Technician page or (2) rolesSearchText parameter to the Help Desk Roles.
CVE-2015-1875
SQL injection vulnerability in a2billing/customer/iridium_threed.php in Elastix 2.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the transactionID parameter.
CVE-2015-2182 (zeuscart)
Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject arbitrary web script or HTML via the (1) schltr parameter in a brands action or (2) brand parameter in a viewbrands action to index.php. NOTE: The search parameter vector is already covered by CVE-2010-5322.