5 Best Antivirus - Top Software for PC, Mac and Mobile

[jumbo-quality-no1]

Top 5 Antivirus Software

1) Kaspersky

2) Bitdefender

3) Trend Micro

4) ESET

5) Norton

The Power Of Security and Protection For PC, Mac and Mobile:
To Get Up-to-date Antivirus to Protect Your Data, Privacy, Money, Family and More.

[jumbo-quality-no1]

[jumbo-quality-no1]

Top Causes of Data Breaches 2013-2014

[jumbo-quality-no1]

Java, Apple, Adobe Flash Player, ActiveX Plug-Ins Vulnerabilities By Month 2013-2014

[jumbo-quality-no1]

Cybercriminals are using webinject kits with their banking trojans to bypass two-factor authentication systems used by banks, then steal data and money from victims. In this piece we take a closer look at their development.

These webinject files are basically a text file with a lot of JavaScript and HTML code and are used by cybercriminals to target organizations by injecting specific code into the victims’ browsers – in real-time – so they can modify these webpages. Read more in ESET Security

Jumbo-Quality-No1 has ESET Smart Security 2015 1 PC on sale for $23.99

]

Also available:

ESET Smart Security 2015 3 PCs on sale for $38.99

ESET NOD32 Antivirus 2015 1 PC on sale for $22.99

ESET NOD32 Antivirus 2015 3 PCs on sale for $32.99

[jumbo-quality-no1]

Fake vouchers spread throughout the world via WhatsApp
[source: welivesecurity.com ]

]

First examples

It was mid-August, people were receiving links sent by their WhatsApp contacts that pointed to some kind of survey that was sponsored by a well-known supermarket brand from numerous countries. Below you can see two examples of this scam:

one for Coles Supermarket (Australia):

]

another for Mercadona (Spain):

]

An organized scam campaign is operating on a global scale. Some of the supermarkets used to this effect included Lidl in Italy, 7-Eleven in the US, Albert Heijn in the Netherlands and Woolworths in Australia.

The way in which the scam works is relatively simple. Some WhatsApp users receive a message with a link that redirects them to a fake website that is mimicking the supermarket in question, promising then voucher of a certain worth. To benefit from this deal, the user needs to register their personal data, including their name, email, mobile phone number, address and so forth.

All this data is then collected and subsequently used in spam campaigns. However, in addition to this, it’s also possible that the scammers will try and lure the victim into subscribing to a premium SMS service that will cost him or her money.

It seems that this initial campaign was quite profitable for the scammers because, since then, we have seen similar cases materialize (at least a new one every week). For example, last week we observed a new scam campaign using the same strategy but this time claiming to be Starbucks. Of course, the vouchers were adapted to the local currency.

In this case, the scammers didn’t bother themselves in translating the message for other non-English speaking countries. Even then, people filled in the fields that requested their personal data.

]

Pablo Ramos, head of LATAM research lab at ESET, analyzed another campaign that was impersonating the Spanish fashion firm Zara.

]

In this instance, the scammers weren’t looking for personal data. Instead, they were trying to convince the victim that their Android device was infected and needed urgent attention. They would then aim to lure them to download a fake antivirus app by subscribing to a SMS premium service.

These new scam campaigns adapt and reuse other techniques that we have seen in recent years when analyzing mobile focused malware. The use of a recognizable brand to convince the victim of authenticity, the false voucher promising an interesting prize – these are examples of strategies that have been previously deployed. But what makes these new campaigns dangerous is how fast they are spreading through instant messaging apps like WhatsApp.

It reminds us of a time when Microsoft Messenger was used to share links that would redirect users to a malicious website, and, as these recent cases have proven, if it has worked before, then it can work again. It’s our job as security conscious individuals to make sure that we people won’t fall into this trap and not only avoid clicking onto these links but also warning our contact to do the same.

Jumbo-Quality-No1 has ESET NOD32 Antivirus 2015 1 PC on sale for $22.99

]

Also available:

ESET Smart Security 2015 3 PCs on sale for $38.99

ESET Smart Security 2015 1 PC on sale for $23.99

ESET NOD32 Antivirus 2015 3 PCs on sale for $32.99

[jumbo-quality-no1]

How 11M Ashley Madison Passwords Are Cracked
[source: threatpost.com ]

]

Use The Same Password

A San Diego-based password cracking group has taken a big step towards deciphering some of the 36 million odd passwords leaked in last month’s Ashley Madison breach, a move that could quickly lead to the widespread hacking of any users who used the same password on other services.



Poor Passwords

Hackers had previously attempted – and succeeded – to crack some users’ Ashley Madison passwords, but only managed to decode a small number of them–and only because they were poor passwords to begin with.

Members of CynoSure Prime, a collective skilled at cracking passwords, announced Thursday morning however that it had found a new weakness in tokens they found in the second round of dumps from the extra-marital website that surfaced online in mid-August. That dump purportedly also contained emails belonging to the CEO of parent company Avid Life Media, along with source code.

Attacked the MD5 Tokens

Instead of targeting the leaked passwords hashed with bcrypt, a task that would have proved equally tough and time consuming, when the sleuths at CynoSure Prime unearthed a cache of 15.26 million login tokens that were hashed with MD5, an algorithm with several known cryptographic weaknesses, they began attacking those.

“Instead of cracking the slow bcrypt hashes directly, which is the hot topic at the moment, we took a more efficient approach and simply attacked the MD5 […] tokens instead. Having cracked the token, we simply then had to case correct it against its bcrypt counterpart,” the crackers wrote in a blog entry this morning.

It took a few days, but by running the tokens they were able to crack against their bcrypt counterparts, the crackers claimed they were able to successfully decode over 11.2 million passwords – and that it’s working on cracking another four million.

According to Ars Technica, who has a deeper dive on the methods CynoSure Prime used, the crackers aren’t planning on publicly releasing the passwords but will divulge any additional details needed to dig up the passwords.

The weakness apparently stems from an error involving the passing of the plaintext account password through MD5 with the variable $loginkey. CynoSure Prime isn’t exactly sure what the variable was used for, but is speculating it was used to help users with automatic login.

“It was generated upon user account creation and was re-generated when the user modified their account details including username, password and email address,” CynoSure Prime writes in its blog post.

One member of CynoSure Prime told the publication that cracking the MD5 hashes was “one million times” faster than trying to crack the bcrypt hashes and that with the help of password-cracking software like MDXfind, the group only has roughly four million left to crack.

Generates strong passwords

If you use simple or easy-to-remember passwords, it can be easy for hackers to work out what those passwords are – and then gain access to your accounts and apps. Similarly, if you use the same passwords for multiple accounts, it can be easier for cybercriminals to access all your accounts. Kaspersky and ESET Password Manager includes a strong password generator that automatically creates effective, individual passwords on your PC… for each web and app account. You can then use these strong passwords on any of your supported devices.

Jumbo-Quality-No1 has Kaspersky PURE 3.0 Total Security 2015 3 PCs 1 Year on sale for $42.99

]

Also available:

ESET Smart Security 2015 1 PC on sale for $23.99

ESET NOD32 Antivirus 2015 1 PC on sale for $22.99

ESET NOD32 Antivirus 2015 3 PCs on sale for $32.99

[tmyusuf]

I think Norton is in number one antivirus software.

[jumbo-quality-no1]

2015 Antivirus Lab Tests Chart
[source: PC Magazine ]

[jumbo-quality-no1]

2015 Malware Blocking Chart
[source: PC Magazine ]

[jumbo-quality-no1]

2015 Antiphishing Chart
[source: PC Magazine ]

[jumbo-quality-no1]

How to Stay Safe on Social Networking Sites
[source: United States Computer Emergency Readiness Team (US-CERT) ]

While most people using sites such as Facebook and Twitter do not pose a threat, malicious people use these sites to steal information or engage in other criminal activity. The more information malicious people have about you, the easier it is for them to take advantage of you, your friends or family members.

Here is solid advice from the Department of Homeland Security about protecting yourself on social networking sites.

Limit the amount of personal information you post. Do not post information that would make you vulnerable, such as your address or information about your schedule or routine.

Remember that the Internet is a public resource. Only post information you are comfortable with anyone seeing.

Be wary of strangers. The Internet makes it easy for people to misrepresent their identities and motives. Consider limiting the number of people who can contact you on these sites.

Be skeptical. Don’t believe everything you read online. People may post false or misleading information about various topics, including their own identities.

Evaluate your settings. Take advantage of a site's privacy settings. Customize your settings to restrict access to certain people.

Be wary of third-party applications. Avoid applications that seem suspicious, and modify your settings to limit the amount of information the applications can access.

Use strong passwords. Protect your account with passwords that cannot easily be guessed.

Check privacy policies. Some sites may share information such as email addresses or user preferences with other companies. This may lead to an increase in spam — for you, and others in your network.

Keep software, particularly your web browser, up-to-date. Install software updates so that attackers cannot take advantage of known problems or vulnerabilities.

Use and maintain anti-virus software - Anti-virus software helps protect your computer against viruses and attacks. Make sure to keep your software up-to -date.

[jumbo-quality-no1]

T9000 malware steals files, records Skype chats and calls and can 'hide' from anti-virus software
[source: DailyMail ]

-- Trojan, called T9000, was spotted by security company Palo Alto Networks

-- It automatically captures data about the infected system and steals files

-- Researchers said it is so sophisticated it can hide from anti-virus software

A malicious computer program is targeting Skype users and listening in to their conversations, security experts have warned.

The Trojan, called T9000, was spotted by experts at Palo Alto Networks, who call it 'backdoor malware'.

The researchers also warned it is so sophisticated, it can hide from even the most popular anti-virus software, making it extremely difficult to detect.

For example, Norton, AVG, McAfee, Kaspersky, Trend Micro, Bitdefender and Sophos were all said to have failed to identify the malware during the researcher's tests.

'The primary functionality of this tool is to gather information about the victim,' warned Palo Alto's security researchers Josh Grunzweig and Jen Miller-Osborn.


'In fact, the [Trojan's] author chose to store critical files in a directory named "Intel".'

'T9000 is pre-configured to automatically capture data about the infected system and steal files of specific types stored on removable media.'

Computers become infected by the malware when a user opens a malicious Rich Text Format (RTF) files, software used by popular word document programs such as Microsoft Word.

The Trojan is said to involve what's known as a multi-stage installation process and checks at each point for any installed anti-virus programs.

The full list of programs that the Trojan scans is available from Palo Alto Networks.

After checking everything, T9000 installs itself and then collects information stored on the infected system, sending it to the hacker's server.

The malware is said to have spread originally via spear phishing emails sent to organisations in the US.

Spear phishing is an e-mail spoofing fraud attempt that targets a specific group or organisation.

The intent is to steal intellectual property, financial data, trade or military secrets and other personal information.

However, researchers believe this new backdoor malware is so sophisticated it can adapt to be used against any victim that a cybercriminal wishes to hack.

'The author of this backdoor has gone to great lengths to avoid being detected and to evade the scrutiny of the malware analysis community,' added Palo Alto.

The T9000 is a more advanced version of an older backdoor Trojan called the T5000, which was first identified in 2013 targeting the automotive industry.




The Trojan is said to involve a multi-stage installation process (illustrated) and checks at each point for any installed anti-virus programs. After checking everything, T9000 installs itself and then collects information stored on the infected system, sending it to the hacker's server


It was used again in 2014 in an attack using a lure related to the disappearance of Malaysian flight MH370.

Despite Palo Alto observing the T9000 being used in multiple targeted attacks against organisations based in the US, the firm has warned that tool is intended for use against a broad range of users.

Users should be weary of receiving a message that reads: 'explorer.exe wants to use Skype' when starting up the chat program.

This indicates a Trojan module has been downloaded and executed.

Security experts are also working to update their anti-virus software and advise people to keep their software up-to-date.