2014, Antivirus and Information Security

Experts warn of flaws in popular Antivirus solutions

Security Affairs

OCTOBER 5, 2020

Researchers disclosed details of security flaws in popular antivirus software that could allow threat actors to increase privileges. Antivirus solutions that are supposed to protect the systems from infection may unintentionally allow malware in escalating privileges on the system. . SecurityAffairs – hacking, antivirus).

Antivirus

Antivirus Malware Advertising Software

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. ” reported ZDNet. Pierluigi Paganini.

Antivirus

Antivirus Hacking Advertising Media

Comodo Antivirus is affected by several vulnerabilities

Security Affairs

JULY 23, 2019

Experts discovered several flaws in Comodo Antivirus, including a vulnerability that could allow to escape the sandbox and escalate privileges. The Tenable expert David Wells discovered five flaws in the Comodo Antivirus and Comodo Antivirus Advanced. We recommend to keep updated on future Comodo Antivirus releases.”

Antivirus

Antivirus Advertising Hacking Malware

BlackBerry Cylance addresses AI-based antivirus engine bypass

Security Affairs

JULY 22, 2019

BlackBerry Cylance has addressed a bypass vulnerability recently discovered in its AI-based antivirus engine CylancePROTECT product. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Antivirus

Antivirus Engineering Advertising Hacking

A flaw in Kaspersky Antivirus allowed tracking its users online

Security Affairs

AUGUST 15, 2019

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years.

Antivirus

Antivirus Advertising Software Internet

Firefox finally addressed the Antivirus software TLS Errors

Security Affairs

JULY 2, 2019

Firefox finally addressed the issues with antivirus apps crashing HTTPS websites starting with the release of Firefox 68. Mozilla announced that it will resolve the issues that caused antivirus apps crashing HTTPs websites with the release of Firefox 68 version. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Antivirus

Antivirus Software Advertising Information Security

Avast disables the JavaScript engine component due to a severe issue

Security Affairs

MARCH 11, 2020

Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. Ormandy pointed out that the main Avast antivirus process, AvastSvc.exe, which, runs as SYSTEM. ” reads the statement released by the security firm.

Engineering

Engineering Antivirus Advertising Hacking

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Antivirus Advertising DNS

Romanians arrested for running underground malware services

Security Affairs

NOVEMBER 22, 2020

“Two Romanian suspects have been arrested yesterday for allegedly running the CyberSeal and Dataprotector crypting services to evade antivirus software detection.” The pair also operated the Cyberscan service which allowed their clients to test their malware against antivirus tools.

Malware

Malware Antivirus Cybercrime Software

Russia-linked Gamaredon targets Ukraine with Remcos RAT

Security Affairs

MARCH 31, 2025

The APT group has been launching cyber-espionage campaigns against Ukraine since at least 2014. The PowerShell code avoids antivirus detection by using Get-Command to execute the payload. The threat actor is using troop-related lures to deploy the Remcos RAT via PowerShell downloader. ” reads the Talos report.

Phishing

Phishing Antivirus Encryption Hacking

FTC charged Avast with selling users’ browsing data to advertising companies

Security Affairs

FEBRUARY 22, 2024

US FTC charged cyber security firm Avast with harvesting consumer web browsing data through its browser extension and antivirus and sold it. The antivirus firm is accused of selling the data to advertising companies without user consent. ” re ads the FTC’s complaint. FTC will also fine Avast $16.5

Advertising

Advertising Antivirus Data collection Software

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

“Account accesses for antivirus programs garner the second-highest prices: around $21.67. The cost for antivirus accounts is just over $20, while other types of accounts (cable, social media, VPN, streaming, adult, music, file sharing, and video game accounts) typically go for less than $10. Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

New variant of Dridex banking Trojan implements polymorphism

Security Affairs

JULY 1, 2019

Security experts at eSentire observed a new campaign spreading a variant of the Dridex banking Trojan that implements polymorphism. The Dridex banking Trojan that has been around since 2014, it was involved in numerous campaigns against financial institutions over the years and crooks have continuously improved it. Pierluigi Paganini.

Banking

Banking Antivirus Advertising Encryption

Kaspersky addressed multiple issues in online protection solutions

Security Affairs

NOVEMBER 26, 2019

Kaspersky has fixed several flaws affecting the web protection features implemented in some of its security products. The vulnerabilities were found by the security researcher Wladimir Palant that reported them to Kaspersky in December 2018. As in: under some circumstances, antivirus would still crash. I wouldn’t bet on it.”

Antivirus

Antivirus Advertising Password Management Passwords

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

The virus avoided detection by antivirus solutions through regular updates from an attacker-controlled command-and-control (C2) infrastructure, and spread through the company’s systems, causing network outages and shutting down essential services for nearly a week.” Pierluigi Paganini. SecurityAffairs – Emotet, malware).

Antivirus

Antivirus Malware Phishing Advertising

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Malware is malicious software intended to wreak havoc and damage on target networks and systems, having the ability to spread on these systems while remaining undetectable, avoiding antivirus detection, causing changes and critical damage to the infected systems or networks. DOWNLOAD FULL REPORT.

Malware

Malware Advertising Retail Antivirus

Trend Micro addresses two issues exploited by hackers in the wild

Security Affairs

MARCH 18, 2020

In January, Chinese hackers have exploited another zero-day vulnerability in the Trend Micro OfficeScan antivirus in an attack that hit Mitsubishi Electric. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Antivirus Cybercrime

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs

SEPTEMBER 7, 2020

The French national cyber-security agency published an alert to warn of a significant increase of Emotet attacks targeting the private sector and public administration entities in France. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Send the samples (.doc

Malware

Malware Advertising Antivirus Banking

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Security Affairs

NOVEMBER 14, 2019

McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. Experts explained that it is possible to bypass the self-defense mechanism of the antivirus because the antivirus doesn’t validate digital signature of the DLL file.

Antivirus

Antivirus Advertising Software Internet

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post NCSC warns of a surge in ransomware attacks on education institutions appeared first on Security Affairs. Pierluigi Paganini.

Education

Education Ransomware Antivirus Backups

John McAfee found dead in prison cell ahead of extradition to US

Security Affairs

JUNE 23, 2021

One of the fathers of antivirus software, the entrepreneur John McAfee has been found dead in a Barcelona prison cell while he was waiting for extradition to the US. The authorities claim that the McAfee failed to file tax returns for incomes related to a period between 2014 and 2018. reads the press release published by DoJ.

Cryptocurrency

Cryptocurrency Banking Accountability Antivirus

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. .

Government

Government Banking Advertising Malware

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The CryptoLocker wave went into a decline in June 2014 as a result of the so-called Operation Tovar , an initiative orchestrated by law enforcement agencies from multiple countries. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift.

Ransomware

Ransomware Hacking Encryption Penetration Testing

UHS hospitals hit by Ryuk ransomware attack

Security Affairs

SEPTEMBER 28, 2020

“When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads one of the reports shared online.

Ransomware

Ransomware Healthcare Advertising Antivirus

A Google Drive weakness could allow attackers to serve malware

Security Affairs

AUGUST 23, 2020

Experts pointed out that Google Chrome appears to implicitly trust any file downloaded from Google Drive, even if they are flagged and “malicious” by antivirus software as malicious. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, Google Drive).

Malware

Malware Phishing Advertising Antivirus

Nemty Ransomware, a new malware appears in the threat landscape

Security Affairs

AUGUST 26, 2019

The code also included a link to an image of the Russian President Putin and a message to the antivirus industry. “At first, the reference seemed an odd thing in the code but a second look at how Nemty worked revealed that it was the key for decoding base64 strings and create URLs is a straight message to the antivirus industry.”

Ransomware

Ransomware Malware Antivirus Encryption

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

The company also recommends users to check the router’s DNS settings and to make sure the antivirus/malware solutions are up to date and run a full scan. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Passwords

Passwords DNS Malware Advertising

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. ”The websites promised to render malicious software fully undetectable by nearly every major provider of antivirus software. . ” reads the press release published by DoJ.”The

Antivirus

Antivirus Malware Software Cryptocurrency

Security Affairs newsletter Round 248

Security Affairs

JANUARY 26, 2020

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Cisco Webex flaw allows unauthenticated remote attackers to join private meetings.

Data breaches

Data breaches Advertising Antivirus DDOS

Hackers penetrated NEC defense business division in 2016

Security Affairs

JANUARY 31, 2020

The attackers have exploited a directory traversal and arbitrary file upload vulnerability, tracked as CVE-2019-18187, in the Trend Micro OfficeScan antivirus. After the security firm patched the CVE-2019-18187 flaw in October, it warned customers that the issue was being actively exploited by hackers in the wild. Pierluigi Paganini.

Advertising

Advertising Data breaches Antivirus Encryption

Mozilla removed 4 Avast and AVG extensions for spying on Firefox users

Security Affairs

DECEMBER 3, 2019

These browser extensions are installed when users install Avast or AVG antivirus solutions on their computers on their PCs. “Are you one of the allegedly 400 million users of Avast antivirus products? “Are you one of the allegedly 400 million users of Avast antivirus products? This will be “US” for US English.

Antivirus

Antivirus Advertising Scams Phishing

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

CISA reports provide the following recommendations to users and administrators to strengthen the security posture of their organization’s systems: • Maintain up-to-date antivirus signatures and engines. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Keep operating system patches up-to-date.

Malware

Malware Passwords Advertising Antivirus

Epic Manchego gang uses Excel docs that avoid detection

Security Affairs

SEPTEMBER 7, 2020

Some antivirus solutions specifically analyze this section look for malicious VBA code in the Excel docs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, Norway).

Cybercrime

Cybercrime Phishing Advertising Antivirus

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

In May, the FBI and CISA also warned cyber attacks coordinated by Beijing and attempting to steal COVID-19 information from US health care, pharmaceutical, and research industry sectors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Government Passwords Advertising

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

According to the experts, LOLbins are very effecting in evading antivirus software. . In February, researchers at Cybereason’s Nocturnus team uncovered another Astaroth Trojan campaign that was exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules.

Antivirus

Antivirus Malware Advertising Security Intelligence

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Hacking

Hacking Advertising Spyware Antivirus

QNodeService Trojan spreads via fake COVID-19 tax relief

Security Affairs

MAY 16, 2020

However, the use of an uncommon platform may have helped evade detection by antivirus software.” Operators were spreading it in a spam campaign aimed at stealing victims’ financial information, the spam messages sent to the victims claim to provide information related to the Coronavirus outbreak and government relief payments.

Malware

Malware Phishing Advertising Antivirus

A new Zero-Day in Steam client impacts over 96 million Windows users

Security Affairs

AUGUST 22, 2019

“For example, disabling firewall and antivirus, rootkit installation, concealing of process-miner, theft any PC user’s private data — is just a small portion of what could be done. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Antivirus Firewall Information Security

Belarussian authorities arrested GandCrab ransomware distributor

Security Affairs

AUGUST 3, 2020

The authors of the GandCrab RaaS also offers technical support and updates to its members, they also published a video tutorial that shows how the ransomware is able to avoid antivirus detection. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ransom amount, individual bots and encryption masks).

Ransomware

Ransomware Advertising Malware Hacking

Experts found DLL Hijacking issues in Avast, AVG, and Avira solutions

Security Affairs

OCTOBER 23, 2019

Flaws in Avast, AVG, and Avira Antivirus could be exploited by an attacker to load a malicious DLL file to bypass defenses and escalate privileges. The Antivirus implements a self-defense mechanism that prevents malicious code to write and implant a DLL to its folders. ” continues the experts. Pierluigi Paganini.

Antivirus

Antivirus Advertising Security Defenses Hacking

New Android BlackRock malware targets hundreds of apps

Security Affairs

JULY 16, 2020

.” The malicious code supports multiple commands, it could launch overlay attacks, log keystrokes, send spam the victims’ contact lists with SMS messages, and prevent victims from using antivirus software. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Banking Mobile Advertising

Experts found privilege escalation issue in Symantec Endpoint Protection

Security Affairs

NOVEMBER 14, 2019

The issue is similar to other vulnerabilities discovered by researchers from SafeBreach Labs in other antivirus solutions from several security vendors, including McAfee, Trend Micro , Check Point, Bitdefender, AVG and Avast. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Antivirus

Antivirus Advertising Hacking Information Security

APT group targets high profile networks in Central Asia

Security Affairs

MAY 16, 2020

Security firms have foiled an advanced cyber espionage campaign carried out by Chinese APT and aimed at infiltrating a governmental institution and two companies. Antivirus firms have uncovered and foiled an advanced cyber espionage campaign aimed at a governmental institution and two companies in the telecommunications and gas sector.

Telecommunications

Telecommunications Malware Advertising Antivirus

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

Operators behind the Pysa ransomware, also employed a version of the PowerShell Empire penetration-testing tool, they were able to stop antivirus products. “On one of the compromised information systems, experts found encrypted files with the extension “ newversion.” newversion file extension instead of.

Government

Government Ransomware Encryption Penetration Testing

Experts warn of flaws in popular Antivirus solutions

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Trending Sources

Comodo Antivirus is affected by several vulnerabilities

BlackBerry Cylance addresses AI-based antivirus engine bypass

A flaw in Kaspersky Antivirus allowed tracking its users online

Firefox finally addressed the Antivirus software TLS Errors

Avast disables the JavaScript engine component due to a severe issue

Some Fortinet products used hardcoded keys and weak encryption for communications

Romanians arrested for running underground malware services

Russia-linked Gamaredon targets Ukraine with Remcos RAT

FTC charged Avast with selling users’ browsing data to advertising companies

15 billion credentials available in the cybercrime marketplaces

New variant of Dridex banking Trojan implements polymorphism

Kaspersky addressed multiple issues in online protection solutions

Microsoft’s case study: Emotet took down an entire network in just 8 days

Report: Threat of Emotet and Ryuk

Trend Micro addresses two issues exploited by hackers in the wild

France national cyber-security agency warns of a surge in Emotet attacks

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

NCSC warns of a surge in ransomware attacks on education institutions

John McAfee found dead in prison cell ahead of extradition to US

CISA alert warns of Emotet attacks on US govt entities

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

UHS hospitals hit by Ryuk ransomware attack

A Google Drive weakness could allow attackers to serve malware

Nemty Ransomware, a new malware appears in the threat landscape

Linksys force password reset to prevent Router hijacking

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs newsletter Round 248

Hackers penetrated NEC defense business division in 2016

Mozilla removed 4 Avast and AVG extensions for spying on Firefox users

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Epic Manchego gang uses Excel docs that avoid detection

US govt agencies share details of the China-linked espionage malware Taidoor

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs newsletter Round 261

QNodeService Trojan spreads via fake COVID-19 tax relief

A new Zero-Day in Steam client impacts over 96 million Windows users

Belarussian authorities arrested GandCrab ransomware distributor

Experts found DLL Hijacking issues in Avast, AVG, and Avira solutions

New Android BlackRock malware targets hundreds of apps

Experts found privilege escalation issue in Symantec Endpoint Protection

APT group targets high profile networks in Central Asia

CERT France – Pysa ransomware is targeting local governments

Stay Connected