Category Archives: AVG

AVG

AVG

Etsy: A Big Community for Small Businesses

It was the SF Etsy Summer Emporium, held in the huge hangar that is Pier 35 in San Francisco.

Most of you know Etsy, (www.etsy.com) but for those who don’t, it’s a virtual community that I would describe as a hip eBay, and great for small businesses. You can find anything online there, from vintage clothing to locally made honey to all kinds of arts and crafts.

The event in San Francisco had more than 80 vendors, and the quality of the crafts, art, and clothing was at a very high level.

There were all sorts of items there, many of them quirky, such as jewellery made from books or Vegan luggage accessories. But, the items were all very well made and curated with care.

But let’s talk about Etsy’s online presence: It’s worldwide and its small businesses add up to big business. Etsy’s latest report shows that it has 1.4 sellers in its global community generating a whopping $1.93 billion in sales in 2014.

If you are a small business owner, Etsy is a great place to promote your brand. This is especially true if you don’t have a particularly robust Website of your own. Etsy does that for you. Think of it as a “pop-up shop” for your business.

Who are the typical Etsy sellers? According to a survey by the company,  (as of 2013) 97% run their businesses from their homes, and most – 83% – manage their shops without help.  Fifty-six percent relied on their own savings for start-up capital and 35% reported they didn’t need any investment to launch their businesses.

Despite their growth aspirations, the strong majority of respondents – 61% – want their shops to remain “a size I can manage myself.” For most sellers, growth isn’t just about making money, but is balanced with business independence, flexibility and personal well-being.  See the survey here.

If you’re launching a business, Etsy’s Seller Handbook advises you on everything from how to pest photograph your product, to shipping tips, to branding and marketing.

And Etsy really does build a community online. It has business owners recommending other products, and a community thread of advice and support. If you are starting a business (and as I’ve said, here’s to second acts!), it’s a great resource…but also if you have a on-going business and want more exposure.

Online/offline combinations are hard to pull off.  But let’s talk about the offline Etsy too. I was struck by how much interaction there was at the event, not only between vendors and customers, but vendors talking to other vendors themselves. Although Pier 35 was chilly, there was a genuine warmth and camaraderie there.

In this regard, Etsy introduced Etsy Local. This free feature helps shoppers connect with Etsy sellers who are participating in local events. Etsy Local also provides buyers with a list of sellers who’ve confirmed their attendance, as well as links to those sellers’ Etsy shops.

It was inspiring to see so many small businesses getting a large crowd of interested customers. It really struck me that Etsy has a model that many online businesses and communities should study.

 

Title image source: Etsy – https://www.etsy.com/au/press/

AVG

AVG offers free updates ahead of Windows 10 release

While users will benefit from many of the great new features in Windows 10, it’s equally important that they continue to protect their device and their data.

Which is why AVG will begin rolling out free product updates for our PC security products to ensure that our users are Windows 10 ready.

The rollout of AVG updates will happen automatically in the next few weeks, so there is no need for you to take action.

Once you’ve updated, you’ll be greeted by the latest AVG dashboard. Take a moment to familiarize yourself with the features to make sure you’re fully protected.

If, for whatever reason, you find that you’re still running an old version, you can manually update to the latest version by downloading and running the installer that applies to your AVG product..

  • If you’re on AVG Internet Security, AVG AntiVirus, or AVG AntiVirus Free, run this installer.
  • If you’ve got an AVG security product as part of our Protection or Ultimate bundle, run this installer.

These installers will replace your older version of AVG with an up to date one. No need to re-enter your license keys.

AVG

AVG begins bug bounty program

For AVG, helping to keep our 200 million users safe online isn’t just a question of reacting to threats as and when they appear. Instead, our security is built on a foundation of deliberate, pre-emptive action in order to keep their data and identity safe.

One way to be proactive is through a bug bounty program, which offers rewards to researchers that legally find and responsibly disclose vulnerabilities. By safely identifying and fixing vulnerabilities before attackers discover them, bug bounty programs help make software and websites more secure.

This extra security is one of the reasons I’m pleased to share that AVG has started a bug bounty program on Bugcrowd. Bugcrowd gives AVG the opportunity to have a well-established and respected community review its PC security products. This proactive approach to the security of our software will give our more than 200 million active users even more peace of mind and protection.

By starting a bug bounty program, AVG joins other companies like Google, Microsoft, Facebook and Apple taking that extra step to secure its users.

Microsoft Bug Bounty

How can you get involved?

The AVG bug bounty at Bugcrowd is currently focused on two of our PC based security products, AVG AntiVirus FREE 2015 and AVG Internet Security 2015.

If you think you’ve got what it takes to become a bug bounty hunter, you can see all the technical details here on AVG’s bug bounty page at Bugcrowd.

AVG

Are you using a password that’s a decade old?

In the study by Telesign, web users had on average six passwords protecting 24 online accounts, another cause for concern. Using old or weak passwords across multiple sites can leave people vulnerable to attack.

Using the same password on multiple sites is one of the biggest mistakes that people can make in terms of Internet security. If a password for one account gets compromised then it can start a chain reaction that leaves other online accounts vulnerable to attack. With high profile data breaches regularly in the news, this is not as farfetched as it may sound.

Good password practice

There are three basic steps that we can all follow to help keep our online accounts safe:

Use a strong password

Creating a strong and memorable password doesn’t have to be difficult, we’ve outlined three easy steps in our password guide.

In the meantime, here are four common password mistakes to avoid.

Video

Password Mistakes to Avoid

 

Use a different password for each account

Here to explain why it’s always a good idea to use site-specific passwords, here is AVG Security Awareness Director Michael McKinnon:

Video

Use A Different Password for Each Site

 

Use Two-Factor authentication

Lastly, I suggest using two-factor authentication whenever it’s available. Two-factor authentication means that your password alone isn’t enough to access an account. Instead you’ll need a code sent to your phone or generated by an app to validate your identity.

Watch the video below to learn more:

Video

What is Two-Factor Authentication

AVG

Garage door hacked in under 10 seconds using only a child’s toy?

A famous football coach once said, “If you’re not getting better, you’re getting worse” and ironically this statement applies to your own security as well.  If you’re not keeping up-to-date with the latest security, then it’s probably getting worse because the threats just keep getting better.

This simple fact has been proven again by a researcher who demonstrates how he can hack most garage doors using nothing more than a modified electronic toy. Researcher Samy Kamkar has published his findings and a video explaining how he was able to hack a number of fixed-code garage door openers in under 10 seconds.

 

Not only is this a case of how old technology can be outdated by modern devices, but in this example the cause is a child’s toy that even today has already been discontinued by its manufacturer and is considered a throwaway item by some.  Recycling hackers unite.

There’s no doubt that hardware-hacking gadgets are starting to become more popular such as mobile phone jammers and issues with keyless entry systems on cars.

Luckily, for those of us fortunate enough to have a garage door, Samy has chosen not to reveal the inner-workings of his research, so that criminals can’t benefit.  But, let’s face it, the cat is out of the bag on this one, and the clock is now ticking.

Samy has also recorded a video explaining how to can protect yourself from attacks like these.

Video

Protecting against OpenSesame

 

Most of the tips involve learning about the technology in everyday objects such as garage doors. Once you know how the tech works, you can understand how it can be vulnerable to various attack types.

Until next time, stay safe out there.

 

AVG

Impact of Healthcare Data Breaches Goes Beyond Financial

This past week, CareFirst, a U.S. based BlueCross and BlueShield insurer with coverage in Mid-Atlantic States, revealed that 1.1 million user accounts were compromised. CareFirst is the third U.S. health insurance company to publicly acknowledge a data breach recently, following Premera Blue Cross and Anthem.  It seems relatively small potatoes compared to the Premera (11 million people) and Anthem, which acknowledged that hackers broke into a database containing personal information for about 80 million of its customers and employees. But if you’re one of the 1.1 million, it isn’t small potatoes.

It can also hit very close to home. I just discovered friends of mine were among those caught up in the Anthem hack, which also led to them being part of the income tax fraud scheme that I and my fellow blogger, Tony Anscombe, have written about previously. My friends were tipped off when a new credit card arrived that they hadn’t ordered. Shortly after, they tried to file their income taxes and found they’d already been filed –and a substantial over-payment (not based on their calculations) had already been claimed by the perpetrator.

CareFirst said that the attackers gained limited, unauthorized access to a single CareFirst database. CareFirst said the attackers didn’t get access to Social Security numbers, employment info, financial data, medical data or consumer passwords –because those are encrypted and stored in a separate system.

However, attackers could have potentially acquired members’ names, birth dates, email addresses and subscriber identification number. (You can also see the full statement from CareFirst on its website.)

The attack occurred in June 2014, two months after the insurer detected an attack that the organization thought it had contained… But the hackers had left behind hidden back doors that let them re-enter later, undetected, according to reports, by the Baltimore Sun and others.

According to CareFirst, it has run comprehensive internal security tests, and hired an outside security company for further assessment, as well. It is offering two years of free credit monitoring and identity theft protection services for those members affected. Finally, it is letting those customers know who might be compromised. (Anthem did this also, though my friend was not among those notified…)

IT security has to be a priority for all businesses, but particularly for healthcare, where the stakes are so high.  The healthcare industry needs to conduct extensive ongoing internal IT evaluations and adopt stricter policies – especially around what data they need to keep and for how long.

According to a new research by Ponemon Institute sponsored by IBM, “2015 Cost of Data Breaches Study”, data breaches in healthcare are the most expensive to remediate and only going up. The study covered 350 companies in 11 countries across 16 industries.

Consider the case of the UK-based Cottage Healthcare Systems. Hackers swiped 32,500 patient records and its customers sued Cottage for $4.1 million. Its insurance company, Columbia Casualty Company, settled the claims. But now Columbia has come back to Cottage to recoup the settlement, because it claims Cottage did not provide adequate and secure IT systems, so it wants its money back.

As consumers, we have to do more too. We need to monitor the activities on all of our accounts, financial and via our health care providers and insurance companies– and note anything that’s irregular or suspicious.

You can find some helpful information on the Federal Trade Commission (FTC) website to identify signs of medical identity theft, including these:

  • A bill for medical services you didn’t receive
  • A call from a debt collector about a medical debt you don’t owe
  • A notice from your insurer saying you reached your benefit limit or denial of insurance for a condition you don’t have.

The FTC encourages visiting IdentityTheft.gov to report incidents and get information on how to recover from identity theft.

AVG

US blames China for massive data breach

The OPM is responsible for human resources for the federal government which means they are the collectors and holders of personal data on all federal employees.

Law enforcement sources close to the breach stated that a “foreign entity or government”  possibly Chinese was believed to be behind the attack, according to an article published in The Guardian.

It should be noted that the Chinese government stated that it was ‘not responsible’ and this conclusion was ‘counterproductive’.

The OPM carries out background checks on employees and holds data dating back to 1985. A successful attacker could gain access to records of past and present employees, with data that could even refer to retired employees and what they are doing now.

Regardless of whether you believe the continual finger pointing by one government at another, there are real people that are effected and protecting them and their identity should be the priority.

Alarmingly, an official said to Reuters that “Access to data from OPM’s computers, such as birth dates, Social Security numbers and bank information, could help hackers test potential passwords to other sites, including those with information about weapons systems”.

 

How to stay safe

While those of us who do not work for the government won’t have been affected by this breach, what can we do to protect ourselves identity theft?

  • Ensure your online accounts are not using the email address and a password that could be guessed from personal information, if you are then change the password.
  • Keep a close watch on your credit reports. This will help you identify if someone is using your identity to take a line of credit in your name. Most credit scoring agencies allow you to run a report for free at least once.
  • Spammers may send emails that look like they are coming from valid sources. Make sure to carefully scrutinize these emails – don’t click on links that look suspicious – and if in doubt contact the sending organization directly to ensure it’s an official communication.
  • Avoid using the same email address or identity across multiple online accounts. For example, have a primarily email address used for recovery of forgotten passwords and account information. Have a secondary email address for offline and online retail transactions. Have a third for financial accounts and sensitive information.
  • Avoid Cold Calls: If you don’t know the person calling then do not hand over payment or personal details. If in doubt, hang up and call the organization directly to establish you are talking to legitimate operators.
  • Set privacy Settings: Lock down access to your personal data on social media sites, these are commonly used by cybercriminals to socially engineer passwords. Try AVG PrivacyFix, it’s a great tool that will assist you with this.
  • Destroy documents: Make sure you shred documents before disposing of them as they can contain a lot of personal information.
  • Check statements and correspondence: Receipts for transactions that you don’t recognize could show up in your mail.
  • Use strong passwords and two factor authentication: See my previous blog post on this, complex passwords can be remembered simply!
  • Check that sites are secure: When you are sending personal data online, check that the site is secure – there should be a padlock in the address or status bar or the address should have a ‘https’ at the start. The ‘s’ stands for secure.
  • Updated security software: Always have updated antivirus software as it will block access to many phishing sites that will ask you for your personal data.

 

Also consider enlisting an identity monitoring service, commercial companies that have been breached often offer this reactively to the victims. Understanding where or if your identity is being abused in real time will give you the ability to manage issues as they happen.

AVG

AVG Signs Mobile Security Partnership with ZTE

AMSTERDAM – June 9, 2015 – AVG® Technologies N.V. (NYSE: AVG), the online security company™ for more than 200 million monthly active users, announced today a new global partnership with leading telecommunications equipment, networks and mobile devices company, ZTE, to become a provider of mobile security across its range of devices. From May 2015, ZTE smartphones and tablets come pre-installed with AVG’s flagship AVG AntiVirus PRO for Android™ app, giving ZTE customers the peace of mind that they have protection on their mobile devices.

“For many of us, our smartphones have become the primary device that we spend most time with, but ensuring mobile security can sometimes be an afterthought,” said Ms. Wang Xuemei, Business Manager at ZTE. “Our customers will be able to rely on our partnership with AVG to help take the worry out of connecting to their favorite websites, apps and using online services through their ZTE smartphones and tablets. We are committed to mobile security and strive to provide the best mobile experience possible to all of our users.”

Under the terms of the partnership, ZTE customers will receive a free, 60-day trial of the AVG AntiVirus PRO for Android™ app. After the trial, they can either choose to keep the enhanced features by purchasing the annual subscription or retain AVG AntiVirus FREE for Android™, which still ensures their smartphone or tablet will have core protection.

“There’s huge momentum in the adoption of mobile services in key emerging markets. The flipside of this growth is that it attracts attention – for example, we recently identified a new vulnerability in a popular app that could easily be exploited by hackers to become malicious,” said David Ferguson, Senior Vice President, Revenue & Business Operations, AVG Technologies. “As we focus on helping to secure people, devices, and data across the globe, this partnership will ensure that new and existing mobile users have peace of mind by being protected from the outset, whether simply enjoying their favorite games or using useful online tools for banking or shopping.”

AVG

What’s new in AVG AntiVirus for Android

At AVG we’re determined to keep listening to your feedback and improve our products. This week, we’re releasing an update to AVG AntiVirus for Android which we believe will give users a fresh new experience.

 

Anti-Theft Password Recovery

One of the most popular features in the existing version of AVG AntiVirus for Android is the Anti-Theft Password. Our users love the extra security that AVG provides by adding an extra security should their device be lost or stolen.

Password Recovery

In the latest version, we’ve introduced a password recovery option to help users that may have forgotten their Anti-Theft password. This will help them secure their device with a minimum of stress.

 

Improved scanning experience

The main priority for any security app is to keep you safe and inform you of any threats on your device. That’s why we’ve revamped our scanning experience so that you can understand at a glance what we have found on your device.

What’s more, with our on the fly results, you don’t have to wait until the end of a scan to see any issues.

On The Fly Scanning Results

 

 

Additional changes

As well as these changes, we’ve included some additional bug fixes for improved performance and user experience.

 

AVG

Three reasons to be excited about: Windows 10

Cortana

Voice recognition has been a major area of development across the industry in the last few years and Microsoft look to continue that momentum with further integration of its voice activated assistant Cortana.

In Windows 10, Cortana will be your go to assistant for finding files and information both on your device and online. The smart technology also allows you to use real language to find what you are looking for or complete tasks.

In this demo video, Cortana is asked to “call Mikey” and understands that it needs to open Skype, search Mikey in the contacts list and place the call. Pretty neat.

Video

Cortana in Windows 10

 

It’s not hard to imagine how this implementation of Cortana edges us closer to an interactive, responsive and voice activated operating system that intelligently understands our needs.

 

Project Spartan browser

For those of us not quite ready to make the leap to a voice activated web experience, there is still plenty to be excited about, not least the Project Spartan Browser.

Project Spartan is a brand new browser been built from the ground up with speed and performance in mind. Optimized for the rich media environment of the modern web,  the new browser could very well be a must have for surf addicts.

Check out this video from The Verge.

Video

Project Spartan

 

Universal Windows Apps

One of the most exciting pieces of news is that Microsoft have unveiled ‘Windows Universal apps’. The idea being that any app purchased through the store will work across every Windows 10 device, from phone, to tablet and PC.

Windows 10

This is not only incredibly convenient for users, it also helps greatly from a security point of view. The centralized app stores operated by Google and Apple for their mobile devices have made a huge difference to the amount of pirated and malicious software available.

The traditional, PC, software market was essentially a free for all with no authority acting as quality control. The shift towards one central app store, will help Microsoft to curb the malware so often distributed online.