2015, Antivirus and Information Security

Experts warn of flaws in popular Antivirus solutions

Security Affairs

OCTOBER 5, 2020

Researchers disclosed details of security flaws in popular antivirus software that could allow threat actors to increase privileges. Antivirus solutions that are supposed to protect the systems from infection may unintentionally allow malware in escalating privileges on the system. . SecurityAffairs – hacking, antivirus).

Antivirus

Antivirus Malware Advertising Software

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Security Affairs

APRIL 2, 2025

Delivered via phishing and hosted on compromised SharePoint sites, it remains undetected by most antivirus solutions, posing a serious security risk. Despite its mild obfuscation, it remains fully undetected (FUD) by most antivirus solutions. ” concludes the report.

Antivirus

Antivirus Cybercrime Malware Encryption

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement. Pierluigi Paganini.

Antivirus

Antivirus Software Manufacturing Information Security

Comodo Antivirus is affected by several vulnerabilities

Security Affairs

JULY 23, 2019

Experts discovered several flaws in Comodo Antivirus, including a vulnerability that could allow to escape the sandbox and escalate privileges. The Tenable expert David Wells discovered five flaws in the Comodo Antivirus and Comodo Antivirus Advanced. We recommend to keep updated on future Comodo Antivirus releases.”

Antivirus

Antivirus Advertising Hacking Malware

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. Pierluigi Paganini.

Antivirus

Antivirus Hacking Advertising Media

BlackBerry Cylance addresses AI-based antivirus engine bypass

Security Affairs

JULY 22, 2019

BlackBerry Cylance has addressed a bypass vulnerability recently discovered in its AI-based antivirus engine CylancePROTECT product. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – C ylance AI-based antivirus engine, hacking). Pierluigi Paganini.

Antivirus

Antivirus Engineering Advertising Hacking

A flaw in Kaspersky Antivirus allowed tracking its users online

Security Affairs

AUGUST 15, 2019

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years.

Antivirus

Antivirus Advertising Software Internet

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

” In September, security researchers from G DATA discovered more than two dozen Android mobile phones from different manufacturers already infected by pre-installed malware. .” concludes the report that includes indicators of compromise (IoCs).

Malware

Malware Manufacturing Mobile Spyware

Firefox finally addressed the Antivirus software TLS Errors

Security Affairs

JULY 2, 2019

Firefox finally addressed the issues with antivirus apps crashing HTTPS websites starting with the release of Firefox 68. Mozilla announced that it will resolve the issues that caused antivirus apps crashing HTTPs websites with the release of Firefox 68 version. This is possible by installing root certificates on the device.

Antivirus

Antivirus Software Advertising Information Security

Avast disables the JavaScript engine component due to a severe issue

Security Affairs

MARCH 11, 2020

Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. Ormandy pointed out that the main Avast antivirus process, AvastSvc.exe, which, runs as SYSTEM. ” reads the statement released by the security firm.

Engineering

Engineering Antivirus Advertising Hacking

Romanians arrested for running underground malware services

Security Affairs

NOVEMBER 22, 2020

“Two Romanian suspects have been arrested yesterday for allegedly running the CyberSeal and Dataprotector crypting services to evade antivirus software detection.” The pair also operated the Cyberscan service which allowed their clients to test their malware against antivirus tools. ” continues the press release.

Malware

Malware Antivirus Cybercrime Software

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. UDP ports 53, 8888 and TCP port 80 (HTTP POST /fgdsvc).

Encryption

Encryption Antivirus DNS Advertising

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

File encryption 2013 – 2015. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift. RaaS rollout 2015 – 2018. Another fundamental tweak was the onset of Ransomware-as-a-Service (RaaS) in May 2015.

Ransomware

Ransomware Hacking Encryption Penetration Testing

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

“Account accesses for antivirus programs garner the second-highest prices: around $21.67. The cost for antivirus accounts is just over $20, while other types of accounts (cable, social media, VPN, streaming, adult, music, file sharing, and video game accounts) typically go for less than $10. Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Kaspersky addressed multiple issues in online protection solutions

Security Affairs

NOVEMBER 26, 2019

Kaspersky has fixed several flaws affecting the web protection features implemented in some of its security products. The vulnerabilities were found by the security researcher Wladimir Palant that reported them to Kaspersky in December 2018. As in: under some circumstances, antivirus would still crash. I wouldn’t bet on it.”

Antivirus

Antivirus Advertising Password Management Passwords

New variant of Dridex banking Trojan implements polymorphism

Security Affairs

JULY 1, 2019

On June 26, 2019, experts at eSentire Threat Intelligence discovered a C2 infrastructure pointing to a similar Dridex variant that was undetected by most of the antivirus listed in VirusTotal service. At the time of discovery, using data from VirusTotal, only six antivirus solutions of about 60 detected suspicious behavior [ 2 ].

Banking

Banking Antivirus Advertising Encryption

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Security Affairs

NOVEMBER 14, 2019

McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. Experts explained that it is possible to bypass the self-defense mechanism of the antivirus because the antivirus doesn’t validate digital signature of the DLL file.

Antivirus

Antivirus Advertising Software Internet

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Malware is malicious software intended to wreak havoc and damage on target networks and systems, having the ability to spread on these systems while remaining undetectable, avoiding antivirus detection, causing changes and critical damage to the infected systems or networks. DOWNLOAD FULL REPORT.

Malware

Malware Advertising Antivirus Retail

Trend Micro addresses two issues exploited by hackers in the wild

Security Affairs

MARCH 18, 2020

In January, Chinese hackers have exploited another zero-day vulnerability in the Trend Micro OfficeScan antivirus in an attack that hit Mitsubishi Electric. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Antivirus Cybercrime

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Recently Check Point researchers warned of a surge in the DDoS attacks against education institutions and the academic industry across the world. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Education

Education Ransomware Antivirus Backups

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

Security Affairs

OCTOBER 16, 2022

The vulnerability is due to the method (cpio) in which Zimbra’s antivirus engine (Amavis) scans inbound emails. The experts pointed out that the vulnerability is due to the method ( cpio ) used by Zimbra’s antivirus engine ( Amavis ) to scan the inbound emails. It invokes cpio and CVE-2015-1197 is triggered. reported Rapid7.

Hacking

Hacking Antivirus Telecommunications Engineering

UHS hospitals hit by Ryuk ransomware attack

Security Affairs

SEPTEMBER 28, 2020

“When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. It was surreal and definitely seemed to propagate over the network. All machines in my department are Dell Win10 boxes.”

Ransomware

Ransomware Healthcare Advertising Antivirus

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

The virus avoided detection by antivirus solutions through regular updates from an attacker-controlled command-and-control (C2) infrastructure, and spread through the company’s systems, causing network outages and shutting down essential services for nearly a week.” Pierluigi Paganini. SecurityAffairs – Emotet, malware).

Antivirus

Antivirus Malware Phishing Advertising

Nemty Ransomware, a new malware appears in the threat landscape

Security Affairs

AUGUST 26, 2019

The code also included a link to an image of the Russian President Putin and a message to the antivirus industry. “At first, the reference seemed an odd thing in the code but a second look at how Nemty worked revealed that it was the key for decoding base64 strings and create URLs is a straight message to the antivirus industry.”

Ransomware

Ransomware Malware Antivirus Encryption

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

. “TAG observed a North Korean government-backed attacker group that previously targeted security researchers posing as recruiters at Samsung and sending fake job opportunities to employees at multiple South Korean information security companies that sell anti-malware solutions.”

Malware

Malware Phishing Antivirus Hacking

A Google Drive weakness could allow attackers to serve malware

Security Affairs

AUGUST 23, 2020

Experts pointed out that Google Chrome appears to implicitly trust any file downloaded from Google Drive, even if they are flagged and “malicious” by antivirus software as malicious. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Phishing Advertising Antivirus

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs

SEPTEMBER 7, 2020

Generally speaking, removal/cleaning by antivirus is not a sufficient guarantee. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. . • Limit Internet access for all agents to a controlled white list. Disconnect compromised machines from the network without deleting data. Send the samples (.doc

Malware

Malware Advertising Antivirus Banking

Security Affairs newsletter Round 248

Security Affairs

JANUARY 26, 2020

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Russian operator of Cardplanet carding site pleads guilty in the US. Cisco Webex flaw allows unauthenticated remote attackers to join private meetings.

Data breaches

Data breaches Advertising Antivirus DDOS

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

The company also recommends users to check the router’s DNS settings and to make sure the antivirus/malware solutions are up to date and run a full scan. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Users will be prompted to reset the passwords the next time they log in. Pierluigi Paganini.

Passwords

Passwords DNS Malware Advertising

The Five-Step PCI DSS 4.0 Transition Checklist

CyberSecurity Insiders

JANUARY 6, 2023

Test security of systems and networks regularly. Support information security within organizational policies and programs. Requirement 5: It is no longer sufficient to just have standard antivirus software. Restrict physical access to cardholder data. Log and monitor all access to system components and cardholder data.

Antivirus

Antivirus Retail Software Accountability

Mozilla removed 4 Avast and AVG extensions for spying on Firefox users

Security Affairs

DECEMBER 3, 2019

These browser extensions are installed when users install Avast or AVG antivirus solutions on their computers on their PCs. “Are you one of the allegedly 400 million users of Avast antivirus products? “Are you one of the allegedly 400 million users of Avast antivirus products? This will be “US” for US English.

Antivirus

Antivirus Advertising Scams Phishing

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

. “To secure against Emotet, CISA and MS-ISAC recommend implementing the mitigation measures described in this Alert, which include applying protocols that block suspicious attachments, using antivirus software, and blocking suspicious IPs.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Banking Advertising Malware

Experts found DLL Hijacking issues in Avast, AVG, and Avira solutions

Security Affairs

OCTOBER 23, 2019

Flaws in Avast, AVG, and Avira Antivirus could be exploited by an attacker to load a malicious DLL file to bypass defenses and escalate privileges. The Antivirus implements a self-defense mechanism that prevents malicious code to write and implant a DLL to its folders. ” continues the experts. Pierluigi Paganini.

Antivirus

Antivirus Advertising Security Defenses Hacking

Hackers penetrated NEC defense business division in 2016

Security Affairs

JANUARY 31, 2020

The attackers have exploited a directory traversal and arbitrary file upload vulnerability, tracked as CVE-2019-18187, in the Trend Micro OfficeScan antivirus. After the security firm patched the CVE-2019-18187 flaw in October, it warned customers that the issue was being actively exploited by hackers in the wild.

Data breaches

Data breaches Advertising Antivirus Encryption

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

According to the experts, LOLbins are very effecting in evading antivirus software. . In February, researchers at Cybereason’s Nocturnus team uncovered another Astaroth Trojan campaign that was exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules.

Antivirus

Antivirus Malware Advertising Security Intelligence

A previously undetected FIN7 BIOLOAD loader drops new Carbanak Backdoor

Security Affairs

DECEMBER 29, 2019

Security experts from Fortinet’s enSilo have discovered a new loader, dubbed BIOLOAD, associated with the financially-motivated group FIN7. The group that has been active since late 2015 targeted businesses worldwide to steal payment card information. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime Antivirus Identity Theft Advertising

Epic Manchego gang uses Excel docs that avoid detection

Security Affairs

SEPTEMBER 7, 2020

Some antivirus solutions specifically analyze this section look for malicious VBA code in the Excel docs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The lack of this section makes the Excel files generated by Epic Manchego gang hard to detect. . Pierluigi Paganini.

Cybercrime

Cybercrime Phishing Advertising Antivirus

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Hacking

Hacking Spyware Advertising Antivirus

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

CISA reports provide the following recommendations to users and administrators to strengthen the security posture of their organization’s systems: • Maintain up-to-date antivirus signatures and engines. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Keep operating system patches up-to-date.

Malware

Malware Passwords Advertising Antivirus

A new Zero-Day in Steam client impacts over 96 million Windows users

Security Affairs

AUGUST 22, 2019

“For example, disabling firewall and antivirus, rootkit installation, concealing of process-miner, theft any PC user’s private data — is just a small portion of what could be done. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” wrote Kravetz. “ Valve banned me on their H1 program.

Advertising

Advertising Antivirus Firewall Information Security

Experts found privilege escalation issue in Symantec Endpoint Protection

Security Affairs

NOVEMBER 14, 2019

The issue is similar to other vulnerabilities discovered by researchers from SafeBreach Labs in other antivirus solutions from several security vendors, including McAfee, Trend Micro , Check Point, Bitdefender, AVG and Avast. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Antivirus

Antivirus Advertising Hacking Information Security

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

The name Fxmsp refers a high-profile Russian- and English-speaking hacking group focused on breaching high-profile private corporate and government information. Since March 2019, Fxmsp announced in cybercrime forums the availability of information stolen from major antivirus companies located in the U.S.

Hacking

Hacking Antivirus Advertising Cybercrime

New Android BlackRock malware targets hundreds of apps

Security Affairs

JULY 16, 2020

.” The malicious code supports multiple commands, it could launch overlay attacks, log keystrokes, send spam the victims’ contact lists with SMS messages, and prevent victims from using antivirus software. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Banking Mobile Advertising

QNodeService Trojan spreads via fake COVID-19 tax relief

Security Affairs

MAY 16, 2020

However, the use of an uncommon platform may have helped evade detection by antivirus software.” Operators were spreading it in a spam campaign aimed at stealing victims’ financial information, the spam messages sent to the victims claim to provide information related to the Coronavirus outbreak and government relief payments.

Malware

Malware Phishing Advertising Antivirus

Experts warn of flaws in popular Antivirus solutions

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Trending Sources

The German BSI agency recommends replacing Kaspersky antivirus software

Comodo Antivirus is affected by several vulnerabilities

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

BlackBerry Cylance addresses AI-based antivirus engine bypass

A flaw in Kaspersky Antivirus allowed tracking its users online

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Firefox finally addressed the Antivirus software TLS Errors

Avast disables the JavaScript engine component due to a severe issue

Romanians arrested for running underground malware services

Some Fortinet products used hardcoded keys and weak encryption for communications

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

15 billion credentials available in the cybercrime marketplaces

Kaspersky addressed multiple issues in online protection solutions

New variant of Dridex banking Trojan implements polymorphism

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Report: Threat of Emotet and Ryuk

Trend Micro addresses two issues exploited by hackers in the wild

NCSC warns of a surge in ransomware attacks on education institutions

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

UHS hospitals hit by Ryuk ransomware attack

Microsoft’s case study: Emotet took down an entire network in just 8 days

Nemty Ransomware, a new malware appears in the threat landscape

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

A Google Drive weakness could allow attackers to serve malware

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs newsletter Round 248

Linksys force password reset to prevent Router hijacking

The Five-Step PCI DSS 4.0 Transition Checklist

Mozilla removed 4 Avast and AVG extensions for spying on Firefox users

CISA alert warns of Emotet attacks on US govt entities

Experts found DLL Hijacking issues in Avast, AVG, and Avira solutions

Hackers penetrated NEC defense business division in 2016

A new Astaroth Trojan Campaign uncovered by Microsoft

A previously undetected FIN7 BIOLOAD loader drops new Carbanak Backdoor

Epic Manchego gang uses Excel docs that avoid detection

Security Affairs newsletter Round 261

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

A new Zero-Day in Steam client impacts over 96 million Windows users

Experts found privilege escalation issue in Symantec Endpoint Protection

DOJ indicts Fxmsp hacker for selling access to hacked businesses

New Android BlackRock malware targets hundreds of apps

QNodeService Trojan spreads via fake COVID-19 tax relief

Stay Connected