Tag Archives: How To

Microsoft releases emergency Windows patch after discovery of critical security flaw

With the release of their newest operating system just days away, now is not the most convenient time for Microsoft to be facing and dealing with security bugs. However, two thirds of all 1.5 billion PCs operated by Windows across the globe were recently left vulnerable due to a security flaw found in nearly every version of Windows, including Windows 10 Insider Preview.

If you use Windows, the time to update is now!

If you use Windows, the time to update is now!

The flaw (MS15-078) lies within the Windows Adobe Type Manager Library and can be exploited by cybercriminals to hijack PCs and/or infect them with malware. Users can be attacked when they visit untrusted websites that contain malicious embedded OpenType fonts. Microsoft explains more about the threat in a security bulletin advisory:

An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

There are multiple ways an attacker could exploit this vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage that contains embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts.

The flaw has been classified as critical, which is Microsoft’s highest measured level of threat. Anyone running Windows Vista, Windows 7, Windows 8 and 8.1, Server 2008, Server 2012 and Windows RT are affected by the flaw. Microsoft’s online Security TechCenter includes a full list of affected software and additional vulnerability information.

How to ensure your safety

Taking into consideration that this is a critical security threat that potentially puts your whole system at risk, it only makes sense to install the Windows patch as quickly as possible. The majority of customers have automatic updating enabled and won’t need to take any action because the update will be downloaded and installed automatically. Customers who have not enabled automatic updating, or who install updates manually, can use the links in the Affected Software section to download and install the update. This article walks users through two different methods of obtaining and installing the security udpate. Both methods require a restart after the patch has been applied.

Avast Software Updater can lend a helping hand in ensuring that your software stays updated to the latest version. To find it, simply open your Avast user interface. Click Scan on the left side, then choose Scan for outdated software. You can then decide how to proceed.


Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

How iOS users can stay protected against iScam threat

iScam displays a "crash report" to affected users. (Photo via Daily Mail)

iScam displays a “crash report” to affected users. (Photo via Daily Mail)

It’s a common belief (and myth) that Apple products are invincible against malware. This false line of thinking has recently again been refuted, as iPhone and iPad users have been encountering a ransomware threat that freezes their Internet browsers, rendering their devices unusable. The ploy, commonly known as iScam, urges victims to call a number and pay $80 as a ransom to fix their device. When users visit an infected page while browsing using the Safari application, a message is displayed saying that the device’s iOS has crashed “due to a third party application” in their phone. The users are then directed to contact customer support to fix the issue.

How to clean your system if you’ve been infected by iScam

  • Turn on Anti-phishing. This can be done by visiting Settings > Safari and turn on ‘Fraudulent Website Warning’. When turned on, Safari’s Anti-phishing feature will notify you if you visit a suspected phishing site.
  • Block cookies. For iOS 8 users, tap Settings > Safari > Block Cookies and choose Always Allow, Allow from websites I visit, Allow from Current Websites Only, or Always Block. In iOS 7 or earlier, choose Never, From third parties and advertisers, or Always.
  • Allow JavaScript. Tap Settings > Safari > Advanced and turn JavaScript on.
  • Clear your history and cookies from Safari. In iOS 8, tap Settings > Safari > Clear History and Website Data. In iOS 7 or earlier, tap Clear History and tap Clear Cookies and Data. To clear other stored information from Safari, tap Settings > Safari > Advanced > Website Data > Remove All Website Data.

Check out Apple’s support forum for additional tips on how to keep your device safe while using Safari.

How to thoroughly wipe your phone before selling it

Make sure your Android phone is wiped clean before you sell it.

Every day, tens of thousands of people sell or give away their old mobile phones. We decided to buy some of these used phones to test whether they had been wiped clean of their data. What we found was astonishing: 40,000 photos including 750 photos of partially nude women and more than 250 male nude selfies, 750 emails and texts, 250 names and addresses, a collection of anime porn, a complete loan application, and the identity of four of the previous phone owners.

How did we recover so much personal data?

The problem is that people thought they deleted files but the standard features that came with their operating system did not do the job completely. The operating system deleted the corresponding pointers in the file table and marked the space occupied by the file as free. But in reality, the file still existed and remained on the drive.

With regular use of the device, eventually new data would overwrite the old data but since the person was selling the phone, that never happened and the files were still intact.

It works the same way on your PC. I used free software to recover deleted photos that I thought were missing forever because they had not been overwritten yet.

You can permanently delete data with Avast Anti-Theft

Avast’s free app for Android, Avast Anti-Theft, actually deletes and overwrites all of your personal files. All you do is follow these steps to delete personal data from your smartphone before you sell it or give it away.

1. Install Avast Anti-Theft on your Android device. The app is free from the Google Play Store.
2. Configure Avast Anti-Theft to work with your My Avast account. This gives you remote access to your phone through your PC.
3. Turn on the thorough wipe feature within the app.
4. Log in to your My Avast account from a PC to wipe your phone. This will delete and overwrite all of your personal data.

Follow Avast on FacebookTwitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.

Widespread iScam ransomware originates from US servers

iPhone and iPad users who turn on Avast SecureLine VPN while on unsecured Wi-Fi are protected from iScam.

It’s a common belief (and myth) that Apple products are invincible against malware. This false line of thinking has recently again been refuted, as iPhone and iPad users have been encountering a ransomware threat that freezes their Internet browsers, rendering their devices unusable. The ploy, commonly known as iScam, urges victims to call a number and pay $80 as a ransom to fix their device. When users visit an infected page while browsing using the Safari application, a message is displayed saying that the device’s iOS has crashed “due to a third party application” in their phone. The users are then directed to contact customer support to fix the issue.

iScam displays a "crash report" to affected users. (Photo via Daily Mail)

iScam displays a “crash report” to affected users. (Photo via Daily Mail)

In the midst of this vexing threat, Avast’s suite of security applications identifies URLs which contain malicious content. When discovered, these addresses are flagged for malware and then stored in our blacklist database.

While scanning for malicious URLs, we discovered that many of the servers related to iScam are located in the United States. While iScam has affected users located in both the U.S. and U.K., the origins of the threat have remained fairly nebulous up until this point. Here are a few examples of where we’ve discovered malicious servers in the U.S.:

  • Scottsdale, Arizona (system-logs.info)
  • Concord, North Carolina (pcassists.info)
  • Kirkland, Washington (Adbirdie.com)
  • Chicago, Illinois (pcsafe.us)
  • Los Angeles, California (clevervc.com)

Every cloud has a silver lining – in this case, you can celebrate the fact that you’re protected from iScam using Avast SecureLine VPN. Not only does Avast SecureLine VPN protect you while browsing on unprotected Wi-Fi networks, but it also scans websites to check for malicious content and keep you from becoming affected by them. Once Avast SecureLine VPN is installed onto your iPhone or iPad, it automatically notifies you of the risks of connecting to unsecured Wi-Fi and you have the option of connecting to the secure VPN. Once turned on, Avast SecureLine VPN creates a private ‘tunnel’ for your data to travel through, and all your activities done over the Internet – inbound and outbound through the tunnel — are encrypted. If a website is infected with iScam, Avast SecureLine VPN blocks it, so users will not encounter the scam. For your best protection, Avast SecureLine VPN is available to download in iTunes.

How to clean your system if you’ve been infected by iScam

  • Turn on Anti-phishing. This can be done by visiting Settings > Safari and turn on ‘Fraudulent Website Warning’. When turned on, Safari’s Anti-phishing feature will notify you if you visit a suspected phishing site.
  • Block cookies. For iOS 8 users, tap Settings > Safari > Block Cookies and choose Always Allow, Allow from websites I visit, Allow from Current Websites Only, or Always Block. In iOS 7 or earlier, choose Never, From third parties and advertisers, or Always.
  • Allow JavaScript. Tap Settings > Safari > Advanced and turn JavaScript on.
  • Clear your history and cookies from Safari. In iOS 8, tap Settings > Safari > Clear History and Website Data. In iOS 7 or earlier, tap Clear History and tap Clear Cookies and Data. To clear other stored information from Safari, tap Settings > Safari > Advanced > Website Data > Remove All Website Data.

Check out Apple’s support forum for additional tips on how to keep your device safe while using Safari.

How to tell if an online review is trustworthy

When it comes to planning a purchase online, customer reviews can be a great source of information and a crucial part of the decision making process. But with cases of businesses doctoring their online reviews emerging, how can you be sure that the review you’re reading can be trusted?

Here are some signs to watch out for to make sure you don’t get the wool pulled over your eyes.

 

Check out the reviewer

Your first point of reference should be the person who left the review. They are more likely to be a legitimate person if the following checks out:

  • They have been using the site for a long time before leaving the review
  • They have left reviews for other products
  • They have friends or belong to a network (on Yelp for instance)

All of these point to the behaviors of a real person who can be deemed impartial. If the review has only just joined the site or only left a review for the product or service in question, then you may want to consider basing your purchase on their advice.

Profile

 

 

Verified customers

Many websites run employ services such as Revoo to help provide transparent and authentic feedback on their products. The review is actually part of the purchasing process so that you can be sure that only those that actually purchased the product have left a review.

Confirmed Purchase

 

Shop around

If you’re shopping for a big ticket item or booking at a pricey hotel, it is definitely worth checking reviews on many different sites and even social networks.

If something has great reviews on Yelp or Google Reviews, may have a bad rating on Trip Advisor, Amazon or another service. If the reviews differ significantly, it is certainly worth investigating a little further into them.

A quick search on Facebook or Twitter doesn’t hurt either. Check out any mentions of the product name or if a restaurant or hotel, visit their Twitter page to see how people are engaging with them. If there’s a lot of angry customers complaining, you may want to think twice before booking!

Do you have any tips to get trusted review online? Let me know on Twitter or on Facebook.

Does Avast slow down my computer?

When your computer slows to a crawl, it is very frustrating. One of the worst things that people do when trying to restore the performance of their PC is to remove the security software. Getting rid of your protective barrier just opens you up to threats that could make things even worse.

So you know that you need a security product on your computer, but you don’t want any software to impact the speed or performance. That’s why an excellent choice is Avast antivirus products.

Avast got the highest rating for Performance from AV-ComparativesAvast provides high detection rates and good protection against malware, but it does not degrade system performance or annoy users by being resource hungry.

But don’t take my word for it.

AV-Comparatives, a well-known and trusted third party testing lab, recently tested 20 antivirus and internet security products. Avast Free Antivirus topped every single one of them – paid security suites and free antivirus protection – and received an Advanced Plus three star award for the May 2015 Performance Test.

Reasons why your PC may be slow

It is not always security software that is responsible for a slow system. Other factors can play a role, which means that with a few tweaks your systems performance can be improved.

Old hardware If you try to install modern software into your old computer, it could start running at a snail’s pace, because the hardware simply is not capable of running the software. Ideally, buying a new PC with a multi-core processor is the best solution. However if your budget does not include a new computer, then you could add more RAM.

For Windows 7 or Windows 8, you should use a minimum of 4 gigabytes of RAM. If you use Windows XP or Vista, switch to Windows 8.1 64-bit. Avast security products are compatible.

More than one security program is not good. It’s not advised to run more than one security program with real-time protection at a time. Please uninstall any trial software that came with your PC before installing different protection. You can find a list and instructions to remove here. We recommend you follow their instructions before proceeding with the uninstallation.

Make sure your software is up-to-date. The most up-to-date software contains fixes and patches that makes it run at its best. Avast has ended product updates for older consumer versions of Avast Antivirus. Versions 8.0.1497 and lower continue to receive threat updates but do not receive any patches or technical support. The latest version of Avast has enhanced features and higher detection rates to protect your computer from malicious attacks.

Clean out the clutter. Clutter from leftover files and registry entries, unneeded shortcuts, adware, toolbars, and bloatware can slow your computer down. Getting rid of the junk can bring new life to your machine.

If your hard disk is almost full you could transfer movies, images, and other infrequently used files to an external disk. For the best performance, you should leave 20% of your disk space free.

 

Top 10 most annoying browser toolbars

It usually happens after you download something free. You go back online and your browser suddenly looks unfamiliar. There’s new buttons and weird icons in the place of what you used to have. A strange search page from a company you have never heard has taken the place of your homepage.

How did I get that annoying toolbar?

 

Avast Browser Cleanup removes annoying toolbars

You have inadvertently downloaded a browser toolbar that came bundled with other software.

Free programs, like Adobe Reader, often include add-ons like toolbars or browser extensions. Most of the time, during the installation of the software, an opt-out option will be presented for the add-on. But, lots of people click through without reading, and when they’re finished they discover they have downloaded something they didn’t intend to.

To keep this from happening in the first place, slow down and read the screens. You could save yourself lots of time and headaches if you do.

What do browser toolbars do to my computer?

  • Change your homepage and your search engine without your permission or awareness
  • Track your browsing activities and searches
  • Display annoying ads and manipulate search results
  • Take up a lot of space inside the browser
  • Slow down your surfing speed
  • Fight against each other and become impossible for the average user to fully uninstall

In some cases, toolbars or add-ons can be quite useful, but Avast users have rated only 4% of toolbars as “good” or “useful”. The rest are “poor” or “very poor”.

The ten most unpopular toolbars are:

TOOLBAR NUMBER OF REMOVALS
Mindspark 18,358,334
Conduit 13,924,453
 Ask.com  11,773,062
 Delta Search  6,136,056
 FastStart  4,862,671
DealPly 4,253,676
 Yontoo Toolbar  4,020,969
SearchTheWeb (Iminent) 3,442,706
 IncrediBar  2,729,797
Sweet 10 packs / SweetIM 1,948,958

How do you get back your normal browser?

Avast Browser Cleanup has identified more than 60 million different browser add-ons and removed more than 650 million from users’ browsers in the past two years. Avast Browser Cleanup can help you remove annoying browser toolbars and regain your normal browser settings.

Avast Browser Cleanup is integrated in all free and premium Avast products. It can also be downloaded by users of other security programs as a standalone version.

Shopping online just got a little more risky

One of the largest e-commerce platforms, Magento, has been plagued by hackers who inject malicious code in order to spy and steal credit card data or any other data a customer submits to the system. More than 100,000+ merchants all over the world use Magento platform, including eBay, Nike Running, Lenovo, and the Ford Accessories Online website.

The company that discovered the flaws, Securi Security, says in their blog, “The sad part is that you won’t know it’s affecting you until it’s too late, in the worst cases it won’t become apparent until they appear on your bank statements.”

Minimize your risk for identity theft when shopping online

Minimize your risk for identity theft when shopping online

Data breaches are nothing new. The Identity Theft Research Center said there were 761 breaches in 2014 affecting more than 83 million accounts. You probably recall the reports of Sony, Target, Home Depot, and Chic Fil A.

We have heard lots about what we as individual consumers can do to protect ourselves: Use strong passwords, update your antivirus protection and keep your software patched, learn to recognize phishing software, and be wary of fake websites asking for our personal information.

But this kind of hack occurs on trusted websites and show no outward signs that there has been a compromise. The hackers have thoroughly covered their tracks, and you won’t know anything is wrong until you check your credit card bill.

So how do you minimize the risk of online shopping?

  • Use a payment service or your credit card– Experts agree that payment services like PayPal are safe because of their security practices and the encryption technology they use. Just don’t link it to your checking account. Link it to a credit card so you get your credit card’s fraud protections in addition to PayPal’s. If you only use a credit card, designate one card for online purchases so if something unusual happens, you don’t have to track down all your other cards.
  • Keep a paper trail – Once you place your order, print or save records of the transaction. Check your credit card statement to make sure transactions match and there were no unauthorized charges.
  • Avoid shopping while using public Wi-Fi – Unsecure public Wi-Fi hotspots do not give you any protection from hackers who want to monitor what you are doing online. It’s not difficult for someone to intercept and modify communications between you and another site. If you have to do it, then use a Virtual Private Network (VPN) so your communications will be encrypted.

What to do if you are caught in a data breach

  1. Get a new card – Either get a replacement card from the company or close your account.
  2. Change your passwords – If you have an account or have done business with any company that falls victim to a breach, then change your password ASAP. It’s a good idea to change all your passwords because hackers sell them to other cybercrooks.
  3. Monitor your bank and credit card statements – Don’t wait for your monthly statement to arrive in the mail. By then, a cybercrook could have done major damage. Check your online statement until your new card arrives. If you see any suspicious charges, report it immediately.
  4. Freeze your credit – you can request that your credit report be frozen from the three main credit bureaus; Equifax, Experian and TransUnion. This way, no one can access your credit report without your approval.