Tag Archives: featured1

Avast

Latest versions of Avast compatible with Windows 10

Image via TechRadar

The future of Windows is just around the corner. (Image via TechRadar)

Earlier this week, Microsoft confirmed that the Windows 10 official launch date will be on July 29 and will be available as a free upgrade to Windows 7 and Windows 8.1 users (for one year). This latest OS will be available to pre-order in the upcoming weeks when it launches in 190 different markets across the globe. In anticipation of Microsoft’s exciting new OS, this Techradar article takes a brief look at the operating system’s past:

With Windows 8 and today Windows 8.1, Microsoft tried – not entirely successfully – to deliver an operating system (OS) that could handle the needs of not only number-crunching workstations and high-end gaming rigs, but touch-controlled systems from all-in-one PCs for the family and thin-and-light notebooks down to slender tablets.

Now, Windows 10 has emerged as an operating system optimized for PCs, tablets and phones in unique ways – a truly innovative move from Microsoft’s side. Its big reveal is now quickly approaching, and tech enthusiasts everywhere are curious to see how this OS will measure up.

Will Avast be compatible with Windows 10?

In short, ensuring that Avast is compatible with Windows 10 is quite simple. Avast version V2015 R2 and newer are already compatible with Windows 10. Users who currently have V2015 R2 or newer installed and plan to update from Windows 7 or 8 to Windows 10 will automatically have Avast transferred to Windows 10 at the same time.

For users currently using older versions of Avast, we highly suggest updating your Avast product prior to updating to Windows 10 to ensure an easy, hassle-free transition.

Panda Security

How ‘open source’ has made Linux a secure operating system for companies

penguin linux

Perhaps is not the most common operating system on the users’ computers, but for companies there is no other like it. To be exact, there isn’t a safest one. Linux, corporations around the world rely on this operating system to run their servers.

According to the latest study by the Linux Foundation on the operating system most used in the corporate world, 75% of the companies rely on the software created by Linus Torvalds for their servers. The reason? Safety. Almost 80% of the companies that use Linux, think that it is the most reliable operating system.

If we look pass the numbers, it is very significant that places like NASA, CERN or even Google have chosen Linux as their operating system. ‘Open source’ to power, a security token in your company.

Death to vulnerabilities on Linux

It all started in 2007, when an employee of Linus Torvalds set out to eliminate the operating system’s vulnerabilities and errors. His name is Andrew Morton and in an interview he admitted that “I would like to see people spend more time fixing bugs and less time on new features”.

This way, Morton’s obsession for the last eight years has been no other than solving Linux errors. During all this time, the operating system’s code has grown several million code lines, within which there were thousands of patches and, of course, new features.

Linux

This obsession, together with the work of a large group of developers who have collaborated with the project which Torvalds started in the early 90s, has made Linux an operating system safer that most, both commercial and open source.

The quality standard for safety in a commercial operating system is usually a defect for every thousand code lines. Linux beat this with 0.55 errors per thousand lines in July last year.

One of the keys, ‘Open source’

Precisely its openness is what lies behind the security in Linux’s code. With more than four thousand developers contributing to the latest project version, there is an army of eyes looking through the ins and outs of the operating system, searching for bugs and potential vulnerabilities.

That’s what Linux can teach the rest of the operating systems. The community behind it constantly maintains its source code. Its members can detect vulnerabilities in the code lines and eliminate them. This is something unthinkable in operating systems like Windows, when any vulnerability found in the company’s software has to wait for a patch from Microsoft.

windows

That’s way many companies breathe at ease with Linux in their computers and servers. Nevertheless, having an army of machines operating with the system created by Torvalds is not synonymous with absolute relief.

In fact, that is another key of Linux’s success when talking about security, corporations that use ‘open source’ operating system have an eye on Linux’s code and raise the alarm as soon as a vulnerably is detected, so the developer’s community can fix it right away.

Your company’s security will increase when using Linux, yes, but its use entails a slight responsibility. We must not forget that there is nothing completely safe and that any vulnerability can jeopardize the company’s entire information.

Having computers running with Linux doesn’t mean we should forget about safety, actually it means that we should be on the lookout for possible system failures.

So, if in your company you have servers or work stations running with Linux operating system, you can protect them with our antivirus for Linux, Endpoint or Endpoint Plus.

The post How ‘open source’ has made Linux a secure operating system for companies appeared first on MediaCenter Panda Security.

Avast

Do antivirus companies create viruses to sell more software?

Question of the week: Why does Avast and other antivirus companies try to scare us with all this news about viruses and bad apps? It makes me think you are connected to the threats.

Avast protects against hackers

Antivirus companies do not create the viruses- there are enough hackers doing it already!

Avast and other reputable antivirus companies are not connected to the creation of threats – there are plenty of them without our developers making something up! But thanks for your question. We would like to help you and our other customers understand the nature of cybersecurity in today’s world and assure you that we have the tools to protect your online environment.

Enough to keep us busy

The Avast Virus Lab receives over 300,000 samples of new potential viruses every day and has documented increases in mobile malware infections, vulnerabilities in widely used software and devices, and a surge in spying via free Wi-Fi hotspots. We don’t mean to scare you, but with the knowledge that more than 60 percent of companies have been the victim of an attempted cyber attack, and that Avast prevented more than 2 billion virus attacks last month, we have lots to talk about.

An example of a new type of attack was the recent discovery of a mobile app called Dubsmatch 2 which had “porn-clicker” malware hidden within it. The app was installed 100,000-500,000 times from the Google Play Store, usually a trusted source, before we notified Google and the app was removed.

“We suspect the app developer used the porn clicker method for financial gain,” wrote virus analyst Jan Piskacek. “The app developer probably received pay-per-click earnings from advertisers who thought he was displaying their ads on websites for people to actually see.

When financial gain is the motivator, cybercrooks get creative. But financial gain is not the only motivator. Hackers at Black Hat USA 2014 told surveyors that they were driven by the fun and thrill of it. (51% said so.) State-sponsored attacks are also increasingly being revealed. China, Russia, Iran, and North Korea are emerging as major players in hacking for political, nationalistic, and competitive gain.

Many people, even if they are aware of the threats, have not taken any action to protect themselves or their assets.

People overall are more aware of online security and privacy concerns after the revelations of the NSA’s surveillance activities, but despite that, most American adults have not made significant changes to their digital behavior, and 54% say that it would be “somewhat” or “very” difficult to find the tools and strategies that would enhance their privacy online and when using cellphones, according to a Pew Research Center report.

I have nothing to hide and I do not have the time or expertise are the most common reasons given for not taking action.

Avast is not your father’s antivirus

Since the nature of attacks has changed, we offer an “ecosystem” of protection services beyond our antivirus protection. The need for a more complete kind of protection was quite evident after the New York Times was hacked for 4 months by Chinese hackers. Jindrich Kubec, Avast’s threat intelligence director, acknowledges that there’s a distinction between the kinds of threats encountered by everyday Web surfers and the carefully targeted attack the Times faced, but he adds this wisdom,

“Seatbelts and airbags are wonderful protection and improve the safety of millions, but they will not stop a bullet fired — say by a hired killer. Does it mean you will stop using airbags and seatbelts?”

Check out the varied products that Avast offers to create your own security ecosystem. Avast Mobile Security, SecureLine VPN, Browser Cleanup, and GrimeFighter are not just new ways to make money, (some of the products are free!), they are intended to keep you and your assets as safe as possible.

Panda Security

Tinder, the app where you can have your heart stolen, but also your information and your pictures

tinder contact

To find a ‘match’ in Tinder we have to share personal information with other users. If you don’t have at least one picture and you don’t describe yourself a bit, how will anyone know if they are interested in you? The same happens when you visit other profiles.

However, each person can decide what to make public and what not. At least in theory, because a recent study by the University of South Australia questions the privacy of the eight most popular dating apps in Google Play, including Tinder and Grindr.

The research done by these computer security experts shows how easy is to access the data stored in these tools (hidden from the rest of the community), as email addresses and private messages exchanged with other users.

The first thing they did was to create a fake profile on each of the dating apps and from a cell phone try to steal other users’ information. They became cyber thieves for research purposes intercepting the network’s traffic data and tracking the apps supposedly private directory.

For major concern, they discovered that all these apps had huge security gaps which made them vulnerable to these kinds of attacks, achieving their goal: they obtained personal information of many profiles and saved it in their phone.

tinder match

In Tinder, which has over 50 million customers, they stole the pictures of all the profiles they visited with their fake account. In addition, they obtained their Facebook ID (a different sequence of numbers and letters assigned to each person), and with it they were able to identify every one of the accounts in the social network and access them.

If we take a look at Grindr, the findings are even more alarming. The research team amassed amounts of personal information of the different users they had visited with their fake account; from their birthdate to the distance between them and the owner of the last profile they viewed, through a complete record of all sent and received emails and their email account.

In light of the results, the authors warn us to be careful with the applications we choose for meeting people. They also recommend developers to add more strict security measures to prevent attacks, like the ones the researchers performed without many difficulties.

In addition, they claim that the cell phone is the cybercriminals’ main target: most users, regardless of their age and sex, have one. In them we store personal information which not even friends or family know.

This is not the first time a research questions Tinder’s security level. In 2013, another research team founded that is possible to know the longitude and latitude where a user is due to another vulnerability in the tool.

The post Tinder, the app where you can have your heart stolen, but also your information and your pictures appeared first on MediaCenter Panda Security.

Panda Security

The Police Virus strikes again! Android systems attacked!

The Spanish Police has warned of the reappearance of the Police Virus for Android.

Here we explain you how can they attack your cell phone, and what can you do to protect it!

android virus police

*** Posted June 2, 2014

A few days ago a new Android malware showed up, Android/Koler.A. It was in the news as it was actually a Police Virus / ransomware attack, similar to the ones we have seen in Windows computers, but this time it was targeting mobile phones.

Although in this case this piece of malware cannot encrypt any of the phone data, it is nasty and it is really difficult to get rid of it (without antivirus for Android), as the warning message is always on top and the user has only a few seconds to try to uninstall it.

While we were studying it, we found a new variant exactly the same as the first one but this one was connecting to a different server, in order to download the proper warning. And this server was still up… It turns out that the cybercriminals made a small mistake configuring it and left the door half-opened  Sadly, we could not get access to all the information there (there was a mysql database with all the payments, infections, etc. that we couldn’t reach ) but still we were able to download some files from the server and take a look at how it works.

I won’t go into details about the mistake they made to leave that door half-opened, as of course we do not want to help them ;)

Unsurprisingly, the way it works from the server side is really similar to the ones targeting Windows and that we have seen in the past: a number of scripts to geolocalize the device and show the message in the local language and with the images of local law enforcement. It saves information from all infected devices in the database and it takes the IMEI number of the mobile phone, adding the MD5 of the malware that is infecting the device. Doing this they can track the number of infections per malware variant and measure the success of their different infection campaigns.

This Trojan is targeting users from 31 different countries from all around the world; 23 of them are Europeans:
Austria, Belgium, Czech Republic, Germany, Denmark, Finland, France, Greece, Hungary, Ireland, Italy, Latvia, Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden, Switzerland, Slovenia, Slovakia and United Kingdom.

Users from these countries are also being targeted: Australia, Bolivia, Canada, Ecuador, Mexico, New Zealand, Turkey and United States of America.

What if you have already been infected?

Well, probably you won’t have an antivirus installed in your phone, which makes the clean up a bit difficult. The “infection” screen will be on top of everything, and this malware also disables the Back key. However the Home button will still work, so you can give it a try, push the Home buttom, go to the App menu and uninstall the malicious app:

Android ransomware

 

The bad news is that you will only have 5 seconds to do this, as the warning screens pops up every 5 seconds. What can you do then? Well, you just need to restart your phone in “safe mode“. Depending on the mobile phone you have, it can be made in different ways. Those running pure Android versions (Nexus, Motorola) only need to go to the shutdown menu and press for a couple of seconds on shutdown, until the following message shows up:

reboot mode

 

Click OK, and once the phone is restarted you can uninstall the malicious app. To go back to normal just restart the phone in the usual way. If you are using a phone with a custom Android version (Samsung, etc.), you can easily use Google to find out how it is done in your device.

We managed to grab the ransom message screens for every country, where you can find a number of known people, such as the Obama (president of the United States), François Hollande (president of France), Queen Elisabeth… It was also funny to see in the US one that they mention Mandiant (the company who showed up how China had in their army a cyber-espionage unit).

The post The Police Virus strikes again! Android systems attacked! appeared first on MediaCenter Panda Security.

Avast

Avast Data Drives New Analytics Engine

Did you know that Californians are obsessed with Selfie Sticks from Amazon.com? Or that people in Maine buy lots of coconut oil?

Thanks to Jumpshot, a marketing analytics company, you can find this information – as well as more useful information – by using the tools available at Jumpshot.com.

What may be most interesting to you is that Jumpshot is using Avast data to drive these unique insights. We provide Jumpshot with anonymized and aggregated data that we collect from scanning the 150 billion URLs our users visit each month. Using Jumpshot’s patent-pending algorithm, all of the personally identifiable information is removed from the data before it leaves Avast servers. Nothing can be used to identify or target individuals. Avast COO Ondřej Vlček explains the data stripping algorithm in an Avast forum topic.

Jumpshot infographic showing Amazon.com shopping cart values and the most popular products by state. Anonymized Avast browser data was used to create this information. Click here to see the full infographic.

Jumpshot infographic showing Amazon.com shopping cart values by state. Anonymized and aggregated Avast browser data was used to create this information. Click here to see the full infographic.

Data security, of course, is very important to us. We go to great lengths to keep our users safe, and have never shared any data that can be used to identify them. We never have and never will.

We are aware that some users don’t want any data – no matter how generic and depersonalized it is – to be used in market analysis. This is why we clearly state during the installation of our products what information we collect and what we do with it, and offer our users the ability to opt out from having that data collected. We believe we are unique in our industry in offering an opt-out, but we do so because we respect that choice to be our users to make, not ours. We’re grateful that more than 100 million of our users, when given a clear choice, have chosen not to opt out, and we thank you.

The foundation of our business is trust, and trust only exists with honesty.

We have always strived to have an honest relationship with our users, and we will continue to do so. Currently we do not make any money from this relationship but it is an experiment as to whether we can fund our security products indirectly instead of nagging our users to upgrade. As most people are aware, most all products we use every day—Chrome, Facebook, Firefox, WhatsApp, Gmail, etc.—are indirectly funded by advertisements. In most cases though, the products directly examine what users are doing and provide them targeted advertisements. Although we suspect some security companies are doing this, we do not believe it is the proper approach. Instead, we think that this anonymized, aggregated approach is much better to maintain the trust relationship that we think is so important between us and you, our loyal users.

As always, thank you for your support and patronage. Together we continue to make the Internet a safer place for all of us.

Panda Security

Watch out! A simple Arabic text message can crash your iPhone!

iphone 6 plus

Do you have an iPhone? Yes? Well, then the following news may be of interest to you!

A new security flaw has been discovered in iOS, Apple’s operating system. This vulnerability affects iPhones running iOS version 8.3, although other versions could also be affected.

According to the BBC, a specially crafted text message can cause vulnerable devices to crash and reboot. More precisely, the malicious message, containing Arabic characters, causes iMessage to crash and the iPhone to reboot.

sms iphone

Apple is aware of the issue and has announced they will make a fix available in a software update. We’ll keep you updated with any new developments!

The post Watch out! A simple Arabic text message can crash your iPhone! appeared first on MediaCenter Panda Security.

Avast

The Internet of Things (to be hacked)?

The Jetsons (via philosophymatters.org)

Soon, we’ll be living like The Jetsons (image via philosophymatters.org)

By the end of the decade, everyone on Earth will be connected.
–Eric Schmidt, Google chairman

As a rule of thumb, it’s good to keep in mind that anything and everything that can be connected to the Internet can be hacked. Poorly designed or implemented systems could expose serious vulnerabilities that attackers can exploit. Now, most of us are fairly familiar with certain gadgets that can be connected to the Internet, such as mobiles devices and/or laptops, smart watches, and cars, but what about the things that are still emerging within the Internet-connected world? Some of these new items include routers, sensors, and everyday gadgets such as alarm clocks, wearables, microwaves, and grills.

When dealing with the devices that we’ve come to know and love, such as our Android phones or iPads, we already encounter a multitude of shortcomings within privacy policies, unintentional data leakages, and the transmission of tracking and personal data in clear text. Taking this a step further, it’s both intriguing and frightening to think about the challenges we will face as the Internet of Things (IoT) becomes more and more of a reality. In a recent article published by the Guardian, author Marc Goodman paints an evocative picture of a world powered by the IoT:

Because your alarm clock is connected to the internet, it will be able to access and read your calendar. It will know where and when your first appointment of the day is and be able to cross-reference that information against the latest traffic conditions. Light traffic, you get to sleep an extra 10 minutes; heavy traffic, and you might find yourself waking up earlier than you had hoped.

When your alarm does go off, it will gently raise the lights in the house, perhaps turn up the heat or run your bath. The electronic pet door will open to let Fido into the backyard for his morning visit, and the coffeemaker will begin brewing your coffee. You won’t have to ask your kids if they’ve brushed their teeth; the chip in their toothbrush will send a message to your smartphone letting you know the task is done. As you walk out the door, you won’t have to worry about finding your keys; the beacon sensor on the key chain makes them locatable to within two inches. It will be as if the Jetsons era has finally arrived.

So how can we use these space-age technologies to our advantage? Although most software is still in the process of being optimized for wearables and other emerging smart gadgets, there are three main things to be on the lookout for as we move into the IoT’s heyday:

  • Issues on devices that could result in device loss, poorly programmed apps, or attacks driven by social engineering
  • Transmission issues caused by low-level encryption on Wi-Fi or Bluetooth that could result in traffic sniffing, man-in-the-middle and redirection attacks
  • Storage issues in the cloud that could directly result in data breaches

The sure-fire way to defend yourself against these vulnerabilities is to use a VPN when connecting to open, unsecured Wi-Fi networks. Avast SecureLine VPN is available for Windows, Android and iOS.

Panda Security

Panda Security detects over 225,000 new malware strains per day in the first quarter of the year

PandaLabs, Panda Security‘s antil-malware laboratory, today published its Quarterly Report for Q1, analyzing the IT security events and incidents from January through March 2015. The multinational security vendor detected over 225,000 new malware strains per day in the first quarter of the year,  with peaks reaching 500,000. This record-breaking figure represents a 40 percent increase over Q1 2014, and is well above the average for the entire year, which stood at approximately 205,000 new malware samples per day.

As is usually the case, most of these specimens were variants of known malware conveniently modified by virus writers to evade detection by antivirus laboratories. Trojans continued to be the most common threat type, representing 72.75 percent of all new malware, and the main source of infections (76.05 percent of the total).

CryptoLocker remains the biggest threat

The first months of the year were dominated by ransomware attacks, especially CryptoLocker, and it is safe to say that ransomware has become cyber-criminals’ preferred method to make money from companies’ stolen information.

That was the case with ten companies in the oil and gas maritime transportation sector, which fell victim to this type of attack, as revealed by Panda Security in a report on a hacking campaign dubbed “Operation Oil Tanker: The Phantom Menace” which targeted oil tankers.

“In this particular case, the attackers didn’t use any kind of malware, but legitimate files executed recurrently,”  explained Luis Corrons, Technical Director of PandaLabs at Panda Security.

Other popular attack methods exploited over the past quarter include social networks scams and mobile malware. One of the most notable scams made use of a fake $500 Zara gift card giveaway on Facebook to trick users. The scam spread like wildfire. In just a few hours over 5,000 people had joined the event, and more than 124,000 invites had been sent out.

Meanwhile, Android was in the bullseye for mobile malware attacks more than ever, this time through malicious SMS messages.

malware, pandalabs, report

China tops list of infections per country

The average number of infected PCs across the globe stands at 36.51 percent, up more than six percentage points compared to 2014. China once again led this ranking (48.01 percent of infected PCs), followed by Turkey (43.33 percent) and Peru (42.18 percent).

The list of least infected countries is dominated by European countries, the top one being Norway (22.07 percent of infected PCs). Other countries with a malware infection rate below the worldwide average include Denmark (28.18 percent), Finland (28.59 percent), Venezuela (33.35 percent) and USA (34.03 percent), among others.

“We must never forget that cyber-criminals’ sole motivation is money and information, and as our lives become more digital, we are more exposed to cyber-threats. This year we can expect to see more ransomware attacks, as well as new scams spreading through social media and mobile applications”, concluded Corrons.

The full report is available here.

The post Panda Security detects over 225,000 new malware strains per day in the first quarter of the year appeared first on MediaCenter Panda Security.

Avast

Where is my phone? Avast Anti-Theft knows.

Giri got his stolen phone back because of Avast Anti-Theft

Giri got his stolen phone back because of Avast Anti-Theft

A stranger broke into Giri C’s house last September. The thief looked through Giri’s belongings for something of value. He found a MotoE Phone and grabbed it. Mobile phones are an easy target because the thief can just slip in a new SIM card and resell the phone on the black market.

What this thief didn’t know was that Giri had installed Avast Anti-Theft protection. Avast Anti-Theft allows you to set up your desktop account or use a friend’s phone to remotely locate your device, lock it, activate the remote siren, or wipe its data clean.

When the SIM card is changed without the right permissions, Anti-Theft recognizes it and notifies you of the new number and geo-location so you can maintain contact with your phone. You can also activate a loud, customizable siren, which screams at maximum volume if the thief tries to silence it.

Giri reported the robbery to the local Bangalore police, and after a few days he received a call saying that someone had turned the phone into the station.

”When I received the phone from the police,” Giri told us, “the phone was giving the SIREN sound that my mobile is stolen due to the settings I have configured. I understand that the person who had stolen it might have tried replacing the SIM but he was not able to do it as it has locked the phone and the weird sound frightened him.”

Avast Anti-Theft has a loud alarm

The siren continuously and loudly says the following, by default, when activated: “This device has been lost or stolen!”. In the advanced settings of Avast Mobile Security you can customize what message the siren will sound, if you do not want to use the pre-set message. You can do this under “Select Sound File” or “Record Siren Sound”.

“I feel I recovered my stolen mobile only because of AVAST,” said Giri. “I thank your company for such a wonderful and useful product.”

Giri added a tip for other Android phone owners:

“More than using just anti-virus, it’s better to use software with proper tracking available which will be useful to avoid misuse of the phone, as similar features are not available in Android.”

Avast Anti-Theft is available on Google Play, where it can be downloaded for free.

 

Share your story with Avast

Share your story with Avast

Have you experienced  an attack or breach of your home network? Had your phone lost and/or stolen? We’d like to hear from you about your experience and how Avast saved the day — write to us with your story at [email protected].  If we post it on our blog, then we will send you an Avast goodie box. :-)