CVE-2016-2199

Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation management page in Enterprise Manager in McAfee Vulnerability Manager (MVM) before 7.5.10 allow remote attackers to hijack the authentication of administrators for requests that have unspecified impact via unknown vectors.

The cat and mouse game of internet security

Virus Lab analysts can see real-time threats on the monitoring wall

Virus Lab analysts can see real-time threats on the monitoring wall

Security is an evolutionary business rather than a revolutionary one.

“Computer security has been around for 25 or 30 years and the threats keep evolving,” Avast CEO Vince Steckler in a video interview with ValueTech.

The solutions keep evolving too. “If you go back 20 years ago, the big issue was script kiddies and big public splashes of viruses that frankly didn’t cause any harm. These days, things are much more complicated. You don’t have big flaws, big loopholes for bad guys to take advantage of. What this turned into is a cat and mouse game.

Avast CEO Vince Steckler

Avast CEO Vince Steckler

Keeping up with the bad guys

To combat today’s cybercrooks, Avast Virus Lab analysts must study what the bad guys have done previously.

“You start trying to predict what the bad guys might be trying to take advantage of in the future and closing off those holes. At the same time, those guys are finding other little ways in and you have to catch up with them,” said Steckler.

Antivirus companies have done an excellent job at protecting the consumer and small business “endpoint” – such a good job that it’s actually very difficult to break into the endpoint itself. This forces cybercrooks to look for other entry points.

Avast experts agree that the likely path cybercrooks take is through the home router.

Home routers give cybercrooks an easy target

Consumer routers tend to be acquired based on price and they have a lot of flaws. Steckler estimates that, “We can break into probably about 70% of home routers in the world.”

The reason home routers are so vulnerable, he says, is that, “They are very poorly protected and the username-password on them is something that’s easy to crack. It’s not that difficult for someone to break in remotely over the Internet via the username and password or in a drive-by, in which case it’s even easier.” Most routers also have unpatched software leaving them with a number of vulnerabilities.

Recently the hacktivist group, Anonymous, launched a DDoS attack using compromised home routers so Steckler thinks that the frequency of those types of attacks will increase.

How to secure the Internet of Things,the Smart Home, and Industry 4.0

“The Internet of Things and 4.0 get a lot of press because they have nice catchy buzz words,” said Steckler. People have connected refrigerators, connected thermostats, door locks, security cameras, and baby cameras, but, “Right now a lot of internet-connected refrigerators don’t do anything. They are just a browsing tablet.”

“But when people start looking at what kind of protection is needed, you have to be thinking about what’s the risk. If my internet-connected refrigerator gets hacked, what happens? If my thermostat gets hacked, what happens?,” asked Steckler.

“The common thing with all of this is that none of these devices in the so-called Internet of Things really have any direct connection to the Internet. They are all connected, once again, through the home router,” said Steckler.

Since the home router is a vulnerable entry point that means that the risk for attack exists. “If you can harden your home router, that really goes a long way towards protecting the Internet of Things.

The risk of BYOD

“The Enterprise is a much different story, when you get into the BYOD (Bring Your Own Device). We all have mobile devices, and for many reasons it’s much more convenient to use one mobile device for both your personal and your business,” said Steckler.  “Some businesses encourage it by providing a device, but the fact of the matter is most everyone is going to be using one mobile device for both.”

That co-existence of personal and business-related data on one device that the employee is responsible for causes a risk to the consumer and the business. To the business it means that their data can be lost if access to the internal systems is compromised. If the employee loses the device, the typical company response will be to remotely wipe everything on it including all their personal stuff – then they suffer a big data loss.

“A solution is really to virtualize the entire corporate usage of it and run all the corporate usage on the corporate servers,” said Steckler. “That’s why we’ve brought out a new solution this year that does exactly that.”

Avast Virtual Mobile Platform (VMP) addresses these security risks, helping IT organizations liberate their businesses from leaks of confidential data and minimize mobile device costs.


Watch the entire interview including Mr. Steckler’s opinion about when Artificial Intelligence will become a threat to humanity and why Avast built a Silicon Valley-style building for its headquarters.

Hacking Smartphones Running on MediaTek Processors

A dangerous backdoor has been discovered in the MediaTek processor that could be exploited to hack Android devices remotely.

MediaTek is a Taiwan-based hardware company that manufacture hardware chips and processor used in the smartphones and tablets.

The backdoor was discovered by security researcher Justin Case, who already informed MediaTek about the security issue via Twitter, as