2019 and Antivirus - Cyber Security Informer

500M Avira Antivirus Users Introduced to Cryptomining

Krebs on Security

JANUARY 8, 2022

Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. Avira Free Antivirus). which was renamed to NortonLifeLock in 2019. In January 2021, Avira was acquired by Tempe, Ariz.-based based NortonLifeLock Inc.,

Antivirus

Antivirus Cryptocurrency Identity Theft Software

Experts warn of flaws in popular Antivirus solutions

Security Affairs

OCTOBER 5, 2020

Researchers disclosed details of security flaws in popular antivirus software that could allow threat actors to increase privileges. Security researchers from CyberArk Labs disclosed details of security vulnerabilities found in popular antivirus software that could be exploited by attackers to elevate their privileges on the target system.

Antivirus

Antivirus Malware Advertising Software

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019. ” reads the security advisory published by Trend Micro in October 2019.

Antivirus

Antivirus Hacking Advertising Media

Heap Buffer Overflow Vulnerability found in Kaspersky Antivirus Engine

Security Affairs

MAY 10, 2019

Security researchers at the Imaginary team discovered a Heap Buffer Overflow Vulnerability in Kaspersky Antivirus Engine and responsibly reported it. Security experts at the Imaginary team discovered a Heap Buffer Overflow vulnerability in Kaspersky Antivirus Engine. 2019 and potentially allows arbitrary code execution.

Antivirus

Antivirus Engineering Advertising Hacking

A flaw in Kaspersky Antivirus allowed tracking its users online

Security Affairs

AUGUST 15, 2019

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years.

Antivirus

Antivirus Advertising Software Internet

Comodo Antivirus is affected by several vulnerabilities

Security Affairs

JULY 23, 2019

Experts discovered several flaws in Comodo Antivirus, including a vulnerability that could allow to escape the sandbox and escalate privileges. The Tenable expert David Wells discovered five flaws in the Comodo Antivirus and Comodo Antivirus Advanced. We recommend to keep updated on future Comodo Antivirus releases.”

Antivirus

Antivirus Advertising Hacking Malware

2020 Likely To Break Records for Breaches

Adam Levin

JULY 10, 2020

A recent article released by cybersecurity and antivirus firm Bitdefender shows that 8.4 For comparison, that’s a 273% increase over the first two quarters of 2019 combined. billion records have already been exposed, and that’s only accounting for the first quarter of 2020.

Data breaches

Data breaches Social Engineering Antivirus Scams

Microsoft Put Off Fixing Zero Day for 2 Years

Krebs on Security

AUGUST 16, 2020

Bernardo Quintero is the manager at VirusTotal , a service owned by Google that scans any submitted files against dozens of antivirus services and displays the results. The last time that August 2018 file was scanned at VirusTotal (Aug 14, 2020), it was detected as a malicious Java trojan by 28 of 59 antivirus programs.

Antivirus

Antivirus Malware Software

Top-Tier Russian Hacking group Fxmsp claims hack of major AntiVirus Companies

Security Affairs

MAY 10, 2019

A Russian hacking group Fxmsp is offering for sale the access to the networks of at least three antivirus companies in the US and source code of their software. Buyers can also pay at least $300,000 acquiring both, the price depends on the antivirus company. SecurityAffairs – antivirus companies, Fxmsp). Pierluigi Paganini.

Antivirus

Antivirus Hacking Artificial Intelligence Cybercrime

Be Very Sparing in Allowing Site Notifications

Krebs on Security

NOVEMBER 17, 2020

Indelible also found browser modifications enabled by PushWelcome are poorly detected by antivirus and security products, although he noted Malwarebytes reliably flags as dangerous publisher sites that are associated with the notifications. One notification was an ad for Norton antivirus; the other was for McAfee.

Antivirus

Antivirus Advertising Internet Internet

4 Best Antivirus Software of 2021

eSecurity Planet

OCTOBER 27, 2021

What’s the best antivirus software? With the rise in malware and ransomware and a growing reliance on the internet, antivirus solutions are critical for protecting your data and applications. Top 4 antivirus software. in 2019 and posting an A last year while topping Bitdefender in total points, 647 to 600.

Antivirus

Antivirus Software Malware Marketing

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Security Affairs

NOVEMBER 14, 2019

McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. The CVE-2019-3648 flaw could be exploited by attackers to load unsigned DLLs into multiple services that run as NT AUTHORITYSYSTEM. ” reads the analysis published by SafeBreach. .

Antivirus

Antivirus Advertising Software Internet

Threat Group Continuously Updates Malware to Evade Antivirus Software

eSecurity Planet

NOVEMBER 7, 2022

LODEINFO has been observed engaged in a spear- phishing campaign since December 2019 by JPCERT/CC. However, the same also goes for antivirus software and other anti-malware solutions. The post Threat Group Continuously Updates Malware to Evade Antivirus Software appeared first on eSecurityPlanet. during their investigation.

Antivirus

Antivirus Software Malware Security Awareness

Norton 360 Now Comes With a Cryptominer

Krebs on Security

JANUARY 6, 2022

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. which was renamed to NortonLifeLock in 2019 (LifeLock is now included in the Norton 360 service). based NortonLifeLock Inc.

Cryptocurrency

Cryptocurrency Computers and Electronics Antivirus Identity Theft

Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw

Krebs on Security

SEPTEMBER 24, 2020

The flaw is present in most supported versions of Windows Server, from Server 2008 through Server 2019. CVE-2020-1472 earned Microsoft’s most-dire “critical” severity rating, meaning attackers can exploit it with little or no help from users. “Administrators should prioritize patching this flaw as soon as possible.

Antivirus

Antivirus Security Intelligence Engineering Authentication

Romanians arrested for running underground malware services

Security Affairs

NOVEMBER 22, 2020

“Two Romanian suspects have been arrested yesterday for allegedly running the CyberSeal and Dataprotector crypting services to evade antivirus software detection.” The pair also operated the Cyberscan service which allowed their clients to test their malware against antivirus tools. ” continues the press release.

Malware

Malware Antivirus Cybercrime Software

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats. This is the conclusion of a study by Cipher Portugal, which studied Portuguese domains during 2019. This enhancement appeared in the middle of September 2019.

Malware

Malware Advertising Retail Antivirus

Convicted: He Helped Cybercriminals Evade Antivirus

SecureWorld News

JUNE 16, 2021

DOJ prosecutors say Oleg Koshkin, a 41-year-old Russian national, operated a crypting service used to conceal Kelihos malware from antivirus software. In other words, it could fool antivirus into believing there was no threat and no security reason to deny the malware access to a particular system.

Antivirus

Antivirus Malware Software Ransomware

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

The indictment against Khoroshev says he used the hacker nickname Putinkrab , and Intel 471 says this corresponds to a username that was first registered across three major Russian cybercrime forums in early 2019. A machine-translated ad for ransomware source code from Putinkrab on the Russian language cybercrime forum UFOlabs in 2019.

Ransomware

Ransomware Cybercrime Accountability Malware

NEW TECH: Trend Micro inserts ‘X’ factor into ‘EDR’ – endpoint detection and response

The Last Watchdog

AUGUST 14, 2019

With all the talk of escalating cyber warfare , the spread of counterfeit smartphones and new forms of self-replicating malware , I came away from Black Hat USA 2019 (my 15 th ) marveling, once more, at the panache of modern cyber criminals. Mainstreaming EDR EDR came along to supplement signature-based antivirus.

Antivirus

Antivirus Digital transformation Firmware Software

Convicted: He Helped Cybercriminals Evade Antivirus

SecureWorld News

JUNE 16, 2021

DOJ prosecutors say Oleg Koshkin, a 41-year-old Russian national, operated a crypting service used to conceal Kelihos malware from antivirus software. In other words, it could fool antivirus into believing there was no threat and no security reason to deny the malware access to a particular system.

Antivirus

Antivirus Malware Software Ransomware

New variant of Dridex banking Trojan implements polymorphism

Security Affairs

JULY 1, 2019

On June 26, 2019, experts at eSentire Threat Intelligence discovered a C2 infrastructure pointing to a similar Dridex variant that was undetected by most of the antivirus listed in VirusTotal service. At the time of discovery, using data from VirusTotal, only six antivirus solutions of about 60 detected suspicious behavior [ 2 ].

Banking

Banking Antivirus Advertising Encryption

Trend Micro flaw actively exploited in the wild

Security Affairs

APRIL 22, 2021

Cybersecurity firm Trend Micro revealed that a threat actor is actively exploiting a flaw, tracked as CVE-2020-24557, in its antivirus solutions to gain admin rights on Windows systems. ” At the time of this writing, Trend Micro did not share details about the attack either the nature of the threat actors that exploited the.

Antivirus

Antivirus Hacking Cybersecurity Information Security

Chinese PLA Unit 61419 suspected to have purchased AVs for cyber-espionage

Security Affairs

MAY 6, 2021

Chinese military unit PLA Unit 61419 is suspected to be involved in cyber-espionage campaigns against multiple antivirus companies. In the summer of 2019, a China-linked APT called Tick Group exploited two zero-days impacting Trend Micro’s Apex One and OfficeScan XG enterprise security products. .

Antivirus

Antivirus Software Hacking Malware

Shade Ransomware gang shut down operations and releases 750K decryption keys

Security Affairs

APRIL 27, 2020

The Shade infections increased during October 2018, keeping a constant trend until the second half of December 2018, taking a break around Christmas, and then resuming in mid-January 2019 doubled in size. In fact, we stopped its distribution in the end of 2019. ” reads the message published by the gang on GitHub.

Ransomware

Ransomware Advertising Antivirus Education

Does Avast Free Protect Against Ransomware in Your Mobile Device

Hacker Combat

MAY 19, 2021

As many antivirus companies continue to work diligently to develop features that can safeguard your data, the question that arises among many android users is, does Avast free protect against ransomware in mobile devices? The antivirus can be used on multiple devices. As such, it has become one of the biggest targets for hackers.

Mobile

Mobile Antivirus Ransomware Backups

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Megatraffer explained that malware purveyors need a certificate because many antivirus products will be far more interested in unsigned software, and because signed files downloaded from the Internet don’t tend to get blocked by security features built into modern web browsers. “Antivirus software trusts signed programs more.

Malware

Malware Cybercrime Software Accountability

New Shlayer Mac malware spreads via poisoned search engine results

Security Affairs

JUNE 21, 2020

. “The new malware tricks victims into bypassing Apple’s built-in macOS security protections, and it uses sneaky tactics in an effort to evade antivirus detection.” “As of Friday, the new malware installer and its payload had a 0/60 detection rate among all antivirus engines on VirusTotal.” up to 10.14.3.

Engineering

Engineering Malware Adware Antivirus

Kaspersky addressed multiple issues in online protection solutions

Security Affairs

NOVEMBER 26, 2019

Kaspersky has addressed several vulnerabilities in the web protection features implemented in its antivirus solutions, including Internet Security, Total Security, Free Anti-Virus , Security Cloud, and Small Office Security products. “Kaspersky reported these issues to be resolved as of July 2019. ” continues the analysis.

Antivirus

Antivirus Advertising Password Management Passwords

Feds Target $100M ‘GozNym’ Cybercrime Network

Krebs on Security

MAY 16, 2019

“JekaProf” and “procryptgroup” from Moldova, specialized in “crypting” or obfuscating the GozNym malware to evade detection by antivirus software. Nikolov entered a guilty plea in federal court in Pittsburgh on charges relating to his participation in the GozNym conspiracy on April 10, 2019.

Cybercrime

Cybercrime Banking Small Business Computers and Electronics

UHS hospitals hit by Ryuk ransomware attack

Security Affairs

SEPTEMBER 28, 2020

Universal Health Services (UHS) is an American Fortune 500 company that provides hospital and healthcare services, in 2019, its annual revenues were $11.37 billion in 2019. “When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity.

Ransomware

Ransomware Healthcare Advertising Antivirus

Hackers penetrated NEC defense business division in 2016

Security Affairs

JANUARY 31, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. According to the company, attackers did not obtain sensitive information about defense contracts.

Data breaches

Data breaches Advertising Antivirus Encryption

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. ”The websites promised to render malicious software fully undetectable by nearly every major provider of antivirus software. . ” reads the press release published by DoJ.”The

Antivirus

Antivirus Malware Software Cryptocurrency

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

FEBRUARY 7, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. In January, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data.

Manufacturing

Manufacturing Data breaches Advertising Antivirus

CISA analyzed stealthy malware found on compromised Pulse Secure devices

Security Affairs

JULY 22, 2021

Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware samples on compromised Pulse Secure devices, many of which were undetected by antivirus products. Experts pointed out that only one of malware samples analyzed by CISA was uploaded on VirusTotal with a low detection rate.

Malware

Malware Antivirus Passwords Firewall

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

The virus avoided detection by antivirus solutions through regular updates from an attacker-controlled command-and-control (C2) infrastructure, and spread through the company’s systems, causing network outages and shutting down essential services for nearly a week.”

Antivirus

Antivirus Malware Phishing Advertising

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. More than 80% of all malicious files were disguised as .zip rar archive files.

Ransomware

Ransomware Antivirus Malware Banking

Nemty Ransomware, a new malware appears in the threat landscape

Security Affairs

AUGUST 26, 2019

” 2019-08-24: #Nemty #Ransomware version '1.0' ' Mutex "hate" | "fuckav" Link to Putin Photo Backup & Shadow Copy Removal | Extension Blacklist | File/Folder Blacklist | 'isRu' check | Stats Git -> [link] pic.twitter.com/fMmAWIfvWv — Vitali Kremez (@VK_Intel) August 24, 2019.

Ransomware

Ransomware Malware Antivirus Encryption

Experts found DLL Hijacking issues in Avast, AVG, and Avira solutions

Security Affairs

OCTOBER 23, 2019

Flaws in Avast, AVG, and Avira Antivirus could be exploited by an attacker to load a malicious DLL file to bypass defenses and escalate privileges. The Antivirus implements a self-defense mechanism that prevents malicious code to write and implant a DLL to its folders. ” continues the experts.

Antivirus

Antivirus Advertising Security Defenses Hacking

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

Krebs on Security

OCTOBER 1, 2019

But in June 2019, the DOJ unsealed an updated indictment (PDF) naming Škorjanc, the original two other defendants, and a fourth man (from the United States) in a conspiracy to make and market Mariposa and to run the Darkode crime forum. “TM passed this information on to Brian Krebs.”

Cybercrime

Cybercrime Malware Antivirus Banking

Russian nation sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

Security Affairs

DECEMBER 12, 2021

“A Russian national was sentenced today to 48 months in prison for operating a “crypting” service used to conceal the Kelihos malware from antivirus software, which enabled hackers to systematically infect approximately hundreds of thousands of victim computers around the world with malicious software, including ransomware.”

Antivirus

Antivirus Malware Cybercrime Cyber threats

Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab

CSO Magazine

JUNE 2, 2023

In a separate report, Russian antivirus vendor Kaspersky Lab said that several dozen of its senior employees and upper management were targeted as part of the operation, although unlike the FSB, the company did not attribute the attack to any specific state.

Spyware

Spyware Antivirus

Belarussian authorities arrested GandCrab ransomware distributor

Security Affairs

AUGUST 3, 2020

The authors of the GandCrab RaaS also offers technical support and updates to its members, they also published a video tutorial that shows how the ransomware is able to avoid antivirus detection. The GandCrab Ransomware-as-a-Service shut down operations in June 2019 and told affiliates to stop distributing the ransomware.

Ransomware

Ransomware Advertising Malware Hacking

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Security Affairs

JULY 25, 2019

Researchers at Intezer have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining botnet, that also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep vulnerability (CVE-2019-0708). ” reads a blog post published by Intezer. ” continues the analysis.

Cryptocurrency

Cryptocurrency Internet Internet Malware

500M Avira Antivirus Users Introduced to Cryptomining

Experts warn of flaws in popular Antivirus solutions

Trending Sources

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Heap Buffer Overflow Vulnerability found in Kaspersky Antivirus Engine

A flaw in Kaspersky Antivirus allowed tracking its users online

Comodo Antivirus is affected by several vulnerabilities

2020 Likely To Break Records for Breaches

Microsoft Put Off Fixing Zero Day for 2 Years

Top-Tier Russian Hacking group Fxmsp claims hack of major AntiVirus Companies

Be Very Sparing in Allowing Site Notifications

4 Best Antivirus Software of 2021

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Threat Group Continuously Updates Malware to Evade Antivirus Software

Norton 360 Now Comes With a Cryptominer

Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw

Romanians arrested for running underground malware services

Report: Threat of Emotet and Ryuk

Convicted: He Helped Cybercriminals Evade Antivirus

How Did Authorities Identify the Alleged Lockbit Boss?

NEW TECH: Trend Micro inserts ‘X’ factor into ‘EDR’ – endpoint detection and response

Convicted: He Helped Cybercriminals Evade Antivirus

New variant of Dridex banking Trojan implements polymorphism

Trend Micro flaw actively exploited in the wild

Chinese PLA Unit 61419 suspected to have purchased AVs for cyber-espionage

Shade Ransomware gang shut down operations and releases 750K decryption keys

Does Avast Free Protect Against Ransomware in Your Mobile Device

Ask Fitis, the Bear: Real Crooks Sign Their Malware

New Shlayer Mac malware spreads via poisoned search engine results

Kaspersky addressed multiple issues in online protection solutions

Feds Target $100M ‘GozNym’ Cybercrime Network

UHS hospitals hit by Ryuk ransomware attack

Hackers penetrated NEC defense business division in 2016

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

CISA analyzed stealthy malware found on compromised Pulse Secure devices

Microsoft’s case study: Emotet took down an entire network in just 8 days

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Nemty Ransomware, a new malware appears in the threat landscape

Experts found DLL Hijacking issues in Avast, AVG, and Avira solutions

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

Russian nation sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab

Belarussian authorities arrested GandCrab ransomware distributor

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Stay Connected