Security Affairs

MARCH 11, 2020

Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. Ormandy pointed out that the main Avast antivirus process, AvastSvc.exe, which, runs as SYSTEM. ” reads the statement released by the security firm.

Engineering 144

Engineering Antivirus Advertising Hacking 144

Security Affairs

NOVEMBER 22, 2020

“Two Romanian suspects have been arrested yesterday for allegedly running the CyberSeal and Dataprotector crypting services to evade antivirus software detection.” The pair also operated the Cyberscan service which allowed their clients to test their malware against antivirus tools.

Malware 142

Malware Antivirus Cybercrime Software 142

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption 141

Encryption Antivirus DNS Advertising 141

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. ”The websites promised to render malicious software fully undetectable by nearly every major provider of antivirus software. . ” reads the press release published by DoJ.”The

Antivirus 114

Antivirus Malware Software Cryptocurrency 114

Security Affairs

JULY 1, 2019

Security experts at eSentire observed a new campaign spreading a variant of the Dridex banking Trojan that implements polymorphism. The Dridex banking Trojan that has been around since 2014, it was involved in numerous campaigns against financial institutions over the years and crooks have continuously improved it. Pierluigi Paganini.

Banking 108

Banking Antivirus Advertising Encryption 108

Security Affairs

JULY 9, 2020

“Account accesses for antivirus programs garner the second-highest prices: around $21.67. The cost for antivirus accounts is just over $20, while other types of accounts (cable, social media, VPN, streaming, adult, music, file sharing, and video game accounts) typically go for less than $10. Pierluigi Paganini.

Cybercrime 145

Cybercrime Antivirus Marketing Accountability 145

Security Affairs

NOVEMBER 26, 2019

Kaspersky has fixed several flaws affecting the web protection features implemented in some of its security products. The vulnerabilities were found by the security researcher Wladimir Palant that reported them to Kaspersky in December 2018. As in: under some circumstances, antivirus would still crash. I wouldn’t bet on it.”

Antivirus 121

Antivirus Advertising Password Management Passwords 121

Security Affairs

NOVEMBER 14, 2019

McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. Experts explained that it is possible to bypass the self-defense mechanism of the antivirus because the antivirus doesn’t validate digital signature of the DLL file.

Antivirus 103

Antivirus Advertising Software Internet 103

Security Affairs

JUNE 23, 2021

One of the fathers of antivirus software, the entrepreneur John McAfee has been found dead in a Barcelona prison cell while he was waiting for extradition to the US. The authorities claim that the McAfee failed to file tax returns for incomes related to a period between 2014 and 2018. reads the press release published by DoJ.

Cryptocurrency 145

Cryptocurrency Banking Accountability Antivirus 145

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post NCSC warns of a surge in ransomware attacks on education institutions appeared first on Security Affairs. Pierluigi Paganini.

Education 145

Education Ransomware Antivirus Backups 145

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. .

Government 143

Government Banking Advertising Malware 143

Security Affairs

SEPTEMBER 28, 2020

“When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads one of the reports shared online.

Ransomware 137

Ransomware Healthcare Advertising Antivirus 137

Security Affairs

DECEMBER 3, 2019

These browser extensions are installed when users install Avast or AVG antivirus solutions on their computers on their PCs. “Are you one of the allegedly 400 million users of Avast antivirus products? “Are you one of the allegedly 400 million users of Avast antivirus products? This will be “US” for US English.

Antivirus 98

Antivirus Advertising Scams Phishing 98

Security Affairs

OCTOBER 23, 2019

Flaws in Avast, AVG, and Avira Antivirus could be exploited by an attacker to load a malicious DLL file to bypass defenses and escalate privileges. The Antivirus implements a self-defense mechanism that prevents malicious code to write and implant a DLL to its folders. ” continues the experts. Pierluigi Paganini.

Antivirus 75

Antivirus Advertising Security Defenses Hacking 75

Security Affairs

SEPTEMBER 7, 2020

The French national cyber-security agency published an alert to warn of a significant increase of Emotet attacks targeting the private sector and public administration entities in France. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Send the samples (.doc

Malware 144

Malware Advertising Antivirus Banking 144

Security Affairs

APRIL 4, 2020

The virus avoided detection by antivirus solutions through regular updates from an attacker-controlled command-and-control (C2) infrastructure, and spread through the company’s systems, causing network outages and shutting down essential services for nearly a week.” Pierluigi Paganini. SecurityAffairs – Emotet, malware).

Antivirus 144

Antivirus Malware Phishing Advertising 144

Security Affairs

MARCH 18, 2020

In January, Chinese hackers have exploited another zero-day vulnerability in the Trend Micro OfficeScan antivirus in an attack that hit Mitsubishi Electric. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication 137

Authentication Advertising Antivirus Cybercrime 137

Security Affairs

OCTOBER 11, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Security Affairs newsletter Round 285 appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Advertising 102

Advertising Ransomware Antivirus Hacking 102

Security Affairs

JANUARY 31, 2020

Malware is malicious software intended to wreak havoc and damage on target networks and systems, having the ability to spread on these systems while remaining undetectable, avoiding antivirus detection, causing changes and critical damage to the infected systems or networks. DOWNLOAD FULL REPORT.

Malware 143

Malware Advertising Retail Antivirus 143

Security Affairs

AUGUST 26, 2019

The code also included a link to an image of the Russian President Putin and a message to the antivirus industry. “At first, the reference seemed an odd thing in the code but a second look at how Nemty worked revealed that it was the key for decoding base64 strings and create URLs is a straight message to the antivirus industry.”

Ransomware 111

Ransomware Malware Antivirus Encryption 111

Security Affairs

AUGUST 23, 2020

Experts pointed out that Google Chrome appears to implicitly trust any file downloaded from Google Drive, even if they are flagged and “malicious” by antivirus software as malicious. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, Google Drive).

Malware 145

Malware Phishing Advertising Antivirus 145

Security Affairs

JANUARY 26, 2020

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Cisco Webex flaw allows unauthenticated remote attackers to join private meetings.

Data breaches 114

Data breaches Advertising Antivirus DDOS 114

Security Affairs

APRIL 16, 2020

The company also recommends users to check the router’s DNS settings and to make sure the antivirus/malware solutions are up to date and run a full scan. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Passwords 145

Passwords DNS Malware Advertising 145

Security Affairs

NOVEMBER 28, 2021

. “TAG observed a North Korean government-backed attacker group that previously targeted security researchers posing as recruiters at Samsung and sending fake job opportunities to employees at multiple South Korean information security companies that sell anti-malware solutions.”

Malware 144

Malware Phishing Antivirus Hacking 144

Security Affairs

MAY 16, 2020

Security firms have foiled an advanced cyber espionage campaign carried out by Chinese APT and aimed at infiltrating a governmental institution and two companies. Antivirus firms have uncovered and foiled an advanced cyber espionage campaign aimed at a governmental institution and two companies in the telecommunications and gas sector.

Telecommunications 130

Telecommunications Malware Advertising Antivirus 130

Security Affairs

AUGUST 22, 2019

“For example, disabling firewall and antivirus, rootkit installation, concealing of process-miner, theft any PC user’s private data — is just a small portion of what could be done. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising 111

Advertising Antivirus Firewall Information Security 111

Security Affairs

JULY 9, 2019

According to the experts, LOLbins are very effecting in evading antivirus software. . In February, researchers at Cybereason’s Nocturnus team uncovered another Astaroth Trojan campaign that was exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules.

Antivirus 106

Antivirus Malware Advertising Security Intelligence 106

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 122

Hacking Spyware Advertising Antivirus 122

Security Affairs

SEPTEMBER 7, 2020

Some antivirus solutions specifically analyze this section look for malicious VBA code in the Excel docs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, Norway).

Cybercrime 136

Cybercrime Phishing Advertising Antivirus 136

Security Affairs

NOVEMBER 14, 2019

The issue is similar to other vulnerabilities discovered by researchers from SafeBreach Labs in other antivirus solutions from several security vendors, including McAfee, Trend Micro , Check Point, Bitdefender, AVG and Avast. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Antivirus 104

Antivirus Advertising Hacking Information Security 104

Security Affairs

MAY 3, 2022

A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. RedFoxtrot has been active since at least 2014 and focused on gathering military intelligence from neighboring countries, it is suspected to work under the PLA China-linked Unit 69010.

Software 137

Software Malware Telecommunications Antivirus 137

Security Affairs

APRIL 29, 2021

Experts from Kaspersky explained that in February 2019, multiple antivirus companies received a collection of malware samples, some of them cannot be associated with the activity of known APT groups. . A deeper analysis of some of these samples revealed that they were compiled in 2014 and used in the wild between 2014 and 2015.

Malware 126

Malware Hacking Government Telecommunications 126

Security Affairs

JULY 8, 2020

The name Fxmsp refers a high-profile Russian- and English-speaking hacking group focused on breaching high-profile private corporate and government information. Since March 2019, Fxmsp announced in cybercrime forums the availability of information stolen from major antivirus companies located in the U.S.

Hacking 114

Hacking Antivirus Advertising Cybercrime 114

The Last Watchdog

JUNE 21, 2020

The CryptoLocker wave went into a decline in June 2014 as a result of the so-called Operation Tovar , an initiative orchestrated by law enforcement agencies from multiple countries. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

JANUARY 31, 2020

The attackers have exploited a directory traversal and arbitrary file upload vulnerability, tracked as CVE-2019-18187, in the Trend Micro OfficeScan antivirus. After the security firm patched the CVE-2019-18187 flaw in October, it warned customers that the issue was being actively exploited by hackers in the wild. Pierluigi Paganini.

Data breaches 137

Data breaches Advertising Antivirus Encryption 137

Security Affairs

JULY 16, 2020

.” The malicious code supports multiple commands, it could launch overlay attacks, log keystrokes, send spam the victims’ contact lists with SMS messages, and prevent victims from using antivirus software. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware 130

Malware Banking Mobile Advertising 130

Security Affairs

DECEMBER 29, 2019

Experts pointed out that the BIOLOAD’s WinBio.dll is still detected by a limited number of antivirus on VirusTotal scanning platform despite it was compiled nine months ago. Experts noticed that these new Carbanak samples implement more checks for antivirus solutions running on the infected machines than previous ones. .

Cybercrime 93

Cybercrime Antivirus Identity Theft Advertising 93