Category Archives: Avira

Avira

World Password Day: Make Sure Your Password is Secure

If you are like me, you have a love-hate relationship with passwords. You know you need them. You love them, because you they keep your data and internet-self secure. You hate them, because you have to come up with good ones in order to do so and because if they are finally really good, you most likely will forget them at one point.

So what to do?

The easiest solution would be to get a password manager that automatically 1) Generates complex passwords, 2) Encrypts and store them for you.

A run-of-the-mill six-letter password has 310 million possible combinations – and can be cracked by a fast PC in 30 seconds. The kinds of passwords generated by a password manager would take 23 years …

A password manager is out of the question for you? Then make sure you at least consider the following security tips:

  • Use a unique password for each of your accounts. When a website gets hacked one of the first things bad guys do is checking out if your username/email-address/password combination works on other (high-profile) pages.
  • Your password should consist of at least eight characters. It should include upper- and lower-cases, numbers, and special characters.
  • Try and create passwords that can’t be found in a dictionary. Hackers nowadays have programs that cycle through dictionaries to check if they can access your account.
  • Don’t use character strings like 12345, abcde, qweertyui, etc.
  • Use passwords that can’t be associated with you: Your dog’s name, birthday dates of family members or yourself or your favorite sport are a no go.
  • Change your password regularly – especially when it comes to your email and online banking/online payment accounts.
  • Don’t write down your password and do never ever share them.

If you have trouble coming up with a good, strong, and complex enough password, try one of the many password generators out there. Just make sure to remember it afterwards. 😉

What are your password tips?

The post World Password Day: Make Sure Your Password is Secure appeared first on Avira Blog.

From Hacker to Security Force

Well – at least Kevin Mitnick decided to do so. In the early 90s Mitnick became the world’s most wanted hacker. He hacked into and stole corporate secrets of more than 40 major corporations. Some even suspected him of wire-tapping the FBI. No wonder he eventually ended up on the FBI’s most wanted list!

The fact that he managed to elude being captured for years just proves how careful, successful and good he was at what he was doing. It took another computer expert, namely Tsutomu Shimomura, to track him down in the end.

According to news.com.au Mitnickwas charged with wire fraud, interception of wire or electronic communications, possession of unauthorised access devices, unauthorised access to a federal computer and causing damage to a computer. After five years behind bars he was finally released from prison in 2000.

We already know what life currently looks like for Higinio Ochoa, another convicted hacker. Mitnick decided to use his skills for good and founded his own company, Mitnick Security. In addition to that he has written and published several books and is a public speaker.

To find out more about Mitnicks life as a hacker and his current activities, head over to news.com.au to read the whole article.

The post From Hacker to Security Force appeared first on Avira Blog.

PayPal says: This Microchip Will Be Your Password

First off there is Yahoo, who wants you to unlock mobile phones with your ears and knuckles. Then there is research going on which is centered on the “secrets” you and your smartphone share. And now PayPal has its own idea on what the new way to make your password safe and easy should look like.

The idea is actually a rather simple one. Instead of having to remember your password and trying to make sure that it stays really secure so that no one can steal it, PayPal wants you to swallow a pill. It’s not a normal pill though but one which thrives in the acid environments of your stomach. Embedded in it is a tiny microchip with all relevant information – it will allow you to log into your account without ever having to create and/or remember a password again.

According to PayPal the next wave of passwords will be edible, ingestible or injectable.

Johnathan Leblanc, the Global Head of Developer Evangelism at PayPal, believes that the next wave of passwords will be edible, ingestible or injectable and will remove the  – what he calls – “antiquated” ways of confirming your identity. To protect against being hacked all data would be of course encrypted.

Find out more about this and other ideas from PayPal in the report from the Wall Street Journal.

The post PayPal says: This Microchip Will Be Your Password appeared first on Avira Blog.

How we celebrated Star Wars Day

May the 4th be with you!

It might come as no surprise that some of the Avira team members are proud to be part of the beautiful community of Star Wars fans. It thus proved to be an absolute pleasure putting together a plan on how we can celebrate Star Wars Day with our users. Since fighting the bad side of the Internet is kind of what we’re really great at, we wanted to see how many of our users would choose light over darkness in a really fun campaign.

It all started last week with a teaser page that allowed people to do the countdown with us before releasing the official campaign page.

Light vs. Darkness: who won?

We offered users the possibility to choose a side: buy an Avira Internet Security Suite license and get a FREE one for a friend (the light side) or buy the same product and benefit from an extra year of protection for FREE, just for them (the dark side).

Star Wars Day campaign

75% of the Avira users chose the dark side in the Star Wars Day Campaign while only 25% turned to the light side.

What we won? Lovely hours spent in cool brainstorming sessions, some one on one training for our colleagues who couldn’t tell the difference between Star Wars and Star Trek and a bunch of new users who will be protected against all the dark forces of the Internet thanks to the Avira Internet Security Suite.

Over 20.000 people visited our Campaign page and we would also like to thank them for the support shown on social media. We were excited to discover the amazing feedback coming from our friends and followers on all social media networks.

The post How we celebrated Star Wars Day appeared first on Avira Blog.

Was Sally Beauty Hacked Yet Again?

The cosmetic retailer states that it is investigating “reports of unusual activity” on payment cards used at some of their U.S. Sally Beauty retail stores.

“Since learning of these reports, we have been working with law enforcement and our credit card processor and have launched a comprehensive investigation with the help of a leading third-party forensics expert to aggressively gather facts while working to ensure our customers are protected,” the company says in a statement. “Until this investigation is completed, it is difficult to determine with certainty the scope or nature of any potential incident, but we will continue to work vigilantly to address any potential issues that may affect our customers.”

In last year’s beach more than 25,000 records of Sally Beauty customers were affected, including sensitive information like payment card numbers and security codes. The data went on sale on Rescator, a rather popular underground crime store.

Customers who are concerned about the security of their payment cards are advised to call the companies Customer Service Hotline, where the individual concerns will be addressed. Once available further updates will also be released on sallybeautyholdings.com.

For further information read the companies official statement over here or find out more about last year’s hack.

The post Was Sally Beauty Hacked Yet Again? appeared first on Avira Blog.

Ask Me Anything (on Reddit) with Avira

We are sure you guys have a lot of questions as to how an antivirus company works.  That’s why we’re happy to announce that Carlos Valero Llabata, our Manager for the Virus Lab Detection Service, will be doing an Ask Me Anything on Reddit, the extremely popular gathering place/social networking/news website.

The IAmA will take place on the Mai 12th and start at 16:00 CEST. Once the Ask Me Anything on Reddit is live, we will update this post with a link, so that you can’t miss it and start posting your questions.

Wait a second – what is an AMA?

AMA is an acronym and means “Ask Me Anything”. On Reddit it basically offers the opportunity to interview people, but in a new way. “IAmA” is the traditional way of beginning the description of who you are; “AMA” is the traditional way of ending the description. Carlos will begin the process by starting a short introduction post. Then it’s your turn: You can leave questions and vote on other questions according to which ones you would like to see answered. You can ask any question you want. Take a look at some of the old or running AMAs if you are still unsure, it’s a lot of fun.

This doesn’t sound too hard, right? So gather your questions – we’ll see you in a week on /r/IAmA/ !

The post Ask Me Anything (on Reddit) with Avira appeared first on Avira Blog.

White House data breach: what are the risks?

The news of a security incident involving public institutions is always treated with high importance, taking into consideration the volume of sensitive information stored by these entities. The recent White House data breach didn’t involve any classified information but hacking into the West Wing computer network might have been just enough to provide the attackers with important data: correspondence with certain diplomats or details about White House visitors.

Although it’s not been officially confirmed if the authorities are up against professional cyber thieves or foreign spies, personal information of American citizens can now be used by the attackers however this may serve their purposes.

An urgent letter signed by the U.S. Senate Commerce Committee was addressed to President Barack Obama raising several concerns about the White House data breach.

Committee chairman John Thune released a statement last night expressing his concern over the hacking episode.

 ‘Just like any entity that handles personally-identifiable information, the White House has a responsibility to notify Americans if the recent, or any future breach, results in a compromise. If such information has been lost, the White House still has a responsibility to victims even if it believes the hack was perpetrated by foreign spies and not cyber thieves.’ said Committee chairman John Thune.

The letter mentions that the White House computer system contained not only personal data of the White House visitors but also sensitive information such as schedules, policy discussions and emails, including exchanges with diplomats. Do you think this type of information ending up in the hands of the attackers can do more harm than everybody initially thought?

Read more on the topic: http://www.dailymail.co.uk/news/article-3066787/U-S-Senate-panel-raises-privacy-concerns-White-House-hacking-incident.html#ixzz3ZBDTuy8h

 

The post White House data breach: what are the risks? appeared first on Avira Blog.

Software Vulnerability in Boeing’s 787 Dreamliner

“The bug resembles an integer overflow and was discovered in laboratory testing. It is located in an electrical system which generates power, and is triggered when a generator has been running non-stop for just over eight months. After such a period of continuous operation, all four of the plane’s main generator control units will fail at the same time – which could be catastrophic should it occur during a flight”

The software bug was reported by Boeing itself and is currently under investigation by the US aviation authority, a temporary solution being already discovered. In order to avoid becoming a victim of the vulnerability that exists in their software, planes have to be rebooted every 248 days so that the generators don’t reach eight continuous months of operation.

The FAA now requires Boeing to reboot the 787s every 120 days while waiting for an official fix to address the software vulnerability by the end of the year.

The recently discovered bug shows one again how many software vulnerabilities can cause irreparable damage, especially when they might also be exploited by criminals. How safe would you want globally used software to be, when your life depended on it?

Read more about the security vulnerability in Boeing 787: http://www.itnews.com.au/News/403500,critical-software-bug-could-down-boeing-787s-mid-flight.aspx#ixzz3ZANjtbvE

The post Software Vulnerability in Boeing’s 787 Dreamliner appeared first on Avira Blog.

Can your next password be found in your browsing history?

Some companies try to help us out and make the login process into mobile phones and other devices easier – the most recent example being Yahoo with its ideas of using you ear and knuckles to do so. It sounds cool, but will it help you getting rid of the good old password altogether? Probably not.

Researchers believe that a very personalized authentication process could help out though. It would be a bit creepy if your smartphone asked you “Which YouTube-Video did you watch yesterday evening”, but at the same time it would also be pretty secure.  Romit Roy Choudhury, an associate professor at the University of Illinois who researched the topic and wrote a paper on it, says: “Whenever there’s something you and your phone share and no one else knows, that’s a secret, and that can be used as a key.”

There are some drawbacks though:

  • We all have horrible memories. To actually work, the event apparently has to be unique enough to jog our memory, and not much older than a day.
  • Good friends might be able to predict some of the answers (and consequently your password).

Overall the results were not bad. The study showed that the password prompt works well enough – users were able to answer three questions correctly 95% of the time.

For more information head over to the article from MIT Technology Review.

The post Can your next password be found in your browsing history? appeared first on Avira Blog.

Social Networks: How Their Privacy Settings Compare

Particularly Facebook has often been the in the media when it comes to privacy issues and concerns. But do you really know what can and cannot be set in the sometimes rather confusing options? And what about all the other social networks likes Twitter, LinkedIn, and Google+?

ITWorld decided to check out the top social networks and compare their privacy setting – in one handy chart. The list of things they checked out for you is rather extensive and includes the following points:

  • Profile visibility limits upon sign-up
  • Control how people can search for you
  • Control who can connect with you
  • Control whether people can message you
  • Control who can see your connections
  • Prevent users from tagging you in posts
  • Choose who can see your photos
  • Block users
  • Opt out of photo tagging
  • Disable facial recognition
  • Opt out of search engine indexing
  • Review recent logins
  • Set login alerts
  • Enable two-factor authentication
  • Automatically supports a secure connection
  • Control connected applications
  • Limit data sharing with third-party apps
  • Turn off location tracking
  • Delete location information
  • Manage advertising
  • Opt out of all advertising
  • Request an archive of your data
  • Delete your account

Just head over to ITWorld to read the whole article which also includes instructions for finding and updating these options in the different social networks.

The post Social Networks: How Their Privacy Settings Compare appeared first on Avira Blog.