article thumbnail

Hiding Malware in ML Models

Schneier on Security

Meanwhile, since the structure of the neural network models remains unchanged, they can pass the security scan of antivirus engines. With the widespread application of artificial intelligence, utilizing neural networks becomes a forwarding trend of malware.

Malware 363
article thumbnail

Avast disables the JavaScript engine component due to a severe issue

Security Affairs

Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. The Avast’s JavaScript engine is used to analyze JavaScript code to detect malicious code before it is executed in the users’ browsers or email clients.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The Pentagon is Publishing Foreign Nation-State Malware

Schneier on Security

This is a new thing : The Pentagon has suddenly started uploading malware samples from APTs and other nation-state sources to the website VirusTotal, which is essentially a malware zoo that's used by security pros and antivirus/malware detection engines to gain a better understanding of the threat landscape.

Malware 272
article thumbnail

Cybercriminals Using Powerful BatCloak Engine to Make Malware Fully Undetectable

The Hacker News

A fully undetectable (FUD) malware obfuscation engine named BatCloak is being used to deploy various malware strains since September 2022, while persistently evading antivirus detection.

article thumbnail

Malicious MS Office Macro Creator

Schneier on Security

The VBA stomping is the most powerful feature, because it gets around antivirus programs: VBA stomping abuses a feature which is not officially documented: the undocumented PerformanceCache part of each module stream contains compiled pseudo-code (p-code) for the VBA engine. It runs on Linux, OSX and Windows.

Antivirus 274
article thumbnail

Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine

Security Affairs

Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine. The vulnerability affects versions 1.0.0 and earlier.

article thumbnail

New Shlayer Mac malware spreads via poisoned search engine results

Security Affairs

. “The new malware tricks victims into bypassing Apple’s built-in macOS security protections, and it uses sneaky tactics in an effort to evade antivirus detection.” “As of Friday, the new malware installer and its payload had a 0/60 detection rate among all antivirus engines on VirusTotal.”