2014 and Antivirus - Cyber Security Informer

Experts warn of flaws in popular Antivirus solutions

Security Affairs

OCTOBER 5, 2020

Researchers disclosed details of security flaws in popular antivirus software that could allow threat actors to increase privileges. Security researchers from CyberArk Labs disclosed details of security vulnerabilities found in popular antivirus software that could be exploited by attackers to elevate their privileges on the target system.

Antivirus

Antivirus Malware Advertising Software

Experts found Symlink race issues in 28 antivirus products

Security Affairs

APRIL 25, 2020

Security experts from RACK911 Labs discovered “symlink race” vulnerabilities in 28 of the most popular antivirus products. Security researchers from RACK911 Labs disclose the discovery of “ symlink race ” issues in 28 of the most popular antivirus products. ” reads the report published by the experts.

Antivirus

Antivirus Software Advertising Hacking

Heap Buffer Overflow Vulnerability found in Kaspersky Antivirus Engine

Security Affairs

MAY 10, 2019

Security researchers at the Imaginary team discovered a Heap Buffer Overflow Vulnerability in Kaspersky Antivirus Engine and responsibly reported it. Security experts at the Imaginary team discovered a Heap Buffer Overflow vulnerability in Kaspersky Antivirus Engine. SecurityAffairs – Kaspersky Antivirus, hacking).

Antivirus

Antivirus Engineering Advertising Hacking

Avast, Avira, Sophos and other antivirus solutions show problems after

Security Affairs

APRIL 20, 2019

Antivirus solutions from different vendors are having malfunctions after the installation of Windows security patches released on April 9, including McAfee, Avast and Sophos. Antivirus solutions from different vendors are showing malfunctions after the installation of Windows security patches released on April 9. Pierluigi Paganini.

Antivirus

Antivirus Advertising Software Hacking

Comodo Antivirus is affected by several vulnerabilities

Security Affairs

JULY 23, 2019

Experts discovered several flaws in Comodo Antivirus, including a vulnerability that could allow to escape the sandbox and escalate privileges. The Tenable expert David Wells discovered five flaws in the Comodo Antivirus and Comodo Antivirus Advanced. We recommend to keep updated on future Comodo Antivirus releases.”

Antivirus

Antivirus Advertising Hacking Malware

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. Now ZDNet has learned from sources close to the investigation that the Chinese hackers have used a zero-day flaw in the Trend Micro OfficeScan antivirus in the attack on Mitsubishi Electric.

Antivirus

Antivirus Hacking Advertising Media

A flaw in Kaspersky Antivirus allowed tracking its users online

Security Affairs

AUGUST 15, 2019

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years.

Antivirus

Antivirus Advertising Software Internet

BlackBerry Cylance addresses AI-based antivirus engine bypass

Security Affairs

JULY 22, 2019

BlackBerry Cylance has addressed a bypass vulnerability recently discovered in its AI-based antivirus engine CylancePROTECT product. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Antivirus

Antivirus Engineering Advertising Hacking

FTC charged Avast with selling users’ browsing data to advertising companies

Security Affairs

FEBRUARY 22, 2024

US FTC charged cyber security firm Avast with harvesting consumer web browsing data through its browser extension and antivirus and sold it. The antivirus firm is accused of selling the data to advertising companies without user consent. ” re ads the FTC’s complaint. FTC will also fine Avast $16.5

Advertising

Advertising Antivirus Data collection Mobile

Astaroth Trojan relies on legitimate os and antivirus processes to steal data

Security Affairs

FEBRUARY 16, 2019

Researchers at Cybereason’s Nocturnus team have uncovered a new Astaroth Trojan campaign that is currently exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules. According to the experts, LOLbins are very effecting in evading antivirus software.

Antivirus

Antivirus Passwords Malware Advertising

Firefox finally addressed the Antivirus software TLS Errors

Security Affairs

JULY 2, 2019

Firefox finally addressed the issues with antivirus apps crashing HTTPS websites starting with the release of Firefox 68. Mozilla announced that it will resolve the issues that caused antivirus apps crashing HTTPs websites with the release of Firefox 68 version. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Antivirus

Antivirus Software Advertising Information Security

Windows Defender is the first antivirus solution that can run in a sandbox

Security Affairs

OCTOBER 30, 2018

Since antivirus and anti-malware tools run with the highest level of privileges to scan all parts of a computer for malicious code, it has become a desired target for attackers. This is probably the first case of a sandbox mechanism implemented for an antivirus solution that aims at protecting the Windows systems if it is compromised.

Antivirus

Antivirus Advertising Malware Software

Antivirus Renegade John McAfee Found Dead in Spanish Prison Cell

SecureWorld News

JUNE 23, 2021

McAfee was arrested in Spain in October 2020 following the Western District of Tennessee's announcement of a 10-count indictment for skipping out on millions in incomes taxes from 2014 to 2018. He was also charged in a Manhattan federal court earlier this year for his alleged involvement in a pump-and-dump cryptocurrency scheme.

Antivirus

Antivirus Cryptocurrency Software

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

The Last Watchdog

AUGUST 18, 2021

This deal reads like to the epilogue to a book titled The First 20 Years of the Supremely Lucrative Antivirus Market. Way back in 1990, Symantec acquired Norton Utilities and made Norton the heart of its antivirus subscription offering. Norton got ‘ demergered ’ from Symantec in 2014 and then acquired LifeLock for $2.3

Antivirus

Antivirus Marketing Identity Theft Social Engineering

Antivirus Renegade John McAfee Found Dead in Spanish Prison Cell

SecureWorld News

JUNE 23, 2021

McAfee was arrested in Spain in October 2020 following the Western District of Tennessee's announcement of a 10-count indictment for skipping out on millions in incomes taxes from 2014 to 2018. He was also charged in a Manhattan federal court earlier this year for his alleged involvement in a pump-and-dump cryptocurrency scheme.

Antivirus

Antivirus Cryptocurrency Software

CISA Warns Government Agencies of Increasing Emotet Attacks

Adam Levin

OCTOBER 8, 2020

It was first identified in 2014 and primarily targeted banks, but has grown increasingly sophisticated since then and has incorporated new methods of avoiding detection and spreading to wi-fi connected devices. . This increase has rendered Emotet one of the most prevalent ongoing threats,” the alert stated. Read the alert here.

Government

Government Antivirus Phishing Banking

Avast disables the JavaScript engine component due to a severe issue

Security Affairs

MARCH 11, 2020

Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. Ormandy pointed out that the main Avast antivirus process, AvastSvc.exe, which, runs as SYSTEM. ” reads the statement released by the security firm.

Engineering

Engineering Antivirus Advertising Hacking

Romanians arrested for running underground malware services

Security Affairs

NOVEMBER 22, 2020

“Two Romanian suspects have been arrested yesterday for allegedly running the CyberSeal and Dataprotector crypting services to evade antivirus software detection.” The pair also operated the Cyberscan service which allowed their clients to test their malware against antivirus tools.

Malware

Malware Antivirus Cybercrime Software

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Antivirus DNS Advertising

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. The WHOIS records for autodoska[.]biz

Malware

Malware Antivirus Cybercrime Hacking

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Megatraffer explained that malware purveyors need a certificate because many antivirus products will be far more interested in unsigned software, and because signed files downloaded from the Internet don’t tend to get blocked by security features built into modern web browsers. “Antivirus software trusts signed programs more.

Malware

Malware Cybercrime Software Antivirus

New Shlayer Mac malware spreads via poisoned search engine results

Security Affairs

JUNE 21, 2020

. “The new malware tricks victims into bypassing Apple’s built-in macOS security protections, and it uses sneaky tactics in an effort to evade antivirus detection.” “As of Friday, the new malware installer and its payload had a 0/60 detection rate among all antivirus engines on VirusTotal.” Pierluigi Paganini.

Engineering

Engineering Malware Adware Antivirus

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. ”The websites promised to render malicious software fully undetectable by nearly every major provider of antivirus software. . ” reads the press release published by DoJ.”The

Antivirus

Antivirus Malware Cryptocurrency Software

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

ESET noticed that KryptoCibule contains a feature that checks for the presence of antivirus software on a victim’s computer. The malware only checks for the presence of ESET, Avast, and AVG antivirus software, which are popular solutions in the Czech Republic and Slovakia. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Antivirus Malware Advertising

New variant of Dridex banking Trojan implements polymorphism

Security Affairs

JULY 1, 2019

The Dridex banking Trojan that has been around since 2014, it was involved in numerous campaigns against financial institutions over the years and crooks have continuously improved it. At the time of discovery, using data from VirusTotal, only six antivirus solutions of about 60 detected suspicious behavior [ 2 ]. Pierluigi Paganini.

Banking

Banking Antivirus Advertising Encryption

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

“Account accesses for antivirus programs garner the second-highest prices: around $21.67. The cost for antivirus accounts is just over $20, while other types of accounts (cable, social media, VPN, streaming, adult, music, file sharing, and video game accounts) typically go for less than $10. Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Security Affairs

NOVEMBER 14, 2019

McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. Experts explained that it is possible to bypass the self-defense mechanism of the antivirus because the antivirus doesn’t validate digital signature of the DLL file.

Antivirus

Antivirus Advertising Software Internet

RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software

Security Affairs

FEBRUARY 7, 2020

The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Ransomware operators leverage a custom antivirus killing p ackage that is delivered to workstations to disable security solution before starting encryption. Pierluigi Paganini.

Software

Software Ransomware Antivirus Encryption

John McAfee found dead in prison cell ahead of extradition to US

Security Affairs

JUNE 23, 2021

One of the fathers of antivirus software, the entrepreneur John McAfee has been found dead in a Barcelona prison cell while he was waiting for extradition to the US. The authorities claim that the McAfee failed to file tax returns for incomes related to a period between 2014 and 2018. reads the press release published by DoJ.

Cryptocurrency

Cryptocurrency Banking Accountability Antivirus

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Recently Check Point researchers warned of a surge in the DDoS attacks against education institutions and the academic industry across the world. Pierluigi Paganini.

Education

Education Ransomware Antivirus Backups

Operator of Scan4You Malware-Scanning sentenced to 14 Years in prison

Security Affairs

SEPTEMBER 22, 2018

The Latvian expert Ruslans Bondars (37), who developed and run the counter antivirus service Scan4You has been sentenced to 14 years in prison. Scan4you is a VirusTotal like online multi-engine antivirus scanning service that could be used by vxers to test evasion abilities of their malware against the major antiviruses.

Malware

Malware Antivirus Retail Advertising

Kaspersky addressed multiple issues in online protection solutions

Security Affairs

NOVEMBER 26, 2019

Kaspersky has addressed several vulnerabilities in the web protection features implemented in its antivirus solutions, including Internet Security, Total Security, Free Anti-Virus , Security Cloud, and Small Office Security products. As in: under some circumstances, antivirus would still crash. “The crash was also mostly fixed.

Antivirus

Antivirus Advertising Password Management Passwords

Experts found DLL Hijacking issues in Avast, AVG, and Avira solutions

Security Affairs

OCTOBER 23, 2019

Flaws in Avast, AVG, and Avira Antivirus could be exploited by an attacker to load a malicious DLL file to bypass defenses and escalate privileges. The Antivirus implements a self-defense mechanism that prevents malicious code to write and implant a DLL to its folders. ” continues the experts. Pierluigi Paganini.

Antivirus

Antivirus Advertising Security Defenses Hacking

Mozilla removed 4 Avast and AVG extensions for spying on Firefox users

Security Affairs

DECEMBER 3, 2019

These browser extensions are installed when users install Avast or AVG antivirus solutions on their computers on their PCs. “Are you one of the allegedly 400 million users of Avast antivirus products? “Are you one of the allegedly 400 million users of Avast antivirus products? This will be “US” for US English.

Antivirus

Antivirus Advertising Scams Phishing

Former NSA TAO hacker sentenced to 66 months in prison over Kaspersky Leak

Security Affairs

SEPTEMBER 26, 2018

According to the telemetry logs collected by the Russian firm, the staffer temporary switched off the antivirus protection on the PC, and infected his personal computer with a spyware from a product key generator while trying to use a pirated copy of Office. On September 11, 2014, Kaspersky antivirus detected the Win32.GrayFish.gen

Antivirus

Antivirus Hacking Software Government

Malicious PDF Analysis

Security Affairs

FEBRUARY 13, 2019

” Let’s go to our case study: I received a scan request for a PDF file that was reported to support an antivirus vendor, and it replied that the file was not malicious. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Antivirus

Antivirus Advertising Manufacturing Hacking

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, CISA).

Government

Government Banking Advertising Malware

A mysterious code prevents QNAP NAS devices to be updated

Security Affairs

FEBRUARY 11, 2019

The user ianch99 in the QNAP NAS community forum reported that the antivirus ClamAV was failing to update due to 0.0.0.0 “Since recent firmware updates, the ClamAV Antivirus fails to update due to 700+ clamav.net entries in /etc/hosts, all set to 0.0.0.0 Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Antivirus

Antivirus Firmware Advertising VPN

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

The virus avoided detection by antivirus solutions through regular updates from an attacker-controlled command-and-control (C2) infrastructure, and spread through the company’s systems, causing network outages and shutting down essential services for nearly a week.” Pierluigi Paganini. SecurityAffairs – Emotet, malware).

Antivirus

Antivirus Malware Phishing Advertising

UHS hospitals hit by Ryuk ransomware attack

Security Affairs

SEPTEMBER 28, 2020

“When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads one of the reports shared online.

Ransomware

Ransomware Healthcare Advertising Antivirus

Trend Micro addresses two issues exploited by hackers in the wild

Security Affairs

MARCH 18, 2020

In January, Chinese hackers have exploited another zero-day vulnerability in the Trend Micro OfficeScan antivirus in an attack that hit Mitsubishi Electric. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Antivirus Cybercrime

Nemty Ransomware, a new malware appears in the threat landscape

Security Affairs

AUGUST 26, 2019

The code also included a link to an image of the Russian President Putin and a message to the antivirus industry. “At first, the reference seemed an odd thing in the code but a second look at how Nemty worked revealed that it was the key for decoding base64 strings and create URLs is a straight message to the antivirus industry.”

Ransomware

Ransomware Malware Antivirus Encryption

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs

SEPTEMBER 7, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Generally speaking, removal/cleaning by antivirus is not a sufficient guarantee. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Send the samples (.doc Pierluigi Paganini.

Malware

Malware Advertising Antivirus Banking

Security Affairs newsletter Round 285

Security Affairs

OCTOBER 11, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 285 appeared first on Security Affairs.

Advertising

Advertising Antivirus Data privacy Ransomware

Experts warn of flaws in popular Antivirus solutions

Experts found Symlink race issues in 28 antivirus products

Trending Sources

Heap Buffer Overflow Vulnerability found in Kaspersky Antivirus Engine

Avast, Avira, Sophos and other antivirus solutions show problems after

Comodo Antivirus is affected by several vulnerabilities

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

A flaw in Kaspersky Antivirus allowed tracking its users online

BlackBerry Cylance addresses AI-based antivirus engine bypass

FTC charged Avast with selling users’ browsing data to advertising companies

Astaroth Trojan relies on legitimate os and antivirus processes to steal data

Firefox finally addressed the Antivirus software TLS Errors

Windows Defender is the first antivirus solution that can run in a sandbox

Antivirus Renegade John McAfee Found Dead in Spanish Prison Cell

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

Antivirus Renegade John McAfee Found Dead in Spanish Prison Cell

CISA Warns Government Agencies of Increasing Emotet Attacks

Avast disables the JavaScript engine component due to a severe issue

Romanians arrested for running underground malware services

Some Fortinet products used hardcoded keys and weak encryption for communications

Why Malware Crypting Services Deserve More Scrutiny

Ask Fitis, the Bear: Real Crooks Sign Their Malware

New Shlayer Mac malware spreads via poisoned search engine results

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

New KryptoCibule Windows Trojan spreads via malicious torrents

New variant of Dridex banking Trojan implements polymorphism

15 billion credentials available in the cybercrime marketplaces

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software

John McAfee found dead in prison cell ahead of extradition to US

NCSC warns of a surge in ransomware attacks on education institutions

Operator of Scan4You Malware-Scanning sentenced to 14 Years in prison

Kaspersky addressed multiple issues in online protection solutions

Experts found DLL Hijacking issues in Avast, AVG, and Avira solutions

Mozilla removed 4 Avast and AVG extensions for spying on Firefox users

Former NSA TAO hacker sentenced to 66 months in prison over Kaspersky Leak

Malicious PDF Analysis

CISA alert warns of Emotet attacks on US govt entities

A mysterious code prevents QNAP NAS devices to be updated

Microsoft’s case study: Emotet took down an entire network in just 8 days

UHS hospitals hit by Ryuk ransomware attack

Trend Micro addresses two issues exploited by hackers in the wild

Nemty Ransomware, a new malware appears in the threat landscape

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs newsletter Round 285

Stay Connected