2015, Antivirus and Information Security

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement. Pierluigi Paganini.

Antivirus

Antivirus Software Manufacturing Information Security

Experts warn of flaws in popular Antivirus solutions

Security Affairs

OCTOBER 5, 2020

Researchers disclosed details of security flaws in popular antivirus software that could allow threat actors to increase privileges. Antivirus solutions that are supposed to protect the systems from infection may unintentionally allow malware in escalating privileges on the system. . SecurityAffairs – hacking, antivirus).

Antivirus

Antivirus Malware Advertising Software

Comodo Antivirus is affected by several vulnerabilities

Security Affairs

JULY 23, 2019

Experts discovered several flaws in Comodo Antivirus, including a vulnerability that could allow to escape the sandbox and escalate privileges. The Tenable expert David Wells discovered five flaws in the Comodo Antivirus and Comodo Antivirus Advanced. We recommend to keep updated on future Comodo Antivirus releases.”

Antivirus

Antivirus Advertising Hacking Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

A flaw in Kaspersky Antivirus allowed tracking its users online

Security Affairs

AUGUST 15, 2019

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years.

Antivirus

Antivirus Advertising Software Internet

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. Pierluigi Paganini.

Antivirus

Antivirus Hacking Advertising Media

BlackBerry Cylance addresses AI-based antivirus engine bypass

Security Affairs

JULY 22, 2019

BlackBerry Cylance has addressed a bypass vulnerability recently discovered in its AI-based antivirus engine CylancePROTECT product. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – C ylance AI-based antivirus engine, hacking). Pierluigi Paganini.

Antivirus

Antivirus Engineering Advertising Hacking

Firefox finally addressed the Antivirus software TLS Errors

Security Affairs

JULY 2, 2019

Firefox finally addressed the issues with antivirus apps crashing HTTPS websites starting with the release of Firefox 68. Mozilla announced that it will resolve the issues that caused antivirus apps crashing HTTPs websites with the release of Firefox 68 version. This is possible by installing root certificates on the device.

Antivirus

Antivirus Software Advertising Information Security

Romanians arrested for running underground malware services

Security Affairs

NOVEMBER 22, 2020

“Two Romanian suspects have been arrested yesterday for allegedly running the CyberSeal and Dataprotector crypting services to evade antivirus software detection.” The pair also operated the Cyberscan service which allowed their clients to test their malware against antivirus tools. ” continues the press release.

Malware

Malware Antivirus Cybercrime Software

Avast disables the JavaScript engine component due to a severe issue

Security Affairs

MARCH 11, 2020

Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. Ormandy pointed out that the main Avast antivirus process, AvastSvc.exe, which, runs as SYSTEM. ” reads the statement released by the security firm.

Engineering

Engineering Antivirus Advertising Hacking

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. UDP ports 53, 8888 and TCP port 80 (HTTP POST /fgdsvc).

Encryption

Encryption Antivirus DNS Advertising

The Five-Step PCI DSS 4.0 Transition Checklist

CyberSecurity Insiders

JANUARY 6, 2023

Test security of systems and networks regularly. Support information security within organizational policies and programs. Requirement 5: It is no longer sufficient to just have standard antivirus software. Restrict physical access to cardholder data. Log and monitor all access to system components and cardholder data.

Antivirus

Antivirus Retail Software Accountability

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

Security Affairs

OCTOBER 16, 2022

The vulnerability is due to the method (cpio) in which Zimbra’s antivirus engine (Amavis) scans inbound emails. The experts pointed out that the vulnerability is due to the method ( cpio ) used by Zimbra’s antivirus engine ( Amavis ) to scan the inbound emails. It invokes cpio and CVE-2015-1197 is triggered. reported Rapid7.

Hacking

Hacking Antivirus Telecommunications Engineering

Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited

Security Affairs

OCTOBER 8, 2022

“ The vulnerability is due to the method (cpio) in which Zimbra’s antivirus engine (Amavis) scans inbound emails. ” The experts pointed out that the vulnerability is due to the method ( cpio ) used by Zimbra’s antivirus engine ( Amavis ) to scan the inbound emails. ” reported Rapid7.

Antivirus

Antivirus Engineering Hacking Accountability

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

File encryption 2013 – 2015. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift. RaaS rollout 2015 – 2018. Another fundamental tweak was the onset of Ransomware-as-a-Service (RaaS) in May 2015.

Ransomware

Ransomware Hacking Encryption Penetration Testing

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Security Affairs

NOVEMBER 14, 2019

McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. Experts explained that it is possible to bypass the self-defense mechanism of the antivirus because the antivirus doesn’t validate digital signature of the DLL file.

Antivirus

Antivirus Advertising Software Internet

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

“Account accesses for antivirus programs garner the second-highest prices: around $21.67. The cost for antivirus accounts is just over $20, while other types of accounts (cable, social media, VPN, streaming, adult, music, file sharing, and video game accounts) typically go for less than $10. Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Kaspersky addressed multiple issues in online protection solutions

Security Affairs

NOVEMBER 26, 2019

Kaspersky has fixed several flaws affecting the web protection features implemented in some of its security products. The vulnerabilities were found by the security researcher Wladimir Palant that reported them to Kaspersky in December 2018. As in: under some circumstances, antivirus would still crash. I wouldn’t bet on it.”

Antivirus

Antivirus Advertising Password Management Passwords

Experts link the Black Basta ransomware operation to FIN7 cybercrime gang

Security Affairs

NOVEMBER 3, 2022

On the other end, FIN7 is a Russian financially motivated group that has been active since at least 2015. The DisableAntiSpyware parameter allows disabling the Windows Defender Antivirus in order to deploy another security solution.

Cybercrime

Cybercrime Ransomware Antivirus Malware

New variant of Dridex banking Trojan implements polymorphism

Security Affairs

JULY 1, 2019

On June 26, 2019, experts at eSentire Threat Intelligence discovered a C2 infrastructure pointing to a similar Dridex variant that was undetected by most of the antivirus listed in VirusTotal service. At the time of discovery, using data from VirusTotal, only six antivirus solutions of about 60 detected suspicious behavior [ 2 ].

Banking

Banking Antivirus Advertising Encryption

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Recently Check Point researchers warned of a surge in the DDoS attacks against education institutions and the academic industry across the world. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Education

Education Ransomware Antivirus Backups

Experts found DLL Hijacking issues in Avast, AVG, and Avira solutions

Security Affairs

OCTOBER 23, 2019

Flaws in Avast, AVG, and Avira Antivirus could be exploited by an attacker to load a malicious DLL file to bypass defenses and escalate privileges. The Antivirus implements a self-defense mechanism that prevents malicious code to write and implant a DLL to its folders. ” continues the experts. Pierluigi Paganini.

Antivirus

Antivirus Advertising Security Defenses Hacking

Mozilla removed 4 Avast and AVG extensions for spying on Firefox users

Security Affairs

DECEMBER 3, 2019

These browser extensions are installed when users install Avast or AVG antivirus solutions on their computers on their PCs. “Are you one of the allegedly 400 million users of Avast antivirus products? “Are you one of the allegedly 400 million users of Avast antivirus products? This will be “US” for US English.

Antivirus

Antivirus Advertising Scams Phishing

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

. “TAG observed a North Korean government-backed attacker group that previously targeted security researchers posing as recruiters at Samsung and sending fake job opportunities to employees at multiple South Korean information security companies that sell anti-malware solutions.”

Malware

Malware Phishing Antivirus Hacking

UHS hospitals hit by Ryuk ransomware attack

Security Affairs

SEPTEMBER 28, 2020

“When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. It was surreal and definitely seemed to propagate over the network. All machines in my department are Dell Win10 boxes.”

Ransomware

Ransomware Healthcare Advertising Antivirus

Trend Micro addresses two issues exploited by hackers in the wild

Security Affairs

MARCH 18, 2020

In January, Chinese hackers have exploited another zero-day vulnerability in the Trend Micro OfficeScan antivirus in an attack that hit Mitsubishi Electric. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Antivirus Cybercrime

Nemty Ransomware, a new malware appears in the threat landscape

Security Affairs

AUGUST 26, 2019

The code also included a link to an image of the Russian President Putin and a message to the antivirus industry. “At first, the reference seemed an odd thing in the code but a second look at how Nemty worked revealed that it was the key for decoding base64 strings and create URLs is a straight message to the antivirus industry.”

Ransomware

Ransomware Malware Antivirus Encryption

Security Affairs newsletter Round 285

Security Affairs

OCTOBER 11, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Advertising

Advertising Antivirus Data privacy Ransomware

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Malware is malicious software intended to wreak havoc and damage on target networks and systems, having the ability to spread on these systems while remaining undetectable, avoiding antivirus detection, causing changes and critical damage to the infected systems or networks. DOWNLOAD FULL REPORT.

Malware

Malware Retail Advertising Antivirus

A previously undetected FIN7 BIOLOAD loader drops new Carbanak Backdoor

Security Affairs

DECEMBER 29, 2019

Security experts from Fortinet’s enSilo have discovered a new loader, dubbed BIOLOAD, associated with the financially-motivated group FIN7. The group that has been active since late 2015 targeted businesses worldwide to steal payment card information. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime Antivirus Identity Theft Advertising

A Google Drive weakness could allow attackers to serve malware

Security Affairs

AUGUST 23, 2020

Experts pointed out that Google Chrome appears to implicitly trust any file downloaded from Google Drive, even if they are flagged and “malicious” by antivirus software as malicious. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Phishing Advertising Antivirus

Security Affairs newsletter Round 248

Security Affairs

JANUARY 26, 2020

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Russian operator of Cardplanet carding site pleads guilty in the US. Cisco Webex flaw allows unauthenticated remote attackers to join private meetings.

Data breaches

Data breaches Advertising Antivirus DDOS

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

. “To secure against Emotet, CISA and MS-ISAC recommend implementing the mitigation measures described in this Alert, which include applying protocols that block suspicious attachments, using antivirus software, and blocking suspicious IPs.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Banking Advertising Malware

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

The virus avoided detection by antivirus solutions through regular updates from an attacker-controlled command-and-control (C2) infrastructure, and spread through the company’s systems, causing network outages and shutting down essential services for nearly a week.” Pierluigi Paganini. SecurityAffairs – Emotet, malware).

Antivirus

Antivirus Malware Phishing Advertising

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs

SEPTEMBER 7, 2020

Generally speaking, removal/cleaning by antivirus is not a sufficient guarantee. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. . • Limit Internet access for all agents to a controlled white list. Disconnect compromised machines from the network without deleting data. Send the samples (.doc

Malware

Malware Advertising Antivirus Banking

Experts found privilege escalation issue in Symantec Endpoint Protection

Security Affairs

NOVEMBER 14, 2019

The issue is similar to other vulnerabilities discovered by researchers from SafeBreach Labs in other antivirus solutions from several security vendors, including McAfee, Trend Micro , Check Point, Bitdefender, AVG and Avast. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Antivirus

Antivirus Advertising Hacking Information Security

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

The company also recommends users to check the router’s DNS settings and to make sure the antivirus/malware solutions are up to date and run a full scan. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Users will be prompted to reset the passwords the next time they log in. Pierluigi Paganini.

Passwords

Passwords DNS Malware Advertising

A new Zero-Day in Steam client impacts over 96 million Windows users

Security Affairs

AUGUST 22, 2019

“For example, disabling firewall and antivirus, rootkit installation, concealing of process-miner, theft any PC user’s private data — is just a small portion of what could be done. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” wrote Kravetz. “ Valve banned me on their H1 program.

Advertising

Advertising Antivirus Firewall Information Security

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

According to the experts, LOLbins are very effecting in evading antivirus software. . In February, researchers at Cybereason’s Nocturnus team uncovered another Astaroth Trojan campaign that was exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules.

Antivirus

Antivirus Malware Advertising Security Intelligence

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

The Lokibot malware has been active since 2015, it is an infostealer that was involved in many malspam campaigns aimed at harvest credentials from web browsers, email clients, admin tools and that was also used to target cryptocoin-wallet owners. Below the list of mitigations: Maintain up-to-date antivirus signatures and engines.

Malware

Malware Passwords Advertising Antivirus

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Spyware

Spyware Hacking Advertising Antivirus

APT group targets high profile networks in Central Asia

Security Affairs

MAY 16, 2020

Security firms have foiled an advanced cyber espionage campaign carried out by Chinese APT and aimed at infiltrating a governmental institution and two companies. Antivirus firms have uncovered and foiled an advanced cyber espionage campaign aimed at a governmental institution and two companies in the telecommunications and gas sector.

Telecommunications

Telecommunications Malware Advertising Antivirus

Hackers penetrated NEC defense business division in 2016

Security Affairs

JANUARY 31, 2020

The attackers have exploited a directory traversal and arbitrary file upload vulnerability, tracked as CVE-2019-18187, in the Trend Micro OfficeScan antivirus. After the security firm patched the CVE-2019-18187 flaw in October, it warned customers that the issue was being actively exploited by hackers in the wild.

Data breaches

Data breaches Advertising Antivirus Encryption

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

In May, the FBI and CISA also warned cyber attacks coordinated by Beijing and attempting to steal COVID-19 information from US health care, pharmaceutical, and research industry sectors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Keep operating system patches up-to-date. Pierluigi Paganini.

Malware

Malware Government Passwords System Administration

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Below is the list of exploits used by the bot: Vulnerability Affected devices CVE-2020-8515 DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices CVE-2015-2051 D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3

IoT

IoT Firmware Malware Wireless

The German BSI agency recommends replacing Kaspersky antivirus software

Experts warn of flaws in popular Antivirus solutions

Webinars

Trending Sources

Comodo Antivirus is affected by several vulnerabilities

Webinars

A flaw in Kaspersky Antivirus allowed tracking its users online

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

BlackBerry Cylance addresses AI-based antivirus engine bypass

Firefox finally addressed the Antivirus software TLS Errors

Romanians arrested for running underground malware services

Avast disables the JavaScript engine component due to a severe issue

Some Fortinet products used hardcoded keys and weak encryption for communications

The Five-Step PCI DSS 4.0 Transition Checklist

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

15 billion credentials available in the cybercrime marketplaces

Kaspersky addressed multiple issues in online protection solutions

Experts link the Black Basta ransomware operation to FIN7 cybercrime gang

New variant of Dridex banking Trojan implements polymorphism

NCSC warns of a surge in ransomware attacks on education institutions

Experts found DLL Hijacking issues in Avast, AVG, and Avira solutions

Mozilla removed 4 Avast and AVG extensions for spying on Firefox users

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

UHS hospitals hit by Ryuk ransomware attack

Trend Micro addresses two issues exploited by hackers in the wild

Nemty Ransomware, a new malware appears in the threat landscape

Security Affairs newsletter Round 285

Report: Threat of Emotet and Ryuk

A previously undetected FIN7 BIOLOAD loader drops new Carbanak Backdoor

A Google Drive weakness could allow attackers to serve malware

Security Affairs newsletter Round 248

CISA alert warns of Emotet attacks on US govt entities

Microsoft’s case study: Emotet took down an entire network in just 8 days

France national cyber-security agency warns of a surge in Emotet attacks

Experts found privilege escalation issue in Symantec Endpoint Protection

Linksys force password reset to prevent Router hijacking

A new Zero-Day in Steam client impacts over 96 million Windows users

A new Astaroth Trojan Campaign uncovered by Microsoft

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs newsletter Round 261

APT group targets high profile networks in Central Asia

Hackers penetrated NEC defense business division in 2016

US govt agencies share details of the China-linked espionage malware Taidoor

BotenaGo botnet targets millions of IoT devices using 33 exploits

Stay Connected