Advertising, Antivirus and Information Security

FBI warns of malicious free online document converters spreading malware

Security Affairs

MARCH 24, 2025

” Fake file converters and download tools may perform advertised tasks but can provide resulting files containing hidden malware, giving criminals access to victims’ devices. They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload.

Malware

Malware Scams Identity Theft Antivirus

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malicious code was advertised on cybercrime forums for $3,000 per month.

Malware

Malware Advertising Antivirus Cybercrime

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

86 million AT&T customer records reportedly up for sale on the dark web

Zero Day

JUNE 6, 2025

With both date of birth and SSNs being compromised, malicious actors have all the information they need to conduct fraud and impersonate AT&T customers. " Also: Stop paying for antivirus software. Trey Ford, Chief Information Security Officer at crowdsourced cybersecurity firm Bugcrowd offers an interesting take.

Password Management

Password Management Passwords Identity Theft Artificial Intelligence

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch

Zero Day

JULY 23, 2025

Apply the latest security patches, including those from the July Patch Tuesday updates. Make sure that the Windows Antimalware Scan Interface (AMSI) is enabled and set up properly with an antivirus product such as Defender Antivirus. Install security software such as Microsoft Defender for Endpoint. All rights reserved.

Software

Software Artificial Intelligence Digital transformation Education

Experts warn of flaws in popular Antivirus solutions

Security Affairs

OCTOBER 5, 2020

Researchers disclosed details of security flaws in popular antivirus software that could allow threat actors to increase privileges. Antivirus solutions that are supposed to protect the systems from infection may unintentionally allow malware in escalating privileges on the system. . SecurityAffairs – hacking, antivirus).

Antivirus

Antivirus Malware Advertising Software

FTC charged Avast with selling users’ browsing data to advertising companies

Security Affairs

FEBRUARY 22, 2024

US FTC charged cyber security firm Avast with harvesting consumer web browsing data through its browser extension and antivirus and sold it. The antivirus firm is accused of selling the data to advertising companies without user consent. ” re ads the FTC’s complaint. ” re ads the FTC’s complaint.

Advertising

Advertising Antivirus Data collection Software

Cybercrime group FIN7 advertises new EDR bypass tool on hacking forums

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums.

Advertising

Advertising Cybercrime Hacking Antivirus

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. ” reported ZDNet. Pierluigi Paganini.

Antivirus

Antivirus Hacking Advertising Media

Comodo Antivirus is affected by several vulnerabilities

Security Affairs

JULY 23, 2019

Experts discovered several flaws in Comodo Antivirus, including a vulnerability that could allow to escape the sandbox and escalate privileges. The Tenable expert David Wells discovered five flaws in the Comodo Antivirus and Comodo Antivirus Advanced. We recommend to keep updated on future Comodo Antivirus releases.”

Antivirus

Antivirus Advertising Hacking Malware

A flaw in Kaspersky Antivirus allowed tracking its users online

Security Affairs

AUGUST 15, 2019

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years.

Antivirus

Antivirus Advertising Software Internet

BlackBerry Cylance addresses AI-based antivirus engine bypass

Security Affairs

JULY 22, 2019

BlackBerry Cylance has addressed a bypass vulnerability recently discovered in its AI-based antivirus engine CylancePROTECT product. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Antivirus

Antivirus Engineering Advertising Hacking

Firefox finally addressed the Antivirus software TLS Errors

Security Affairs

JULY 2, 2019

Firefox finally addressed the issues with antivirus apps crashing HTTPS websites starting with the release of Firefox 68. Mozilla announced that it will resolve the issues that caused antivirus apps crashing HTTPs websites with the release of Firefox 68 version. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Antivirus

Antivirus Software Advertising Information Security

Avast disables the JavaScript engine component due to a severe issue

Security Affairs

MARCH 11, 2020

Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. Ormandy pointed out that the main Avast antivirus process, AvastSvc.exe, which, runs as SYSTEM. ” reads the statement released by the security firm.

Engineering

Engineering Antivirus Advertising Hacking

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Antivirus DNS Advertising

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

“Account accesses for antivirus programs garner the second-highest prices: around $21.67. The cost for antivirus accounts is just over $20, while other types of accounts (cable, social media, VPN, streaming, adult, music, file sharing, and video game accounts) typically go for less than $10. ” continues the report.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Kaspersky addressed multiple issues in online protection solutions

Security Affairs

NOVEMBER 26, 2019

Kaspersky has fixed several flaws affecting the web protection features implemented in some of its security products. The vulnerabilities were found by the security researcher Wladimir Palant that reported them to Kaspersky in December 2018. As in: under some circumstances, antivirus would still crash. I wouldn’t bet on it.”

Antivirus

Antivirus Advertising Password Management Hacking

New variant of Dridex banking Trojan implements polymorphism

Security Affairs

JULY 1, 2019

On June 26, 2019, experts at eSentire Threat Intelligence discovered a C2 infrastructure pointing to a similar Dridex variant that was undetected by most of the antivirus listed in VirusTotal service. At the time of discovery, using data from VirusTotal, only six antivirus solutions of about 60 detected suspicious behavior [ 2 ].

Banking

Banking Antivirus Advertising Encryption

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Malware is malicious software intended to wreak havoc and damage on target networks and systems, having the ability to spread on these systems while remaining undetectable, avoiding antivirus detection, causing changes and critical damage to the infected systems or networks. DOWNLOAD FULL REPORT.

Malware

Malware Advertising Antivirus Retail

Trend Micro addresses two issues exploited by hackers in the wild

Security Affairs

MARCH 18, 2020

In January, Chinese hackers have exploited another zero-day vulnerability in the Trend Micro OfficeScan antivirus in an attack that hit Mitsubishi Electric. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Antivirus Advertising Cybercrime

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post NCSC warns of a surge in ransomware attacks on education institutions appeared first on Security Affairs. Pierluigi Paganini.

Education

Education Ransomware Antivirus Backups

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Security Affairs

NOVEMBER 14, 2019

McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. Experts explained that it is possible to bypass the self-defense mechanism of the antivirus because the antivirus doesn’t validate digital signature of the DLL file.

Antivirus

Antivirus Advertising Software Internet

UHS hospitals hit by Ryuk ransomware attack

Security Affairs

SEPTEMBER 28, 2020

“When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads one of the reports shared online.

Ransomware

Ransomware Healthcare Advertising Antivirus

Belarussian authorities arrested GandCrab ransomware distributor

Security Affairs

AUGUST 3, 2020

The GandCrab was advertised in the Russian hacking community, researchers from LMNTRIX who discovered it noticed that authors was leveraging the RIG and GrandSoft exploit kits to distribute the malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. reads the translation of the ad. Pierluigi Paganini.

Ransomware

Ransomware Advertising Malware Hacking

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

The virus avoided detection by antivirus solutions through regular updates from an attacker-controlled command-and-control (C2) infrastructure, and spread through the company’s systems, causing network outages and shutting down essential services for nearly a week.” Pierluigi Paganini. SecurityAffairs – Emotet, malware).

Antivirus

Antivirus Malware Phishing Advertising

A Google Drive weakness could allow attackers to serve malware

Security Affairs

AUGUST 23, 2020

Experts pointed out that Google Chrome appears to implicitly trust any file downloaded from Google Drive, even if they are flagged and “malicious” by antivirus software as malicious. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, Google Drive).

Malware

Malware Phishing Advertising Antivirus

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs

SEPTEMBER 7, 2020

Generally speaking, removal/cleaning by antivirus is not a sufficient guarantee. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . • Limit Internet access for all agents to a controlled white list. Send the samples (.doc

Malware

Malware Advertising Antivirus Banking

Nemty Ransomware, a new malware appears in the threat landscape

Security Affairs

AUGUST 26, 2019

The code also included a link to an image of the Russian President Putin and a message to the antivirus industry. “At first, the reference seemed an odd thing in the code but a second look at how Nemty worked revealed that it was the key for decoding base64 strings and create URLs is a straight message to the antivirus industry.”

Ransomware

Ransomware Malware Antivirus Encryption

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

The company also recommends users to check the router’s DNS settings and to make sure the antivirus/malware solutions are up to date and run a full scan. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Passwords

Passwords DNS Malware Advertising

Security Affairs newsletter Round 248

Security Affairs

JANUARY 26, 2020

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Cisco Webex flaw allows unauthenticated remote attackers to join private meetings.

Data breaches

Data breaches Antivirus Advertising DDOS

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

” reads the press release published by the DoJ. “The “fxmsp” group established persistent access, or “backdoors,” to victim networks, which they then advertised and sold to other cybercriminals subjecting victims to a variety of cyberattacks and fraud.” Attorney Brian T. Pierluigi Paganini.

Hacking

Hacking Antivirus Advertising Cybercrime

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

. “To secure against Emotet, CISA and MS-ISAC recommend implementing the mitigation measures described in this Alert, which include applying protocols that block suspicious attachments, using antivirus software, and blocking suspicious IPs.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Banking Advertising Malware

Hackers penetrated NEC defense business division in 2016

Security Affairs

JANUARY 31, 2020

Mitsubishi Electric disclosed the security incident only after two local newspapers, the Asahi Shimbun and Nikkei , reported the security breach. The attackers have exploited a directory traversal and arbitrary file upload vulnerability, tracked as CVE-2019-18187, in the Trend Micro OfficeScan antivirus. Pierluigi Paganini.

Data breaches

Data breaches Advertising Antivirus Encryption

Epic Manchego gang uses Excel docs that avoid detection

Security Affairs

SEPTEMBER 7, 2020

Some antivirus solutions specifically analyze this section look for malicious VBA code in the Excel docs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, Norway).

Cybercrime

Cybercrime Phishing Advertising Antivirus

Mozilla removed 4 Avast and AVG extensions for spying on Firefox users

Security Affairs

DECEMBER 3, 2019

These browser extensions are installed when users install Avast or AVG antivirus solutions on their computers on their PCs. “Are you one of the allegedly 400 million users of Avast antivirus products? “Are you one of the allegedly 400 million users of Avast antivirus products? This will be “US” for US English.

Antivirus

Antivirus Advertising Scams Phishing

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

According to the experts, LOLbins are very effecting in evading antivirus software. . In February, researchers at Cybereason’s Nocturnus team uncovered another Astaroth Trojan campaign that was exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules.

Antivirus

Antivirus Malware Advertising Security Intelligence

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. Review antivirus logs for indications they were unexpectedly turned off. Install and regularly update antivirus and anti-malware software on all hosts. Implement network segmentation.

Ransomware

Ransomware Antivirus Passwords Malware

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

CISA reports provide the following recommendations to users and administrators to strengthen the security posture of their organization’s systems: • Maintain up-to-date antivirus signatures and engines. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Keep operating system patches up-to-date.

Malware

Malware Passwords Advertising Antivirus

New Android BlackRock malware targets hundreds of apps

Security Affairs

JULY 16, 2020

.” The malicious code supports multiple commands, it could launch overlay attacks, log keystrokes, send spam the victims’ contact lists with SMS messages, and prevent victims from using antivirus software. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Banking Mobile Spyware

APT group targets high profile networks in Central Asia

Security Affairs

MAY 16, 2020

Security firms have foiled an advanced cyber espionage campaign carried out by Chinese APT and aimed at infiltrating a governmental institution and two companies. Antivirus firms have uncovered and foiled an advanced cyber espionage campaign aimed at a governmental institution and two companies in the telecommunications and gas sector.

Telecommunications

Telecommunications Malware Advertising Antivirus

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – newsletter, hacking).

Hacking

Hacking Spyware Advertising Antivirus

QNodeService Trojan spreads via fake COVID-19 tax relief

Security Affairs

MAY 16, 2020

However, the use of an uncommon platform may have helped evade detection by antivirus software.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . “The use of Node.js Pierluigi Paganini.

Malware

Malware Phishing Advertising Antivirus

Crooks leverages.htaccess injector on Joomla and WordPress sites for malicious redirects

Security Affairs

MAY 27, 2019

The website was used by attackers to redirect traffic to advertising sites that attempted to deliver malware. pw /XcTyTp advertisement website. A warning message from endpoint antivirus software when users try to visit malicious site redirected by Joomla and WordPress sites. htaccess code injection. ” concludes Sucuri.

Advertising

Advertising Malware Antivirus Phishing

Lampion malware v2 February 2020

Security Affairs

FEBRUARY 24, 2020

The reason behind that is simple: to evade antivirus detection. With this new trick, antivirus detection will be harder, and its analysis a little bit confused. He is also a founding member and Pentester at CSIRT.UBI and founder of the security computer blog seguranca–informatica.pt. Pierluigi Paganini.

Malware

Malware Banking Antivirus Advertising

FBI warns of malicious free online document converters spreading malware

Banshee macOS stealer supports new evasion mechanisms

Trending Sources

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

86 million AT&T customer records reportedly up for sale on the dark web

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch

Experts warn of flaws in popular Antivirus solutions

FTC charged Avast with selling users’ browsing data to advertising companies

Cybercrime group FIN7 advertises new EDR bypass tool on hacking forums

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Comodo Antivirus is affected by several vulnerabilities

A flaw in Kaspersky Antivirus allowed tracking its users online

BlackBerry Cylance addresses AI-based antivirus engine bypass

Firefox finally addressed the Antivirus software TLS Errors

Avast disables the JavaScript engine component due to a severe issue

Some Fortinet products used hardcoded keys and weak encryption for communications

15 billion credentials available in the cybercrime marketplaces

Kaspersky addressed multiple issues in online protection solutions

New variant of Dridex banking Trojan implements polymorphism

Report: Threat of Emotet and Ryuk

Trend Micro addresses two issues exploited by hackers in the wild

NCSC warns of a surge in ransomware attacks on education institutions

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

UHS hospitals hit by Ryuk ransomware attack

Belarussian authorities arrested GandCrab ransomware distributor

Microsoft’s case study: Emotet took down an entire network in just 8 days

A Google Drive weakness could allow attackers to serve malware

France national cyber-security agency warns of a surge in Emotet attacks

Nemty Ransomware, a new malware appears in the threat landscape

Linksys force password reset to prevent Router hijacking

Security Affairs newsletter Round 248

DOJ indicts Fxmsp hacker for selling access to hacked businesses

CISA alert warns of Emotet attacks on US govt entities

Hackers penetrated NEC defense business division in 2016

Epic Manchego gang uses Excel docs that avoid detection

Mozilla removed 4 Avast and AVG extensions for spying on Firefox users

A new Astaroth Trojan Campaign uncovered by Microsoft

BlackCat Ransomware gang breached over 60 orgs worldwide

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

New Android BlackRock malware targets hundreds of apps

APT group targets high profile networks in Central Asia

Security Affairs newsletter Round 261

QNodeService Trojan spreads via fake COVID-19 tax relief

Crooks leverages.htaccess injector on Joomla and WordPress sites for malicious redirects

Lampion malware v2 February 2020

Stay Connected