Postări
Which IoT device scares me the most?
I was thinking about Jeff Weiner's question to identify a single product or feature that you cannot do without. For me, it is easy to pay that accolade to Tesla's self-driving autopilot. Every time I am stuck in Bay Area traffic, I allow the car to drive itself while I engage in creative thinking or relax with an audiobook. This is the perfect example of what technology should do—take on the monotonous work and do it better than a human being can.
A much-needed wake-up call: “Sleep Mode” for slow PCs
Looking for a solution to stop programs from slowing down your PC—without sacrifices? Meet “Sleep Mode,” part of the all-new Avast Cleanup Premium .
Which IoT device scares me the most?
I was thinking about Jeff Weiner's question to identify a single product or feature that you cannot do without. For me, it is easy to pay that accolade to Tesla's self-driving autopilot. Every time I am stuck in Bay Area traffic, I allow the car to drive itself while I engage in creative thinking or relax with an audiobook. This is the perfect example of what technology should do—take on the monotonous work and do it better than a human being can.
Code Used in Zero Day Huawei Router Attack Made Public
Researchers warn of copycat type attacks as exploit code used in Mirai variant goes public.
A much-needed wake-up call: “Sleep Mode” for slow PCs
Looking for a solution to stop programs from slowing down your PC—without sacrifices? Meet “Sleep Mode,” part of the all-new Avast Cleanup Premium .
Threat of the year
At the end of every year, our experts analyze the incidents that occurred and name one incident (or a trend) the story of the year. This year they did not have much to debate: 2017 was obviously the year of ransomware. Three ransomware epidemics ( WannaCry , ExPetr , and the slightly less famous Bad Rabbit ) attracted a lot of attention, but at least one only seemed to be encrypting ransomware. Note that, although the incidents were sudden and took many users by surprise, our experts predicted the trends back in 2016. Costin Raiu and Juan Andres Guerrero-Saade wrote in Securelist’s forecasts for 2017 that they expected the emergence of ransomware that could “lock away files or system access or simply delete the files, trick the victim into paying the ransom, and provide nothing in return.” Let’s recall the most important lessons of these attacks. Malware’s lateral movement Those epidemics became famous because the malware encrypted not just one computer, but all of the machines o...
Leaky RootsWeb Server Exposes Some Ancestry.com User Data
Ancestry.com closes parts of its community-driven genealogy site RootsWeb as it investigates a leaky server that exposed thousands of passwords, email addresses and usernames to the public internet.
Mozilla Patches Critical Bug in Thunderbird
Mozilla has patched one critical vulnerability in its Thunderbird email client along with two bugs rated high.
Which IoT device scares me the most?
I was thinking about Jeff Weiner's question to identify a single product or feature that you cannot do without. For me, it is easy to pay that accolade to Tesla's self-driving autopilot. Every time I am stuck in Bay Area traffic, I allow the car to drive itself while I engage in creative thinking or relax with an audiobook. This is the perfect example of what technology should do—take on the monotonous work and do it better than a human being can.
A much-needed wake-up call: “Sleep Mode” for slow PCs
Looking for a solution to stop programs from slowing down your PC—without sacrifices? Meet “Sleep Mode,” part of the all-new Avast Cleanup Premium .
IPv6, it’s waiting for you
IPv6 is an expression IT professionals are likely to have seen or heard at one time, but what exactly is it? Let us give you a quick introduction, and then try to explain what it does differently by comparing it to its predecessor, IPv4. IPv4 and IPv6 are both Internet communications protocols designed as an identification and location systems for networked devices. This allows people to direct traffic to a specific address. IPv6 is short for Internet Protocol version 6. Naturally, that means IPv4 is version 4. In case you are wondering, version 5 was so short-lived that it never reached any importance. Why the change? One reason to replace IPv4 was the number of possible IP addresses associated, which was at approximately 4.2 billion. The authority that handed out the IPv4 blocks (IANA) ran out of IPv4 blocks in the beginning of 2011. The number of possible addresses was limited because the IPv4 addresses are only 32 bits long. With IPv6, the address is 128 bits long (both ty...
Which IoT device scares me the most?
I was thinking about Jeff Weiner's question to identify a single product or feature that you cannot do without. For me, it is easy to pay that accolade to Tesla's self-driving autopilot. Every time I am stuck in Bay Area traffic, I allow the car to drive itself while I engage in creative thinking or relax with an audiobook. This is the perfect example of what technology should do—take on the monotonous work and do it better than a human being can.
Code Used in Zero Day Huawei Router Attack Made Public
Researchers warn of copycat type attacks as exploit code used in Mirai variant goes public.
A much-needed wake-up call: “Sleep Mode” for slow PCs
Looking for a solution to stop programs from slowing down your PC—without sacrifices? Meet “Sleep Mode,” part of the all-new Avast Cleanup Premium .
Threat of the year
At the end of every year, our experts analyze the incidents that occurred and name one incident (or a trend) the story of the year. This year they did not have much to debate: 2017 was obviously the year of ransomware. Three ransomware epidemics ( WannaCry , ExPetr , and the slightly less famous Bad Rabbit ) attracted a lot of attention, but at least one only seemed to be encrypting ransomware. Note that, although the incidents were sudden and took many users by surprise, our experts predicted the trends back in 2016. Costin Raiu and Juan Andres Guerrero-Saade wrote in Securelist’s forecasts for 2017 that they expected the emergence of ransomware that could “lock away files or system access or simply delete the files, trick the victim into paying the ransom, and provide nothing in return.” Let’s recall the most important lessons of these attacks. Malware’s lateral movement Those epidemics became famous because the malware encrypted not just one computer, but all of the machines o...
Leaky RootsWeb Server Exposes Some Ancestry.com User Data
Ancestry.com closes parts of its community-driven genealogy site RootsWeb as it investigates a leaky server that exposed thousands of passwords, email addresses and usernames to the public internet.
Mozilla Patches Critical Bug in Thunderbird
Mozilla has patched one critical vulnerability in its Thunderbird email client along with two bugs rated high.
Remove the Cheesy Barbecue Bacon Chrome Extension
Cheesy Barbecue Bacon by Avdp.me is a unwanted Chrome extension that has a description of "Cheesy barbecue bacon meatballs recipe.". When installed, it will create a small icon in the Chrome toolbar that when clicked on, will open the web page http://ift.tt/2pDM5py. This article was published first at Remove the Cheesy Barbecue Bacon Chrome Extension
Remove the Cheesy Barbecue Bacon Chrome Extension
Cheesy Barbecue Bacon by Avdp.me is a unwanted Chrome extension that has a description of "Cheesy barbecue bacon meatballs recipe.". When installed, it will create a small icon in the Chrome toolbar that when clicked on, will open the web page http://ift.tt/2pDM5py. This article was published first at Remove the Cheesy Barbecue Bacon Chrome Extension
Which IoT device scares me the most?
I was thinking about Jeff Weiner's question to identify a single product or feature that you cannot do without. For me, it is easy to pay that accolade to Tesla's self-driving autopilot. Every time I am stuck in Bay Area traffic, I allow the car to drive itself while I engage in creative thinking or relax with an audiobook. This is the perfect example of what technology should do—take on the monotonous work and do it better than a human being can.
A much-needed wake-up call: “Sleep Mode” for slow PCs
Looking for a solution to stop programs from slowing down your PC—without sacrifices? Meet “Sleep Mode,” part of the all-new Avast Cleanup Premium .
Consumers beware: New malware Catelites Bot could be targeting your banking apps
There is a terrible new malware invading Android devices and using dirty tricks to steal users’ online banking info. Avast Threat Labs worked with SfyLabs to uncover and expose this malware, dubbed Catelites Bot. The malware is similar to a Russian outbreak earlier this year, where cybercriminals successfully stole over $900,000. (That malware was called “CronBot”—which shares similarities with the original Catelites Bot.)
Which IoT device scares me the most?
I was thinking about Jeff Weiner's question to identify a single product or feature that you cannot do without. For me, it is easy to pay that accolade to Tesla's self-driving autopilot. Every time I am stuck in Bay Area traffic, I allow the car to drive itself while I engage in creative thinking or relax with an audiobook. This is the perfect example of what technology should do—take on the monotonous work and do it better than a human being can.
Code Used in Zero Day Huawei Router Attack Made Public
Researchers warn of copycat type attacks as exploit code used in Mirai variant goes public.
A much-needed wake-up call: “Sleep Mode” for slow PCs
Looking for a solution to stop programs from slowing down your PC—without sacrifices? Meet “Sleep Mode,” part of the all-new Avast Cleanup Premium .
Threat of the year
At the end of every year, our experts analyze the incidents that occurred and name one incident (or a trend) the story of the year. This year they did not have much to debate: 2017 was obviously the year of ransomware. Three ransomware epidemics ( WannaCry , ExPetr , and the slightly less famous Bad Rabbit ) attracted a lot of attention, but at least one only seemed to be encrypting ransomware. Note that, although the incidents were sudden and took many users by surprise, our experts predicted the trends back in 2016. Costin Raiu and Juan Andres Guerrero-Saade wrote in Securelist’s forecasts for 2017 that they expected the emergence of ransomware that could “lock away files or system access or simply delete the files, trick the victim into paying the ransom, and provide nothing in return.” Let’s recall the most important lessons of these attacks. Malware’s lateral movement Those epidemics became famous because the malware encrypted not just one computer, but all of the machines o...
Leaky RootsWeb Server Exposes Some Ancestry.com User Data
Ancestry.com closes parts of its community-driven genealogy site RootsWeb as it investigates a leaky server that exposed thousands of passwords, email addresses and usernames to the public internet.
Mozilla Patches Critical Bug in Thunderbird
Mozilla has patched one critical vulnerability in its Thunderbird email client along with two bugs rated high.
Consumers beware: New malware Catelites Bot could be targeting your banking apps
There is a terrible new malware invading Android devices and using dirty tricks to steal users’ online banking info. Avast Threat Labs worked with SfyLabs to uncover and expose this malware, dubbed Catelites Bot. The malware is similar to a Russian outbreak earlier this year, where cybercriminals successfully stole over $900,000. (That malware was called “CronBot”—which shares similarities with the original Catelites Bot.)
Huawei Router Vulnerability Used to Spread Mirai Variant
Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Okiku, also known as Satori.
Nissan Canada Finance Notifies 1.1 Million of Data Breach
Nissan Canada Finance notified 1.13 million customers on Thursday of a data breach impacting an unspecified number of past and present customers.
IPv6, it’s waiting for you
IPv6 is an expression IT professionals are likely to have seen or heard at one time, but what exactly is it? Let us give you a quick introduction, and then try to explain what it does differently by comparing it to its predecessor, IPv4. IPv4 and IPv6 are both Internet communications protocols designed as an identification and location systems for networked devices. This allows people to direct traffic to a specific address. IPv6 is short for Internet Protocol version 6. Naturally, that means IPv4 is version 4. In case you are wondering, version 5 was so short-lived that it never reached any importance. Why the change? One reason to replace IPv4 was the number of possible IP addresses associated, which was at approximately 4.2 billion. The authority that handed out the IPv4 blocks (IANA) ran out of IPv4 blocks in the beginning of 2011. The number of possible addresses was limited because the IPv4 addresses are only 32 bits long. With IPv6, the address is 128 bits long (both ty...
Mozilla Patches Critical Bug in Thunderbird
Mozilla has patched one critical vulnerability in its Thunderbird email client along with two bugs rated high.
Remove the Cheesy Barbecue Bacon Chrome Extension
Cheesy Barbecue Bacon by Avdp.me is a unwanted Chrome extension that has a description of "Cheesy barbecue bacon meatballs recipe.". When installed, it will create a small icon in the Chrome toolbar that when clicked on, will open the web page http://ift.tt/2pDM5py. This article was published first at Remove the Cheesy Barbecue Bacon Chrome Extension
思いがけない蘇生をはたしたブラウザベースの暗号通貨マイニング
死に絶えたと思われていたブラウザベースの暗号通貨マイニングが、思いがけずよみがえり、Web サイトと訪問者を脅かしています。 Read More
iOS と macOS で VPN 接続をバイパスできるセキュリティ上の問題
この問題の影響により、安全でないチャネル上でデータを送信するアプリケーションを、開発者が故意あるいは不慮に作成できる恐れがあります。 Read More
Consumers beware: New malware Catelites Bot could be targeting your banking apps
There is a terrible new malware invading Android devices and using dirty tricks to steal users’ online banking info. Avast Threat Labs worked with SfyLabs to uncover and expose this malware, dubbed Catelites Bot. The malware is similar to a Russian outbreak earlier this year, where cybercriminals successfully stole over $900,000. (That malware was called “CronBot”—which shares similarities with the original Catelites Bot.)
Give the gift of privacy: Avast SecureLine VPN
At a time when almost every holiday present is an IoT device—connected gadgets that can put your privacy and safety at risk—why not think one better, and gift your loved ones with online privacy instead? VPNs (virtual private networks) are secure lines to the internet. They protect users by masking their real IP address and encrypting their data.
What Santa might not tell you about connected toys
Oh, the simple days of aisle wars over Tickle Me Elmo, Cabbage Patch Kids, and Teddy Ruxpin … In 2017, the hottest, must-have holiday toys have taken on a whole new twist. Two cases in point: LEGO BOOST Creative Toolbox - the customizable robot that lets you code its behavior via an app and complete activities; and FurReal Friends - a collection of robotic pets that attempt to emulate domestic animals, right down to their personalities.
Remove Succulent Cupcakes Chrome Extension
Succulent Cupcakes by raec.me is a unwanted Chrome extension that has a description of "These stunning cupcakes are inspired by the latest succulent cake craze.". When installed, it will create a small icon in the Chrome toolbar that when clicked on, will open the web page http://ift.tt/2CYAanO. This article was published first at Remove Succulent Cupcakes Chrome Extension
iOS と macOS で VPN 接続をバイパスできるセキュリティ上の問題
この問題の影響により、安全でないチャネル上でデータを送信するアプリケーションを、開発者が故意あるいは不慮に作成できる恐れがあります。 Read More
Huawei Router Vulnerability Used to Spread Mirai Variant
Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Okiku, also known as Satori.
思いがけない蘇生をはたしたブラウザベースの暗号通貨マイニング
死に絶えたと思われていたブラウザベースの暗号通貨マイニングが、思いがけずよみがえり、Web サイトと訪問者を脅かしています。 Read More
iOS と macOS で VPN 接続をバイパスできるセキュリティ上の問題
この問題の影響により、安全でないチャネル上でデータを送信するアプリケーションを、開発者が故意あるいは不慮に作成できる恐れがあります。 Read More
2018 年網路安全預測
隨著 2017 邁入尾聲,可以預期新的一年裡情勢將會如此發展 Publish to Facebook: No 這一年來,網路罪犯運用日漸純熟的技術,突破了各種網路防禦措施,在世界各地造成了嚴重的服務中斷。到 2018 年,預計這種趨勢會變得更加明顯,因為攻擊者會利用機器學習和人工智慧來發動更強力的攻勢。 未來一年會相當忙碌,務必做好萬全準備。今年五月的 WannaCry 攻擊影響了 全球超過 200,000 台電腦 ,這類事件只能算是熱身運動,新的一年將出現更多致命的惡意軟體攻擊和阻斷服務攻擊 (DDos)。與此同時,網路罪犯也已經整裝待發,預備進犯辦公室和居家環境中數百萬台已連線至物聯網的裝置。 隨著 2017 邁入尾聲,可以預期新的一年裡情勢將會如此發展: 區塊鏈將找到加密貨幣以外的用途,但網路罪犯會專攻貨幣及換匯 區塊鏈終於開始尋找加密貨幣以外的用途,而物聯網內的交易漸增,使得區塊鏈開始擴展至銀行的跨行結算,然而,這類使用方式仍處於搖籃階段,尚未成為今日多數網路罪犯的目標。網路罪犯不會攻擊區塊鏈技術本身,而是把重點放在入侵貨幣換匯和使用者的貨幣錢包,因為這類目標最簡單而且報酬最高。他們還會誘騙受害者在電腦和行動裝置上安裝貨幣挖礦程式,將 CPU 和電力白白送給網路罪犯使用。 網路罪犯會利用人工智慧 (AI) 與機器學習 (ML) 發動攻擊 如今談到網路安全,一定不會漏掉討論人工智慧和機器學習。目前為止,相關討論的重點都放在如何將這類技術運用於防護機制和偵測機制。然而,明年情況將有所改變,因為網路罪犯也會使用 AI 和 ML 來發動攻擊。在網路安全領域中,明年將首度見到 AI 與 AI 互相較勁。網路罪犯會使用 AI 來攻擊和探索受害者的網路,這通常是入侵後最需要人力的環節。 針對供應鏈的攻擊將成為犯罪主流 供應鏈攻擊向來是傳統間諜活動和訊號情報操作者用來入侵上游承包商、系統、公司、供應商等的主要方式。這種攻擊相當有效,國家關係者會運用人力情報來入侵供應鏈中最薄弱的環節,也會透過妥協或逼迫等方式,在製造和分發階段植入惡意軟體。 這種攻擊方式如今逐漸成為網路犯罪的主流。網路罪犯會透過可公開取得的資訊 (關於技術、供應商、承包商、合作關係、重要人士等),找出供應鏈中最薄弱的環節並發動攻勢。2016 與 2017 年曾...
2018년 사이버 보안 예측
2017년이 저무는 시점에 짚어보는 내년의 사이버 보안 전망 Publish to Facebook: No 지난 한 해 동안 사이버 범죄자들은 사이버 방어를 뚫는 데 더욱 능숙한 기술을 구사하며 전 세계에서 주요 서비스를 중단시켰습니다. 2018년에는 공격자들이 머신 러닝과 인공 지능을 이용해서 더욱 강력한 공격을 시도하여, 이러한 추세가 더욱 강해질 전망입니다. 분주해질 한 해에 미리 대비하십시오. 5월에 전 세계에서 20만 대 이상의 컴퓨터 를 감염시킨 WannaCry 공격과 같은 사건은 보다 치명적인 맬웨어 및 디도스 공격이 기다리는 새해에 비하면 예행 연습에 불과합니다. 한편 사이버 범죄자들은 사무실과 가정에서 사물 인터넷(IoT)에 연결된 수백만 대의 기기에 대한 공격을 강화할 준비를 하고 있습니다. 2017년이 저무는 시점에 짚어보는 내년의 사이버 보안 전망: 새로운 공격대상으로 주목 받는 비트코인 IoT에서 증가하는 원동력에 힘입어, 블록체인이 마침내 암호화폐 이외의 용도를 모색하며 은행 간 정산에 이용되고 있습니다. 하지만 이러한 이용 사례는 아직 초기 단계이고 현재 대부분의 사이버 범죄자가 노리는 대상이 아닙니다. 사이버 범죄자들은 블록체인 기술 자체를 공격하는 대신, 취약한 코인 환전 및 사용자의 코인 지갑에 집중합니다. 가장 쉬운 공격 대상인 동시에 높은 이익을 얻을 수 있기 때문입니다. 피해자는 본인도 모르게 컴퓨터 및 모바일 기기에 코인 채굴기를 설치하게 되어, CPU와 전력을 사이버 범죄자에게 넘겨주게 됩니다. 인공지능과 머신러닝을 이용한 사이버 범죄 등장 오늘날 사이버 보안과 관련된 논의에서 인공 지능(AI)과 머신 러닝(ML)을 빼놓을 수 없습니다. 지금까지의 사이버 보안 논의는 이러한 기술을 보호 및 탐지 메커니즘으로 사용하는 데 초점을 두었습니다. 하지만 범죄자가 공격을 시도하는 데 AI와 ML을 사용하면서 내년에는 이러한 논의도 달라질 것입니다. 내년은 사이버 보안 맥락에서 AI 간의 대결이...
Nissan Canada Finance Notifies 1.1 Million of Data Breach
Nissan Canada Finance notified 1.13 million customers on Thursday of a data breach impacting an unspecified number of past and present customers.
Facebook phishers want you to “Connect with Facebook”
As we edge toward Christmas, scammers are throwing their own party—in the form of Facebook phishing pages linked to and from bogus landing pages hosted on sites(dot)google(dot)com URLs. These landing pages, adorned with very large and very fake “Login with Facebook” buttons, may be extra convincing to the unwary, due to a combination of the trusted Google name and the fact that the sites are HTTPS rather than standard HTTP. HTTPS is becoming increasingly popular with scammers as it adds an extra air of authenticity to the whole operation. As a result, you can’t just assume a “secure” site is also a safe one. There could well be a phisher lurking in the distance. The landing pages are all themed around loss of Facebook access, with potential victims most likely directed there by phishing emails. (We haven’t seen any associated with this particular campaign, but given the messaging on the sites and the typical methods used to steer someone to them, it seems a reasonable bet to make.)...