BMWs at risk of hacking
BMW is in the process of issuing security patches to drivers of its 2017 i3, 2016 X1 and 525Li, and 2012 730Li. The patches will cover fourteen newly-discovered vulnerabilities, four of which can be triggered only through physical connection to the car computer systems, while another four require USB connection to the car. The remaining six vulnerabilities can be exploited remotely. A diligent cybercriminal can gain access to the cars’ infotainment systems, T-Box components, and UDS communication. In light of the findings, BMW has embraced the value of third-party cybersecurity research, and they are working on fixes.
Blog post and analysis by Vojtech Bocek and Nikolaos Chrysaidos
When you get a brand new phone, you expect it to be clean from any malware and adware. Unfortunately, this is not always the case. The Avast Threat Labs has found adware pre-i…
Cybersecurity encompasses multiple defenses. It’s not just an antivirus, it’s not just a VPN, it’s not just a password manager, internet security, and anti-track software. It’s all these things and more, working together to ensure every vulnerability is protected, whether the threats are coming from a phishing email, a malicious website, a botnet, public Wi-Fi, or other avenue. Cybercriminals are trying every angle to crack into our data, and they won’t rest until they do.
Click to view a larger version of the infographic here.
We need to defend our digital lives comprehensively. Here are 5 ways to protect yourself online:
- Get Antivirus Protection: Every month, our network protects hundreds of millions of users from 2 billion malware attacks. Avast Premier is our top-of-the-line antivirus that stops emerging threats, ransomware, spyware, and then some.
- Use a VPN to encrypt your internet connection: A VPN protects your privacy online by masking your IP address and providing an encrypted connection between you and the internet. Access streaming shows when you travel, safely use a public Wi-Fi, and remain anonymous online.
- Use a fast, secure, and private browser: Get state-of-the-art protection for all your online activities—plus ad-blocking, anti-tracking, and anti-fingerprinting. This makes it impossible for others to create an online profile of you. Avast Secure Browser includes all this and it’s up to 4x faster than your standard browser.
- Make your passwords unique and strong: Ever-changing, complex passwords are key to data protection. Use a password manager to securely sync your passwords across all your computers, smartphones, and tablet
devices. Avast Passwords Premium is a great option for
managing your passwords and it also has the added benefit of detecting when sites have been compromised and prompts you to change your password.
- While you’re at it, speed up and clean up your PC: Along with all this protection, apply a full optimization suite like Avast Cleanup Premium which includes over 10 features to improve your PC’s reliability and speed. Our patented technologies provide next-gen tuning and cleaning which frees up disk space, removes bloatware, fixes problems, and increases speed.
Dangerous PDF exploit combines two vulnerabilities
Fortunately, patches exist for both vulnerabilities in question, but if an unpatched Windows system suffers infection from this PDF exploit, all bets are off.
This is a call to action! Please see my experiment below — and agree with my assertion that as a global digital culture, we must care more about security. Starting now.
Over the past few days, we have been analyzing a development with the Necurs botnet – a cybercrime operation dating back to 2012 that quickly became one of the largest spam botnets in the world. We reported on the infamous cybergang responsible for the distribution of global malware campaigns such as “Locky” and “GlobeImposter” in two blog posts (here and here) that explained how malware is spread via Necurs. And now we have seen a new link to that chain with attackers serving brand new files via the same botnet. These files are spreading malicious Visual Basic Scripts (VBScripts) and our analysis suggests that the authors are using the services provided by the Necurs botnet to reach more victims. The ultimate goal of the attackers is to make systems vulnerable to attacks with the ability to steal personal data and to infect them with keyloggers, banking malware, and ransomware.
Amazon Web Services (AWS) hijacked for 2-hour heist
For two hours on Tuesday, the website MyEtherWallet.com, a cryptocurrency wallet where thousands of users store their Ethereum, was leeched of roughly $150,000. Cybercriminals hacked into the site by…
Nearly 50,000 Minecraft accounts have been infected with malware designed to reformat hard-drives and delete backup data and system programs, according to Avast data from the last 30 days. The malicious Powershell script identified by researchers from Avast’s Threat Labs uses Minecraft “skins” created in PNG file format as the distribution vehicle. Skins are a popular feature that modify the look of a Minecraft player’s Avatar. They can be uploaded to the Minecraft site from various online resources.
Endpoints are an easy target for hackers, so it’s essential that small businesses protect themselves. Connected employees, vulnerable software and weak antivirus all contribute to this being a favorite target of hackers. And, as the list below details, there are many types of cyberattacks that target endpoints, from phishing to malvertising.
Cybersecurity is a major concern in today’s world, both at the corporate and personal levels. Our computers, our handheld devices, and our smart home and IoT products are vulnerable to a variety of attacks. In 2017 alone, Avast blocked 35 billion security attacks against PCs and 208 million against Android mobile devices. What was one of the biggest security threats? Ransomware.