2014, Antivirus and Hacking - Cyber Security Informer

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. The attackers have exploited a directory traversal and arbitrary file upload vulnerability, tracked as CVE-2019-18187, in the Trend Micro OfficeScan antivirus. Pierluigi Paganini.

Antivirus

Antivirus Hacking Advertising Media

Experts warn of flaws in popular Antivirus solutions

Security Affairs

OCTOBER 5, 2020

Researchers disclosed details of security flaws in popular antivirus software that could allow threat actors to increase privileges. Security researchers from CyberArk Labs disclosed details of security vulnerabilities found in popular antivirus software that could be exploited by attackers to elevate their privileges on the target system.

Antivirus

Antivirus Malware Advertising Software

Experts found Symlink race issues in 28 antivirus products

Security Affairs

APRIL 25, 2020

Security experts from RACK911 Labs discovered “symlink race” vulnerabilities in 28 of the most popular antivirus products. Security researchers from RACK911 Labs disclose the discovery of “ symlink race ” issues in 28 of the most popular antivirus products. ” reads the report published by the experts.

Antivirus

Antivirus Software Advertising Hacking

Heap Buffer Overflow Vulnerability found in Kaspersky Antivirus Engine

Security Affairs

MAY 10, 2019

Security researchers at the Imaginary team discovered a Heap Buffer Overflow Vulnerability in Kaspersky Antivirus Engine and responsibly reported it. Security experts at the Imaginary team discovered a Heap Buffer Overflow vulnerability in Kaspersky Antivirus Engine. SecurityAffairs – Kaspersky Antivirus, hacking).

Antivirus

Antivirus Engineering Advertising Hacking

Avast, Avira, Sophos and other antivirus solutions show problems after

Security Affairs

APRIL 20, 2019

Antivirus solutions from different vendors are having malfunctions after the installation of Windows security patches released on April 9, including McAfee, Avast and Sophos. Antivirus solutions from different vendors are showing malfunctions after the installation of Windows security patches released on April 9. Pierluigi Paganini.

Antivirus

Antivirus Advertising Software Hacking

Comodo Antivirus is affected by several vulnerabilities

Security Affairs

JULY 23, 2019

Experts discovered several flaws in Comodo Antivirus, including a vulnerability that could allow to escape the sandbox and escalate privileges. The Tenable expert David Wells discovered five flaws in the Comodo Antivirus and Comodo Antivirus Advanced. We recommend to keep updated on future Comodo Antivirus releases.”

Antivirus

Antivirus Advertising Hacking Malware

FTC charged Avast with selling users’ browsing data to advertising companies

Security Affairs

FEBRUARY 22, 2024

US FTC charged cyber security firm Avast with harvesting consumer web browsing data through its browser extension and antivirus and sold it. The antivirus firm is accused of selling the data to advertising companies without user consent. ” re ads the FTC’s complaint. FTC will also fine Avast $16.5

Advertising

Advertising Antivirus Data collection Mobile

BlackBerry Cylance addresses AI-based antivirus engine bypass

Security Affairs

JULY 22, 2019

BlackBerry Cylance has addressed a bypass vulnerability recently discovered in its AI-based antivirus engine CylancePROTECT product. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Antivirus

Antivirus Engineering Advertising Hacking

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

” Only one of the men sanctioned today is known to have been criminally charged in connection with hacking activity. Secret Service determined that he ran a massive “money mule” scheme, which used phony job offers to trick people into laundering money stolen from hacked small to mid-sized businesses in the United States.

Hacking

Hacking Cybercrime Ransomware Government

A flaw in Kaspersky Antivirus allowed tracking its users online

Security Affairs

AUGUST 15, 2019

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years.

Antivirus

Antivirus Advertising Software Internet

Astaroth Trojan relies on legitimate os and antivirus processes to steal data

Security Affairs

FEBRUARY 16, 2019

Researchers at Cybereason’s Nocturnus team have uncovered a new Astaroth Trojan campaign that is currently exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules. According to the experts, LOLbins are very effecting in evading antivirus software.

Antivirus

Antivirus Passwords Malware Advertising

Firefox finally addressed the Antivirus software TLS Errors

Security Affairs

JULY 2, 2019

Firefox finally addressed the issues with antivirus apps crashing HTTPS websites starting with the release of Firefox 68. Mozilla announced that it will resolve the issues that caused antivirus apps crashing HTTPs websites with the release of Firefox 68 version. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Antivirus

Antivirus Software Advertising Information Security

Windows Defender is the first antivirus solution that can run in a sandbox

Security Affairs

OCTOBER 30, 2018

Since antivirus and anti-malware tools run with the highest level of privileges to scan all parts of a computer for malicious code, it has become a desired target for attackers. This is probably the first case of a sandbox mechanism implemented for an antivirus solution that aims at protecting the Windows systems if it is compromised.

Antivirus

Antivirus Advertising Malware Software

OilRig’s Jason email hacking tool leaked online

Security Affairs

JUNE 4, 2019

A few hours ago, a new email hacking tool dubbed Jason and associated with the OilRig APT group was leaked through the same Telegram channel used to leak other tools. The Lab Dookhtegan hackers used a Telegram channel to dump information about the OilRig infrastructure, revealing details about its hacking tools, members, and operations.

Hacking

Hacking Advertising Antivirus Passwords

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. ” Meanwhile, the Jabber address masscrypt@exploit.im The WHOIS records for autodoska[.]biz

Malware

Malware Antivirus Cybercrime Hacking

Avast disables the JavaScript engine component due to a severe issue

Security Affairs

MARCH 11, 2020

Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. Ormandy pointed out that the main Avast antivirus process, AvastSvc.exe, which, runs as SYSTEM. SecurityAffairs – hacking, Avast). Pierluigi Paganini.

Engineering

Engineering Antivirus Advertising Hacking

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The CryptoLocker wave went into a decline in June 2014 as a result of the so-called Operation Tovar , an initiative orchestrated by law enforcement agencies from multiple countries. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Romanians arrested for running underground malware services

Security Affairs

NOVEMBER 22, 2020

“Two Romanian suspects have been arrested yesterday for allegedly running the CyberSeal and Dataprotector crypting services to evade antivirus software detection.” The pair also operated the Cyberscan service which allowed their clients to test their malware against antivirus tools. SecurityAffairs – hacking, cybercrime).

Malware

Malware Antivirus Cybercrime Software

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Cybercriminals are interested in hacking your IP address for various reasons. The hacked and stolen IPs are often used for carrying out illegal activities.

Hacking

Hacking VPN Internet Internet

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Antivirus DNS Advertising

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Megatraffer explained that malware purveyors need a certificate because many antivirus products will be far more interested in unsigned software, and because signed files downloaded from the Internet don’t tend to get blocked by security features built into modern web browsers. “Antivirus software trusts signed programs more.

Malware

Malware Cybercrime Software Antivirus

VSDC video editing software website hacked again

Security Affairs

APRIL 11, 2019

Unfortunately this isn’t the first time that the VSDC site has been hacked. Users that had downloaded the software in the above between have to scan their system for malware using an up-to-date of the antivirus software. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Software

Software Hacking Banking Malware

ZoneAlarm forum site hack exposed data of thousands of users

Security Affairs

NOVEMBER 11, 2019

The ZoneAlarm suite includes antivirus software and firewall solutions to and users and small organizations, it has nearly 100 million downloads. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Data breaches Passwords Advertising

Security Affairs newsletter Round 285

Security Affairs

OCTOBER 11, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Antivirus Data privacy Ransomware

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. ”The websites promised to render malicious software fully undetectable by nearly every major provider of antivirus software. . SecurityAffairs – hacking, Kelihos). Pierluigi Paganini.

Antivirus

Antivirus Malware Cryptocurrency Software

New Shlayer Mac malware spreads via poisoned search engine results

Security Affairs

JUNE 21, 2020

. “The new malware tricks victims into bypassing Apple’s built-in macOS security protections, and it uses sneaky tactics in an effort to evade antivirus detection.” “As of Friday, the new malware installer and its payload had a 0/60 detection rate among all antivirus engines on VirusTotal.” Pierluigi Paganini.

Engineering

Engineering Malware Adware Antivirus

Former NSA TAO hacker sentenced to 66 months in prison over Kaspersky Leak

Security Affairs

SEPTEMBER 26, 2018

A former member of the NSA’s Tailored Access Operations hacking team was sentenced to 66 months in prison because he leaked top-secret online documents related to the US government ban on Kaspersky software. On September 11, 2014, Kaspersky antivirus detected the Win32.GrayFish.gen Equestre.*”.

Antivirus

Antivirus Hacking Software Government

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

Security Affairs

JUNE 12, 2019

The malicious code uses a hacking algorithm for most of its functions, the algorithm is similar to the one implemented for previous ShellTea version. “ ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Malware Advertising Retail

John McAfee found dead in prison cell ahead of extradition to US

Security Affairs

JUNE 23, 2021

One of the fathers of antivirus software, the entrepreneur John McAfee has been found dead in a Barcelona prison cell while he was waiting for extradition to the US. The authorities claim that the McAfee failed to file tax returns for incomes related to a period between 2014 and 2018. SecurityAffairs – hacking, McAfee).

Cryptocurrency

Cryptocurrency Banking Accountability Antivirus

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

“Account accesses for antivirus programs garner the second-highest prices: around $21.67. The cost for antivirus accounts is just over $20, while other types of accounts (cable, social media, VPN, streaming, adult, music, file sharing, and video game accounts) typically go for less than $10. Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software

Security Affairs

FEBRUARY 7, 2020

The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Ransomware operators leverage a custom antivirus killing p ackage that is delivered to workstations to disable security solution before starting encryption. Pierluigi Paganini.

Software

Software Ransomware Antivirus Encryption

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

ESET noticed that KryptoCibule contains a feature that checks for the presence of antivirus software on a victim’s computer. The malware only checks for the presence of ESET, Avast, and AVG antivirus software, which are popular solutions in the Czech Republic and Slovakia. SecurityAffairs – hacking, KryptoCibule).

Cryptocurrency

Cryptocurrency Antivirus Malware Advertising

New variant of Dridex banking Trojan implements polymorphism

Security Affairs

JULY 1, 2019

The Dridex banking Trojan that has been around since 2014, it was involved in numerous campaigns against financial institutions over the years and crooks have continuously improved it. At the time of discovery, using data from VirusTotal, only six antivirus solutions of about 60 detected suspicious behavior [ 2 ]. Pierluigi Paganini.

Banking

Banking Antivirus Advertising Encryption

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Experts from Kaspersky explained that in February 2019, multiple antivirus companies received a collection of malware samples, some of them cannot be associated with the activity of known APT groups. . A deeper analysis of some of these samples revealed that they were compiled in 2014 and used in the wild between 2014 and 2015.

Malware

Malware Hacking Government Telecommunications

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Security Affairs

NOVEMBER 14, 2019

McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. Experts explained that it is possible to bypass the self-defense mechanism of the antivirus because the antivirus doesn’t validate digital signature of the DLL file.

Antivirus

Antivirus Advertising Software Internet

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, education institutions). Pierluigi Paganini.

Education

Education Ransomware Antivirus Backups

Security Affairs newsletter Round 248

Security Affairs

JANUARY 26, 2020

Jeff Bezos phone was hacked by Saudi crown prince. Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Data breaches

Data breaches Advertising Antivirus DDOS

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Spyware

Spyware Hacking Advertising Antivirus

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, CISA).

Government

Government Banking Advertising Malware

UHS hospitals hit by Ryuk ransomware attack

Security Affairs

SEPTEMBER 28, 2020

“When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Ryuk ransomware).

Ransomware

Ransomware Healthcare Advertising Antivirus

Malicious PDF Analysis

Security Affairs

FEBRUARY 13, 2019

” Let’s go to our case study: I received a scan request for a PDF file that was reported to support an antivirus vendor, and it replied that the file was not malicious. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Antivirus

Antivirus Advertising Manufacturing Hacking

Trend Micro addresses two issues exploited by hackers in the wild

Security Affairs

MARCH 18, 2020

In January, Chinese hackers have exploited another zero-day vulnerability in the Trend Micro OfficeScan antivirus in an attack that hit Mitsubishi Electric. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Antivirus Cybercrime

A mysterious code prevents QNAP NAS devices to be updated

Security Affairs

FEBRUARY 11, 2019

The user ianch99 in the QNAP NAS community forum reported that the antivirus ClamAV was failing to update due to 0.0.0.0 “Since recent firmware updates, the ClamAV Antivirus fails to update due to 700+ clamav.net entries in /etc/hosts, all set to 0.0.0.0 Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Antivirus

Antivirus Firmware Advertising VPN

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs

SEPTEMBER 7, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Generally speaking, removal/cleaning by antivirus is not a sufficient guarantee. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, botnet).

Malware

Malware Advertising Antivirus Banking

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Experts warn of flaws in popular Antivirus solutions

Trending Sources

Experts found Symlink race issues in 28 antivirus products

Heap Buffer Overflow Vulnerability found in Kaspersky Antivirus Engine

Avast, Avira, Sophos and other antivirus solutions show problems after

Comodo Antivirus is affected by several vulnerabilities

FTC charged Avast with selling users’ browsing data to advertising companies

BlackBerry Cylance addresses AI-based antivirus engine bypass

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

A flaw in Kaspersky Antivirus allowed tracking its users online

Astaroth Trojan relies on legitimate os and antivirus processes to steal data

Firefox finally addressed the Antivirus software TLS Errors

Windows Defender is the first antivirus solution that can run in a sandbox

OilRig’s Jason email hacking tool leaked online

Why Malware Crypting Services Deserve More Scrutiny

Avast disables the JavaScript engine component due to a severe issue

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Romanians arrested for running underground malware services

5 Ways to Protect Yourself from IP Address Hacking

Some Fortinet products used hardcoded keys and weak encryption for communications

Ask Fitis, the Bear: Real Crooks Sign Their Malware

VSDC video editing software website hacked again

ZoneAlarm forum site hack exposed data of thousands of users

Security Affairs newsletter Round 285

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

New Shlayer Mac malware spreads via poisoned search engine results

Former NSA TAO hacker sentenced to 66 months in prison over Kaspersky Leak

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

John McAfee found dead in prison cell ahead of extradition to US

15 billion credentials available in the cybercrime marketplaces

RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software

New KryptoCibule Windows Trojan spreads via malicious torrents

New variant of Dridex banking Trojan implements polymorphism

Purple Lambert, a new malware of CIA-linked Lambert APT group

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs newsletter Round 248

Security Affairs newsletter Round 261

CISA alert warns of Emotet attacks on US govt entities

UHS hospitals hit by Ryuk ransomware attack

Malicious PDF Analysis

Trend Micro addresses two issues exploited by hackers in the wild

A mysterious code prevents QNAP NAS devices to be updated

France national cyber-security agency warns of a surge in Emotet attacks

Stay Connected