Avast antivirus program is selling its users’ data to major companies…

Research conducted by reporters from Motherboard and PCMag revealed that the company behind the popular Avast antivirus program is selling its users’ data to major companies such as Google, Microsoft, Pepsi and Home Depot.

According to the report, the company was collecting data from its Avast antivirus software, which it then handed over to its subsidiary, Jumpshot, which then sorted them out and sometimes sold them in return for millions of dollars. Although Avast, during its installation, lets users share their data, Motherboard and PCMag’s research suggests that many users had no idea that Jumpshot was selling their data.

At the heart of the research were several big names from various industries. It is not known who they were, are or are going to become clients of, but the list of companies that appeared to have partnered with Jumpshot includes the names of Expedia, Intuit, Sephora, L’Oréal, Keurig, Condé Nast and more. Microsoft, however, has stated that it is not currently working with Jumpshot. Yelp said it only worked with Jumpshot once, while Google did not respond to requests from Motherboard and PCMag to comment on the report’s findings.

The data being sold includes everything imaginable, from search engine searches to Google Maps, site searches to Google Maps, business activity on LinkedIn, to YouTube channel visits or pornographic websites. It is assumed that this data does not include personal information, such as names or email addresses, but some experts have expressed concerns that some users may be anonymized.

One product that Jumpshot sells is called “All Clicks Feed” and tracks users’ clicks on the websites they visit with great accuracy. The product is advertised as follows: “Every search. Every click. Every purchase. On every website. ” At least one customer, the advertising company Omnicom Media Group, has purchased the product. According to Motherboard and PCMag, Omnicom Media Group paid Jumpshot over $ 2 million last year to gain access to data.

This is not the first time we have learned that Avast is collecting user data. A few months ago, Mozilla removed Avast’s Online Security and SafePrice extensions from Firefox as well as all Avast AVG products after finding that they were collecting much more data than necessary. The collection and sale of highly detailed information to its users is undoubtedly frustrating and worrying for a company such as Avast, which is supposed to have a primary purpose of protecting its users.

Philips Hue lamps could allow a hacker to take control of the network

Until today, Philips Hue lamps could allow a hacker to exploit your network.

Four years ago, security researchers showed that a drone outside the building could crack Philips Hue lamps in a room, with a virus that infected each lamp individually. Today, we are learning that this vulnerability has not been fully restored, and researchers are now finding ways to penetrate users’ home or corporate networks, unless they have installed a patch.

The good news is that if anyone has connected the lamps to the internet, they will have already been automatically updated to version 1935144040, which contains the updated code. Check Point Software, a company specializing in internet security, had informed Philips last November and a patch was released at the end of January.

In 2016 the drone managed to load a malicious update without the user having to take any action. In contrast, the new hacking technique essentially forced the user to re-add the lamp to the network due to a virtual malfunction with color and brightness, thus giving the hacker full control of the user’s network and data. Check Point Software reports that due to design constraints, lamps could still have vulnerabilities that may not have been identified.

Although Check Point has not tried other companies’ lamps, it claims that these vulnerabilities may not be limited to Philips. The Zigbee communication protocol used by Hue is found in dozens of other smart gadgets such as the Amazon Ring bell, the Samsung SmartThings hub, Belkin WeMo devices, Honeywell thermostat and Comcast’s Xfinity alarm system.

So it will be interesting to see how many of these devices have corresponding vulnerabilities and when to fix them before they become dangerous for users’ personal data.