Computer News & Safety – Harry Waldron Rotating Header Image

July 11th, 2016:

Antivirus Products – AVAST and AVG merger announced

Two leading vendors of free AV protection have announced plans to merge. Avast plans to acquire rival AVG for $1.3 billion as noted below:

http://thenextweb.com/insider/2016/07/07/antivirus-giant-avast-acquiring-rival-avg-1-3b

Avast, which is known for its consumer-grade antivirus software with over 230 million users worldwide, has announced that it will acquire rival AVG for $1.3 billion in an all-cash deal. Both firms have their roots in the Czech Republic. The transaction will allow Avast to expand its business across more markets worldwide; together, the two companies have a user base of about 400 million, including about 16 million people who use their mobile security products.

Avast also hopes that its new acquisition will allow to create better security services for sectors like small and medium businesses and IoT hardware. It isn’t yet clear if Avast will fold AVG’s software offerings into its own brand or continue to sell them under the existing banner.

WIN10 – Free upgrade considerations for WIN7 and WIN8 users

Windows 10 is a more secure, reliable, and feature rich O/S introduced so far.  Users on recently purchased systems are likely to benefit the most.  But there are some considerations where users on older equipment or software may wish to stay with their current older software.

http://www.pcworld.com/article/3092365/windows/10-reasons-why-you-shouldnt-upgrade-to-windows-10.html

The clock is ticking, folks. If you want to upgrade to Windows 10 for free, you only have until July 29, 2016 to do so. And most people should! Windows 10 is  the best Windows yet, chock full of handy new features, sleek  under-the-hood improvements, and  headache-killing extras.  But it’s not for everybody. There are some very real, very valid reasons not to upgrade to Windows 10.  If you’re on the fence about whether to accept or reject Microsoft’s freebie, read on for some concrete justifications for staying put.

1. No Windows Media Center or DVD support
2. No desktop gadgets or widgets (Win 7 feature)
3. No OneDrive placeholders (Win 8.1 feature)
4. No control over Windows Updates (only minimal postponement)
5. Privacy concerns (aggregate data sent to Microsoft)
6. Ads and more ads (Skype or Office upgrades)
7. Microsoft’s aggressive upgrade tactics (some WIN7 users disabled updates)
8. Software compatibility (XP compatibility mode disappears)
9. Hardware compatibility (Old scanners, printers, wi-fi connectivity)
10. Ain’t broke, don’t fix it (some users may not wish to learn new O/S and UI)

Android Security – Fake infected Pokemon-Go application circulating

Mobile phone users should carefully ensure they download the Pokemon-Go from official sites only.  Due to it’s popularity, fake versions are now appearing on alternate malicious sites, as noted below:  

https://www.proofpoint.com/us/threat-insight/post/droidjack-uses-side-load-backdoored-pokemon-go-android-app

Pokemon GO is the first Pokemon game sanctioned by Nintendo for iOS and Android devices. The augmented reality game was first released in Australia and New Zealand on July 4th and users in other regions quickly clamored for versions for their devices. It was released on July 6th in the US, but the rest of the world will remain tempted to find a copy outside legitimate channels. To that end, a number of publications have provided tutorials for “side-loading” the application on Android. However, as with any apps installed outside of official app stores, users may get more than they bargained for.

In this case, Proofpoint researchers discovered an infected Android version of the newly released mobile game Pokemon GO. This specific APK was modified to include the malicious remote access tool (RAT) called DroidJack (also known as SandroRAT), which would virtually give an attacker full control over a victim’s phone. The DroidJack RAT has been described in the past, including by Symantec and Kaspersky. Although we have not observed this malicious APK in the wild, it was uploaded to a malicious file repository service at 09:19:27 UTC on July 7, 2016, less than 72 hours after the game was officially released in New Zealand and Australia.

ConclusionInstalling apps from third-party sources, other than officially vetted and sanctioned corporate app stores, is never advisable. Official and enterprise app stores have procedures and algorithms for vetting the security of mobile applications, while side-loading apps from other, often questionable sources, exposes users and their mobile devices to a variety of malware. As in the case of the compromised Pokemon GO APK we analyzed, the potential exists for attackers to completely compromise a mobile device. If that device is brought onto a corporate network, networked resources are also at risk.