Roboscan is certified for the firewall and the high detection rate

certificate

Roboscan is certified by Virus Bulliten, ICSA Labs and OPSWAT

You might knew that Roboscan has received the VB100 award by independent testing organization, Virus Bulletin. But do you know that Roboscan is also certified by ICSA and OPSWAT?

Roboscan has been proud of our multi-layer protection with dual engines and our minimum CPU usage for optimizing your PC performance. Virus bulletin also commended us for the fast scanning speeds and high detection rate.

Roboscan enterprise is certified by ICSA Labs for the ability to protect the cyber security of individual desktops, laptops and servers of residential users as well as organizations.

OPSWAT certification verifies current antivirus applications on the market. Both Roboscan Internet Security Free and Pro version are certified to be interoperable with numerous leading networks and technology partners. We have received Silver Certified for our firewall; Bronze Certified for the Antivirus category, and Bronze Certified as an Antispyware.

Check out more information from the Awards and Certifications page on our website!

Facebook offered $12,500 to security researcher for finding critical photo bug.

An Indian security researcher, Arul Kumar recently discovers a security flaw on Facebook that allows hackers to delete any photo from a user’s account without his/her knowledge or permission via mobile devices. The bug is now fixed and Facebook reward Kumar with $12,500 for finding this critical vulnerability.

Facebook photo bug allows hackers to delete other's photo without permission.

Facebook photo bug allows hackers to delete other’s photo without permission.

In Kumar’s blog, he reveals a way to remove photos from another user’s account without knowing the victim’s login information. Normally, user can request Facebook to remove a photo. If Facebook doesn’t remove it, the user can then appeal to the user who uploaded the photo to request taking it down. He/She will then receive a link with a one-click button to delete the image.

So where is the problem?

According to Kumar, the breach resides in the Support Dashboard on Facebook’s mobile domain. Kumar created two real Facebook IDs and logged in both account at the same time. On one end, he called it the “sender”; while the other called the “receiver.” He reported a photo as the “sender,” in the URL he inserted the photo ID value (a.k.a “cid” parameter) that he would like to remove, and the profile ID value (a.k.a “rid” parameter) of the person that the report supposed to go to (the “sender,” which in this case is also controlled by Kumar).

On Kumar’s blog, he described how to delete other user’s photo with him/her knowledge.

Microsoft is not the only tech giant who encourages hackers to resolve any vulnerability with bounty rewards. Facebook’s White Hat Program offers financial reward to experts who can locate any bug of their site. The minimum reward is $500, while there is no ceiling for the prize amount. It all depends on the severity of the bug.

However, as a reminder, Facebook strongly forbids researchers from testing their exploits on any real accounts. Couple weeks ago, an IT expert, Khalil Shreateh hacked Mark Zuckerberg’s timeline to prove his finding of a bug. As a result, he was disqualified to claim the reward. However, in Kumar’s case, he never actually tested on Mark’s account. The delete button has never been clicked.

Shadow IT, Good or Bad?

Is Shadow IT Good or Bad?

Is Shadow IT Good or Bad?

Some of you might or might not have heard of the term “Shadow IT.” It means the technology that is not formally supported or built by the company . They are not a part of the core IT solution or mobile devices of the company.

Bring your own device (BYOD) policy becomes more common in the working environment, especially in start-up business.  However, there are pros and cons.

On the bright side…

Shadow IT can be an important source of innovation of an organization. Some technology may then become an official approved solution for the company. Meanwhile, if employees were allowed to bring their personal mobile devices to work, it might actually help the efficiency of internal information and data exchange. Employees can backup files, make a copy in their personal devices or upload to the cloud then access to the documents later, anytime, anywhere, which highly increases the efficiency of the organization function.

On the flip-side…

Risk management becomes more difficult. BYOD indeed increases the convenience for employees and is beneficial to the company in some way; however, the risk of confidential document outflow comes after.

Some applications or devices outside of company approval may not have strong security support. Meanwhile, it gives company a hard time to to keep track of the company data.

Some organizations make their file available in read-only so that employees can only make copies of the document but not make changes to it. However, employees may be frustrated by the restriction on the devices or limited authorization of data; as a result. efficiency of work decreases.

At the end, is Shadow IT or BYOD good or bed? There is no absolute right answer to this question. It is affirmed that BYOD has a positive influence to the growth of a company; nevertheless, a thorough plan for the risk management is a must.

If you own a company or an organization, will you give the green light to BYOD policy?

Outdated Windows OS has higher risk of being infected by malware

Microsoft Windows OS

Microsoft Windows OS

 

Which version of Microsoft Windows OS are you using? Windows 2000? or Windows XP? We suggest you to update your Windows OS to a more recent version to lower the chance of being infected by malware.

A study generated by BitDefener, (one of Roboscan’s internet security engine) reveals that 9.28 percent of the scanned systems that run Windows 2000 are still infected by malware despite internet security software.

Windows XP still has a massive followers although it is claimed to be retired by April 8, 2014, while the study shows that XP has the highest infection rate of 12.87 percent after scanning.

Computers that run Windows 7 was detected to have a 11.74 percent infection rate after running security solution. However, only 4.59 percent of the devices who runs the latest Microsoft OS, Windows 8 were infected.

OS version vs. infection rate

OS version vs. infection rate

We can see a direct relationship between how old the OS you’re using and the chances of being infected by malware. Apparently, the older the version of your Windows OS you are using, the more likely you will be  the target.

Up till today, according to OPSWAT, “Windows 7 leads the pack in the operating system market (53.8% of all Windows versions), followed by Windows XP (36.2%) and Windows Vista (8.1%).” If you are that 36.2%, we suggest you to update your OS to protect your cyber security.

Windows OS user deployment

Windows OS user deployment

Last but not the least, if you’re a Roboscan user, in addition to upgrade your Windows OS, don’t forget to keep your Roboscan Internet Security up-to-date for the best protection to your PC!

 

 

 

How To Remove Panda Cloud Unwanted Pop-up

Are you struggling to download Roboscan Internet Security or access to URLs  because this message ”The page has been blocked as it contains malware or exploits” just keep getting in your way? Even you check to agree that you’re going to continue visiting this web page no matter what, nothing happens after several clicks on “continue.”

Panda Cloud Antivirus Safe Search Protection

Panda Cloud Antivirus Safe Search Protection

Therefore, you tried to find a way to get rid of this pop-up; decided to bypass the alert and download the software in spite of the risk of getting infection, but in vain. You went to the control panel trying to find and remove any antivirus software from Panda, but in vain again, because you have never installed it at the very beginning. So what should you do?

 

3 easy steps to remove the Panda Cloud Antivirus Safe Search Protection” pop-up

1. Go to Control Panel>Programs>Programs and Features>Uninstall a program

2. Search for a program called “Anti-Phishing Domain Advisor” powered by Panda Security (See blow screenshot)

3. Check to uninstall the program.

Remove "Anti-Phishing Domain Advisor" from control panel

Remove “Anti-Phishing Domain Advisor” from control panel

Remember in the post <Sneaky Spyware, Adware, Tool Bars>, we suggest you to go over your program list once in awhile to avoid any malicious software intruding on your computer without your permission? On the program list, I notice this program was installed 2 months ago while I haven’t seen it show up until 2 weeks ago; meanwhile, I can’t even remember I had opted-in to installed such program. We suggest you to keep an eye on what are installed on you computer periodically and remove the suspicious ones to guard your internet security and privacy.

Last but not the least, keep in mind that you do not have to download any software or widget in order to download Roboscan Internet Security. The message at the bottom of the pop-up misleads people to download Panda Cloud Antivirus to visit certain links or download certain software.

 

 

[News] DES SIM Card Security Breach Puts 750 Million Mobile Phone Users In Danger

Your SIM card is now hackable!

Your SIM card is now hackable!

Thought your mobile phone SIM card is an un-hackable nutshell? Well, you might have to rethink about it because it is now officially “breakable.”

A German researcher, Karstetn Nohl from Security research Labs revealed the hole of GSM encryption. Hackers can remotely break into some outdated DES (Date Encryption Standard) SIM cards and access your personal data with just a personal computer less than 2 minute.

“Give me any phone number and there is some chance I will, a few minutes later, be able to remotely control this SIM card and even make a copy of it,” Nohl said to Forbes.

With only a couple fake text messages sending to your phone that claims coming from a carrier, there is quarter chance that you will receive an error message back containing a set of 56-bit digital key from DES SIM card. With the code, hackers can send malware to the SIM card via text message. From then on, the hacker can monitor the phone calls, hijacks the data and identity on the phone.

Up to 750 million SIM cards could be hacked. Fortunately, many wireless carriers now adapt the newer and more secure triple DES SIM card. GSMA (Global System for Mobile Association) has already notified the security flaw to the SIM card manufactures and vendors. Experts are now striving to find out the optimal solution for the breach. Nohl will give more detail about the research process in the Black Hat conference in Las Vegas on August 1st.

He suggests the industry to take action on such matter and gradually phase out the SIM cards to eliminate the security vulnerability. Consumers using SIM cards more than 3 years old ideally should request for a new card.

 

Related reading:

Google Releases Patch to OEM for Serious Android Security Loophole

Most Androids Vulnerable Due to Outdated Firmware

[Update] Roboscan Update Server Issue Solved

Dear Roboscan users,

Last week our update server experienced some problems that caused the failure of updating; however, the issue is now resolved.

Please try updating Roboscan again for the most protection to your PC. To confirm the update has completed successfully, please click “”View Log” on the lower left of Roboscan interface.

Image

Update Roboscan for the most protection to your PC

If the problem remains or if you have questions, please email us at support@roboscan.com for further assistance from our tech team!

We apologize for the inconvenience and thank you for supporting Roboscan!

Roboscan Team.

Download the latest Roboscan Internet Security for Free here

[News] Google Releases Patch to OEM for Serious Android Security Loophole

Major Android security vulnerability was discovered by Bluebox labs, the research team of Bluebox that a master key hole can turn any application into a Torjan malware and take over 99% of the Android smartphones for the past 4 years. On July 10th, Google had already release the patch to OEM to shop to customer.

It is said that this significant flaw had been around since Android 1.6 (Android 1.6 Donut). It may impact any Android phone for the past four years; in other words, 900 million devices could be affected.

According to Gina Scigliano, Google’s Android communications manager, “A patch has been provided to our partners—some OEMs, like Samsung, are already shipping the fix to the Android devices.” However,  in order to update the security system, current Android users have to turn to their hardware vendors for updates.

In order to assure that the software has not been modified by a third-party, each program contains cryptographic signature of authentic Android application. However, such security loophole allows hackers to enable the malicious code under the condition of not affecting the cryptographic signature. In consequence, any Android developer who takes the advantage of such loophole can access to use’s phone like a legit regular app.

Nevertheless, Android users shouldn’t be worried too much. Scigliano also said that “We have not seen any evidence of exploitation in Google Play or other app stores via our security scanning tools,” “Google Play scans for this issue – and Verify Apps provides protection for Android users who download apps to their devices outside of Play.”

More about Android security: Most Androids Vulnerable Due to Outdated Firmware

Turn on 2-step authentication to enhance your social media security

Do you still remember the article about “2-step authentication” we shared on Facebook? Today, we are going to walk you through the process of setting up 2-step authentication on your social media step-by-step.  2-step authentication is not a cure-it-all for your internet security. However, it certainly makes it more difficult for hackers to break through your security line.

What is 2-step authentication?

2-step authentication (a.k.a. two-factor authentication) is composed of two pieces of authentication factors: the knowledge factor, something you know, and the possession factor, something you have. It’s similar to the idea of requiring 2 keys to open a treasure chest. In addition to the password you originally created for emails, social media or even online banking accounts (knowledge factor), you will need another key (possession factor) to access to your accounts. Your phone is one of the most popular options nowadays. By activating such security feature on your social media, you will receive a set of codes on your phone. Use this code to access your account after typing in the password you normally use.

How to set up?

  1. Click on the setting button on the upper right corner and choose the account setting option.

    Facebook login approval

    Facebook login approval

  2. On the navigation panel on your left, choose “security”; it will take you to the screen below.
  3. Enable the “Login Approval” security feature then Facebook will walk you through
    FB login approval2
  4. Facebook will send you a set of codes via SMS. Type the code in the box, then click next. As you enter the security code, you will have the option to save your device to your account so that you don’t have to generate a code for the device every time you log in
    FB login approval3
  5. If you ever login via a device unrecognized by Facebook, you will need to enter the code again. 계속 읽기

10 Common Facebook scams 2013 -Part 2.

Have you kept the first 5 common scams on Facebook that we talked about in our last post? If you need a little recap, check out 10 Common Facebook scams 2013 <Part 1>.

Ready? Now, let’s get into the next 5!

6.         Phony message on Facebook

  • Scammer from Facebook team: A phishing scam spotted by GFI Lab early this year. You will go through 5 pages of question for a security check after clicking on the link. Once the scammer has your information, it will start to spam your friends or use your identity and card information to purchase things you will never receive.
Phony message from Facebook Team spotted by GFI Lab

Phony message from Facebook Team spotted by GFI Lab

  • Check out my new Camera: I’ve seen too many times that my friends try to show me their new shopping trophy through Facebook chat; while we all know the link of the pictures will not take you to their new camera or new clothes,  but some spams or malware.
  • I need your help (and money!): Your friend won’t ask for your help by just leaving a Facebook message, especially when s/he needs your financial support. A tip to keep in mind, they usually ask you to transfer money via Western Union or other uncommon financial institute. Be cautious!

7.        Customize you Facebook:  Apps to find out who unfriend you, to change your Facebook color or getting “Dislike” button are just a few tricks of the scammers. Scammers usually insert adware, malware into the browser extension or plugins.

Red Facebook Hoax

Red Facebook Hoax

One of the most popular scam on Facebook early this year is the make-your-Facebook-red scam. After clicking the link 계속 읽기