Tag Archives: Technology

Avast

Windows Phone Store scam: malicious mobile apps aren’t unique to Google Play

Leave a comment

Although it’s possible to use third-party apps stores safely and securely, the fact that scams do still occur in a variety of app stores shouldn’t be ignored. On Sunday, a threat was discovered by a user who posted the issue on our forum. The scam, located within the Windows Phone Store, advertised three fraudulent versions of Avast Mobile Security. These fake apps not only include the Avast logo, but also feature actual screenshots from AMS in their image galleries. Our fast-acting team has since blocked the pages and has labeled them as malicious.

Fake AMS apps collect personal data and redirect users to adware



If downloaded, these fake versions of AMS found on the Windows Phone Store pose a risk to users’ security. Here’s how they work:

  1. New Avast security: This app includes three control buttons which show only advertisements. Even without actively clicking on the ads, the app redirects users to additional adware.
  2. Avast Antivirus Analysis: Claiming to “protect your phone from malware and theft”, this malicious app runs in the background of victims’ devices once downloaded and collects their data and location.
  3. Mobile Security & Antivirus – system 2: Simply put, this is a paid-for version of “New Avast security” that forcibly leads users to adware.

The fun doesn’t stop there!

After doing some additional research, our malware analysts discovered that TT_Game_For_All, the same user that published the fake AMS apps, isn’t solely impersonating Avast. Instead, this cybercriminal has published a large collection of close to fifty apps, the majority of which cost around the equivalent of 1.99 USD. Certain apps even claim to be from other well-known companies such as Qihoo 360, APUS, and Clean Master. 



Keep your eyes open for app store threats

This case goes to show that when it comes to mobile malware, it’s not only the Android platform that is vulnerable to attacks. Although Windows Phone devices aren’t currently as widely used as that of Android, it’s important to be careful regardless of the platform that you use. Finally, keep in mind that Google Play isn’t the only app store users should be paying attention to when it comes to avoiding mobile scams and threats — these threats can occur within any app store.

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

Avira

XSS Vulnerability In WordPress – Update Now

Leave a comment

The guys from WordPress just released version 4.2.3 of their software, which is mostly a security update. They “strongly encourage you to update your sites immediately.“ To do so just visit your Dashboard, click on ‘Updates’ and then on ‘Update Now’. As mentioned above you’ll only have to update manually if, for whatever reason, you decided to disable the automatic updates.

According to their blog entry the newest version contains fixes for 20 bugs from 4.2. The page also says: “WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. This was initially reported by Jon Cave and fixed by Robert Chapin, both of the WordPress security team, and later reported by Jouko Pynnönen.

We also fixed an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft. Reported by Netanel Rubin from Check Point Software Technologies.“

And don’t forget: Since WordPress is definitely one of the most popular Content Management Systems and blogging platforms out there it remains an attractive target for cybercriminals – especially due to the huge user base. Administrators should always keep their WordPress installations (including addons and themes) updated and patch as soon as there are security updates available.

If you want to find out more about the dangers you could face as a blog administrator and get some advice which might help you to protect your page, take a look at Ange Albertini’s blog article concerning the topic.

The post XSS Vulnerability In WordPress – Update Now appeared first on Avira Blog.

Avira

New Study: 10 Out of 10 Smartwatches Vulnerable

Leave a comment

A new study on the Internet of Things with focus on smartwatches released by HP revealed that of 10 smartwatches that were tested, all contain significant vulnerabilities and are a “risk that goes beyond the device”.

So what exactly are we talking about? According to the study (PDF) “the results of the research were disappointing, but not surprising.” There are deficiencies when it comes to authentication and authorization, privacy concerns, and problems with the implementation of SSL/TSL.

Their key takeaways are as following:

  • “Data collected initially on the watch and passed through to an application is often sent to multiple backend destinations (often including third parties)
  • Watches that include cloud interfaces often employed weak password schemes, making them more susceptible to attack
  • Watch communications are trivially intercepted in 90% of cases
  • Seventy percent of watch firmware was transmitted without encryption
  • Fifty percent of tested devices offered the ability to implement a screen lock (PIN or Pattern), which could hinder access if lost or stolen
  • Smartwatches that included a mobile application with authentication allowed unrestricted account enumeration
  • The combination of account enumeration, weak passwords, and lack of account lockout means 30% of watches and their applications were vulnerable to Account Harvesting, allowing attackers to guess login credentials and gain access to user account”

So yes, it’s basically the same cycle as with most of the ‘newer’ tech gadgets. They get released, there is a big hype, but security becomes only important after lots and lots of reports on hacks, vulnerabilities, and the inevitable bad press. Think nothing of it guys, everything is just the way it always was …

The post New Study: 10 Out of 10 Smartwatches Vulnerable appeared first on Avira Blog.

Avast

Microsoft releases emergency Windows patch after discovery of critical security flaw

Leave a comment

With the release of their newest operating system just days away, now is not the most convenient time for Microsoft to be facing and dealing with security bugs. However, two thirds of all 1.5 billion PCs operated by Windows across the globe were recently left vulnerable due to a security flaw found in nearly every version of Windows, including Windows 10 Insider Preview.

If you use Windows, the time to update is now!

If you use Windows, the time to update is now!

The flaw (MS15-078) lies within the Windows Adobe Type Manager Library and can be exploited by cybercriminals to hijack PCs and/or infect them with malware. Users can be attacked when they visit untrusted websites that contain malicious embedded OpenType fonts. Microsoft explains more about the threat in a security bulletin advisory:

An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

There are multiple ways an attacker could exploit this vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage that contains embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts.

The flaw has been classified as critical, which is Microsoft’s highest measured level of threat. Anyone running Windows Vista, Windows 7, Windows 8 and 8.1, Server 2008, Server 2012 and Windows RT are affected by the flaw. Microsoft’s online Security TechCenter includes a full list of affected software and additional vulnerability information.

How to ensure your safety

Taking into consideration that this is a critical security threat that potentially puts your whole system at risk, it only makes sense to install the Windows patch as quickly as possible. The majority of customers have automatic updating enabled and won’t need to take any action because the update will be downloaded and installed automatically. Customers who have not enabled automatic updating, or who install updates manually, can use the links in the Affected Software section to download and install the update. This article walks users through two different methods of obtaining and installing the security udpate. Both methods require a restart after the patch has been applied.

Avast Software Updater can lend a helping hand in ensuring that your software stays updated to the latest version. To find it, simply open your Avast user interface. Click Scan on the left side, then choose Scan for outdated software. You can then decide how to proceed.

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

Avira

Hacked Car Is Driven Into Ditch

Leave a comment

Why? Because cars are now definitely hackable. It has been proven. By driving a Chrysler Jeep Cherokee in a ditch. Let me tell you guys: It didn’t end well for the car!

What basically happened is this: Two security researchers, Charlie Miller and Chris Valasek, were asked by WIRED writer Andy Greenberg to hack his car.

“I WAS DRIVING 70 mph on the edge of downtown St. Louis when the exploit began to take hold.

Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass,” he describes the experience.

But that was merely the beginning. After Greenberg entered the highway the two hackers cut the transmission. Yes, you’ve hear right. The results? The accelerator stopped working. The car got slower and slower. Cars were honking and driving by.  But “the most disturbing maneuver came when they cut the Jeep’s brakes, leaving me frantically pumping the pedal as the 2-ton SUV slid uncontrollably into a ditch.”

Are you not sure whether to believe the tale or not? Then just take a look at his expercience yourself:

But how can something like that even happen? The issue apparently lies in a wireless service called Uconnect which connects these cars to the Sprint cellphone network. Uconnectis featured in hundreds of thousands of Fiat Chrysler cars, SUVs, and trucks. It not only controls the vehicle’s entertainment and navigation systems but also, enables phone calls, and offers a Wi-Fi hot spot! The researchers only had to find a vulnerability – which they did – to access and control the car’s system. Anyone who knows the IP address can gain access to it.

Luckily Chrysler released a patch – so make sure to apply it ASAP if you own one of the vulnerable cars. But while it fixes the described issue, how many others remain unfound, exploitable and dangerous?

The post Hacked Car Is Driven Into Ditch appeared first on Avira Blog.

Avast

Windows 10 security features consumers can look forward to

Leave a comment

Windows 10 will be launching in T-minus seven days and will be offered for free within its first year of availability to Windows 7 and 8 users. Not only will the beloved Start button be back in Windows 10, but Windows 10 will also include a personal assistant, Cortana. What’s more, the new operating system will introduce many promising security features and a new browser.

Image: TechRadar

Image: TechRadar

Hello there, Windows Hello and Passport!

Windows Hello is biometric authentication that either scans your face, iris or fingerprint to access your Windows 10 device – very secret agent-like security! By doing so, Windows Hello eliminates the chance of hackers stealing your password to access your device, simply because you will no longer have a password to begin with!

Windows Passport also eliminates the use of passwords to access your online accounts. For now, Microsoft will work with the Azure Active Directory and has joined the FIDO alliance to subsequently support password replacement for other consumer, financial and security services. Windows will verify that you are truly the one using your device through a PIN or via Windows Hello, and then it will authenticate Windows Passport so you can log in to websites and services without ever using a password. Combined use of Windows Hello and Windows Passport would mean that a hacker would not only have to physically steal your device, but also kidnap you to access your accounts.

You will, of course, need hardware that is capable of infrared scanning your face or iris, or that has a built-in fingerprint reader to use Windows Hello. Microsoft has already confirmed that all OEM systems with Intel® RealSense™ 3D Camera (F200) will support Windows Hello’s facial unlock features.

Bye-bye Patch Tuesday

Microsoft usually issues security patches on the second Tuesday of every month, which can leave users vulnerable until Patch Tuesday comes around. In Windows 10, Microsoft will regularly issue security patches and users will be forced to accept every update, meaning they will be immediately protected from zero-day bugs.

Forcing updates is a good move. It’s the same as with an antivirus – everyone wants to have an up-to-date database to protect their system as much as possible. – Jiri Sejtko, Director of Virus Lab Operations

More app developer security support

AMSI – Antimalware Scan Interface will help protect users from script-based malware by offering an interface standard that allows apps and services to integrate with antivirus programs on Windows 10 devices. App developers can have their application call the AMSI interface for additional scanning and analytical services. The interface will look for potentially malicious content such as obfuscation and evasion techniques used on Windows’ built-in scripting hosts. Antivirus vendors can implement support for AMSI so that their engine can gain deeper insight into the data that applications consider potentially malicious. Avast will be implementing AMSI in the near future.

Edge, the edgy new browser in town

Microsoft’s Internet Explorer doesn’t have the best reputation, which is probably why Microsoft is introducing the new Edge browser in Windows 10. Edge was created from the same core as Internet Explorer by removing many of the old outdated features that were kept for compatibility reasons, including support for binary extensions like Active X and Browser Helper Objects. Basically, Edge will not support any browser extensions in its initial release, but will add a Javascript/HTML model similar to that of Mozilla, Google, Apple and Opera later on to offer browser extensions. Flash will be built into the Edge browser as well as PDF rendering. Additionally, Edge will be deployed as a Universal Windows App, so users can update Edge from the Windows App Store rather than via Windows updates, and it will run in a sandbox, meaning it will have little to no access to the system and other apps running on your device.

Not supporting any extensions and running Edge inside Windows’ sandbox is very good from a security standpoint. Browser extensions can not only distract users, but they can slow down the browsing experience and can create a huge security risk if abused, as they can see everything you do within the browser, including on encrypted sites. – Lukas Rypacek, Director of Desktop Platform

Avast is already compatible with Windows 10

Avast has been compatible with Windows 10 since March.

No major changes were needed to make Avast compatible with Windows 10; we had to slightly change some components to make everything work as it should, but no changes were needed in terms of behavior and communication. What we are now doing is migrating users to the latest version of Avast to ensure a smooth Windows 10 upgrade. – Martin Zima, Senior Product Manager

Are you looking forward to Windows 10 and will you be upgrading? Let us know in the comments section :)

Follow Avast on Facebook where we keep you updated on cybersecurity news every day.