Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. Pierluigi Paganini.

Antivirus 145

Antivirus Hacking Advertising Media 145

Security Affairs

APRIL 2, 2025

Delivered via phishing and hosted on compromised SharePoint sites, it remains undetected by most antivirus solutions, posing a serious security risk. Despite its mild obfuscation, it remains fully undetected (FUD) by most antivirus solutions. ” concludes the report.

Antivirus 129

Antivirus Cybercrime Malware Encryption 129

Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. After that, the following files are extracted, namely: Avira.exe : Legitimate injector from Avira Antivirus. In the last few years, many banking trojans developed by Latin American criminals have increased in volume and sophistication.

Antivirus 135

Antivirus Malware Banking Internet 135

Security Affairs

MARCH 24, 2025

The FBI Denver Field Office advises staying cautious online, being aware of potential risks, and keeping antivirus software updated to scan files before opening them. If users fall victim to this scam, immediately contact their financial institutions, secure their accounts, and change all passwords using a trusted device.

Malware 118

Malware Scams Identity Theft Antivirus 118

Security Affairs

SEPTEMBER 19, 2024

Russian anti-virus firm Doctor Web (Dr.Web) disconnected all servers following a cyberattack over the weekend. This week, the Russian anti-malware firm Doctor Web (Dr.Web) announced that it had disconnected all servers following a cyberattack on Saturday, September 14.

Antivirus 138

Antivirus Hacking Malware Information Security 138

Security Affairs

APRIL 22, 2025

Keeping devices updated and using reliable antivirus software also helps prevent malware-related data theft. Japan s Financial Services Agency (FSA) recommends checking the warning issued by the Japan Securities Dealers Association regarding matters to be aware of when using securities companies’ online trading services.

Financial Services 121

Financial Services Passwords Antivirus Accountability 121

Security Affairs

AUGUST 27, 2022

Threat actors abused a vulnerable anti-cheat driver for the Genshin Impact video game to disable antivirus software. sys, for the Genshin Impact video game to disable antivirus software. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware.”

Antivirus 98

Antivirus Ransomware Malware Cybercrime 98

Security Affairs

FEBRUARY 17, 2023

Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine.

Antivirus 98

Antivirus Engineering Malware Hacking 98

Security Affairs

JANUARY 10, 2025

A version discovered by Check Point in September relied on Apple’s XProtect encryption algorithm for obfuscation, allowing it to evade antivirus detection until its source code leak in November. The malicious code was advertised on cybercrime forums for $3,000 per month.

Malware 122

Malware Advertising Antivirus Cybercrime 122

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. How to protect yourself and your data Smart ways to secure your devices Strong passwords – Make them long, random, and unique.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Security Affairs

FEBRUARY 13, 2025

Users that played the game have received the following email: pic.twitter.com/B98BFs0WbK — SteamDB (@SteamDB) February 12, 2025 The game PirateFi was released as beta, but multiple antivirus flagged it as “Trojan.Win32.Lazzzy.gen.” Lazzzy.gen.” SteamDB estimates that over 800 users may have downloaded the game.

Malware 111

Malware Antivirus Accountability Software 111

Security Affairs

APRIL 2, 2025

.” To protect against malware, experts recommend buying smartphones from authorized distributors and installing security solutions like Kaspersky for Android immediately. In March 2018, security researchers at Antivirus firmDr.Web discovered that 42 models of low-cost Android smartphones were shipped with the Android.Triada.231

Cryptocurrency 123

Cryptocurrency Malware Mobile Firmware 123

Security Affairs

NOVEMBER 6, 2024

” The hospital identified the ransomware attack early Saturday after antivirus software installed on the employees’ PCs flagged potential risks. While we believe this issue will not impact either the level or the quality of care we provide to our patients, we want to be fully transparent regarding this situation.”

Ransomware 127

Ransomware Healthcare Antivirus Data breaches 127

Security Affairs

NOVEMBER 17, 2024

New Campaign Uses Remcos RAT to Exploit Victims Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign Ymir: new stealthy ransomware in the wild ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes Glove Stealer: Leveraging IElevator (..)

Malware 116

Malware Antivirus Encryption Education 116

Security Affairs

FEBRUARY 4, 2025

It gathers system details, including antivirus information, encodes the data, and sends it to a remote server. .” The decrypted MSIL file maintains persistence by modifying the Windows registry to execute a PowerShell command that downloads the Coyote Banking Trojan.

Banking 119

Banking Malware Antivirus Cyber threats 119

Security Affairs

MARCH 11, 2020

Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. Ormandy pointed out that the main Avast antivirus process, AvastSvc.exe, which, runs as SYSTEM.

Engineering 144

Engineering Antivirus Advertising Hacking 144

Security Boulevard

MARCH 25, 2021

In the last decade the role of the chief information security officer (CISO) has evolved considerably. Not long ago, the CISO was considered a part of the IT team and their main focus was on building firewalls, implementing antivirus and keeping spam emails at bay. Today, however, things are very different. The huge surge in.

CISO 128

CISO Antivirus Firewall Information Security 128

Security Affairs

APRIL 16, 2025

” In September, security researchers from G DATA discovered more than two dozen Android mobile phones from different manufacturers already infected by pre-installed malware. .” concludes the report that includes indicators of compromise (IoCs).

Malware 130

Malware Manufacturing Mobile Spyware 130

Security Affairs

MAY 1, 2025

The DarkWatchman malware can evade detection by standard antivirus software. Once opened, the archive triggered an infection chain that installed a modified version of DarkWatchman malware on the recipients system.

Malware 87

Malware Phishing Telecommunications Antivirus 87

Security Affairs

MARCH 31, 2025

The PowerShell code avoids antivirus detection by using Get-Command to execute the payload. The malicious LNK files, created on two machines, contain PowerShell code to download the next stage payload and a decoy file to disguise the infection.

Phishing 114

Phishing Antivirus Encryption Hacking 114

Security Affairs

DECEMBER 17, 2024

Recommendations include timely patching, using strong and unique passwords, enabling multi-factor authentication, implementing security tools to detect abnormal activity, auditing accounts, scanning for open ports, segmenting networks, updating antivirus software, and creating offline backups.

Architecture 109

Architecture Internet Internet Malware 109

Security Affairs

NOVEMBER 22, 2020

“Two Romanian suspects have been arrested yesterday for allegedly running the CyberSeal and Dataprotector crypting services to evade antivirus software detection.” The pair also operated the Cyberscan service which allowed their clients to test their malware against antivirus tools. ” continues the press release.

Malware 143

Malware Antivirus Cybercrime Software 143

Security Affairs

MARCH 21, 2021

Microsoft announced that its Defender Antivirus and System Center Endpoint Protection now protects users against attacks exploiting Exchange Server vulnerabilities. “Today, we have taken an additional step to further support our customers who are still vulnerable and have not yet implemented the complete security update. .

Antivirus 142

Antivirus Small Business Security Intelligence Hacking 142

Security Affairs

JUNE 27, 2021

“While the Windows system is in safe mode antivirus software doesn’t work. The researchers started investigating the threat after they became aware that the malware was disabling and uninstalling its antivirus from infected devices. “It also uses WQL to query all antivirus software installed SELECT * FROM AntiVirusProduct.”

Antivirus 144

Antivirus Cryptocurrency Malware Software 144

Security Affairs

JUNE 6, 2025

The threat actors behind the operation use tools like AdFind and Grixba to gather network data and identify antivirus defenses, then disable security software using GMER, IOBit, or PowerTool. They often deploy PowerShell scripts to target Microsoft Defender.

Ransomware 97

Ransomware Encryption Antivirus Malware 97

Security Affairs

JANUARY 10, 2025

Since June 2023, MirrorFace has used the Windows Sandbox feature to execute LOADEINFO malware within an isolated environment, evading antivirus detection. Track antivirus detections carefully. This tactic has also been observed with other China-linked APT groups.

Antivirus 78

Antivirus Malware System Administration Technology 78

Security Affairs

FEBRUARY 28, 2025

In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Antivirus 66

Antivirus Firmware Encryption Manufacturing 66

Security Affairs

NOVEMBER 5, 2024

“An important question arising from this analysis is not just how to defend against threats like ToxicPanda but why contemporary antivirus solutions have struggled to detect a threat that is, in technical terms, relatively straightforward. Spain and Peru, at 3.9% and 3.4%, indicate a potential expansion into Latin America.

Banking 123

Banking Malware Accountability Authentication 123

Security Affairs

FEBRUARY 18, 2024

Below is the list of impacted programs and versions: ESET NOD32 Antivirus, Internet Security, Smart Security Premium, Security Ultimate 16.2.15.0 and earlier ESET Endpoint Antivirus for Windows and Endpoint Security for Windows 10.1.2058.0, 10.0.10017.0, 10.0.10017.0,

Antivirus 144

Antivirus Internet Internet Cybersecurity 144

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches 119

Data breaches Cybercrime Cyber Insurance Marketing 119

Security Affairs

MARCH 10, 2025

The discovered infected archives contained an additional executable, with a modified start script tricking victims into disabling antivirus protections. By December 2024, reports emerged of further miner-infected versions spreading via Telegram and YouTube. It fetched a second-stage payload from hardcoded domains, executing it as t.py

Cryptocurrency 92

Cryptocurrency Malware Social Engineering Antivirus 92

Security Affairs

APRIL 21, 2025

The malware maintains a low detection rate among antivirus solutions due to its minimal permission model and narrow focus on NFC relay attacks. The malware also uses stored ATR messages to enable card emulation, helping attackers trick POS terminals and ATMs into accepting the relayed card as genuine.

Malware 108

Malware Social Engineering Banking Engineering 108

Security Affairs

JULY 26, 2021

Tests conducted by the experts demonstrated how to embed 36.9MB of malware into a 178MB-AlexNet model within 1% accuracy loss, this means that the threat is completely transparent to antivirus engines. 58 antivirus engines were involved in the detection works, and no suspicious was detected. ” states the paper.

Malware 141

Malware Antivirus Artificial Intelligence Engineering 141

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. UDP ports 53, 8888 and TCP port 80 (HTTP POST /fgdsvc).

Encryption 142

Encryption Antivirus DNS Advertising 142

Security Affairs

FEBRUARY 22, 2024

US FTC charged cyber security firm Avast with harvesting consumer web browsing data through its browser extension and antivirus and sold it. The antivirus firm is accused of selling the data to advertising companies without user consent. ” re ads the FTC’s complaint.

Advertising 138

Advertising Antivirus Data collection Software 138

Security Affairs

MAY 25, 2024

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. The fake websites were masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes. exe.zip”) that was used to deploy the Lumma information stealer.

Malware 139

Malware Antivirus Cryptocurrency Hacking 139

Security Affairs

SEPTEMBER 23, 2024

“ESET received a report stating that on a machine with the affected ESET product installed, it was possible for a user with low privileges to plant a symlink to a specific location, preventing ESET security product from starting properly.” The flaw impacts the following products: ESET Cyber Security 7.0 – 7.4.1600.0

Antivirus 131

Antivirus Small Business Engineering Internet 131