Monthly Archives: June 2015

AVG

AVG begins bug bounty program

For AVG, helping to keep our 200 million users safe online isn’t just a question of reacting to threats as and when they appear. Instead, our security is built on a foundation of deliberate, pre-emptive action in order to keep their data and identity safe.

One way to be proactive is through a bug bounty program, which offers rewards to researchers that legally find and responsibly disclose vulnerabilities. By safely identifying and fixing vulnerabilities before attackers discover them, bug bounty programs help make software and websites more secure.

This extra security is one of the reasons I’m pleased to share that AVG has started a bug bounty program on Bugcrowd. Bugcrowd gives AVG the opportunity to have a well-established and respected community review its PC security products. This proactive approach to the security of our software will give our more than 200 million active users even more peace of mind and protection.

By starting a bug bounty program, AVG joins other companies like Google, Microsoft, Facebook and Apple taking that extra step to secure its users.

Microsoft Bug Bounty

How can you get involved?

The AVG bug bounty at Bugcrowd is currently focused on two of our PC based security products, AVG AntiVirus FREE 2015 and AVG Internet Security 2015.

If you think you’ve got what it takes to become a bug bounty hunter, you can see all the technical details here on AVG’s bug bounty page at Bugcrowd.

Fedora

Fedora 22 Security Update: kernel-4.0.5-300.fc22

Resolved Bugs
1217249 – Screen brightness will not change on MacBook Pro (fixed with kernel parameter)
1225563 – RFE: Mark trackpoints on usb/bluetooth devices as such, so that middle button scrolling gets enabled automatically
1218882 – liotarget: “fd_do_rw() write returned -22”, iSCSI not functioning
1187534 – CVE-2015-1420 kernel: fs/fhandle.c race condition
1227417 – CVE-2015-1420 kernel: fs/fhandle.c race condition [fedora-all]
1188695 – TTY auditing is not auditing ICANON input
1133378 – [abrt] WARNING: CPU: 3 PID: 4081 at drivers/base/firmware_class.c:1124 _request_firmware+0x509/0x820()
1226743 – xorg-x11-drv-intel-2.99.917-10.20150526.fc22.x86_64 causes screen corruption with Intel Mobile GM965/GL960 chipset
1227877 – SMT guests enter an infinite loop at boot time on POWER7
1226621 – WARNING: CPU: 1 PID: 2236 at mm/backing-dev.c:372 bdi_unregister+0x3a/0x50()<br
Update to latest upstream stable release, Linux v4.0.5. Wide variety of fixes across the tree.

Fedora

Fedora 21 Security Update: kernel-4.0.5-200.fc21

Resolved Bugs
1225563 – RFE: Mark trackpoints on usb/bluetooth devices as such, so that middle button scrolling gets enabled automatically
1187534 – CVE-2015-1420 kernel: fs/fhandle.c race condition
1188695 – TTY auditing is not auditing ICANON input
1226743 – xorg-x11-drv-intel-2.99.917-10.20150526.fc22.x86_64 causes screen corruption with Intel Mobile GM965/GL960 chipset
1226621 – WARNING: CPU: 1 PID: 2236 at mm/backing-dev.c:372 bdi_unregister+0x3a/0x50()
1217249 – Screen brightness will not change on MacBook Pro (fixed with kernel parameter)
1218882 – liotarget: “fd_do_rw() write returned -22”, iSCSI not functioning
1227417 – CVE-2015-1420 kernel: fs/fhandle.c race condition [fedora-all]
1133378 – [abrt] WARNING: CPU: 3 PID: 4081 at drivers/base/firmware_class.c:1124 _request_firmware+0x509/0x820()
1227877 – SMT guests enter an infinite loop at boot time on POWER7<br
Update to latest upstream stable release, Linux v4.0.5. Wide variety of fixes across the tree.

AVG

Are you using a password that’s a decade old?

In the study by Telesign, web users had on average six passwords protecting 24 online accounts, another cause for concern. Using old or weak passwords across multiple sites can leave people vulnerable to attack.

Using the same password on multiple sites is one of the biggest mistakes that people can make in terms of Internet security. If a password for one account gets compromised then it can start a chain reaction that leaves other online accounts vulnerable to attack. With high profile data breaches regularly in the news, this is not as farfetched as it may sound.

Good password practice

There are three basic steps that we can all follow to help keep our online accounts safe:

Use a strong password

Creating a strong and memorable password doesn’t have to be difficult, we’ve outlined three easy steps in our password guide.

In the meantime, here are four common password mistakes to avoid.

Video

Password Mistakes to Avoid

 

Use a different password for each account

Here to explain why it’s always a good idea to use site-specific passwords, here is AVG Security Awareness Director Michael McKinnon:

Video

Use A Different Password for Each Site

 

Use Two-Factor authentication

Lastly, I suggest using two-factor authentication whenever it’s available. Two-factor authentication means that your password alone isn’t enough to access an account. Instead you’ll need a code sent to your phone or generated by an app to validate your identity.

Watch the video below to learn more:

Video

What is Two-Factor Authentication