In this recorded webinar the security challenge that mobile devices and BYOD bring to the businesses, notably smaller businesses, is reviewed; then defensive strategies are presented.
The post The big small business security challenge: mobile and BYOD appeared first on We Live Security.
Not only is Brazil one of the most populated countries in the world, but it is also one of the countries with the highest percentage of Internet users using online banking. The latest research from ESET is now available: CPL Malware in Brazil.
The post CPL Malware in Brazil: somewhere between banking trojans and malicious emails appeared first on We Live Security.
More than five percent of all unique IP addresses accessing Google sites included some kind of ad injector software, and there are more than 50,000 of those injector browser extensions in use today, according to new research from Google.
Researchers have uncovered a new malware which will try to ‘destroy’ the computer if it suspects it is being analyzed, reports First Post.
The post Rombertik: the malware that destroys computers if detected appeared first on We Live Security.
Engineers at Netflix have released another one of the company’s bespoke security tools as an open-source application, this time an incident-response system known as FIDO. The tool is designed to help automate the process of incident response, and specifically it acts as a new layer that helps tie together existing applications by evaluating and assessing […]
Cisco Talos reports a new strain of spyware called Rombertik that escalates its anti-detection capabilities by destroying the Master Boot Record if the code is audited.
The earthquake that hit Nepal late last month has caused untold damage in the region and kicked off a massive relief and aid effort. Attackers are loathe to let a chance like that go by, and they have concocted a number of schemes to deprive victims of their money and hope for relief funds. Aid organizations […]
Wouldn’t it be nice not having to turn around several times your USB before connecting it to the computer? You won’t remember that feeling, very soon. The new connector Type-C USB, better known as reversible USB, is the answer to your problems, with the same number of pins or connectors in both sides. It will allow you to transfer data much faster as video signals or electric energy, with a similar size of a micro USB.
It is predicted that this new connector will be the standard in the future and maybe someday we will be able to charge all our devices with it. This specification, announced a couple of months ago by the USB Implementers Forum (USB-IF), is already been included in some laptops. Apple’s new MacBook integrates a USB-C port which allows you to charge your phone and to connect it with conventional devices, though you will have to buy a separate adapter.
Google has followed up and will include two new USB-C ports in their new ultra-thin laptop, the Chroomebook Pixel. The incorporation of these ports will be the trend to follow in the next months.
But it’s not all good news here: the new USB-C brings serious safety issues. After all it is based on the standard USB so it is vulnerable to ‘firmware’ attacks and other kinds of attacks that would affect the device in which the USB is connected to.
None of these issues are new, probably your USB drive has been infected more than once after connecting it to different computers. However, if we consider that the purpose of this new USB is to create a universal connector we will be facing more and more sophisticated attacks, which will be more difficult to avoid, so the port will become a malware loophole.
One of the biggest concerns is the recent discovered BadUSB vulnerability, which lives in the firmware and modifies it, allowing the connected mobile device to become an attack vector.
“The additional openness and flexibility of USB Type-C comes with more attack surface,” says Karsten Nohl, one of the researchers who first discovered this type of attacks. “No solution for BadUSB is in sight even with this new standard.” USB is an open standard built on backwards compatibility and easy third-party access, which implies a serious security problem and which is not even near to fix it.
In practical terms, this means MacBook and Chromebook Pixel users are exposed to what we call a “borrowed charged attack”. Although new chargers don’t have the necessary firmware to carry the BasUSB malware, it would be very easy to infect a device and spread it within the compatible gadgets. After all, who doesn’t share almost daily a USB cable with another person?
Although Apple includes an authentication chip in all their power cords to verify that the firmware has not been changed, the port remains vulnerable to older devices.
If you have already decided to buy the latest MacBook or the new Chromebook, the best thing you can do to protect it, is to avoid connecting it to a device or charger you haven’t purchased. Despite all the benefits these reversible USB ports have, like high speed and efficiency, security must be improved to enjoy all the advantages of USB-C on laptops.
The post The famous reversible USB could be a ‘malware’ loophole for your devices appeared first on MediaCenter Panda Security.
The Avast bi weekly wrap-up is a quick summary of what was on the Avast blog for the last two weeks.
Most everyone knows their PC needs antivirus protection, but they don’t think about their smartphone. These days smartphones are just about as powerful and have as much or more personal information as our desktop PC at home. We answer the question do Android devices really need protection?
The answer is a resounding YES. The Avast Virus Lab gives us an example from a trusted download source, Google Play: A porn clicker app slipped into Google Play imitating the popular Dubsmash app. If we cannot completely rely on trusted app stores to weed out nasty apps, then it’s time to add an extra layer of security.
Once you decide that you do want to protect your Android device, you can be confident in Avast Mobile Security, Avast’s free security app available on Google Play. A survey by AV -Comparatives said that Avast was the #1 choice for mobile security in the entire world. No need to wait any longer to protect your smartphone or tablet.
One of the challenges with using a smartphone for so many activities, is that the battery gives out before we do. Our new free app Avast Battery Saver raises the bar with new Wi-Fi based smart profiles that can increase battery life by an average of 7 hours.
Avast Battery Saver has only been available for a month or so but already 200,000 customers have downloaded it from the Google Play Store. For Earth Day we highlighted battery saver users for their positive impact on the environment. Who knew that Avast Battery Saver would be so green? A cool infographic shows just how much they saved – not only from their own battery – but in energy costs too. Now Earth Day can be everyday!
Small and medium-sized businesses (SMBs) run the risk of data breaches just like there Enterprise cousins. Luke Walling, the General Manager of Avast for Business, explains that the biggest threat to SMBs is not actually hackers sitting somewhere far away. The biggest threat to your SMB could be sitting in your office!
Speaking of Avast for Business, our new disruptive free security offering for SMBs has 75,000 new customers in just 2 months. If you have a start-up, a small business, if you work in a school or non-profit organization, then it’s time to stop paying for security protection.
Our researchers are constantly surprised by the creativity of malware authors. Recently, they found a new way cybercrooks trick people in giving up their banking information. It’s a crafty combination of spam email, social engineering, and a macro code embedded in an innocent looking Word document.
Most people have security protection on their computers. That’s great when there are things like the banking malware we wrote about. With all that great protection why is it that they don’t trust the warnings? The Avast Virus Lab explored why some people would rather be right than believe a malware warning.
Researchers at Seculert have found a new version of the Dyre banking malware, one that is adept at avoiding sandbox detection.