Norton to buy/merge with Avast

[WolframaticAlpha]

Summary

Norton LifeLock, the parent company responsible for making Norton security products is going to merge with Avast antivirus, one of it's largest competitors.The deal is valued at 8 billion USD. Norton's older parent, Symantec spun out Norton in 2017, when it was bought out by Broadcom. The merger is a big deal, considering the increase in ransomware cases(Kaseya, Gigabyte etc). It also should be noted that Avast also owns AVG

 

Quotes

Quote

NortonLifeLock and Avast are merging in a deal worth more than $8 billion. The deal will see NortonLifelock acquire all of Avast’s shares, and create a much larger cyber security firm. “With this combination, we can strengthen our cyber safety platform and make it available to more than 500 million users,” says Vincent Pilette, NortonLifeLock CEO. “We will also have the ability to further accelerate innovation to transform cyber safety

 

My thoughts

Yay! More crapware mergers. Good thing that I use linux and don't download illegitimate sw from the interwebz. Also avast sw is down right scummy. A lot of these antiviruses are more intrusive than adware, slows down computers more than a cryptomining trojan and probably sends more data than a keylogger.

Quote

The best form of cybersecurity is common sense

 

Sources

Norton and Avast are merging into an $8 billion antivirus empire - The Verge

[Fasauceome]

6 minutes ago, WolframaticAlpha said:

The best form of cybersecurity is common sense

Yeah but I can't install common sense for my clients unfortunately

 

Unless they're offering that at the same place where I can download ram

[Master Disaster]

My understanding is that Norton has had a pretty big change in its reputation in recent years. Personally I haven't used anything other than WD since Windows 7 and these days I only have one device running Windows anyway.

[StDragon]

57 minutes ago, Master Disaster said:

My understanding is that Norton has had a pretty big change in its reputation in recent years. Personally I haven't used anything other than WD since Windows 7 and these days I only have one device running Windows anyway.

Norton is "ok" last I checked. It's not my preferred in terms of UI. But in terms of effectiveness at stopping malware, it's alright.

BitDefender does a fantastic job! It's performant, usually stays out of the way, and very effective. My only major gripe is that the UI has features burred several layers deep. IMHO, it needs a philosophical UI redesign. But the engine under the hood sort of speak is fine the way it is.

Windows Defender has matured and is very good on its own. I'm still not convinced it's good at intercepting phishing websites unless you use MS Edge. With BitDefender, you can use any browser you want as it does SSL inspection.

Webroot is good, but I find it slow at times.

 

AVG is pure nuclear garbage; which is sad because it used to be a really good product. So much so that I actually paid for a subscription to it back in 2002 - 2004 years. Somewhere along the lines it turned into a PUP like McAfee.

[RejZoR]

"Common sense" is the biggest bullshit argument I kept hearing over and over and apparently it still hasn't died yet. Common sense is just small part of whole protection because no one can check file reputation or inspect its actual code with "common sense". That's like expecting everyone who drives a car to graduate in mechanical and electrical engineering. The same way people who use computers just don't have the knowledge to utilize "common sense". The rest of us who know stuff are such tiny minority we're not even a blip on a global radar.

[Lurick]

6 minutes ago, RejZoR said:

"Common sense" is the biggest bullshit argument I kept hearing over and over and apparently it still hasn't died yet. Common sense is just small part of whole protection because no one can check file reputation or inspect its actual code with "common sense". That's like expecting everyone who drives a car to graduate in mechanical and electrical engineering. The same way people who use computers just don't have the knowledge to utilize "common sense". The rest of us who know stuff are such tiny minority we're not even a blip on a global radar.

My lazer beams will detect the suspect file and convert it to a hex hash and I'll read it on my matrix screen and hax the code to make sure it's safe

 

Sarcasm aside it's everyone who thinks they know everything and they're smarter than others that are the biggest problem. Those thinking you can outsmart every threat every time is just beyond stupid and that you don't need anything to help protect you because "common sense" will protect you is bullshit. Sure it can help mitigate issues and problems but anyone who thinks they can stop drive-by exploits/downloads, zero day attacks, etc. is kidding themselves.

[WolframaticAlpha]

15 minutes ago, RejZoR said:

"Common sense" is the biggest bullshit argument I kept hearing over and over and apparently it still hasn't died yet. Common sense is just small part of whole protection because no one can check file reputation or inspect its actual code with "common sense". That's like expecting everyone who drives a car to graduate in mechanical and electrical engineering. The same way people who use computers just don't have the knowledge to utilize "common sense". The rest of us who know stuff are such tiny minority we're not even a blip on a global radar.

OK, so tell me, how the heck you are going to get a virus, if you are downloading from legit sources? There has been a negligible number of cases in which the site has been actually modified and the actual site had malware. If you use common sense, don't practice digital piracy and use well known software, then you are probably not going to get infected. 

 

>That's like expecting everyone who drives a car to graduate in mechanical and electrical engineering.

No, that is like expecting the people who drive a car to know and abide by traffic rules.

 

>Common sense is just small part of whole protection because no one can check file reputation or inspect its actual code with "common sense".

Am I telling you to read the code? Nobody expects you to run ghidra or something to read the code. If you download software from a trusted source and don't download every file sent to you, then a very large percentage of the malware put on machines will be mitigated.

[WolframaticAlpha]

21 minutes ago, Lurick said:

My lazer beams will detect the suspect file and convert it to a hex hash and I'll read it on my matrix screen and hax the code to make sure it's safe

 

Sarcasm aside it's everyone who thinks they know everything and they're smarter than others that are the biggest problem. Those thinking you can outsmart every threat every time is just beyond stupid and that you don't need anything to help protect you because "common sense" will protect you is bullshit. Sure it can help mitigate issues and problems but anyone who thinks they can stop drive-by exploits/downloads, zero day attacks, etc. is kidding themselves.

Norton LifeLock and Avast are consumer facing products. Can you tell me how many times does a machine get affected by zero days and drive by exploits? Most of the viruses faced by consumers is because of downloading from a stupid source. You will mitigate a very very large percentage of the threats, just by using common sense. I never installed an antivirus, even in the XP days, and never once has my system been affected by a virus. In a corporate environment, I get it. But in those fields, cylance is way more prevalent.

 

Also can you educate me, how does an antivirus mitigate zero days, which are, by definition: "deriving from or relating to a previously unknown vulnerability to attack in some software.". How will they be able to search for that?

[RejZoR]

2 minutes ago, WolframaticAlpha said:

OK, so tell me, how the heck you are going to get a virus, if you are downloading from legit sources? There has been a negligible number of cases in which the site has been actually modified and the actual site had malware. If you use common sense, don't practice digital piracy and use well known software, then you are probably not going to get infected. 

 

>That's like expecting everyone who drives a car to graduate in mechanical and electrical engineering.

No, that is like expecting the people who drive a car to know and abide by traffic rules.

 

>Common sense is just small part of whole protection because no one can check file reputation or inspect its actual code with "common sense".

Am I telling you to read the code? Nobody expects you to run ghidra or something to read the code. If you download software from a trusted source and don't download every file sent to you, then a very large percentage of the malware put on machines will be mitigated.

Because everyone totally downloads only from "legit" sources. Whatever that even is. This isn't Android or iOS with one default curated app store. Do you want to know how many times people questioned my apps even though I'm relatively known person when it comes to misc tools, tweaks and certain game patches. Meaning they get them wherever they find them, on download sites, blogs, webpages, wherever.

 

Also the analogy of abiding traffic rules doesn't really help you if your car has engine check light and your common sense tells you to keep on driving because you're in a hurry. That's how much "common sense" means in security.

 

Also how you know something is legit if you don't inspect the code? CCleaner's incident is a prime example of that. Reliable source, even signed with signature, on outside it looked the same as anything. So, how do you know it's clean? You may say antivirus software didn't spot it anyway, but that's a very edge case example. Bunch of malware is far less sophisticated, but may pretend to be something else and it's doing whatever behind the scenes. Antivirus has at least some logic to inspect behind the scenes of any program where general users just don't. At all.

[captain_to_fire]

15 minutes ago, WolframaticAlpha said:

OK, so tell me, how the heck you are going to get a virus, if you are downloading from legit sources? There has been a negligible number of cases in which the site has been actually modified and the actual site had malware. If you use common sense, don't practice digital piracy and use well known software, then you are probably not going to get infected. 

Drive by download attacks as far as I know require no user interaction, just visit a site either through a phishing email and it will download the malware in the background. It can happen to even legitimate websites that have been hacked. It has been prevalent in 2017-2018 when cryptomining malware became popular. My university's website was one of the victims of it. I just visited the site but little did I know malware was running. I would've never known it's there until my antivirus program caught it.

 

If you are aware,  Asus was a victim of a targeted supply chain attack. It was undetected for them until Kaspersky reported it to them due to Kaspersky's telemetry data. [Securelist]

 

 

[WolframaticAlpha]

22 minutes ago, RejZoR said:

Because everyone totally downloads only from "legit" sources. Whatever that even is. This isn't Android or iOS with one default curated app store. Do you want to know how many times people questioned my apps even though I'm relatively known person when it comes to misc tools, tweaks and certain game patches. Meaning they get them wherever they find them, on download sites, blogs, webpages, wherever.

 

Also the analogy of abiding traffic rules doesn't really help you if your car has engine check light and your common sense tells you to keep on driving because you're in a hurry. That's how much "common sense" means in security.

 

Also how you know something is legit if you don't inspect the code? CCleaner's incident is a prime example of that. Reliable source, even signed with signature, on outside it looked the same as anything. So, how do you know it's clean? You may say antivirus software didn't spot it anyway, but that's a very edge case example. Bunch of malware is far less sophisticated, but may pretend to be something else and it's doing whatever behind the scenes. Antivirus has at least some logic to inspect behind the scenes of any program where general users just don't. At all.

A trusted source means that you are downloading stuff from a source you know. I wouldn't have touched your firefox tweaker if I didn't know you(btw pls add an option to mass apply my tweaks. I have to open and close it again and again to use it). So, if you don't know about sw, then don't use it(McAfee actually was being an arse when I tried to run an unverified program).

 

> CCleaner's incident is a prime example of that

CCleaner-like cases are exceedingly rare, when  you put it against other malware.

 

Antivirus is not totally useless, but you don't need it, if you can use your common sense and have a good judgement.

[WolframaticAlpha]

22 minutes ago, captain_to_fire said:

Drive by download attacks as far as I know require no user interaction, just visit a site either through a phishing email and it will download the malware in the background. It can happen to even legitimate websites that have been hacked. It has been prevalent in 2017-2018 when cryptomining malware became popular. My university's website was one of the victims of it. I just visited the site but little did I know malware was running. I would've never known it's there until my antivirus program caught it.

 

If you are aware,  Asus was a victim of a targeted supply chain attack. It was undetected for them until Kaspersky reported it to them due to Kaspersky's telemetry data. [Securelist]

 

 

In all the cases you mentioned, I daresay that:

A) Entity was not using consumer grade protection

B) Consumer was being stupid

C) Weird edge case

[captain_to_fire]

9 minutes ago, WolframaticAlpha said:

> CCleaner's incident is a prime example of that

CCleaner-like cases are exceedingly rare, when  you put it against other malware.

Said by no one. https://www.csoonline.com/article/3619065/6-most-common-types-of-software-supply-chain-attacks-explained.html

 

5 minutes ago, WolframaticAlpha said:

In all the cases you mentioned, I daresay that:

A) Entity was not using consumer grade protection

B) Consumer was being stupid

C) Weird edge case

Why should a watering hole attack be a consumer's fault?

[StDragon]

26 minutes ago, WolframaticAlpha said:

In all the cases you mentioned, I daresay that:

A) Entity was not using consumer grade protection

B) Consumer was being stupid

C) Weird edge case

"Drive-by downloads" occurs more often than you know. For example, ad server market runs on razor thin profit margins. So the servers used to host them are done on the cheap. That means very little administrative oversite to patch and maintain them. It's THOSE servers (ad servers) that often get hacked. So what ends up happening is when an ad rotates into view within a banner, it's actually a malware site or malicious code that will attempt to load in that browser session.

Other vectors include malicious URLs in e-mail and macros within Excel or Word files. If they don't contain ransomware code, they'll usually just contain a link to a phishing site. Example: "Enter O365 credentials to download your file (invoice)". And that's how user credentials are captured and the account taken over on the backend by the hacker. It's also why it's exceedingly important to have 2FA/MFA enabled on such accounts to prevent them from being hijacked.

[WolframaticAlpha]

17 minutes ago, StDragon said:

"Drive-by downloads" occurs more often than you know. For example, ad server market runs on razor thin profit margins. So the servers used to host them are done on the cheap. That means very little administrative oversite to patch and maintain them. It's THOSE servers (ad servers) that often get hacked. So what ends up happening is when an ad rotates into view within a banner, it's actually a malware site or malicious code that will attempt to load in that browser session.

Other vectors include malicious URLs in e-mail and macros within Excel or Word files. If they don't contain ransomware code, they'll usually just contain a link to a phishing site. Example: "Enter O365 credentials to download your file (invoice)". And that's how user credentials are captured and the account taken over on the backend by the hacker. It's also why it's exceedingly important to have 2FA/MFA enabled on such accounts to prevent them from being hijacked.

 

43 minutes ago, captain_to_fire said:

Said by no one. https://www.csoonline.com/article/3619065/6-most-common-types-of-software-supply-chain-attacks-explained.html

 

Why should a watering hole attack be a consumer's fault?

I did not know that drive by download attacks are so prevalent(never seen anyone experience them), but what protection does Norton, avast and mcafee offer over something like Windefender?

[StDragon]

16 minutes ago, WolframaticAlpha said:

 

I did not know that drive by download attacks are so prevalent(never seen anyone experience them), but what protection does Norton, avast and mcafee offer over something like Windefender?

In theory, they should all offer the same level of protection. Right? But in reality, each AV has their own strengths and weaknesses. But just as the threat landscape changes, so does software development to combat these threats. So it's not just the AV vendors, but also the end-users that must keep their software up to date as well.

When it comes to cyber security, no solution is 100% effective. This is why you have multiple security solutions in place that provide some overlap in protection. For example, Firewall gateway AV scanning, AV and EDR agents on client machines along with employee awareness training.

In addition to the above, the new hotness at threat mitigation is hardware based; specifically VBS / HVCI. If you have 7th gen Intel and newer, you can enable this already in Windows 10 (Core Isolation - Memory Integrity) with no performance impact. Windows 11 will make these features mandatory (hence the HW requirements). Microsoft has stated that VBS / HVCI has reduced ransomware attacks by over 60% with VBS vs machines that don't have it enabled. If not already, I wouldn't be surprised if 3rd party AV products detect VBS / HVCI status and offer end-users recommendations on how to enable them.

[Murasaki]

So two AVs that I don't use or particularly find reliable to merge into one? Cool cool cool.

[Kisai]

7 hours ago, WolframaticAlpha said:

 

 

My thoughts

Yay! More crapware mergers. Good thing that I use linux and don't download illegitimate sw from the interwebz. Also avast sw is down right scummy. A lot of these antiviruses are more intrusive than adware, slows down computers more than a cryptomining trojan and probably sends more data than a keylogger.

 

Back in the day, like late 90's, the only products were McAfee, Norton, and some other AV's that nobody heard about. Today there's like 30+ AV vendors, and most of them are not any more effective than the free one bundled with Windows.

 

The value is no longer in the AV component, but the firewall. More specifically the enterprise firewall.

 

The problem is that over time, these AV products have become invasive, being worse and alarmist that takes attention away from actual malware. These products often conflate the danger of a tracking cookie with a RAT. 

 

At any rate all these AV products UI's are all these super-bloated GUI's that are often based on CEF's so they can be remotely updated and push ads for crap.

[Bombastinator]

5 hours ago, StDragon said:

Norton is "ok" last I checked. It's not my preferred in terms of UI. But in terms of effectiveness at stopping malware, it's alright.

BitDefender does a fantastic job! It's performant, usually stays out of the way, and very effective. My only major gripe is that the UI has features burred several layers deep. IMHO, it needs a philosophical UI redesign. But the engine under the hood sort of speak is fine the way it is.

Windows Defender has matured and is very good on its own. I'm still not convinced it's good at intercepting phishing websites unless you use MS Edge. With BitDefender, you can use any browser you want as it does SSL inspection.

Webroot is good, but I find it slow at times.

 

AVG is pure nuclear garbage; which is sad because it used to be a really good product. So much so that I actually paid for a subscription to it back in 2002 - 2004 years. Somewhere along the lines it turned into a PUP like McAfee.

Wasn’t aware AVG had fallen that far or that Norton had improved from that position. So basically I thought it was backwards. Perhaps whoever helped fix Norton can help  fix avg. 

[Quinnell]

I really am tired of mergers.  Reduces the number of competitors in a market and consolidates power.  

[Flannelist]

To this day anytime anyone says anything about Avast all I can think is when my ex used to have it installed on his computer (a long time ago, like 10 years) and we lived in a studio apartment at the time. So regularly, at the least convenient moment the computer would yell "YOUR VIRUS DATABASE HAS BEEN UPDATED" and I just can't take them seriously because of this. I realize it's illogical, but nevertheless.

 

And Norton just makes every computer I've ever had to install it on chug so hard it's not even worth it.

 

This sounds like the Antivirus no one asked for.

[Bombastinator]

6 minutes ago, Quinnell said:

I really am tired of mergers.  Reduces the number of competitors in a market and consolidates power.  

Better than corporate warfare though.  The company buying mechanism exists to keep corporations from outright attacking each other. It’s cheaper to just buy the competitor so that happens before weapons are drawn.  With no buyout system the corporate world would likely be positively borgiaesque.  Or moreso anyway.

[Quinnell]

Just now, Bombastinator said:

Better than corporate warfare though.  The company buying mechanism exists to keep corporations from outright attacking each other. It’s cheaper to just buy the competitor so that happens before weapons are drawn.

What warfare?

[Bombastinator]

7 minutes ago, Quinnell said:

What warfare?

Exactly.  Very few corporate executives travel around in armored columns  like they’d have to without. Buyout system.  Gets used for other things too though.  Like this.

[Quinnell]

1 minute ago, Bombastinator said:

Exactly.  Very few corporate executives travel around in armored columns  like they’d have to without. Buyout system.  Gets used for other things too though.  Like this.

Are you saying that companies would field armies and crap if they couldn't just buy competitors?  lol you have to be screwing with me.