article thumbnail

Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine

Security Affairs

Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine. The vulnerability affects versions 1.0.0 and earlier.

article thumbnail

Cybercriminals Using Powerful BatCloak Engine to Make Malware Fully Undetectable

The Hacker News

A fully undetectable (FUD) malware obfuscation engine named BatCloak is being used to deploy various malware strains since September 2022, while persistently evading antivirus detection.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Heap Buffer Overflow Vulnerability found in Kaspersky Antivirus Engine

Security Affairs

Security researchers at the Imaginary team discovered a Heap Buffer Overflow Vulnerability in Kaspersky Antivirus Engine and responsibly reported it. Security experts at the Imaginary team discovered a Heap Buffer Overflow vulnerability in Kaspersky Antivirus Engine. SecurityAffairs – Kaspersky Antivirus, hacking).

article thumbnail

BlackBerry Cylance addresses AI-based antivirus engine bypass

Security Affairs

BlackBerry Cylance has addressed a bypass vulnerability recently discovered in its AI-based antivirus engine CylancePROTECT product. They discovered that the AI-based engine appeared to give special treatment to the files associated with a popular unnamed videogame. In most of cases the files were rated as harmless.

article thumbnail

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software

The Hacker News

Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of remote code execution residing in the HFS+ file parser component.

article thumbnail

Giant health insurer struck by ransomware didn't have antivirus protection

Malwarebytes

The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. Their data is now available for download on the dark web.

article thumbnail

Microsoft fixes Defender flaw letting hackers bypass antivirus scans

Bleeping Computer

Microsoft has recently addressed a weakness in the Microsoft Defender Antivirus on Windows that allowed attackers to plant and execute malicious payloads without triggering Defender's malware detection engine. [.].