Category Archives: AVG

AVG

AVG

AVG works with National Federation of Independent Business to raise awareness of online security

Read the headlines and you would think cyber-crime was all about big brands fighting to keep customer data out of hackers’ hands.

You might even think it is about governments and cyber-espionage.

But behind the headlines, there is a day-to-day story of small business under attack.

So to mark National Cyber Security Awareness Month, we’re working with the National Federation of Independent Business (NFIB) to share free tools and resources and about online threats.

Through October, we’ll help NFIB members and small business owners learn more about some of the practical issues around cybersecurity.

We’ll share information about the common tricks and tactics of hackers, and we’ll explore the issues around Bring Your Own Device (BYOD) and the challenge of keeping a business secure when the lines are blurring between an employee’s personal tech and their professional life.

This week we’re encouraging small business owners and NFIB members to take our AVG Small Business IT Security Health Check.

It’s a simple free tool to help business owners think about how well-prepared they are against cyber threats.

The tool poses 17 multiple choice questions across a range of security topics: from password security to IT infrastructure.

There are also questions about what plans business owners have in place to deal with the fall-out if a security breach happens and customer, employee or suppliers’ personal information is compromised.

In the weeks ahead, we’ll share updated versions of our free ebooks through the NFIB’s regular email newsletter to members:

  • Digital Policy Guide
    What kind of issues emerge from employees and business owners using social media for personal and professional life? This guide looks at how social media can be a positive tool for businesses – and a management challenge if it’s misused. Download the guide.
  • Hackers and Hacking
    What are hackers looking for and what are their common tricks and tactics? Employees’ payroll data? Customer and suppliers’ bank details? This guide covers the threat of hacking, the motives behind it, what is at risk and how to combat these kinds of attacks. Read the ebook.
  • Bring Your Own Device
    Mobile tech from smartphones to tablets means that employees can keep in touch with friends and family on the same device they use to keep track of work emails, appointments and data. So what does that mean for your business? This guide looks at the issues around BYOD.

Sadly, there’s no way to stop hackers from trying to breach the virtual defences of small businesses. Wherever they are in the world, hackers will keep trying to find valuable data and disrupt business operations. And as Steve Chabot (R-OH), Chairman of the Congressional Small Business Committee, explained earlier this year, 71 percent of cyber-attacks are targeted at businesses with fewer than 100 employees.

So we hope our association with the NFIB will spread awareness of the issues and help small business owners feel better prepared to deal with online threats and ready to take steps to make their businesses more secure in future.

AVG

10 Tips to help make your smartphone battery last longer

As PC sales continue their downward trend, and mobile device usage continues to grow, we’re using and relying on our mobile devices more than ever these days – according to a study by comScore in the US, between 2013-2014 mobile usage accounted for 60% of our time spent using digital media.

Trends aside, you know how much you use your mobile device, surely you don’t want it to quit on you when you need it most, right?

That’s why we have 10 easy tips to help make your smartphone (or tablet) battery last longer:

  • Keep your device fully charged and topped up: Older Nickel Metal Hydride (NiMH) batteries needed to be fully drained before being recharged so that they lasted longer, but newer one’s like Lithium-ion don’t require you to do this anymore, in fact if possible, avoid full discharges and charge the battery more often between uses.
  • Turn it off: If it’s not essential for your device to be on, turn it off to save power for later use.
  • Disable live wallpapers: If your smartphone or device is capable of displaying animated wallpapers, disable them. If possible, use a flat dark background as your wallpaper for your login and home screens.
  • Reduce screen brightness and disable auto brightness: The dimmer your screen the better. Also, disable the automatic brightness feature. This will help reduce battery usage considerably.
  • Disable vibrate and reduce volume: Vibrating requires the battery to drive a rotating mechanism which requires a fair amount of energy. Turn it off, and while you’re about it reduce the ringtone volume too.
  • Turn off Auto-sync, Background Data or Background App Refresh:  This feature, known on Android devices as ‘Auto-sync’ or ‘Background Data’ and on iOS devices as ‘Background App Refresh’, allows your devices apps to refresh in the background, use location services, sync data or send you push notifications. Depending on how many apps you have that use this feature, it could use a lot of data and drain your battery. Switch it off.
  • Turn off Bluetooth: When enabled, Bluetooth regularly checks for devices it can connect to. If you are not using it, disable it and you should see a small amount of energy being saved.
  • Turn off GPS:  GPS communication with satellites is done regularly and for extended durations, which requires a lot of power and also prevents a mobile device from going into an energy saving mode. If you’re not using your smartphone’s GPS, disable it for considerable savings in battery consumption.
  • Keep out of the heat: Once your device’s battery is damaged by heat, its capacity can’t be restored. So always store your device in a cool place and never leave it exposed to direct sunlight for long periods of time.
  • Close overly active apps: Close processor hungry apps that are regularly performing background calculations, refreshing or syncing. Take a look at the AVG Android app performance report for Q1 2015 to see which apps are some of the biggest battery drainers.

If you want to go that extra step and save even more power to extend your device’s battery life, we recommend installing a power management app like AVG Cleaner for Android

For more great tips on getting the most out of your devices, visit us at www.now.avg.com and follow us on twitter or Facebook.

 

AVG

Stagefright the sequel – Android devices vulnerable again

Researchers at Zimperium, a specialist cybersecurity company, has announced that it has found another major vulnerability in the Android operating systems that many of us use on our mobile devices.

A blog post published by Zimperium says “Meet Stagefright 2.0, a set of two vulnerabilities that manifest when processing specially crafted MP3 audio or MP4 video files.” Nearly every single device since Android 1.0, released in 2008, is affected according to the blog post. The researchers were able to exploit the flaw in devices running Android 5.0 and later, and conceptually nearly every single device since Android 1.0 (2008) could be affected. According to Zimperium, earlier devices could be impacted through media players and instant messenger that use the Stagefright library.

Media files carry additional information called metadata, which is processed when the file is opened or previewed. This means the video or audio file on the device would not even need to be opened by the user for the attack to occur. Once the device was infected, the most likely method an attacker would use would be via a web browser.

How might this happen in a real environment?

  1. An attacker will try to convince you to visit a link that points to an infected website via either a malicious ad campaign or using spear-phishing techniques.
  2. An attacker on the same network as you could inject the exploit by intercepting your mobile network traffic destined for the browser.
  3. Infection of 3rd party apps that are using the vulnerable software library.

Zimperium has said that they notified Google’s Android Security team in August, and that Google responded quickly to try and fix it. They’ve also said that full technical details of the exploit will not be released publicly until Google has confirmed that the issue has been fixed and is available to users.

Bugs and vulnerabilities in operating systems are not uncommon. This exploit highlights the need for users to ensure that their devices are running the very latest version of their operating system and applications.

Unfortunately, unlike the first time Stagefright appeared, when disabling the automatic retrieval of MMS messages could prevent your device from being infected, this time we need to wait for the update from Google, our phone carrier as well as our handset manufacturers to make it available to us.

In the meantime there are some precautions you can take:

  • Check with your handset provider or carrier for a patch/update.
  • Update all the apps you have on your device.
  • Avoid downloading media files from untrusted sources, and even when trusted, use caution.
  • If you haven’t disabled the ‘Auto retrieve MMS’ feature, switch it off now.

Remember, the most important thing you can do is keep your operating system and apps up to date. For that extra layer of protection, download AVG AntiVirus for Android to help protect your devices against malicious phishing sites.

Follow me on Twitter @TonyatAVG

AVG

The dangers of geotagging via photos & social media

Did you know you could be unwillingly revealing your location via geotagging in photos you upload with social media applications?

AVG’s Michael McKinnon walks you through some things to be aware of when it comes to geotagging.

Did you know:

  1. Photos can contain location information stored in metadata (EXIF data) within the image itself.
  2. Location data can be automatically applied to your GPS enabled smartphone photos.
  3.  The location data usually includes the precise GPS co-ordinates of where the photo was taken, as well as the time and date it was captured.

Here are some ways to protect your privacy when it comes to geotagging on your mobiles device:

  • Disable location services on your mobile devices.
  • Remove EXIF data from images before uploading to social media networks or file sharing sites.
  • Be aware of location options in apps or online services and social media.

For more great tips on getting the most out of your devices, visit us at www.now.avg.com and follow us on twitter or Facebook.

Stay safe out there.

AVG

Addressing Cybersecurity for Small & Medium Businesses

Perspectives on cybersecurity continue to evolve as our level of ‘connectedness’ and awareness of potential threats increases. According to the U.S. Chamber of Commerce, many security experts believe there are two types of businesses, “…those that have been hacked and know it, and those that have been hacked and don’t know it yet.” While this overstates the situation a bit, it does highlight the urgency to address cybersecurity, even for small businesses. As the U.S. Chamber of Commerce suggests, the question isn’t if, it’s when.

Both Europe and the U.S. have designated October as cybersecurity month, highlighting the importance of this issue to business. One of the governmental organizations addressing the issue is the National Institute of Standards and Technology (NIST). NIST is currently in the revision phase of its report, Small Business Information Security: The Fundamentals, by Richard Kissel and Hyunjeong Moon. In partnership with the Small Business Administration and the FBI, NIST is one of the governmental organizations reaching out to the small business community and providing guidance on how to address cybersecurity.

Cybersecurity is not an all-or-nothing effort. NIST recognizes that the appropriate security measures may differ from company to company and that not every company will be able to implement every possible measure quickly. Nonetheless, they have classified a number of cybersecurity practices as ‘absolutely necessary’ and suggest that every small business adopts them to protect their information, systems and networks.

These practices include:

  1. Protecting information/systems/networks from damage by viruses, spyware, and other malicious code
  2. Protecting a company’s Internet connection
  3. Installing and activating software firewalls on all business systems
  4. Patching operating systems and applications
  5. Making backup copies of important business data/information
  6. Training employees in basic security principles

A great starting point for evaluating a businesses security status and potential risk is to use the “AVG Small Business Security Healthcheck” tool that AVG Business provides for free on our website. In just a few minutes a business can generate a cybersecurity profile that can be used internally, or with an IT solution provider that understands the company’s network and business practices, to ensure the right solutions are put in place.

In many cases, security experts will advise, as NIST has, that protecting against viruses and malware and installing firewalls are critical steps. This can be easily accomplished with software solutions including the just updated AVG AntiVirus and AVG Internet Security solutions from AVG Business. With exceptionally easy user interfaces and automated protection features, special knowledge isn’t required to provide protection across an entire business. Making sure that antivirus is in place and firewalls are working are the first and easiest steps a company can take.

Addressing cybersecurity for small and medium businesses has clearly risen to mission-critical status, but that doesn’t mean it has to impact a company’s resources, finances or operations. With a network of more than 10,000 partners, an active channel community, and software solutions that are continuously updated to address changing security needs, AVG Business is certain that every business can establish strong cybersecurity measures and worry less about potential threats. If your company hasn’t yet embarked on a cybersecurity plan, now is a good time to start.

AVG

Weather Forecast for Today? Advert Flood Coming from East

Despite blocking efforts, online advertising is a daily part of our lives. Most of us get used to the large volume of adverts displayed daily, but authors of malicious code are trying to push the limits much further nowadays via advert-injection techniques used in malware threats.

Spreading

In this post, we present a case study of one such malware that we detected via our AVG Identity Protection (IDP) component. Based on our telemetry, this infection is highly active and it is reaching its maximal peak. The most affected countries are the United States and Germany, followed by Saudi Arabia and the United Arab Emirates.

Countries most affected by spreading of this adverts-injection campaign (Jun-Sep 2015).

Behaviour of This Threat

The user infection starts while installing an application proclaimed by its authors as a “Weather Forecast Application”. However, once installed, this application silently downloads and installs other components that are purely malicious – this threat tries to infect all installed browsers and inject additional adverts in browser pages. It also periodically loads sets of adverts in the background without user notification. As a side-effect, it sacrifices security and performance of the infected systems for the purpose of making money via ad providers.

Injecting adverts in visited pages.

Flood of pop-up windows.

Detailed Analysis

Details about this threat are described in the following technical analysis.

You can also download the report now.

Stay Safe

AVG customers are protected against this threat via our multi-level protection in AVG Internet Security. If you’re not protected, you might want to check your systems using the indicators of compromise (IOC) listed in the aforementioned technical analysis.

AVG

Gamers can have a big impact on cybersecurity

Video games are very big business. The industry was calculated at $22.41 billion in the U.S. alone, by the researchers at NPD Group in 2014.

The insatiable appetite for games and resulting economic impact of gamers has been credited with driving major tech industry advancements, from better graphics that require ever-higher processor speed to driving down costs of pricey tech innovations making it more accessible in all markets.

Perhaps now is time for gamers and game developers to play a role in helping to shape cybersecurity.

New research shows concerns about cybersecurity among gamers and that the majority of gamers lack confidence in game developers’ ability to ensure their security. According to a new study by PlayFab, the back-end services provider for games, 83% of gamers believe that game developers should be responsible for securing a player’s personal data – though fewer than 40% said they currently feel confident with the safeguards.

When asked about the security of their game accounts and experiences, more than 80% ranked either personally identifiable or financial related information as the most important thing to protect. The concern is not surprising, considering high profile data security breaches that have taken place across the industry, including the huge hack of the Sony PlayStation Network, when hackers stole identity information for up to 77 million players.

“These survey results underscore both the opportunity for game developers to improve trust by focusing on security measures, and the importance that they do so to safeguard an audience that relies on them,” noted James Gwertzman, co-founder and CEO of PlayFab.

Meanwhile, gamers are also being enlisted to help the cybersecurity industry fight cybercrime – by doing what they do best.

In the UK, gamers are being recruited to fill the cybersecurity skills gap as part of the Cybersecurity Challenge UK, a government and industry-backed program designed to promote cybersecurity as a profession.

As part of the effort, the UK government has launched a new 3D video game platform, a browser-based massively multiplayer online game (MMO), where members of the general public of all ages and abilities are invited to participate and crack codes in cybersecurity games.

Stephanie Daman, the CEO of the Cybersecurity Challenge UK recently told the tech website Motherboard, “…a lot of people who are very good at cybersecurity are also gamers.” She identified a convergence of traits that make gamers good security professionals, “It’s that urge to find out how something works, to pursue a trail, to get to the end, to see what’s there.”

If we can transfer gamers concerns around cybersecurity and apply their skills to protect our data, everyone wins.

Game on.

AVG

AVG achieves top scores from AV-Test and AV-Comparatives

Are there things in life that you can really say you are 100% sure about, I am sure there are a few but not very many.

In the last week here at AVG our virus research teams and engineers have achieved not just one great test result, but two. The AV-TEST results show that AVG achieved 100% detection of real-world malware and 100% detection of widespread malware. Then followed the AV-Comparatives Malware Removal report awarding AVG with the highest award mark of Advanced+.

Whether you are a consumer or business looking to make a decision on what Anti-Virus/Malware product to use, then independent results from internationally recognized testing organizations should help you make the right decision.

For businesses selecting the right product to stay safe is particularly important, in many cases you are not just protecting your company data but also the personal information that you hold about your customers.

The double 100% result from AV-TEST is particularly important as this shows that our products are protecting you without compromise whether the threat is new and only just appeared, as detailed in the real-time test, or whether it’s a known malware variant that is widespread.

I asked Andreas Marx, CEO of AV-TEST what the significance of the 100% result means, he said “Here at AV-TEST we understand that consumers and businesses rely on specialist organizations such as ourselves to test products they rely on for their security and protection. When a vendor scores 100% in both the real-time and widespread sections of our protection test, it provides a data point that allows consumers and businesses to make informed decisions. We congratulate AVG for achieving the 100% result in our August test.”

Detecting malware and stopping it from carrying out its malicious intent is important, but knowing that it has been completely removed from a device is also extremely important. The AV-Comparatives award for Malware Removal shows that we have excelled in this area too.

At an industry conference I asked Andreas Clementi, Founder and CEO of AV-Comparatives about the Malware Removal report and the AVG result, he said “An important factor for users of Anti-Malware products is not only its ability to detect malware but also its ability to remove the threat and all of the components that it installed. At AV-Comparatives we conduct an annual Malware removal test that shows a products efficiency to clean up after an infection, AVG has achieved an Advanced+ rating for 2 years in a row which shows great consistency.”

It’s important to understand that testing anti-malware products is undertaken and a point or period in time, so the results reflect the moment that these tests were carried out.

Of course our teams are motivated to continue with flawless detection results, and with the release of our new versions of our Ant-Virus range of products there are additional security features designed to provide improved detection. You can see more details in my article about our product release.

Indulge me in this moment of unashamed promotion of AVG and allow me to proudly acknowledge the commitment and dedication of the AVG teams that have delivered these awesome results, which they proudly develop to protect you, our customers.

Follow me on Twitter @TonyatAVG

AVG

AVG kicks off National Cyber Security Awareness Month with updated product suite

I am delighted that that we have released our updated Protection and Performance products and suites – consciously timed with the inauguration of National Cyber Security Awareness Month.

Introduced in the US by President Obama, National Cyber Security Awareness Month was conceived to raise awareness and education about cybersecurity, and help citizens protect the nation in the event of a cyber-incident. Throughout October, companies and organizations will be holding conversations, hosting events and taking part in Summits as they look to educate us to “Stop. Think. Connect”.

AVG fully supports this initiative, and is involved in a number of similar, designated days and months throughout the year, such as European Cyber Security Month, which aim to further security education. As we increasingly live our lives online, and the everyday devices in our homes become connected, cybersecurity has rapidly become a personal issue as well as a one of global importance. Most of us now own multiple devices and use apps for everything we do; but our growing dependency on technology, while simple to use, they bring high levels of complexity; and all too often, security and privacy become an afterthought. One of AVG’s goals is to take the complexity of your everyday, online environment and simplify it, making it as easy as possible for you to secure and manage you and your families’ digital lives and keep them protected.

The digital landscape is always evolving, and so too, must the products you use to protect yourself. The latest release of AVG’s protection products and suites are now auto-updated on a continual basis, so users will always have the latest features and capabilities without any required action on their part, removing the need for you to accept or search for an upgrades.

The new release adds significant protection capabilities, including Real-Time Cloud Detection, AI Detection and Improved Malware Detection, are also focused on real-time protection – ensuring customers are always secured against the latest threats.

These product releases continue to underscore our leadership in online security and commitment to protecting devices, data and people, at home and at work – in the August test results from AV-Test, AVG Internet Security scored 100% for both real-time and wide spread malware detection. Make sure to check back here on our blog, AVG Now, throughout the month, to hear more product and service news, and to read some of our top cybersecurity tips.

You can find out more about the latest AVG Performance and Protection products here: http://now.avg.com/avg-new-protection-performance-press-kit/

AVG

AVG’s New Protection and Performance Products Press kit

Press Release

AVG Adds More Protection and Performance Features and Moves to a Continual Update Model

Blog Posts

AVG Performance PRO package is out and includes: New AVG PC TuneUp, AVG Cleaner for Mac & AVG Cleaner for Android

Reviewer’s Guides

AVG Performance – Reviewer’s Guide (PDF)
AVG Protection – Reviewer’s Guide (PDF)

Images

AVG Performance
AVG Performance screenshots (zip)
AVG Performance icons and box shots (zip)

AVG Protection
AVG Protection screenshots (zip)
AVG Protection box shots (zip)

AVG Logo
AVG Logos – standard, horizontal and vertical  (zip)